Module Name: src
Committed By: maxv
Date: Tue Aug 4 11:42:08 UTC 2015
Modified Files:
src/sys/kern: kern_veriexec.c
Log Message:
Small changes:
- remove the per-page stuff. It has been disabled for 10 years, and it is
not implemented properly.
- typo in comment
- use KASSERT
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/sys/kern/kern_veriexec.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_veriexec.c
diff -u src/sys/kern/kern_veriexec.c:1.9 src/sys/kern/kern_veriexec.c:1.10
--- src/sys/kern/kern_veriexec.c:1.9 Fri Jul 24 13:02:52 2015
+++ src/sys/kern/kern_veriexec.c Tue Aug 4 11:42:08 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_veriexec.c,v 1.9 2015/07/24 13:02:52 maxv Exp $ */
+/* $NetBSD: kern_veriexec.c,v 1.10 2015/08/04 11:42:08 maxv Exp $ */
/*-
* Copyright (c) 2005, 2006 Elad Efrat <e...@netbsd.org>
@@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_veriexec.c,v 1.9 2015/07/24 13:02:52 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_veriexec.c,v 1.10 2015/08/04 11:42:08 maxv Exp $");
#include "opt_veriexec.h"
@@ -92,11 +92,7 @@ struct veriexec_file_entry {
u_char *filename; /* File name. */
u_char type; /* Entry type. */
u_char status; /* Evaluation status. */
- u_char page_fp_status; /* Per-page FP status. */
u_char *fp; /* Fingerprint. */
- void *page_fp; /* Per-page fingerprints */
- size_t npages; /* Number of pages. */
- size_t last_page_size; /* To support < PAGE_SIZE */
struct veriexec_fpops *ops; /* Fingerprint ops vector*/
size_t filename_len; /* Length of filename. */
};
@@ -227,7 +223,7 @@ SYSCTL_SETUP(sysctl_kern_veriexec_setup,
}
/*
- * Add ops to the fignerprint ops vector list.
+ * Add ops to the fingerprint ops vector list.
*/
int
veriexec_fpops_add(const char *fp_type, size_t hash_len, size_t ctx_size,
@@ -236,16 +232,14 @@ veriexec_fpops_add(const char *fp_type,
{
struct veriexec_fpops *ops;
- /* Sanity check all parameters. */
- if ((fp_type == NULL) || (hash_len == 0) || (ctx_size == 0) ||
- (init == NULL) || (update == NULL) || (final == NULL))
- return (EFAULT);
+ KASSERT((init != NULL) && (update != NULL) && (final != NULL));
+ KASSERT((hash_len != 0) && (ctx_size != 0));
+ KASSERT(fp_type != NULL);
if (veriexec_fpops_lookup(fp_type) != NULL)
return (EEXIST);
ops = kmem_alloc(sizeof(*ops), KM_SLEEP);
-
ops->type = fp_type;
ops->hash_len = hash_len;
ops->context_size = ctx_size;
@@ -422,11 +416,11 @@ veriexec_fp_calc(struct lwp *l, struct v
struct veriexec_file_entry *vfe, u_char *fp)
{
struct vattr va;
- void *ctx, *page_ctx;
- u_char *buf, *page_fp;
+ void *ctx;
+ u_char *buf;
off_t offset, len;
- size_t resid, npages;
- int error, do_perpage, pagen;
+ size_t resid;
+ int error;
KASSERT(file_lock_state != VERIEXEC_LOCKED);
KASSERT(file_lock_state != VERIEXEC_UNLOCKED);
@@ -439,32 +433,13 @@ veriexec_fp_calc(struct lwp *l, struct v
if (error)
return (error);
-#ifdef notyet /* XXX - for now */
- if ((vfe->type & VERIEXEC_UNTRUSTED) &&
- (vfe->page_fp_status == PAGE_FP_NONE))
- do_perpage = 1;
- else
-#endif /* notyet */
- do_perpage = 0;
-
ctx = kmem_alloc(vfe->ops->context_size, KM_SLEEP);
buf = kmem_alloc(PAGE_SIZE, KM_SLEEP);
- page_ctx = NULL;
- page_fp = NULL;
- npages = 0;
- if (do_perpage) {
- npages = (va.va_size >> PAGE_SHIFT) + 1;
- page_fp = kmem_alloc(vfe->ops->hash_len * npages, KM_SLEEP);
- vfe->page_fp = page_fp;
- page_ctx = kmem_alloc(vfe->ops->context_size, KM_SLEEP);
- }
-
(vfe->ops->init)(ctx);
len = 0;
error = 0;
- pagen = 0;
for (offset = 0; offset < va.va_size; offset += PAGE_SIZE) {
len = ((va.va_size - offset) < PAGE_SIZE) ?
