2006-11-28 02:05:18 +03:00
|
|
|
/* $NetBSD: verified_exec.c,v 1.49 2006/11/27 23:05:18 elad Exp $ */
|
2002-10-29 15:31:20 +03:00
|
|
|
|
|
|
|
|
/*-
|
2006-07-15 20:48:51 +04:00
|
|
|
* Copyright 2005 Elad Efrat <elad@NetBSD.org>
|
2005-04-20 17:44:45 +04:00
|
|
|
* Copyright 2005 Brett Lymn <blymn@netbsd.org>
|
2002-10-29 15:31:20 +03:00
|
|
|
*
|
2005-04-20 17:44:45 +04:00
|
|
|
* This code is derived from software contributed to The NetBSD Foundation
|
|
|
|
|
* by Brett Lymn and Elad Efrat
|
2002-10-29 15:31:20 +03:00
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
|
* are met:
|
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
2005-04-20 17:44:45 +04:00
|
|
|
* 2. Neither the name of The NetBSD Foundation nor the names of its
|
|
|
|
|
* contributors may be used to endorse or promote products derived
|
|
|
|
|
* from this software without specific prior written permission.
|
2002-10-29 15:31:20 +03:00
|
|
|
*
|
2005-04-20 17:44:45 +04:00
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
|
|
|
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
|
|
|
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
|
|
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
|
|
|
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
|
|
|
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
|
|
|
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
|
|
|
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
|
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
|
|
|
* POSSIBILITY OF SUCH DAMAGE.
|
2002-10-29 15:31:20 +03:00
|
|
|
*/
|
|
|
|
|
|
2003-07-14 19:47:00 +04:00
|
|
|
#include <sys/cdefs.h>
|
2005-04-20 17:44:45 +04:00
|
|
|
#if defined(__NetBSD__)
|
2006-11-28 02:05:18 +03:00
|
|
|
__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.49 2006/11/27 23:05:18 elad Exp $");
|
2005-04-20 17:44:45 +04:00
|
|
|
#else
|
2006-11-28 02:05:18 +03:00
|
|
|
__RCSID("$Id: verified_exec.c,v 1.49 2006/11/27 23:05:18 elad Exp $\n$NetBSD: verified_exec.c,v 1.49 2006/11/27 23:05:18 elad Exp $");
|
2005-04-20 17:44:45 +04:00
|
|
|
#endif
|
2003-07-14 19:47:00 +04:00
|
|
|
|
2002-10-29 15:31:20 +03:00
|
|
|
#include <sys/param.h>
|
|
|
|
|
#include <sys/systm.h>
|
|
|
|
|
#include <sys/proc.h>
|
|
|
|
|
#include <sys/errno.h>
|
|
|
|
|
#include <sys/buf.h>
|
|
|
|
|
#include <sys/malloc.h>
|
2005-04-20 17:44:45 +04:00
|
|
|
|
|
|
|
|
#ifdef __FreeBSD__
|
|
|
|
|
#include <sys/kernel.h>
|
|
|
|
|
#include <sys/device_port.h>
|
|
|
|
|
#include <sys/ioccom.h>
|
|
|
|
|
#else
|
2002-10-29 15:31:20 +03:00
|
|
|
#include <sys/ioctl.h>
|
|
|
|
|
#include <sys/device.h>
|
2005-04-20 17:44:45 +04:00
|
|
|
#define DEVPORT_DEVICE struct device
|
|
|
|
|
#endif
|
|
|
|
|
|
2002-10-29 15:31:20 +03:00
|
|
|
#include <sys/conf.h>
|
|
|
|
|
#include <sys/lock.h>
|
|
|
|
|
#include <sys/queue.h>
|
|
|
|
|
#include <sys/vnode.h>
|
|
|
|
|
#include <sys/fcntl.h>
|
|
|
|
|
#include <sys/namei.h>
|
2005-05-23 02:34:01 +04:00
|
|
|
#include <sys/sysctl.h>
|
|
|
|
|
#define VERIEXEC_NEED_NODE
|
2005-04-20 17:44:45 +04:00
|
|
|
#include <sys/verified_exec.h>
|
2006-05-25 15:24:00 +04:00
|
|
|
#include <sys/kauth.h>
|
2002-10-29 15:31:20 +03:00
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
#include <sys/fileassoc.h>
|
