diff mbox series

[v3] fstests: add btrfs fs-verity send/recv test

Message ID e1e77ce5d7277b235e48adc8daf00a0dc0ae36e9.1660860807.git.boris@bur.io (mailing list archive)
State Superseded
Headers show
Series [v3] fstests: add btrfs fs-verity send/recv test | expand

Commit Message

Boris Burkov Aug. 18, 2022, 10:16 p.m. UTC 
Test btrfs send/recv support for fs-verity. Includes tests for
signatures, salts, and interaction with chmod/caps. The last of those is
to ensure the various features that go in during inode_finalize interact
properly.

This depends on the kernel patch adding support for send:
btrfs: send: add support for fs-verity

And the btrfs-progs patch adding support for recv:
btrfs-progs: receive: add support for fs-verity

Signed-off-by: Boris Burkov <boris@bur.io>
---
Changes for v3:
- commit a few things from v2 that I left unstaged (277 in output,
  true/false)
Changes for v2:
- btrfs/271 -> btrfs/277
- YOUR NAME HERE -> Meta
- change 0/1 to false/true
- change drop caches to cycle mount
- get rid of unneeded _require_test
- compare file contents

 tests/btrfs/277     | 115 ++++++++++++++++++++++++++++++++++++++++++++
 tests/btrfs/277.out |  59 +++++++++++++++++++++++
 2 files changed, 174 insertions(+)
 create mode 100755 tests/btrfs/277
 create mode 100644 tests/btrfs/277.out

Comments

Eric Biggers Aug. 18, 2022, 10:32 p.m. UTC | #1 
On Thu, Aug 18, 2022 at 03:16:30PM -0700, Boris Burkov wrote:
> Test btrfs send/recv support for fs-verity. Includes tests for
> signatures, salts, and interaction with chmod/caps. The last of those is
> to ensure the various features that go in during inode_finalize interact
> properly.
> 
> This depends on the kernel patch adding support for send:
> btrfs: send: add support for fs-verity
> 
> And the btrfs-progs patch adding support for recv:
> btrfs-progs: receive: add support for fs-verity
> 
> Signed-off-by: Boris Burkov <boris@bur.io>
> ---
> Changes for v3:
> - commit a few things from v2 that I left unstaged (277 in output,
>   true/false)
> Changes for v2:
> - btrfs/271 -> btrfs/277
> - YOUR NAME HERE -> Meta
> - change 0/1 to false/true
> - change drop caches to cycle mount
> - get rid of unneeded _require_test
> - compare file contents
> 
>  tests/btrfs/277     | 115 ++++++++++++++++++++++++++++++++++++++++++++
>  tests/btrfs/277.out |  59 +++++++++++++++++++++++
>  2 files changed, 174 insertions(+)
>  create mode 100755 tests/btrfs/277
>  create mode 100644 tests/btrfs/277.out
> 

Looks good,

Reviewed-by: Eric Biggers <ebiggers@google.com>

- Eric
David Sterba Aug. 19, 2022, 11:09 a.m. UTC | #2 
On Thu, Aug 18, 2022 at 03:16:30PM -0700, Boris Burkov wrote:
> Test btrfs send/recv support for fs-verity. Includes tests for
> signatures, salts, and interaction with chmod/caps. The last of those is
> to ensure the various features that go in during inode_finalize interact
> properly.
> 
> This depends on the kernel patch adding support for send:
> btrfs: send: add support for fs-verity
> 
> And the btrfs-progs patch adding support for recv:
> btrfs-progs: receive: add support for fs-verity
> 
> Signed-off-by: Boris Burkov <boris@bur.io>
> ---
> Changes for v3:
> - commit a few things from v2 that I left unstaged (277 in output,
>   true/false)
> Changes for v2:
> - btrfs/271 -> btrfs/277
> - YOUR NAME HERE -> Meta
> - change 0/1 to false/true
> - change drop caches to cycle mount
> - get rid of unneeded _require_test
> - compare file contents
> 
>  tests/btrfs/277     | 115 ++++++++++++++++++++++++++++++++++++++++++++
>  tests/btrfs/277.out |  59 +++++++++++++++++++++++
>  2 files changed, 174 insertions(+)
>  create mode 100755 tests/btrfs/277
>  create mode 100644 tests/btrfs/277.out
> 
> diff --git a/tests/btrfs/277 b/tests/btrfs/277
> new file mode 100755
> index 00000000..251e2818
> --- /dev/null
> +++ b/tests/btrfs/277
> @@ -0,0 +1,115 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Meta, Inc.  All Rights Reserved.
> +#
> +# FS QA Test 277
> +#
> +# Test sendstreams involving fs-verity enabled files.
> +#
> +. ./common/preamble
> +_begin_fstest auto quick verity send
> +
> +# Override the default cleanup function.
> +_cleanup()
> +{
> +	cd /
> +	_restore_fsverity_signatures
> +	rm -r -f $tmp.*
> +}
> +
> +# Import common functions.
> +. ./common/filter
> +. ./common/verity
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs btrfs
> +_require_scratch_verity
> +_require_fsverity_builtin_signatures
> +_require_command "$SETCAP_PROG" setcap
> +_require_command "$GETCAP_PROG" getcap
> +
> +subv=$SCRATCH_MNT/subv
> +fsv_file=$subv/file.fsv
> +keyfile=$tmp.key.pem
> +certfile=$tmp.cert.pem
> +certfileder=$tmp.cert.der
> +sigfile=$tmp.sig
> +stream=$tmp.fsv.ss
> +
> +_test_send_verity() {
> +	local sig=$1
> +	local salt=$2
> +	local extra_args=""
> +
> +	_scratch_mkfs >> $seqres.full
> +	_scratch_mount
> +	echo -e "\nverity send/recv test: sig: $sig salt: $salt"
> +	_disable_fsverity_signatures
> +
> +	echo "create subvolume"
> +	$BTRFS_UTIL_PROG subv create $subv >> $seqres.full

