From owner-svn-soc-all@FreeBSD.ORG Mon May 4 17:52:05 2015 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B2BB193 for ; Mon, 4 May 2015 17:52:05 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A093B1E93 for ; Mon, 4 May 2015 17:52:05 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id t44Hq5I2089369 for ; Mon, 4 May 2015 17:52:05 GMT (envelope-from def@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id t44Hq45w089355 for svn-soc-all@FreeBSD.org; Mon, 4 May 2015 17:52:04 GMT (envelope-from def@FreeBSD.org) Date: Mon, 4 May 2015 17:52:04 GMT Message-Id: <201505041752.t44Hq45w089355@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to def@FreeBSD.org using -f From: def@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r284999 - in soc2013/def/crashdump-head: etc/rc.d sbin/cryptcore sys/kern MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 May 2015 17:52:05 -0000 Author: def Date: Mon May 4 17:52:03 2015 New Revision: 284999 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=284999 Log: Rename sysctl nodes kern.ekcd.* to security.ekcd.*. Modified: soc2013/def/crashdump-head/etc/rc.d/cryptcore soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Modified: soc2013/def/crashdump-head/etc/rc.d/cryptcore ============================================================================== --- soc2013/def/crashdump-head/etc/rc.d/cryptcore Mon May 4 17:38:38 2015 (r284998) +++ soc2013/def/crashdump-head/etc/rc.d/cryptcore Mon May 4 17:52:03 2015 (r284999) @@ -14,7 +14,7 @@ cryptcore_start() { - sysctl -Nq kern.ekcd.enable >/dev/null + sysctl -Nq security.ekcd.enable >/dev/null if [ $? -ne 0 ]; then err 1 "Kernel is missing encrypted kernel crash dumps." fi @@ -28,7 +28,7 @@ err 1 "Unable to generate an one-time key." fi - sysctl kern.ekcd.enable=1 + sysctl security.ekcd.enable=1 } load_rc_config $name Modified: soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c ============================================================================== --- soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Mon May 4 17:38:38 2015 (r284998) +++ soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Mon May 4 17:52:03 2015 (r284999) @@ -64,17 +64,17 @@ /* * From this moment on keys have to be erased before exit. */ - if (sysctlbyname("kern.ekcd.keymaterial", NULL, NULL, buf, + if (sysctlbyname("security.ekcd.keymaterial", NULL, NULL, buf, KERNELDUMP_KEY_SIZE) != 0) { pjdlog_errno(LOG_ERR, "Unable to set key material"); goto failed; } - if (sysctlbyname("kern.ekcd.iv", NULL, NULL, buf + KERNELDUMP_KEY_SIZE, - KERNELDUMP_IV_SIZE) != 0) { + if (sysctlbyname("security.ekcd.iv", NULL, NULL, + buf + KERNELDUMP_KEY_SIZE, KERNELDUMP_IV_SIZE) != 0) { pjdlog_errno(LOG_ERR, "Unable to set IV"); goto failed; } - if (sysctlbyname("kern.ekcd.ciphertext", NULL, NULL, ciphertext, + if (sysctlbyname("security.ekcd.ciphertext", NULL, NULL, ciphertext, pubkeysize) != 0) { pjdlog_errno(LOG_ERR, "Unable to set ciphertext"); goto failed; Modified: soc2013/def/crashdump-head/sys/kern/kern_shutdown.c ============================================================================== --- soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Mon May 4 17:38:38 2015 (r284998) +++ soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Mon May 4 17:52:03 2015 (r284999) @@ -144,20 +144,20 @@ static int kerneldump_sysctl_keymaterial(SYSCTL_HANDLER_ARGS); static int kerneldump_sysctl_iv(SYSCTL_HANDLER_ARGS); -SYSCTL_NODE(_kern, OID_AUTO, ekcd, CTLFLAG_RW, 0, +SYSCTL_NODE(_security, OID_AUTO, ekcd, CTLFLAG_RW, 0, "Encrypted kernel crash dumps"); -SYSCTL_INT(_kern_ekcd, OID_AUTO, enable, CTLFLAG_RW, &dumperkey.kdk_enable, +SYSCTL_INT(_security_ekcd, OID_AUTO, enable, CTLFLAG_RW, &dumperkey.kdk_enable, 0, "Enable encrypted kernel crash dumps"); -SYSCTL_PROC(_kern_ekcd, OID_AUTO, keymaterial, CTLTYPE_OPAQUE | CTLFLAG_WR, +SYSCTL_PROC(_security_ekcd, OID_AUTO, keymaterial, CTLTYPE_OPAQUE | CTLFLAG_WR, NULL, 0, kerneldump_sysctl_keymaterial, "", "Key material used to encrypt a crash dump"); -SYSCTL_PROC(_kern_ekcd, OID_AUTO, iv, CTLTYPE_OPAQUE | CTLFLAG_WR, NULL, 0, +SYSCTL_PROC(_security_ekcd, OID_AUTO, iv, CTLTYPE_OPAQUE | CTLFLAG_WR, NULL, 0, kerneldump_sysctl_iv, "", "IV used to encrypt a crash dump"); -SYSCTL_OPAQUE(_kern_ekcd, OID_AUTO, ciphertext, CTLFLAG_WR, +SYSCTL_OPAQUE(_security_ekcd, OID_AUTO, ciphertext, CTLFLAG_WR, &dumperkey.kdk_ciphertext, KERNELDUMP_CIPHERTEXT_SIZE, "", "Encrypted key material and IV"); #endif /* EKCD */