Rename --no-integrity-checks to --allow-integrity-violations

This commit is contained in:
Sebastian Messmer 2018-04-29 13:41:21 -07:00
parent a691fd03dc
commit f29e398e51
11 changed files with 49 additions and 49 deletions

View File

@ -95,7 +95,7 @@ void IntegrityBlockStore2::_checkNoPastIntegrityViolations() const {
} }
void IntegrityBlockStore2::integrityViolationDetected(const string &reason) const { void IntegrityBlockStore2::integrityViolationDetected(const string &reason) const {
if (_noIntegrityChecks) { if (_allowIntegrityViolations) {
LOG(WARN, "Integrity violation (but integrity checks are disabled): {}", reason); LOG(WARN, "Integrity violation (but integrity checks are disabled): {}", reason);
return; return;
} }
@ -103,8 +103,8 @@ void IntegrityBlockStore2::integrityViolationDetected(const string &reason) cons
throw IntegrityViolationError(reason); throw IntegrityViolationError(reason);
} }
IntegrityBlockStore2::IntegrityBlockStore2(unique_ref<BlockStore2> baseBlockStore, const boost::filesystem::path &integrityFilePath, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation) IntegrityBlockStore2::IntegrityBlockStore2(unique_ref<BlockStore2> baseBlockStore, const boost::filesystem::path &integrityFilePath, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation)
: _baseBlockStore(std::move(baseBlockStore)), _knownBlockVersions(integrityFilePath, myClientId), _noIntegrityChecks(noIntegrityChecks), _missingBlockIsIntegrityViolation(missingBlockIsIntegrityViolation), _integrityViolationDetected(false) { : _baseBlockStore(std::move(baseBlockStore)), _knownBlockVersions(integrityFilePath, myClientId), _allowIntegrityViolations(allowIntegrityViolations), _missingBlockIsIntegrityViolation(missingBlockIsIntegrityViolation), _integrityViolationDetected(false) {
} }
bool IntegrityBlockStore2::tryCreate(const BlockId &blockId, const Data &data) { bool IntegrityBlockStore2::tryCreate(const BlockId &blockId, const Data &data) {

View File

@ -16,7 +16,7 @@ namespace integrity {
// It depends on being used on top of an encrypted block store that protects integrity of the block contents (i.e. uses an authenticated cipher). // It depends on being used on top of an encrypted block store that protects integrity of the block contents (i.e. uses an authenticated cipher).
class IntegrityBlockStore2 final: public BlockStore2 { class IntegrityBlockStore2 final: public BlockStore2 {
public: public:
IntegrityBlockStore2(cpputils::unique_ref<BlockStore2> baseBlockStore, const boost::filesystem::path &integrityFilePath, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation); IntegrityBlockStore2(cpputils::unique_ref<BlockStore2> baseBlockStore, const boost::filesystem::path &integrityFilePath, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation);
bool tryCreate(const BlockId &blockId, const cpputils::Data &data) override; bool tryCreate(const BlockId &blockId, const cpputils::Data &data) override;
bool remove(const BlockId &blockId) override; bool remove(const BlockId &blockId) override;
@ -66,7 +66,7 @@ private:
cpputils::unique_ref<BlockStore2> _baseBlockStore; cpputils::unique_ref<BlockStore2> _baseBlockStore;
mutable KnownBlockVersions _knownBlockVersions; mutable KnownBlockVersions _knownBlockVersions;
const bool _noIntegrityChecks; const bool _allowIntegrityViolations;
const bool _missingBlockIsIntegrityViolation; const bool _missingBlockIsIntegrityViolation;
mutable bool _integrityViolationDetected; mutable bool _integrityViolationDetected;

View File

@ -235,7 +235,7 @@ namespace cryfs {
auto blockStore = make_unique_ref<OnDiskBlockStore2>(options.baseDir()); auto blockStore = make_unique_ref<OnDiskBlockStore2>(options.baseDir());
auto config = _loadOrCreateConfig(options, localStateDir); auto config = _loadOrCreateConfig(options, localStateDir);
CryDevice device(std::move(config.configFile), std::move(blockStore), std::move(localStateDir), config.myClientId, CryDevice device(std::move(config.configFile), std::move(blockStore), std::move(localStateDir), config.myClientId,
options.noIntegrityChecks(), config.configFile.config()->missingBlockIsIntegrityViolation()); options.allowIntegrityViolations(), config.configFile.config()->missingBlockIsIntegrityViolation());
_sanityCheckFilesystem(&device); _sanityCheckFilesystem(&device);
fspp::FilesystemImpl fsimpl(&device); fspp::FilesystemImpl fsimpl(&device);
fspp::fuse::Fuse fuse(&fsimpl, "cryfs", "cryfs@" + options.baseDir().native()); fspp::fuse::Fuse fuse(&fsimpl, "cryfs", "cryfs@" + options.baseDir().native());

