Hi!
I use xfstests with ext4 fs to test, and i found a skip:
ext4/024 [not run] kernel does not support ext4 encryption
I have rebuild config with CONFIG_FS_ENCRYPTION and CONFIG_EXT4_ENCRYPTION.
I try to set them both y and both m, but two ways both do not set and do not find related failure log.
I use v4.13-rc3 kernel to build.
Do i miss some dependence kconfig?
Thanks
Xiang
On Mon, Aug 07, 2017 at 11:25:02AM +0800, Dai Xiang wrote:
> Hi!
>
> I use xfstests with ext4 fs to test, and i found a skip:
>
> ext4/024 [not run] kernel does not support ext4 encryption
i print the cmd:
/usr/sbin/xfs_io -i -c set_encpolicy /fs/scratch/tmpdir
/fs/scratch/tmpdir: failed to set encryption policy: Inappropriate
ioctl for device <===
Seems do not related to kconfig?
/dev/vdd on /fs/scratch type ext4 (rw,relatime,data=ordered)
df -T /dev/vdd
Filesystem Type Size Used Avail Use% Mounted on
/dev/vdd ext4 251G 86G 154G 36% /fs/scratch
>
> I have rebuild config with CONFIG_FS_ENCRYPTION and CONFIG_EXT4_ENCRYPTION.
> I try to set them both y and both m, but two ways both do not set and do not find related failure log.
> I use v4.13-rc3 kernel to build.
>
> Do i miss some dependence kconfig?
>
> Thanks
> Xiang
On Mon, Aug 07, 2017 at 05:51:26PM +0800, Dai Xiang wrote:
> On Mon, Aug 07, 2017 at 11:25:02AM +0800, Dai Xiang wrote:
> > Hi!
> >
> > I use xfstests with ext4 fs to test, and i found a skip:
> >
> > ext4/024 [not run] kernel does not support ext4 encryption
Yeah, the message printed is misleading, and should be fixed.
Checking to see whether the kernel supports encryption can be done by
checking for the existence of the file:
/sys/fs/ext4/features/encryption
> i print the cmd:
> /usr/sbin/xfs_io -i -c set_encpolicy /fs/scratch/tmpdir
> /fs/scratch/tmpdir: failed to set encryption policy: Inappropriate
> ioctl for device <===
>
> Seems do not related to kconfig?
Yes, the issue is that you need to create the file system (or set via
tune2fs) the feature flag "encrypt". To best test the read/write
paths, you should set the mount option test_dummy_encryption. The
kvm-xfstests and gce-xfstests framework do all of this automatically.
>From xfstests-bld/kvm-xfstests/test-appliance/files/root/cfg/fs/ext4/encrypt:
SIZE=small
export EXT_MKFS_OPTIONS="-O encrypt"
export EXT_MOUNT_OPTIONS="test_dummy_encryption"
REQUIRE_FEATURE=encryption
TESTNAME="Ext4 encryption"
There are a number tests that are known to fail; primarily having to
do with quota support, which doesn't play well with
test_dummy_encryption (that's more of a test problem than anything
else). See the encrypt.exclude file in that directory for more
details.
Cheers,
- Ted
On Mon, Aug 07, 2017 at 09:49:42AM -0400, Theodore Ts'o wrote:
> On Mon, Aug 07, 2017 at 05:51:26PM +0800, Dai Xiang wrote:
> > On Mon, Aug 07, 2017 at 11:25:02AM +0800, Dai Xiang wrote:
> > > Hi!
> > >
> > > I use xfstests with ext4 fs to test, and i found a skip:
> > >
> > > ext4/024 [not run] kernel does not support ext4 encryption
>
> Yeah, the message printed is misleading, and should be fixed.
> Checking to see whether the kernel supports encryption can be done by
> checking for the existence of the file:
>
> /sys/fs/ext4/features/encryption
>
> > i print the cmd:
> > /usr/sbin/xfs_io -i -c set_encpolicy /fs/scratch/tmpdir
> > /fs/scratch/tmpdir: failed to set encryption policy: Inappropriate
> > ioctl for device <===
> >
> > Seems do not related to kconfig?
