socsvn commit: r255039 - soc2013/def/crashdump-head/sbin/savecore

def at FreeBSD.org def at FreeBSD.org
Mon Jul 22 16:33:44 UTC 2013 

Author: def
Date: Mon Jul 22 16:33:43 2013
New Revision: 255039
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=255039

Log:
  Decrypt a crash dump with savecore using xts.h.

Modified:
  soc2013/def/crashdump-head/sbin/savecore/Makefile
  soc2013/def/crashdump-head/sbin/savecore/savecore.c

Modified: soc2013/def/crashdump-head/sbin/savecore/Makefile
==============================================================================
--- soc2013/def/crashdump-head/sbin/savecore/Makefile	Mon Jul 22 15:02:55 2013	(r255038)
+++ soc2013/def/crashdump-head/sbin/savecore/Makefile	Mon Jul 22 16:33:43 2013	(r255039)
@@ -1,8 +1,17 @@
 # $FreeBSD$
 
+SYS=	${.CURDIR}/../../sys
+.PATH:	${SYS}/crypto/camellia ${SYS}/crypto/rijndael ${SYS}/crypto
+
 PROG=	savecore
+SRCS=	${PROG}.c
+SRCS+=	rijndael-api.c rijndael-api-fst.c rijndael-alg-fst.c
+SRCS+=	camellia.c
+SRCS+=	xts.c
 DPADD=	${LIBZ}
 LDADD=	-lz
+CFLAGS+=-I${SYS}
+WARNS?=	2
 MAN=	savecore.8
 
 .include <bsd.prog.mk>

Modified: soc2013/def/crashdump-head/sbin/savecore/savecore.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/savecore/savecore.c	Mon Jul 22 15:02:55 2013	(r255038)
+++ soc2013/def/crashdump-head/sbin/savecore/savecore.c	Mon Jul 22 16:33:43 2013	(r255039)
@@ -68,6 +68,7 @@
 #include <sys/kerneldump.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
+#include <crypto/xts.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <fstab.h>
@@ -291,16 +292,22 @@
 
 static int
 DoRegularFile(int fd, off_t dumpsize, char *buf, const char *device,
-    const char *filename, FILE *fp)
+    const char *filename, FILE *fp, FILE *fp_enc, struct kerneldumpheader *kdh,
+    off_t offset)
 {
 	int he, hs, nr, nw, wl;
 	off_t dmpcnt, origsize;
+	rijndael_ctx tweak_ctx, data_ctx;
+
+	rijndael_set_key(&tweak_ctx, kdh->key, kdh->keysize << 3);
+	rijndael_set_key(&data_ctx, kdh->key, kdh->keysize << 3);
 
 	dmpcnt = 0;
 	origsize = dumpsize;
 	he = 0;
 	while (dumpsize > 0) {
-		wl = BUFFERSIZE;
+		// wl = BUFFERSIZE;
+		wl = 512;
 		if (wl > dumpsize)
 			wl = dumpsize;
 		nr = read(fd, buf, wl);
@@ -345,10 +352,18 @@
 				 * If hs > nw, buf[nw..hs] contains non-zero data.
 				 * If he > hs, buf[hs..he] is all zeroes.
 				 */
-				if (hs > nw)
+				if (hs > nw) {
+					if (fwrite(buf + nw, hs - nw, 1, fp_enc)
+					    != 1)
+					break;
+					xts_block_decrypt(&xts_alg_aes, (struct xts_ctx *)&tweak_ctx, (struct xts_ctx *)&data_ctx,
+							offset, kdh->tweak, hs - nw,
+							buf + nw, buf + nw);
+					offset += hs - nw;
 					if (fwrite(buf + nw, hs - nw, 1, fp)
 					    != 1)
 					break;
+				}
 				if (he > hs)
 					if (fseeko(fp, he - hs, SEEK_CUR) == -1)
 						break;
@@ -432,11 +447,12 @@
 static void
 DoFile(const char *savedir, const char *device)
 {
-	static char infoname[PATH_MAX], corename[PATH_MAX], linkname[PATH_MAX];
+	static char infoname[PATH_MAX], corename[PATH_MAX],
+			corename_enc[PATH_MAX], linkname[PATH_MAX];
 	static char *buf = NULL;
 	struct kerneldumpheader kdhf, kdhl;
 	off_t mediasize, dumpsize, firsthd, lasthd;
-	FILE *info, *fp;
+	FILE *info, *fp, *fp_enc;
 	mode_t oumask;
 	int fd, fdinfo, error;
 	int bounds, status;
@@ -632,9 +648,12 @@
 	} else {
 		snprintf(corename, sizeof(corename), "%s.%d",
 		    istextdump ? "textdump.tar" : "vmcore", bounds);
+		snprintf(corename_enc, sizeof(corename_enc), "%s_encrypted.%d",
+		    istextdump ? "textdump.tar" : "vmcore", bounds);
 		fp = fopen(corename, "w");
+		fp_enc = fopen(corename_enc, "w");
 	}
-	if (fp == NULL) {
+	if (fp == NULL || fp_enc == NULL) {
 		syslog(LOG_ERR, "%s: %m", corename);
 		close(fdinfo);
 		nerr++;
@@ -664,7 +683,8 @@
 		    corename, fp) < 0)
 			goto closeall;
 	} else {
-		if (DoRegularFile(fd, dumpsize, buf, device, corename, fp)
+		if (DoRegularFile(fd, dumpsize, buf, device, corename,
+		    fp, fp_enc, &kdhl, firsthd + sizeof(kdhf))
 		    < 0)
 			goto closeall;
 	}
@@ -677,6 +697,12 @@
 		goto closeall;
 	}
 
+	if (fp_enc != NULL && fclose(fp_enc) < 0) {
+		syslog(LOG_ERR, "error on %s: %m", corename_enc);
+		nerr++;
+		goto closeall;
+	}
+
 	symlinks_remove();
 	if (symlink(infoname, "info.last") == -1) {
 		syslog(LOG_WARNING, "unable to create symlink %s/%s: %m",
@@ -715,6 +741,7 @@
 
 closeall:
 	fclose(fp);
+	fclose(fp_enc);
 
 closefd:
 	close(fd);

More information about the svn-soc-all mailing list