/* * Takes a string and what the string should be, and assumes the test passes * if those strings match (using strcmp). */ void is_string(const char *wanted, const char *seen, const char *format, ...) { if (wanted == NULL) wanted = "(null)"; if (seen == NULL) seen = "(null)"; fflush(stderr); if (strcmp(wanted, seen) == 0) printf("ok %lu", testnum++); else { printf("# wanted: %s\n# seen: %s\n", wanted, seen); printf("not ok %lu", testnum++); _failed++; } if (format != NULL) { va_list args; va_start(args, format); print_desc(format, args); va_end(args); } putchar('\n'); }
int main(int argc, char* argv[]) { if (getpid() != 1) return client(argc, argv); /* * Hello world. */ banner(); /* * Initial setup of signals, ignore all until we're up. */ sig_init(); /* * Mount base file system, kernel is assumed to run devtmpfs for /dev */ chdir("/"); umask(0); mount("none", "/proc", "proc", 0, NULL); mount("none", "/proc/bus/usb", "usbfs", 0, NULL); mount("none", "/sys", "sysfs", 0, NULL); mkdir("/dev/pts", 0755); mkdir("/dev/shm", 0755); mount("none", "/dev/pts", "devpts", 0, "gid=5,mode=620"); mount("none", "/dev/shm", "tmpfs", 0, NULL); umask(022); /* * Parse kernel parameters */ parse_kernel_cmdline(); /* * Populate /dev and prepare for runtime events from kernel. */ run_interactive(SETUP_DEVFS, "Populating device tree"); /* * Parse configuration file */ parse_finit_conf(FINIT_CONF); /* * Load plugins. Must run after finit.conf has registered * all services, or service plugins won't have anything to * hook on to. */ print_desc("Loading plugins", NULL); print_result(plugin_load_all(PLUGIN_PATH)); /* * Mount filesystems */ #ifdef REMOUNT_ROOTFS_RW run("/bin/mount -n -o remount,rw /"); #endif #ifdef SYSROOT run(SYSROOT, "/", NULL, MS_MOVE, NULL); #endif _d("Root FS up, calling hooks ..."); plugin_run_hooks(HOOK_ROOTFS_UP); umask(0); run("/bin/mount -na"); run("/sbin/swapon -ea"); umask(0022); /* Cleanup stale files, if any still linger on. */ run_interactive("rm -rf /tmp/* /var/run/* /var/lock/*", "Cleanup temporary directories"); /* Base FS up, enable standard SysV init signals */ sig_setup(); _d("Base FS up, calling hooks ..."); plugin_run_hooks(HOOK_BASEFS_UP); /* * Start all bootstrap tasks, no network available! */ svc_bootstrap(); /* * Network stuff */ /* Setup kernel specific settings, e.g. allow broadcast ping, etc. */ run("/sbin/sysctl -e -p /etc/sysctl.conf >/dev/null"); /* Set initial hostname. */ set_hostname(hostname); ifconfig("lo", "127.0.0.1", "255.0.0.0", 1); if (network) run_interactive(network, "Starting networking: %s", network); umask(022); /* Hooks that rely on loopback, or basic networking being up. */ plugin_run_hooks(HOOK_NETWORK_UP); /* * Start all tasks/services in the configured runlevel */ svc_runlevel(cfglevel); _d("Running svc up hooks ..."); plugin_run_hooks(HOOK_SVC_UP); /* * Run startup scripts in /etc/finit.d/, if any. */ if (rcsd && fisdir(rcsd)) { _d("Running startup scripts in %s ...", rcsd); run_parts(rcsd, NULL); } /* Hooks that should run at the very end */ plugin_run_hooks(HOOK_SYSTEM_UP); /* * Enter main loop to monior /dev/initctl and services */ return run_loop(); }
