Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-3]: src/sys/dev Pull up revision 1.19 (requested by elad in ticke...
details: https://anonhg.NetBSD.org/src/rev/154162eb02f0
branches: netbsd-3
changeset: 576940:154162eb02f0
user: tron <tron%NetBSD.org@localhost>
date: Mon Aug 15 12:38:03 2005 +0000
description:
Pull up revision 1.19 (requested by elad in ticket #654):
Change how we handle duplicates in the signatures file.
Just give collision information (filename, device, inode, old and new
entry type and algorithm, and note if the fingerprint is the same or not.
diffstat:
sys/dev/verified_exec.c | 41 +++++++++++++++++------------------------
1 files changed, 17 insertions(+), 24 deletions(-)
diffs (64 lines):
diff -r a5ce5d9a10fa -r 154162eb02f0 sys/dev/verified_exec.c
--- a/sys/dev/verified_exec.c Sun Aug 14 22:32:08 2005 +0000
+++ b/sys/dev/verified_exec.c Mon Aug 15 12:38:03 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: verified_exec.c,v 1.5.2.13 2005/07/02 17:39:10 tron Exp $ */
+/* $NetBSD: verified_exec.c,v 1.5.2.14 2005/08/15 12:38:03 tron Exp $ */
/*-
* Copyright 2005 Elad Efrat <elad%bsd.org.il@localhost>
@@ -31,9 +31,9 @@
#include <sys/cdefs.h>
#if defined(__NetBSD__)
-__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.5.2.13 2005/07/02 17:39:10 tron Exp $");
+__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.5.2.14 2005/08/15 12:38:03 tron Exp $");
#else
-__RCSID("$Id: verified_exec.c,v 1.5.2.13 2005/07/02 17:39:10 tron Exp $\n$NetBSD: verified_exec.c,v 1.5.2.13 2005/07/02 17:39:10 tron Exp $");
+__RCSID("$Id: verified_exec.c,v 1.5.2.14 2005/08/15 12:38:03 tron Exp $\n$NetBSD: verified_exec.c,v 1.5.2.14 2005/08/15 12:38:03 tron Exp $");
#endif
#include <sys/param.h>
@@ -237,28 +237,21 @@
hh = veriexec_lookup(va.va_fsid, va.va_fileid);
if (hh != NULL) {
/*
- * Duplicate entry; handle access type conflict
- * and enforce 'FILE' over 'INDIRECT' over
- * 'DIRECT'.
+ * Duplicate entry means something is wrong in
+ * the signature file. Just give collision info
+ * and return.
*/
- if (hh->type < params->type) {
- hh->type = params->type;
-
- veriexec_report("Duplicate entry with "
- "access type mismatch. "
- "Updating to stricter "
- "type.", params->file,
- &va, NULL,
- REPORT_NOVERBOSE,
- REPORT_NOALARM,
- REPORT_NOPANIC);
- } else {
- veriexec_report("Duplicate entry.",
- params->file, &va, NULL,
- REPORT_VERBOSE_HIGH,
- REPORT_NOALARM,
- REPORT_NOPANIC);
- }
+ printf("veriexec: Duplicate entry. [%s, %ld:%lu] "
+ "old[type=0x%02x, algorithm=%s], "
+ "new[type=0x%02x, algorithm=%s] "
+ "(%s fingerprint)\n",
+ params->file, va.va_fsid, va.va_fileid,
+ hh->type, hh->ops->type,
+ params->type, params->fp_type,
+ (((hh->ops->hash_len != params->size) ||
+ (memcmp(hh->fp, params->fingerprint,
+ min(hh->ops->hash_len, params->size))
+ != 0)) ? "different" : "same"));
return (0);
}
Home |
Main Index |
Thread Index |
Old Index