View File

@ -79,7 +79,7 @@ ProgramOptions Parser::parse(const vector<string> &supportedCiphers) const {
if (vm.count("blocksize")) { if (vm.count("blocksize")) {
blocksizeBytes = vm["blocksize"].as<uint32_t>(); blocksizeBytes = vm["blocksize"].as<uint32_t>();
} }
bool noIntegrityChecks = vm.count("no-integrity-checks"); bool allowIntegrityViolations = vm.count("allow-integrity-violations");
optional<bool> missingBlockIsIntegrityViolation = none; optional<bool> missingBlockIsIntegrityViolation = none;
if (vm.count("missing-block-is-integrity-violation")) { if (vm.count("missing-block-is-integrity-violation")) {
missingBlockIsIntegrityViolation = vm["missing-block-is-integrity-violation"].as<bool>(); missingBlockIsIntegrityViolation = vm["missing-block-is-integrity-violation"].as<bool>();
@ -95,7 +95,7 @@ ProgramOptions Parser::parse(const vector<string> &supportedCiphers) const {
} }
} }
return ProgramOptions(std::move(baseDir), std::move(mountDir), std::move(configfile), foreground, allowFilesystemUpgrade, allowReplacedFilesystem, std::move(unmountAfterIdleMinutes), std::move(logfile), std::move(cipher), blocksizeBytes, noIntegrityChecks, std::move(missingBlockIsIntegrityViolation), std::move(fuseOptions)); return ProgramOptions(std::move(baseDir), std::move(mountDir), std::move(configfile), foreground, allowFilesystemUpgrade, allowReplacedFilesystem, std::move(unmountAfterIdleMinutes), std::move(logfile), std::move(cipher), blocksizeBytes, allowIntegrityViolations, std::move(missingBlockIsIntegrityViolation), std::move(fuseOptions));
} }
void Parser::_checkValidCipher(const string &cipher, const vector<string> &supportedCiphers) { void Parser::_checkValidCipher(const string &cipher, const vector<string> &supportedCiphers) {
@ -166,8 +166,8 @@ void Parser::_addAllowedOptions(po::options_description *desc) {
("fuse-option,o", po::value<vector<string>>(), "Add a fuse mount option. Example: atime or noatime.") ("fuse-option,o", po::value<vector<string>>(), "Add a fuse mount option. Example: atime or noatime.")
("cipher", po::value<string>(), cipher_description.c_str()) ("cipher", po::value<string>(), cipher_description.c_str())
("blocksize", po::value<uint32_t>(), blocksize_description.c_str()) ("blocksize", po::value<uint32_t>(), blocksize_description.c_str())
("no-integrity-checks", "Disable integrity checks. Integrity checks ensure that your file system was not manipulated or rolled back to an earlier version. Disabling them is needed if you want to load an old snapshot of your file system.")
("missing-block-is-integrity-violation", po::value<bool>(), "Whether to treat a missing block as an integrity violation. This makes sure you notice if an attacker deleted some of your files, but only works in single-client mode. You will not be able to use the file system on other devices.") ("missing-block-is-integrity-violation", po::value<bool>(), "Whether to treat a missing block as an integrity violation. This makes sure you notice if an attacker deleted some of your files, but only works in single-client mode. You will not be able to use the file system on other devices.")
("allow-integrity-violations", "Disable integrity checks. Integrity checks ensure that your file system was not manipulated or rolled back to an earlier version. Disabling them is needed if you want to load an old snapshot of your file system.")
("allow-filesystem-upgrade", "Allow upgrading the file system if it was created with an old CryFS version. After the upgrade, older CryFS versions might not be able to use the file system anymore.") ("allow-filesystem-upgrade", "Allow upgrading the file system if it was created with an old CryFS version. After the upgrade, older CryFS versions might not be able to use the file system anymore.")
("allow-replaced-filesystem", "By default, CryFS remembers file systems it has seen in this base directory and checks that it didn't get replaced by an attacker with an entirely different file system since the last time it was loaded. However, if you do want to replace the file system with an entirely new one, you can pass in this option to disable the check.") ("allow-replaced-filesystem", "By default, CryFS remembers file systems it has seen in this base directory and checks that it didn't get replaced by an attacker with an entirely different file system since the last time it was loaded. However, if you do want to replace the file system with an entirely new one, you can pass in this option to disable the check.")
("show-ciphers", "Show list of supported ciphers.") ("show-ciphers", "Show list of supported ciphers.")

