From owner-soc-status@FreeBSD.ORG Sun Jun 17 14:51:07 2012 Return-Path: Delivered-To: soc-status@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3F8931065672 for ; Sun, 17 Jun 2012 14:51:07 +0000 (UTC) (envelope-from gpf.kira@gmail.com) Received: from mail-qc0-f182.google.com (mail-qc0-f182.google.com [209.85.216.182]) by mx1.freebsd.org (Postfix) with ESMTP id EC7B88FC0A for ; Sun, 17 Jun 2012 14:51:06 +0000 (UTC) Received: by qcsg15 with SMTP id g15so2979974qcs.13 for ; Sun, 17 Jun 2012 07:51:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=boQ95nBtD79Ty81PIi/zxdMqnDkq4Cdu12p8kWmRsqY=; b=tQL3VD33iCqKULdwENtlj2kID6K3KnAXcxOEcP6/qh81dFHUpyOw8656YhRIblGb0i Xj23lJQRotnoyVM/aDxosxKXfRA48ttFadtjtFDqqdYbZThlg18iKfydv2ONVAcXP3hq 87bS93VUcERfUJRapGAmCsrG+a0OE+ey8Gq5WvO2tOZo5hMt7o9RdCnTZUWyp9sNyRaF dYBNbfNKKAMlAOH/rffzSCsvoWX+X3XZNomUXRxab2HdKoHIzlfPJufommAAmnLH+Osu BcsC5wpCzGTk20mBo9fxbu5HKDY5+vr1uFfGVA65PwshYAqRJAROQYhV+B38o8bxytmz b8Sg== MIME-Version: 1.0 Received: by 10.224.58.75 with SMTP id f11mr21803270qah.98.1339944666053; Sun, 17 Jun 2012 07:51:06 -0700 (PDT) Received: by 10.229.217.74 with HTTP; Sun, 17 Jun 2012 07:51:05 -0700 (PDT) Date: Sun, 17 Jun 2012 17:51:05 +0300 Message-ID: From: Efstratios Karatzas To: soc-status@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Kernel Level File Integrity Checker report #4 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2012 14:51:07 -0000 During week #4: * pefs_mount() can be supplied the "-o checksum" option, which enables integrity checking in pefs kernel driver. If this option is found during VFS_MOUNT(), our driver acquires a vnode for the .pefs.checksum file and loads its header as well as the index part of .pefs.checksum which is kept in kernel heap. Resources are deallocated and checksum vnode vreled during pefs_unmount() (VFS_UNMOUNT()). * When a new pefs vnode is generated as a result of a VOP_LOOKUP() call, we look it up in our checksum index tables. If an entry for our file is found, we keep a pointer to that entry with the pefs vnode. This reference will be later used e.g. during a VOP_READ() call where we will test the checksum of the block that was retrieved from disk against the checksum from .pefs.checksum. -- Efstratios "GPF" Karatzas