socsvn commit: r257634 - in soc2013/def/crashdump-head: etc/rc.d sbin/savecore

def at FreeBSD.org def at FreeBSD.org
Mon Sep 23 04:20:38 UTC 2013 

Author: def
Date: Mon Sep 23 04:20:37 2013
New Revision: 257634
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=257634

Log:
  Don't decrypt a crash dump in savecore any more.

Added:
  soc2013/def/crashdump-head/sbin/savecore/dumpfile.c
  soc2013/def/crashdump-head/sbin/savecore/dumpfile.h
Deleted:
  soc2013/def/crashdump-head/sbin/savecore/decryptfile.c
  soc2013/def/crashdump-head/sbin/savecore/decryptfile.h
Modified:
  soc2013/def/crashdump-head/etc/rc.d/savecore
  soc2013/def/crashdump-head/sbin/savecore/Makefile
  soc2013/def/crashdump-head/sbin/savecore/savecore.c

Modified: soc2013/def/crashdump-head/etc/rc.d/savecore
==============================================================================
--- soc2013/def/crashdump-head/etc/rc.d/savecore	Mon Sep 23 03:13:32 2013	(r257633)
+++ soc2013/def/crashdump-head/etc/rc.d/savecore	Mon Sep 23 04:20:37 2013	(r257634)
@@ -13,7 +13,6 @@
 start_cmd="savecore_start"
 start_precmd="savecore_prestart"
 stop_cmd=":"
-savecore_flags="${savecore_flags} -p ${dumpkey_priv}"
 
 savecore_prestart()
 {

Modified: soc2013/def/crashdump-head/sbin/savecore/Makefile
==============================================================================
--- soc2013/def/crashdump-head/sbin/savecore/Makefile	Mon Sep 23 03:13:32 2013	(r257633)
+++ soc2013/def/crashdump-head/sbin/savecore/Makefile	Mon Sep 23 04:20:37 2013	(r257634)
@@ -1,17 +1,11 @@
 # $FreeBSD$
 
 SYS=	${.CURDIR}/../../sys
-.PATH:	${SYS}/crypto/camellia ${SYS}/crypto/rijndael
-.PATH:	${SYS}/crypto/hmac ${SYS}/crypto/sha2 ${SYS}/crypto
 
 PROG=	savecore
-SRCS=	${PROG}.c decryptfile.c
-SRCS+=	rijndael-api.c rijndael-api-fst.c rijndael-alg-fst.c
-SRCS+=	camellia.c
-SRCS+=	hmac.c sha2.c
-SRCS+=	xts.c
-DPADD=	${LIBZ} ${LIBCRYPTO}
-LDADD=	-lz -lcrypto
+SRCS=	${PROG}.c dumpfile.c
+DPADD=	${LIBZ}
+LDADD=	-lz
 CFLAGS+=-I${SYS}
 WARNS?=	2
 MAN=	savecore.8

