Verify ciphertext for v2 encryption policies that use Adiantum to
encrypt file contents and file names.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Verify ciphertext for v2 encryption policies that use AES-128-CBC-ESSIV
to encrypt file contents and AES-128-CTS-CBC to encrypt file names.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Verify ciphertext for v2 encryption policies that use AES-256-XTS to
encrypt file contents and AES-256-CTS-CBC to encrypt file names.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Test non-root use of the fscrypt filesystem-level encryption keyring and
v2 encryption policies.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add a basic test of the fscrypt filesystem-level encryption keyring and
v2 encryption policies.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add a stress test for fs-verity. This tests enabling fs-verity on
multiple files concurrently with concurrent readers on those files
(with reads occurring before, during, and after the fs-verity
enablement), while fsstress is also running on the same filesystem.
I haven't seen any failures from running this on ext4 and f2fs.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add a test to make sure that we can handle multiple memory mappings to a
physical storage extent shared by multiple files, and that we can handle
the copy on write operation without error. Make sure we can also handle
mappings at different offsets in the page cache.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add a basic test for the fs-verity built-in signature verification
support, which is an optional feature where the kernel can be configured
to enforce that all verity files are accompanied with a valid signature
by a key that has been loaded into the fs-verity keyring.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This primarily verifies correct ordering of the hooks for each feature:
fscrypt needs to be first.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This test verifies that fs-verity is doing its Merkle tree-based hashing
correctly, i.e. that it hasn't been broken by a change.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This test corrupts various parts of the contents of a verity file, or
parts of its Merkle tree, by writing directly to the block device. It
verifies that this causes I/O errors when the relevant part of the
contents is later read by any means.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Test access controls on the fs-verity ioctls. FS_IOC_MEASURE_VERITY is
allowed on any file, whereas FS_IOC_ENABLE_VERITY requires write access.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This is a basic fs-verity test which verifies:
- conditions for enabling verity
- verity files have expected contents and size
- can't change contents of verity files, but can change metadata
- can retrieve a verity file's measurement via FS_IOC_MEASURE_VERITY
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
The actual lease test code has been added to src/locktest.c (see
previous commits), now create a new lease test script to drive the
test.
Signed-off-by: Ira Weiny <ira.weiny@intel.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
While active, the media backing a swap file is leased to the kernel.
Userspace has no business writing to it. Make sure we can't do this.
The two kernel patches titled as below should fix the bug:
mm: set S_SWAPFILE on blockdev swap devices
vfs: don't allow writes to swap files
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Allocating two bytes at a block boundary with fallocate should allocate
both blocks involved. Test this by writing data to both bytes
afterwards and see whether the on-disk size increases (it should not).
This is a regression test for the kernel patch "xfs: Fix tail rounding
in xfs_alloc_file_space()".
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
On file systems with a block size smaller than the page size, hole
punching can leave the pages at the beginning and the end of the
hole partially mapped to disk blocks. Make sure writes to those
pages are handled correctly.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This is a regression test that checks for xfs drivers that fail to
unlock the inode after changing the group id fails with EDQUOT. It
pairs with "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails
due to EDQUOT".
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Old kernels do not support cross-device copy_file_range.
This is a regression test for kernel commit:
5dae222a5ff0 vfs: allow copy_file_range to copy across devices
[Amir] Split out cross-device copy_range test to a new test and
_notrun if kernel/filesystem do not support cross-device copy_range.
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Test that copy_file_range will return the correct errors for various
error conditions and boundary constraints.
This is a regression test for kernel commit:
96e6e8f4a68d ("vfs: add missing checks to copy_file_range")
[Amir] Split out cross-device copy_range test and use only test dev.
Split out immutable/swapfile test cases to reduce the requirements to
run the bounds check to minimum and get coverage for more filesystems.
Remove the tests for read past EOF and write after chmod -r,
because we decided to stick with read(2)/write(2) semantics.
Add requirements needed for large size copy tests and fifo test.
Use existing char/block devices for char/block dev tests.
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Now that we run the test for all block device based file systems, there
is no reason to keep it out of generic.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Test that if we clone a file with some large extents into a file
that has many small extents, when the fs is nearly full, the clone
operation does not fail and produces the correct result.
This is motivated by a bug found in btrfs wich is fixed by the
following patches for the linux kernel:
[PATCH 1/2] Btrfs: factor out extent dropping code from hole punch handler
[PATCH 2/2] Btrfs: fix ENOSPC errors, leading to transaction aborts, when
cloning extents
The test currently passes on xfs.
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add _require_scratch_duperemove which validates that the file system
supports duperemove. This allows us to move three tests from shared/
to generic/. This means these tests will automatically adapt when
duperemove supports other file systems. Tests moved are:
shared/008 --> generic/559
shared/009 --> generic/560
shared/010 --> generic/561
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
The shared/006 uses _scratch_mkfs_sized to create a limited size
file system, and then creates inodes until it gets ENOSPC, and then
checks to make sure the file system is consistent. It then remounts
the file system, removes all of the files, and makes sure the file
system is consistent afterwards. This test was marked as only being
supported on ext[234] and xfs, and so it was in shared.
Now introduce a new _require_inode_limits() rule to run test on
filesystems that have a fixed inode number, then move the test to
generic.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Eric Biggers
Darrick J. Wong
Ira Weiny
Chao Yu
Max Reitz
Andreas Gruenbacher
Amir Goldstein
Christoph Hellwig
Filipe Manana
Theodore Ts'o