On Mon, Dec 20, 2021 at 09:37:21PM -0500, Yael Tiomkin wrote: > diff --git a/testcases/kernel/syscalls/keyctl/keyctl09.c b/testcases/kernel/syscalls/keyctl/keyctl09.c > new file mode 100644 > index 000000000..507cd5628 > --- /dev/null > +++ b/testcases/kernel/syscalls/keyctl/keyctl09.c > @@ -0,0 +1,58 @@ > +// SPDX-License-Identifier: GPL-2.0-or-later > +/* > + * Copyright (c) 2021 Google, Inc. > + */ > + > +/*\ > + * [Description] > + * Test that encrypted keys can be instantiated using user-provided decrypted > + * data (plaintext), and separately, using kernel-generated key material. > + */ > + This test doesn't seem to work as intended. First, it fails if CONFIG_ENCRYPTED_KEYS is unset (it should be skipped): keyctl09.c:33: TFAIL: Failed to instantiate encrypted key using payload decrypted data Second, I don't have your patch "Instantiate key with user-provided decrypted data" (https://lore.kernel.org/r/20211213192030.125091-1-yaelt@xxxxxxxxxx) in my kernel, so instantiating a key using "user-provided decrypted data" is not implemented by the kernel. However, the test still passes regardless: keyctl09.c:49: TPASS: Encrypted keys were successfully instantiated and read The test should detect when "user-provided decrypted data" is not supported by the kernel, and report that the test of that is being skipped in that case. - Eric