2006-07-15 20:33:16 +04:00
|
|
|
#include <sys/syslog.h>
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
/* count of number of times device is open (we really only allow one open) */
|
2005-06-16 19:41:36 +04:00
|
|
|
static unsigned int veriexec_dev_usage;
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
static unsigned int veriexec_tablecount = 0;
|
2002-10-29 15:31:20 +03:00
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
struct veriexec_softc {
|
|
|
|
|
DEVPORT_DEVICE veriexec_dev;
|
2002-10-29 15:31:20 +03:00
|
|
|
};
|
|
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
#if defined(__FreeBSD__)
|
|
|
|
|
# define CDEV_MAJOR 216
|
|
|
|
|
# define BDEV_MAJOR -1
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
const struct cdevsw veriexec_cdevsw = {
|
|
|
|
|
veriexecopen,
|
|
|
|
|
veriexecclose,
|
|
|
|
|
noread,
|
|
|
|
|
nowrite,
|
|
|
|
|
veriexecioctl,
|
|
|
|
|
#ifdef __NetBSD__
|
|
|
|
|
nostop,
|
|
|
|
|
notty,
|
|
|
|
|
#endif
|
|
|
|
|
nopoll,
|
|
|
|
|
nommap,
|
|
|
|
|
#if defined(__NetBSD__)
|
|
|
|
|
nokqfilter,
|
2006-09-04 01:38:23 +04:00
|
|
|
D_OTHER,
|
2005-04-20 17:44:45 +04:00
|
|
|
#elif defined(__FreeBSD__)
|
|
|
|
|
nostrategy,
|
|
|
|
|
"veriexec",
|
|
|
|
|
CDEV_MAJOR,
|
|
|
|
|
nodump,
|
|
|
|
|
nopsize,
|
|
|
|
|
0, /* flags */
|
|
|
|
|
BDEV_MAJOR
|
|
|
|
|
#endif
|
|
|
|
|
};
|
2002-10-29 15:31:20 +03:00
|
|
|
|
|
|
|
|
/* Autoconfiguration glue */
|
2005-04-20 17:44:45 +04:00
|
|
|
void veriexecattach(DEVPORT_DEVICE *parent, DEVPORT_DEVICE *self,
|
|
|
|
|
void *aux);
|
2005-12-11 15:16:03 +03:00
|
|
|
int veriexecopen(dev_t dev, int flags, int fmt, struct lwp *l);
|
|
|
|
|
int veriexecclose(dev_t dev, int flags, int fmt, struct lwp *l);
|
2005-04-20 17:44:45 +04:00
|
|
|
int veriexecioctl(dev_t dev, u_long cmd, caddr_t data, int flags,
|
2005-12-11 15:16:03 +03:00
|
|
|
struct lwp *l);
|
2002-10-29 15:31:20 +03:00
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
void
|
2006-11-16 04:32:37 +03:00
|
|
|
veriexecattach(DEVPORT_DEVICE *parent, DEVPORT_DEVICE *self,
|
|
|
|
|
void *aux)
|
2002-10-29 15:31:20 +03:00
|
|
|
{
|
2005-04-20 17:44:45 +04:00
|
|
|
veriexec_dev_usage = 0;
|
2005-06-20 19:32:29 +04:00
|
|
|
|
|
|
|
|
if (veriexec_verbose >= 2)
|
2006-07-15 20:33:16 +04:00
|
|
|
log(LOG_DEBUG, "Veriexec: Pseudo-device attached.\n");
|
2002-10-29 15:31:20 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
2006-11-16 04:32:37 +03:00
|
|
|
veriexecopen(dev_t dev, int flags,
|
|
|
|
|
int fmt, struct lwp *l)
|
2002-10-29 15:31:20 +03:00
|
|
|
{
|
2005-06-20 19:06:18 +04:00
|
|
|
if (veriexec_verbose >= 2) {
|
2006-07-15 20:33:16 +04:00
|
|
|
log(LOG_DEBUG, "Veriexec: Pseudo-device open attempt by "
|
|
|
|
|
"uid=%u, pid=%u. (dev=%u)\n",
|
2006-07-21 20:48:45 +04:00
|
|
|
kauth_cred_geteuid(l->l_cred), l->l_proc->p_pid,
|
2006-07-15 20:33:16 +04:00
|
|
|
dev);
|
2005-06-20 19:06:18 +04:00
|
|
|
}
|
2002-10-29 15:31:20 +03:00
|
|
|
|
2006-07-21 20:48:45 +04:00
|
|
|
if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER,
|
|
|
|
|
&l->l_acflag) != 0)
|
2005-06-16 19:41:36 +04:00
|
|
|
return (EPERM);
|
|
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
if (veriexec_dev_usage > 0) {
|
2005-06-20 19:32:29 +04:00
|
|
|
if (veriexec_verbose >= 2)
|
