Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6700cfccd6
NetBSD/sys/kern
History
elad 6700cfccd6 Some Veriexec stuff that's been rotting in my tree for months. 
Bug fixes:
  - Fix crash reported by Scott Ellis on current-users@.

  - Fix race conditions in enforcing the Veriexec rename and remove
    policies. These are NOT security issues.

  - Fix memory leak in rename handling when overwriting a monitored
    file.

  - Fix table deletion logic.

  - Don't prevent query requests if not in learning mode.


KPI updates:
  - fileassoc_table_run() now takes a cookie to pass to the callback.

  - veriexec_table_add() was removed, it is now done internally. As a
    result, there's no longer a need for VERIEXEC_TABLESIZE.

  - veriexec_report() was removed, it is now internal.

  - Perform sanity checks on the entry type, and enforce default type
    in veriexec_file_add() rather than in veriexecctl.

  - Add veriexec_flush(), used to delete all Veriexec tables, and
    veriexec_dump(), used to fill an array with all Veriexec entries.


New features:
  - Add a '-k' flag to veriexecctl, to keep the filenames in the kernel
    database. This allows Veriexec to produce slightly more accurate
    logs under certain circumstances. In the future, this can be either
    replaced by vnode->pathname translation, or combined with it.

  - Add a VERIEXEC_DUMP ioctl, to dump the entire Veriexec database.
    This can be used to recover a database if the file was lost.
    Example usage:

        # veriexecctl dump > /etc/signatures

    Note that only entries with the filename kept (that is, were loaded
    with the '-k' flag) will be dumped.

    Idea from Brett Lymn.

  - Add a VERIEXEC_FLUSH ioctl, to delete all Veriexec entries. Sample
    usage:

        # veriexecctl flush

  - Add a 'veriexec_flags' rc(8) variable, and make its default have
    the '-k' flag. On systems using the default signatures file
    (generaetd from running 'veriexecgen' with no arguments), this will
    use additional 32kb of kernel memory on average.

  - Add a '-e' flag to veriexecctl, to evaluate the fingerprint during
    load. This is done automatically for files marked as 'untrusted'.


Misc. stuff:
  - The code for veriexecctl was massively simplified as a result of
    eliminating the need for VERIEXEC_TABLESIZE, and now uses a single
    pass of the signatures file, making the loading somewhat faster.

  - Lots of minor fixes found using the (still under development)
    Veriexec regression testsuite.

  - Some of the messages Veriexec prints were improved.

  - Various documentation fixes.


All relevant man-pages were updated to reflect the above changes.