View File

@ -12,10 +12,10 @@ ProgramOptions::ProgramOptions(bf::path baseDir, bf::path mountDir, optional<bf:
bool foreground, bool allowFilesystemUpgrade, bool allowReplacedFilesystem, optional<double> unmountAfterIdleMinutes, bool foreground, bool allowFilesystemUpgrade, bool allowReplacedFilesystem, optional<double> unmountAfterIdleMinutes,
optional<bf::path> logFile, optional<string> cipher, optional<bf::path> logFile, optional<string> cipher,
optional<uint32_t> blocksizeBytes, optional<uint32_t> blocksizeBytes,
bool noIntegrityChecks, bool allowIntegrityViolations,
boost::optional<bool> missingBlockIsIntegrityViolation, boost::optional<bool> missingBlockIsIntegrityViolation,
vector<string> fuseOptions) vector<string> fuseOptions)
:_baseDir(std::move(baseDir)), _mountDir(std::move(mountDir)), _configFile(std::move(configFile)), _foreground(foreground), _allowFilesystemUpgrade(allowFilesystemUpgrade), _allowReplacedFilesystem(allowReplacedFilesystem), _noIntegrityChecks(noIntegrityChecks), :_baseDir(std::move(baseDir)), _mountDir(std::move(mountDir)), _configFile(std::move(configFile)), _foreground(foreground), _allowFilesystemUpgrade(allowFilesystemUpgrade), _allowReplacedFilesystem(allowReplacedFilesystem), _allowIntegrityViolations(allowIntegrityViolations),
_cipher(std::move(cipher)), _blocksizeBytes(std::move(blocksizeBytes)), _unmountAfterIdleMinutes(std::move(unmountAfterIdleMinutes)), _cipher(std::move(cipher)), _blocksizeBytes(std::move(blocksizeBytes)), _unmountAfterIdleMinutes(std::move(unmountAfterIdleMinutes)),
_missingBlockIsIntegrityViolation(std::move(missingBlockIsIntegrityViolation)), _logFile(std::move(logFile)), _fuseOptions(std::move(fuseOptions)) { _missingBlockIsIntegrityViolation(std::move(missingBlockIsIntegrityViolation)), _logFile(std::move(logFile)), _fuseOptions(std::move(fuseOptions)) {
} }
@ -56,8 +56,8 @@ const optional<uint32_t> &ProgramOptions::blocksizeBytes() const {
return _blocksizeBytes; return _blocksizeBytes;
} }
bool ProgramOptions::noIntegrityChecks() const { bool ProgramOptions::allowIntegrityViolations() const {
return _noIntegrityChecks; return _allowIntegrityViolations;
} }
bool ProgramOptions::allowReplacedFilesystem() const { bool ProgramOptions::allowReplacedFilesystem() const {

