Date: Mon, 4 May 2015 17:52:04 GMT From: def@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r284999 - in soc2013/def/crashdump-head: etc/rc.d sbin/cryptcore sys/kern Message-ID: <201505041752.t44Hq45w089355@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: def Date: Mon May 4 17:52:03 2015 New Revision: 284999 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=284999 Log: Rename sysctl nodes kern.ekcd.* to security.ekcd.*. Modified: soc2013/def/crashdump-head/etc/rc.d/cryptcore soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Modified: soc2013/def/crashdump-head/etc/rc.d/cryptcore ============================================================================== --- soc2013/def/crashdump-head/etc/rc.d/cryptcore Mon May 4 17:38:38 2015 (r284998) +++ soc2013/def/crashdump-head/etc/rc.d/cryptcore Mon May 4 17:52:03 2015 (r284999) @@ -14,7 +14,7 @@ cryptcore_start() { - sysctl -Nq kern.ekcd.enable >/dev/null + sysctl -Nq security.ekcd.enable >/dev/null if [ $? -ne 0 ]; then err 1 "Kernel is missing encrypted kernel crash dumps." fi @@ -28,7 +28,7 @@ err 1 "Unable to generate an one-time key." fi - sysctl kern.ekcd.enable=1 + sysctl security.ekcd.enable=1 } load_rc_config $name Modified: soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c ============================================================================== --- soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Mon May 4 17:38:38 2015 (r284998) +++ soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Mon May 4 17:52:03 2015 (r284999) @@ -64,17 +64,17 @@ /* * From this moment on keys have to be erased before exit. */ - if (sysctlbyname("kern.ekcd.keymaterial", NULL, NULL, buf, + if (sysctlbyname("security.ekcd.keymaterial", NULL, NULL, buf, KERNELDUMP_KEY_SIZE) != 0) { pjdlog_errno(LOG_ERR, "Unable to set key material"); goto failed; } - if (sysctlbyname("kern.ekcd.iv", NULL, NULL, buf + KERNELDUMP_KEY_SIZE, - KERNELDUMP_IV_SIZE) != 0) { + if (sysctlbyname("security.ekcd.iv", NULL, NULL, + buf + KERNELDUMP_KEY_SIZE, KERNELDUMP_IV_SIZE) != 0) { pjdlog_errno(LOG_ERR, "Unable to set IV"); goto failed; } - if (sysctlbyname("kern.ekcd.ciphertext", NULL, NULL, ciphertext, + if (sysctlbyname("security.ekcd.ciphertext", NULL, NULL, ciphertext, pubkeysize) != 0) { pjdlog_errno(LOG_ERR, "Unable to set ciphertext"); goto failed; Modified: soc2013/def/crashdump-head/sys/kern/kern_shutdown.c ============================================================================== --- soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Mon May 4 17:38:38 2015 (r284998) +++ soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Mon May 4 17:52:03 2015 (r284999) @@ -144,20 +144,20 @@ static int kerneldump_sysctl_keymaterial(SYSCTL_HANDLER_ARGS); static int kerneldump_sysctl_iv(SYSCTL_HANDLER_ARGS); -SYSCTL_NODE(_kern, OID_AUTO, ekcd, CTLFLAG_RW, 0, +SYSCTL_NODE(_security, OID_AUTO, ekcd, CTLFLAG_RW, 0, "Encrypted kernel crash dumps"); -SYSCTL_INT(_kern_ekcd, OID_AUTO, enable, CTLFLAG_RW, &dumperkey.kdk_enable, +SYSCTL_INT(_security_ekcd, OID_AUTO, enable, CTLFLAG_RW, &dumperkey.kdk_enable, 0, "Enable encrypted kernel crash dumps"); -SYSCTL_PROC(_kern_ekcd, OID_AUTO, keymaterial, CTLTYPE_OPAQUE | CTLFLAG_WR, +SYSCTL_PROC(_security_ekcd, OID_AUTO, keymaterial, CTLTYPE_OPAQUE | CTLFLAG_WR, NULL, 0, kerneldump_sysctl_keymaterial, "", "Key material used to encrypt a crash dump"); -SYSCTL_PROC(_kern_ekcd, OID_AUTO, iv, CTLTYPE_OPAQUE | CTLFLAG_WR, NULL, 0, +SYSCTL_PROC(_security_ekcd, OID_AUTO, iv, CTLTYPE_OPAQUE | CTLFLAG_WR, NULL, 0, kerneldump_sysctl_iv, "", "IV used to encrypt a crash dump"); -SYSCTL_OPAQUE(_kern_ekcd, OID_AUTO, ciphertext, CTLFLAG_WR, +SYSCTL_OPAQUE(_security_ekcd, OID_AUTO, ciphertext, CTLFLAG_WR, &dumperkey.kdk_ciphertext, KERNELDUMP_CIPHERTEXT_SIZE, "", "Encrypted key material and IV"); #endif /* EKCD */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201505041752.t44Hq45w089355>