From f4f4f606718497a2f660cdb737b812e035f55311 Mon Sep 17 00:00:00 2001 From: "Joe Richey joerichey@google.com" Date: Tue, 23 May 2017 18:45:58 -0700 Subject: filesystem: creating the directories and files This commit adds in the filesystem subpackage. The goal of this package is to provide and interface for adding to and removing from the metadata storage for a given filesystem. This is primarily done in filesystem.go. To facilitate this functionality, mountpoint.go exposes an interface for querying the system about the current mounted filesystems and their information. Note that this operation is done with a lazy loading mechanism. To refer to other filesystems, we use link files that can be parsed by libblkid. The README is also updated to account for this new dependancy. This package uses the FSError type under the hood so that error messages will include the filesystem name, but callers can still check for specific error instances. Change-Id: I74fe4e84b8e3a5b73f1337c35307ffe0bf7cdea9 --- filesystem/filesystem_test.go | 297 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 297 insertions(+) create mode 100644 filesystem/filesystem_test.go (limited to 'filesystem/filesystem_test.go') diff --git a/filesystem/filesystem_test.go b/filesystem/filesystem_test.go new file mode 100644 index 0000000..31a131a --- /dev/null +++ b/filesystem/filesystem_test.go @@ -0,0 +1,297 @@ +/* + * filesystem_test.go - Tests for reading/writing metadata to disk. + * + * Copyright 2017 Google Inc. + * Author: Joe Richey (joerichey@google.com) + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ + +package filesystem + +import ( + "fmt" + "os" + "path/filepath" + "reflect" + "testing" + + . "fscrypt/crypto" + . "fscrypt/metadata" +) + +var ( + fakeProtectorKey, _ = NewRandomKey(InternalKeyLen) + fakePolicyKey, _ = NewRandomKey(PolicyKeyLen) + wrappedProtectorKey, _ = Wrap(fakeProtectorKey, fakeProtectorKey) + wrappedPolicyKey, _ = Wrap(fakeProtectorKey, fakePolicyKey) +) + +// Gets the mount corresponding to TEST_FILESYSTEM_ROOT +func getTestMount() (*Mount, error) { + mountpoint := os.Getenv("TEST_FILESYSTEM_ROOT") + if mountpoint == "" { + return nil, fmt.Errorf("set TEST_FILESYSTEM_ROOT to a mountpoint") + } + mnt, err := GetMount(mountpoint) + if err != nil { + return nil, fmt.Errorf("bad TEST_FILESYSTEM_ROOT: %s", err) + } + return mnt, nil +} + +func getFakeProtector() *ProtectorData { + return &ProtectorData{ + ProtectorDescriptor: "fedcba9876543210", + Name: "goodProtector", + Source: SourceType_raw_key, + WrappedKey: wrappedProtectorKey, + } +} + +func getFakePolicy() *PolicyData { + return &PolicyData{ + KeyDescriptor: "0123456789abcdef", + Options: DefaultOptions, + WrappedPolicyKeys: []*WrappedPolicyKey{ + &WrappedPolicyKey{ + ProtectorDescriptor: "fedcba9876543210", + WrappedKey: wrappedPolicyKey, + }, + }, + } +} + +// Gets the mount and sets it up +func getSetupMount() (*Mount, error) { + mnt, err := getTestMount() + if err != nil { + return nil, err + } + return mnt, mnt.Setup() +} + +// Tests that the setup works and creates the correct files +func TestSetup(t *testing.T) { + mnt, err := getSetupMount() + if err != nil { + t.Fatal(err) + } + + if !mnt.IsSetup() { + t.Error("filesystem is not setup") + } + + os.RemoveAll(mnt.baseDir()) +} + +// Tests that we can remove all of the metadata +func TestRemoveAllMetadata(t *testing.T) { + mnt, err := getSetupMount() + if err != nil { + t.Fatal(err) + } + + if err = mnt.RemoveAllMetadata(); err != nil { + t.Fatal(err) + } + + if isDir(mnt.baseDir()) { + t.Error("metadata was not removed") + } +} + +// Adding a good Protector should succeed, adding a bad one should fail +func TestAddProtector(t *testing.T) { + mnt, err := getSetupMount() + if err != nil { + t.Fatal(err) + } + defer mnt.RemoveAllMetadata() + + protector := getFakeProtector() + if err = mnt.AddProtector(protector); err != nil { + t.Error(err) + } + + // Change the source to bad one, or one that requires hashing costs + protector.Source = SourceType_default + if mnt.AddProtector(protector) == nil { + t.Error("bad source for a descriptor should make metadata invalid") + } + protector.Source = SourceType_custom_passphrase + if mnt.AddProtector(protector) == nil { + t.Error("protectors using passphrases should require hashing costs") + } + protector.Source = SourceType_raw_key + + // Use a bad wrapped key + protector.WrappedKey = wrappedPolicyKey + if mnt.AddProtector(protector) == nil { + t.Error("bad length for protector keys should make metadata invalid") + } + protector.WrappedKey = wrappedProtectorKey + + // Change the descriptor (to a bad length) + protector.ProtectorDescriptor = "abcde" + if mnt.AddProtector(protector) == nil { + t.Error("bad descriptor length should make metadata invalid") + } + +} + +// Adding a good Policy should succeed, adding a bad one should fail +func TestAddPolicy(t *testing.T) { + mnt, err := getSetupMount() + if err != nil { + t.Fatal(err) + } + defer mnt.RemoveAllMetadata() + + policy := getFakePolicy() + if err = mnt.AddPolicy(policy); err != nil { + t.Error(err) + } + + // Bad encryption options should make policy invalid + policy.Options.Padding = 7 + if mnt.AddPolicy(policy) == nil { + t.Error("padding not a power of 2 should make metadata invalid") + } + policy.Options.Padding = 16 + policy.Options.Filenames = EncryptionOptions_default + if mnt.AddPolicy(policy) == nil { + t.Error("encryption mode not set should make metadata invalid") + } + policy.Options.Filenames = EncryptionOptions_CTS + + // Use a bad wrapped key + policy.WrappedPolicyKeys[0].WrappedKey = wrappedProtectorKey + if mnt.AddPolicy(policy) == nil { + t.Error("bad length for policy keys should make metadata invalid") + } + policy.WrappedPolicyKeys[0].WrappedKey = wrappedPolicyKey + + // Change the descriptor (to a bad length) + policy.KeyDescriptor = "abcde" + if mnt.AddPolicy(policy) == nil { + t.Error("bad descriptor length should make metadata invalid") + } +} + +// Tests that we can set a policy and get it back +func TestSetPolicy(t *testing.T) { + mnt, err := getSetupMount() + if err != nil { + t.Fatal(err) + } + defer mnt.RemoveAllMetadata() + + policy := getFakePolicy() + if err = mnt.AddPolicy(policy); err != nil { + t.Fatal(err) + } + + realPolicy, err := mnt.GetPolicy(policy.KeyDescriptor) + if err != nil { + t.Fatal(err) + } + + if !reflect.DeepEqual(realPolicy, policy) { + t.Errorf("policy %+v does not equal expected policy %+v", realPolicy, policy) + } + +} + +// Tests that we can set a normal protector and get it back +func TestSetProtector(t *testing.T) { + mnt, err := getSetupMount() + if err != nil { + t.Fatal(err) + } + defer mnt.RemoveAllMetadata() + + protector := getFakeProtector() + if err = mnt.AddProtector(protector); err != nil { + t.Fatal(err) + } + + realProtector, err := mnt.GetRegularProtector(protector.ProtectorDescriptor) + if err != nil { + t.Fatal(err) + } + + if !reflect.DeepEqual(realProtector, protector) { + t.Errorf("protector %+v does not equal expected protector %+v", realProtector, protector) + } +} + +// Gets a setup mount and a fake second mount +func getTwoSetupMounts() (realMnt, fakeMnt *Mount, err error) { + if realMnt, err = getSetupMount(); err != nil { + return + } + + // Create and setup a fake filesystem + fakeMountpoint := filepath.Join(realMnt.Path, "fake") + if err = os.MkdirAll(fakeMountpoint, basePermissions); err != nil { + return + } + fakeMnt = &Mount{Path: fakeMountpoint} + err = fakeMnt.Setup() + return +} + +// Removes all the data from the fake and real filesystems +func cleanupTwoMounts(realMnt, fakeMnt *Mount) { + realMnt.RemoveAllMetadata() + os.RemoveAll(fakeMnt.Path) +} + +// Tests that we can set a linked protector and get it back +func TestLinkedProtector(t *testing.T) { + realMnt, fakeMnt, err := getTwoSetupMounts() + if err != nil { + t.Fatal(err) + } + defer cleanupTwoMounts(realMnt, fakeMnt) + + // Add the protector to the first filesystem + protector := getFakeProtector() + if err = realMnt.AddProtector(protector); err != nil { + t.Fatal(err) + } + + // Add the link to the second filesystem + if err = fakeMnt.AddLinkedProtector(protector.ProtectorDescriptor, realMnt); err != nil { + t.Fatal(err) + } + + // Get the protector though the second system + _, err = fakeMnt.GetRegularProtector(protector.ProtectorDescriptor) + if err == nil || err.(FSError).Err != ErrNoMetadata { + t.Fatal(err) + } + + retMnt, retProtector, err := fakeMnt.GetLinkedProtector(protector.ProtectorDescriptor) + if err != nil { + t.Fatal(err) + } + if retMnt != realMnt { + t.Error("mount returned was incorrect") + } + + if !reflect.DeepEqual(retProtector, protector) { + t.Errorf("protector %+v does not equal expected protector %+v", retProtector, protector) + } +} -- cgit v1.2.3