View File

@ -18,7 +18,7 @@ namespace cryfs {
boost::optional<boost::filesystem::path> logFile, boost::optional<boost::filesystem::path> logFile,
boost::optional<std::string> cipher, boost::optional<std::string> cipher,
boost::optional<uint32_t> blocksizeBytes, boost::optional<uint32_t> blocksizeBytes,
bool noIntegrityChecks, bool allowIntegrityViolations,
boost::optional<bool> missingBlockIsIntegrityViolation, boost::optional<bool> missingBlockIsIntegrityViolation,
std::vector<std::string> fuseOptions); std::vector<std::string> fuseOptions);
ProgramOptions(ProgramOptions &&rhs) = default; ProgramOptions(ProgramOptions &&rhs) = default;
@ -32,7 +32,7 @@ namespace cryfs {
const boost::optional<std::string> &cipher() const; const boost::optional<std::string> &cipher() const;
const boost::optional<uint32_t> &blocksizeBytes() const; const boost::optional<uint32_t> &blocksizeBytes() const;
const boost::optional<double> &unmountAfterIdleMinutes() const; const boost::optional<double> &unmountAfterIdleMinutes() const;
bool noIntegrityChecks() const; bool allowIntegrityViolations() const;
const boost::optional<bool> &missingBlockIsIntegrityViolation() const; const boost::optional<bool> &missingBlockIsIntegrityViolation() const;
const boost::optional<boost::filesystem::path> &logFile() const; const boost::optional<boost::filesystem::path> &logFile() const;
const std::vector<std::string> &fuseOptions() const; const std::vector<std::string> &fuseOptions() const;
@ -44,7 +44,7 @@ namespace cryfs {
bool _foreground; bool _foreground;
bool _allowFilesystemUpgrade; bool _allowFilesystemUpgrade;
bool _allowReplacedFilesystem; bool _allowReplacedFilesystem;
bool _noIntegrityChecks; bool _allowIntegrityViolations;
boost::optional<std::string> _cipher; boost::optional<std::string> _cipher;
boost::optional<uint32_t> _blocksizeBytes; boost::optional<uint32_t> _blocksizeBytes;
boost::optional<double> _unmountAfterIdleMinutes; boost::optional<double> _unmountAfterIdleMinutes;

View File

@ -51,14 +51,14 @@ namespace bf = boost::filesystem;
namespace cryfs { namespace cryfs {
CryDevice::CryDevice(CryConfigFile configFile, unique_ref<BlockStore2> blockStore, const LocalStateDir& localStateDir, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation) CryDevice::CryDevice(CryConfigFile configFile, unique_ref<BlockStore2> blockStore, const LocalStateDir& localStateDir, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation)
: _fsBlobStore(CreateFsBlobStore(std::move(blockStore), &configFile, localStateDir, myClientId, noIntegrityChecks, missingBlockIsIntegrityViolation)), : _fsBlobStore(CreateFsBlobStore(std::move(blockStore), &configFile, localStateDir, myClientId, allowIntegrityViolations, missingBlockIsIntegrityViolation)),
_rootBlobId(GetOrCreateRootBlobId(&configFile)), _rootBlobId(GetOrCreateRootBlobId(&configFile)),
_onFsAction() { _onFsAction() {
} }
unique_ref<parallelaccessfsblobstore::ParallelAccessFsBlobStore> CryDevice::CreateFsBlobStore(unique_ref<BlockStore2> blockStore, CryConfigFile *configFile, const LocalStateDir& localStateDir, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation) { unique_ref<parallelaccessfsblobstore::ParallelAccessFsBlobStore> CryDevice::CreateFsBlobStore(unique_ref<BlockStore2> blockStore, CryConfigFile *configFile, const LocalStateDir& localStateDir, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation) {
auto blobStore = CreateBlobStore(std::move(blockStore), localStateDir, configFile, myClientId, noIntegrityChecks, missingBlockIsIntegrityViolation); auto blobStore = CreateBlobStore(std::move(blockStore), localStateDir, configFile, myClientId, allowIntegrityViolations, missingBlockIsIntegrityViolation);
