Merge pull request #3331 from cgwalters/verity-no-verity

checkout: Only verify digest if repo requires fsverity

src/libostree/ostree-repo-checkout.c

@@ -1346,9 +1346,14 @@ ostree_repo_checkout_composefs (OstreeRepo *self, GVariant *options, int destina
   if (!ostree_composefs_target_write (target, tmpf.fd, &fsverity_digest, cancellable, error))
     return FALSE;
 
-  /* If the commit specified a composefs digest, verify it */
+  /* If the commit specified a composefs digest and the target is known to have fsverity,
+   * then double check our ouptut.
+   */
+  if (verity == OT_TRISTATE_YES)
+    {
       if (!compare_verity_digests (metadata_composefs, fsverity_digest, error))
         return FALSE;
+    }
 
   if (!glnx_fchmod (tmpf.fd, 0644, error))
     return FALSE;

tests/inst/src/composefs.rs

@@ -153,7 +153,7 @@ pub(crate) fn itest_composefs() -> Result<()> {
                 return Ok(());
             }
             {
-                let fstype = cmd!(sh, "stat -f / -c %T").read()?;
+                let fstype = cmd!(sh, "stat -f /sysroot -c %T").read()?;
                 if fstype.trim() == "xfs" {
                     println!("SKIP no xfs fsverity yet");
                     return Ok(());

tests/kolainst/destructive/bootupd-static.sh

@@ -1,36 +0,0 @@
-#!/bin/bash
-set -xeuo pipefail
-
-. ${KOLA_EXT_DATA}/libinsttest.sh
-
-require_writable_sysroot
-prepare_tmpdir
-
-bootupd_state=/boot/bootupd-state.json
-mount -o remount,rw /boot
-if grep -qFe "\"static-configs\"" "${bootupd_state}"; then
-    echo "Host is using static configs already, overriding this"
-    jq --compact-output '.["static-configs"] = null' < "${bootupd_state}" > "${bootupd_state}".new
-    mv "${bootupd_state}.new" "${bootupd_state}"
-fi
-
-# Print the current value for reference, it's "none" on FCOS derivatives
-ostree config get sysroot.bootloader || true
-ostree config set sysroot.bootloader auto
-
-ostree admin deploy --stage "${host_commit}"
-systemctl stop ostree-finalize-staged.service
-used_bootloader=$(journalctl -u ostree-finalize-staged -o json MESSAGE_ID=dd440e3e549083b63d0efc7dc15255f1 | tail -1 | jq -r .OSTREE_BOOTLOADER)
-# We're verifying the legacy default now
-assert_streq "${used_bootloader}" "grub2"
-ostree admin undeploy 0
-
-# Now synthesize a bootupd config which uses static configs
-jq '. + {"static-configs": {}}' < "${bootupd_state}"  > "${bootupd_state}".new
-mv "${bootupd_state}.new" "${bootupd_state}"
-ostree admin deploy --stage "${host_commit}"
-systemctl stop ostree-finalize-staged.service
-used_bootloader=$(journalctl -u ostree-finalize-staged -o json MESSAGE_ID=dd440e3e549083b63d0efc7dc15255f1 | tail -1 | jq -r .OSTREE_BOOTLOADER)
-assert_streq "${used_bootloader}" "none"
-
-echo "ok bootupd static"

tests/test-composefs.sh

@@ -62,4 +62,14 @@ composefs-info dump test2-co-noverity.cfs > dump.txt
 assert_file_has_content_literal dump.txt '/baz/cow 4 100644 1 0 0 0 0.0 f6/a517d53831a40cff3886a965c70d57aa50797a8e5ea965b2c49cc575a6ff51.file - -'
 tap_ok "checkout composefs noverity"
 
+# Test with a corrupted composefs digest
+$OSTREE commit ${COMMIT_ARGS} -b test-composefs-bad-digest --tree=ref=test-composefs \
+    '--add-metadata=ostree.composefs.digest.v0=[byte 0x13, 0xae, 0xae, 0xed, 0xc0, 0x34, 0xd1, 0x39, 0xef, 0xfc, 0xd6, 0x6f, 0xe3, 0xdb, 0x08, 0xd3, 0x32, 0x8a, 0xec, 0x2f, 0x02, 0xc5
+, 0xa7, 0x8a, 0xee, 0xa6, 0x0f, 0x34, 0x6d, 0x7a, 0x22, 0x6d]'
+if $OSTREE checkout --composefs test-composefs-bad-digest test2-co.cfs 2>err.txt; then
+    fatal "checked out composefs with mismatched digest"
+fi
+assert_file_has_content_literal err.txt "doesn't match expected digest"
+tap_ok "checkout composefs bad digest"
+
 tap_end