diff mbox series

[v7,3/5] generic/574: corrupt btrfs merkle tree data

Message ID 6d08195d452509ebf0f8724fd3c25a7cd2079232.1647382272.git.boris@bur.io (mailing list archive)
State New, archived
Headers show
Series tests for btrfs fsverity | expand

Commit Message

Boris Burkov March 15, 2022, 10:15 p.m. UTC
generic/574 has tests for corrupting the merkle tree data stored by the
filesystem. Since btrfs uses a different scheme for storing this data,
the existing logic for corrupting it doesn't work out of the box. Adapt
it to properly corrupt btrfs merkle items.

This test relies on the btrfs implementation of fsverity in the patch:
btrfs: initial fsverity support

and on btrfs-corrupt-block for corruption in the patches titled:
btrfs-progs: corrupt generic item data with btrfs-corrupt-block
btrfs-progs: expand corrupt_file_extent in btrfs-corrupt-block

Signed-off-by: Boris Burkov <boris@bur.io>
---
 common/verity     | 15 +++++++++++++++
 tests/generic/574 |  1 +
 2 files changed, 16 insertions(+)

Comments

Eric Biggers March 16, 2022, 5:29 p.m. UTC | #1
On Tue, Mar 15, 2022 at 03:15:59PM -0700, Boris Burkov wrote:
> generic/574 has tests for corrupting the merkle tree data stored by the
> filesystem. Since btrfs uses a different scheme for storing this data,
> the existing logic for corrupting it doesn't work out of the box. Adapt
> it to properly corrupt btrfs merkle items.
> 
> This test relies on the btrfs implementation of fsverity in the patch:
> btrfs: initial fsverity support
> 
> and on btrfs-corrupt-block for corruption in the patches titled:
> btrfs-progs: corrupt generic item data with btrfs-corrupt-block
> btrfs-progs: expand corrupt_file_extent in btrfs-corrupt-block
> 
> Signed-off-by: Boris Burkov <boris@bur.io>
> ---
>  common/verity     | 15 +++++++++++++++
>  tests/generic/574 |  1 +
>  2 files changed, 16 insertions(+)
> 
> diff --git a/common/verity b/common/verity
> index 77766fca..db03510e 100644
> --- a/common/verity
> +++ b/common/verity
> @@ -328,6 +328,21 @@ _fsv_scratch_corrupt_merkle_tree()
>  		(( offset += ($(_get_filesize $file) + 65535) & ~65535 ))
>  		_fsv_scratch_corrupt_bytes $file $offset
>  		;;
> +	btrfs)
> +		local ino=$(stat -c '%i' $file)
> +		_scratch_unmount
> +		local byte=""
> +		while read -n 1 byte; do
> +			local ascii=$(printf "%d" "'$byte'")
> +			# This command will find a Merkle tree item for the inode (-I $ino,37,0)
> +			# in the default filesystem tree (-r 5) and corrupt one byte (-b 1) at
> +			# $offset (-o $offset) with the ascii representation of the byte we read
> +			# (-v $ascii)
> +			$BTRFS_CORRUPT_BLOCK_PROG -r 5 -I $ino,37,0 -v $ascii -o $offset -b 1 $SCRATCH_DEV
> +			(( offset += 1 ))
> +		done
> +		_scratch_mount
> +		;;
>  	*)
>  		_fail "_fsv_scratch_corrupt_merkle_tree() unimplemented on $FSTYP"
>  		;;
> diff --git a/tests/generic/574 b/tests/generic/574
> index 17fdea52..18810ab2 100755
> --- a/tests/generic/574
> +++ b/tests/generic/574
> @@ -27,6 +27,7 @@ _cleanup()
>  # real QA test starts here
>  _supported_fs generic
>  _require_scratch_verity
> +_require_fsverity_corruption
>  _disable_fsverity_signatures
>  _require_fsverity_corruption
>  

_require_fsverity_corruption is already present above.

That would mean this patch should only change common/verity, and its subject
should have "common/verity", not "generic/574".

- Eric
diff mbox series

Patch

diff --git a/common/verity b/common/verity
index 77766fca..db03510e 100644
--- a/common/verity
+++ b/common/verity
@@ -328,6 +328,21 @@  _fsv_scratch_corrupt_merkle_tree()
 		(( offset += ($(_get_filesize $file) + 65535) & ~65535 ))
 		_fsv_scratch_corrupt_bytes $file $offset
 		;;
+	btrfs)
+		local ino=$(stat -c '%i' $file)
+		_scratch_unmount
+		local byte=""
+		while read -n 1 byte; do
+			local ascii=$(printf "%d" "'$byte'")
+			# This command will find a Merkle tree item for the inode (-I $ino,37,0)
+			# in the default filesystem tree (-r 5) and corrupt one byte (-b 1) at
+			# $offset (-o $offset) with the ascii representation of the byte we read
+			# (-v $ascii)
+			$BTRFS_CORRUPT_BLOCK_PROG -r 5 -I $ino,37,0 -v $ascii -o $offset -b 1 $SCRATCH_DEV
+			(( offset += 1 ))
+		done
+		_scratch_mount
+		;;
 	*)
 		_fail "_fsv_scratch_corrupt_merkle_tree() unimplemented on $FSTYP"
 		;;
diff --git a/tests/generic/574 b/tests/generic/574
index 17fdea52..18810ab2 100755
--- a/tests/generic/574
+++ b/tests/generic/574
@@ -27,6 +27,7 @@  _cleanup()
 # real QA test starts here
 _supported_fs generic
 _require_scratch_verity
+_require_fsverity_corruption
 _disable_fsverity_signatures
 _require_fsverity_corruption