r3808 - in trunk/varnish-cache: bin/varnishd include
phk at projects.linpro.no
phk at projects.linpro.no
Mon Feb 23 11:46:50 CET 2009
Author: phk
Date: 2009-02-23 11:46:50 +0100 (Mon, 23 Feb 2009)
New Revision: 3808
Modified:
trunk/varnish-cache/bin/varnishd/storage_persistent.c
trunk/varnish-cache/include/persistent.h
Log:
Create/validate the three signed tables (ban1+2, segments)
Modified: trunk/varnish-cache/bin/varnishd/storage_persistent.c
===================================================================
--- trunk/varnish-cache/bin/varnishd/storage_persistent.c 2009-02-23 10:46:07 UTC (rev 3807)
+++ trunk/varnish-cache/bin/varnishd/storage_persistent.c 2009-02-23 10:46:50 UTC (rev 3808)
@@ -54,6 +54,7 @@
const char *filename;
off_t mediasize;
unsigned granularity;
+ uint32_t unique;
uint8_t *ptr;
};
@@ -61,10 +62,13 @@
/*--------------------------------------------------------------------*/
static void
-smp_make_sign(const void *ptr, off_t len, uint8_t *dest)
+smp_make_hash(void *ptr, off_t len)
{
struct SHA256Context c;
+ unsigned char *dest;
+ dest = ptr;
+ dest += len;
SHA256_Init(&c);
SHA256_Update(&c, ptr, len);
SHA256_Final(dest, &c);
@@ -73,25 +77,68 @@
/*--------------------------------------------------------------------*/
static int
-smp_check_sign(const void *ptr, off_t len, const void *sign)
+smp_check_hash(void *ptr, off_t len)
{
struct SHA256Context c;
- unsigned char nsign[32];
+ unsigned char sign[SHA256_LEN];
+ unsigned char *dest;
+ dest = ptr;
+ dest += len;
SHA256_Init(&c);
SHA256_Update(&c, ptr, len);
- SHA256_Final(nsign, &c);
- return(memcmp(sign, nsign, sizeof nsign));
+ SHA256_Final(sign, &c);
+ return(memcmp(sign, dest, sizeof sign));
}
/*--------------------------------------------------------------------*/
static void
+smp_create_sign(struct smp_sc *sc, uint64_t adr, uint64_t len, const char *id)
+{
+ struct smp_sign *ss;
+
+ AZ(adr & 0x7); /* Enforce alignment */
+
+ ss = (void*)(sc->ptr + adr);
+ memset(ss, 0, sizeof *ss);
+ assert(strlen(id) < sizeof ss->ident);
+ strcpy(ss->ident, id);
+ ss->unique = sc->unique;
+ ss->mapped = (uintptr_t)(sc->ptr + adr);
+ ss->length = len;
+ smp_make_hash(ss, sizeof *ss + len);
+}
+
+/*--------------------------------------------------------------------*/
+
+static int
+smp_check_sign(struct smp_sc *sc, uint64_t adr, const char *id)
+{
+ struct smp_sign *ss;
+
+ AZ(adr & 0x7); /* Enforce alignment */
+
+ ss = (void*)(sc->ptr + adr);
+ assert(strlen(id) < sizeof ss->ident);
+ if (strcmp(id, ss->ident))
+ return (1);
+ if (ss->unique != sc->unique)
+ return (2);
+ return (smp_check_hash(ss, sizeof *ss + ss->length));
+}
+
+/*--------------------------------------------------------------------*/
+
+static void
smp_newsilo(struct smp_sc *sc)
{
struct smp_ident *si;
assert(strlen(SMP_IDENT_STRING) < sizeof si->ident);
+
+ sc->unique = random();
+
si = (void*)sc->ptr;
memset(si, 0, sizeof *si);
strcpy(si->ident, SMP_IDENT_STRING);
@@ -99,18 +146,29 @@
si->size = sizeof *si;
si->major_version = 1;
si->minor_version = 1;
+ si->unique = sc->unique;
si->mediasize = sc->mediasize;
si->granularity = sc->granularity;
- smp_make_sign(si, sizeof *si, sc->ptr + sizeof *si);
+ /* XXX: intelligent sizing of things */
+ si->stuff[SMP_BAN1_STUFF] = sc->granularity;
+ si->stuff[SMP_BAN2_STUFF] = si->stuff[SMP_BAN1_STUFF] + 1024*1024;
