Date: Wed, 20 Jun 2018 06:54:38 +0000 (UTC) From: "Stephen J. Kiernan" <stevek@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r335430 - head/sys/security/mac_veriexec Message-ID: <201806200654.w5K6scEs031715@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: stevek Date: Wed Jun 20 06:54:38 2018 New Revision: 335430 URL: https://svnweb.freebsd.org/changeset/base/335430 Log: Fix build breakage in veriexec for 32-bit architectures. fsid_t and ino_t are 64-bit entities, use uintmax_t typecast to ensure we can print it on 32-bit or 64-bit architectures by using the %ju format for prints. Obtained from: Juniper Networks, Inc. Modified: head/sys/security/mac_veriexec/veriexec_fingerprint.c head/sys/security/mac_veriexec/veriexec_metadata.c Modified: head/sys/security/mac_veriexec/veriexec_fingerprint.c ============================================================================== --- head/sys/security/mac_veriexec/veriexec_fingerprint.c Wed Jun 20 06:52:32 2018 (r335429) +++ head/sys/security/mac_veriexec/veriexec_fingerprint.c Wed Jun 20 06:54:38 2018 (r335430) @@ -108,11 +108,12 @@ identify_error (struct image_params *imgp, struct thre gppid = (parent != NULL && parent->p_pptr != NULL) ? parent->p_pptr->p_pid : 0; - log(LOG_ERR, MAC_VERIEXEC_FULLNAME ": %s (file=%s fsid=%lu fileid=%lu " + log(LOG_ERR, MAC_VERIEXEC_FULLNAME ": %s (file=%s fsid=%ju fileid=%ju " "gen=%lu uid=%u pid=%u ppid=%u gppid=%u)", msg, (imgp->args != NULL) ? imgp->args->fname : "", - imgp->attr->va_fsid, imgp->attr->va_fileid, imgp->attr->va_gen, - td->td_ucred->cr_ruid, imgp->proc->p_pid, ppid, gppid); + (uintmax_t)imgp->attr->va_fsid, (uintmax_t)imgp->attr->va_fileid, + imgp->attr->va_gen, td->td_ucred->cr_ruid, imgp->proc->p_pid, + ppid, gppid); } /** @@ -217,8 +218,9 @@ mac_veriexec_fingerprint_check_vnode(struct vnode *vp, return (ETXTBSY); if ((vp->v_mount->mnt_flag & MNT_VERIFIED) != 0) { - VERIEXEC_DEBUG(2, ("file %lu.%lu on verified %s mount\n", - ip->fileid, ip->gen, vp->v_mount->mnt_vfc->vfc_name)); + VERIEXEC_DEBUG(2, ("file %ju.%lu on verified %s mount\n", + (uintmax_t)ip->fileid, ip->gen, + vp->v_mount->mnt_vfc->vfc_name)); /* * The VFS is backed by a file which has been verified. Modified: head/sys/security/mac_veriexec/veriexec_metadata.c ============================================================================== --- head/sys/security/mac_veriexec/veriexec_metadata.c Wed Jun 20 06:52:32 2018 (r335429) +++ head/sys/security/mac_veriexec/veriexec_metadata.c Wed Jun 20 06:54:38 2018 (r335430) @@ -110,8 +110,8 @@ get_veriexec_file(struct veriexec_devhead *head, dev_t if (found_dev != NULL) *found_dev = 0; - VERIEXEC_DEBUG(3, ("searching for file %lu.%lu on device %lu," - " files=%d\n", fileid, gen, (unsigned long)fsid, + VERIEXEC_DEBUG(3, ("searching for file %ju.%lu on device %ju," + " files=%d\n", (uintmax_t)fileid, gen, (uintmax_t)fsid, (head == &veriexec_file_dev_head))); /* Get a lock to access the list */ @@ -124,8 +124,8 @@ get_veriexec_file(struct veriexec_devhead *head, dev_t /* We found the file system in the list */ if (lp != NULL) { - VERIEXEC_DEBUG(3, ("found matching dev number %lu\n", - lp->fsid)); + VERIEXEC_DEBUG(3, ("found matching dev number %ju\n", + (uintmax_t)lp->fsid)); /* If found_dev is non-NULL, store true there */ if (found_dev != NULL) @@ -182,8 +182,8 @@ find_veriexec_file(dev_t fsid, long fileid, unsigned l } search[2] = NULL; - VERIEXEC_DEBUG(3, ("%s: searching for dev %lu, file %lu\n", - __func__, fsid, fileid)); + VERIEXEC_DEBUG(3, ("%s: searching for dev %ju, file %lu\n", + __func__, (uintmax_t)fsid, fileid)); /* Search for the specified file */ for (ip = NULL, x = 0; ip == NULL && search[x]; x++) @@ -226,7 +226,7 @@ mac_veriexec_print_db_head(struct sbuf *sbp, struct ve struct veriexec_dev_list *lp; for (lp = LIST_FIRST(head); lp != NULL; lp = LIST_NEXT(lp, entries)) { - sbuf_printf(sbp, " FS id: %lu\n", lp->fsid); + sbuf_printf(sbp, " FS id: %ju\n", (uintmax_t)lp->fsid); mac_veriexec_print_db_dev_list(sbp, lp); } @@ -524,9 +524,9 @@ mac_veriexec_metadata_fetch_fingerprint_status(struct status = (found_dev) ? FINGERPRINT_NOENTRY : FINGERPRINT_NODEV; VERIEXEC_DEBUG(3, - ("fingerprint status is %d for dev %lu, file " - "%lu.%lu\n", status, vap->va_fsid, vap->va_fileid, - vap->va_gen)); + ("fingerprint status is %d for dev %ju, file " + "%ju.%lu\n", status, (uintmax_t)vap->va_fsid, + (uintmax_t)vap->va_fileid, vap->va_gen)); } else { /* * evaluate and compare fingerprint @@ -543,13 +543,13 @@ mac_veriexec_metadata_fetch_fingerprint_status(struct else status = FINGERPRINT_VALID; VERIEXEC_DEBUG(2, - ("%sfingerprint matches for dev %lu, file " - "%lu.%lu\n", + ("%sfingerprint matches for dev %ju, file " + "%ju.%lu\n", (status == FINGERPRINT_INDIRECT) ? "indirect " : (status == FINGERPRINT_FILE) ? - "file " : "", vap->va_fsid, - vap->va_fileid, vap->va_gen)); + "file " : "", (uintmax_t)vap->va_fsid, + (uintmax_t)vap->va_fileid, vap->va_gen)); break; case EAUTH: @@ -567,9 +567,11 @@ mac_veriexec_metadata_fetch_fingerprint_status(struct digest[i]); } log(LOG_ERR, MAC_VERIEXEC_FULLNAME - ": fingerprint for dev %lu, file " - "%lu.%lu %s != %s\n", vap->va_fsid, - vap->va_fileid, vap->va_gen, + ": fingerprint for dev %ju, file " + "%ju.%lu %s != %s\n", + (uintmax_t)vap->va_fsid, + (uintmax_t)vap->va_fileid, + vap->va_gen, have, want); } #endif @@ -696,7 +698,8 @@ search: ip->gen = gen; memcpy(ip->fingerprint, fingerprint, fpops->digest_len); - VERIEXEC_DEBUG(3, ("add file %lu.%lu (files=%d)\n", ip->fileid, + VERIEXEC_DEBUG(3, ("add file %ju.%lu (files=%d)\n", + (uintmax_t)ip->fileid, ip->gen, file_dev)); /* Add the entry to the list */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201806200654.w5K6scEs031715>