socsvn commit: r255039 - soc2013/def/crashdump-head/sbin/savecore
def at FreeBSD.org
def at FreeBSD.org
Mon Jul 22 16:33:44 UTC 2013
Author: def
Date: Mon Jul 22 16:33:43 2013
New Revision: 255039
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=255039
Log:
Decrypt a crash dump with savecore using xts.h.
Modified:
soc2013/def/crashdump-head/sbin/savecore/Makefile
soc2013/def/crashdump-head/sbin/savecore/savecore.c
Modified: soc2013/def/crashdump-head/sbin/savecore/Makefile
==============================================================================
--- soc2013/def/crashdump-head/sbin/savecore/Makefile Mon Jul 22 15:02:55 2013 (r255038)
+++ soc2013/def/crashdump-head/sbin/savecore/Makefile Mon Jul 22 16:33:43 2013 (r255039)
@@ -1,8 +1,17 @@
# $FreeBSD$
+SYS= ${.CURDIR}/../../sys
+.PATH: ${SYS}/crypto/camellia ${SYS}/crypto/rijndael ${SYS}/crypto
+
PROG= savecore
+SRCS= ${PROG}.c
+SRCS+= rijndael-api.c rijndael-api-fst.c rijndael-alg-fst.c
+SRCS+= camellia.c
+SRCS+= xts.c
DPADD= ${LIBZ}
LDADD= -lz
+CFLAGS+=-I${SYS}
+WARNS?= 2
MAN= savecore.8
.include <bsd.prog.mk>
Modified: soc2013/def/crashdump-head/sbin/savecore/savecore.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/savecore/savecore.c Mon Jul 22 15:02:55 2013 (r255038)
+++ soc2013/def/crashdump-head/sbin/savecore/savecore.c Mon Jul 22 16:33:43 2013 (r255039)
@@ -68,6 +68,7 @@
#include <sys/kerneldump.h>
#include <sys/mount.h>
#include <sys/stat.h>
+#include <crypto/xts.h>
#include <errno.h>
#include <fcntl.h>
#include <fstab.h>
@@ -291,16 +292,22 @@
static int
DoRegularFile(int fd, off_t dumpsize, char *buf, const char *device,
- const char *filename, FILE *fp)
+ const char *filename, FILE *fp, FILE *fp_enc, struct kerneldumpheader *kdh,
+ off_t offset)
{
int he, hs, nr, nw, wl;
off_t dmpcnt, origsize;
+ rijndael_ctx tweak_ctx, data_ctx;
+
+ rijndael_set_key(&tweak_ctx, kdh->key, kdh->keysize << 3);
+ rijndael_set_key(&data_ctx, kdh->key, kdh->keysize << 3);
dmpcnt = 0;
origsize = dumpsize;
he = 0;
while (dumpsize > 0) {
- wl = BUFFERSIZE;
+ // wl = BUFFERSIZE;
+ wl = 512;
if (wl > dumpsize)
wl = dumpsize;
nr = read(fd, buf, wl);
@@ -345,10 +352,18 @@
* If hs > nw, buf[nw..hs] contains non-zero data.
* If he > hs, buf[hs..he] is all zeroes.
*/
- if (hs > nw)
+ if (hs > nw) {
+ if (fwrite(buf + nw, hs - nw, 1, fp_enc)
+ != 1)
+ break;
+ xts_block_decrypt(&xts_alg_aes, (struct xts_ctx *)&tweak_ctx, (struct xts_ctx *)&data_ctx,
+ offset, kdh->tweak, hs - nw,
+ buf + nw, buf + nw);
+ offset += hs - nw;
if (fwrite(buf + nw, hs - nw, 1, fp)
!= 1)
break;
+ }
if (he > hs)
if (fseeko(fp, he - hs, SEEK_CUR) == -1)
break;
@@ -432,11 +447,12 @@
static void
DoFile(const char *savedir, const char *device)
{
- static char infoname[PATH_MAX], corename[PATH_MAX], linkname[PATH_MAX];
+ static char infoname[PATH_MAX], corename[PATH_MAX],
+ corename_enc[PATH_MAX], linkname[PATH_MAX];
static char *buf = NULL;
struct kerneldumpheader kdhf, kdhl;
off_t mediasize, dumpsize, firsthd, lasthd;
- FILE *info, *fp;
+ FILE *info, *fp, *fp_enc;
mode_t oumask;
int fd, fdinfo, error;
int bounds, status;
@@ -632,9 +648,12 @@
} else {
snprintf(corename, sizeof(corename), "%s.%d",
istextdump ? "textdump.tar" : "vmcore", bounds);
+ snprintf(corename_enc, sizeof(corename_enc), "%s_encrypted.%d",
+ istextdump ? "textdump.tar" : "vmcore", bounds);
fp = fopen(corename, "w");
+ fp_enc = fopen(corename_enc, "w");
}
- if (fp == NULL) {
+ if (fp == NULL || fp_enc == NULL) {
syslog(LOG_ERR, "%s: %m", corename);
close(fdinfo);
nerr++;
@@ -664,7 +683,8 @@
corename, fp) < 0)
goto closeall;
} else {
- if (DoRegularFile(fd, dumpsize, buf, device, corename, fp)
+ if (DoRegularFile(fd, dumpsize, buf, device, corename,
+ fp, fp_enc, &kdhl, firsthd + sizeof(kdhf))
< 0)
goto closeall;
}
@@ -677,6 +697,12 @@
goto closeall;
}
+ if (fp_enc != NULL && fclose(fp_enc) < 0) {
+ syslog(LOG_ERR, "error on %s: %m", corename_enc);
+ nerr++;
+ goto closeall;
+ }
+
symlinks_remove();
if (symlink(infoname, "info.last") == -1) {
syslog(LOG_WARNING, "unable to create symlink %s/%s: %m",
@@ -715,6 +741,7 @@
closeall:
fclose(fp);
+ fclose(fp_enc);
closefd:
close(fd);
More information about the svn-soc-all
mailing list