From patchwork Fri Nov 4 06:47:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13031420 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 317B0C4167B for ; Fri, 4 Nov 2022 06:48:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231538AbiKDGso (ORCPT ); Fri, 4 Nov 2022 02:48:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36766 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231637AbiKDGsA (ORCPT ); Fri, 4 Nov 2022 02:48:00 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7FC5E2B1A6; Thu, 3 Nov 2022 23:47:58 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 41011B82B48; Fri, 4 Nov 2022 06:47:57 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C1323C433D6; Fri, 4 Nov 2022 06:47:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1667544475; bh=b27OYM/+hlWczjScDxB/0S+sCR4s1dol8LzHKDGPVGU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=tw6/CwPOg2illMVqgB59lHPw9wbDw/ubRtCkx9RDLoH2ANYrrQIUeK7CdQY7VLdpA 5D2UgZLGkbgUMo7Nwj1j+rJHcmpiCcmOGhCU4ye9GutH/rqyVzk5riUuaurh4OmkgP OlIK/xC98hzC1VTcrFrf6Eo3HIsixR5XQEiGHUDGzOGf07G888hVmiygOnBCVAV8dB rtO2ydrYY26g+Qn8H1YcB5efdg+1Oktec9TOnsxDjXf10bStbkvOmAgPugTpjXVAN4 +dPkp1+ag5GrVa6EKWe58wAXq8MjGDyizjcFQz/Hpgrlrt+KF6aufMxszU73BK23// +ACi96PRA2TWA== From: Eric Biggers To: fstests@vger.kernel.org Cc: Andrey Albershteyn , linux-fscrypt@vger.kernel.org Subject: [xfstests PATCH 1/3] common/verity: fix _fsv_have_hash_algorithm() with required signatures Date: Thu, 3 Nov 2022 23:47:40 -0700 Message-Id: <20221104064742.167326-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221104064742.167326-1-ebiggers@kernel.org> References: <20221104064742.167326-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org From: Eric Biggers _fsv_have_hash_algorithm() uses _fsv_enable() without a signature, so it always fails when called while fs.verity.require_signatures=1. This happens in generic/577, which tests file signing. This wasn't noticed because it just made part of generic/577 always be skipped. Fix this by making _fsv_have_hash_algorithm() temporarily set fs.verity.require_signatures to 0. Since the previous value needs to be restored afterwards, whether it is 0 or 1, also make some changes to the fs.verity.require_signatures helper functions to allow the restoration of the previous value, rather than the value that existed at the beginning of the test. Finally, make a couple related cleanups: make _fsv_have_hash_algorithm() always delete the file it works with, and also update the similar code in _require_scratch_verity(). Reported-by: Andrey Albershteyn Signed-off-by: Eric Biggers --- common/verity | 69 ++++++++++++++++++++++++++++++++++----------------- 1 file changed, 46 insertions(+), 23 deletions(-) diff --git a/common/verity b/common/verity index 65a39d3e..4a9c9872 100644 --- a/common/verity +++ b/common/verity @@ -44,12 +44,13 @@ _require_scratch_verity() # doesn't work on ext3-style filesystems. So, try actually using it. echo foo > $SCRATCH_MNT/tmpfile _disable_fsverity_signatures - if ! _fsv_enable $SCRATCH_MNT/tmpfile; then - _restore_fsverity_signatures + _fsv_enable $SCRATCH_MNT/tmpfile + local status=$? + _restore_prev_fsverity_signatures + rm -f $SCRATCH_MNT/tmpfile + if (( $status != 0 )); then _notrun "$FSTYP verity isn't usable by default with these mkfs options" fi - _restore_fsverity_signatures - rm -f $SCRATCH_MNT/tmpfile _scratch_unmount @@ -104,30 +105,52 @@ _fsv_load_cert() # Disable mandatory signatures for fs-verity files, if they are supported. _disable_fsverity_signatures() { - if [ -e /proc/sys/fs/verity/require_signatures ]; then - if [ -z "$FSVERITY_SIG_CTL_ORIG" ]; then - FSVERITY_SIG_CTL_ORIG=$( /proc/sys/fs/verity/require_signatures - fi + _set_fsverity_require_signatures 0 } # Enable mandatory signatures for fs-verity files. # This assumes that _require_fsverity_builtin_signatures() was called. _enable_fsverity_signatures() { - if [ -z "$FSVERITY_SIG_CTL_ORIG" ]; then - FSVERITY_SIG_CTL_ORIG=$( /proc/sys/fs/verity/require_signatures + _set_fsverity_require_signatures 1 } -# Restore the original signature verification setting. +# Restore the original value of fs.verity.require_signatures, i.e. the