2006-07-15 20:33:16 +04:00
|
|
|
log(LOG_ERR, "Veriexec: pseudo-device already in "
|
|
|
|
|
"use.\n");
|
2005-06-20 19:32:29 +04:00
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
return(EBUSY);
|
2002-10-29 15:31:20 +03:00
|
|
|
}
|
|
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
veriexec_dev_usage++;
|
|
|
|
|
return (0);
|
2002-10-29 15:31:20 +03:00
|
|
|
}
|
|
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
int
|
2006-11-16 04:32:37 +03:00
|
|
|
veriexecclose(dev_t dev, int flags, int fmt,
|
|
|
|
|
struct lwp *l)
|
2002-10-29 15:31:20 +03:00
|
|
|
{
|
2005-04-20 17:44:45 +04:00
|
|
|
if (veriexec_dev_usage > 0)
|
|
|
|
|
veriexec_dev_usage--;
|
|
|
|
|
return (0);
|
2002-10-29 15:31:20 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
2006-11-16 04:32:37 +03:00
|
|
|
veriexecioctl(dev_t dev, u_long cmd, caddr_t data, int flags,
|
2006-07-15 20:33:16 +04:00
|
|
|
struct lwp *l)
|
2002-10-29 15:31:20 +03:00
|
|
|
{
|
2005-04-20 17:44:45 +04:00
|
|
|
int error = 0;
|
2002-10-29 15:31:20 +03:00
|
|
|
|
2006-07-25 01:32:39 +04:00
|
|
|
if (veriexec_strict > VERIEXEC_LEARNING) {
|
2006-07-15 20:33:16 +04:00
|
|
|
log(LOG_WARNING, "Veriexec: Strict mode, modifying tables not "
|
|
|
|
|
"permitted.\n");
|
2005-02-27 03:26:58 +03:00
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
return (EPERM);
|
|
|
|
|
}
|
2006-05-25 15:24:00 +04:00
|
|
|
|
2002-10-29 15:31:20 +03:00
|
|
|
switch (cmd) {
|
2005-12-10 04:04:17 +03:00
|
|
|
case VERIEXEC_TABLESIZE:
|
|
|
|
|
error = veriexec_newtable((struct veriexec_sizing_params *)
|
2006-07-15 20:33:16 +04:00
|
|
|
data, l);
|
2005-04-20 17:44:45 +04:00
|
|
|
break;
|
|
|
|
|
|
2005-12-10 04:04:17 +03:00
|
|
|
case VERIEXEC_LOAD:
|
2005-12-12 19:26:33 +03:00
|
|
|
error = veriexec_load((struct veriexec_params *)data, l);
|
2002-10-29 15:31:20 +03:00
|
|
|
break;
|
|
|
|
|
|
2005-12-10 05:10:00 +03:00
|
|
|
case VERIEXEC_DELETE:
|
2006-07-15 20:33:16 +04:00
|
|
|
error = veriexec_delete((struct veriexec_delete_params *)data,
|
|
|
|
|
l);
|
2005-12-10 05:10:00 +03:00
|
|
|
break;
|
|
|
|
|
|
2005-12-13 00:47:58 +03:00
|
|
|
case VERIEXEC_QUERY:
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
error = veriexec_query((struct veriexec_query_params *)data, l);
|
2005-12-13 00:47:58 +03:00
|
|
|
break;
|
|
|
|
|
|
2002-10-29 15:31:20 +03:00
|
|
|
default:
|
2005-04-20 17:44:45 +04:00
|
|
|
/* Invalid operation. */
|
2002-10-29 15:31:20 +03:00
|
|
|
error = ENODEV;
|
2005-04-20 17:44:45 +04:00
|
|
|
break;
|
2002-10-29 15:31:20 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return (error);
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-20 17:44:45 +04:00
|
|
|
#if defined(__FreeBSD__)
|
|
|
|
|
static void
|
2006-11-16 04:32:37 +03:00
|
|
|
veriexec_drvinit(void *unused)
|
2005-04-20 17:44:45 +04:00
|
|
|
{
|
|
|
|
|
make_dev(&verifiedexec_cdevsw, 0, UID_ROOT, GID_WHEEL, 0600,
|
2006-07-15 20:33:16 +04:00
|
|
|
"veriexec");
|
2005-04-20 17:44:45 +04:00
|
|
|
verifiedexecattach(0, 0, 0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SYSINIT(veriexec, SI_SUB_PSEUDO, SI_ORDER_ANY, veriexec_drvinit, NULL);
|
|
|
|
|
#endif
|
2005-12-10 04:04:17 +03:00
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
/*
|
|
|
|
|
* Create a new Veriexec table.
