Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-8]: src/sys/kern Pull up following revision(s) (requested by pgoy...
details: https://anonhg.NetBSD.org/src/rev/b722dd52feaf
branches: netbsd-8
changeset: 850995:b722dd52feaf
user: martin <martin%NetBSD.org@localhost>
date: Thu Aug 31 11:46:23 2017 +0000
description:
Pull up following revision(s) (requested by pgoyette in ticket #251):
sys/kern/kern_veriexec.c: revision 1.16
When adding a new veriexec_file_entry, if an entry already exists with
all the same values (except for the filename) just ignore it. Otherwise
report the duplicate-entry error.
This allows the user to create a signature file with veriexegen(8) and
not worry about duplicate entries (due to hard-linked files) which will
otherwise cause /etc/rc.d/veriexec to report an error.
Fixes PR kern/52512
XXX Pull-up for -8
diffstat:
sys/kern/kern_veriexec.c | 31 +++++++++++++++++++++++--------
1 files changed, 23 insertions(+), 8 deletions(-)
diffs (76 lines):
diff -r 71d13652c6cc -r b722dd52feaf sys/kern/kern_veriexec.c
--- a/sys/kern/kern_veriexec.c Thu Aug 31 11:43:44 2017 +0000
+++ b/sys/kern/kern_veriexec.c Thu Aug 31 11:46:23 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_veriexec.c,v 1.12 2017/04/12 10:30:02 hannken Exp $ */
+/* $NetBSD: kern_veriexec.c,v 1.12.4.1 2017/08/31 11:46:23 martin Exp $ */
/*-
* Copyright (c) 2005, 2006 Elad Efrat <elad%NetBSD.org@localhost>
@@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_veriexec.c,v 1.12 2017/04/12 10:30:02 hannken Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_veriexec.c,v 1.12.4.1 2017/08/31 11:46:23 martin Exp $");
#include "opt_veriexec.h"
@@ -1050,9 +1050,11 @@
{
struct veriexec_table_entry *vte;
struct veriexec_file_entry *vfe = NULL;
+ struct veriexec_file_entry *ovfe;
struct vnode *vp;
const char *file, *fp_type;
int error;
+ bool ignore_dup = false;
if (!prop_dictionary_get_cstring_nocopy(dict, "file", &file))
return (EINVAL);
@@ -1096,12 +1098,6 @@
rw_enter(&veriexec_op_lock, RW_WRITER);
- if (veriexec_get(vp)) {
- /* We already have an entry for this file. */
- error = EEXIST;
- goto unlock_out;
- }
-
/* Continue entry initialization. */
if (prop_dictionary_get_uint8(dict, "entry-type", &vfe->type) == FALSE)
vfe->type = 0;
@@ -1140,6 +1136,22 @@
vfe->status = status;
}
+ /*
+ * If we already have an entry for this file, and it matches
+ * the new entry exactly (except for the filename, which may
+ * hard-linked!), we just ignore the new entry. If the new
+ * entry differs, report the error.
+ */
+ if ((ovfe = veriexec_get(vp)) != NULL) {
+ error = EEXIST;
+ if (vfe->type == ovfe->type &&
+ vfe->status == ovfe->status &&
+ vfe->ops == ovfe->ops &&
+ memcmp(vfe->fp, ovfe->fp, vfe->ops->hash_len) == 0)
+ ignore_dup = true;
+ goto unlock_out;
+ }
+
vte = veriexec_table_lookup(vp->v_mount);
if (vte == NULL)
vte = veriexec_table_add(l, vp->v_mount);
@@ -1163,6 +1175,9 @@
if (error)
veriexec_file_free(vfe);
+ if (ignore_dup && error == EEXIST)
+ error = 0;
+
return (error);
}
Home |
Main Index |
Thread Index |
Old Index