static void print_item(const module_t *m, const module_config_t *item, const module_config_t **section, bool color, bool desc) { #ifndef _WIN32 # define OPTION_VALUE_SEP " " #else # define OPTION_VALUE_SEP "=" #endif const char *bra = OPTION_VALUE_SEP "<", *type, *ket = ">"; const char *prefix = NULL, *suffix = NULL; char *typebuf = NULL; switch (CONFIG_CLASS(item->i_type)) { case 0: // hint class switch (item->i_type) { case CONFIG_HINT_CATEGORY: case CONFIG_HINT_USAGE: printf(color ? GREEN "\n %s\n" GRAY : "\n %s\n", module_gettext(m, item->psz_text)); if (desc && item->psz_longtext != NULL) printf(color ? CYAN " %s\n" GRAY : " %s\n", module_gettext(m, item->psz_longtext)); break; case CONFIG_SECTION: *section = item; break; } return; case CONFIG_ITEM_STRING: type = _("string"); if (item->list_count > 0) { size_t len = 0; for (unsigned i = 0; i < item->list_count; i++) len += strlen(item->list.psz[i]) + 1; typebuf = malloc(len); if (typebuf == NULL) break; bra = OPTION_VALUE_SEP "{"; type = typebuf; ket = "}"; *typebuf = 0; for (unsigned i = 0; i < item->list_count; i++) { if (i > 0) strcat(typebuf, ","); strcat(typebuf, item->list.psz[i]); } } break; case CONFIG_ITEM_INTEGER: type = _("integer"); if (item->list_count > 0) { size_t len = 0; for (unsigned i = 0; i < item->list_count; i++) len += strlen(module_gettext(m, item->list_text[i])) + 4 * sizeof (int) + 5; typebuf = malloc(len); if (typebuf == NULL) break; bra = OPTION_VALUE_SEP "{"; type = typebuf; ket = "}"; *typebuf = 0; for (unsigned i = 0; i < item->list_count; i++) { if (i != 0) strcat(typebuf, ", "); sprintf(typebuf + strlen(typebuf), "%i (%s)", item->list.i[i], module_gettext(m, item->list_text[i])); } } else if (item->min.i != 0 || item->max.i != 0) { if (asprintf(&typebuf, "%s [%"PRId64" .. %"PRId64"]", type, item->min.i, item->max.i) >= 0) type = typebuf; else typebuf = NULL; } break; case CONFIG_ITEM_FLOAT: type = _("float"); if (item->min.f != 0.f || item->max.f != 0.f) { if (asprintf(&typebuf, "%s [%f .. %f]", type, item->min.f, item->max.f) >= 0) type = typebuf; else typebuf = NULL; } break; case CONFIG_ITEM_BOOL: bra = type = ket = ""; prefix = ", --no-"; suffix = item->value.i ? _("(default enabled)") : _("(default disabled)"); break; default: return; } print_section(m, section, color, desc); /* Add short option if any */ char shortopt[4]; if (item->i_short != '\0') sprintf(shortopt, "-%c,", item->i_short); else strcpy(shortopt, " "); if (CONFIG_CLASS(item->i_type) == CONFIG_ITEM_BOOL) printf(color ? WHITE" %s --%s" "%s%s%s%s%s "GRAY : " %s --%s%s%s%s%s%s ", shortopt, item->psz_name, prefix, item->psz_name, bra, type, ket); else printf(color ? WHITE" %s --%s"YELLOW"%s%s%s%s%s "GRAY : " %s --%s%s%s%s%s%s ", shortopt, item->psz_name, "", "", /* XXX */ bra, type, ket); /* Wrap description */ int offset = PADDING_SPACES - strlen(item->psz_name) - strlen(bra) - vlc_swidth(type) - strlen(ket) - 1; if (CONFIG_CLASS(item->i_type) == CONFIG_ITEM_BOOL) offset -= strlen(item->psz_name) + vlc_swidth(prefix); if (offset < 0) { putchar('\n'); offset = PADDING_SPACES + LINE_START; } printf("%*s", offset, ""); print_desc(module_gettext(m, item->psz_longtext), PADDING_SPACES + LINE_START, color); if (suffix != NULL) { printf("%*s", offset, ""); print_desc(suffix, PADDING_SPACES + LINE_START, color); } if (desc && (item->psz_longtext != NULL && item->psz_longtext[0])) { /* Wrap long description */ printf("%*s", LINE_START + 2, ""); print_desc(module_gettext(m, item->psz_longtext), LINE_START + 2, false); } free(typebuf); }
