From owner-svn-soc-all@FreeBSD.ORG Thu May 24 15:52:29 2012 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from socsvn.FreeBSD.org (unknown [IPv6:2001:4f8:fff6::2f]) by hub.freebsd.org (Postfix) with SMTP id EC033106564A for ; Thu, 24 May 2012 15:52:26 +0000 (UTC) (envelope-from gpf@FreeBSD.org) Received: by socsvn.FreeBSD.org (sSMTP sendmail emulation); Thu, 24 May 2012 15:52:26 +0000 Date: Thu, 24 May 2012 15:52:26 +0000 From: gpf@FreeBSD.org To: svn-soc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Message-Id: <20120524155226.EC033106564A@hub.freebsd.org> Cc: Subject: socsvn commit: r236293 - in soc2012/gpf/pefs_kmod: sbin/pefs sys/fs/pefs X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2012 15:52:29 -0000 Author: gpf Date: Thu May 24 15:52:26 2012 New Revision: 236293 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=236293 Log: pefs_get_file_id() now uses an ioctl() call to get filename mac from kernel. Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c ============================================================================== --- soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Thu May 24 14:07:44 2012 (r236292) +++ soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Thu May 24 15:52:26 2012 (r236293) @@ -29,6 +29,7 @@ __FBSDID("$FreeBSD$"); #include +#include #include #include #include @@ -263,17 +264,17 @@ struct checksum *csp; uint32_t i,j; - printf("\n+++Printing Hash Table+++\n\n"); + dprintf(("\n+++Printing Hash Table+++\n\n")); for (i = 0; i < checksum_hash_tablep->size; i++) { - printf("\nbucket %d with elements: %u\n", i, checksum_hash_tablep->buckets[i].nelements); + dprintf(("\nbucket %d with elements: %u\n", i, checksum_hash_tablep->buckets[i].nelements)); LIST_FOREACH(fhp, &(checksum_hash_tablep->buckets[i].file_headers), bucket_entries) { //printf(("\tpath=%s!\t id = %d!\tnhashes = %d\n", fhp->path, (int)fhp->file_id, fhp->nhashes)); - printf("\tid = %d!\tnhashes = %d\n", (int)fhp->file_id, fhp->nhashes); + dprintf(("\tid = %d!\tnhashes = %d\n", (int)fhp->file_id, fhp->nhashes)); TAILQ_FOREACH(csp, &(fhp->checksums), checksum_entries) { - printf("\t\tdigest="); + dprintf(("\t\tdigest=")); for (j = 0; j < hash_len; j++) - printf("%02x", csp->hash[j]); - printf("\n"); + dprintf(("%02x", csp->hash[j])); + dprintf(("\n")); } } } @@ -282,6 +283,10 @@ static int pefs_get_file_id(struct file_header *fhp) { + char parent_dir[MAXPATHLEN]; + struct pefs_mac mac; + char *pch; + int error, fd; struct stat sb; if (stat(fhp->path, &sb) != 0) { @@ -289,11 +294,38 @@ return (PEFS_ERR_SYS); } /* - * XXXgpf: [TODO] This is only temporary since retrieving the file's inode number - * is way simpler than retrieving the checksum value from encrypted filename. + * XXXgpf: [TODO] This is only temporary so that we won't have conflict errors + * when adding a file header to a bucket. */ fhp->file_id = sb.st_ino; - return (0); + + /* feed parent directory to ioctl() */ + strlcpy(parent_dir, fhp->path, sizeof(parent_dir)); + pch = strrchr(parent_dir, '/'); + if (pch == NULL) { + pefs_warn("error retrieving parent dir of %s", fhp->path); + return (PEFS_ERR_NOENT); + } + *pch = '\0'; + + fd = open(parent_dir, O_RDONLY); + if (fd < 0) { + warn("unable to open file %s", parent_dir); + return (PEFS_ERR_SYS); + } + + pch = strrchr(fhp->path, '/'); + pch++; + strlcpy(mac.mac_filename, pch, sizeof(mac.mac_filename)); + mac.mac_namelen = strlen(mac.mac_filename); + + printf("giving values to ioctl() %s and dir = %s\n", mac.mac_filename, parent_dir); + error = ioctl(fd, PEFS_GETMAC, &mac); + printf("ioctl error = %d\n", error); + printf("values returned %lld\n\n", mac.mac_csum); + + close(fd); + return (error); } static int @@ -633,8 +665,9 @@ snprintf(checksum_path, sizeof(checksum_path), "%s/%s", fsroot, PEFS_FILE_CHECKSUM); /* - * XXXgpf: If pefs fs is mounted when .pefs.checksum is created, then it will obtain an - * encrypted filename. It's not a bug, it's a feature! + * XXXgpf: [TODO] If pefs fs is mounted when .pefs.checksum is created, then it will obtain an + * encrypted filename & encrypted data. I should make sure that checksum file is not being + * opened inside a mounted pefs filesystem. */ fdout = open(checksum_path, O_WRONLY | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR); if (fdout == -1) { Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h ============================================================================== --- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h Thu May 24 14:07:44 2012 (r236292) +++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h Thu May 24 15:52:26 2012 (r236293) @@ -48,6 +48,12 @@ char pxk_key[PEFS_KEY_SIZE]; }; +struct pefs_mac { + char mac_filename[MAXPATHLEN]; + uint32_t mac_namelen; + uint64_t mac_csum; +}; + #ifdef _IO #define PEFS_GETKEY _IOWR('p', 0, struct pefs_xkey) #define PEFS_ADDKEY _IOWR('p', 1, struct pefs_xkey) @@ -55,6 +61,7 @@ #define PEFS_DELKEY _IOWR('p', 3, struct pefs_xkey) #define PEFS_FLUSHKEYS _IO('p', 4) #define PEFS_GETNODEKEY _IOWR('p', 5, struct pefs_xkey) +#define PEFS_GETMAC _IOWR('p', 6, struct pefs_mac) #endif #ifdef _KERNEL Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c ============================================================================== --- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c Thu May 24 14:07:44 2012 (r236292) +++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c Thu May 24 15:52:26 2012 (r236293) @@ -2355,15 +2355,21 @@ static int pefs_ioctl(struct vop_ioctl_args *ap) { + struct pefs_enccn enccn; + struct componentname cn; + char buf[MAXNAMLEN +1]; struct vnode *vp = ap->a_vp; struct pefs_xkey *xk = ap->a_data; + struct pefs_mac *mac = ap->a_data; struct ucred *cred = ap->a_cred; struct thread *td = ap->a_td; struct mount *mp = vp->v_mount; struct pefs_mount *pm = VFS_TO_PEFS(mp); struct pefs_node *pn; struct pefs_key *pk; - int error = 0, i; + char *enc; + size_t enc_len; + int error = 0, i, r; if (mp->mnt_cred->cr_uid != cred->cr_uid) { error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0); @@ -2465,6 +2471,43 @@ if (pefs_key_remove_all(pm)) pefs_flushkey(mp, td, PEFS_FLUSHKEY_ALL, NULL); break; + case PEFS_GETMAC: + pefs_enccn_init(&enccn); + + cn.cn_nameiop = LOOKUP; + cn.cn_thread = td; + cn.cn_cred = cred; + /* XXXgpf: should probably acquire a shared lock if possible */ + cn.cn_lkflags = 0; + cn.cn_flags = 0; + cn.cn_nameptr = mac->mac_filename; + cn.cn_namelen = mac->mac_namelen; + + error = pefs_enccn_lookup(&enccn, vp, &cn); + printf("pefs_enccn_lookup = %d\n", error); + if (error == 0) { + printf("found!\nlen%ld %s", enccn.pec_cn.cn_namelen, enccn.pec_cn.cn_nameptr); + + enc = enccn.pec_cn.cn_nameptr; + enc_len = enccn.pec_cn.cn_namelen; + + if (enc[0] != '.' || enc_len <= 1) { + error = EINVAL; + break; + } + enc++; + enc_len--; + + r = pefs_name_pton(enc, enc_len, buf, sizeof(buf)); + if (r <= 0) + error = EINVAL; + else + memcpy(&(mac->mac_csum), buf, PEFS_NAME_CSUM_SIZE); + + pefs_enccn_free(&enccn); + } + + break; default: error = ENOTTY; break;