socsvn commit: r236293 - in soc2012/gpf/pefs_kmod: sbin/pefs
sys/fs/pefs
gpf at FreeBSD.org
gpf at FreeBSD.org
Thu May 24 15:52:29 UTC 2012
Author: gpf
Date: Thu May 24 15:52:26 2012
New Revision: 236293
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=236293
Log:
pefs_get_file_id() now uses an ioctl() call to get filename mac from kernel.
Modified:
soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c
soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h
soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c
Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c
==============================================================================
--- soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Thu May 24 14:07:44 2012 (r236292)
+++ soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Thu May 24 15:52:26 2012 (r236293)
@@ -29,6 +29,7 @@
__FBSDID("$FreeBSD$");
#include <sys/endian.h>
+#include <sys/ioctl.h>
#include <sys/mount.h>
#include <sys/queue.h>
#include <sys/types.h>
@@ -263,17 +264,17 @@
struct checksum *csp;
uint32_t i,j;
- printf("\n+++Printing Hash Table+++\n\n");
+ dprintf(("\n+++Printing Hash Table+++\n\n"));
for (i = 0; i < checksum_hash_tablep->size; i++) {
- printf("\nbucket %d with elements: %u\n", i, checksum_hash_tablep->buckets[i].nelements);
+ dprintf(("\nbucket %d with elements: %u\n", i, checksum_hash_tablep->buckets[i].nelements));
LIST_FOREACH(fhp, &(checksum_hash_tablep->buckets[i].file_headers), bucket_entries) {
//printf(("\tpath=%s!\t id = %d!\tnhashes = %d\n", fhp->path, (int)fhp->file_id, fhp->nhashes));
- printf("\tid = %d!\tnhashes = %d\n", (int)fhp->file_id, fhp->nhashes);
+ dprintf(("\tid = %d!\tnhashes = %d\n", (int)fhp->file_id, fhp->nhashes));
TAILQ_FOREACH(csp, &(fhp->checksums), checksum_entries) {
- printf("\t\tdigest=");
+ dprintf(("\t\tdigest="));
for (j = 0; j < hash_len; j++)
- printf("%02x", csp->hash[j]);
- printf("\n");
+ dprintf(("%02x", csp->hash[j]));
+ dprintf(("\n"));
}
}
}
@@ -282,6 +283,10 @@
static int
pefs_get_file_id(struct file_header *fhp)
{
+ char parent_dir[MAXPATHLEN];
+ struct pefs_mac mac;
+ char *pch;
+ int error, fd;
struct stat sb;
if (stat(fhp->path, &sb) != 0) {
@@ -289,11 +294,38 @@
return (PEFS_ERR_SYS);
}
/*
- * XXXgpf: [TODO] This is only temporary since retrieving the file's inode number
- * is way simpler than retrieving the checksum value from encrypted filename.
+ * XXXgpf: [TODO] This is only temporary so that we won't have conflict errors
+ * when adding a file header to a bucket.
*/
fhp->file_id = sb.st_ino;
- return (0);
+
+ /* feed parent directory to ioctl() */
+ strlcpy(parent_dir, fhp->path, sizeof(parent_dir));
+ pch = strrchr(parent_dir, '/');
+ if (pch == NULL) {
+ pefs_warn("error retrieving parent dir of %s", fhp->path);
+ return (PEFS_ERR_NOENT);
+ }
+ *pch = '\0';
+
+ fd = open(parent_dir, O_RDONLY);
+ if (fd < 0) {
+ warn("unable to open file %s", parent_dir);
+ return (PEFS_ERR_SYS);
+ }
+
+ pch = strrchr(fhp->path, '/');
+ pch++;
+ strlcpy(mac.mac_filename, pch, sizeof(mac.mac_filename));
+ mac.mac_namelen = strlen(mac.mac_filename);
+
+ printf("giving values to ioctl() %s and dir = %s\n", mac.mac_filename, parent_dir);
+ error = ioctl(fd, PEFS_GETMAC, &mac);
+ printf("ioctl error = %d\n", error);
+ printf("values returned %lld\n\n", mac.mac_csum);
+
+ close(fd);
+ return (error);
}
static int
@@ -633,8 +665,9 @@
snprintf(checksum_path, sizeof(checksum_path), "%s/%s", fsroot, PEFS_FILE_CHECKSUM);
/*
- * XXXgpf: If pefs fs is mounted when .pefs.checksum is created, then it will obtain an
- * encrypted filename. It's not a bug, it's a feature!