/* Remember: service_enabled() must be called before calling service_start() */ int service_start(svc_t *svc) { int respawn, sd = 0; pid_t pid; sigset_t nmask, omask; if (!svc) return 1; respawn = svc->pid != 0; /* Don't try and start service if it doesn't exist. */ if (!fexist(svc->cmd) && !svc->inetd.cmd) { if (verbose) { char msg[80]; snprintf(msg, sizeof(msg), "Service %s does not exist!", svc->cmd); print_desc("", msg); print_result(1); } return 1; } /* Ignore if finit is SIGSTOP'ed */ if (is_norespawn()) return 0; #ifndef INETD_DISABLED if (svc_is_inetd(svc)) { char ifname[IF_NAMESIZE] = "UNKNOWN"; sd = svc->inetd.watcher.fd; if (svc->inetd.type == SOCK_STREAM) { /* Open new client socket from server socket */ sd = accept(sd, NULL, NULL); if (sd < 0) { FLOG_PERROR("Failed accepting inetd service %d/tcp", svc->inetd.port); return 1; } _d("New client socket %d accepted for inetd service %d/tcp", sd, svc->inetd.port); /* Find ifname by means of getsockname() and getifaddrs() */ inetd_stream_peek(sd, ifname); } else { /* SOCK_DGRAM */ /* Find ifname by means of IP_PKTINFO sockopt --> ifindex + if_indextoname() */ inetd_dgram_peek(sd, ifname); } if (!inetd_is_allowed(&svc->inetd, ifname)) { FLOG_INFO("Service %s on port %d not allowed from interface %s.", svc->inetd.name, svc->inetd.port, ifname); if (svc->inetd.type == SOCK_STREAM) close(sd); return 1; } FLOG_INFO("Starting inetd service %s for requst from iface %s ...", svc->inetd.name, ifname); } else #endif if (verbose) { if (svc_is_daemon(svc)) print_desc("", svc->desc); else if (!respawn) print_desc("Starting ", svc->desc); } /* Block sigchild while forking. */ sigemptyset(&nmask); sigaddset(&nmask, SIGCHLD); sigprocmask(SIG_BLOCK, &nmask, &omask); pid = fork(); sigprocmask(SIG_SETMASK, &omask, NULL); if (pid == 0) { int i = 0; int status; #ifdef ENABLE_STATIC int uid = 0; /* XXX: Fix better warning that dropprivs is disabled. */ #else int uid = getuser(svc->username); #endif struct sigaction sa; char *args[MAX_NUM_SVC_ARGS]; sigemptyset(&nmask); sigaddset(&nmask, SIGCHLD); sigprocmask(SIG_UNBLOCK, &nmask, NULL); /* Reset signal handlers that were set by the parent process */ for (i = 1; i < NSIG; i++) DFLSIG(sa, i, 0); /* Set desired user */ if (uid >= 0) { setuid(uid); /* Set default path for regular users */ if (uid > 0) setenv("PATH", _PATH_DEFPATH, 1); } /* Serve copy of args to process in case it modifies them. */ for (i = 0; i < (MAX_NUM_SVC_ARGS - 1) && svc->args[i][0] != 0; i++) args[i] = svc->args[i]; args[i] = NULL; /* Redirect inetd socket to stdin for service */ if (svc_is_inetd(svc)) { /* sd set previously */ dup2(sd, STDIN_FILENO); close(sd); dup2(STDIN_FILENO, STDOUT_FILENO); dup2(STDIN_FILENO, STDERR_FILENO); } else if (debug) { int fd; char buf[CMD_SIZE] = ""; fd = open(CONSOLE, O_WRONLY | O_APPEND); if (-1 != fd) { dup2(fd, STDOUT_FILENO); dup2(fd, STDERR_FILENO); close(fd); } for (i = 0; i < MAX_NUM_SVC_ARGS && args[i]; i++) { char arg[MAX_ARG_LEN]; snprintf(arg, sizeof(arg), "%s ", args[i]); if (strlen(arg) < (sizeof(buf) - strlen(buf))) strcat(buf, arg); } _e("%starting %s: %s", respawn ? "Res" : "S", svc->cmd, buf); } if (svc->inetd.cmd) status = svc->inetd.cmd(svc->inetd.type); else status = execv(svc->cmd, args); /* XXX: Maybe use execve() to be able to launch scripts? */ if (svc_is_inetd(svc)) { if (svc->inetd.type == SOCK_STREAM) { close(STDIN_FILENO); close(STDOUT_FILENO); close(STDERR_FILENO); } } exit(status); } svc->pid = pid; if (svc_is_inetd(svc)) { if (svc->inetd.type == SOCK_STREAM) close(sd); } else { int result; if (SVC_TYPE_RUN == svc->type) result = WEXITSTATUS(complete(svc->cmd, pid)); else if (!respawn) result = svc->pid > 1 ? 0 : 1; else result = 0; if (verbose) print_result(result); } return 0; }