Added: soc2013/def/crashdump-head/sbin/savecore/dumpfile.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2013/def/crashdump-head/sbin/savecore/dumpfile.c	Mon Sep 23 04:20:37 2013	(r257634)
@@ -0,0 +1,111 @@
+#include <sys/param.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "dumpfile.h"
+
+int
+save_key_for(dumpFile *fd, const char *keyname)
+{
+	FILE *fp;
+
+	fp = fopen(keyname, "w");
+
+	if (fp == NULL)
+		return (-1);
+
+	if (fwrite(fd->encrypted_key, 1, KERNELDUMP_ENCRYPTED_KEY_SIZE, fp)
+		!= KERNELDUMP_ENCRYPTED_KEY_SIZE) {
+		fclose(fp);
+
+		return (-1);
+	}
+
+	fclose(fp);
+
+	return (0);
+}
+
+FILE *
+dopen(const char *fname, const char *mode, const char *keyname,
+	const struct kerneldumpheader *h)
+{
+	dumpFile *fd;
+	FILE *fp;
+
+	/* Currently other modes are not implemented. */
+	if (*mode != 'w')
+		return (NULL);
+
+	fp = fopen(fname, mode);
+
+	if (fp == NULL)
+		return (NULL);
+
+	fd = (dumpFile *)malloc(sizeof(dumpFile));
+	fd->fp = fp;
+
+	fd->keysize = h->keysize;
+	memcpy(fd->encrypted_key, h->encrypted_key, KERNELDUMP_ENCRYPTED_KEY_SIZE);
+
+	save_key_for(fd, keyname);
+
+	fd->buf_used = 0;
+
+	return (funopen(fd, NULL, dwrite, NULL, dclose));
+}
+
+int
+dwrite(void *cookie, const char *data, int size)
+{
+	dumpFile *fd = (dumpFile *)cookie;
+	int resid, saved;
+
+	saved = 0;
+
+	while (size + fd->buf_used >= PEFS_SECTOR_SIZE) {
+		resid = PEFS_SECTOR_SIZE - fd->buf_used;
+		memcpy(fd->buf + fd->buf_used, data, resid);
+		fd->buf_used += resid;
+
+		if (fwrite(fd->buf, 1, PEFS_SECTOR_SIZE, fd->fp) != PEFS_SECTOR_SIZE)
+			return (0);
+
+		data += resid;
+		size -= resid;
+		fd->buf_used = 0;
+		saved += resid;
+	}
+
+	if (size > 0) {
+		memcpy(fd->buf + fd->buf_used, data, size);
+		fd->buf_used += size;
+		saved += size;
+	}
+
+	return (saved);
+}
+
+int
+dclose(void *cookie)
+{
+	dumpFile *fd = (dumpFile *)cookie;
+	int error;
+
+	if (fd->buf_used > 0) {
+		if (fwrite(fd->buf, 1, fd->buf_used, fd->fp) != 1)
+			return (0);
+
+		fd->buf_used = 0;
+	}
+
+	error = fclose(fd->fp);
+
+	if (error < 0)
+		return (error);
+
+	free(fd);
+
+	return (error);
+}
+

Added: soc2013/def/crashdump-head/sbin/savecore/dumpfile.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2013/def/crashdump-head/sbin/savecore/dumpfile.h	Mon Sep 23 04:20:37 2013	(r257634)
@@ -0,0 +1,22 @@
+#ifndef _DUMPFILE_H
+#define	_DUMPFILE_H
+
+#include <sys/kerneldump.h>
+
+typedef struct _dumpFile {
+	FILE		*fp;
+	int		keysize;
+	char		encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE];
+#define	PEFS_SECTOR_SIZE	4096
+	char		buf[PEFS_SECTOR_SIZE];
+	int		buf_used;
+} dumpFile;
+
+FILE *dopen(const char *fname, const char *mode, const char *keyname,
+	const struct kerneldumpheader *h);
+int dwrite(void *cookie, const char *data, int size);
+int dclose(void *cookie);
+int save_key_for(dumpFile *fd, const char *keyname);
+
+#endif /* _DUMPFILE_H */
+

Modified: soc2013/def/crashdump-head/sbin/savecore/savecore.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/savecore/savecore.c	Mon Sep 23 03:13:32 2013	(r257633)
+++ soc2013/def/crashdump-head/sbin/savecore/savecore.c	Mon Sep 23 04:20:37 2013	(r257634)
@@ -80,7 +80,7 @@
 #include <syslog.h>
 #include <time.h>
 #include <unistd.h>
-#include "decryptfile.h"
+#include "dumpfile.h"
 
 /* The size of the buffer used for I/O. */
 #define	BUFFERSIZE	(1024*1024)
@@ -89,10 +89,9 @@
 #define	STATUS_GOOD	1
 #define	STATUS_UNKNOWN	2
 
-static int checkfor, compress, clear, decrypt, force, keep, verbose;	/* flags */
+static int checkfor, compress, clear, force, isencrypted, keep, verbose;	/* flags */
 static int nfound, nsaved, nerr;			/* statistics */
 static int maxdumps;
-static char *private_key_file;
 
 extern FILE *zopen(const char *, const char *);
 