|
|
|
|
|
*/
|
2005-12-10 04:04:17 +03:00
|
|
|
int
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
veriexec_newtable(struct veriexec_sizing_params *params, struct lwp *l)
|
2005-12-10 04:04:17 +03:00
|
|
|
{
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
struct veriexec_table_entry *vte;
|
|
|
|
|
struct nameidata nid;
|
|
|
|
|
u_char buf[16];
|
|
|
|
|
int error;
|
2005-12-10 04:04:17 +03:00
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
NDINIT(&nid, LOOKUP, FOLLOW, UIO_SYSSPACE, params->file, l);
|
|
|
|
|
error = namei(&nid);
|
|
|
|
|
if (error)
|
|
|
|
|
return (error);
|
2005-12-10 04:04:17 +03:00
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
error = fileassoc_table_add(nid.ni_vp->v_mount, params->hash_size);
|
|
|
|
|
if (error && (error != EEXIST))
|
|
|
|
|
goto out;
|
2005-12-10 04:04:17 +03:00
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
vte = malloc(sizeof(*vte), M_TEMP, M_WAITOK | M_ZERO);
|
|
|
|
|
error = fileassoc_tabledata_add(nid.ni_vp->v_mount, veriexec_hook, vte);
|
|
|
|
|
#ifdef DIAGNOSTIC
|
|
|
|
|
if (error)
|
|
|
|
|
panic("Fileassoc: Inconsistency after adding table");
|
|
|
|
|
#endif /* DIAGNOSTIC */
|
|
|
|
|
|
2006-09-05 17:02:16 +04:00
|
|
|
snprintf(buf, sizeof(buf), "table%u", veriexec_tablecount++);
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
sysctl_createv(NULL, 0, &veriexec_count_node, &vte->vte_node,
|
2006-09-05 17:02:16 +04:00
|
|
|
0, CTLTYPE_NODE, buf, NULL, NULL, 0, NULL,
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
0, CTL_CREATE, CTL_EOL);
|
|
|
|
|
|
|
|
|
|
sysctl_createv(NULL, 0, &vte->vte_node, NULL,
|
|
|
|
|
CTLFLAG_READONLY, CTLTYPE_STRING, "mntpt",
|
2006-07-15 20:33:16 +04:00
|
|
|
NULL, NULL, 0, nid.ni_vp->v_mount->mnt_stat.f_mntonname,
|
|
|
|
|
0, CTL_CREATE, CTL_EOL);
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
sysctl_createv(NULL, 0, &vte->vte_node, NULL,
|
|
|
|
|
CTLFLAG_READONLY, CTLTYPE_STRING, "fstype",
|
2006-07-15 20:33:16 +04:00
|
|
|
NULL, NULL, 0, nid.ni_vp->v_mount->mnt_stat.f_fstypename,
|
|
|
|
|
0, CTL_CREATE, CTL_EOL);
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
sysctl_createv(NULL, 0, &vte->vte_node, NULL,
|
|
|
|
|
CTLFLAG_READONLY, CTLTYPE_QUAD, "nentries",
|
|
|
|
|
NULL, NULL, 0, &vte->vte_count, 0, CTL_CREATE, CTL_EOL);
|
|
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
vrele(nid.ni_vp);
|
|
|
|
|
return (error);
|
2005-12-10 04:04:17 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
2005-12-12 19:26:33 +03:00
|
|
|
veriexec_load(struct veriexec_params *params, struct lwp *l)
|
2005-12-10 04:04:17 +03:00
|
|
|
{
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
struct veriexec_file_entry *hh, *e;
|
2005-12-10 04:04:17 +03:00
|
|
|
struct nameidata nid;
|
|
|
|
|
int error;
|
|
|
|
|
|
2005-12-12 19:26:33 +03:00
|
|
|
NDINIT(&nid, LOOKUP, FOLLOW, UIO_SYSSPACE, params->file, l);
|
2005-12-10 04:04:17 +03:00
|
|
|
error = namei(&nid);
|
|
|
|
|
if (error)
|