#ifndef CRYFS_NO_COMPATIBILITY #ifndef CRYFS_NO_COMPATIBILITY
auto fsBlobStore = MigrateOrCreateFsBlobStore(std::move(blobStore), configFile); auto fsBlobStore = MigrateOrCreateFsBlobStore(std::move(blobStore), configFile);
@ -83,8 +83,8 @@ unique_ref<fsblobstore::FsBlobStore> CryDevice::MigrateOrCreateFsBlobStore(uniqu
} }
#endif #endif
unique_ref<blobstore::BlobStore> CryDevice::CreateBlobStore(unique_ref<BlockStore2> blockStore, const LocalStateDir& localStateDir, CryConfigFile *configFile, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation) { unique_ref<blobstore::BlobStore> CryDevice::CreateBlobStore(unique_ref<BlockStore2> blockStore, const LocalStateDir& localStateDir, CryConfigFile *configFile, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation) {
auto integrityEncryptedBlockStore = CreateIntegrityEncryptedBlockStore(std::move(blockStore), localStateDir, configFile, myClientId, noIntegrityChecks, missingBlockIsIntegrityViolation); auto integrityEncryptedBlockStore = CreateIntegrityEncryptedBlockStore(std::move(blockStore), localStateDir, configFile, myClientId, allowIntegrityViolations, missingBlockIsIntegrityViolation);
// Create integrityEncryptedBlockStore not in the same line as BlobStoreOnBlocks, because it can modify BlocksizeBytes // Create integrityEncryptedBlockStore not in the same line as BlobStoreOnBlocks, because it can modify BlocksizeBytes
// in the configFile and therefore has to be run before the second parameter to the BlobStoreOnBlocks parameter is evaluated. // in the configFile and therefore has to be run before the second parameter to the BlobStoreOnBlocks parameter is evaluated.
return make_unique_ref<BlobStoreOnBlocks>( return make_unique_ref<BlobStoreOnBlocks>(
@ -96,7 +96,7 @@ unique_ref<blobstore::BlobStore> CryDevice::CreateBlobStore(unique_ref<BlockStor
configFile->config()->BlocksizeBytes()); configFile->config()->BlocksizeBytes());
} }
unique_ref<BlockStore2> CryDevice::CreateIntegrityEncryptedBlockStore(unique_ref<BlockStore2> blockStore, const LocalStateDir& localStateDir, CryConfigFile *configFile, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation) { unique_ref<BlockStore2> CryDevice::CreateIntegrityEncryptedBlockStore(unique_ref<BlockStore2> blockStore, const LocalStateDir& localStateDir, CryConfigFile *configFile, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation) {
auto encryptedBlockStore = CreateEncryptedBlockStore(*configFile->config(), std::move(blockStore)); auto encryptedBlockStore = CreateEncryptedBlockStore(*configFile->config(), std::move(blockStore));
auto statePath = localStateDir.forFilesystemId(configFile->config()->FilesystemId()); auto statePath = localStateDir.forFilesystemId(configFile->config()->FilesystemId());
auto integrityFilePath = statePath / "integritydata"; auto integrityFilePath = statePath / "integritydata";
@ -110,7 +110,7 @@ unique_ref<BlockStore2> CryDevice::CreateIntegrityEncryptedBlockStore(unique_ref
} }
#endif #endif
return make_unique_ref<IntegrityBlockStore2>(std::move(encryptedBlockStore), integrityFilePath, myClientId, noIntegrityChecks, missingBlockIsIntegrityViolation); return make_unique_ref<IntegrityBlockStore2>(std::move(encryptedBlockStore), integrityFilePath, myClientId, allowIntegrityViolations, missingBlockIsIntegrityViolation);
} }
BlockId CryDevice::CreateRootBlobAndReturnId() { BlockId CryDevice::CreateRootBlobAndReturnId() {

