From owner-soc-status@FreeBSD.ORG  Tue Jul 31 18:29:57 2012
Return-Path: <owner-soc-status@FreeBSD.ORG>
Delivered-To: soc-status@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4A223106566B
	for <soc-status@freebsd.org>; Tue, 31 Jul 2012 18:29:57 +0000 (UTC)
	(envelope-from gpf.kira@gmail.com)
Received: from mail-qc0-f182.google.com (mail-qc0-f182.google.com
	[209.85.216.182])
	by mx1.freebsd.org (Postfix) with ESMTP id 076E98FC18
	for <soc-status@freebsd.org>; Tue, 31 Jul 2012 18:29:56 +0000 (UTC)
Received: by qcsg15 with SMTP id g15so4794355qcs.13
	for <soc-status@freebsd.org>; Tue, 31 Jul 2012 11:29:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:date:message-id:subject:from:to:content-type;
	bh=nKw5nRON9mlMZulvTzUAu6HfO7Y/gruWsHwGo/Vwbp8=;
	b=AHezPAG7tT9i0DaOgUtBCczVucy6f0RmR3DLzVWinxI1hDuSqCY18WpDXFzOPC8yFY
	aPOOKqG92dltNg4Hu6/8vmZsrdrt83hXNPRj12zO77CDwDQHO17pG1wiuFOb8Jqg8N81
	rcy9eNAAvvf9WrBB2oxIV2gZgDhOXRX5CjB25LXQuxR8rhMGSFoSeRscyZgdFY/RSF1l
	QujtBqJC3QDTMWe52baZJvCnZ8MtW/aDElQBhuWKcdxDGaiJ0GwNzd7Wh96He1CD1e7t
	EEdkkX13rIkFtRehsMAhmQQ6nrErNbU164k0vUuQ8JTY41aVEBnk7KvoM++UJrTC/bfA
	HA8A==
MIME-Version: 1.0
Received: by 10.60.19.232 with SMTP id i8mr24646412oee.35.1343759396429; Tue,
	31 Jul 2012 11:29:56 -0700 (PDT)
Received: by 10.182.108.38 with HTTP; Tue, 31 Jul 2012 11:29:56 -0700 (PDT)
Date: Tue, 31 Jul 2012 21:29:56 +0300
Message-ID: <CAHywV0iodgZ1boOihw72CS0Q5Qgsj=Ti-s0tPwBsELpg0Stp1g@mail.gmail.com>
From: Efstratios Karatzas <gpf.kira@gmail.com>
To: soc-status@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Kernel Level File Integrity Checker report #10
X-BeenThere: soc-status@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Summer of Code Status Reports and Discussion <soc-status.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/soc-status>,
	<mailto:soc-status-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/soc-status>
List-Post: <mailto:soc-status@freebsd.org>
List-Help: <mailto:soc-status-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/soc-status>,
	<mailto:soc-status-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jul 2012 18:29:57 -0000

During week #10:

* /sbin/pefs 'nameid': prints the name id (MAC) for a file in pefs
filesystem. This identifier is used instead of inode number when looking up
files in .pefs.checksum so it should prove useful when user has to decipher
cryptic error messages.

Next tasks on the TODO list:

After a talk with my mentor, verifying .pefs.checksum in kernel level is
pushed to the end of my TODO list since there is no asymmetric crypto
support in the FreeBSD kernel and I would have to port parts from a
different library or module to the FreeBSD kernel.
There are a few minor changes that need to be done at the /sbin/pefs
codebase but for the moment, I'm switching to the last major TODO of my
project which is altering securelevel and perhaps rtld so that only
executables with schg flag set are allowed execution.

-- 

Efstratios "GPF" Karatzas