generic/572-579 have tests for fsverity. Now that btrfs supports
fsverity, make these tests function as well. For a majority of the tests
that pass, simply adding the case to mkfs a btrfs filesystem with no
extra options is sufficient.
However, generic/574 has tests for corrupting the merkle tree itself.
Since btrfs uses a different scheme from ext4 and f2fs for storing this
data, the existing logic for corrupting it doesn't work out of the box.
Adapt it to properly corrupt btrfs merkle items.
576 does not run because btrfs does not support transparent encryption.
This test relies on the btrfs implementation of fsverity in the patch:
btrfs: initial fsverity support
and on btrfs-corrupt-block for corruption in the patches titled:
btrfs-progs: corrupt generic item data with btrfs-corrupt-block
btrfs-progs: expand corrupt_file_extent in btrfs-corrupt-block
Signed-off-by: Boris Burkov <boris@xxxxxx>
---
common/btrfs | 5 +++++
common/config | 1 +
common/verity | 23 +++++++++++++++++++++++
3 files changed, 29 insertions(+)
diff --git a/common/btrfs b/common/btrfs
index 670d9d1f..c3a7dc6e 100644
--- a/common/btrfs
+++ b/common/btrfs
@@ -511,3 +511,8 @@ _btrfs_metadump()
$BTRFS_IMAGE_PROG "$device" "$dumpfile"
[ -n "$DUMP_COMPRESSOR" ] && $DUMP_COMPRESSOR -f "$dumpfile" &> /dev/null
}
+
+_require_btrfs_corrupt_block()
+{
+ _require_command "$BTRFS_CORRUPT_BLOCK_PROG" btrfs-corrupt-block
+}
diff --git a/common/config b/common/config
index 479e50d1..67bdf912 100644
--- a/common/config
+++ b/common/config
@@ -296,6 +296,7 @@ export BTRFS_UTIL_PROG=$(type -P btrfs)
export BTRFS_SHOW_SUPER_PROG=$(type -P btrfs-show-super)
export BTRFS_CONVERT_PROG=$(type -P btrfs-convert)
export BTRFS_TUNE_PROG=$(type -P btrfstune)
+export BTRFS_CORRUPT_BLOCK_PROG=$(type -P btrfs-corrupt-block)
export XFS_FSR_PROG=$(type -P xfs_fsr)
export MKFS_NFS_PROG="false"
export MKFS_CIFS_PROG="false"
diff --git a/common/verity b/common/verity
index d58cad90..c6a47013 100644
--- a/common/verity
+++ b/common/verity
@@ -3,6 +3,8 @@
#
# Functions for setting up and testing fs-verity
+. common/btrfs
+
_require_scratch_verity()
{
_require_scratch
@@ -145,6 +147,9 @@ _require_fsverity_dump_metadata()
_require_fsverity_corruption()
{
_require_xfs_io_command "fiemap"
+ if [ $FSTYP == "btrfs" ]; then
+ _require_btrfs_corrupt_block
+ fi
}
_scratch_mkfs_verity()
@@ -153,6 +158,9 @@ _scratch_mkfs_verity()
ext4|f2fs)
_scratch_mkfs -O verity
;;
+ btrfs)
+ _scratch_mkfs
+ ;;
*)
_notrun "No verity support for $FSTYP"
;;
@@ -314,6 +322,21 @@ _fsv_scratch_corrupt_merkle_tree()
(( offset += ($(_get_filesize $file) + 65535) & ~65535 ))
_fsv_scratch_corrupt_bytes $file $offset
;;
+ btrfs)
+ local ino=$(stat -c '%i' $file)
+ _scratch_unmount
+ local byte=""
+ while read -n 1 byte; do
+ local ascii=$(printf "%d" "'$byte'")
+ # This command will find a Merkle tree item for the inode (-I $ino,37,0)
+ # in the default filesystem tree (-r 5) and corrupt one byte (-b 1) at
+ # $offset (-o $offset) with the ascii representation of the byte we read
+ # (-v $ascii)
+ $BTRFS_CORRUPT_BLOCK_PROG -r 5 -I $ino,37,0 -v $ascii -o $offset -b 1 $SCRATCH_DEV
+ (( offset += 1 ))
+ done
+ _scratch_mount
+ ;;
*)
_fail "_fsv_scratch_corrupt_merkle_tree() unimplemented on $FSTYP"
;;
--
2.31.0
|