From 8edd055f41e26692e98d6b3af31a0dc9ca4b4790 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Vojt=C4=9Bch=20Eichler?= Date: Fri, 27 Aug 2021 10:48:27 +0200 Subject: [PATCH] tests: add tests for dm-verity support in mount --- tests/expected/mount/dm-verity | 1 + tests/ts/mount/dm-verity | 64 ++++++++++++++++++++++++++++++++++ 2 files changed, 65 insertions(+) create mode 100644 tests/expected/mount/dm-verity create mode 100755 tests/ts/mount/dm-verity diff --git a/tests/expected/mount/dm-verity b/tests/expected/mount/dm-verity new file mode 100644 index 0000000000..35821117c8 --- /dev/null +++ b/tests/expected/mount/dm-verity @@ -0,0 +1 @@ +Success diff --git a/tests/ts/mount/dm-verity b/tests/ts/mount/dm-verity new file mode 100755 index 0000000000..6f419656fa --- /dev/null +++ b/tests/ts/mount/dm-verity @@ -0,0 +1,64 @@ +#!/bin/bash + +# +# Copyright (C) 2021 Vojtech Eichler +# +# This file is part of util-linux. +# +# This file is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This file is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +TS_TOPDIR="${0%/*}/../.." +TS_DESC="dm-verity support" + +. $TS_TOPDIR/functions.sh +ts_init "$*" + +VERITY_OUTPUT="$TS_OUTPUT.log" +HASH_DEVICE="$TS_OUTDIR/dm-verity.hash" +SQUASHFS="$TS_OUTDIR/dm-verity.img" +VERITY_DEVICE="test_dm_verity" +VERITY_DEVICE_ABS="/dev/mapper/$VERITY_DEVICE" +ROOT_HASH_FILE="$TS_OUTDIR/root_hash_file.hash" + +ts_check_test_command "$TS_CMD_MOUNT" +ts_check_test_command "$TS_CMD_UMOUNT" + +ts_skip_nonroot +ts_check_prog "mksquashfs" +ts_check_prog "veritysetup" + +# Make a squashfs out of /etc and prepare verity device out of it +mksquashfs $TS_SELF $SQUASHFS &>/dev/null || ts_skip "error: mksquashfs on $TS_SELF" +veritysetup format $SQUASHFS $HASH_DEVICE > $VERITY_OUTPUT || ts_skip "cannot format $SQUASHFS" + +# Extract root hash out of veritysetup output +HASH=$(cat $VERITY_OUTPUT | awk '/Root hash:/ { print $3 }') || ts_die "error: extract hash" +echo $HASH > $ROOT_HASH_FILE +# Activate verity data device +veritysetup create $VERITY_DEVICE $SQUASHFS $HASH_DEVICE $HASH || ts_skip "cannot activate verity device" +[ -d "$TS_MOUNTPOINT" ] || mkdir -p $TS_MOUNTPOINT + +# Variant A - using verity.roothash +$TS_CMD_MOUNT -o verity.hashdevice=$HASH_DEVICE,verity.roothash=$HASH,verity.hashoffset=0 $VERITY_DEVICE_ABS\ + $TS_MOUNTPOINT || ts_die "error: mount" +$TS_CMD_UMOUNT -l $TS_MOUNTPOINT || ts_die "error: umount" + +# Variant B - using verity.roothashfile +$TS_CMD_MOUNT -o verity.hashdevice=$HASH_DEVICE,verity.roothashfile=$ROOT_HASH_FILE $VERITY_DEVICE_ABS\ + $TS_MOUNTPOINT || ts_die "error: mount" +$TS_CMD_UMOUNT -l $TS_MOUNTPOINT || ts_die "error: umount" + + +# Cleanup +dmsetup remove -f $VERITY_DEVICE + +ts_log "Success" +ts_finalize -- 2.47.2