diff options
| author | Dave Brolley <brolley@redhat.com> | 2009-03-12 13:38:51 -0400 |
|---|---|---|
| committer | Dave Brolley <brolley@redhat.com> | 2009-03-12 13:38:51 -0400 |
| commit | 98f552c28ebbed982e96be5798a8454c7220925a (patch) | |
| tree | fe57a5773c8a13829b18e06b3243107f796c2e54 /cache.cxx | |
| parent | 684570b0277ce771fc66bcfdbe352eeaa541786d (diff) | |
| download | systemtap-steved-98f552c28ebbed982e96be5798a8454c7220925a.tar.gz systemtap-steved-98f552c28ebbed982e96be5798a8454c7220925a.tar.xz systemtap-steved-98f552c28ebbed982e96be5798a8454c7220925a.zip | |
2009-03-12 Dave Brolley <brolley@redhat.com>
* util.cxx (remove_file_or_dir): New function.
* util.h (remove_file_or_dir): New function.
* systemtap.spec (stap): Add stap-env, stap-gen-cert, stap-authorize-cert,
and stap-authorize-signing-cert.
(stap-client): Remove stap-find-or-start-server, stap-add-server-cert.
Add stap-authorize-server-cert.
(stap-server): Add stap-find-servers, stap-find-or-start-server,
stap-authorize-server-cert. Remove stap-gen-server-cert.
* stap-find-servers: Source stap-env. Use $stap_avahi_service_tag.
(initialization): Set timeout to 10.
(find_servers): Run avahi-browse in the background and wait for it.
Use a temp file for the output of avahi-browse. Kill avahi-browse if
the timeout expires.
(match_server): Set read timeout.
(fatal): New function.
* stap-find-or-start-server: Source stap-env. Use $stap_exec_prefix. Always
exit with 0.
* stap-start-server: Source stap-env. Check for the server PID as a running
process and for avahi-publish-service running as a child in order to
verify that the server is ready.
* stap-add-server-cert: Renamed to stap-authorize-server-cert. Source
stap-env. Call stap-authorize-cert.
* stap-client: Source stap-env. Use $stap_user_ssl_db and
$stap_root_ssl_db. Use $stap_tmpdir_prefix_client,
$stap_tmpdir_prefix_server. Use $stap_exec_prefix.
(configuration): Removed.
(staprun_running): Removed.
(interrupt): Don't kill staprun.
* stap-server: Source stap-env. Use $stap_user_ssl_db and
$stap_root_ssl_db. Use $stap_tmpdir_prefix_client,
$stap_tmpdir_prefix_server. Use $stap_exec_prefix.
(configuration): Removed.
* session.h (systemtap_session): Add cert_db_path.
* runtime/staprun/staprun_funcs.c (config.h): #include it.
(modverify.h): #include it.
(check_signature): New function.
(check_groups): New function extracted from check_permissions.
(check_permissions): Call check_groups and check_signature.
* runtime/staprun/mainloop.c (cleanup_and_exit): Pass modpath to staprun,
not modname.
* main.cxx (main): Initialize cert_db_path. Handle LONG_OPT_SIGN_MODULE.
Save the module signature if the module was signed and is being saved.
(LONG_OPT_SIGN_MODULE): #define it.
(long_options): Add --sign-module.
* cache.cxx (config.h): #include it.
(add_to_cache): Add the module signature file to the cache if the module
has been signed.
* buildrun.cxx (modsign.h): #include it.
(compile_pass): Call sign_module, if requested.
* configure.ac: Define HAVE_NSS if NSS libraries are available.
* Makefile.am (AM_CPPFLAGS): Add -DSYSCONFDIR.
(bin_SCRIPTS): Add stap-env, stap-gen-cert, stap-authorize-cert,
stap-authorize-signing-cert, stap-authorize-server-cert. Remove
stap-gen-server-cert, stap-add-server-cert.
(stap_SOURCES): Add nsscommon.c, modsign.cxx
(stap_CPPFLAGS): Add $(nss_CFLAGS), $(nspr_CFLAGS).
(stap_LDADD): Add -lnss3.
(staprun_SOURCES): Add nsscommon.c.
* modsign.cxx: New file.
* modsign.h: New file.
* nsscommon.c: New file.
* nsscommon.h: New file.
* runtime/staprun/modverify.c: New file.
* runtime/staprun/modverify.h: New file.
* stap-authorize-cert: New file.
* stap-authorize-signing-cert: New file.
* stap-env: New file.
* Makefile.in: Regenerated.
* aclocal.m4: Regenerated.
* config.in: Regenerated.
* configure: Regenerated.
* doc/Makefile.in: Regenerated.
* doc/SystemTap_Tapset_Reference/Makefile.in: Regenerated.
* testsuite/Makefile.in: Regenerated.
* testsuite/aclocal.m4: Regenerated.
Diffstat (limited to 'cache.cxx')
| -rw-r--r-- | cache.cxx | 39 |
1 files changed, 37 insertions, 2 deletions
@@ -1,12 +1,12 @@ // systemtap cache manager -// Copyright (C) 2006-2008 Red Hat Inc. +// Copyright (C) 2006-2009 Red Hat Inc. // // This file is part of systemtap, and is free software. You can // redistribute it and/or modify it under the terms of the GNU General // Public License (GPL); either version 2, or (at your option) any // later version. - +#include "config.h" #include "session.h" #include "cache.h" #include "util.h" @@ -68,6 +68,41 @@ add_to_cache(systemtap_session& s) return; } +#if HAVE_NSS + // This is the name of the cached module signatire. + string module_signature_dest_path = s.hash_path; + module_signature_dest_path += ".sgn"; + + if (!s.cert_db_path.empty()) + { + // Copy the module signature, if it was signed. + string module_signature_src_path = module_src_path; + module_signature_src_path += ".sgn"; + + if (s.verbose > 1) + clog << "Copying " << module_signature_src_path << " to " << module_signature_dest_path << endl; + if (copy_file(module_signature_src_path.c_str(), module_signature_dest_path.c_str()) != 0) + { + cerr << "Copy failed (\"" << module_signature_src_path << "\" to \"" + << module_signature_dest_path << "\"): " << strerror(errno) << endl; + // NB: this is not so severe as to prevent reuse of the .ko + // already copied. + // + // s.use_cache = false; + } + } + else + { + // If this module was not signed, then delete any existing signature from the cache. + // This is not a fatal error. Even if the existing signature happens to match a + // new module later, it still means that the module is identical to one generated by a + // trusted server. + if (remove_file_or_dir (module_signature_dest_path.c_str()) != 0) + cerr << "Failed to remove \"" << module_signature_dest_path << "\" from the cache: " + << strerror(errno) << endl; + } +#endif /* HAVE_NSS */ + string c_dest_path = s.hash_path; if (c_dest_path.rfind(".ko") == (c_dest_path.size() - 3)) c_dest_path.resize(c_dest_path.size() - 3); |