Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 24 May 2012 15:52:26 +0000
From:      gpf@FreeBSD.org
To:        svn-soc-all@FreeBSD.org
Subject:   socsvn commit: r236293 - in soc2012/gpf/pefs_kmod: sbin/pefs sys/fs/pefs
Message-ID:  <20120524155226.EC033106564A@hub.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: gpf
Date: Thu May 24 15:52:26 2012
New Revision: 236293
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=236293

Log:
  pefs_get_file_id() now uses an ioctl() call to get filename mac from kernel.
  

Modified:
  soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c
  soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h
  soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c

Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c
==============================================================================
--- soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c	Thu May 24 14:07:44 2012	(r236292)
+++ soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c	Thu May 24 15:52:26 2012	(r236293)
@@ -29,6 +29,7 @@
 __FBSDID("$FreeBSD$");
 
 #include <sys/endian.h>
+#include <sys/ioctl.h>
 #include <sys/mount.h>
 #include <sys/queue.h>
 #include <sys/types.h>
@@ -263,17 +264,17 @@
 	struct checksum *csp;
 	uint32_t i,j;
 
-	printf("\n+++Printing Hash Table+++\n\n");
+	dprintf(("\n+++Printing Hash Table+++\n\n"));
 	for (i = 0; i < checksum_hash_tablep->size; i++) {
-		printf("\nbucket %d with elements: %u\n", i, checksum_hash_tablep->buckets[i].nelements);
+		dprintf(("\nbucket %d with elements: %u\n", i, checksum_hash_tablep->buckets[i].nelements));
 		LIST_FOREACH(fhp, &(checksum_hash_tablep->buckets[i].file_headers), bucket_entries) {
 			//printf(("\tpath=%s!\t id = %d!\tnhashes = %d\n", fhp->path, (int)fhp->file_id, fhp->nhashes));
-			printf("\tid = %d!\tnhashes = %d\n", (int)fhp->file_id, fhp->nhashes);
+			dprintf(("\tid = %d!\tnhashes = %d\n", (int)fhp->file_id, fhp->nhashes));
 			TAILQ_FOREACH(csp, &(fhp->checksums), checksum_entries) {
-				printf("\t\tdigest=");
+				dprintf(("\t\tdigest="));
 				for (j = 0; j < hash_len; j++)
-					printf("%02x", csp->hash[j]);
-				printf("\n");
+					dprintf(("%02x", csp->hash[j]));
+				dprintf(("\n"));
 			}
 		}
 	}
@@ -282,6 +283,10 @@
 static int
 pefs_get_file_id(struct file_header *fhp)
 {
+	char parent_dir[MAXPATHLEN];
+	struct pefs_mac mac;
+	char *pch;
+	int error, fd;
 	struct stat sb;
 
 	if (stat(fhp->path, &sb) != 0) {
@@ -289,11 +294,38 @@
 		return (PEFS_ERR_SYS);
 	}
 	/*
-	 * XXXgpf: [TODO] This is only temporary since retrieving the file's inode number
-	 * is way simpler than retrieving the checksum value from encrypted filename.
+	 * XXXgpf: [TODO] This is only temporary so that we won't have conflict errors
+	 * when adding a file header to a bucket.
 	 */
 	fhp->file_id = sb.st_ino;
-	return (0);
+	
+	/* feed parent directory to ioctl() */
+	strlcpy(parent_dir, fhp->path, sizeof(parent_dir));
+	pch = strrchr(parent_dir, '/');
+	if (pch == NULL) {
+		pefs_warn("error retrieving parent dir of %s", fhp->path);
+		return (PEFS_ERR_NOENT);
+	}
+	*pch = '\0';
+	
+	fd = open(parent_dir, O_RDONLY);
+	if (fd < 0) {
+		warn("unable to open file %s", parent_dir);
+		return (PEFS_ERR_SYS);
+	}
+
+	pch = strrchr(fhp->path, '/');
+	pch++;
+	strlcpy(mac.mac_filename, pch, sizeof(mac.mac_filename));
+	mac.mac_namelen = strlen(mac.mac_filename);
+
+	printf("giving values to ioctl() %s and dir = %s\n", mac.mac_filename, parent_dir);
+	error = ioctl(fd, PEFS_GETMAC, &mac);
+	printf("ioctl error = %d\n", error);
+	printf("values returned %lld\n\n", mac.mac_csum);
+
+	close(fd);
+	return (error);
 }
 
 static int
@@ -633,8 +665,9 @@
 
 	snprintf(checksum_path, sizeof(checksum_path), "%s/%s", fsroot, PEFS_FILE_CHECKSUM);
 	/*
-	 * XXXgpf: If pefs fs is mounted when .pefs.checksum is created, then it will obtain an
-	 * encrypted filename. It's not a bug, it's a feature!
+	 * XXXgpf: [TODO] If pefs fs is mounted when .pefs.checksum is created, then it will obtain an
+	 * encrypted filename & encrypted data. I should make sure that checksum file is not being 
+	 * opened inside a mounted pefs filesystem.
 	 */
 	fdout = open(checksum_path, O_WRONLY | O_CREAT | O_EXCL,  S_IRUSR | S_IWUSR);
 	if (fdout == -1) {

Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h
==============================================================================
--- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h	Thu May 24 14:07:44 2012	(r236292)
+++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h	Thu May 24 15:52:26 2012	(r236293)
@@ -48,6 +48,12 @@
 	char			pxk_key[PEFS_KEY_SIZE];
 };
 
+struct pefs_mac {
+	char			mac_filename[MAXPATHLEN];
+	uint32_t		mac_namelen;
+	uint64_t		mac_csum;
+};
+
 #ifdef _IO
 #define	PEFS_GETKEY			_IOWR('p', 0, struct pefs_xkey)
 #define	PEFS_ADDKEY			_IOWR('p', 1, struct pefs_xkey)
@@ -55,6 +61,7 @@
 #define	PEFS_DELKEY			_IOWR('p', 3, struct pefs_xkey)
 #define	PEFS_FLUSHKEYS			_IO('p', 4)
 #define	PEFS_GETNODEKEY			_IOWR('p', 5, struct pefs_xkey)
+#define PEFS_GETMAC			_IOWR('p', 6, struct pefs_mac)
 #endif
 
 #ifdef _KERNEL

Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c
==============================================================================
--- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c	Thu May 24 14:07:44 2012	(r236292)
+++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c	Thu May 24 15:52:26 2012	(r236293)
@@ -2355,15 +2355,21 @@
 static int
 pefs_ioctl(struct vop_ioctl_args *ap)
 {
+	struct pefs_enccn enccn;
+	struct componentname cn;
+	char buf[MAXNAMLEN +1];
 	struct vnode *vp = ap->a_vp;
 	struct pefs_xkey *xk = ap->a_data;
+	struct pefs_mac *mac = ap->a_data;
 	struct ucred *cred = ap->a_cred;
 	struct thread *td = ap->a_td;
 	struct mount *mp = vp->v_mount;
 	struct pefs_mount *pm = VFS_TO_PEFS(mp);
 	struct pefs_node *pn;
 	struct pefs_key *pk;
-	int error = 0, i;
+	char *enc;
+	size_t enc_len;
+	int error = 0, i, r;
 
 	if (mp->mnt_cred->cr_uid != cred->cr_uid) {
 		error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0);
@@ -2465,6 +2471,43 @@
 		if (pefs_key_remove_all(pm))
 			pefs_flushkey(mp, td, PEFS_FLUSHKEY_ALL, NULL);
 		break;
+	case PEFS_GETMAC:		
+		pefs_enccn_init(&enccn);
+
+		cn.cn_nameiop = LOOKUP;
+		cn.cn_thread = td;
+		cn.cn_cred = cred;
+		/* XXXgpf: should probably acquire a shared lock if possible */
+		cn.cn_lkflags = 0;
+		cn.cn_flags = 0;
+		cn.cn_nameptr = mac->mac_filename;
+		cn.cn_namelen = mac->mac_namelen;
+
+		error = pefs_enccn_lookup(&enccn, vp, &cn);
+		printf("pefs_enccn_lookup = %d\n", error);
+		if (error == 0) {
+			printf("found!\nlen%ld %s", enccn.pec_cn.cn_namelen, enccn.pec_cn.cn_nameptr);
+
+			enc = enccn.pec_cn.cn_nameptr;
+			enc_len = enccn.pec_cn.cn_namelen;
+
+			if (enc[0] != '.' || enc_len <= 1) {
+				error = EINVAL;
+				break;
+			}
+			enc++;
+			enc_len--;
+
+			r = pefs_name_pton(enc, enc_len, buf, sizeof(buf));
+			if (r <= 0)
+				error = EINVAL;
+			else
+				memcpy(&(mac->mac_csum), buf, PEFS_NAME_CSUM_SIZE);
+			
+			pefs_enccn_free(&enccn);
+		}
+
+		break;
 	default:
 		error = ENOTTY;
 		break;



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120524155226.EC033106564A>