Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-3]: src/sys/kern Pull up revision 1.29 (requested by elad in tick...

details:   https://anonhg.NetBSD.org/src/rev/438ead51c89c
branches:  netbsd-3
changeset: 576387:438ead51c89c
user:      tron <tron%NetBSD.org@localhost>
date:      Sat Jul 02 15:58:29 2005 +0000

description:
Pull up revision 1.29 (requested by elad in ticket #487):
- Use more calls to veriexec_report() where possible.
- Change #ifdef VERIFIED_EXEC_VERBOSE to another verbose level, 2. Add
sysctl(3) bits.
- Simplify access type conflict handling during load. This depends on
the values of access type defines to be ordered from least to most
'strict'.

diffstat:

 sys/kern/kern_verifiedexec.c |  21 ++++++++++-----------
 1 files changed, 10 insertions(+), 11 deletions(-)

diffs (78 lines):

diff -r 34f2b21f32db -r 438ead51c89c sys/kern/kern_verifiedexec.c
--- a/sys/kern/kern_verifiedexec.c      Sat Jul 02 15:58:23 2005 +0000
+++ b/sys/kern/kern_verifiedexec.c      Sat Jul 02 15:58:29 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_verifiedexec.c,v 1.9.2.19 2005/07/02 15:54:12 tron Exp $  */
+/*     $NetBSD: kern_verifiedexec.c,v 1.9.2.20 2005/07/02 15:58:29 tron Exp $  */
 
 /*-
  * Copyright 2005 Elad Efrat <elad%bsd.org.il@localhost>
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.9.2.19 2005/07/02 15:54:12 tron Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.9.2.20 2005/07/02 15:58:29 tron Exp $");
 
 #include <sys/param.h>
 #include <sys/mount.h>
@@ -260,10 +260,9 @@
 int
 veriexec_fp_cmp(struct veriexec_fp_ops *ops, u_char *fp1, u_char *fp2)
 {
-#ifdef VERIFIED_EXEC_DEBUG
-       int i;
+       if (veriexec_verbose >= 2) {
+               int i;
 
-       if (veriexec_verbose > 1) {
                printf("comparing hashes...\n");
                printf("fp1: ");
                for (i = 0; i < ops->hash_len; i++) {
@@ -275,7 +274,6 @@
                }
                printf("\n");
        }
-#endif
 
        return (memcmp(fp1, fp2, ops->hash_len));
 }
@@ -357,7 +355,6 @@
         u_char *digest = NULL;
         int error = 0;
 
-       /* XXXEE Ignore non-VREG files. */
        if (vp->v_type != VREG)
                return (0);
 
@@ -375,7 +372,9 @@
                                           M_WAITOK);
                error = veriexec_fp_calc(p, vp, vhe, va->va_size, digest);
                if (error) {
-                       /* XXXEE verbose+ printf here */
+                       veriexec_report("Fingerprint calculation error.",
+                                       name, va, NULL, REPORT_NOVERBOSE,
+                                       REPORT_NOALARM, REPORT_NOPANIC);
                        free(digest, M_TEMP);
                        return (error);
                }
@@ -510,8 +509,8 @@
  */
 void
 veriexec_report(const u_char *msg, const u_char *filename,
-               struct vattr *va, struct proc *p, int verbose_only,
-               int alarm, int die)
+               struct vattr *va, struct proc *p, int verbose, int alarm,
+               int die)
 {
        void (*f)(const char *, ...);
 
@@ -523,7 +522,7 @@
        else
                f = (void (*)(const char *, ...)) printf;
 
-       if (!verbose_only || veriexec_verbose) {
+       if (!verbose || (verbose == veriexec_verbose)) {
                if (!alarm || p == NULL)
                        f("veriexec: %s [%s, %d:%u%s", msg, filename,
                            va->va_fsid, va->va_fileid,
Home | Main Index | Thread Index | Old Index