>
> Yes, the issue is that you need to create the file system (or set via
> tune2fs) the feature flag "encrypt". To best test the read/write
> paths, you should set the mount option test_dummy_encryption. The
> kvm-xfstests and gce-xfstests framework do all of this automatically.
> From xfstests-bld/kvm-xfstests/test-appliance/files/root/cfg/fs/ext4/encrypt:
>
> SIZE=small
> export EXT_MKFS_OPTIONS="-O encrypt"
> export EXT_MOUNT_OPTIONS="test_dummy_encryption"
> REQUIRE_FEATURE=encryption
> TESTNAME="Ext4 encryption"
>
> There are a number tests that are known to fail; primarily having to
> do with quota support, which doesn't play well with
> test_dummy_encryption (that's more of a test problem than anything
> else). See the encrypt.exclude file in that directory for more
> details.
>
Actually, this is one of the tests in the "encrypt" group, which format the
scratch device with "-O encrypt". So I believe the printed message is correct.
Are you 100% sure that CONFIG_EXT4_ENCRYPTION is enabled in your kernel config
and that you are running the correct kernel?
Eric
On Mon, Aug 07, 2017 at 12:31:38PM -0700, Eric Biggers wrote:
> On Mon, Aug 07, 2017 at 09:49:42AM -0400, Theodore Ts'o wrote:
> > On Mon, Aug 07, 2017 at 05:51:26PM +0800, Dai Xiang wrote:
> > > On Mon, Aug 07, 2017 at 11:25:02AM +0800, Dai Xiang wrote:
> > > > Hi!
> > > >
> > > > I use xfstests with ext4 fs to test, and i found a skip:
> > > >
> > > > ext4/024 [not run] kernel does not support ext4 encryption
> >
> > Yeah, the message printed is misleading, and should be fixed.
> > Checking to see whether the kernel supports encryption can be done by
> > checking for the existence of the file:
> >
> > /sys/fs/ext4/features/encryption
> >
> > > i print the cmd:
> > > /usr/sbin/xfs_io -i -c set_encpolicy /fs/scratch/tmpdir
> > > /fs/scratch/tmpdir: failed to set encryption policy: Inappropriate
> > > ioctl for device <===
> > >
> > > Seems do not related to kconfig?
> >
> > Yes, the issue is that you need to create the file system (or set via
> > tune2fs) the feature flag "encrypt". To best test the read/write
> > paths, you should set the mount option test_dummy_encryption. The
> > kvm-xfstests and gce-xfstests framework do all of this automatically.
> > From xfstests-bld/kvm-xfstests/test-appliance/files/root/cfg/fs/ext4/encrypt:
> >
> > SIZE=small
> > export EXT_MKFS_OPTIONS="-O encrypt"
> > export EXT_MOUNT_OPTIONS="test_dummy_encryption"
> > REQUIRE_FEATURE=encryption
> > TESTNAME="Ext4 encryption"
> >
> > There are a number tests that are known to fail; primarily having to
> > do with quota support, which doesn't play well with
> > test_dummy_encryption (that's more of a test problem than anything
> > else). See the encrypt.exclude file in that directory for more
> > details.
> >
>
> Actually, this is one of the tests in the "encrypt" group, which format the
> scratch device with "-O encrypt". So I believe the printed message is correct.
> Are you 100% sure that CONFIG_EXT4_ENCRYPTION is enabled in your kernel config
> and that you are running the correct kernel?
I use v4.13-rc3 kernerl, and i find this info refer to https://wiki.archlinux.org/index.php/ext4#Using_file-based_encryption:
Ext4 forbids encrypting the root (/) directory and will produce an error on kernel 4.13 and later
Does it impact?
>
> Eric
On Mon, Aug 07, 2017 at 09:49:42AM -0400, Theodore Ts'o wrote:
> On Mon, Aug 07, 2017 at 05:51:26PM +0800, Dai Xiang wrote:
> > On Mon, Aug 07, 2017 at 11:25:02AM +0800, Dai Xiang wrote:
> > > Hi!
> > >
> > > I use xfstests with ext4 fs to test, and i found a skip:
> > >
> > > ext4/024 [not run] kernel does not support ext4 encryption
>
> Yeah, the message printed is misleading, and should be fixed.