@@ -123,7 +122,6 @@
 	fprintf(f, "  Panic String: %s\n", h->panicstring);
 	fprintf(f, "  Dump Parity: %u\n", h->parity);
 	fprintf(f, "  Bounds: %d\n", bounds);
-	fprintf(f, "  Key length: %d bits\n", h->keysize << 3);
 
 	switch(status) {
 	case STATUS_BAD:
@@ -316,7 +314,7 @@
 		}
 		if (compress) {
 			nw = fwrite(buf, 1, wl, fp);
-		} else if (decrypt) {
+		} else if (isencrypted) {
 			nw = fwrite(buf, 1, wl, fp);
 		} else {
 			for (nw = 0; nw < nr; nw = he) {
@@ -633,11 +631,11 @@
 		snprintf(corename, sizeof(corename), "%s.%d.gz",
 		    istextdump ? "textdump.tar" : "vmcore", bounds);
 		fp = zopen(corename, "w");
-	} else if (decrypt) {
+	} else if (isencrypted) {
 		snprintf(corename, sizeof(corename), "%s.%d",
 		    istextdump ? "textdump.tar" : "vmcore", bounds);
 		snprintf(keyname, sizeof(keyname), "key.%d", bounds);
-		fp = dopen(corename, "w", keyname, private_key_file, &kdhl);
+		fp = dopen(corename, "w", keyname, &kdhl);
 	} else {
 		snprintf(corename, sizeof(corename), "%s.%d",
 		    istextdump ? "textdump.tar" : "vmcore", bounds);
@@ -666,7 +664,7 @@
 	fclose(info);
 
 	syslog(LOG_NOTICE, "writing %score to %s/%s",
-	    compress ? "compressed " : (decrypt ? "decrypted " : ""), savedir, corename);
+	    compress ? "compressed " : (isencrypted ? "encrypted " : ""), savedir, corename);
 
 	if (istextdump) {
 		if (DoTextdumpFile(fd, dumpsize, lasthd, buf, device,
@@ -694,9 +692,6 @@
 	if (compress) {
 		snprintf(linkname, sizeof(linkname), "%s.last.gz",
 		    istextdump ? "textdump.tar" : "vmcore");
-	} else if (decrypt) {
-		snprintf(linkname, sizeof(linkname), "%s.last",
-		    istextdump ? "textdump.tar" : "vmcore");
 	} else {
 		snprintf(linkname, sizeof(linkname), "%s.last",
 		    istextdump ? "textdump.tar" : "vmcore");
@@ -738,7 +733,7 @@
 	fprintf(stderr, "%s\n%s\n%s\n",
 	    "usage: savecore -c [-v] [device ...]",
 	    "       savecore -C [-v] [device ...]",
-	    "       savecore [-dfkvz] [-m maxdumps] [-p private_key] [directory [device ...]]");
+	    "       savecore [-efkvz] [-m maxdumps] [directory [device ...]]");
 	exit(1);
 }
 
@@ -749,14 +744,13 @@
 	struct fstab *fsp;
 	int i, ch, error;
 
-	checkfor = compress = clear = decrypt = force = keep = verbose = 0;
+	checkfor = compress = clear = force = isencrypted = keep = verbose = 0;
 	nfound = nsaved = nerr = 0;
-	private_key_file = NULL;
 
 	openlog("savecore", LOG_PERROR, LOG_DAEMON);
 	signal(SIGINFO, infohandler);
 
-	while ((ch = getopt(argc, argv, "Ccdfkm:p:vz")) != -1)
+	while ((ch = getopt(argc, argv, "Ccefkm:vz")) != -1)
 		switch(ch) {
 		case 'C':
 			checkfor = 1;
@@ -764,8 +758,8 @@
 		case 'c':
 			clear = 1;
 			break;
-		case 'd':
-			decrypt = 1;
+		case 'e':
+			isencrypted = 1;
 			break;
 		case 'f':
 			force = 1;
@@ -780,9 +774,6 @@
 				exit(1);
 			}
 			break;
-		case 'p':
-			private_key_file = optarg;
-			break;
 		case 'v':
 			verbose++;
 			break;
@@ -799,8 +790,6 @@
 		usage();
 	if (maxdumps > 0 && (checkfor || clear))
 		usage();
-	if (decrypt && private_key_file == NULL)
-		usage();
 	argc -= optind;
 	argv += optind;
 	if (argc >= 1 && !checkfor && !clear) {

More information about the svn-soc-all mailing list