afc571b1a6
The vectx API, computes the hash for verifying a file as it is read. This avoids the overhead of reading files twice - once to verify, then again to load. For doing an install via loader, avoiding the need to rewind large files is critical. This API is only used for modules, kernel and mdimage as these are the biggest files read by the loader. The reduction in boot time depends on how expensive the I/O is on any given platform. On a fast VM we see 6% improvement. For install via loader the first file to be verified is likely to be the kernel, so some of the prep work (finding manifest etc) done by verify_file() needs to be factored so it can be reused for vectx_open(). For missing or unrecognized fingerprint entries, we fail in vectx_open() unless verifying is disabled. Otherwise fingerprint check happens in vectx_close() and since this API is only used for files which must be verified (VE_MUST) we panic if we get an incorrect hash. Reviewed by: imp,tsoome MFC after: 1 week Sponsored by: Juniper Networks Differential Revision: https://reviews.freebsd.org//D23827
76 lines
2.1 KiB
C
76 lines
2.1 KiB
C
/*-
|
|
* Copyright (c) 1998 Michael Smith <msmith@freebsd.org>
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include <sys/cdefs.h>
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
/*
|
|
* MD primitives supporting placement of module data
|
|
*
|
|
* XXX should check load address/size against memory top.
|
|
*/
|
|
#include <stand.h>
|
|
|
|
#include "libi386.h"
|
|
#include "btxv86.h"
|
|
|
|
ssize_t
|
|
i386_copyin(const void *src, vm_offset_t dest, const size_t len)
|
|
{
|
|
if (dest + len >= memtop) {
|
|
errno = EFBIG;
|
|
return (-1);
|
|
}
|
|
|
|
bcopy(src, PTOV(dest), len);
|
|
return (len);
|
|
}
|
|
|
|
ssize_t
|
|
i386_copyout(const vm_offset_t src, void *dest, const size_t len)
|
|
{
|
|
if (src + len >= memtop) {
|
|
errno = EFBIG;
|
|
return (-1);
|
|
}
|
|
|
|
bcopy(PTOV(src), dest, len);
|
|
return (len);
|
|
}
|
|
|
|
|
|
ssize_t
|
|
i386_readin(readin_handle_t fd, vm_offset_t dest, const size_t len)
|
|
{
|
|
|
|
if (dest + len >= memtop_copyin) {
|
|
errno = EFBIG;
|
|
return (-1);
|
|
}
|
|
|
|
return (VECTX_READ(fd, PTOV(dest), len));
|
|
}
|