Binary compatibility with existing veriexecctl binaries is maintained.
2007-05-15 19:47:43 +00:00
..
bufq_disksort.c Avoid unnecessary cast in bufq_disksort_init(). 2007-02-01 00:36:37 +00:00
bufq_fcfs.c
bufq_priocscan.c TRUE -> true, FALSE -> false 2007-02-22 06:34:42 +00:00
bufq_readprio.c Add a KASSERT to address CID: 4335. 2007-04-04 02:30:43 +00:00
cnmagic.c remove some __unused from function parameters. 2006-11-01 10:17:58 +00:00
core_elf32.c - Make the proclist_lock a mutex. The write:read ratio is unfavourable, 2007-03-09 14:11:22 +00:00
core_elf64.c
core_netbsd.c remove some __unused from function parameters. 2006-11-01 10:17:58 +00:00
exec_aout.c
exec_conf.c
exec_ecoff.c
exec_elf32.c Change the way that emulations locate files within the emulation root to 2007-04-22 08:29:55 +00:00
exec_elf64.c
exec_macho.c
exec_script.c Change the way that emulations locate files within the emulation root to 2007-04-22 08:29:55 +00:00
exec_subr.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
genlintstub.awk
init_main.c Don't call pipe_init if PIPE_SOCKETPAIR is defined. 2007-03-13 17:23:49 +00:00
init_sysctl.c Remove proc->p_ru and the 'rusage' pool. 2007-04-30 20:11:41 +00:00
init_sysent.c Regen syscalls for AIO. 2007-04-30 14:47:32 +00:00
kern_acct.c Change the way that emulations locate files within the emulation root to 2007-04-22 08:29:55 +00:00
kern_auth.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
kern_clock.c Instead of the #define versions of tc_getfrequency() and nanouptime(), use 2007-05-13 14:43:52 +00:00
kern_condvar.c Make cv_has_waiters() return type bool. 2007-03-29 17:39:34 +00:00
kern_core.c Remove calls to now obsolete vn_start_write() and vn_finished_write(). 2007-04-03 16:11:31 +00:00
kern_descrip.c Split the fcntl locking code out from its copyin/out. 2007-05-12 23:02:49 +00:00
kern_drvctl.c drvctlioctl: Plug a possible memory leak. 2007-04-03 23:02:39 +00:00
kern_event.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
kern_exec.c Change the way that emulations locate files within the emulation root to 2007-04-22 08:29:55 +00:00
kern_exit.c Add the child 'rusage' of an exiting process to its own 'rusage' exactly 2007-05-08 20:10:14 +00:00
kern_fileassoc.c Some Veriexec stuff that's been rotting in my tree for months. 2007-05-15 19:47:43 +00:00
kern_fork.c Import of POSIX Asynchronous I/O. 2007-04-30 14:44:28 +00:00
kern_kcont.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
kern_ksyms.c Don't panic if we don't find a symbol or string table. Perhaps the kernel 2007-04-02 16:44:44 +00:00
kern_kthread.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
kern_ktrace.c Move the ktrace (and systrace) in namei() inside the retry loop for 2007-04-26 16:27:32 +00:00
kern_lkm.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
kern_lock.c Include the lwpid in the lock panic message, so we don't see silly messages 2007-04-14 06:59:25 +00:00
kern_lwp.c Improvements to lwp_wait1(), for PR kern/35932: 2007-03-21 18:25:59 +00:00
kern_malloc_debug.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
kern_malloc.c malloc: fix a deadlock. 2007-04-19 11:03:44 +00:00
kern_microtime.c
kern_mutex.c mutex_vector_enter: put a read memory barrier between the final check that 2007-03-12 22:34:08 +00:00
kern_ntptime.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
kern_pax.c TRUE -> true, FALSE -> false 2007-02-22 06:34:42 +00:00
kern_physio.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
kern_proc.c Remove proc->p_ru and the 'rusage' pool. 2007-04-30 20:11:41 +00:00
kern_prot.c - Make the proclist_lock a mutex. The write:read ratio is unfavourable, 2007-03-09 14:11:22 +00:00
kern_ras.c Return EEXIST if attempting to install a RAS that is already installed. 2007-03-13 04:44:06 +00:00
kern_resource.c - Make the proclist_lock a mutex. The write:read ratio is unfavourable, 2007-03-09 14:11:22 +00:00
kern_rwlock.c Cosmetic changes. 2007-03-30 11:06:58 +00:00
kern_sig.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
kern_sleepq.c - cv_wakeup: remove this. There are ~zero situations where it's useful. 2007-03-29 17:34:39 +00:00
kern_stub.c Remove extra space so that symbol renaming works properly. 2007-03-03 10:08:18 +00:00
kern_subr.c Add the TFTPROOT kernel option for TFTP'ing root RAMdisk at root mount time. 2007-05-08 06:10:27 +00:00
kern_synch.c Put back mtsleep() temporarily. Converting everything over to condvars 2007-03-11 21:36:48 +00:00
kern_sysctl.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
kern_systrace.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
kern_tc.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
kern_time.c nanosleep1() shouldn't try to get the current time into a NULL address. 2007-05-13 19:51:35 +00:00
kern_timeout.c Fix lossage from boolean_t -> bool and updated x86 bus_dma. 2007-02-22 04:38:02 +00:00
kern_todr.c
kern_turnstile.c turnstile_wakeup: when restoring inherited priority, only lock curlwp 2007-04-10 13:11:08 +00:00
kern_uuid.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
kern_verifiedexec.c Some Veriexec stuff that's been rotting in my tree for months. 2007-05-15 19:47:43 +00:00
kern_xxx.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
kgdb_stub.c
Make.tags.inc Exclude some files that replicate NetBSD typedefs and #defines. 2007-03-14 17:20:22 +00:00
Makefile
makesyscalls.sh
