mirror of
https://github.com/linux-apfs/apfstests.git
synced 2026-05-01 15:01:44 -07:00
Eric Biggers
856f357c6a
Unexpectedly, 'xfs_io -f $file -c "pwrite 0 1M"' exits with failure status if the file can't be created, but exits with success status if an error occurs actually writing data. As discussed previously, xfs_io's exit status has always been broken, and it will be difficult to fix: https://marc.info/?l=linux-xfs&m=151269053129101&w=2 Because of this, generic/399 fails on ext4 if "-I 256" (256-byte inodes) is specified in the mkfs options, e.g. with 'kvm-xfstests -c ext4/adv generic/399'. This is because the test tries to fill a filesystem entirely with 1 MiB encrypted files, and it expects the xfs_io commands to start failing when no more files should be able to fit. But when the filesystem supports in-inode xattrs, no blocks need to be allocated for the encryption xattrs, so empty encrypted files can continue to be created even after all the filesystem's blocks are in-use. For better or worse, the convention for xfstests is to ignore the exit status of xfs_io and instead rely on the printed error messages. Thus, other tests don't run into this problem. So for now, let's fix the test failure by making generic/399 do the same. Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Eryu Guan <guaneryu@gmail.com> Signed-off-by: Eryu Guan <guaneryu@gmail.com>
158 lines
5.2 KiB
Bash
Executable File
158 lines
5.2 KiB
Bash
Executable File
#! /bin/bash
|
|
# SPDX-License-Identifier: GPL-2.0
|
|
# Copyright (c) 2016 Google, Inc. All Rights Reserved.
|
|
#
|
|
# FS QA Test generic/399
|
|
#
|
|
# Check for weaknesses in filesystem encryption involving the same ciphertext
|
|
# being repeated. For file contents, we fill a small filesystem with large
|
|
# files of 0's and verify the filesystem is incompressible. For filenames, we
|
|
# create an identical symlink in two different directories and verify the
|
|
# ciphertext filenames and symlink targets are different.
|
|
#
|
|
# This test can detect some basic cryptographic mistakes such as nonce reuse
|
|
# (across files), initialization vector reuse (across blocks), or data somehow
|
|
# being left in plaintext by accident. For example, it detects the
|
|
# initialization vector reuse bug fixed in commit 02fc59a0d28f ("f2fs/crypto:
|
|
# fix xts_tweak initialization").
|
|
#
|
|
seq=`basename $0`
|
|
seqres=$RESULT_DIR/$seq
|
|
echo "QA output created by $seq"
|
|
|
|
here=`pwd`
|
|
tmp=/tmp/$$
|
|
status=1 # failure is the default!
|
|
trap "_cleanup; exit \$status" 0 1 2 3 15
|
|
|
|
_cleanup()
|
|
{
|
|
cd /
|
|
rm -f $tmp.*
|
|
}
|
|
|
|
# get standard environment, filters and checks
|
|
. ./common/rc
|
|
. ./common/filter
|
|
. ./common/encrypt
|
|
|
|
# remove previous $seqres.full before test
|
|
rm -f $seqres.full
|
|
|
|
# real QA test starts here
|
|
_supported_fs generic
|
|
_supported_os Linux
|
|
_require_scratch_encryption
|
|
_require_command "$XZ_PROG" xz
|
|
_require_command "$KEYCTL_PROG" keyctl
|
|
|
|
_new_session_keyring
|
|
|
|
#
|
|
# Set up a small filesystem containing an encrypted directory. 64 MB is enough
|
|
# for both ext4 and f2fs (f2fs doesn't support a 32 MB filesystem). Before
|
|
# creating the filesystem, zero out the needed portion of the device so that
|
|
# existing data on the device doesn't contribute to the compressed size.
|
|
#
|
|
fs_size_in_mb=64
|
|
fs_size=$((fs_size_in_mb * 1024 * 1024))
|
|
dd if=/dev/zero of=$SCRATCH_DEV bs=$((1024 * 1024)) \
|
|
count=$fs_size_in_mb &>> $seqres.full
|
|
_scratch_mkfs_sized_encrypted $fs_size &>> $seqres.full
|
|
_scratch_mount
|
|
|
|
keydesc=$(_generate_encryption_key)