View File

@ -19,7 +19,7 @@ namespace cryfs {
class CryDevice final: public fspp::Device { class CryDevice final: public fspp::Device {
public: public:
CryDevice(CryConfigFile config, cpputils::unique_ref<blockstore::BlockStore2> blockStore, const LocalStateDir& localStateDir, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation); CryDevice(CryConfigFile config, cpputils::unique_ref<blockstore::BlockStore2> blockStore, const LocalStateDir& localStateDir, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation);
void statfs(const boost::filesystem::path &path, struct ::statvfs *fsstat) override; void statfs(const boost::filesystem::path &path, struct ::statvfs *fsstat) override;
@ -54,12 +54,12 @@ private:
blockstore::BlockId GetOrCreateRootBlobId(CryConfigFile *config); blockstore::BlockId GetOrCreateRootBlobId(CryConfigFile *config);
blockstore::BlockId CreateRootBlobAndReturnId(); blockstore::BlockId CreateRootBlobAndReturnId();
static cpputils::unique_ref<parallelaccessfsblobstore::ParallelAccessFsBlobStore> CreateFsBlobStore(cpputils::unique_ref<blockstore::BlockStore2> blockStore, CryConfigFile *configFile, const LocalStateDir& localStateDir, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation); static cpputils::unique_ref<parallelaccessfsblobstore::ParallelAccessFsBlobStore> CreateFsBlobStore(cpputils::unique_ref<blockstore::BlockStore2> blockStore, CryConfigFile *configFile, const LocalStateDir& localStateDir, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation);
#ifndef CRYFS_NO_COMPATIBILITY #ifndef CRYFS_NO_COMPATIBILITY
static cpputils::unique_ref<fsblobstore::FsBlobStore> MigrateOrCreateFsBlobStore(cpputils::unique_ref<blobstore::BlobStore> blobStore, CryConfigFile *configFile); static cpputils::unique_ref<fsblobstore::FsBlobStore> MigrateOrCreateFsBlobStore(cpputils::unique_ref<blobstore::BlobStore> blobStore, CryConfigFile *configFile);
#endif #endif
static cpputils::unique_ref<blobstore::BlobStore> CreateBlobStore(cpputils::unique_ref<blockstore::BlockStore2> blockStore, const LocalStateDir& localStateDir, CryConfigFile *configFile, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation); static cpputils::unique_ref<blobstore::BlobStore> CreateBlobStore(cpputils::unique_ref<blockstore::BlockStore2> blockStore, const LocalStateDir& localStateDir, CryConfigFile *configFile, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation);
static cpputils::unique_ref<blockstore::BlockStore2> CreateIntegrityEncryptedBlockStore(cpputils::unique_ref<blockstore::BlockStore2> blockStore, const LocalStateDir& localStateDir, CryConfigFile *configFile, uint32_t myClientId, bool noIntegrityChecks, bool missingBlockIsIntegrityViolation); static cpputils::unique_ref<blockstore::BlockStore2> CreateIntegrityEncryptedBlockStore(cpputils::unique_ref<blockstore::BlockStore2> blockStore, const LocalStateDir& localStateDir, CryConfigFile *configFile, uint32_t myClientId, bool allowIntegrityViolations, bool missingBlockIsIntegrityViolation);
static cpputils::unique_ref<blockstore::BlockStore2> CreateEncryptedBlockStore(const CryConfig &config, cpputils::unique_ref<blockstore::BlockStore2> baseBlockStore); static cpputils::unique_ref<blockstore::BlockStore2> CreateEncryptedBlockStore(const CryConfig &config, cpputils::unique_ref<blockstore::BlockStore2> baseBlockStore);
struct BlobWithParent { struct BlobWithParent {

