Date: Wed, 11 Mar 2009 01:12:52 +0000 (UTC) From: Sam Leffler <sam@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r189660 - head/sys/geom Message-ID: <200903110112.n2B1Cqoh079031@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sam Date: Wed Mar 11 01:12:52 2009 New Revision: 189660 URL: http://svn.freebsd.org/changeset/base/189660 Log: o disallow write to RedBoot and FIS directory partitions; these are painful to resurrect (maybe honor foot shooting bit in kern.geom_debugflags) o fix match macro so we now recognize we want to merge FIS dir with RedBoot config parameters even if we don't actually do it Modified: head/sys/geom/geom_redboot.c Modified: head/sys/geom/geom_redboot.c ============================================================================== --- head/sys/geom/geom_redboot.c Wed Mar 11 01:03:32 2009 (r189659) +++ head/sys/geom/geom_redboot.c Wed Mar 11 01:12:52 2009 (r189660) @@ -62,6 +62,7 @@ struct fis_image_desc { #define FISDIR_NAME "FIS directory" #define REDBCFG_NAME "RedBoot config" +#define REDBOOT_NAME "RedBoot" #define REDBOOT_MAXSLICE 64 #define REDBOOT_MAXOFF \ @@ -70,6 +71,8 @@ struct fis_image_desc { struct g_redboot_softc { uint32_t entry[REDBOOT_MAXSLICE]; uint32_t dsize[REDBOOT_MAXSLICE]; + uint8_t readonly[REDBOOT_MAXSLICE]; + g_access_t *parent_access; }; static void @@ -90,6 +93,18 @@ g_redboot_ioctl(struct g_provider *pp, u } static int +g_redboot_access(struct g_provider *pp, int dread, int dwrite, int dexcl) +{ + struct g_geom *gp = pp->geom; + struct g_slicer *gsp = gp->softc; + struct g_redboot_softc *sc = gsp->softc; + + if (dwrite > 0 && sc->readonly[pp->index]) + return (EPERM); + return (sc->parent_access(pp, dread, dwrite, dexcl)); +} + +static int g_redboot_start(struct bio *bp) { struct g_provider *pp; @@ -155,8 +170,7 @@ nameok(const char name[16]) static struct fis_image_desc * parse_fis_directory(u_char *buf, size_t bufsize, off_t offset, uint32_t offmask) { -#define match(a,b) \ - (bcmp(fd->name, FISDIR_NAME, sizeof(FISDIR_NAME)-1) == 0) +#define match(a,b) (bcmp(a, b, sizeof(b)-1) == 0) struct fis_image_desc *fd, *efd; struct fis_image_desc *fisdir, *redbcfg; struct fis_image_desc *head, **tail; @@ -242,6 +256,10 @@ g_redboot_taste(struct g_class *mp, stru g_redboot_start); if (gp == NULL) return (NULL); + /* interpose our access method */ + sc->parent_access = gp->access; + gp->access = g_redboot_access; + sectorsize = cp->provider->sectorsize; blksize = cp->provider->stripesize; if (powerof2(cp->provider->mediasize)) @@ -287,6 +305,9 @@ again: __func__, error, fd->name); sc->entry[i] = fd->entry; sc->dsize[i] = fd->dsize; + /* disallow writing hard-to-recover entries */ + sc->readonly[i] = (strcmp(fd->name, FISDIR_NAME) == 0) || + (strcmp(fd->name, REDBOOT_NAME) == 0); i++; } g_free(buf);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903110112.n2B1Cqoh079031>