From: Boris Burkov <boris@bur.io>
To: Eric Biggers <ebiggers@kernel.org>
Cc: fstests@vger.kernel.org, linux-fscrypt@vger.kernel.org,
linux-btrfs@vger.kernel.org, kernel-team@fb.com
Subject: Re: [PATCH v6 1/4] btrfs: test btrfs specific fsverity corruption
Date: Tue, 15 Mar 2022 15:02:02 -0700 [thread overview]
Message-ID: <YjEM2k/UFOLar3ix@zen> (raw)
In-Reply-To: <Yi/Wq/e7qv0jcQIb@gmail.com>
On Mon, Mar 14, 2022 at 11:58:35PM +0000, Eric Biggers wrote:
> On Mon, Feb 14, 2022 at 04:09:55PM -0800, Boris Burkov wrote:
> > diff --git a/common/verity b/common/verity
> > index 38eea157..eec8ae72 100644
> > --- a/common/verity
> > +++ b/common/verity
> > @@ -3,6 +3,8 @@
> > #
> > # Functions for setting up and testing fs-verity
> >
> > +. common/btrfs
>
> Why does common/btrfs need to be included here?
To get _require_btrfs_corrupt_block. I can move that in here, as it
doesn't have any non-verity use case in btrfs tests yet. But it should
probably stay a named function rather than get rolled into
require_fsverity_corruption if I make btrfs/290 use it directly (which I
think is a good suggestion).
>
> > +# Check for userspace tools needed to corrupt verity data or metadata.
> > +_require_fsverity_corruption()
> > +{
> > + _require_xfs_io_command "fiemap"
> > + if [ $FSTYP == "btrfs" ]; then
> > + _require_btrfs_corrupt_block
> > + fi
> > +}
>
> Which function(s), specifically, is this function a prerequisite for? Based on
> the name, it sounds like it would be a prerequisite for calling
> _fsv_scratch_corrupt_bytes() and _fsv_scratch_corrupt_merkle_tree(). But that's
> apparently not the case, seeing as generic/576 calls
> _fsv_scratch_corrupt_bytes() but doesn't call _require_fsverity_corruption(),
> and your new test btrfs/290 calls _require_fsverity_corruption() but doesn't
> call either _fsv_scratch_corrupt_bytes() or _fsv_scratch_corrupt_merkle_tree().
>
> So, the purpose of this function is unclear.
>
> Perhaps it should be a prerequisite for all _fsv_scratch_corrupt*() functions,
> and btrfs/290 should check for btrfs-corrupt-block directly?
My intent was for it to be a requirement for _fsv_scratch_corrupt_bytes
and _fsv_scratch_corrupt_merkle_tree, but I missed 576, since I was
testing with btrfs and that doesn't have transparent encryption. Apologies
for missing that test. I'll make _require_fsverity_corruption 1:1 with
_fsv_scratch_corrupt_bytes. However, I believe I still need
btrfs_corrupt_block here, since that is part of the "generic" corruption
for btrfs.
>
> - Eric
next prev parent reply other threads:[~2022-03-15 22:02 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-15 0:09 [PATCH v6 0/4] tests for btrfs fsverity Boris Burkov
2022-02-15 0:09 ` [PATCH v6 1/4] btrfs: test btrfs specific fsverity corruption Boris Burkov
2022-03-14 23:58 ` Eric Biggers
2022-03-15 22:02 ` Boris Burkov [this message]
2022-02-15 0:09 ` [PATCH v6 2/4] generic/574: corrupt btrfs merkle tree data Boris Burkov
2022-03-15 0:00 ` Eric Biggers
2022-02-15 0:09 ` [PATCH v6 3/4] btrfs: test verity orphans with dmlogwrites Boris Burkov
2022-02-15 0:09 ` [PATCH v6 4/4] generic: test fs-verity EFBIG scenarios Boris Burkov
2022-03-15 2:16 ` Eric Biggers
2022-03-15 22:06 ` Boris Burkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YjEM2k/UFOLar3ix@zen \
--to=boris@bur.io \
--cc=ebiggers@kernel.org \
--cc=fstests@vger.kernel.org \
--cc=kernel-team@fb.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).