Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1079893yba; Fri, 26 Apr 2019 13:46:13 -0700 (PDT) X-Google-Smtp-Source: APXvYqySFgS+hpvkcqZJmhgsuW34xPZxCpIrmfkE34LtCJ0Mw/3mEinXWYNpwZQ0czZdGhiEdUom X-Received: by 2002:a65:6389:: with SMTP id h9mr37334154pgv.398.1556311573100; Fri, 26 Apr 2019 13:46:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556311573; cv=none; d=google.com; s=arc-20160816; b=GJ7/odVgAt5UR+qCa9TKwJp7xMzdcRWoZXTNXF2PC1D4Xc55WyPNEnzTbPS0dtfObU 2CJUblf1hWhx+7LHybhz9xzENBu2Q/9FvITQqivGKUTwVuaBgHS5zeOK/SgQZEWCMUC9 ENEzCRYFqNfmLRGfhaOiMZrQJ3tjXVKup7TWKi5zPZw4j5OXtKuhGiC8v2TlHKaClqon vjCk/Mh2rA8P6eH2Ss5irR2o6nPiCnVMCLzEzFktWb6LvXHPINwZzkb9hGjzHdY/QeCf 4q2J4VMwUqOE1unKQCQvEhe9qH0EtouHureJw3xZfgjblrsCEJqUND9/nEg37J4wqnLi v/XQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=RmJ/m4JQ9HikIQyAS76fzs0/iiJzxJ94HcvZr4W5Bkc=; b=Kr2V8eSStJ0moN+OoT7pgadgTKCTQ1JMPIYZ6WuLZL2R/zQdcU/Xw81pz75UtWE5/3 e4jjURG+tKzEBLxQRdMZUwL2iDHAi/toPMKHV0Gqcz3TBAUHq2QbLWZTuK+6GMf8Qinf LU0neROfdnHQnI79gr8pWppx6eC1lDb4a1Xd/YLcujQHBz+kOBOWUxSP5LKpukCDxNyl BWLrtKRtg8r17+WTuuJMp4QfmN2zW+GKQvOPog19Xdev3312kytb+dtn7jPjhx/MwGx2 nJCnQcjUCNtMIXuxHUqQ3mtj1ifztLonBO3MzW++/L4rgvgv2CndaK5z+9fm3xSpn51M dMYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=T6uqD2Lf; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s23si1114043pgl.263.2019.04.26.13.45.51; Fri, 26 Apr 2019 13:46:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=T6uqD2Lf; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725966AbfDZUpm (ORCPT + 99 others); Fri, 26 Apr 2019 16:45:42 -0400 Received: from mail.kernel.org ([198.145.29.99]:45054 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726231AbfDZUpl (ORCPT ); Fri, 26 Apr 2019 16:45:41 -0400 Received: from ebiggers-linuxstation.mtv.corp.google.com (unknown [104.132.1.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 6F59720869; Fri, 26 Apr 2019 20:45:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1556311539; bh=3si/nWHdDqJmpHvF6quE2ELdOpffNVXF533sbEw5hdQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=T6uqD2LfjsC2Y3Y2YkUxsD21monMRc8FmUiode7BrclbZVgCF89Oo8XLq8YcC+9rf RfLxHOmLiqtlT+FrQNGOMxcLraTzty2fTCd7oIEPqqzOpAQfZiyLC+cW7kPriouGYJ fO3yuAObK2KWIki7nekNPoGUSDtiILi9bEbrGwdY= From: Eric Biggers To: fstests@vger.kernel.org Cc: linux-fscrypt@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net Subject: [RFC PATCH 1/7] common/encrypt: introduce helpers for set_encpolicy and get_encpolicy Date: Fri, 26 Apr 2019 13:41:47 -0700 Message-Id: <20190426204153.101861-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.21.0.593.g511ec345e18-goog In-Reply-To: <20190426204153.101861-1-ebiggers@kernel.org> References: <20190426204153.101861-1-ebiggers@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers For conciseness in tests, add helper functions that wrap the xfs_io commands 'set_encpolicy' and 'get_encpolicy'. Then update all encryption tests to use them. Signed-off-by: Eric Biggers --- common/encrypt | 34 ++++++++++++++++++++++++++++++++-- tests/ext4/024 | 3 +-- tests/generic/395 | 28 +++++++++++++--------------- tests/generic/395.out | 2 +- tests/generic/396 | 15 +++++++-------- tests/generic/397 | 3 +-- tests/generic/398 | 5 ++--- tests/generic/399 | 3 +-- tests/generic/419 | 3 +-- tests/generic/421 | 3 +-- tests/generic/429 | 3 +-- tests/generic/435 | 3 +-- tests/generic/440 | 5 ++--- 13 files changed, 