@@ -9,7 +9,7 @@
# - conditions for enabling verity
# - verity files have correct contents and size
# - can't change contents of verity files, but can change metadata
-# - can retrieve a verity file's measurement via FS_IOC_MEASURE_VERITY
+# - can retrieve a verity file's digest via FS_IOC_MEASURE_VERITY
#
. ./common/preamble
_begin_fstest auto quick verity
@@ -48,15 +48,6 @@ verify_data_readable()
md5sum $file > /dev/null
}
-verify_data_unreadable()
-{
- local file=$1
-
- # try both reading just the first data block, and reading until EOF
- head -c $FSV_BLOCK_SIZE $file 2>&1 >/dev/null | filter_output
- md5sum $file |& filter_output
-}
-
_fsv_scratch_begin_subtest "Enabling verity on file with verity already enabled fails with EEXIST"
_fsv_create_enable_file $fsv_file
echo "(trying again)"
@@ -94,7 +85,7 @@ verify_data_readable $fsv_file
_fsv_scratch_begin_subtest "Enabling verity can be interrupted"
dd if=/dev/zero of=$fsv_file bs=1 count=0 seek=$((1 << 34)) status=none
start_time=$(date +%s)
-$FSVERITY_PROG enable $fsv_file &
+$FSVERITY_PROG enable --block-size=$FSV_BLOCK_SIZE $fsv_file &
sleep 0.5
kill %1
wait
@@ -106,7 +97,7 @@ fi
_fsv_scratch_begin_subtest "Enabling verity on file with verity already being enabled fails with EBUSY"
dd if=/dev/zero of=$fsv_file bs=1 count=0 seek=$((1 << 34)) status=none
start_time=$(date +%s)
-$FSVERITY_PROG enable $fsv_file &
+$FSVERITY_PROG enable --block-size=$FSV_BLOCK_SIZE $fsv_file &
sleep 0.5
_fsv_enable $fsv_file |& filter_output
kill %1
@@ -129,7 +120,7 @@ verify_data_readable $fsv_file
_fsv_scratch_begin_subtest "verity file can be measured"
_fsv_create_enable_file $fsv_file >> $seqres.full
-_fsv_measure $fsv_file
+_fsv_measure $fsv_file | _filter_fsverity_digest
_fsv_scratch_begin_subtest "verity file can be renamed"
_fsv_create_enable_file $fsv_file
@@ -170,8 +161,8 @@ verify_data_readable $fsv_file
# Test files <= 1 block in size. These are a bit of a special case since there
# are no hash blocks; the root hash is calculated directly over the data block.
+_fsv_scratch_begin_subtest "verity on small files"
for size in 1 $((FSV_BLOCK_SIZE - 1)) $FSV_BLOCK_SIZE; do
- _fsv_scratch_begin_subtest "verity on $size-byte file"
head -c $size /dev/urandom > $fsv_orig_file
cp $fsv_orig_file $fsv_file
_fsv_enable $fsv_file
@@ -179,7 +170,7 @@ for size in 1 $((FSV_BLOCK_SIZE - 1)) $FSV_BLOCK_SIZE; do
rm -f $fsv_file
done
-_fsv_scratch_begin_subtest "verity on 100M file (multiple levels in hash tree)"
+_fsv_scratch_begin_subtest "verity on 100MB file (multiple levels in hash tree)"
head -c 100000000 /dev/urandom > $fsv_orig_file
cp $fsv_orig_file $fsv_file
_fsv_enable $fsv_file
@@ -39,7 +39,7 @@ bash: SCRATCH_MNT/file.fsv: Operation not permitted
# verity file can be read
# verity file can be measured
-sha256:be54121da3877f8852c65136d731784f134c4dd9d95071502e80d7be9f99b263
+sha256:<digest>
# verity file can be renamed
@@ -58,16 +58,12 @@ sha256:be54121da3877f8852c65136d731784f134c4dd9d95071502e80d7be9f99b263
# Trying to measure non-verity file fails with ENODATA
ERROR: FS_IOC_MEASURE_VERITY failed on 'SCRATCH_MNT/file.fsv': No data available
-# verity on 1-byte file
+# verity on small files
Files matched
-
-# verity on 4095-byte file
Files matched
-
-# verity on 4096-byte file
Files matched
-# verity on 100M file (multiple levels in hash tree)
+# verity on 100MB file (multiple levels in hash tree)
Files matched
# verity on sparse file