Date: Wed, 31 May 2017 21:18:11 +0000 (UTC) From: "Stephen J. Kiernan" <stevek@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r319358 - in head: sbin/mdconfig sbin/mount sys/dev/md sys/fs/cd9660 sys/geom/uzip sys/sys Message-ID: <201705312118.v4VLIBQe048612@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: stevek Date: Wed May 31 21:18:11 2017 New Revision: 319358 URL: https://svnweb.freebsd.org/changeset/base/319358 Log: Add MD_VERIFY option to enable O_VERIFY in open for vnode type. Add -o [no]verify option to mdconfig (and document in man page.) Implement GEOM attribute MNT::verified to ask md if the backing vnode is verified. Check for MNT::verified in cd9660 mount to flag the mount as MNT_VERIFIED if the underlying device has been verified. Reviewed by: rwatson Approved by: sjg (mentor) Obtained from: Juniper Networks, Inc. Differential Revision: https://reviews.freebsd.org/D2902 Modified: head/sbin/mdconfig/mdconfig.8 head/sbin/mdconfig/mdconfig.c head/sbin/mount/mount.c head/sys/dev/md/md.c head/sys/fs/cd9660/cd9660_vfsops.c head/sys/geom/uzip/g_uzip.c head/sys/sys/mdioctl.h head/sys/sys/mount.h Modified: head/sbin/mdconfig/mdconfig.8 ============================================================================== --- head/sbin/mdconfig/mdconfig.8 Wed May 31 21:16:10 2017 (r319357) +++ head/sbin/mdconfig/mdconfig.8 Wed May 31 21:18:11 2017 (r319358) @@ -215,6 +215,14 @@ flag to forcibly destroy an disk that is still in use. .It Oo Cm no Oc Ns Cm readonly Enable/disable readonly mode. +.It Oo Cm no Oc Ns Cm verify +For +.Cm vnode +backed devices: enable/disable requesting verification of the +file used for backing store. +The type of verification depends on which security features are available. +One example of verification is testing file integrity with +checksums or cryptographic signatures. .El .It Fl u Ar unit Request a specific unit number or device name for the @@ -298,6 +306,7 @@ gnop create -o 512K md1 mount /dev/md1.nop /mnt .Ed .Sh SEE ALSO +.Xr open 2 , .Xr md 4 , .Xr ffs 7 , .Xr gpart 8 , Modified: head/sbin/mdconfig/mdconfig.c ============================================================================== --- head/sbin/mdconfig/mdconfig.c Wed May 31 21:16:10 2017 (r319357) +++ head/sbin/mdconfig/mdconfig.c Wed May 31 21:18:11 2017 (r319358) @@ -193,6 +193,10 @@ main(int argc, char **argv) mdio.md_options |= MD_RESERVE; else if (!strcmp(optarg, "noreserve")) mdio.md_options &= ~MD_RESERVE; + else if (!strcmp(optarg, "verify")) + mdio.md_options |= MD_VERIFY; + else if (!strcmp(optarg, "noverify")) + mdio.md_options &= ~MD_VERIFY; else errx(1, "unknown option: %s", optarg); break; Modified: head/sbin/mount/mount.c ============================================================================== --- head/sbin/mount/mount.c Wed May 31 21:16:10 2017 (r319357) +++ head/sbin/mount/mount.c Wed May 31 21:18:11 2017 (r319358) @@ -115,6 +115,7 @@ static struct opt { { MNT_NFS4ACLS, "nfsv4acls" }, { MNT_GJOURNAL, "gjournal" }, { MNT_AUTOMOUNTED, "automounted" }, + { MNT_VERIFIED, "verified" }, { 0, NULL } }; Modified: head/sys/dev/md/md.c ============================================================================== --- head/sys/dev/md/md.c Wed May 31 21:16:10 2017 (r319357) +++ head/sys/dev/md/md.c Wed May 31 21:18:11 2017 (r319358) @@ -88,6 +88,7 @@ #include <sys/sf_buf.h> #include <sys/sysctl.h> #include <sys/vnode.h> +#include <sys/disk.h> #include <geom/geom.h> #include <geom/geom_int.h> @@ -949,6 +950,8 @@ unmapped_step: sc->cred); VOP_UNLOCK(vp, 0); vn_finished_write(mp); + if (error == 0) + sc->flags &= ~MD_VERIFY; } if (pb != NULL) { @@ -1143,6 +1146,8 @@ md_kthread(void *arg) } mtx_unlock(&sc->queue_mtx); if (bp->bio_cmd == BIO_GETATTR) { + int isv = ((sc->flags & MD_VERIFY) != 0); + if ((sc->fwsectors && sc->fwheads && (g_handleattr_int(bp, "GEOM::fwsectors", sc->fwsectors) || @@ -1150,6 +1155,8 @@ md_kthread(void *arg) sc->fwheads))) || g_handleattr_int(bp, "GEOM::candelete", 1)) error = -1; + else if (g_handleattr_int(bp, "MNT::verified", isv)) + error = -1; else error = EOPNOTSUPP; } else { @@ -1352,7 +1359,8 @@ mdcreate_vnode(struct md_s *sc, struct md_ioctl *mdio, * If the user specified that this is a read only device, don't * set the FWRITE mask before trying to open the backing store. */ - flags = FREAD | ((mdio->md_options & MD_READONLY) ? 0 : FWRITE); + flags = FREAD | ((mdio->md_options & MD_READONLY) ? 