Please use full name of subcommands, ie. 'subvolume'
diff mbox series

Patch

diff --git a/tests/btrfs/277 b/tests/btrfs/277
new file mode 100755
index 00000000..251e2818
--- /dev/null
+++ b/tests/btrfs/277
@@ -0,0 +1,115 @@ 
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Meta, Inc.  All Rights Reserved.
+#
+# FS QA Test 277
+#
+# Test sendstreams involving fs-verity enabled files.
+#
+. ./common/preamble
+_begin_fstest auto quick verity send
+
+# Override the default cleanup function.
+_cleanup()
+{
+	cd /
+	_restore_fsverity_signatures
+	rm -r -f $tmp.*
+}
+
+# Import common functions.
+. ./common/filter
+. ./common/verity
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs btrfs
+_require_scratch_verity
+_require_fsverity_builtin_signatures
+_require_command "$SETCAP_PROG" setcap
+_require_command "$GETCAP_PROG" getcap
+
+subv=$SCRATCH_MNT/subv
+fsv_file=$subv/file.fsv
+keyfile=$tmp.key.pem
+certfile=$tmp.cert.pem
+certfileder=$tmp.cert.der
+sigfile=$tmp.sig
+stream=$tmp.fsv.ss
+
+_test_send_verity() {
+	local sig=$1
+	local salt=$2
+	local extra_args=""
+
+	_scratch_mkfs >> $seqres.full
+	_scratch_mount
+	echo -e "\nverity send/recv test: sig: $sig salt: $salt"
+	_disable_fsverity_signatures
+
+	echo "create subvolume"
+	$BTRFS_UTIL_PROG subv create $subv >> $seqres.full
+	echo "create file"
+	$XFS_IO_PROG -fc "pwrite -q -S 0x58 0 12288" $fsv_file
+	if $salt; then
+		extra_args+=" --salt=deadbeef"
+	fi
+	if $sig; then
+		echo "generate keys and cert"
+		_fsv_generate_cert $keyfile $certfile $certfileder
+		echo "clear keyring"
+		_fsv_clear_keyring
+		echo "load cert into keyring"
+		_fsv_load_cert $certfileder
+		echo "require signatures"
+		_enable_fsverity_signatures
+		echo "sign file digest"
+		_fsv_sign $fsv_file $sigfile --key=$keyfile --cert=$certfile \
+			$extra_args | _filter_scratch >> $seqres.full
+		extra_args+=" --signature=$sigfile"
+	fi
+	echo "enable verity"
+	_fsv_enable $fsv_file $extra_args
+	cat $fsv_file > $tmp.file-before
+	_fsv_measure $fsv_file > $tmp.digest-before
+
+	# ensure send plays nice with other properties that are set when
+	# finishing the file during send, like chmod and capabilities.
+	echo "modify other properties"
+	chmod a+x $fsv_file
+	$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" $fsv_file
+	$GETCAP_PROG $fsv_file > $tmp.cap-before
+
+	echo "set subvolume read only"
+	$BTRFS_UTIL_PROG property set $subv ro true
+	echo "send subvolume"
+	$BTRFS_UTIL_PROG send $subv -f $stream -q >> $seqres.full
+
+	echo "blow away fs"
+	_scratch_unmount
+	_scratch_mkfs >> $seqres.full
+	_scratch_mount
+
+	echo "receive sendstream"
+	$BTRFS_UTIL_PROG receive $SCRATCH_MNT -f $stream -q >> $seqres.full
+
+	echo "check received subvolume..."
+	_scratch_cycle_mount
+	_fsv_measure $fsv_file > $tmp.digest-after
+	$GETCAP_PROG $fsv_file > $tmp.cap-after
+	diff $tmp.file-before $fsv_file
+	diff $tmp.digest-before $tmp.digest-after
+	diff $tmp.cap-before $tmp.cap-after
+	_scratch_unmount
+	echo OK
+}
+
+_test_send_verity false false # no sig; no salt
+_test_send_verity false true # no sig; salt
+_test_send_verity true false # sig; no salt
+_test_send_verity true true # sig; salt
+
+# success, all done
+status=0
+exit
diff --git a/tests/btrfs/277.out b/tests/btrfs/277.out
new file mode 100644
index 00000000..5f778cf4
--- /dev/null
+++ b/tests/btrfs/277.out
@@ -0,0 +1,59 @@ 
+QA output created by 277
+
+verity send/recv test: sig: false salt: false
+create subvolume
+create file
+enable verity
+modify other properties
+set subvolume read only
+send subvolume
+blow away fs
+receive sendstream
+check received subvolume...
+OK
+
+verity send/recv test: sig: false salt: true
+create subvolume
+create file
+enable verity
+modify other properties
+set subvolume read only
+send subvolume
+blow away fs
+receive sendstream
+check received subvolume...
+OK
+
+verity send/recv test: sig: true salt: false
+create subvolume
+create file
+generate keys and cert
+clear keyring
+load cert into keyring
+require signatures
+sign file digest
+enable verity
+modify other properties
+set subvolume read only
+send subvolume
+blow away fs
+receive sendstream
+check received subvolume...
+OK
+
+verity send/recv test: sig: true salt: true
+create subvolume
+create file
+generate keys and cert
+clear keyring
+load cert into keyring
+require signatures
+sign file digest
+enable verity
+modify other properties
+set subvolume read only
+send subvolume
+blow away fs
+receive sendstream
+check received subvolume...
+OK