verify_ciphertext_for_encryption_policy() checks if encryption works correctly by reading encrypted file's contents directly from a block device and comparing it to a known good ciphertext.
This, however, won't work if the test file is also compressed. So this patch adds a check if a test file is compressed and disables its compression in this case. Signed-off-by: Jan Prusakowski <[email protected]> --- Changes in v2: The test file is now created empty first, followed by resetting the FS_COMP_FL attribute, and then copying the test data. Changes in v3: Added explicit FS_NOCOMP_FL attribute to the test file. --- common/encrypt | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/common/encrypt b/common/encrypt index d4f6e3dc..f2687631 100644 --- a/common/encrypt +++ b/common/encrypt @@ -790,6 +790,13 @@ _do_verify_ciphertext_for_encryption_policy() _set_encpolicy $dir $keyspec $set_encpolicy_args -f $policy_flags for src in $tmp.testfile_*; do dst=$dir/${src##*.} + # To make sure the test file is not compressed we create an empty one + # and disable compression first (F2FS won't allow resetting the + # compression flag if the file has data already in it). + touch $dst + if lsattr $dst | grep -qE ".+c.+ $dst" ; then + chattr -c +m $dst + fi cp $src $dst inode=$(stat -c %i $dst) blocklist=$(_get_ciphertext_block_list $dst) -- 2.51.0.618.g983fd99d29-goog _______________________________________________ Linux-f2fs-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