> Checking to see whether the kernel supports encryption can be done by
> checking for the existence of the file:
>
> /sys/fs/ext4/features/encryption
>
> > i print the cmd:
> > /usr/sbin/xfs_io -i -c set_encpolicy /fs/scratch/tmpdir
> > /fs/scratch/tmpdir: failed to set encryption policy: Inappropriate
> > ioctl for device <===
> >
> > Seems do not related to kconfig?
>
> Yes, the issue is that you need to create the file system (or set via
> tune2fs) the feature flag "encrypt". To best test the read/write
> paths, you should set the mount option test_dummy_encryption. The
> kvm-xfstests and gce-xfstests framework do all of this automatically.
> From xfstests-bld/kvm-xfstests/test-appliance/files/root/cfg/fs/ext4/encrypt:
>
> SIZE=small
> export EXT_MKFS_OPTIONS="-O encrypt"
> export EXT_MOUNT_OPTIONS="test_dummy_encryption"
> REQUIRE_FEATURE=encryption
> TESTNAME="Ext4 encryption"
I just want to use mkfs and mount to enable this feature, could you
help give me an example about it?
Thanks
Xiang
>
> There are a number tests that are known to fail; primarily having to
> do with quota support, which doesn't play well with
> test_dummy_encryption (that's more of a test problem than anything
> else). See the encrypt.exclude file in that directory for more
> details.
>
> Cheers,
>
> - Ted
On Tue, Aug 08, 2017 at 09:27:38AM +0800, Dai Xiang wrote:
> >
> > Actually, this is one of the tests in the "encrypt" group, which format the
> > scratch device with "-O encrypt". So I believe the printed message is correct.
> > Are you 100% sure that CONFIG_EXT4_ENCRYPTION is enabled in your kernel config
> > and that you are running the correct kernel?
>
> I use v4.13-rc3 kernerl, and i find this info refer to https://wiki.archlinux.org/index.php/ext4#Using_file-based_encryption:
>
> Ext4 forbids encrypting the root (/) directory and will produce an error on kernel 4.13 and later
>
> Does it impact?
>
No, the tests do not try to encrypt the root directory. Can you please double
check that the kernel you're testing actually has CONFIG_EXT4_ENCRYPTION
enabled?
Eric
On Mon, Aug 07, 2017 at 10:50:13PM -0700, Eric Biggers wrote:
> On Tue, Aug 08, 2017 at 09:27:38AM +0800, Dai Xiang wrote:
> > >
> > > Actually, this is one of the tests in the "encrypt" group, which format the
> > > scratch device with "-O encrypt". So I believe the printed message is correct.
> > > Are you 100% sure that CONFIG_EXT4_ENCRYPTION is enabled in your kernel config
> > > and that you are running the correct kernel?
> >
> > I use v4.13-rc3 kernerl, and i find this info refer to https://wiki.archlinux.org/index.php/ext4#Using_file-based_encryption:
> >
> > Ext4 forbids encrypting the root (/) directory and will produce an error on kernel 4.13 and later
> >
> > Does it impact?
> >
>
> No, the tests do not try to encrypt the root directory. Can you please double
> check that the kernel you're testing actually has CONFIG_EXT4_ENCRYPTION
> enabled?
oh, I see, i miss them, but i have a new question:
I have set CONFIG_FS_ENCRYPTION and CONFIG_EXT4_ENCRYPTION both y, but
after build the config do not include them, and what make me confused
is that there is no failure log about them.
Did i miss some dependence kconfigs or conflict kconfigs?
>
> Eric
On Tue, Aug 08, 2017 at 02:03:20PM +0800, Dai Xiang wrote:
> oh, I see, i miss them, but i have a new question:
>
> I have set CONFIG_FS_ENCRYPTION and CONFIG_EXT4_ENCRYPTION both y, but
> after build the config do not include them, and what make me confused
> is that there is no failure log about them.
>
> Did i miss some dependence kconfigs or conflict kconfigs?
Almost certainly. :-)
You can use "make menuconfig" to help figure out what you missed.
- Ted