From: Eric Biggers <ebiggers@kernel.org>
To: fstests@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org, Jaegeuk Kim <jaegeuk@kernel.org>,
Theodore Ts'o <tytso@mit.edu>,
Victor Hsieh <victorhsieh@google.com>
Subject: [PATCH v2 2/4] generic: add helpers for dumping fs-verity metadata
Date: Wed, 24 Feb 2021 14:35:35 -0800 [thread overview]
Message-ID: <20210224223537.110491-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20210224223537.110491-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
In common/verity, add helper functions for dumping a file's fs-verity
metadata using the new FS_IOC_READ_VERITY_METADATA ioctl.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
common/verity | 36 ++++++++++++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/common/verity b/common/verity
index 9a182240..38eea157 100644
--- a/common/verity
+++ b/common/verity
@@ -120,6 +120,27 @@ _restore_fsverity_signatures()
fi
}
+# Require userspace and kernel support for 'fsverity dump_metadata'.
+# $1 must be a file with fs-verity enabled.
+_require_fsverity_dump_metadata()
+{
+ local verity_file=$1
+ local tmpfile=$tmp.require_fsverity_dump_metadata
+
+ if _fsv_dump_merkle_tree "$verity_file" 2>"$tmpfile" >/dev/null; then
+ return
+ fi
+ if grep -q "^ERROR: unrecognized command: 'dump_metadata'$" "$tmpfile"
+ then
+ _notrun "Missing 'fsverity dump_metadata' command"
+ fi
+ if grep -q "^ERROR: FS_IOC_READ_VERITY_METADATA failed on '.*': Inappropriate ioctl for device$" "$tmpfile"
+ then
+ _notrun "Kernel doesn't support FS_IOC_READ_VERITY_METADATA"
+ fi
+ _fail "Unexpected output from 'fsverity dump_metadata': $(<"$tmpfile")"
+}
+
_scratch_mkfs_verity()
{
case $FSTYP in
@@ -157,6 +178,21 @@ _fsv_scratch_begin_subtest()
echo -e "\n# $msg"
}
+_fsv_dump_merkle_tree()
+{
+ $FSVERITY_PROG dump_metadata merkle_tree "$@"
+}
+
+_fsv_dump_descriptor()
+{
+ $FSVERITY_PROG dump_metadata descriptor "$@"
+}
+
+_fsv_dump_signature()
+{
+ $FSVERITY_PROG dump_metadata signature "$@"
+}
+
_fsv_enable()
{
$FSVERITY_PROG enable "$@"
--
2.30.1
next prev parent reply other threads:[~2021-02-24 22:37 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-24 22:35 [PATCH v2 0/4] Test the FS_IOC_READ_VERITY_METADATA ioctl Eric Biggers
2021-02-24 22:35 ` [PATCH v2 1/4] generic: factor out helpers for fs-verity built-in signatures Eric Biggers
2021-02-24 22:35 ` Eric Biggers [this message]
2021-02-24 22:35 ` [PATCH v2 3/4] generic: test retrieving verity Merkle tree and descriptor Eric Biggers
2021-02-24 22:35 ` [PATCH v2 4/4] generic: test retrieving verity signature Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210224223537.110491-3-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=fstests@vger.kernel.org \
--cc=jaegeuk@kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=victorhsieh@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).