+ * XXXgpf: [TODO] If pefs fs is mounted when .pefs.checksum is created, then it will obtain an
+ * encrypted filename & encrypted data. I should make sure that checksum file is not being
+ * opened inside a mounted pefs filesystem.
*/
fdout = open(checksum_path, O_WRONLY | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
if (fdout == -1) {
Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h
==============================================================================
--- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h Thu May 24 14:07:44 2012 (r236292)
+++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h Thu May 24 15:52:26 2012 (r236293)
@@ -48,6 +48,12 @@
char pxk_key[PEFS_KEY_SIZE];
};
+struct pefs_mac {
+ char mac_filename[MAXPATHLEN];
+ uint32_t mac_namelen;
+ uint64_t mac_csum;
+};
+
#ifdef _IO
#define PEFS_GETKEY _IOWR('p', 0, struct pefs_xkey)
#define PEFS_ADDKEY _IOWR('p', 1, struct pefs_xkey)
@@ -55,6 +61,7 @@
#define PEFS_DELKEY _IOWR('p', 3, struct pefs_xkey)
#define PEFS_FLUSHKEYS _IO('p', 4)
#define PEFS_GETNODEKEY _IOWR('p', 5, struct pefs_xkey)
+#define PEFS_GETMAC _IOWR('p', 6, struct pefs_mac)
#endif
#ifdef _KERNEL
Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c
==============================================================================
--- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c Thu May 24 14:07:44 2012 (r236292)
+++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c Thu May 24 15:52:26 2012 (r236293)
@@ -2355,15 +2355,21 @@
static int
pefs_ioctl(struct vop_ioctl_args *ap)
{
+ struct pefs_enccn enccn;
+ struct componentname cn;
+ char buf[MAXNAMLEN +1];
struct vnode *vp = ap->a_vp;
struct pefs_xkey *xk = ap->a_data;
+ struct pefs_mac *mac = ap->a_data;
struct ucred *cred = ap->a_cred;
struct thread *td = ap->a_td;
struct mount *mp = vp->v_mount;
struct pefs_mount *pm = VFS_TO_PEFS(mp);
struct pefs_node *pn;
struct pefs_key *pk;
- int error = 0, i;
+ char *enc;
+ size_t enc_len;
+ int error = 0, i, r;
if (mp->mnt_cred->cr_uid != cred->cr_uid) {
error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0);
@@ -2465,6 +2471,43 @@
if (pefs_key_remove_all(pm))
pefs_flushkey(mp, td, PEFS_FLUSHKEY_ALL, NULL);
break;
+ case PEFS_GETMAC:
+ pefs_enccn_init(&enccn);
+
+ cn.cn_nameiop = LOOKUP;
+ cn.cn_thread = td;
+ cn.cn_cred = cred;
+ /* XXXgpf: should probably acquire a shared lock if possible */
+ cn.cn_lkflags = 0;
+ cn.cn_flags = 0;
+ cn.cn_nameptr = mac->mac_filename;
+ cn.cn_namelen = mac->mac_namelen;
+
+ error = pefs_enccn_lookup(&enccn, vp, &cn);
+ printf("pefs_enccn_lookup = %d\n", error);
+ if (error == 0) {
+ printf("found!\nlen%ld %s", enccn.pec_cn.cn_namelen, enccn.pec_cn.cn_nameptr);
+
+ enc = enccn.pec_cn.cn_nameptr;
+ enc_len = enccn.pec_cn.cn_namelen;
+
+ if (enc[0] != '.' || enc_len <= 1) {
+ error = EINVAL;
+ break;
+ }
+ enc++;
+ enc_len--;
+
+ r = pefs_name_pton(enc, enc_len, buf, sizeof(buf));
+ if (r <= 0)
+ error = EINVAL;
+ else
+ memcpy(&(mac->mac_csum), buf, PEFS_NAME_CSUM_SIZE);
+
+ pefs_enccn_free(&enccn);
+ }
+
+ break;
default:
error = ENOTTY;
break;
More information about the svn-soc-all
mailing list