value it +# had at the beginning of the test. _restore_fsverity_signatures() { - if [ -n "$FSVERITY_SIG_CTL_ORIG" ]; then - echo "$FSVERITY_SIG_CTL_ORIG" > /proc/sys/fs/verity/require_signatures - fi + if [ -n "$FSVERITY_SIG_CTL_ORIG" ]; then + _set_fsverity_require_signatures "$FSVERITY_SIG_CTL_ORIG" + fi +} + +# Restore the previous value of fs.verity.require_signatures, i.e. the value it +# had just before it was last written to. +_restore_prev_fsverity_signatures() +{ + if [ -n "$FSVERITY_SIG_CTL_PREV" ]; then + _set_fsverity_require_signatures "$FSVERITY_SIG_CTL_PREV" + fi +} + +_set_fsverity_require_signatures() +{ + local newval=$1 + if [ ! -e /proc/sys/fs/verity/require_signatures ]; then + # If the kernel doesn't support fs.verity.require_signatures, + # then trying to disable it is fine, but enabling it is not. + if [ "$newval" != 0 ]; then + # Forgot to call _require_fsverity_builtin_signatures(). + _fail "fs.verity.require_signatures is missing" + fi + return + fi + local oldval=$( /proc/sys/fs/verity/require_signatures } # Require userspace and kernel support for 'fsverity dump_metadata'. @@ -245,14 +268,14 @@ _fsv_have_hash_algorithm() local hash_alg=$1 local test_file=$2 + _disable_fsverity_signatures rm -f $test_file head -c 4096 /dev/zero > $test_file - if ! _fsv_enable --hash-alg=$hash_alg $test_file &>> $seqres.full; then - # no kernel support - return 1 - fi + _fsv_enable --hash-alg=$hash_alg $test_file &>> $seqres.full + local status=$? + _restore_prev_fsverity_signatures rm -f $test_file - return 0 + return $status } # From patchwork Fri Nov 4 06:47:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13031421 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 846E7C4167E for ; Fri, 4 Nov 2022 06:48:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231637AbiKDGsp (ORCPT ); Fri, 4 Nov 2022 02:48:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36768 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231642AbiKDGsA (ORCPT ); Fri, 4 Nov 2022 02:48:00 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B76E32B266; Thu, 3 Nov 2022 23:47:58 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 72F07B82B45; Fri, 4 Nov 2022 06:47:57 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1278CC433D7; Fri, 4 Nov 2022 06:47:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1667544476; bh=dJSEu0lKsb2RDpf3fl/Ist4zPInufhx9O+WauiS9WhA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=LjlxH85/NedKsuXVnTkh8+1DAbK841cz34G0JMLTMQkBycZtiQkCUtvCPrG7abf2N smMozBoqA5oNlXbHDNXQgsd1YQETmSbDRLjuDL7cyduxqxE5OikAaArXtr3CVJZMV+ gxR8w3NQpbN1Z+b32RSTntRtV12QKFQhbEPeF5N3bLREHiH/KOzmpivKLAhlQkSW1C lRebOtSFZjB5nnEMqFwsmDnABkmsUrsz4YuAFkWPhK6pIfI6AofTp+vUDp11JvuPR+ VlAwl40mg+EzaZu4jwHbqe1qoW7cSF8Juy49X2ZopNzzriOUQXYCB/bczlG80iUHij Gg5dCuGhtFkQw== From: Eric Biggers To: fstests@vger.kernel.org Cc: Andrey Albershteyn , linux-fscrypt@vger.kernel.org Subject: [xfstests PATCH 2/3] generic/577: add missing file removal before empty file test Date: Thu, 3 Nov 2022 23:47:41 -0700 Message-Id: <20221104064742.167326-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221104064742.167326-1-ebiggers@kernel.org> References: <20221104064742.167326-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org From: Eric Biggers The fix for _fsv_have_hash_algorithm() exposed a bug where one of the test cases in generic/577 isn't deleting the file from the previous test case before it tries to write to it. That causes a failure, since due to the fix for _fsv_have_hash_algorithm(), the file from the previous test case now ends up with verity enabled and therefore cannot be written to. Fix this by deleting the file. Reported-by: Andrey Albershteyn Signed-off-by: Eric Biggers --- tests/generic/577 | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/generic/577 b/tests/generic/577 index 98c3888f..5f7e0573 100755 --- a/tests/generic/577 +++ b/tests/generic/577 @@ -121,6 +121,7 @@ if _fsv_have_hash_algorithm sha512 $fsv_file; then fi echo -e "\n# Testing empty file" +rm -f $fsv_file echo -n > $fsv_file _fsv_sign $fsv_file $sigfile.emptyfile --key=$keyfile --cert=$certfile | \ _filter_scratch From patchwork Fri Nov 4 06:47:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13031418 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 831AEC433FE for ; Fri, 4 Nov 2022 06:48:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231714AbiKDGsm (ORCPT ); Fri, 4 Nov 2022 02:48:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231620AbiKDGr6 (ORCPT ); Fri, 4 Nov 2022 02:47:58 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 72E552AC7A; Thu, 3 Nov 2022 23:47:57 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 0DC8E620D0; Fri, 4 Nov 2022 06:47:57 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 529DCC43144; Fri, 4 Nov 2022 06:47:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1667544476; bh=BW8pVW5BVjfri4dyrTipKKy3ENTLbXJCjfFUziVKoPQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KOKxjCHfUBTHC9fh8Qa1nx13Ias+7z1bv9fl4lPbqoRwASpiBrvMd18Y1c0eZf0Mo 6JO43WWBXVY9oh18y56ctkMOZzuffv8N8iBlZAeNNSqErTY2HKQgbEgz3s8I2ZnuAj NGQvD2PCi5voCn8FAWYAxmW5elQXq/LD4KS/MdpMRTcbEm8q9Rl+ts+5KVBetPEM2r /FmwV3HnGN5LfZ8Ty2CAPzvl18ChgOa/TzhL0UP54wHY/3+uoYBYgOAmuLB5IHrWTL OHU5KQPrV8DbzvoYwZIJfLKawTSh+pI57n4VtXZ0CmskUg/kPNw29YVM4OtUYN//k1 IvDdRo0TvLmCw== From: Eric Biggers To: fstests@vger.kernel.org Cc: Andrey Albershteyn , linux-fscrypt@vger.kernel.org Subject: [xfstests PATCH 3/3] tests: fix some tests for systems with fs.verity.require_signatures=1 Date: Thu, 3 Nov 2022 23:47:42 -0700 Message-Id: <20221104064742.167326-4-ebiggers@kernel.org> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221104064742.167326-1-ebiggers@kernel.org> References: <20221104064742.167326-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org From: Eric Biggers Some of the newer verity tests don't work properly on systems where fs.verity.require_signatures is enabled, either because they forget to disable it at the beginning of the test, or they forget to re-enable it afterwards, or both. Fix this. Signed-off-by: Eric Biggers --- tests/btrfs/290 | 9 +++++++++ tests/btrfs/291 | 2 ++ tests/generic/624 | 8 ++++++++ tests/generic/692 | 8 ++++++++ 4 files changed, 27 insertions(+) diff --git a/tests/btrfs/290 b/tests/btrfs/290 index b7254c5e..06a58f47 100755 --- a/tests/btrfs/290 +++ b/tests/btrfs/290 @@ -15,6 +15,14 @@ _begin_fstest auto quick verity . ./common/filter . ./common/verity +# Override the default cleanup function. +_cleanup() +{ + cd / + _restore_fsverity_signatures + rm -f $tmp.* +} + # real QA test starts here _supported_fs btrfs _require_scratch_verity @@ -24,6 +32,7 @@ _require_xfs_io_command "falloc" _require_xfs_io_command "pread" _require_xfs_io_command "pwrite" _require_btrfs_corrupt_block +_disable_fsverity_signatures get_ino() { local file=$1 diff --git a/tests/btrfs/291 b/tests/btrfs/291 index bbdd183d..c5947133 100755 --- a/tests/btrfs/291 +++ b/tests/btrfs/291 @@ -23,6 +23,7 @@ _cleanup() rm -f $img $LVM_PROG vgremove -f -y $vgname >>$seqres.full 2>&1 losetup -d $loop_dev >>$seqres.full 2>&1 + _restore_fsverity_signatures } # Import common functions. @@ -43,6 +44,7 @@ _require_command $LVM_PROG lvm _require_scratch_verity _require_btrfs_command inspect-internal dump-tree _require_test_program "log-writes/replay-log" +_disable_fsverity_signatures sync_loop() { i=$1 diff --git a/tests/generic/624 b/tests/generic/624 index 89fbf256..7c447289 100755 --- a/tests/generic/624 +++ b/tests/generic/624 @@ -10,6 +10,14 @@ . ./common/preamble _begin_fstest auto quick verity +# Override the default cleanup function. +_cleanup() +{ + cd / + _restore_fsverity_signatures + rm -f $tmp.* +} + . ./common/filter . ./common/verity diff --git a/tests/generic/692 b/tests/generic/692 index 0bb1fd33..d6da734b 100644 --- a/tests/generic/692 +++ b/tests/generic/692 @@ -15,6 +15,13 @@ . ./common/preamble _begin_fstest auto quick verity +# Override the default cleanup function. +_cleanup() +{ + cd / + _restore_fsverity_signatures + rm -f $tmp.* +} # Import common functions. . ./common/filter @@ -26,6 +33,7 @@ _require_test _require_math _require_scratch_verity _require_fsverity_max_file_size_limit +_disable_fsverity_signatures _scratch_mkfs_verity &>> $seqres.full _scratch_mount