On 2024-04-29 20:42:21, Darrick J. Wong wrote:
> From: Darrick J. Wong <djwong@xxxxxxxxxx>
>
> If verity is enabled on a filesystem, we should create some sample
> verity files.
>
> Signed-off-by: Darrick J. Wong <djwong@xxxxxxxxxx>
> ---
> common/populate | 24 ++++++++++++++++++++++++
> 1 file changed, 24 insertions(+)
>
>
> diff --git a/common/populate b/common/populate
> index 35071f4210..ab9495e739 100644
> --- a/common/populate
> +++ b/common/populate
> @@ -520,6 +520,30 @@ _scratch_xfs_populate() {
> done
> fi
>
> + # verity merkle trees
> + is_verity="$(_xfs_has_feature "$SCRATCH_MNT" verity -v)"
> + if [ $is_verity -gt 0 ]; then
> + echo "+ fsverity"
> +
> + # Create a biggish file with all zeroes, because metadump
> + # won't preserve data blocks and we don't want the hashes to
> + # stop working for our sample fs.
Hashes of the data blocks in the merkle tree? All zeros to use
.zero_digest in fs-verity? Not sure if got this comment right
> + for ((pos = 0, i = 88; pos < 23456789; pos += 234567, i++)); do
> + $XFS_IO_PROG -f -c "pwrite -S 0 $pos 234567" "$SCRATCH_MNT/verity"
> + done
> +
> + fsverity enable "$SCRATCH_MNT/verity"
> +
> + # Create a sparse file
> + $XFS_IO_PROG -f -c "pwrite -S 0 0 3" -c "pwrite -S 0 23456789 3" "$SCRATCH_MNT/sparse_verity"
> + fsverity enable "$SCRATCH_MNT/sparse_verity"
> +
> + # Create a salted sparse file
> + $XFS_IO_PROG -f -c "pwrite -S 0 0 3" -c "pwrite -S 0 23456789 3" "$SCRATCH_MNT/salted_verity"
> + local salt="5846532066696e616c6c7920686173206461746120636865636b73756d732121" # XFS finally has data checksums!!
> + fsverity enable --salt="$salt" "$SCRATCH_MNT/salted_verity"
> + fi
> +
> # Copy some real files (xfs tests, I guess...)
> echo "+ real files"
> test $fill -ne 0 && __populate_fill_fs "${SCRATCH_MNT}" 5
>
--
- Andrey
