[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 Mar 2020 16:19:14 -0400
From: "Theodore Y. Ts'o" <tytso@....edu>
To: Eric Biggers <ebiggers@...nel.org>
Cc: linux-fscrypt@...r.kernel.org, linux-ext4@...r.kernel.org,
linux-f2fs-devel@...ts.sourceforge.net,
linux-mtd@...ts.infradead.org, linux-fsdevel@...r.kernel.org,
linux-api@...r.kernel.org
Subject: Re: [PATCH 1/4] fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
On Sat, Mar 14, 2020 at 01:50:49PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@...gle.com>
>
> Add an ioctl FS_IOC_GET_ENCRYPTION_NONCE which retrieves the nonce from
> an encrypted file or directory. The nonce is the 16-byte random value
> stored in the inode's encryption xattr. It is normally used together
> with the master key to derive the inode's actual encryption key.
>
> The nonces are needed by automated tests that verify the correctness of
> the ciphertext on-disk. Except for the IV_INO_LBLK_64 case, there's no
> way to replicate a file's ciphertext without knowing that file's nonce.
>
> The nonces aren't secret, and the existing ciphertext verification tests
> in xfstests retrieve them from disk using debugfs or dump.f2fs. But in
> environments that lack these debugging tools, getting the nonces by
> manually parsing the filesystem structure would be very hard.
>
> To make this important type of testing much easier, let's just add an
> ioctl that retrieves the nonce.
>
> Signed-off-by: Eric Biggers <ebiggers@...gle.com>
Reviewed-by: Theodore Ts'o <tytso@....edu>
Powered by blists - more mailing lists