From owner-svn-soc-all@FreeBSD.ORG Mon Jul 22 16:33:44 2013 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 013609A9 for ; Mon, 22 Jul 2013 16:33:43 +0000 (UTC) (envelope-from def@FreeBSD.org) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E5B1627DD for ; Mon, 22 Jul 2013 16:33:43 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.7/8.14.7) with ESMTP id r6MGXhhk043955 for ; Mon, 22 Jul 2013 16:33:43 GMT (envelope-from def@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.7/8.14.6/Submit) id r6MGXhan043952 for svn-soc-all@FreeBSD.org; Mon, 22 Jul 2013 16:33:43 GMT (envelope-from def@FreeBSD.org) Date: Mon, 22 Jul 2013 16:33:43 GMT Message-Id: <201307221633.r6MGXhan043952@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to def@FreeBSD.org using -f From: def@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r255039 - soc2013/def/crashdump-head/sbin/savecore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jul 2013 16:33:44 -0000 Author: def Date: Mon Jul 22 16:33:43 2013 New Revision: 255039 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=255039 Log: Decrypt a crash dump with savecore using xts.h. Modified: soc2013/def/crashdump-head/sbin/savecore/Makefile soc2013/def/crashdump-head/sbin/savecore/savecore.c Modified: soc2013/def/crashdump-head/sbin/savecore/Makefile ============================================================================== --- soc2013/def/crashdump-head/sbin/savecore/Makefile Mon Jul 22 15:02:55 2013 (r255038) +++ soc2013/def/crashdump-head/sbin/savecore/Makefile Mon Jul 22 16:33:43 2013 (r255039) @@ -1,8 +1,17 @@ # $FreeBSD$ +SYS= ${.CURDIR}/../../sys +.PATH: ${SYS}/crypto/camellia ${SYS}/crypto/rijndael ${SYS}/crypto + PROG= savecore +SRCS= ${PROG}.c +SRCS+= rijndael-api.c rijndael-api-fst.c rijndael-alg-fst.c +SRCS+= camellia.c +SRCS+= xts.c DPADD= ${LIBZ} LDADD= -lz +CFLAGS+=-I${SYS} +WARNS?= 2 MAN= savecore.8 .include Modified: soc2013/def/crashdump-head/sbin/savecore/savecore.c ============================================================================== --- soc2013/def/crashdump-head/sbin/savecore/savecore.c Mon Jul 22 15:02:55 2013 (r255038) +++ soc2013/def/crashdump-head/sbin/savecore/savecore.c Mon Jul 22 16:33:43 2013 (r255039) @@ -68,6 +68,7 @@ #include #include #include +#include #include #include #include @@ -291,16 +292,22 @@ static int DoRegularFile(int fd, off_t dumpsize, char *buf, const char *device, - const char *filename, FILE *fp) + const char *filename, FILE *fp, FILE *fp_enc, struct kerneldumpheader *kdh, + off_t offset) { int he, hs, nr, nw, wl; off_t dmpcnt, origsize; + rijndael_ctx tweak_ctx, data_ctx; + + rijndael_set_key(&tweak_ctx, kdh->key, kdh->keysize << 3); + rijndael_set_key(&data_ctx, kdh->key, kdh->keysize << 3); dmpcnt = 0; origsize = dumpsize; he = 0; while (dumpsize > 0) { - wl = BUFFERSIZE; + // wl = BUFFERSIZE; + wl = 512; if (wl > dumpsize) wl = dumpsize; nr = read(fd, buf, wl); @@ -345,10 +352,18 @@ * If hs > nw, buf[nw..hs] contains non-zero data. * If he > hs, buf[hs..he] is all zeroes. */ - if (hs > nw) + if (hs > nw) { + if (fwrite(buf + nw, hs - nw, 1, fp_enc) + != 1) + break; + xts_block_decrypt(&xts_alg_aes, (struct xts_ctx *)&tweak_ctx, (struct xts_ctx *)&data_ctx, + offset, kdh->tweak, hs - nw, + buf + nw, buf + nw); + offset += hs - nw; if (fwrite(buf + nw, hs - nw, 1, fp) != 1) break; + } if (he > hs) if (fseeko(fp, he - hs, SEEK_CUR) == -1) break; @@ -432,11 +447,12 @@ static void DoFile(const char *savedir, const char *device) { - static char infoname[PATH_MAX], corename[PATH_MAX], linkname[PATH_MAX]; + static char infoname[PATH_MAX], corename[PATH_MAX], + corename_enc[PATH_MAX], linkname[PATH_MAX]; static char *buf = NULL; struct kerneldumpheader kdhf, kdhl; off_t mediasize, dumpsize, firsthd, lasthd; - FILE *info, *fp; + FILE *info, *fp, *fp_enc; mode_t oumask; int fd, fdinfo, error; int bounds, status; @@ -632,9 +648,12 @@ } else { snprintf(corename, sizeof(corename), "%s.%d", istextdump ? "textdump.tar" : "vmcore", bounds); + snprintf(corename_enc, sizeof(corename_enc), "%s_encrypted.%d", + istextdump ? "textdump.tar" : "vmcore", bounds); fp = fopen(corename, "w"); + fp_enc = fopen(corename_enc, "w"); } - if (fp == NULL) { + if (fp == NULL || fp_enc == NULL) { syslog(LOG_ERR, "%s: %m", corename); close(fdinfo); nerr++; @@ -664,7 +683,8 @@ corename, fp) < 0) goto closeall; } else { - if (DoRegularFile(fd, dumpsize, buf, device, corename, fp) + if (DoRegularFile(fd, dumpsize, buf, device, corename, + fp, fp_enc, &kdhl, firsthd + sizeof(kdhf)) < 0) goto closeall; } @@ -677,6 +697,12 @@ goto closeall; } + if (fp_enc != NULL && fclose(fp_enc) < 0) { + syslog(LOG_ERR, "error on %s: %m", corename_enc); + nerr++; + goto closeall; + } + symlinks_remove(); if (symlink(infoname, "info.last") == -1) { syslog(LOG_WARNING, "unable to create symlink %s/%s: %m", @@ -715,6 +741,7 @@ closeall: fclose(fp); + fclose(fp_enc); closefd: close(fd);