From owner-svn-soc-all@FreeBSD.ORG Wed Jul 18 18:26:13 2012 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from socsvn.FreeBSD.org (unknown [IPv6:2001:4f8:fff6::2f]) by hub.freebsd.org (Postfix) with SMTP id 824DC106566C for ; Wed, 18 Jul 2012 18:26:11 +0000 (UTC) (envelope-from gpf@FreeBSD.org) Received: by socsvn.FreeBSD.org (sSMTP sendmail emulation); Wed, 18 Jul 2012 18:26:11 +0000 Date: Wed, 18 Jul 2012 18:26:11 +0000 From: gpf@FreeBSD.org To: svn-soc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Message-Id: <20120718182611.824DC106566C@hub.freebsd.org> Cc: Subject: socsvn commit: r239559 - in soc2012/gpf/pefs_kmod: sbin/pefs sys/fs/pefs X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jul 2012 18:26:13 -0000 Author: gpf Date: Wed Jul 18 18:26:10 2012 New Revision: 239559 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=239559 Log: - when a vnode is looked up for the first time in our index tables, check that schg flag is turned on in case the file needs integrity checking. deny reading access to the file if it's not. We *could* also check during setattr if the user is trying to set schg for a file, in which case we could see if there's an nameid conflict with entries in our index tables. Not sure if it's worth it though. note about previous commit: pefs_free_file_header() now closes all file descriptors associated with a file header before freeing it. Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_checksum.c Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c ============================================================================== --- soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Wed Jul 18 17:34:04 2012 (r239558) +++ soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Wed Jul 18 18:26:10 2012 (r239559) @@ -57,7 +57,7 @@ #include "pefs_ctl.h" -#define PEFS_INTEGRITY_DEBUG +//#define PEFS_INTEGRITY_DEBUG #if defined (PEFS_INTEGRITY_DEBUG) #define dprintf(a) printf a #else Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_checksum.c ============================================================================== --- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_checksum.c Wed Jul 18 17:34:04 2012 (r239558) +++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_checksum.c Wed Jul 18 18:26:10 2012 (r239559) @@ -239,8 +239,10 @@ pefs_checksum_lookup(char *enc_name, size_t enc_name_len, struct componentname *cnp, struct vnode *vp) { + struct vattr va; struct pefs_checksum_index_entry pcie; struct pefs_node *pn = VP_TO_PN(vp); + struct ucred *cred = vp->v_mount->mnt_cred; char *buf; size_t buf_len; int error, r; @@ -278,6 +280,21 @@ goto not_found; } } + /* + * Check to see if schg flag is set, if not mark the vnode so that all + * read access is denied. + */ + error = VOP_GETATTR(vp, &va, cred); + if (error != 0) { + dprintf(("unable to retrieve attributes of %llu\n", pcie.pcie_file_id)); + pn->pn_flags|= PN_WRONG_CHECKSUM; + } + else { + if ((va.va_flags & SF_IMMUTABLE) == 0) { + dprintf(("schg not set for %llu\n", pcie.pcie_file_id)); + pn->pn_flags|= PN_WRONG_CHECKSUM; + } + } free(buf, M_TEMP); return; @@ -389,6 +406,10 @@ dprintf(("integrity checking!\noffset %llu\n", offset)); + /* + * XXXgpf: For the moment, this flag's only purpose is to deny read access + * to the file. Should it do more? + */ if ((pn->pn_flags & PN_WRONG_CHECKSUM) != 0) return (EAUTH);