socsvn commit: r240210 - in soc2012/gpf/pefs_kmod: sbin/pefs
sys/fs/pefs
gpf at FreeBSD.org
gpf at FreeBSD.org
Thu Aug 9 14:10:42 UTC 2012
Author: gpf
Date: Thu Aug 9 14:10:40 2012
New Revision: 240210
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=240210
Log:
minor changes, comment updates and code refactoring
Modified:
soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c
soc2012/gpf/pefs_kmod/sbin/pefs/pefs_ctl.c
soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_mac.c
Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c
==============================================================================
--- soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Thu Aug 9 12:35:15 2012 (r240209)
+++ soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Thu Aug 9 14:10:40 2012 (r240210)
@@ -812,7 +812,7 @@
/* XXXgpf: for debugging purposes */
static void
-pefs_rb_print(struct hardlink_head *hlc_headp)
+pefs_hardlink_print(struct hardlink_head *hlc_headp)
{
struct hardlink_counter *hlcp;
struct file_header *fhp;
@@ -828,7 +828,7 @@
}
static void
-pefs_rb_warn(struct hardlink_head *hlc_headp)
+pefs_hardlink_warn(struct hardlink_head *hlc_headp)
{
struct hardlink_counter *hlcp;
struct file_header *fhp;
@@ -848,7 +848,7 @@
}
static int
-pefs_rb_insert(struct hardlink_head *hlc_headp, struct file_header *fhp,
+pefs_hardlink_insert(struct hardlink_head *hlc_headp, struct file_header *fhp,
struct stat *sbp)
{
struct hardlink_counter find, *res, *new_hlcp;
@@ -880,7 +880,7 @@
}
static int
-pefs_rb_cmp(struct hardlink_counter *hlcp1, struct hardlink_counter *hlcp2)
+pefs_hardlink_cmp(struct hardlink_counter *hlcp1, struct hardlink_counter *hlcp2)
{
if (hlcp1->inode < hlcp2->inode)
return -1;
@@ -891,7 +891,7 @@
}
static void
-pefs_rb_free(struct hardlink_head *hlc_headp)
+pefs_hardlink_free(struct hardlink_head *hlc_headp)
{
struct hardlink_counter *cur, *next;
@@ -1067,7 +1067,7 @@
/* Keep all hardlink file headers in a rb tree */
if (sb.st_nlink > 1 && hlc_headp != NULL)
- return (pefs_rb_insert(hlc_headp, fhp, &sb));
+ return (pefs_hardlink_insert(hlc_headp, fhp, &sb));
return (0);
}
@@ -1177,9 +1177,9 @@
if (error != 0)
return (error);
- pefs_rb_print(&hlc_head);
- pefs_rb_warn(&hlc_head);
- pefs_rb_free(&hlc_head);
+ pefs_hardlink_print(&hlc_head);
+ pefs_hardlink_warn(&hlc_head);
+ pefs_hardlink_free(&hlc_head);
error = pefs_allocate_hash_table(chtp, nfiles, PEFS_EXTEND);
if (error != 0)
@@ -1306,12 +1306,8 @@
struct file_header *fhp;
fhp = bp->fhp;
+ /* Empty files aren't allowed so nhashes == 0 symbolizes an empty bucket */
if (fhp == NULL) {
- /*
- * XXXgpf: empty files are not allowed so nhashes == 0 symbolizes
- * an empty bucket. perhaps a bitmap would be better? or we could
- * steal a bit from some data member?
- */
emptyfh.nhashes = 0;
emptyfh.file_id = 0;
emptyfh.offset_to_checksums = 0;
@@ -1341,8 +1337,12 @@
* All data member writes are done separately so as to avoid alignment problems.
* Writes are always in little endian byte order.
*
- * First 16 bytes of .pefs.checksum are filled with .pefs.checksum's file
- * header. Right after this header lies the 'index' part of our database.
+ * First 512 bytes of .pefs.checksum are reserved for the file's digital
+ * signature.
+ *
+ * After that, the next 16 bytes of .pefs.checksum are filled with
+ * .pefs.checksum's global file header. Right after this header lies the
+ * 'index' part of our database.
