From owner-svn-soc-all@FreeBSD.ORG Thu May 24 20:28:09 2012 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from socsvn.FreeBSD.org (unknown [IPv6:2001:4f8:fff6::2f]) by hub.freebsd.org (Postfix) with SMTP id 3FD87106564A for ; Thu, 24 May 2012 20:28:07 +0000 (UTC) (envelope-from gpf@FreeBSD.org) Received: by socsvn.FreeBSD.org (sSMTP sendmail emulation); Thu, 24 May 2012 20:28:07 +0000 Date: Thu, 24 May 2012 20:28:07 +0000 From: gpf@FreeBSD.org To: svn-soc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Message-Id: <20120524202807.3FD87106564A@hub.freebsd.org> Cc: Subject: socsvn commit: r236318 - in soc2012/gpf/pefs_kmod: sbin/pefs sys/fs/pefs sys/modules/pefs X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2012 20:28:09 -0000 Author: gpf Date: Thu May 24 20:28:06 2012 New Revision: 236318 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=236318 Log: adding checks & locks at pefs_ioctl(), plus a couple of minor changes. Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c soc2012/gpf/pefs_kmod/sbin/pefs/pefs_ctl.c soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c soc2012/gpf/pefs_kmod/sys/modules/pefs/Makefile Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c ============================================================================== --- soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Thu May 24 20:25:05 2012 (r236317) +++ soc2012/gpf/pefs_kmod/sbin/pefs/pefs_checksum.c Thu May 24 20:28:06 2012 (r236318) @@ -280,25 +280,22 @@ } } +/* + * pefs encrypted filename = XBase64(checksum || E(tweak || filename)) + * We use filename mac (checksum) as file_id. This way, should a filesystem + * be dump/restored, there will be no need to recreate .pefs.checksum because + * filenames remain the same. + * + * file id used is checksum = VMAC(E(tweak || filename)) + */ static int pefs_get_file_id(struct file_header *fhp) { char parent_dir[MAXPATHLEN]; - struct pefs_mac mac; + struct pefs_namemac namemac; char *pch; int error, fd; - struct stat sb; - if (stat(fhp->path, &sb) != 0) { - warn("cannot stat file %s", fhp->path); - return (PEFS_ERR_SYS); - } - /* - * XXXgpf: [TODO] This is only temporary so that we won't have conflict errors - * when adding a file header to a bucket. - */ - fhp->file_id = sb.st_ino; - /* feed parent directory to ioctl() */ strlcpy(parent_dir, fhp->path, sizeof(parent_dir)); pch = strrchr(parent_dir, '/'); @@ -307,7 +304,7 @@ return (PEFS_ERR_NOENT); } *pch = '\0'; - + fd = open(parent_dir, O_RDONLY); if (fd < 0) { warn("unable to open file %s", parent_dir); @@ -316,13 +313,13 @@ pch = strrchr(fhp->path, '/'); pch++; - strlcpy(mac.mac_filename, pch, sizeof(mac.mac_filename)); - mac.mac_namelen = strlen(mac.mac_filename); + strlcpy(namemac.pnm_filename, pch, sizeof(namemac.pnm_filename)); + namemac.pnm_namelen = strnlen(namemac.pnm_filename, sizeof(namemac.pnm_filename)); + + error = ioctl(fd, PEFS_GETNAMEMAC, &namemac); - printf("giving values to ioctl() %s and dir = %s\n", mac.mac_filename, parent_dir); - error = ioctl(fd, PEFS_GETMAC, &mac); - printf("ioctl error = %d\n", error); - printf("values returned %lld\n\n", mac.mac_csum); + if (error == 0) + fhp->file_id = namemac.pnm_csum; close(fd); return (error); @@ -399,7 +396,7 @@ * the checksum file. * A) The total sum of entries is gathered so that a hash table is allocated. * B) For each file entry: - * B1) semantic checks: file should reside in pefs filesystem & + * B1) semantic checks: file should reside in pefs filesystem & * file should be regular file * B2) the file_id is retrieved. * B3) list of checksums is computed for the file's 4k blocks. @@ -666,7 +663,7 @@ snprintf(checksum_path, sizeof(checksum_path), "%s/%s", fsroot, PEFS_FILE_CHECKSUM); /* * XXXgpf: [TODO] If pefs fs is mounted when .pefs.checksum is created, then it will obtain an - * encrypted filename & encrypted data. I should make sure that checksum file is not being + * encrypted filename & encrypted data. I should make sure that checksum file is not being * opened inside a mounted pefs filesystem. */ fdout = open(checksum_path, O_WRONLY | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR); Modified: soc2012/gpf/pefs_kmod/sbin/pefs/pefs_ctl.c ============================================================================== --- soc2012/gpf/pefs_kmod/sbin/pefs/pefs_ctl.c Thu May 24 20:25:05 2012 (r236317) +++ soc2012/gpf/pefs_kmod/sbin/pefs/pefs_ctl.c Thu May 24 20:28:06 2012 (r236318) @@ -1013,7 +1013,7 @@ * * pefs addchecksum [-a algo] [-i inputfile] filesystem * - * $command creates .pefs.checksum db file in root of filesystem. + * $command creates .pefs.checksum db file for filesystem. * This file will contain all checksums necessary to check integrity * of files upon access. * @@ -1021,11 +1021,11 @@ * hash function; supported algorithms: sha256, sha512. * * inputfile contains list of files that need integrity checking. - * This should be the outputfile of `pefs addchecklist`. * - * When $command is run, filesystem should *not* be already - * mounted with pefs so that hashes are calculated for ciphertexts - * and not plain texts. + * When $command is run, filesystem should be already mounted with + * pefs. + * + * [TODO] reference for where .pefs.checksum file should be created. * */ static int @@ -1082,7 +1082,8 @@ } /* - * XXXgpf: Instead of a man page entry + * XXXgpf: This should get the axe soon. But I'm keeping it here + * a little while longer just in case. * * pefs addchecklist [-i inputfile] [-o outputfile] filesystem * Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h ============================================================================== --- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h Thu May 24 20:25:05 2012 (r236317) +++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs.h Thu May 24 20:28:06 2012 (r236318) @@ -48,10 +48,10 @@ char pxk_key[PEFS_KEY_SIZE]; }; -struct pefs_mac { - char mac_filename[MAXPATHLEN]; - uint32_t mac_namelen; - uint64_t mac_csum; +struct pefs_namemac { + uint32_t pnm_namelen; + uint64_t pnm_csum; + char pnm_filename[MAXPATHLEN]; }; #ifdef _IO @@ -61,7 +61,7 @@ #define PEFS_DELKEY _IOWR('p', 3, struct pefs_xkey) #define PEFS_FLUSHKEYS _IO('p', 4) #define PEFS_GETNODEKEY _IOWR('p', 5, struct pefs_xkey) -#define PEFS_GETMAC _IOWR('p', 6, struct pefs_mac) +#define PEFS_GETNAMEMAC _IOWR('p', 6, struct pefs_namemac) #endif #ifdef _KERNEL Modified: soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c ============================================================================== --- soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c Thu May 24 20:25:05 2012 (r236317) +++ soc2012/gpf/pefs_kmod/sys/fs/pefs/pefs_vnops.c Thu May 24 20:28:06 2012 (r236318) @@ -2357,18 +2357,17 @@ { struct pefs_enccn enccn; struct componentname cn; - char buf[MAXNAMLEN +1]; struct vnode *vp = ap->a_vp; struct pefs_xkey *xk = ap->a_data; - struct pefs_mac *mac = ap->a_data; + struct pefs_namemac *namemac = ap->a_data; struct ucred *cred = ap->a_cred; struct thread *td = ap->a_td; struct mount *mp = vp->v_mount; struct pefs_mount *pm = VFS_TO_PEFS(mp); struct pefs_node *pn; struct pefs_key *pk; - char *enc; - size_t enc_len; + char *enc, *buf; + size_t enc_len, buf_len; int error = 0, i, r; if (mp->mnt_cred->cr_uid != cred->cr_uid) { @@ -2471,23 +2470,32 @@ if (pefs_key_remove_all(pm)) pefs_flushkey(mp, td, PEFS_FLUSHKEY_ALL, NULL); break; - case PEFS_GETMAC: + case PEFS_GETNAMEMAC: + if (vp->v_type != VDIR) + panic("pefs_ioctl: PEFS_GETNAMEMAC vp is not a directory\n"); + + if (strnlen(namemac->pnm_filename, sizeof(namemac->pnm_filename)) != + namemac->pnm_namelen) + panic("pefs_ioctl: PEFS_GETNAMEMAC incorrect pnm_namelen\n"); + + if (strchr(namemac->pnm_filename, '/') != NULL) + panic("pefs_ioctl: PEFS_GETNAMEMAC pnm_filename contains '/'\n"); + + vn_lock(vp, LK_EXCLUSIVE); pefs_enccn_init(&enccn); cn.cn_nameiop = LOOKUP; cn.cn_thread = td; cn.cn_cred = cred; - /* XXXgpf: should probably acquire a shared lock if possible */ cn.cn_lkflags = 0; cn.cn_flags = 0; - cn.cn_nameptr = mac->mac_filename; - cn.cn_namelen = mac->mac_namelen; + cn.cn_nameptr = namemac->pnm_filename; + cn.cn_namelen = namemac->pnm_namelen; error = pefs_enccn_lookup(&enccn, vp, &cn); - printf("pefs_enccn_lookup = %d\n", error); - if (error == 0) { - printf("found!\nlen%ld %s", enccn.pec_cn.cn_namelen, enccn.pec_cn.cn_nameptr); + VOP_UNLOCK(vp, 0); + if (error == 0) { enc = enccn.pec_cn.cn_nameptr; enc_len = enccn.pec_cn.cn_namelen; @@ -2497,16 +2505,18 @@ } enc++; enc_len--; + buf_len = MAXNAMLEN + 1; + buf = malloc(buf_len, M_TEMP, M_WAITOK); - r = pefs_name_pton(enc, enc_len, buf, sizeof(buf)); + r = pefs_name_pton(enc, enc_len, buf, buf_len); if (r <= 0) error = EINVAL; else - memcpy(&(mac->mac_csum), buf, PEFS_NAME_CSUM_SIZE); - + memcpy(&(namemac->pnm_csum), buf, PEFS_NAME_CSUM_SIZE); + pefs_enccn_free(&enccn); + free(buf, M_TEMP); } - break; default: error = ENOTTY; Modified: soc2012/gpf/pefs_kmod/sys/modules/pefs/Makefile ============================================================================== --- soc2012/gpf/pefs_kmod/sys/modules/pefs/Makefile Thu May 24 20:25:05 2012 (r236317) +++ soc2012/gpf/pefs_kmod/sys/modules/pefs/Makefile Thu May 24 20:28:06 2012 (r236318) @@ -17,9 +17,7 @@ #DEBUG_FLAGS+= -DPEFS_DEBUG #DEBUG_FLAGS+= -DPEFS_DEBUG_EXTRA -CFLAGS+= -I${.CURDIR}/../../ - -# Temporally build crypto/hmac into pefs module +CFLAGS+= -I${.CURDIR}/../../# Temporally build crypto/hmac into pefs module .PATH: ${.CURDIR}/../../crypto/hmac SRCS+= hmac_sha512.c