Add indication for number of fingerprinted files on each device.
When a table is created for a new device, a new variable is created under the kern.veriexec.count node named "dev_<id>". For example, dev_0, dev_3, etc.
This commit is contained in:
elad
parent
faf63ba09b
commit
a2c658e922
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: verified_exec.c,v 1.9 2005/05/20 19:52:52 elad Exp $ */
|
||||
/* $NetBSD: verified_exec.c,v 1.10 2005/05/22 22:34:01 elad Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright 2005 Elad Efrat <elad@bsd.org.il>
|
||||
@ -31,9 +31,9 @@
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
#if defined(__NetBSD__)
|
||||
__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.9 2005/05/20 19:52:52 elad Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.10 2005/05/22 22:34:01 elad Exp $");
|
||||
#else
|
||||
__RCSID("$Id: verified_exec.c,v 1.9 2005/05/20 19:52:52 elad Exp $\n$NetBSD: verified_exec.c,v 1.9 2005/05/20 19:52:52 elad Exp $");
|
||||
__RCSID("$Id: verified_exec.c,v 1.10 2005/05/22 22:34:01 elad Exp $\n$NetBSD: verified_exec.c,v 1.10 2005/05/22 22:34:01 elad Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -59,6 +59,8 @@ __RCSID("$Id: verified_exec.c,v 1.9 2005/05/20 19:52:52 elad Exp $\n$NetBSD: ver
|
||||
#include <sys/vnode.h>
|
||||
#include <sys/fcntl.h>
|
||||
#include <sys/namei.h>
|
||||
#include <sys/sysctl.h>
|
||||
#define VERIEXEC_NEED_NODE
|
||||
#include <sys/verified_exec.h>
|
||||
|
||||
/* count of number of times device is open (we really only allow one open) */
|
||||
@ -167,6 +169,7 @@ veriexecioctl(dev_t dev __unused, u_long cmd, caddr_t data,
|
||||
case VERIEXEC_TABLESIZE: {
|
||||
struct veriexec_sizing_params *params =
|
||||
(struct veriexec_sizing_params *) data;
|
||||
u_char node_name[16];
|
||||
|
||||
/* Allocate and initialize a Veriexec hash table. */
|
||||
tbl = malloc(sizeof(struct veriexec_hashtbl), M_TEMP,
|
||||
@ -175,9 +178,18 @@ veriexecioctl(dev_t dev __unused, u_long cmd, caddr_t data,
|
||||
tbl->hash_dev = params->dev;
|
||||
tbl->hash_tbl = hashinit(params->hash_size, HASH_LIST, M_TEMP,
|
||||
M_WAITOK, &hashmask);
|
||||
tbl->hash_count = 0;
|
||||
|
||||
LIST_INSERT_HEAD(&veriexec_tables, tbl, hash_list);
|
||||
|
||||
snprintf(node_name, sizeof(node_name), "dev_%u",
|
||||
tbl->hash_dev);
|
||||
|
||||
sysctl_createv(NULL, 0, &veriexec_count_node, NULL,
|
||||
CTLFLAG_READONLY, CTLTYPE_QUAD, node_name,
|
||||
NULL, NULL, 0, &tbl->hash_count, 0,
|
||||
tbl->hash_dev, CTL_EOL);
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: init_sysctl.c,v 1.38 2005/05/19 20:16:19 elad Exp $ */
|
||||
/* $NetBSD: init_sysctl.c,v 1.39 2005/05/22 22:34:01 elad Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 2003 The NetBSD Foundation, Inc.