* This index is later kept in kernel memory.
*
* Index:
@@ -1437,7 +1437,7 @@
cfhp->offset_to_hash_table = PEFS_CFH_SIZE;
}
-/* read dsa pubkey from file */
+/* read dsa privkey from file */
static EVP_PKEY *
pefs_read_dsa_privkey(FILE *pk_fp)
{
@@ -1469,7 +1469,7 @@
return (pkey);
}
-/* Sign .pefs.checksum. Signature is placed in a different file. */
+/* Sign .pefs.checksum. Signature is placed at the beginning of the file. */
static int
pefs_sign_file(int fd, FILE *pkfp)
{
@@ -1481,8 +1481,6 @@
unsigned int sign_len;
int bytes, error, rval;
- /* XXXgpf: [TODO] offer option of DSA/RSA & appropriate digests */
- /* generate keys */
pkey = pefs_read_dsa_privkey(pkfp);
if (pkey == NULL)
return (PEFS_ERR_SYS);
@@ -1715,8 +1713,7 @@
* later written to file ".pefs.checksum" which is created under csm_path.
* algo is used as a cryptographic hash function that produces checksums
* for 4k blocks of each file. When we are done with .pefs.checksum, we
- * sign it and place the signature in .pefs.signature. The public key is placed
- * in .pefs.pkey.
+ * sign it and place the signature at the beginning of .pefs.checksum.
*/
int
pefs_create_checksum_file(FILE *fpin, char *fsroot, char *csm_path,
@@ -2138,19 +2135,12 @@
return (PEFS_ERR_SYS);
}
- /*
- * XXXgpf: probably print warning and move on to the next file
- * instead of returning so as to print as many warnings
- * as possible.
- */
if ((sb.st_flags & SF_IMMUTABLE) == 0) {
pefs_warn("file %s does not have schg flag", fhp->path);
- closedir(dirp);
- pefs_free_file_header(fhp);
- return (PEFS_ERR_SYS);
+ *checksum_error = PEFS_ERR_CHECKSUM;
}
- error = pefs_rb_insert(hlc_headp, fhp, &sb);
+ error = pefs_hardlink_insert(hlc_headp, fhp, &sb);
if (error != 0) {
closedir(dirp);
pefs_free_file_header(fhp);
@@ -2222,7 +2212,7 @@
* B) The entire filesystem is traversed in order to check each and every file.
* C) warning messages are produced for hardlinks and symbolic links.
* D) check that every file in .pefs.checksum was actually found in filesystem.
- * E) verify .pefs.signature from public key found in .pefs.pkey
+ * E) verify the file's signature with the user supplied public key
*/
int
pefs_verify_checksum(int fdin, FILE *pk_fp, char *fsroot, int flags)
@@ -2280,8 +2270,8 @@
if (error != 0)
goto out;
- /* pefs_rb_print(&hlc_head); */
- pefs_rb_warn(&hlc_head);
+ /* pefs_hardlink_print(&hlc_head); */
+ pefs_hardlink_warn(&hlc_head);
if ((flags & PEFS_UNMOUNTED) == 0 && (flags & PEFS_NOKEY) == 0)
pefs_symlink_warn(&cht, &fh_head);
@@ -2294,7 +2284,7 @@
out:
pefs_free_hash_table(&cht);
- pefs_rb_free(&hlc_head);
+ pefs_hardlink_free(&hlc_head);
pefs_free_file_header_tail(&fh_head);
return (error);
@@ -2330,4 +2320,4 @@
return (error);
}
-RB_GENERATE(hardlink_head, hardlink_counter, hardlink_entries, pefs_rb_cmp);
+RB_GENERATE(hardlink_head, hardlink_counter, hardlink_entries, pefs_hardlink_cmp);
Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_ctl.c
==============================================================================
--- soc2012/gpf/pefs_kmod/sbin/pefs/pefs_ctl.c Thu Aug 9 12:35:15 2012 (r240209)
+++ soc2012/gpf/pefs_kmod/sbin/pefs/pefs_ctl.c Thu Aug 9 14:10:40 2012 (r240210)
@@ -1006,7 +1006,8 @@
/*
* XXXgpf: Instead of a man page entry:
*
- * pefs addchecksum [-f] [-a algo] [-i inputfile] [-p path] filesystem
+ * pefs addchecksum [-f] [-a algo] [-i inputfile] [-k pkey_file] [-p path] \
+ * filesystem
*
* $command creates .pefs.checksum db file for filesystem.