subr_autoconf.c Make the attach functions for real and pseudo devices share as much code 2007-03-05 20:32:43 +00:00
subr_blist.c
subr_bufq.c
subr_callback.c
subr_debug.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
subr_devsw.c remove some __unused from function parameters. 2006-11-01 10:17:58 +00:00
subr_disk_mbr.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
subr_disk.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
subr_evcnt.c
subr_extent.c Revert previous now that simplelock.h has been fixed. 2007-03-13 15:59:47 +00:00
subr_iostat.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
subr_kmem.c Remove duplicate #include's 2007-03-26 22:52:44 +00:00
subr_lockdebug.c lockdebug_abort: s/int/u_int/ for lock id as the rest of code. 2007-05-02 14:07:02 +00:00
subr_log.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
subr_once.c
subr_optstr.c TRUE -> true, FALSE -> false 2007-02-22 06:34:42 +00:00
subr_pool.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
subr_prf.c Fix format of the combination of 'F\B\L' and ':\V' in 2007-04-28 13:11:53 +00:00
subr_prof.c use char* for the kernel representation of the user profile buffer 2007-03-06 16:16:02 +00:00
subr_specificdata.c Replace some uses of lockmgr() / simplelocks. 2007-02-15 15:40:50 +00:00
subr_syscall_stats.c Add code to support per-system call statistics: 2007-02-18 16:58:15 +00:00
subr_tftproot.c Add the TFTPROOT kernel option for TFTP'ing root RAMdisk at root mount time. 2007-05-08 06:10:27 +00:00
subr_userconf.c
subr_vmem.c Remove duplicate #include's 2007-03-26 22:52:44 +00:00
subr_workqueue.c typedef pri_t and use it instead of int and u_char. 2007-02-27 15:07:28 +00:00
subr_xxx.c remove some __unused from function parameters. 2006-11-01 10:17:58 +00:00
sys_aio.c Rename vfs_aio.c to sys_aio.c as decided in <tech-kern>. 2007-05-07 22:22:20 +00:00
sys_generic.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
sys_lwp.c Handle newlwp() error case. Currently, newlwp() cannot fail, but this 2007-03-24 16:43:56 +00:00
sys_pipe.c Remove duplicate #include's 2007-03-26 22:52:44 +00:00
sys_pmc.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
sys_process.c process_stoptrace: after setting a pending stop on curproc, call issignal 2007-04-19 22:42:10 +00:00
sys_sched.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
sys_sig.c - Make the proclist_lock a mutex. The write:read ratio is unfavourable, 2007-03-09 14:11:22 +00:00
sys_socket.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
syscalls.c Regen syscalls for AIO. 2007-04-30 14:47:32 +00:00
syscalls.conf
syscalls.master Import of POSIX Asynchronous I/O. 2007-04-30 14:44:28 +00:00
sysv_ipc.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
sysv_msg.c msgctl1: fix a lock leak. 2007-03-13 03:43:54 +00:00
sysv_sem.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
sysv_shm.c fix typos 2007-04-29 20:23:34 +00:00
tty_bsdpty.c Remove duplicate #include's 2007-03-26 22:52:44 +00:00
tty_conf.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
tty_ptm.c Remove duplicate #include's 2007-03-26 22:52:44 +00:00
tty_pty.c wrap calls to pgsignal() in proclist_mutex 2007-04-17 19:52:56 +00:00
tty_subr.c
tty_tty.c Remove calls to now obsolete vn_start_write() and vn_finished_write(). 2007-04-03 16:11:31 +00:00
tty.c Use mutexes/condvars. 2007-03-12 21:33:07 +00:00
uipc_domain.c In AppleTalk, IPv4, and IPv6 routing domains, help sockaddr_cmp() 2007-05-06 02:56:37 +00:00
uipc_mbuf2.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
uipc_mbuf.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
uipc_proto.c Convert to structure initializers. Use __arraycount 2007-02-18 23:16:59 +00:00
uipc_sem.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
uipc_socket2.c Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
uipc_socket.c Eliminate address family-specific route caches (struct route, struct 2007-05-02 20:40:22 +00:00
uipc_syscalls.c Fallout from caddr_t deletion - remove a load of redundant (void *) casts. 2007-05-13 20:24:21 +00:00
uipc_usrreq.c Change the way that emulations locate files within the emulation root to 2007-04-22 08:29:55 +00:00
vfs_bio.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
vfs_cache.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
vfs_getcwd.c Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
vfs_hooks.c
vfs_init.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
vfs_lockf.c Pass an ipl argument to pool_init/POOL_INIT to be used when initializing 2007-03-12 18:18:22 +00:00
vfs_lookup.c Since ktrace/systrace can sleep, move the VREF(dp) to before them. 2007-04-26 21:21:44 +00:00
vfs_subr.c define a pager flag PGO_RECLAIM, similar to FSYNC_RECLAIM, and use it 2007-04-16 05:14:54 +00:00
vfs_syscalls.c Some Veriexec stuff that's been rotting in my tree for months. 2007-05-15 19:47:43 +00:00
vfs_trans.c Use mutexes/condvars. 2007-03-12 21:33:07 +00:00
vfs_vnops.c Change the way that emulations locate files within the emulation root to 2007-04-22 08:29:55 +00:00
vfs_xattr.c Remove calls to now obsolete vn_start_write() and vn_finished_write(). 2007-04-03 16:11:31 +00:00
vnode_if.c regen 2007-04-09 15:00:42 +00:00
vnode_if.sh Generate preprocessor macros for vop offsets in vfs op descs. And 2006-11-30 21:06:29 +00:00
vnode_if.src vop_link: reorder commented arguments to match actual calling order 2007-04-09 14:58:28 +00:00