64 insertions(+), 46 deletions(-) diff --git a/common/encrypt b/common/encrypt index 1b10aa71..54d873fa 100644 --- a/common/encrypt +++ b/common/encrypt @@ -38,8 +38,7 @@ _require_scratch_encryption() # presence of /sys/fs/ext4/features/encryption, but this is broken on # some older kernels and is ext4-specific anyway.) mkdir $SCRATCH_MNT/tmpdir - if $XFS_IO_PROG -c set_encpolicy $SCRATCH_MNT/tmpdir \ - 2>&1 >>$seqres.full | \ + if _set_encpolicy $SCRATCH_MNT/tmpdir 2>&1 >>$seqres.full | \ egrep -q 'Inappropriate ioctl for device|Operation not supported' then _notrun "kernel does not support $FSTYP encryption" @@ -175,3 +174,34 @@ _revoke_encryption_key() local keyid=$($KEYCTL_PROG search @s logon $FSTYP:$keydesc) $KEYCTL_PROG revoke $keyid >>$seqres.full } + +# Set an encryption policy on the specified directory. +_set_encpolicy() +{ + local dir=$1 + shift + + $XFS_IO_PROG -c "set_encpolicy $*" "$dir" +} + +_user_do_set_encpolicy() +{ + local dir=$1 + shift + + _user_do "$XFS_IO_PROG -c \"set_encpolicy $*\" \"$dir\"" +} + +_require_get_encpolicy() +{ + _require_xfs_io_command "get_encpolicy" +} + +# Display the specified file or directory's encryption policy. +_get_encpolicy() +{ + local file=$1 + shift + + $XFS_IO_PROG -c "get_encpolicy $*" "$file" +} diff --git a/tests/ext4/024 b/tests/ext4/024 index c54d2519..a86cc417 100755 --- a/tests/ext4/024 +++ b/tests/ext4/024 @@ -33,7 +33,6 @@ rm -f $seqres.full _supported_fs ext4 _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _require_command "$KEYCTL_PROG" keyctl _new_session_keyring @@ -55,7 +54,7 @@ _scratch_mkfs_encrypted &>>$seqres.full _scratch_mount mkdir $SCRATCH_MNT/edir keydesc=$(_generate_encryption_key) -$XFS_IO_PROG -c "set_encpolicy $keydesc" $SCRATCH_MNT/edir +_set_encpolicy $SCRATCH_MNT/edir $keydesc echo foo > $SCRATCH_MNT/edir/file inum=$(stat -c '%i' $SCRATCH_MNT/edir/file) _scratch_unmount diff --git a/tests/generic/395 b/tests/generic/395 index cae97cef..cdb348c1 100755 --- a/tests/generic/395 +++ b/tests/generic/395 @@ -33,8 +33,7 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "get_encpolicy" -_require_xfs_io_command "set_encpolicy" +_require_get_encpolicy _require_user _scratch_mkfs_encrypted &>> $seqres.full @@ -45,7 +44,7 @@ check_no_policy() # When a file is unencrypted, FS_IOC_GET_ENCRYPTION_POLICY currently # fails with ENOENT on ext4 but with ENODATA on f2fs. TODO: it's # planned to consistently use ENODATA. For now this test accepts both. - $XFS_IO_PROG -c "get_encpolicy" $1 |& + _get_encpolicy $1 |& sed -e 's/No such file or directory/No data available/' } @@ -54,25 +53,25 @@ empty_dir=$SCRATCH_MNT/empty_dir echo -e "\n*** Setting encryption policy on empty directory ***" mkdir $empty_dir check_no_policy $empty_dir |& _filter_scratch -$XFS_IO_PROG -c "set_encpolicy 0000111122223333" $empty_dir -$XFS_IO_PROG -c "get_encpolicy" $empty_dir | _filter_scratch +_set_encpolicy $empty_dir 0000111122223333 +_get_encpolicy $empty_dir | _filter_scratch # Should be able to set the same policy again, but not a different one. # TODO: the error code for "already has a different policy" is planned to switch # from EINVAL to EEXIST. For now this test accepts both. echo -e "\n*** Setting encryption policy again ***" -$XFS_IO_PROG -c "set_encpolicy 0000111122223333" $empty_dir -$XFS_IO_PROG -c "get_encpolicy" $empty_dir | _filter_scratch -$XFS_IO_PROG -c "set_encpolicy 4444555566667777" $empty_dir |& \ +_set_encpolicy $empty_dir 0000111122223333 +_get_encpolicy $empty_dir | _filter_scratch +_set_encpolicy $empty_dir 4444555566667777 |& \ _filter_scratch | sed -e 's/Invalid argument/File exists/' -$XFS_IO_PROG -c "get_encpolicy" $empty_dir | _filter_scratch +_get_encpolicy $empty_dir | _filter_scratch # Should *not* be able to set an encryption policy on a nonempty directory nonempty_dir=$SCRATCH_MNT/nonempty_dir echo -e "\n*** Setting encryption policy on nonempty directory ***" mkdir $nonempty_dir touch $nonempty_dir/file -$XFS_IO_PROG -c "set_encpolicy" $nonempty_dir |& _filter_scratch +_set_encpolicy $nonempty_dir |& _filter_scratch check_no_policy $nonempty_dir |& _filter_scratch # Should *not* be able to set an encryption policy on a nondirectory file, even @@ -83,7 +82,7 @@ check_no_policy $nonempty_dir |& _filter_scratch nondirectory=$SCRATCH_MNT/nondirectory echo -e "\n*** Setting encryption policy on nondirectory ***" touch $nondirectory -$XFS_IO_PROG -c "set_encpolicy" $nondirectory |& \ +_set_encpolicy $nondirectory |& \ _filter_scratch | sed -e 's/Invalid argument/Not a directory/' check_no_policy $nondirectory |& _filter_scratch @@ -93,8 +92,7 @@ check_no_policy $nondirectory |& _filter_scratch unauthorized_dir=$SCRATCH_MNT/unauthorized_dir echo -e "\n*** Setting encryption policy on another user's directory ***" mkdir $unauthorized_dir -su $qa_user -c "$XFS_IO_PROG -c \"set_encpolicy\" $unauthorized_dir" |& \ - _filter_scratch +_user_do_set_encpolicy $unauthorized_dir |& _filter_scratch check_no_policy $unauthorized_dir |& _filter_scratch # Should *not* be able to set an encryption policy on a directory on a @@ -104,12 +102,12 @@ check_no_policy $unauthorized_dir |& _filter_scratch echo -e "\n*** Setting encryption policy on readonly filesystem ***" mkdir $SCRATCH_MNT/ro_dir $SCRATCH_MNT/ro_bind_mnt _scratch_remount ro -$XFS_IO_PROG -c "set_encpolicy" $SCRATCH_MNT/ro_dir |& _filter_scratch +_set_encpolicy $SCRATCH_MNT/ro_dir |& _filter_scratch check_no_policy $SCRATCH_MNT/ro_dir |& _filter_scratch _scratch_remount rw mount --bind $SCRATCH_MNT $SCRATCH_MNT/ro_bind_mnt mount -o remount,ro,bind $SCRATCH_MNT/ro_bind_mnt -$XFS_IO_PROG -c "set_encpolicy" $SCRATCH_MNT/ro_bind_mnt/ro_dir |& _filter_scratch +_set_encpolicy $SCRATCH_MNT/ro_bind_mnt/ro_dir |& _filter_scratch check_no_policy $SCRATCH_MNT/ro_bind_mnt/ro_dir |& _filter_scratch umount $SCRATCH_MNT/ro_bind_mnt diff --git a/tests/generic/395.out b/tests/generic/395.out index 90c450f2..2c55d7a9 100644 --- a/tests/generic/395.out +++ b/tests/generic/395.out @@ -33,7 +33,7 @@ SCRATCH_MNT/nondirectory: failed to set encryption policy: Not a directory SCRATCH_MNT/nondirectory: failed to get encryption policy: No data available *** Setting encryption policy on another user's directory *** -SCRATCH_MNT/unauthorized_dir: failed to set encryption policy: Permission denied +Permission denied SCRATCH_MNT/unauthorized_dir: failed to get encryption policy: No data available *** Setting encryption policy on readonly filesystem *** diff --git a/tests/generic/396 b/tests/generic/396 index 50c2c2e0..7027c339 100755 --- a/tests/generic/396 +++ b/tests/generic/396 @@ -34,7 +34,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _scratch_mkfs_encrypted &>> $seqres.full _scratch_mount @@ -42,23 +41,23 @@ dir=$SCRATCH_MNT/dir mkdir $dir echo -e "\n*** Invalid contents encryption mode ***" -$XFS_IO_PROG -c "set_encpolicy -c 0xFF" $dir |& _filter_scratch +_set_encpolicy $dir -c 0xFF |& _filter_scratch echo -e "\n*** Invalid filenames encryption mode ***" -$XFS_IO_PROG -c "set_encpolicy -n 0xFF" $dir |& _filter_scratch +_set_encpolicy $dir -n 0xFF |& _filter_scratch echo -e "\n*** Invalid flags ***" -$XFS_IO_PROG -c "set_encpolicy -f 0xFF" $dir |& _filter_scratch +_set_encpolicy $dir -f 0xFF |& _filter_scratch echo -e "\n*** Invalid policy version ***" -$XFS_IO_PROG -c "set_encpolicy -v 0xFF" $dir |& _filter_scratch +_set_encpolicy $dir -v 0xFF |& _filter_scratch # Currently, the only supported combination of modes is AES-256-XTS for contents # and AES-256-CTS for filenames. Nothing else should be accepted. echo -e "\n*** Invalid combinations of modes ***" -$XFS_IO_PROG -c "set_encpolicy -c AES-256-CTS -n AES-256-CTS" $dir |& _filter_scratch -$XFS_IO_PROG -c "set_encpolicy -c AES-256-CTS -n AES-256-XTS" $dir |& _filter_scratch -$XFS_IO_PROG -c "set_encpolicy -c AES-256-XTS -n AES-256-XTS" $dir |& _filter_scratch +_set_encpolicy $dir -c AES-256-CTS -n AES-256-CTS |& _filter_scratch +_set_encpolicy $dir -c AES-256-CTS -n AES-256-XTS |& _filter_scratch +_set_encpolicy $dir -c AES-256-XTS -n AES-256-XTS |& _filter_scratch # success, all done status=0 diff --git a/tests/generic/397 b/tests/generic/397 index c2f779a4..a97e866b 100755 --- a/tests/generic/397 +++ b/tests/generic/397 @@ -37,7 +37,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _require_command "$KEYCTL_PROG" keyctl _new_session_keyring @@ -47,7 +46,7 @@ _scratch_mount mkdir $SCRATCH_MNT/edir $SCRATCH_MNT/ref_dir keydesc=$(_generate_encryption_key) -$XFS_IO_PROG -c "set_encpolicy $keydesc" $SCRATCH_MNT/edir +_set_encpolicy $SCRATCH_MNT/edir $keydesc for dir in $SCRATCH_MNT/edir $SCRATCH_MNT/ref_dir; do touch $dir/empty > /dev/null $XFS_IO_PROG -t -f -c "pwrite 0 4k" $dir/a > /dev/null diff --git a/tests/generic/398 b/tests/generic/398 index ecf82690..b1af65e5 100755 --- a/tests/generic/398 +++ b/tests/generic/398 @@ -56,7 +56,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _requires_renameat2 _new_session_keyring @@ -71,8 +70,8 @@ udir=$SCRATCH_MNT/udir mkdir $edir1 $edir2 $udir keydesc1=$(_generate_encryption_key) keydesc2=$(_generate_encryption_key) -$XFS_IO_PROG -c "set_encpolicy $keydesc1" $edir1 -$XFS_IO_PROG -c "set_encpolicy $keydesc2" $edir2 +_set_encpolicy $edir1 $keydesc1 +_set_encpolicy $edir2 $keydesc2 touch $edir1/efile1 touch $edir2/efile2 touch $udir/ufile diff --git a/tests/generic/399 b/tests/generic/399 index 5e55096f..5625503b 100755 --- a/tests/generic/399 +++ b/tests/generic/399 @@ -43,7 +43,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _require_command "$XZ_PROG" xz _require_command "$KEYCTL_PROG" keyctl @@ -64,7 +63,7 @@ _scratch_mount keydesc=$(_generate_encryption_key) mkdir $SCRATCH_MNT/encrypted_dir -$XFS_IO_PROG -c "set_encpolicy $keydesc" $SCRATCH_MNT/encrypted_dir +_set_encpolicy $SCRATCH_MNT/encrypted_dir $keydesc # Create the "same" symlink in two different directories. # Later we'll check both the name and target of the symlink. diff --git a/tests/generic/419 b/tests/generic/419 index 1014764c..2f1d34c6 100755 --- a/tests/generic/419 +++ b/tests/generic/419 @@ -38,7 +38,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _require_command "$KEYCTL_PROG" keyctl _requires_renameat2 @@ -49,7 +48,7 @@ _scratch_mount mkdir $SCRATCH_MNT/edir keydesc=$(_generate_encryption_key) -$XFS_IO_PROG -c "set_encpolicy $keydesc" $SCRATCH_MNT/edir +_set_encpolicy $SCRATCH_MNT/edir $keydesc echo a > $SCRATCH_MNT/edir/a echo b > $SCRATCH_MNT/edir/b _unlink_encryption_key $keydesc diff --git a/tests/generic/421 b/tests/generic/421 index 415e14b5..c8cc2dcc 100755 --- a/tests/generic/421 +++ b/tests/generic/421 @@ -35,7 +35,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _require_command "$KEYCTL_PROG" keyctl _new_session_keyring @@ -53,7 +52,7 @@ slice=2 rm -rf $dir mkdir $dir keydesc=$(_generate_encryption_key) -$XFS_IO_PROG -c "set_encpolicy $keydesc" $dir +_set_encpolicy $dir $keydesc $XFS_IO_PROG -f $file -c "pwrite 0 $((nproc*slice))M" -c "fsync" > /dev/null # Create processes to read from the encrypted file. Use fadvise to wipe the diff --git a/tests/generic/429 b/tests/generic/429 index 5f5b056a..472fdbd9 100755 --- a/tests/generic/429 +++ b/tests/generic/429 @@ -46,7 +46,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _require_command "$KEYCTL_PROG" keyctl _require_test_program "t_encrypted_d_revalidate" @@ -58,7 +57,7 @@ keydesc=$(_generate_key_descriptor) raw_key=$(_generate_raw_encryption_key) mkdir $SCRATCH_MNT/edir _add_encryption_key $keydesc $raw_key -$XFS_IO_PROG -c "set_encpolicy $keydesc" $SCRATCH_MNT/edir +_set_encpolicy $SCRATCH_MNT/edir $keydesc # Create two files in the directory: one whose name is valid in the base64 # format used for encoding ciphertext filenames, and one whose name is not. The diff --git a/tests/generic/435 b/tests/generic/435 index baed1bdc..073596f3 100755 --- a/tests/generic/435 +++ b/tests/generic/435 @@ -42,7 +42,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _require_command "$KEYCTL_PROG" keyctl # set up an encrypted directory @@ -53,7 +52,7 @@ _scratch_mount mkdir $SCRATCH_MNT/edir keydesc=$(_generate_encryption_key) # -f 0x2: zero-pad to 16-byte boundary (i.e. encryption block boundary) -$XFS_IO_PROG -c "set_encpolicy -f 0x2 $keydesc" $SCRATCH_MNT/edir +_set_encpolicy $SCRATCH_MNT/edir $keydesc -f 0x2 # Create files with long names (> 32 bytes, long enough to trigger the use of # "digested" names) in the encrypted directory. diff --git a/tests/generic/440 b/tests/generic/440 index 5013f276..434286f4 100755 --- a/tests/generic/440 +++ b/tests/generic/440 @@ -38,7 +38,6 @@ rm -f $seqres.full _supported_fs generic _supported_os Linux _require_scratch_encryption -_require_xfs_io_command "set_encpolicy" _require_command "$KEYCTL_PROG" keyctl # Set up an encryption-capable filesystem and an encryption key. @@ -52,7 +51,7 @@ _add_encryption_key $keydesc $raw_key # Set up an encrypted directory containing a regular file, a subdirectory, and a # symlink. mkdir $SCRATCH_MNT/edir -$XFS_IO_PROG -c "set_encpolicy $keydesc" $SCRATCH_MNT/edir +_set_encpolicy $SCRATCH_MNT/edir $keydesc mkdir $SCRATCH_MNT/edir/subdir ln -s target $SCRATCH_MNT/edir/symlink echo contents > $SCRATCH_MNT/edir/file @@ -82,7 +81,7 @@ echo echo "***** Child has key, but parent doesn't *****" _add_encryption_key $keydesc $raw_key mkdir $SCRATCH_MNT/edir2 -$XFS_IO_PROG -c "set_encpolicy $keydesc" $SCRATCH_MNT/edir2 +_set_encpolicy $SCRATCH_MNT/edir2 $keydesc ln $SCRATCH_MNT/edir/file $SCRATCH_MNT/edir2/link _scratch_cycle_mount cat $SCRATCH_MNT/edir2/link -- 2.21.0.593.g511ec345e18-goog