int run_interactive(char *cmd, char *fmt, ...) { int status, oldout = 1, olderr = 2; char line[LINE_SIZE]; va_list ap; FILE *fp; if (!cmd) { errno = EINVAL; return 1; } if (verbose && fmt) { va_start(ap, fmt); vsnprintf(line, sizeof(line), fmt, ap); va_end(ap); print_desc("", line); } /* Redirect output from cmd to a tempfile */ fp = tempfile(); if (fp && !debug) { oldout = dup(STDOUT_FILENO); olderr = dup(STDERR_FILENO); dup2(fileno(fp), STDOUT_FILENO); dup2(fileno(fp), STDERR_FILENO); } /* Run cmd ... */ status = run(cmd); /* Restore stderr/stdout */ if (fp && !debug) { if (oldout >= 0) { dup2(oldout, STDOUT_FILENO); close(oldout); } if (olderr >= 0) { dup2(olderr, STDERR_FILENO); close(olderr); } } if (verbose && fmt) print_result(status); /* Dump any results of cmd on stderr after we've printed [ OK ] or [FAIL] */ if (fp && !debug) { size_t len, written; rewind(fp); do { len = fread(line, 1, sizeof(line), fp); written = fwrite(line, len, sizeof(char), stderr); } while (len > 0 && written == len); } if (fp) fclose(fp); return status; }
int main(int UNUSED(args), char *argv[]) { /* * Initial setup of signals, ignore all until we're up. */ sig_init(); /* * Mount base file system, kernel is assumed to run devtmpfs for /dev */ chdir("/"); umask(0); mount("none", "/proc", "proc", 0, NULL); mount("none", "/proc/bus/usb", "usbfs", 0, NULL); mount("none", "/sys", "sysfs", 0, NULL); mkdir("/dev/pts", 0755); mkdir("/dev/shm", 0755); mount("none", "/dev/pts", "devpts", 0, "gid=5,mode=620"); mount("none", "/dev/shm", "tmpfs", 0, NULL); umask(022); /* * Parse kernel parameters */ parse_kernel_cmdline(); cls(); echo("finit " VERSION " (built " __DATE__ " " __TIME__ " by " WHOAMI ")"); /* * Populate /dev and prepare for runtime events from kernel. */ #if defined(USE_UDEV) run_interactive("udevd --daemon", "Populating device tree"); #elif defined (MDEV) run_interactive(MDEV " -s", "Populating device tree"); #endif /* * Parse configuration file */ parse_finit_conf(FINIT_CONF); /* * Load plugins. Must run after finit.conf has registered * all services, or service plugins won't have anything to * hook on to. */ print_desc("", "Loading plugins"); print_result(plugin_load_all(PLUGIN_PATH)); /* * Mount filesystems */ _d("Mount filesystems in /etc/fstab ..."); #ifdef REMOUNT_ROOTFS_RW run("/bin/mount -n -o remount,rw /"); #endif #ifdef SYSROOT run(SYSROOT, "/", NULL, MS_MOVE, NULL); #endif _d("Root FS up, calling hooks ..."); plugin_run_hooks(HOOK_ROOTFS_UP); umask(0); run("/bin/mount -na"); run("/sbin/swapon -ea"); umask(0022); /* Cleanup stale files, if any still linger on. */ run_interactive("rm -rf /tmp/* /var/run/* /var/lock/*", "Cleanup temporary directories"); /* * Base FS up, enable standard SysV init signals */ sig_setup(); _d("Base FS up, calling hooks ..."); plugin_run_hooks(HOOK_BASEFS_UP); /* * Network stuff */ /* Setup kernel specific settings, e.g. allow broadcast ping, etc. */ run("/sbin/sysctl -e -p /etc/sysctl.conf >/dev/null"); /* Set initial hostname. */ set_hostname(hostname); ifconfig("lo", "127.0.0.1", "255.0.0.0", 1); if (network) run_interactive(network, "Starting networking: %s", network); umask(022); /* * Hooks