|
||||
@ -37,7 +37,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.38 2005/05/19 20:16:19 elad Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.39 2005/05/22 22:34:01 elad Exp $");
|
||||
|
||||
#include "opt_sysv.h"
|
||||
#include "opt_multiprocessor.h"
|
||||
@ -69,6 +69,7 @@ __KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.38 2005/05/19 20:16:19 elad Exp $"
|
||||
#include <sys/exec.h>
|
||||
#include <sys/conf.h>
|
||||
#include <sys/device.h>
|
||||
#define VERIEXEC_NEED_NODE
|
||||
#include <sys/verified_exec.h>
|
||||
|
||||
#if defined(SYSVMSG) || defined(SYSVSEM) || defined(SYSVSHM)
|
||||
@ -758,6 +759,12 @@ SYSCTL_SETUP(sysctl_kern_setup, "sysctl kern subtree setup")
|
||||
"algorithms"),
|
||||
sysctl_kern_veriexec, 0, NULL, 0,
|
||||
CTL_KERN, KERN_VERIEXEC, VERIEXEC_ALGORITHMS, CTL_EOL);
|
||||
sysctl_createv(clog, 0, NULL, &veriexec_count_node,
|
||||
CTLFLAG_PERMANENT,
|
||||
CTLTYPE_NODE, "count",
|
||||
SYSCTL_DESCR("Number of fingerprints on device(s)"),
|
||||
NULL, 0, NULL, 0,
|
||||
CTL_KERN, KERN_VERIEXEC, VERIEXEC_COUNT, CTL_EOL);
|
||||
#endif /* VERIFIED_EXEC */
|
||||
}
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: kern_verifiedexec.c,v 1.15 2005/05/19 20:16:19 elad Exp $ */
|
||||
/* $NetBSD: kern_verifiedexec.c,v 1.16 2005/05/22 22:34:01 elad Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright 2005 Elad Efrat <elad@bsd.org.il>
|
||||
@ -30,7 +30,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.15 2005/05/19 20:16:19 elad Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.16 2005/05/22 22:34:01 elad Exp $");
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/mount.h>
|
||||
@ -40,6 +40,8 @@ __KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.15 2005/05/19 20:16:19 elad
|
||||
#include <sys/exec.h>
|
||||
#include <sys/proc.h>
|
||||
#include <sys/syslog.h>
|
||||
#include <sys/sysctl.h>
|
||||
#define VERIEXEC_NEED_NODE
|
||||
#include <sys/verified_exec.h>
|
||||
#if defined(__FreeBSD__)
|
||||
# include <sys/systm.h>
|
||||
@ -58,6 +60,8 @@ int veriexec_strict = 0;
|
||||
char *veriexec_fp_names;
|
||||
unsigned int veriexec_name_max;
|
||||
|
||||
struct sysctlnode *veriexec_count_node = NULL;
|
||||
|
||||
/* prototypes */
|
||||
static void
|
||||
veriexec_add_fp_name(char *name);
|
||||
@ -323,6 +327,8 @@ veriexec_hashadd(struct veriexec_hashtbl *tbl, struct veriexec_hash_entry *e)
|
||||
|
||||
LIST_INSERT_HEAD(vhh, e, entries);
|
||||
|
||||
tbl->hash_count++;
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
@ -542,6 +548,7 @@ veriexec_rm:
|
||||
LIST_REMOVE(vhe, entries);
|
||||
free(vhe->fp, M_TEMP);
|
||||
free(vhe, M_TEMP);
|
||||
tbl->hash_count--;
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: verified_exec.h,v 1.9 2005/05/20 19:52:52 elad Exp $ */
|
||||
/* $NetBSD: verified_exec.h,v 1.10 2005/05/22 22:34:01 elad Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright 2005 Elad Efrat <elad@bsd.org.il>
|
||||
@ -30,7 +30,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: verified_exec.h,v 1.9 2005/05/20 19:52:52 elad Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: verified_exec.h,v 1.10 2005/05/22 22:34:01 elad Exp $");
|
||||
|
||||
/*
|
||||
*
|
||||
@ -74,6 +74,7 @@ struct veriexec_sizing_params {
|
||||
#define VERIEXEC_VERBOSE 1 /* Verbosity level. */
|
||||
#define VERIEXEC_STRICT 2 /* Strict mode level. */
|
||||
#define VERIEXEC_ALGORITHMS 3 /* Supported hashing algorithms. */
|
||||
#define VERIEXEC_COUNT 4 /* # of fingerprinted files on device. */
|
||||
|
||||
#ifdef _KERNEL
|
||||
void veriexecattach(struct device *, struct device *, void *);
|
||||
@ -85,6 +86,10 @@ int veriexecioctl(dev_t, u_long, caddr_t, int, struct proc *);
|
||||
extern char *veriexec_fp_names;
|
||||
extern int veriexec_verbose;
|
||||
extern int veriexec_strict;
|
||||
/* this one requires sysctl.h to be included before verified_exec.h */
|
||||
#ifdef VERIEXEC_NEED_NODE
|
||||
extern struct sysctlnode *veriexec_count_node;
|
||||
#endif /* VERIEXEC_NEED_NODE */
|
||||
|
||||
/*
|
||||
* Operations vector for verified exec, this defines the characteristics
|
||||
@ -126,6 +131,7 @@ struct veriexec_hashtbl {
|
||||
struct veriexec_hashhead *hash_tbl;
|
||||
size_t hash_size; /* Number of slots in the table. */
|
||||
dev_t hash_dev; /* Device ID the hash table refers to. */
|
||||
uint64_t hash_count; /* # of fingerprinted files in table. */
|
||||
LIST_ENTRY(veriexec_hashtbl) hash_list;
|
||||
};
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user