View File

@ -17,7 +17,7 @@ using cpputils::make_unique_ref;
using cpputils::unique_ref; using cpputils::unique_ref;
using cpputils::TempFile; using cpputils::TempFile;
template<bool NoIntegrityChecks, bool MissingBlockIsIntegrityViolation> template<bool AllowIntegrityViolations, bool MissingBlockIsIntegrityViolation>
class IntegrityBlockStoreTestFixture: public BlockStoreTestFixture { class IntegrityBlockStoreTestFixture: public BlockStoreTestFixture {
public: public:
IntegrityBlockStoreTestFixture() :stateFile(false) {} IntegrityBlockStoreTestFixture() :stateFile(false) {}
@ -25,38 +25,38 @@ public:
TempFile stateFile; TempFile stateFile;
unique_ref<BlockStore> createBlockStore() override { unique_ref<BlockStore> createBlockStore() override {
return make_unique_ref<LowToHighLevelBlockStore>( return make_unique_ref<LowToHighLevelBlockStore>(
make_unique_ref<IntegrityBlockStore2>(make_unique_ref<InMemoryBlockStore2>(), stateFile.path(), 0x12345678, NoIntegrityChecks, MissingBlockIsIntegrityViolation) make_unique_ref<IntegrityBlockStore2>(make_unique_ref<InMemoryBlockStore2>(), stateFile.path(), 0x12345678, AllowIntegrityViolations, MissingBlockIsIntegrityViolation)
); );
} }
}; };
using IntegrityBlockStoreTestFixture_multiclient = IntegrityBlockStoreTestFixture<false, false>; using IntegrityBlockStoreTestFixture_multiclient = IntegrityBlockStoreTestFixture<false, false>;
using IntegrityBlockStoreTestFixture_singleclient = IntegrityBlockStoreTestFixture<false, true>; using IntegrityBlockStoreTestFixture_singleclient = IntegrityBlockStoreTestFixture<false, true>;
using IntegrityBlockStoreTestFixture_multiclient_noIntegrityChecks = IntegrityBlockStoreTestFixture<true, false>; using IntegrityBlockStoreTestFixture_multiclient_allowIntegrityViolations = IntegrityBlockStoreTestFixture<true, false>;
using IntegrityBlockStoreTestFixture_singleclient_noIntegrityChecks = IntegrityBlockStoreTestFixture<true, true>; using IntegrityBlockStoreTestFixture_singleclient_allowIntegrityViolations = IntegrityBlockStoreTestFixture<true, true>;
INSTANTIATE_TYPED_TEST_CASE_P(Integrity_multiclient, BlockStoreTest, IntegrityBlockStoreTestFixture_multiclient); INSTANTIATE_TYPED_TEST_CASE_P(Integrity_multiclient, BlockStoreTest, IntegrityBlockStoreTestFixture_multiclient);
INSTANTIATE_TYPED_TEST_CASE_P(Integrity_singleclient, BlockStoreTest, IntegrityBlockStoreTestFixture_singleclient); INSTANTIATE_TYPED_TEST_CASE_P(Integrity_singleclient, BlockStoreTest, IntegrityBlockStoreTestFixture_singleclient);
INSTANTIATE_TYPED_TEST_CASE_P(Integrity_multiclient_noIntegrityChecks, BlockStoreTest, IntegrityBlockStoreTestFixture_multiclient_noIntegrityChecks); INSTANTIATE_TYPED_TEST_CASE_P(Integrity_multiclient_allowIntegrityViolations, BlockStoreTest, IntegrityBlockStoreTestFixture_multiclient_allowIntegrityViolations);
INSTANTIATE_TYPED_TEST_CASE_P(Integrity_singleclient_noIntegrityChecks, BlockStoreTest, IntegrityBlockStoreTestFixture_singleclient_noIntegrityChecks); INSTANTIATE_TYPED_TEST_CASE_P(Integrity_singleclient_allowIntegrityViolations, BlockStoreTest, IntegrityBlockStoreTestFixture_singleclient_allowIntegrityViolations);
template<bool NoIntegrityChecks, bool MissingBlockIsIntegrityViolation> template<bool AllowIntegrityViolations, bool MissingBlockIsIntegrityViolation>
class IntegrityBlockStore2TestFixture: public BlockStore2TestFixture { class IntegrityBlockStore2TestFixture: public BlockStore2TestFixture {
public: public:
IntegrityBlockStore2TestFixture() :stateFile(false) {} IntegrityBlockStore2TestFixture() :stateFile(false) {}
TempFile stateFile; TempFile stateFile;
unique_ref<BlockStore2> createBlockStore() override { unique_ref<BlockStore2> createBlockStore() override {
return make_unique_ref<IntegrityBlockStore2>(make_unique_ref<InMemoryBlockStore2>(), stateFile.path(), 0x12345678, NoIntegrityChecks, MissingBlockIsIntegrityViolation); return make_unique_ref<IntegrityBlockStore2>(make_unique_ref<InMemoryBlockStore2>(), stateFile.path(), 0x12345678, AllowIntegrityViolations, MissingBlockIsIntegrityViolation);
} }
}; };
using IntegrityBlockStore2TestFixture_multiclient = IntegrityBlockStore2TestFixture<false, false>; using IntegrityBlockStore2TestFixture_multiclient = IntegrityBlockStore2TestFixture<false, false>;
using IntegrityBlockStore2TestFixture_singleclient = IntegrityBlockStore2TestFixture<false, true>; using IntegrityBlockStore2TestFixture_singleclient = IntegrityBlockStore2TestFixture<false, true>;
using IntegrityBlockStore2TestFixture_multiclient_noIntegrityChecks = IntegrityBlockStore2TestFixture<true, false>; using IntegrityBlockStore2TestFixture_multiclient_allowIntegrityViolations = IntegrityBlockStore2TestFixture<true, false>;
using IntegrityBlockStore2TestFixture_singleclient_noIntegrityChecks = IntegrityBlockStore2TestFixture<true, true>; using IntegrityBlockStore2TestFixture_singleclient_allowIntegrityViolations = IntegrityBlockStore2TestFixture<true, true>;
INSTANTIATE_TYPED_TEST_CASE_P(Integrity_multiclient, BlockStore2Test, IntegrityBlockStore2TestFixture_multiclient); INSTANTIATE_TYPED_TEST_CASE_P(Integrity_multiclient, BlockStore2Test, IntegrityBlockStore2TestFixture_multiclient);
INSTANTIATE_TYPED_TEST_CASE_P(Integrity_singleclient, BlockStore2Test, IntegrityBlockStore2TestFixture_singleclient); INSTANTIATE_TYPED_TEST_CASE_P(Integrity_singleclient, BlockStore2Test, IntegrityBlockStore2TestFixture_singleclient);
INSTANTIATE_TYPED_TEST_CASE_P(Integrity_multiclient_noIntegrityChecks, BlockStore2Test, IntegrityBlockStore2TestFixture_multiclient_noIntegrityChecks); INSTANTIATE_TYPED_TEST_CASE_P(Integrity_multiclient_allowIntegrityViolations, BlockStore2Test, IntegrityBlockStore2TestFixture_multiclient_allowIntegrityViolations);
INSTANTIATE_TYPED_TEST_CASE_P(Integrity_singleclient_noIntegrityChecks, BlockStore2Test, IntegrityBlockStore2TestFixture_singleclient_noIntegrityChecks); INSTANTIATE_TYPED_TEST_CASE_P(Integrity_singleclient_allowIntegrityViolations, BlockStore2Test, IntegrityBlockStore2TestFixture_singleclient_allowIntegrityViolations);

