2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright 2018 Google LLC
5 # FS QA Test generic/574
7 # Test corrupting verity files. This test corrupts various parts of the
8 # contents of a verity file, or parts of its Merkle tree, by writing directly to
9 # the block device. It verifies that this causes I/O errors when the relevant
10 # part of the contents is later read by any means.
13 _begin_fstest auto quick verity
15 # Override the default cleanup function.
19 _restore_fsverity_signatures
23 # Import common functions.
27 # real QA test starts here
29 _require_scratch_verity
30 _disable_fsverity_signatures
32 _scratch_mkfs_verity &>> $seqres.full
34 fsv_orig_file=$SCRATCH_MNT/file
35 fsv_file=$SCRATCH_MNT/file.fsv
43 dd if=/dev/zero of=$fsv_orig_file bs=1 count=0 seek=$len \
46 head -c $len /dev/zero > $fsv_orig_file
48 cp $fsv_orig_file $fsv_file
50 md5sum $fsv_file |& _filter_scratch
55 sed -e 's/.*Bus error.*/Bus error/'
58 round_up_to_page_boundary()
61 local page_size=$(get_page_size)
63 echo $(( (n + page_size - 1) & ~(page_size - 1) ))
71 local is_merkle_tree=${4:-false} # if true, zap tree instead of data
72 local use_sparse_file=${5:-false}
73 local page_aligned_eof=$(round_up_to_page_boundary $file_len)
76 if $is_merkle_tree; then
77 local corrupt_func=_fsv_scratch_corrupt_merkle_tree
79 local corrupt_func=_fsv_scratch_corrupt_bytes
82 local msg="Corruption test:"
83 msg+=" file_len=$file_len"
84 if $use_sparse_file; then
87 msg+=" zap_offset=$zap_offset"
88 if $is_merkle_tree; then
89 msg+=" (in Merkle tree)"
91 msg+=" zap_len=$zap_len"
93 _fsv_scratch_begin_subtest "$msg"
94 setup_zeroed_file $file_len $use_sparse_file
95 cmp $fsv_file $fsv_orig_file
96 echo "Corrupting bytes..."
97 head -c $zap_len /dev/zero | tr '\0' X \
98 | $corrupt_func $fsv_file $zap_offset
100 echo "Validating corruption (reading full file)..."
102 md5sum $fsv_file |& _filter_scratch
104 echo "Validating corruption (direct I/O)..."
106 dd if=$fsv_file bs=$FSV_BLOCK_SIZE iflag=direct status=none \
107 of=/dev/null |& _filter_scratch
109 if (( zap_offset < file_len )) && ! $is_merkle_tree; then
110 echo "Validating corruption (reading just corrupted part)..."
111 dd if=$fsv_file bs=1 skip=$zap_offset count=$zap_len \
112 of=/dev/null status=none |& _filter_scratch
115 echo "Validating corruption (reading full file via mmap)..."
116 bash -c "trap '' SIGBUS; $XFS_IO_PROG -r $fsv_file \
117 -c 'mmap -r 0 $page_aligned_eof' \
118 -c 'mread 0 $file_len'" |& filter_sigbus
120 if ! $is_merkle_tree; then
121 echo "Validating corruption (reading just corrupted part via mmap)..."
122 bash -c "trap '' SIGBUS; $XFS_IO_PROG -r $fsv_file \
123 -c 'mmap -r 0 $page_aligned_eof' \
124 -c 'mread $zap_offset $zap_len'" |& filter_sigbus
128 # Note: these tests just overwrite some bytes without checking their original
129 # values. Therefore, make sure to overwrite at least 5 or so bytes, to make it
130 # nearly guaranteed that there will be a change -- even when the test file is
131 # encrypted due to the test_dummy_encryption mount option being specified.
133 corruption_test 131072 0 5
134 corruption_test 131072 4091 5
135 corruption_test 131072 65536 65536
136 corruption_test 131072 131067 5
138 # Non-zeroed bytes in the final partial block beyond EOF should cause reads to
139 # fail too. Such bytes would be visible via mmap().
140 corruption_test 130999 131000 72
142 # Merkle tree corruption.
143 corruption_test 200000 100 10 true
145 # Sparse file. Corrupting the Merkle tree should still cause reads to fail,
146 # i.e. the filesystem must verify holes.
147 corruption_test 200000 100 10 true true