Add verity tests for stat, deleted/renamed file

PiperOrigin-RevId: 370219558
author: Chong Cai <chongc@google.com> 2021-04-23 23:58:56 -0700
committer: gVisor bot <gvisor-bot@google.com> 2021-04-24 00:00:55 -0700
commit: bf64560681182b0024790f683f4c9aea142e70c5 (patch)
tree: e628aeb7895137035bdd3abd4be49f301fcb2010 /test
parent: f373f67048e2566af7fb5eaa68c3bec11607010a (diff)
1 files changed, 67 insertions, 0 deletions
diff --git a/test/syscalls/linux/verity_ioctl.cc b/test/syscalls/linux/verity_ioctl.cc
index 48c69ead3..822e16f3c 100644
--- a/test/syscalls/linux/verity_ioctl.cc
+++ b/test/syscalls/linux/verity_ioctl.cc
@@ -15,6 +15,7 @@
 #include <stdint.h>
 #include <stdlib.h>
 #include <sys/mount.h>
+#include <sys/stat.h>
 #include <time.h>
 
 #include <iomanip>
@@ -272,6 +273,72 @@ TEST_F(IoctlTest, ModifiedDirMerkle) {
               SyscallFailsWithErrno(EIO));
 }
 
+TEST_F(IoctlTest, Stat) {
+  std::string verity_dir =
+      ASSERT_NO_ERRNO_AND_VALUE(MountVerity(tmpfs_dir_.path(), filename_));
+
+  struct stat st;
+  EXPECT_THAT(stat(JoinPath(verity_dir, filename_).c_str(), &st),
+              SyscallSucceeds());
+}
+
+TEST_F(IoctlTest, ModifiedStat) {
+  std::string verity_dir =
+      ASSERT_NO_ERRNO_AND_VALUE(MountVerity(tmpfs_dir_.path(), filename_));
+
+  EXPECT_THAT(chmod(JoinPath(tmpfs_dir_.path(), filename_).c_str(), 0644),
+              SyscallSucceeds());
+  struct stat st;
+  EXPECT_THAT(stat(JoinPath(verity_dir, filename_).c_str(), &st),
+              SyscallFailsWithErrno(EIO));
+}
+
+TEST_F(IoctlTest, DeleteFile) {
+  std::string verity_dir =
+      ASSERT_NO_ERRNO_AND_VALUE(MountVerity(tmpfs_dir_.path(), filename_));
+
+  EXPECT_THAT(unlink(JoinPath(tmpfs_dir_.path(), filename_).c_str()),
+              SyscallSucceeds());
+  EXPECT_THAT(open(JoinPath(verity_dir, filename_).c_str(), O_RDONLY, 0777),
+              SyscallFailsWithErrno(EIO));
+}
+
+TEST_F(IoctlTest, DeleteMerkle) {
+  std::string verity_dir =
+      ASSERT_NO_ERRNO_AND_VALUE(MountVerity(tmpfs_dir_.path(), filename_));
+
+  EXPECT_THAT(
+      unlink(MerklePath(JoinPath(tmpfs_dir_.path(), filename_)).c_str()),
+      SyscallSucceeds());
+  EXPECT_THAT(open(JoinPath(verity_dir, filename_).c_str(), O_RDONLY, 0777),
+              SyscallFailsWithErrno(EIO));
+}
+
+TEST_F(IoctlTest, RenameFile) {
+  std::string verity_dir =
+      ASSERT_NO_ERRNO_AND_VALUE(MountVerity(tmpfs_dir_.path(), filename_));
+
+  std::string new_file_name = "renamed-" + filename_;
+  EXPECT_THAT(rename(JoinPath(tmpfs_dir_.path(), filename_).c_str(),
+                     JoinPath(tmpfs_dir_.path(), new_file_name).c_str()),
+              SyscallSucceeds());
+  EXPECT_THAT(open(JoinPath(verity_dir, filename_).c_str(), O_RDONLY, 0777),
+              SyscallFailsWithErrno(EIO));
+}
+
+TEST_F(IoctlTest, RenameMerkle) {
+  std::string verity_dir =
+      ASSERT_NO_ERRNO_AND_VALUE(MountVerity(tmpfs_dir_.path(), filename_));
+
+  std::string new_file_name = "renamed-" + filename_;
+  EXPECT_THAT(
+      rename(MerklePath(JoinPath(tmpfs_dir_.path(), filename_)).c_str(),
+             MerklePath(JoinPath(tmpfs_dir_.path(), new_file_name)).c_str()),
+      SyscallSucceeds());
+  EXPECT_THAT(open(JoinPath(verity_dir, filename_).c_str(), O_RDONLY, 0777),
+              SyscallFailsWithErrno(EIO));
+}
+
 }  // namespace
 
 }  // namespace testing
author	Chong Cai <chongc@google.com>	2021-04-23 23:58:56 -0700
committer	gVisor bot <gvisor-bot@google.com>	2021-04-24 00:00:55 -0700
commit	bf64560681182b0024790f683f4c9aea142e70c5 (patch)
tree	e628aeb7895137035bdd3abd4be49f301fcb2010 /test
parent	f373f67048e2566af7fb5eaa68c3bec11607010a (diff)