There are some testcases use below two kind of commands to get file
size, generalize the second way as global function _get_filesize()
to simply codes.
1. ls -l $1 | $AWK_PROG '{print $5}'
2. stat -c %s $1
Signed-off-by: Chao Yu <yuchao0@huawei.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Most of the fs-verity tests fail if the fs.verity.require_signatures
sysctl has been set to 1. Update them to set this sysctl to 0 at the
beginning of the test and restore it to its previous value at the end.
generic/577 intentionally sets this sysctl to 1. Make it restore the
previous value at the end of the test rather than assuming it was 0.
Also simplify _require_fsverity_builtin_signatures() to just check for
the presence of the file /proc/sys/fs/verity/require_signatures rather
than check whether the fs-verity keyring is listed in /proc/keys.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add a basic test for the fs-verity built-in signature verification
support, which is an optional feature where the kernel can be configured
to enforce that all verity files are accompanied with a valid signature
by a key that has been loaded into the fs-verity keyring.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add common functions for setting up and testing fs-verity. fs-verity is
an ext4 and f2fs filesystem feature which provides Merkle tree based
hashing (similar to dm-verity) for individual read-only files, mainly
for the purpose of efficient authenticity verification. Other
filesystems may add fs-verity support later, using the same API.
Running the fs-verity tests will require:
- Kernel v5.4-rc1 or later configured with CONFIG_FS_VERITY=y
- The 'fsverity' utility program from
https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git
- e2fsprogs v1.45.2 or later for ext4 tests, or f2fs-tools v1.11.0 or
later for f2fs tests
Some individual tests will have additional requirements.
For more information about fs-verity, see
https://www.kernel.org/doc/html/latest/filesystems/fsverity.html
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Chao Yu
Eric Biggers