0 : FWRITE) \ + | ((mdio->md_options & MD_VERIFY) ? 0 : O_VERIFY); NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, sc->file, td); error = vn_open(&nd, &flags, 0, NULL); if (error != 0) @@ -1380,7 +1388,7 @@ mdcreate_vnode(struct md_s *sc, struct md_ioctl *mdio, sc->fwsectors = mdio->md_fwsectors; if (mdio->md_fwheads != 0) sc->fwheads = mdio->md_fwheads; - sc->flags = mdio->md_options & (MD_FORCE | MD_ASYNC); + sc->flags = mdio->md_options & (MD_FORCE | MD_ASYNC | MD_VERIFY); if (!(flags & FWRITE)) sc->flags |= MD_READONLY; sc->vnode = nd.ni_vp; @@ -1523,6 +1531,8 @@ mdcreate_swap(struct md_s *sc, struct md_ioctl *mdio, * Note the truncation. */ + if ((mdio->md_options & MD_VERIFY) != 0) + return (EINVAL); npage = mdio->md_mediasize / PAGE_SIZE; if (mdio->md_fwsectors != 0) sc->fwsectors = mdio->md_fwsectors; Modified: head/sys/fs/cd9660/cd9660_vfsops.c ============================================================================== --- head/sys/fs/cd9660/cd9660_vfsops.c Wed May 31 21:16:10 2017 (r319357) +++ head/sys/fs/cd9660/cd9660_vfsops.c Wed May 31 21:18:11 2017 (r319358) @@ -215,6 +215,7 @@ iso_mountfs(devvp, mp) int iso_bsize; int iso_blknum; int joliet_level; + int isverified = 0; struct iso_volume_descriptor *vdp = NULL; struct iso_primary_descriptor *pri = NULL; struct iso_sierra_primary_descriptor *pri_sierra = NULL; @@ -229,6 +230,8 @@ iso_mountfs(devvp, mp) dev_ref(dev); g_topology_lock(); error = g_vfs_open(devvp, &cp, "cd9660", 0); + if (error == 0) + g_getattr("MNT::verified", cp, &isverified); g_topology_unlock(); VOP_UNLOCK(devvp, 0); if (error) @@ -377,6 +380,8 @@ iso_mountfs(devvp, mp) mp->mnt_stat.f_fsid.val[1] = mp->mnt_vfc->vfc_typenum; mp->mnt_maxsymlinklen = 0; MNT_ILOCK(mp); + if (isverified) + mp->mnt_flag |= MNT_VERIFIED; mp->mnt_flag |= MNT_LOCAL; mp->mnt_kern_flag |= MNTK_LOOKUP_SHARED | MNTK_EXTENDED_SHARED; MNT_IUNLOCK(mp); Modified: head/sys/geom/uzip/g_uzip.c ============================================================================== --- head/sys/geom/uzip/g_uzip.c Wed May 31 21:16:10 2017 (r319357) +++ head/sys/geom/uzip/g_uzip.c Wed May 31 21:18:11 2017 (r319358) @@ -464,6 +464,27 @@ g_uzip_start(struct bio *bp) sc = gp->softc; sc->req_total++; + if (bp->bio_cmd == BIO_GETATTR) { + struct bio *bp2; + struct g_consumer *cp; + struct g_geom *gp; + struct g_provider *pp; + + /* pass on MNT:* requests and ignore others */ + if (strncmp(bp->bio_attribute, "MNT:", 4) == 0) { + bp2 = g_clone_bio(bp); + if (bp2 == NULL) { + g_io_deliver(bp, ENOMEM); + return; + } + bp2->bio_done = g_std_done; + pp = bp->bio_to; + gp = pp->geom; + cp = LIST_FIRST(&gp->consumer); + g_io_request(bp2, cp); + return; + } + } if (bp->bio_cmd != BIO_READ) { g_io_deliver(bp, EOPNOTSUPP); return; Modified: head/sys/sys/mdioctl.h ============================================================================== --- head/sys/sys/mdioctl.h Wed May 31 21:16:10 2017 (r319357) +++ head/sys/sys/mdioctl.h Wed May 31 21:18:11 2017 (r319358) @@ -88,5 +88,6 @@ struct md_ioctl { #define MD_COMPRESS 0x10 /* Compression mode */ #define MD_FORCE 0x20 /* Don't try to prevent foot-shooting */ #define MD_ASYNC 0x40 /* Asynchronous mode */ +#define MD_VERIFY 0x80 /* Open file with O_VERIFY (vnode only) */ #endif /* _SYS_MDIOCTL_H_*/ Modified: head/sys/sys/mount.h ============================================================================== --- head/sys/sys/mount.h Wed May 31 21:16:10 2017 (r319357) +++ head/sys/sys/mount.h Wed May 31 21:18:11 2017 (r319358) @@ -314,6 +314,7 @@ void __mnt_vnode_markerfree_active(struct vno #define MNT_ROOTFS 0x0000000000004000ULL /* identifies the root fs */ #define MNT_USER 0x0000000000008000ULL /* mounted by a user */ #define MNT_IGNORE 0x0000000000800000ULL /* do not show entry in df */ +#define MNT_VERIFIED 0x0000000400000000ULL /* filesystem is verified */ /* * Mask of flags that are visible to statfs(). @@ -329,7 +330,7 @@ void __mnt_vnode_markerfree_active(struct vno MNT_NOCLUSTERW | MNT_SUIDDIR | MNT_SOFTDEP | \ MNT_IGNORE | MNT_EXPUBLIC | MNT_NOSYMFOLLOW | \ MNT_GJOURNAL | MNT_MULTILABEL | MNT_ACLS | \ - MNT_NFS4ACLS | MNT_AUTOMOUNTED) + MNT_NFS4ACLS | MNT_AUTOMOUNTED | MNT_VERIFIED) /* Mask of flags that can be updated. */ #define MNT_UPDATEMASK (MNT_NOSUID | MNT_NOEXEC | \
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201705312118.v4VLIBQe048612>