View File

@ -202,14 +202,14 @@ TEST_F(ProgramOptionsParserTest, MissingBlockIsIntegrityViolationGiven_False) {
EXPECT_FALSE(options.missingBlockIsIntegrityViolation().value()); EXPECT_FALSE(options.missingBlockIsIntegrityViolation().value());
} }
TEST_F(ProgramOptionsParserTest, NoIntegrityChecks_True) { TEST_F(ProgramOptionsParserTest, AllowIntegrityViolations_True) {
ProgramOptions options = parse({"./myExecutable", "/home/user/baseDir", "--no-integrity-checks", "/home/user/mountDir"}); ProgramOptions options = parse({"./myExecutable", "/home/user/baseDir", "--allow-integrity-violations", "/home/user/mountDir"});
EXPECT_TRUE(options.noIntegrityChecks()); EXPECT_TRUE(options.allowIntegrityViolations());
} }
TEST_F(ProgramOptionsParserTest, NoIntegrityChecks_False) { TEST_F(ProgramOptionsParserTest, AllowIntegrityViolations_False) {
ProgramOptions options = parse({"./myExecutable", "/home/user/baseDir", "/home/user/mountDir"}); ProgramOptions options = parse({"./myExecutable", "/home/user/baseDir", "/home/user/mountDir"});
EXPECT_FALSE(options.noIntegrityChecks()); EXPECT_FALSE(options.allowIntegrityViolations());
} }
TEST_F(ProgramOptionsParserTest, MissingBlockIsIntegrityViolationNotGiven) { TEST_F(ProgramOptionsParserTest, MissingBlockIsIntegrityViolationNotGiven) {

View File

@ -116,14 +116,14 @@ TEST_F(ProgramOptionsTest, MissingBlockIsIntegrityViolationNone) {
EXPECT_EQ(none, testobj.missingBlockIsIntegrityViolation()); EXPECT_EQ(none, testobj.missingBlockIsIntegrityViolation());
} }
TEST_F(ProgramOptionsTest, NoIntegrityChecksFalse) { TEST_F(ProgramOptionsTest, AllowIntegrityViolationsFalse) {
ProgramOptions testobj("", "", none, true, false, false, none, none, none, none, false, none, {"./myExecutable"}); ProgramOptions testobj("", "", none, true, false, false, none, none, none, none, false, none, {"./myExecutable"});
EXPECT_FALSE(testobj.noIntegrityChecks()); EXPECT_FALSE(testobj.allowIntegrityViolations());
} }
TEST_F(ProgramOptionsTest, NoIntegrityChecksTrue) { TEST_F(ProgramOptionsTest, AllowIntegrityViolationsTrue) {
ProgramOptions testobj("", "", none, true, false, false, none, none, none, none, true, none, {"./myExecutable"}); ProgramOptions testobj("", "", none, true, false, false, none, none, none, none, true, none, {"./myExecutable"});
EXPECT_TRUE(testobj.noIntegrityChecks()); EXPECT_TRUE(testobj.allowIntegrityViolations());
} }
TEST_F(ProgramOptionsTest, EmptyFuseOptions) { TEST_F(ProgramOptionsTest, EmptyFuseOptions) {