|
|
mkdir $SCRATCH_MNT/encrypted_dir
|
|
_set_encpolicy $SCRATCH_MNT/encrypted_dir $keydesc
|
|
|
|
# Create the "same" symlink in two different directories.
|
|
# Later we'll check both the name and target of the symlink.
|
|
mkdir $SCRATCH_MNT/encrypted_dir/subdir1
|
|
mkdir $SCRATCH_MNT/encrypted_dir/subdir2
|
|
ln -s symlink_target $SCRATCH_MNT/encrypted_dir/subdir1/symlink
|
|
ln -s symlink_target $SCRATCH_MNT/encrypted_dir/subdir2/symlink
|
|
|
|
#
|
|
# Write files of 1 MB of all the same byte until we hit ENOSPC. Note that we
|
|
# must not create sparse files, since the contents of sparse files are not
|
|
# stored on-disk. Also, we create multiple files rather than one big file
|
|
# because we want to test for reuse of per-file keys.
|
|
#
|
|
total_file_size=0
|
|
i=1
|
|
while true; do
|
|
file=$SCRATCH_MNT/encrypted_dir/file$i
|
|
|
|
$XFS_IO_PROG -f $file -c 'pwrite 0 1M' &> $tmp.out
|
|
echo "Writing $file..." >> $seqres.full
|
|
cat $tmp.out >> $seqres.full
|
|
|
|
file_size=0
|
|
if [ -e $file ]; then
|
|
file_size=$(stat -c %s $file)
|
|
fi
|
|
|
|
# We shouldn't have been able to write more data than we had space for.
|
|
(( total_file_size += file_size ))
|
|
if (( total_file_size > fs_size )); then
|
|
_fail "Wrote $total_file_size bytes but should have only" \
|
|
"had space for $fs_size bytes at most!"
|
|
fi
|
|
|
|
# Stop if we hit ENOSPC.
|
|
if grep -q 'No space left on device' $tmp.out; then
|
|
break
|
|
fi
|
|
|
|
# Otherwise the file should have been successfully created.
|
|
if [ ! -e $file ]; then
|
|
_fail "$file failed to be created, but the fs isn't out of space yet!"
|
|
fi
|
|
if (( file_size != 1024 * 1024 )); then
|
|
_fail "Size of $file is wrong (possible write error?)." \
|
|
"Got $file_size, expected 1 MiB"
|
|
fi
|
|
(( i++ ))
|
|
done
|
|
|
|
#
|
|
# Unmount the filesystem and compute its compressed size. It must be no smaller
|
|
# than the amount of data that was written; otherwise there was a compromise in
|
|
# the confidentiality of the data. False positives should not be possible
|
|
# because filesystem metadata will also contribute to the compressed size.
|
|
#
|
|
# Note: it's important to use a strong compressor such as xz which can detect
|
|
# redundancy across most or all of the filesystem. We run xz with a 64 MB
|
|
# sliding window but use some custom settings to make it faster and use less
|
|
# memory than the '-9' preset. The memory needed with our settings will be
|
|
# 64 * 6.5 = 416 MB; see xz(1).
|
|
#
|
|
_unlink_encryption_key $keydesc
|
|
_scratch_unmount
|
|
fs_compressed_size=$(head -c $fs_size $SCRATCH_DEV | \
|
|
xz --lzma2=dict=64M,mf=hc4,mode=fast,nice=16 | \
|
|
wc -c)
|
|
|
|
if (( $fs_compressed_size < $total_file_size )); then
|
|
echo "FAIL: filesystem was compressible" \
|
|
"($total_file_size bytes => $fs_compressed_size bytes)"
|
|
else
|
|
echo "PASS: ciphertexts were not repeated for contents"
|
|
fi
|
|
|
|
# Verify that encrypted filenames and symlink targets were not reused. Note
|
|
# that since the ciphertexts should be unpredictable, we cannot simply include
|
|
# the expected names in the expected output file.
|
|
_scratch_mount
|
|
find $SCRATCH_MNT/encrypted_dir -type l | wc -l
|
|
link1=$(find $SCRATCH_MNT/encrypted_dir -type l | head -1)
|
|
link2=$(find $SCRATCH_MNT/encrypted_dir -type l | tail -1)
|
|
[ $(basename $link1) = $(basename $link2) ] && \
|
|
echo "Encrypted filenames were reused!"
|
|
[ $(readlink $link1) = $(readlink $link2) ] && \
|
|
echo "Encrypted symlink targets were reused!"
|
|
|
|
# success, all done
|
|
status=0
|
|
exit
|