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
|
|
/* Add only regular files. */
|
|
|
|
|
if (nid.ni_vp->v_type != VREG) {
|
2006-07-15 20:33:16 +04:00
|
|
|
log(LOG_ERR, "Veriexec: Not adding `%s': Not a regular file.\n",
|
|
|
|
|
params->file);
|
|
|
|
|
error = EINVAL;
|
|
|
|
|
goto out;
|
2006-05-06 17:25:36 +04:00
|
|
|
}
|
2005-12-10 04:04:17 +03:00
|
|
|
|
2006-10-30 15:37:08 +03:00
|
|
|
e = malloc(sizeof(*e), M_TEMP, M_WAITOK);
|
|
|
|
|
|
|
|
|
|
if ((e->ops = veriexec_find_ops(params->fp_type)) == NULL) {
|
|
|
|
|
free(e, M_TEMP);
|
|
|
|
|
log(LOG_ERR, "Veriexec: Invalid or unknown fingerprint type "
|
|
|
|
|
"`%s' for file `%s'.\n", params->fp_type, params->file);
|
|
|
|
|
error = EINVAL;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
e->fp = malloc(e->ops->hash_len, M_TEMP, M_WAITOK|M_ZERO);
|
|
|
|
|
error = copyin(params->fingerprint, e->fp, e->ops->hash_len);
|
|
|
|
|
if (error) {
|
|
|
|
|
free(e->fp, M_TEMP);
|
|
|
|
|
free(e, M_TEMP);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
hh = veriexec_lookup(nid.ni_vp);
|
2005-12-10 04:04:17 +03:00
|
|
|
if (hh != NULL) {
|
2006-10-30 03:30:20 +03:00
|
|
|
boolean_t fp_mismatch;
|
|
|
|
|
|
2006-10-30 15:37:08 +03:00
|
|
|
if (strcmp(e->ops->type, params->fp_type) ||
|
|
|
|
|
memcmp(hh->fp, e->fp, hh->ops->hash_len))
|
2006-10-30 03:30:20 +03:00
|
|
|
fp_mismatch = TRUE;
|
|
|
|
|
else
|
|
|
|
|
fp_mismatch = FALSE;
|
|
|
|
|
|
|
|
|
|
if ((veriexec_verbose >= 1) || fp_mismatch)
|
|
|
|
|
log(LOG_NOTICE, "Veriexec: Duplicate entry for `%s' "
|
|
|
|
|
"ignored. (%s fingerprint)\n", params->file,
|
|
|
|
|
fp_mismatch ? "different" : "same");
|
|
|
|
|
|
2006-10-30 15:37:08 +03:00
|
|
|
free(e->fp, M_TEMP);
|
|
|
|
|
free(e, M_TEMP);
|
|
|
|
|
|
2006-10-30 03:30:20 +03:00
|
|
|
error = 0;
|
|
|
|
|
goto out;
|
2005-12-10 04:04:17 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
e->type = params->type;
|
|
|
|
|
e->status = FINGERPRINT_NOTEVAL;
|
|
|
|
|
e->page_fp = NULL;
|
|
|
|
|
e->page_fp_status = PAGE_FP_NONE;
|
|
|
|
|
e->npages = 0;
|
|
|
|
|
e->last_page_size = 0;
|
2006-10-30 15:37:08 +03:00
|
|
|
|
|
|
|
|
error = veriexec_hashadd(nid.ni_vp, e);
|
|
|
|
|
if (error) {
|
|
|
|
|
free(e->fp, M_TEMP);
|
2005-12-10 04:04:17 +03:00
|
|
|
free(e, M_TEMP);
|
2006-07-15 20:33:16 +04:00
|
|
|
goto out;
|
2005-12-10 04:04:17 +03:00
|
|
|
}
|
|
|
|
|
|
2006-07-25 01:15:05 +04:00
|
|
|
veriexec_report("New entry.", params->file, NULL, REPORT_DEBUG);
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
|
2006-07-15 20:33:16 +04:00
|
|
|
out:
|
|
|
|
|
vrele(nid.ni_vp);
|
2005-12-10 04:04:17 +03:00
|
|
|
return (error);
|
|
|
|
|
}
|
2005-12-10 05:10:00 +03:00
|
|
|
|
|
|
|
|
int
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
veriexec_delete(struct veriexec_delete_params *params, struct lwp *l)
|
2005-12-10 05:10:00 +03:00
|
|
|
{
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
struct veriexec_table_entry *vte;
|
|
|
|
|