that rely on loopback, or basic networking being up. */ plugin_run_hooks(HOOK_NETWORK_UP); /* * Start service monitor framework */ _d("Starting all static services from %s", FINIT_CONF); svc_start_all(); /* * Run startup scripts in /etc/finit.d/, if any. */ if (rcsd && fisdir(rcsd)) { _d("Running startup scripts in %s ...", rcsd); run_parts(rcsd, NULL); } /* * Hooks that should run at the very end */ plugin_run_hooks(HOOK_SYSTEM_UP); /* Start GETTY on console */ _d("Starting getty on console ..."); run_getty(GETTY, argv); /* * Enter main loop to monior /dev/initctl and services */ _d("Entering main loop ..."); return run_loop(); }
static int do_erase(char *dev) { int fd; size_t i; mtd_info_t mtd; fd = open(dev, O_RDWR | O_SYNC); if (-1 == fd) return 1; memset(&mtd, 0, sizeof(mtd)); if (ioctl(fd, MEMGETINFO, &mtd) < 0 || mtd.erasesize <= 0) { close(fd); return 1; } for (i = 0; i < mtd.size / mtd.erasesize; i++) { erase_info_t this = { .start = i * mtd.erasesize, .length = mtd.erasesize }; /* Yield CPU once in a while, to not starve watchdogd */ sched_yield(); if (ioctl(fd, MEMERASE, &this) < 0) { close(fd); return 1; } } return close(fd); } static void mount_error (void *UNUSED(arg)) { struct mtd_info_user mtd; char dev[10]; if (is_mounted("mtd:" MTD_CONFIG_LABEL)) return; if (!find_mtd(MTD_CONFIG_LABEL, dev, sizeof(dev))) return; print_desc("Erasing corrupt configuration partition", NULL); print_result(do_erase(dev)); /* Finit has not setup any signals yet, sys_reboot() won't work */ reboot(RB_AUTOBOOT); } static plugin_t plugin = { .hook[HOOK_MOUNT_ERROR] = { .cb = mount_error }, }; PLUGIN_INIT(plugin_init) { plugin_register(&plugin); } PLUGIN_EXIT(plugin_exit) { plugin_unregister(&plugin); }
/* * This function prepares the In descriptor. * Prepares the descriptor based on the SA encryption/authentication * algorithms. */ void secfp_prepareInDescriptor(struct sk_buff *skb, void *pData, void *descriptor, unsigned int ulIndex) { unsigned int *tgt, *src; dma_addr_t addr; inSA_t *pSA = (inSA_t *)pData; unsigned char *pNounceIVCounter; unsigned int *ptr1; int len; struct talitos_desc *desc = (struct talitos_desc *)descriptor; if (!ulIndex) { /* first iteration */ addr = dma_map_single(pdev, skb->data, (skb->len + 12 + SECFP_APPEND_BUF_LEN_FIELD + SECFP_NOUNCE_IV_LEN), DMA_TO_DEVICE); ptr1 = (unsigned int *)&(skb->cb[SECFP_SKB_DATA_DMA_INDEX]); *ptr1 = addr; ASFIPSEC_DEBUG("ulIndex = %d: addr = 0x%x", ulIndex, addr); } else { /* Take information from the cb field */ addr = *(unsigned int *)&(skb->cb[SECFP_SKB_DATA_DMA_INDEX]); ASFIPSEC_DEBUG("ulIndex= %d: addr = 0x%x", ulIndex, addr); } desc->hdr_lo = 0; switch (pSA->option[ulIndex]) { case SECFP_AUTH: { desc->hdr = pSA->hdr_Auth_template_0; ASFIPSEC_DEBUG("skb->len = %d, addr = 0x%x, pSA->SAParams.uICVSize =%d", skb->len, addr, pSA->SAParams.uICVSize); SECFP_SET_DESC_PTR(desc->ptr[0], 0, 0, 0) SECFP_SET_DESC_PTR(desc->ptr[1], 0, 0, 0) SECFP_SET_DESC_PTR(desc->ptr[2], pSA->SAParams.AuthKeyLen, pSA->AuthKeyDmaAddr, 0) if (pSA->SAParams.bUseExtendedSequenceNumber) { len = skb->len + SECFP_APPEND_BUF_LEN_FIELD; } else { len = skb->len; } /* Setting up data */ SECFP_SET_DESC_PTR(desc->ptr[3], len - 12, addr, 0) /* Setting up ICV Check : Only when AES_XCBC_MAC is not programmed */ if (pSA->SAParams.ucAuthAlgo != SECFP_HMAC_AES_XCBC_MAC) { SECFP_SET_DESC_PTR(desc->ptr[4], pSA->SAParams.uICVSize, addr + len - pSA->SAParams.uICVSize, 0) SECFP_SET_DESC_PTR(desc->ptr[6], 0, 0, 0); } else { SECFP_SET_DESC_PTR(desc->ptr[4], 0, 0, 0) SECFP_SET_DESC_PTR(desc->ptr[6], pSA->SAParams.uICVSize, addr + len, 0); #ifdef ASF_IPSEC_DEBUG { int ii; for (int ii = 0; ii < 3; ii++) ASFIPSEC_DEBUG("Offset ii=%d 0x%8x", ii, *(unsigned int *)&(skb->data[skb->len + ii*4])); } #endif } SECFP_SET_DESC_PTR(desc->ptr[5], 0, 0, 0); print_desc(desc); break; } case SECFP_CIPHER: { desc->hdr = pSA->desc_hdr_template; if ((pSA->desc_hdr_template & (DESC_HDR_MODE0_AES_CTR | DESC_HDR_SEL0_AESU)) == (DESC_HDR_MODE0_AES_CTR | DESC_HDR_SEL0_AESU)) { /* Set up the AES Context field - Need to validate this with soft crypto */ src = (unsigned int *)&(pSA->SAParams.ucNounceIVCounter); pNounceIVCounter = skb->data + skb->len + SECFP_APPEND_BUF_LEN_FIELD + 12; tgt = (unsigned int *)pNounceIVCounter; /* Copying 2 integers of IV, Assumes that the first 4 bytes of Nounce is valid and the 16th byte is set to 128; not sure why though? */ *(tgt) = *src; *(tgt+3) = src[3]; src = (unsigned int *)(skb->data + SECFP_ESP_HDR_LEN); *(tgt+1) = src[0]; *(tgt+2) = src[1]; SECFP_SET_DESC_PTR(desc->ptr[1], SECFP_COUNTER_BLK_LEN, addr + skb->len + SECFP_APPEND_BUF_LEN_FIELD + 12, 0) } else { SECFP_SET_DESC_PTR(desc->ptr[1], pSA->SAParams.ulIvSize, addr + SECFP_ESP_HDR_LEN, 0) } SECFP_SET_DESC_PTR(desc->ptr[2], pSA->SAParams.EncKeyLen, pSA->EncKeyDmaAddr, 0) if ((ulIndex) && (skb->cb[SECFP_REF_INDEX] == 3)) { /* We have queued the packet and c/b has not yet triggered */ /* if 2nd iteration is encryption, then we need to reduce the length by ICV Length */ SECFP_SET_DESC_PTR(desc->ptr[3], skb->len - pSA->ulSecHdrLen - 12, addr + pSA->ulSecHdrLen, 0) SECFP_SET_DESC_PTR(desc->ptr[4], skb->len - pSA->ulSecHdrLen - 12, addr + pSA->ulSecHdrLen, 0) } else { /* In the 2 descriptor case, callback has triggered, so we need not to reduce by the ICV length */ SECFP_SET_DESC_PTR(desc->ptr[3], skb->len - pSA->ulSecHdrLen, addr + pSA->ulSecHdrLen, 0); SECFP_SET_DESC_PTR(desc->ptr[4], skb->len - pSA->ulSecHdrLen, addr + pSA->ulSecHdrLen, 0); } /* Set the descriptors 5 and 6 and 6 to 0 */ SECFP_SET_DESC_PTR(desc->ptr[5], 0, 0, 0) SECFP_SET_DESC_PTR(desc->ptr[6], 0, 0, 0) print_desc(desc); break; }
/* * Function prepares the descriptors based on the encryption and authentication * algorithm. The prepared descriptor is submitted to SEC. */ void secfp_prepareOutDescriptor(struct sk_buff *skb, void *pData, void *descriptor, unsigned int ulOptionIndex) { dma_addr_t ptr; unsigned int *src, *tgt; unsigned char *pNounceIVCounter; outSA_t *pSA = (outSA_t *) (pData); int iDword, iDword1; unsigned int *ptr1; struct talitos_desc *desc = (struct talitos_desc *)descriptor; if (!ulOptionIndex) { /* 1st iteration */ ASFIPSEC_DBGL2("prepareOutDescriptor: Doing DMA mapping"); ptr = dma_map_single(pdev, skb->data, (skb->len+12 + SECFP_APPEND_BUF_LEN_FIELD+SECFP_NOUNCE_IV_LEN), DMA_TO_DEVICE); ptr1 = (unsigned int *) &(skb->cb[SECFP_SKB_DATA_DMA_INDEX]); *ptr1 = ptr; } else { /* Take it from the skb->cb */ ptr = *(unsigned int *) &(skb->cb[SECFP_SKB_DATA_DMA_INDEX]); ASFIPSEC_DBGL2("ptr = 0x%x", ptr); } desc->hdr_lo = 0; switch (pSA->option[ulOptionIndex]) { case SECFP_AUTH: { desc->hdr = pSA->hdr_Auth_template_0; SECFP_SET_DESC_PTR(desc->ptr[0], 0, 0, 0); SECFP_SET_DESC_PTR(desc->ptr[1], 0, 0, 0); SECFP_SET_DESC_PTR(desc->ptr[2], pSA->SAParams.AuthKeyLen, pSA->AuthKeyDmaAddr, 0); if (pSA->SAParams.bUseExtendedSequenceNumber) { /* To be checked */ SECFP_SET_DESC_PTR(desc->ptr[3], skb->len + SECFP_APPEND_BUF_LEN_FIELD, ptr , 0); } else { SECFP_SET_DESC_PTR(desc->ptr[3], skb->len, ptr, 0); } SECFP_SET_DESC_PTR(desc->ptr[4], 0, 0, 0); if (!