Add verity getdents tests

PiperOrigin-RevId: 376001603
author: Chong Cai <chongc@google.com> 2021-05-26 12:19:11 -0700
committer: gVisor bot <gvisor-bot@google.com> 2021-05-26 12:23:14 -0700
commit: 9fcc44f991203343438b489389c2b861040086ac (patch)
tree: f8e05f6e093838a11b5be204095c9f6110ca327f /pkg/sentry/fsimpl/verity
parent: c006b9b1c813089f22ae979fb3198227be25c20a (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/pkg/sentry/fsimpl/verity/verity.go b/pkg/sentry/fsimpl/verity/verity.go
index fa7696ad6..969003613 100644
--- a/pkg/sentry/fsimpl/verity/verity.go
+++ b/pkg/sentry/fsimpl/verity/verity.go
@@ -868,6 +868,10 @@ func (fd *fileDescription) IterDirents(ctx context.Context, cb vfs.IterDirentsCa
 	fd.mu.Lock()
 	defer fd.mu.Unlock()
 
+	if _, err := fd.lowerFD.Seek(ctx, fd.off, linux.SEEK_SET); err != nil {
+		return err
+	}
+
 	var ds []vfs.Dirent
 	err := fd.lowerFD.IterDirents(ctx, vfs.IterDirentsCallbackFunc(func(dirent vfs.Dirent) error {
 		// Do not include the Merkle tree files.
@@ -890,8 +894,8 @@ func (fd *fileDescription) IterDirents(ctx context.Context, cb vfs.IterDirentsCa
 		return err
 	}
 
-	// The result should contain all children plus "." and "..".
-	if fd.d.verityEnabled() && len(ds) != len(fd.d.childrenNames)+2 {
+	// The result should be a part of all children plus "." and "..", counting from fd.off.
+	if fd.d.verityEnabled() && len(ds) != len(fd.d.childrenNames)+2-int(fd.off) {
 		return fd.d.fs.alertIntegrityViolation(fmt.Sprintf("Unexpected children number %d", len(ds)))
 	}
author	Chong Cai <chongc@google.com>	2021-05-26 12:19:11 -0700
committer	gVisor bot <gvisor-bot@google.com>	2021-05-26 12:23:14 -0700
commit	9fcc44f991203343438b489389c2b861040086ac (patch)
tree	f8e05f6e093838a11b5be204095c9f6110ca327f /pkg/sentry/fsimpl/verity
parent	c006b9b1c813089f22ae979fb3198227be25c20a (diff)