Hi Yael, you still have some problem when running more iterations: ./keyctl09 -i500 keyctl09.c:49: TPASS: Encrypted keys were successfully instantiated and read keyctl09.c:49: TPASS: Encrypted keys were successfully instantiated and read ... keyctl09.c:33: TFAIL: Failed to instantiate encrypted key using payload decrypted data (some people really try high number of iterations.) Could you please have a look? > Test that encrypted keys can be instantiated using > both user-provided decrypted data > (https://lore.kernel.org/linux-integrity/20211213192030.125091-1-yaelt@xxxxxxxxxx/), > or kernel-generated numbers. +1 for doc! ... > +static void do_test(void) > +{ > + key_serial_t masterkey; > + key_serial_t encryptedkey1; > + key_serial_t encryptedkey2; > + char buffer[128]; > + > + masterkey = add_key("user", "user:masterkey", "foo", 3, > + KEY_SPEC_PROCESS_KEYRING); > + if (masterkey == -1) > + tst_brk(TBROK | TERRNO, "Failed to add user key"); > + > + encryptedkey1 = add_key("encrypted", "ltptestkey1", ENCRYPTED_KEY_1_PAYLOAD, > + 60, KEY_SPEC_PROCESS_KEYRING); > + if (encryptedkey1 == -1) > + tst_brk(TFAIL, "Failed to instantiate encrypted key using payload decrypted data"); nit: this might be TBROK (test preparation phase), not sure (and not that important). The rest LGTM. Reviewed-by: Petr Vorel <pvorel@xxxxxxx> Kind regards, Petr
