Date: Tue, 18 Aug 2015 10:05:33 GMT From: def@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r289866 - soc2013/def/crashdump-head/sbin/cryptcore Message-ID: <201508181005.t7IA5XJQ031285@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: def Date: Tue Aug 18 10:05:32 2015 New Revision: 289866 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=289866 Log: Create a separate process to decrypt a crash dump. Modified: soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Modified: soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c ============================================================================== --- soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Tue Aug 18 09:09:39 2015 (r289865) +++ soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Tue Aug 18 10:05:32 2015 (r289866) @@ -1,6 +1,8 @@ #include <sys/types.h> +#include <sys/event.h> #include <sys/kerneldump.h> #include <sys/sysctl.h> +#include <sys/time.h> #include <openssl/evp.h> #include <openssl/pem.h> @@ -27,6 +29,35 @@ " cryptcore decrypt [-Fv] -p privatekey -k encryptedkey -i encryptedcore -o decryptedcore"); } +static int +wait_for_process(pid_t pid) +{ + struct kevent event; + int kq, nevents; + + kq = kqueue(); + if (kq == -1) + pjdlog_exit(1, "Unable to create a kqueue"); + + EV_SET(&event, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); + if (kevent(kq, &event, 1, NULL, 0, NULL) < 0) + pjdlog_exit(1, "Unable to register an event"); + + for (;;) { + nevents = kevent(kq, NULL, 0, &event, 1, NULL); + if (nevents < 0) + pjdlog_exit(1, "Unable to receive an event"); + + if (nevents > 0) { + PJDLOG_ASSERT(event.filter == EVFILT_PROC); + PJDLOG_ASSERT(event.ident == (uintptr_t)pid); + return ((int)event.data); + } + } + + PJDLOG_ABORT("Parent process didn't handle the exit status of its child."); +} + static void cryptcore_genkey(const char *pubkeyfile) { @@ -85,7 +116,7 @@ exit(1); } -static void +static bool cryptcore_decrypt(const char *privkeyfile, const char *keyfile, const char *input, const char *output) { @@ -97,12 +128,22 @@ int err, fd, ofd, olen, privkeysize; ssize_t bytes, size; size_t bufused; + pid_t pid; PJDLOG_ASSERT(privkeyfile != NULL); PJDLOG_ASSERT(keyfile != NULL); PJDLOG_ASSERT(input != NULL); PJDLOG_ASSERT(output != NULL); + pid = fork(); + if (pid == -1) { + pjdlog_exit(1, "Unable to create child process"); + return (false); + } + + if (pid > 0) + return (wait_for_process(pid) == 0); + ofd = -1; fd = -1; @@ -205,7 +246,7 @@ close(ofd); close(fd); - return; + exit(0); failed: if (ofd >= 0) close(ofd); @@ -300,7 +341,10 @@ cryptcore_genkey(rsakeyfile); break; case CRYPTCORE_CMD_DECRYPT: - cryptcore_decrypt(rsakeyfile, keyfile, input, output); + if (!cryptcore_decrypt(rsakeyfile, keyfile, input, output)) { + if (unlink(output) != 0) + pjdlog_exit(1, "Unable to remove output"); + } break; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201508181005.t7IA5XJQ031285>