Subject: CVS commit: src/sys
To: None <source-changes@NetBSD.org>
From: Elad Efrat <elad@netbsd.org>
List: source-changes
Date: 11/30/2006 01:09:48
Module Name: src
Committed By: elad
Date: Thu Nov 30 01:09:48 UTC 2006
Modified Files:
src/sys/dev: verified_exec.c
src/sys/kern: kern_verifiedexec.c vfs_syscalls.c vfs_vnops.c
src/sys/sys: verified_exec.h
Log Message:
Massive restructuring and cleanup of Veriexec, mainly in preparation
for work on some future functionality.
- Veriexec data-structures are no longer exposed.
- Thanks to using proplib for data passing now, the interface
changes further to accomodate that.
Introduce four new functions. First, veriexec_file_add(), to add
a new file to be monitored by Veriexec, to replace both
veriexec_load() and veriexec_hashadd(). veriexec_table_add(), to
replace veriexec_newtable(), will be used to optimize hash table
size (during preload), and finally, veriexec_convert(), to convert
an internal entry to one userland can read.
- Introduce veriexec_unmountchk(), to enforce Veriexec unmount
policy. This cleans up a bit of code in kern/vfs_syscalls.c.
- Rename veriexec_tblfind() with veriexec_table_lookup(), and make
it static. More functions that became static: veriexec_fp_cmp(),
veriexec_fp_calc().
- veriexec_verify() no longer returns the entry as well, but just
sets a boolean indicating whether an entry was found or not.
- veriexec_purge() now takes a struct vnode *.
- veriexec_add_fp_name() was merged into veriexec_add_fp_ops(), that
changed its name to veriexec_fpops_add(). veriexec_find_ops() was
also renamed to veriexec_fpops_lookup().
Also on the fp-ops front, the three function types used to initialize,
update, and finalize a hash context were renamed to
veriexec_fpop_init_t, veriexec_fpop_update_t, and veriexec_fpop_final_t
respectively.
- Introduce a new malloc(9) type, M_VERIEXEC, and use it instead of
M_TEMP, so we can tell exactly how much memory is used by Veriexec.
- And, most importantly, whitespace and indentation nits.
Built successfuly for amd64, i386, sparc, and sparc64. Tested on amd64.
To generate a diff of this commit:
cvs rdiff -r1.50 -r1.51 src/sys/dev/verified_exec.c
cvs rdiff -r1.74 -r1.75 src/sys/kern/kern_verifiedexec.c
cvs rdiff -r1.278 -r1.279 src/sys/kern/vfs_syscalls.c
cvs rdiff -r1.128 -r1.129 src/sys/kern/vfs_vnops.c
cvs rdiff -r1.43 -r1.44 src/sys/sys/verified_exec.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.