* This file will contain all checksums necessary to check integrity
@@ -1022,17 +1023,15 @@
* path defines where .pefs.checksum should be created. By default,
* .pefs.checksum is created under $PWD. path should be a directory,
* outside of target pefs filesystem.
- *
- * Alongside .pefs.checksum, two other files are created: .pefs.signature &
- * .pefs.pkey. The first one contains the digital signature of .pefs.checksum
- * and the other one the public key that is used for signature verification.
- * They are created under the same parent directory as .pefs.checksum.
+ *
+ * pkey_file is the file that contains the private key that will be used
+ * by the DSA signing algorithm. Key should be in PEM format.
*
* -f symbolizes that $command should set immutable flag schg for every file
* in inputlist if the flag is not already set.
*
* When $command is run, filesystem must be mounted with pefs, and
- * user must have supplied the necessary key(s).
+ * user must have supplied the necessary pefs key(s).
*
*/
static int
@@ -1115,7 +1114,7 @@
argv += optind;
if (pk_fp == NULL) {
- pefs_warn("user must provide a file containing the public key");
+ pefs_warn("user must provide a file containing the private key");
return (PEFS_ERR_INVALID);
}
@@ -1136,7 +1135,7 @@
/*
* XXXgpf: Instead of a man page entry:
*
- * pefs verify [-u/-n] [-k pkey_file] [-s sign_file] checksumpath filesystem
+ * pefs verify [-u/-n] [-k pkey_file] checksumpath filesystem
*
* $command verifies the contents of a .pefs.checksum file. It scans the
* entire filesystem and checks that every entry in .pefs.checksum is
@@ -1153,13 +1152,7 @@
* flags -u and -n are mutually exclusive.
*
* pkey_file is the file containing the public key that is used to verify
- * .pefs.checksum's signature.
- *
- * sign_file contains the public signature that is used to verify
- * .pefs.checksum's digital signature.
- *
- * If pkey_file or sign_file are not supplied, $command expects to find the
- * respective files under the same parent directory as .pefs.checksum.
+ * .pefs.checksum's signature by the DSA algorithm.
*
* By default, pefs will assume that filesystem is mounted and user
* has provided key.
@@ -1362,8 +1355,8 @@
" pefs randomchain [-fv] [-n min] [-N max] filesystem\n"
" pefs showchains [-fp] [-i iterations] [-k keyfile] filesystem\n"
" pefs showalgs\n"
-" pefs addchecksum [-f] [-a algo] [-i inputfile] [-p checksumpath] filesystem\n"
-" pefs verify [-n/u] [-k pkey_file] [-s sign_file] [checksumpath filesystem]\n"
+" pefs addchecksum [-f] [-a algo] [-i inputfile] [-k pkey_file] [-p checksumpath] filesystem\n"
+" pefs verify [-n/u] [-k pkey_file] [checksumpath filesystem]\n"
" pefs nameid [-u/-n] [filepath]"
);
exit(PEFS_ERR_USAGE);
Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_mac.c
==============================================================================
--- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_mac.c Thu Aug 9 12:35:15 2012 (r240209)
+++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_mac.c Thu Aug 9 14:10:40 2012 (r240210)
@@ -59,7 +59,7 @@
* b) add a brand new MAC hook that will be called at the precise point
* in do_execve() where only the interpreter or the regular executable
* will be checked for the schg flag. [don't seem the other devs will go
- * for us modying MAC framework though]
+ * for us modifying MAC framework though]
*
* c) duplicate code from do_execve() and perform the check ourselves. It
* could be done I guess but I'm not sure since image activators seem to have
More information about the svn-soc-all
mailing list