((pSA->hdr_Auth_template_0 & DESC_HDR_MODE0_AES_XCBC_MAC) == DESC_HDR_MODE0_AES_XCBC_MAC)) { iDword = 5; iDword1 = 6; } else { iDword = 6; iDword1 = 5; } SECFP_SET_DESC_PTR(desc->ptr[iDword], pSA->SAParams.uICVSize, ptr+skb->len , 0); SECFP_SET_DESC_PTR(desc->ptr[iDword1], 0, 0, 0); print_desc(desc); break; } case SECFP_CIPHER: { desc->hdr = pSA->desc_hdr_template; SECFP_SET_DESC_PTR(desc->ptr[0], 0, 0, 0); if (((pSA->desc_hdr_template & (DESC_HDR_MODE0_AES_CTR | DESC_HDR_SEL0_AESU)) == (DESC_HDR_MODE0_AES_CTR | DESC_HDR_SEL0_AESU))) /* Set up the AES Context field */ { src = (unsigned int *) pSA->SAParams.ucNounceIVCounter; pNounceIVCounter = skb->data + skb->len + SECFP_APPEND_BUF_LEN_FIELD + 12; tgt = (unsigned int *) pNounceIVCounter; /* Copying 2 integers of IV, Assumes that the first 4 bytes of Nounce is valid and the 16th byte is set to 128; not sure why though? */ *(tgt) = *src; *(tgt + 3) = src[3]; src = (unsigned int *) (skb->data + SECFP_ESP_HDR_LEN); *(tgt+1) = src[0]; *(tgt+2) = src[1]; /* todo-verify why we are setting COUNTER_BLK_LEN + 8 */ SECFP_SET_DESC_PTR(desc->ptr[1], SECFP_COUNTER_BLK_LEN, ptr + skb->len + SECFP_APPEND_BUF_LEN_FIELD + 12, 0); } else { SECFP_SET_DESC_PTR(desc->ptr[1], pSA->SAParams.ulIvSize, ptr + SECFP_ESP_HDR_LEN, 0); } /* Copy the prepared encryption key */ SECFP_SET_DESC_PTR(desc->ptr[2], pSA->SAParams.EncKeyLen, pSA->EncKeyDmaAddr, 0); SECFP_SET_DESC_PTR(desc->ptr[3], skb->len - pSA->ulSecHdrLen, ptr + pSA->ulSecHdrLen, 0); SECFP_SET_DESC_PTR(desc->ptr[4], skb->len - pSA->ulSecHdrLen, ptr + pSA->ulSecHdrLen, 0); /* removed 12 for extent */ SECFP_SET_DESC_PTR(desc->ptr[5], 0, 0, 0); SECFP_SET_DESC_PTR(desc->ptr[6], 0, 0, 0); print_desc(desc); break; } case SECFP_BOTH: { desc->hdr = pSA->desc_hdr_template; ASFIPSEC_PRINT("Desc->hdr = 0x%x", desc->hdr); /* Set up Auth Key */ /* Copy the prepared authentication key */ SECFP_SET_DESC_PTR(desc->ptr[0], pSA->SAParams.AuthKeyLen, pSA->AuthKeyDmaAddr, 0); ASFIPSEC_DBGL2("AuthkeyLen %d AuthKeyDmaAddr 0x%x\n", pSA->SAParams.AuthKeyLen, pSA->AuthKeyDmaAddr); ASFIPSEC_DBGL2("ulSecHdrLen = %d Auth Only data :" "data ptr=0x%x", pSA->ulSecHdrLen, ptr); SECFP_SET_DESC_PTR(desc->ptr[1], pSA->ulSecHdrLen, ptr, 0); ASFIPSEC_DBGL2("ulSecHdrLen %d ptr 0c%x\n", pSA->ulSecHdrLen, ptr); ASFIPSEC_DBGL2("IVSize = %d, IVdataptr=0x%x, ", pSA->SAParams.ulIvSize, ptr+SECFP_ESP_HDR_LEN); SECFP_SET_DESC_PTR(desc->ptr[2], pSA->SAParams.ulIvSize, ptr + SECFP_ESP_HDR_LEN, 0); /* Copy the prepared encryption key */ SECFP_SET_DESC_PTR(desc->ptr[3], pSA->SAParams.EncKeyLen, pSA->EncKeyDmaAddr, 0); ASFIPSEC_DBGL2("EnckeyLen %d EncKeyDmaAddr 0c%x\n", pSA->SAParams.EncKeyLen, pSA->EncKeyDmaAddr); ASFIPSEC_DBGL2("Input data setup at 0x%x: len = %d", ptr + pSA->ulSecHdrLen, skb->len - pSA->ulSecHdrLen); SECFP_SET_DESC_PTR(desc->ptr[4], skb->len - pSA->ulSecHdrLen, ptr + pSA->ulSecHdrLen, 0); ASFIPSEC_DBGL2("Output data setup at 0x%x: len = %d", ptr + pSA->ulSecHdrLen, skb->len - pSA->ulSecHdrLen); SECFP_SET_DESC_PTR(desc->ptr[5], skb->len - pSA->ulSecHdrLen, ptr + pSA->ulSecHdrLen, 