2006-07-15 03:00:09 +04:00
|
|
|
/* $NetBSD: veriexecctl.h,v 1.7 2006/07/14 23:00:09 elad Exp $ */
|
2005-04-21 04:27:35 +04:00
|
|
|
|
|
|
|
|
/*-
|
|
|
|
|
* Copyright 2005 Elad Efrat <elad@bsd.org.il>
|
|
|
|
|
* Copyright 2005 Brett Lymn <blymn@netbsd.org>
|
|
|
|
|
*
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* This code has been donated to The NetBSD Foundation by the Author.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
|
* are met:
|
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
|
* 2. The name of the author may not be used to endorse or promote products
|
|
|
|
|
* derived from this software withough specific prior written permission
|
|
|
|
|
*
|
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
|
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
|
|
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
|
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
|
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
|
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
|
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
2005-04-21 16:45:12 +04:00
|
|
|
#ifndef _VERIEXECCTL_H_
|
|
|
|
|
#define _VERIEXECCTL_H_
|
2005-04-21 04:27:35 +04:00
|
|
|
|
2005-12-13 00:47:58 +03:00
|
|
|
#define STATUS_STRING(status) ((status) == FINGERPRINT_NOTEVAL ? \
|
|
|
|
|
"not evaluated" : \
|
|
|
|
|
(status) == FINGERPRINT_VALID ? \
|
|
|
|
|
"valid" : \
|
|
|
|
|
(status) == FINGERPRINT_NOMATCH ? \
|
|
|
|
|
"mismatch" : \
|
|
|
|
|
"<unknown>")
|
|
|
|
|
|
2005-05-21 00:06:34 +04:00
|
|
|
CIRCLEQ_HEAD(veriexec_ups, veriexec_up) params_list;
|
|
|
|
|
struct veriexec_up {
|
2005-04-21 04:27:35 +04:00
|
|
|
struct veriexec_sizing_params vu_param;
|
2005-05-21 00:06:34 +04:00
|
|
|
CIRCLEQ_ENTRY(veriexec_up) vu_list;
|
2005-04-21 04:27:35 +04:00
|
|
|
};
|
|
|
|
|
|
2005-05-21 00:06:34 +04:00
|
|
|
extern int gfd, verbose, phase;
|
2005-04-21 16:45:12 +04:00
|
|
|
extern size_t line;
|
2005-04-21 04:27:35 +04:00
|
|
|
extern char *infile;
|
|
|
|
|
extern FILE *yyin;
|
|
|
|
|
|
|
|
|
|
int yywrap(void);
|
|
|
|
|
int yylex(void);
|
|
|
|
|
int yyparse(void);
|
|
|
|
|
void yyerror(const char *);
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
struct veriexec_up *dev_lookup(char *);
|
2006-07-15 03:00:09 +04:00
|
|
|
struct veriexec_up *dev_add(char *);
|
2005-04-21 04:27:35 +04:00
|
|
|
void phase2_load(void);
|
|
|
|
|
|
2005-04-21 16:45:12 +04:00
|
|
|
#endif /* _VERIEXECCTL_H_ */
|