2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright 2018 Google LLC
5 # FS QA Test generic/574
7 # Test corrupting verity files. This test corrupts various parts of the
8 # contents of a verity file, or parts of its Merkle tree, by writing directly to
9 # the block device. It verifies that this causes I/O errors when the relevant
10 # part of the contents is later read by any means.
13 seqres=$RESULT_DIR/$seq
14 echo "QA output created by $seq"
18 status=1 # failure is the default!
19 trap "_cleanup; exit \$status" 0 1 2 3 15
24 _restore_fsverity_signatures
28 # get standard environment, filters and checks
33 # remove previous $seqres.full before test
36 # real QA test starts here
38 _require_scratch_verity
39 _disable_fsverity_signatures
41 _scratch_mkfs_verity &>> $seqres.full
43 fsv_orig_file=$SCRATCH_MNT/file
44 fsv_file=$SCRATCH_MNT/file.fsv
52 dd if=/dev/zero of=$fsv_orig_file bs=1 count=0 seek=$len \
55 head -c $len /dev/zero > $fsv_orig_file
57 cp $fsv_orig_file $fsv_file
59 md5sum $fsv_file |& _filter_scratch
64 sed -e 's/.*Bus error.*/Bus error/'
67 round_up_to_page_boundary()
70 local page_size=$(get_page_size)
72 echo $(( (n + page_size - 1) & ~(page_size - 1) ))
80 local is_merkle_tree=${4:-false} # if true, zap tree instead of data
81 local use_sparse_file=${5:-false}
82 local page_aligned_eof=$(round_up_to_page_boundary $file_len)
85 if $is_merkle_tree; then
86 local corrupt_func=_fsv_scratch_corrupt_merkle_tree
88 local corrupt_func=_fsv_scratch_corrupt_bytes
91 local msg="Corruption test:"
92 msg+=" file_len=$file_len"
93 if $use_sparse_file; then
96 msg+=" zap_offset=$zap_offset"
97 if $is_merkle_tree; then
98 msg+=" (in Merkle tree)"
100 msg+=" zap_len=$zap_len"
102 _fsv_scratch_begin_subtest "$msg"
103 setup_zeroed_file $file_len $use_sparse_file
104 cmp $fsv_file $fsv_orig_file
105 echo "Corrupting bytes..."
106 head -c $zap_len /dev/zero | tr '\0' X \
107 | $corrupt_func $fsv_file $zap_offset
109 echo "Validating corruption (reading full file)..."
111 md5sum $fsv_file |& _filter_scratch
113 echo "Validating corruption (direct I/O)..."
115 dd if=$fsv_file bs=$FSV_BLOCK_SIZE iflag=direct status=none \
116 of=/dev/null |& _filter_scratch
118 if ! $is_merkle_tree; then
119 echo "Validating corruption (reading just corrupted part)..."
120 dd if=$fsv_file bs=1 skip=$zap_offset count=$zap_len \
121 of=/dev/null status=none |& _filter_scratch
124 echo "Validating corruption (reading full file via mmap)..."
125 bash -c "trap '' SIGBUS; $XFS_IO_PROG -r $fsv_file \
126 -c 'mmap -r 0 $page_aligned_eof' \
127 -c 'mread 0 $file_len'" |& filter_sigbus
129 if ! $is_merkle_tree; then
130 echo "Validating corruption (reading just corrupted part via mmap)..."
131 bash -c "trap '' SIGBUS; $XFS_IO_PROG -r $fsv_file \
132 -c 'mmap -r 0 $page_aligned_eof' \
133 -c 'mread $zap_offset $zap_len'" |& filter_sigbus
137 # Note: these tests just overwrite some bytes without checking their original
138 # values. Therefore, make sure to overwrite at least 5 or so bytes, to make it
139 # nearly guaranteed that there will be a change -- even when the test file is
140 # encrypted due to the test_dummy_encryption mount option being specified.
142 corruption_test 131072 0 5
143 corruption_test 131072 4091 5
144 corruption_test 131072 65536 65536
145 corruption_test 131072 131067 5
147 # Non-zeroed bytes in the final partial block beyond EOF should cause reads to
148 # fail too. Such bytes would be visible via mmap().
149 corruption_test 130999 131000 72
151 # Merkle tree corruption.
152 corruption_test 200000 100 10 true
154 # Sparse file. Corrupting the Merkle tree should still cause reads to fail,
155 # i.e. the filesystem must verify holes.
156 corruption_test 200000 100 10 true true