socsvn commit: r289866 - soc2013/def/crashdump-head/sbin/cryptcore
def at FreeBSD.org
def at FreeBSD.org
Tue Aug 18 10:05:34 UTC 2015
Author: def
Date: Tue Aug 18 10:05:32 2015
New Revision: 289866
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=289866
Log:
Create a separate process to decrypt a crash dump.
Modified:
soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c
Modified: soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Tue Aug 18 09:09:39 2015 (r289865)
+++ soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Tue Aug 18 10:05:32 2015 (r289866)
@@ -1,6 +1,8 @@
#include <sys/types.h>
+#include <sys/event.h>
#include <sys/kerneldump.h>
#include <sys/sysctl.h>
+#include <sys/time.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
@@ -27,6 +29,35 @@
" cryptcore decrypt [-Fv] -p privatekey -k encryptedkey -i encryptedcore -o decryptedcore");
}
+static int
+wait_for_process(pid_t pid)
+{
+ struct kevent event;
+ int kq, nevents;
+
+ kq = kqueue();
+ if (kq == -1)
+ pjdlog_exit(1, "Unable to create a kqueue");
+
+ EV_SET(&event, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL);
+ if (kevent(kq, &event, 1, NULL, 0, NULL) < 0)
+ pjdlog_exit(1, "Unable to register an event");
+
+ for (;;) {
+ nevents = kevent(kq, NULL, 0, &event, 1, NULL);
+ if (nevents < 0)
+ pjdlog_exit(1, "Unable to receive an event");
+
+ if (nevents > 0) {
+ PJDLOG_ASSERT(event.filter == EVFILT_PROC);
+ PJDLOG_ASSERT(event.ident == (uintptr_t)pid);
+ return ((int)event.data);
+ }
+ }
+
+ PJDLOG_ABORT("Parent process didn't handle the exit status of its child.");
+}
+
static void
cryptcore_genkey(const char *pubkeyfile)
{
@@ -85,7 +116,7 @@
exit(1);
}
-static void
+static bool
cryptcore_decrypt(const char *privkeyfile, const char *keyfile,
const char *input, const char *output)
{
@@ -97,12 +128,22 @@
int err, fd, ofd, olen, privkeysize;
ssize_t bytes, size;
size_t bufused;
+ pid_t pid;
PJDLOG_ASSERT(privkeyfile != NULL);
PJDLOG_ASSERT(keyfile != NULL);
PJDLOG_ASSERT(input != NULL);
PJDLOG_ASSERT(output != NULL);
+ pid = fork();
+ if (pid == -1) {
+ pjdlog_exit(1, "Unable to create child process");
+ return (false);
+ }
+
+ if (pid > 0)
+ return (wait_for_process(pid) == 0);
+
ofd = -1;
fd = -1;
@@ -205,7 +246,7 @@
close(ofd);
close(fd);
- return;
+ exit(0);
failed:
if (ofd >= 0)
close(ofd);
@@ -300,7 +341,10 @@
cryptcore_genkey(rsakeyfile);
break;
case CRYPTCORE_CMD_DECRYPT:
- cryptcore_decrypt(rsakeyfile, keyfile, input, output);
+ if (!cryptcore_decrypt(rsakeyfile, keyfile, input, output)) {
+ if (unlink(output) != 0)
+ pjdlog_exit(1, "Unable to remove output");
+ }
break;
}
More information about the svn-soc-all
mailing list