12); SECFP_SET_DESC_PTR(desc->ptr[6], 0, 0, 0); print_desc(desc); break; } case SECFP_AESCTR_BOTH: { desc->hdr = pSA->desc_hdr_template | pSA->hdr_Auth_template_1; /* Set up Auth Key */ /* Copy the prepared authentication key */ SECFP_SET_DESC_PTR(desc->ptr[0], pSA->SAParams.AuthKeyLen, pSA->AuthKeyDmaAddr, 0); SECFP_SET_DESC_PTR(desc->ptr[1], pSA->ulSecHdrLen, ptr , 0); /* Copy the prepared encryption key */ SECFP_SET_DESC_PTR(desc->ptr[2], pSA->SAParams.EncKeyLen, pSA->EncKeyDmaAddr, 0); /* Set up the AES Context field - todo- validate it */ src = (unsigned int *) pSA->SAParams.ucNounceIVCounter; pNounceIVCounter = skb->data + skb->len + SECFP_APPEND_BUF_LEN_FIELD + 12; tgt = (unsigned int *) pNounceIVCounter; /* Copying 2 integers of IV, Assumes that the first 4 bytes of Nounce is valid and the 16th byte is set to 128; not sure why though? */ *(tgt) = *src; *(tgt + 3) = src[3]; src = (unsigned int *) (skb->data + SECFP_ESP_HDR_LEN); *(tgt+1) = src[0]; *(tgt+2) = src[1]; /* Need to verify why we are setting COUNTER_BLK_LEN + 8 */ SECFP_SET_DESC_PTR(desc->ptr[3], SECFP_COUNTER_BLK_LEN, ptr + skb->len + SECFP_APPEND_BUF_LEN_FIELD + 12, 0); SECFP_SET_DESC_PTR(desc->ptr[4], skb->len - pSA->ulSecHdrLen, ptr + pSA->ulSecHdrLen , 0); SECFP_SET_DESC_PTR(desc->ptr[5], skb->len - pSA->ulSecHdrLen, ptr + pSA->ulSecHdrLen, 0); /* Where to put the ICV */ SECFP_SET_DESC_PTR(desc->ptr[6], 12, ptr + skb->len , 0); break; } default: ASFIPSEC_WARN("Unknown Option :: Index = %d ", pSA->option[ulOptionIndex]); break; } desc->hdr |= DESC_HDR_DONE_NOTIFY; }
/* Remember: svc_enabled() must be called before calling svc_start() */ int svc_start(svc_t *svc) { int respawn = svc->pid != 0; pid_t pid; sigset_t nmask, omask; char *args[MAX_NUM_SVC_ARGS]; if (!svc) return 0; /* Don't try and start service if it doesn't exist. */ if (!fexist(svc->cmd)) { char msg[80]; snprintf(msg, sizeof(msg), "Service %s does not exist!", svc->cmd); print_desc("", msg); print_result(1); return 0; } /* Ignore if finit is SIGSTOP'ed */ if (is_norespawn()) return 0; if (!respawn) print_desc("Starting ", svc->desc); /* Block sigchild while forking. */ sigemptyset(&nmask); sigaddset(&nmask, SIGCHLD); sigprocmask(SIG_BLOCK, &nmask, &omask); pid = fork(); sigprocmask(SIG_SETMASK, &omask, NULL); if (pid == 0) { int i = 0; int uid = getuser(svc->username); struct sigaction sa; sigemptyset(&nmask); sigaddset(&nmask, SIGCHLD); sigprocmask(SIG_UNBLOCK, &nmask, NULL); /* Reset signal handlers that were set by the parent process */ for (i = 1; i < NSIG; i++) DFLSIG(sa, i, 0); /* Set desired user */ if (uid >= 0) setuid(uid); /* Serve copy of args to process in case it modifies them. */ for (i = 0; svc->args[i][0] != 0 && i < MAX_NUM_SVC_ARGS; i++) args[i] = svc->args[i]; args[i] = NULL; if (debug) { int fd; char buf[CMD_SIZE] = ""; fd = open(CONSOLE, O_WRONLY | O_APPEND); if (-1 != fd) { dup2(STDOUT_FILENO, fd); dup2(STDERR_FILENO, fd); } for (i = 0; args[i] && i < MAX_NUM_SVC_ARGS; i++) { char arg[MAX_ARG_LEN]; snprintf(arg, sizeof(arg), "%s ", args[i]); if (strlen(arg) < (sizeof(buf) - strlen(buf))) strcat(buf, arg); } _e("%starting %s: %s", respawn ? "Res" : "S", svc->cmd, buf); } /* XXX: Maybe change to use execve() to be able to launch scripts? */ execv(svc->cmd, args); /* Only reach this point if exec() fails. */ exit(0); } svc->pid = pid; if (!respawn) print_result(svc->pid > 1 ? 0 : 1); return 0; }