fstests only supports Linux, so get rid of this unnecessary predicate.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
When the "test_dummy_encryption" mount option is specified, the
fs-verity file corruption test generic/574 is flaky; it fails about 1%
of the time. This happens because in the three test cases where a
single byte of the test file is corrupted, sometimes the new byte
happens to be the same as the original. This is specific to
test_dummy_encryption because the encrypted data is nondeterministic
(and appears random), unlike the unencrypted data.
Fix this by corrupting 5 bytes instead of 1, so that the probability of
failure becomes effectively zero.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Most of the fs-verity tests fail if the fs.verity.require_signatures
sysctl has been set to 1. Update them to set this sysctl to 0 at the
beginning of the test and restore it to its previous value at the end.
generic/577 intentionally sets this sysctl to 1. Make it restore the
previous value at the end of the test rather than assuming it was 0.
Also simplify _require_fsverity_builtin_signatures() to just check for
the presence of the file /proc/sys/fs/verity/require_signatures rather
than check whether the fs-verity keyring is listed in /proc/keys.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This test corrupts various parts of the contents of a verity file, or
parts of its Merkle tree, by writing directly to the block device. It
verifies that this causes I/O errors when the relevant part of the
contents is later read by any means.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Darrick J. Wong
Eric Biggers