(va.va_size - offset) : PAGE_SIZE;
@@ -476,51 +451,18 @@ veriexec_fp_calc(struct lwp *l, struct v
l->l_cred, &resid, NULL);
if (error) {
- if (do_perpage) {
- kmem_free(vfe->page_fp,
- vfe->ops->hash_len * npages);
- vfe->page_fp = NULL;
- }
-
goto bad;
}
(vfe->ops->update)(ctx, buf, (unsigned int) len);
- if (do_perpage) {
- (vfe->ops->init)(page_ctx);
- (vfe->ops->update)(page_ctx, buf, (unsigned int)len);
- (vfe->ops->final)(page_fp, page_ctx);
-
- if (veriexec_verbose >= 2) {
- int i;
-
- printf("hash for page %d: ", pagen);
- for (i = 0; i < vfe->ops->hash_len; i++)
- printf("%02x", page_fp[i]);
- printf("\n");
- }
-
- page_fp += vfe->ops->hash_len;
- pagen++;
- }
-
if (len != PAGE_SIZE)
break;
}
(vfe->ops->final)(fp, ctx);
- if (do_perpage) {
- vfe->last_page_size = len;
- vfe->page_fp_status = PAGE_FP_READY;
- vfe->npages = npages;
- }
-
bad:
- if (do_perpage)
- kmem_free(page_ctx, vfe->ops->context_size);
-
kmem_free(ctx, vfe->ops->context_size);
kmem_free(buf, PAGE_SIZE);
@@ -606,7 +548,6 @@ veriexec_file_report(struct veriexec_fil
{
if (vfe != NULL && vfe->filename != NULL)
filename = vfe->filename;
-
if (filename == NULL)
return;
@@ -782,81 +723,6 @@ veriexec_verify(struct lwp *l, struct vn
return (r);
}
-#ifdef notyet
-/*
- * Evaluate per-page fingerprints.
- */
-int
-veriexec_page_verify(struct veriexec_file_entry *vfe, struct vm_page *pg,
- size_t idx, struct lwp *l)
-{
- void *ctx;
- u_char *fp;
- u_char *page_fp;
- int error;
- vaddr_t kva;
-
- if (vfe->page_fp_status == PAGE_FP_NONE)
- return (0);
-
- if (vfe->page_fp_status == PAGE_FP_FAIL)
- return (EPERM);
-
- if (idx >= vfe->npages)
- return (0);
-
- ctx = kmem_alloc(vfe->ops->context_size, KM_SLEEP);
- fp = kmem_alloc(vfe->ops->hash_len, KM_SLEEP);
- kva = uvm_km_alloc(kernel_map, PAGE_SIZE, VM_PGCOLOR_BUCKET(pg),
- UVM_KMF_COLORMATCH | UVM_KMF_VAONLY | UVM_KMF_WAITVA);
- pmap_kenter_pa(kva, VM_PAGE_TO_PHYS(pg), VM_PROT_READ, 0);
- pmap_update(pmap_kernel());
-
- page_fp = (u_char *) vfe->page_fp + (vfe->ops->hash_len * idx);
- (vfe->ops->init)(ctx);
- (vfe->ops->update)(ctx, (void *) kva,
- ((vfe->npages - 1) == idx) ? vfe->last_page_size
- : PAGE_SIZE);
- (vfe->ops->final)(fp, ctx);
-
- pmap_kremove(kva, PAGE_SIZE);
- pmap_update(pmap_kernel());
- uvm_km_free(kernel_map, kva, PAGE_SIZE, UVM_KMF_VAONLY);
-
- error = veriexec_fp_cmp(vfe->ops, page_fp, fp);
- if (error) {
- const char *msg;
-
- if (veriexec_strict > VERIEXEC_LEARNING) {
- msg = "Pages modified: Killing process.";
- } else {
- msg = "Pages modified.";
- error = 0;
- }
-
- veriexec_file_report(msg, "[page_in]", l,
- REPORT_ALWAYS|REPORT_ALARM);
-
- if (error) {
- ksiginfo_t ksi;
-
- KSI_INIT(&ksi);
- ksi.ksi_signo = SIGKILL;
- ksi.ksi_code = SI_NOINFO;
- ksi.ksi_pid = l->l_proc->p_pid;
- ksi.ksi_uid = 0;
-
- kpsignal(l->l_proc, &ksi, NULL);
- }
- }
-
- kmem_free(ctx, vfe->ops->context_size);
- kmem_free(fp, vfe->ops->hash_len);
-
- return (error);
-}
-#endif /* notyet */
-
/*
* Veriexec remove policy code.
*/
@@ -992,8 +858,6 @@ veriexec_file_free(struct veriexec_file_
if (vfe != NULL) {
if (vfe->fp != NULL)
kmem_free(vfe->fp, vfe->ops->hash_len);
- if (vfe->page_fp != NULL)
- kmem_free(vfe->page_fp, vfe->ops->hash_len);
if (vfe->filename != NULL)
kmem_free(vfe->filename, vfe->filename_len);
rw_destroy(&vfe->lock);
@@ -1267,11 +1131,6 @@ veriexec_file_add(struct lwp *l, prop_di
} else
vfe->filename = NULL;
- vfe->page_fp = NULL;
- vfe->page_fp_status = PAGE_FP_NONE;
- vfe->npages = 0;
- vfe->last_page_size = 0;
-
if (prop_bool_true(prop_dictionary_get(dict, "eval-on-load")) ||
(vfe->type & VERIEXEC_UNTRUSTED)) {
u_char status;
