From owner-svn-src-head@FreeBSD.ORG Wed Mar 11 01:12:52 2009 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D2C2A1065777; Wed, 11 Mar 2009 01:12:52 +0000 (UTC) (envelope-from sam@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id A72418FC1E; Wed, 11 Mar 2009 01:12:52 +0000 (UTC) (envelope-from sam@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n2B1Cq4V079032; Wed, 11 Mar 2009 01:12:52 GMT (envelope-from sam@svn.freebsd.org) Received: (from sam@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n2B1Cqoh079031; Wed, 11 Mar 2009 01:12:52 GMT (envelope-from sam@svn.freebsd.org) Message-Id: <200903110112.n2B1Cqoh079031@svn.freebsd.org> From: Sam Leffler Date: Wed, 11 Mar 2009 01:12:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r189660 - head/sys/geom X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Mar 2009 01:12:53 -0000 Author: sam Date: Wed Mar 11 01:12:52 2009 New Revision: 189660 URL: http://svn.freebsd.org/changeset/base/189660 Log: o disallow write to RedBoot and FIS directory partitions; these are painful to resurrect (maybe honor foot shooting bit in kern.geom_debugflags) o fix match macro so we now recognize we want to merge FIS dir with RedBoot config parameters even if we don't actually do it Modified: head/sys/geom/geom_redboot.c Modified: head/sys/geom/geom_redboot.c ============================================================================== --- head/sys/geom/geom_redboot.c Wed Mar 11 01:03:32 2009 (r189659) +++ head/sys/geom/geom_redboot.c Wed Mar 11 01:12:52 2009 (r189660) @@ -62,6 +62,7 @@ struct fis_image_desc { #define FISDIR_NAME "FIS directory" #define REDBCFG_NAME "RedBoot config" +#define REDBOOT_NAME "RedBoot" #define REDBOOT_MAXSLICE 64 #define REDBOOT_MAXOFF \ @@ -70,6 +71,8 @@ struct fis_image_desc { struct g_redboot_softc { uint32_t entry[REDBOOT_MAXSLICE]; uint32_t dsize[REDBOOT_MAXSLICE]; + uint8_t readonly[REDBOOT_MAXSLICE]; + g_access_t *parent_access; }; static void @@ -90,6 +93,18 @@ g_redboot_ioctl(struct g_provider *pp, u } static int +g_redboot_access(struct g_provider *pp, int dread, int dwrite, int dexcl) +{ + struct g_geom *gp = pp->geom; + struct g_slicer *gsp = gp->softc; + struct g_redboot_softc *sc = gsp->softc; + + if (dwrite > 0 && sc->readonly[pp->index]) + return (EPERM); + return (sc->parent_access(pp, dread, dwrite, dexcl)); +} + +static int g_redboot_start(struct bio *bp) { struct g_provider *pp; @@ -155,8 +170,7 @@ nameok(const char name[16]) static struct fis_image_desc * parse_fis_directory(u_char *buf, size_t bufsize, off_t offset, uint32_t offmask) { -#define match(a,b) \ - (bcmp(fd->name, FISDIR_NAME, sizeof(FISDIR_NAME)-1) == 0) +#define match(a,b) (bcmp(a, b, sizeof(b)-1) == 0) struct fis_image_desc *fd, *efd; struct fis_image_desc *fisdir, *redbcfg; struct fis_image_desc *head, **tail; @@ -242,6 +256,10 @@ g_redboot_taste(struct g_class *mp, stru g_redboot_start); if (gp == NULL) return (NULL); + /* interpose our access method */ + sc->parent_access = gp->access; + gp->access = g_redboot_access; + sectorsize = cp->provider->sectorsize; blksize = cp->provider->stripesize; if (powerof2(cp->provider->mediasize)) @@ -287,6 +305,9 @@ again: __func__, error, fd->name); sc->entry[i] = fd->entry; sc->dsize[i] = fd->dsize; + /* disallow writing hard-to-recover entries */ + sc->readonly[i] = (strcmp(fd->name, FISDIR_NAME) == 0) || + (strcmp(fd->name, REDBOOT_NAME) == 0); i++; } g_free(buf);