struct nameidata nid;
|
|
|
|
|
int error;
|
|
|
|
|
|
|
|
|
|
NDINIT(&nid, LOOKUP, FOLLOW, UIO_SYSSPACE, params->file, l);
|
|
|
|
|
error = namei(&nid);
|
|
|
|
|
if (error)
|
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
|
|
vte = veriexec_tblfind(nid.ni_vp);
|
|
|
|
|
if (vte == NULL) {
|
|
|
|
|
error = ENOENT;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2005-12-10 05:10:00 +03:00
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
/* XXX this should either receive the filename to remove OR a mount point! */
|
2005-12-10 05:10:00 +03:00
|
|
|
/* Delete an entire table */
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
if (nid.ni_vp->v_type == VDIR) {
|
|
|
|
|
sysctl_free(__UNCONST(vte->vte_node));
|
|
|
|
|
|
|
|
|
|
veriexec_tablecount--;
|
|
|
|
|
|
|
|
|
|
error = fileassoc_table_clear(nid.ni_vp->v_mount, veriexec_hook);
|
|
|
|
|
if (error)
|
|
|
|
|
goto out;
|
|
|
|
|
} else if (nid.ni_vp->v_type == VREG) {
|
|
|
|
|
error = fileassoc_clear(nid.ni_vp, veriexec_hook);
|
|
|
|
|
if (error)
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
vte->vte_count--;
|
2005-12-10 05:10:00 +03:00
|
|
|
}
|
|
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
out:
|
|
|
|
|
vrele(nid.ni_vp);
|
|
|
|
|
|
|
|
|
|
return (error);
|
2005-12-10 05:10:00 +03:00
|
|
|
}
|
2005-12-13 00:47:58 +03:00
|
|
|
|
|
|
|
|
int
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
veriexec_query(struct veriexec_query_params *params, struct lwp *l)
|
2005-12-13 00:47:58 +03:00
|
|
|
{
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
struct veriexec_file_entry *vfe;
|
|
|
|
|
struct nameidata nid;
|
2005-12-13 00:47:58 +03:00
|
|
|
int error;
|
|
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
NDINIT(&nid, LOOKUP, FOLLOW, UIO_SYSSPACE, params->file, l);
|
|
|
|
|
error = namei(&nid);
|
|
|
|
|
if (error)
|
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
|
|
vfe = veriexec_lookup(nid.ni_vp);
|
|
|
|
|
if (vfe == NULL) {
|
|
|
|
|
error = ENOENT;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2005-12-13 00:47:58 +03:00
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
params->type = vfe->type;
|
|
|
|
|
params->status = vfe->status;
|
|
|
|
|
params->hash_len = vfe->ops->hash_len;
|
|
|
|
|
strlcpy(params->fp_type, vfe->ops->type, sizeof(params->fp_type));
|
2005-12-13 00:47:58 +03:00
|
|
|
error = copyout(params, params->uaddr, sizeof(*params));
|
|
|
|
|
if (error)
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
goto out;
|
|
|
|
|
if (params->fp_bufsize >= vfe->ops->hash_len) {
|
|
|
|
|
error = copyout(vfe->fp, params->fp, vfe->ops->hash_len);
|
2005-12-13 00:47:58 +03:00
|
|
|
if (error)
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
goto out;
|
2005-12-13 00:47:58 +03:00
|
|
|
} else
|
|
|
|
|
error = ENOMEM;
|
|
|
|
|
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
out:
|
|
|
|
|
vrele(nid.ni_vp);
|
|
|
|
|
|
2005-12-13 00:47:58 +03:00
|
|
|
return (error);
|
|
|
|
|
}
|