+ si->stuff[SMP_SEGS_STUFF] = si->stuff[SMP_BAN2_STUFF] + 1024*1024;
+ si->stuff[SMP_END_STUFF] = si->mediasize;
+ smp_create_sign(sc, si->stuff[SMP_BAN1_STUFF], 0, "BAN 1");
+ smp_create_sign(sc, si->stuff[SMP_BAN2_STUFF], 0, "BAN 2");
+ smp_create_sign(sc, si->stuff[SMP_SEGS_STUFF], 0, "SEGMENT");
+
+ smp_make_hash(si, sizeof *si);
}
/*--------------------------------------------------------------------*/
static int
-smp_valid_ident(struct smp_sc *sc)
+smp_valid_silo(struct smp_sc *sc)
{
struct smp_ident *si;
+ int i;
assert(strlen(SMP_IDENT_STRING) < sizeof si->ident);
si = (void*)sc->ptr;
@@ -120,7 +178,7 @@
return (2);
if (si->size != sizeof *si)
return (3);
- if (smp_check_sign(si, sizeof *si, sc->ptr + sizeof *si))
+ if (smp_check_hash(si, sizeof *si))
return (4);
if (si->major_version != 1)
return (5);
@@ -130,6 +188,25 @@
return (7);
if (si->granularity != sc->granularity)
return (8);
+ sc->unique = si->unique;
+
+ /* XXX: Sanity check stuff[4] */
+
+ assert(si->stuff[0] > sizeof *si + SHA256_LEN);
+ assert(si->stuff[1] > si->stuff[0]);
+ assert(si->stuff[2] > si->stuff[1]);
+ assert(si->stuff[3] > si->stuff[2]);
+ assert(si->stuff[3] == sc->mediasize);
+
+ i = smp_check_sign(sc, si->stuff[SMP_BAN1_STUFF], "BAN 1");
+ if (i)
+ return (i + 10);
+ i = smp_check_sign(sc, si->stuff[SMP_BAN2_STUFF], "BAN 2");
+ if (i)
+ return (i + 20);
+ i = smp_check_sign(sc, si->stuff[SMP_SEGS_STUFF], "SEGMENT");
+ if (i)
+ return (i + 30);
return (0);
}
@@ -144,7 +221,16 @@
(void)parent;
AZ(av[ac]);
+#define SZOF(foo) fprintf(stderr, \
+ "sizeof(%s) = %zd = 0x%zx\n", #foo, sizeof(foo), sizeof(foo));
+ SZOF(struct smp_ident);
+ SZOF(struct smp_sign);
+ SZOF(struct smp_segment);
+ SZOF(struct smp_object);
+#undef SZOF
+
assert(sizeof(struct smp_ident) == SMP_IDENT_SIZE);
+ assert(sizeof(struct smp_sign) == SMP_SIGN_SIZE);
assert(sizeof(struct smp_object) == SMP_OBJECT_SIZE);
/* Allocate softc */
@@ -176,9 +262,10 @@
fprintf(stderr, "i = %d ms = %jd g = %u\n",
i, (intmax_t)sc->mediasize, sc->granularity);
- fprintf(stderr, "Silo: %d\n", smp_valid_ident(sc));
+ fprintf(stderr, "Silo: %d\n", smp_valid_silo(sc));
smp_newsilo(sc);
- fprintf(stderr, "Silo: %d\n", smp_valid_ident(sc));
+ fprintf(stderr, "Silo: %d\n", smp_valid_silo(sc));
+ AZ(smp_valid_silo(sc));
exit (2);
}
Modified: trunk/varnish-cache/include/persistent.h
===================================================================
--- trunk/varnish-cache/include/persistent.h 2009-02-23 10:46:07 UTC (rev 3807)
+++ trunk/varnish-cache/include/persistent.h 2009-02-23 10:46:50 UTC (rev 3808)
@@ -71,19 +71,37 @@
uint32_t minor_version;
+ uint32_t unique;
+
uint64_t mediasize; /* ... in bytes */
uint32_t granularity; /* smallest ... in bytes */
- /* XXX: ptr to bans table */
- /* XXX: ptr to segment table */
+ uint64_t stuff[4]; /* pointers to stuff */
+#define SMP_BAN1_STUFF 0
+#define SMP_BAN2_STUFF 1
+#define SMP_SEGS_STUFF 2
+#define SMP_END_STUFF 3
};
-#define SMP_IDENT_SIZE (32 + 4 + 4 + 4 + 4 + 8 + 4 )
+#define SMP_IDENT_SIZE (32 + 4 + 4 + 4 + 4 + 4 + 8 + 4 + 4 * 8)
#define SMP_IDENT_STRING "Varnish Persistent Storage Silo"
/*
+ * This is used to sign various bits on the disk.
+ */
+
+struct smp_sign {
+ char ident[8];
+ uint32_t unique;
+ uint64_t mapped;
+ uint64_t length;
+};
+
+#define SMP_SIGN_SIZE (8 + 4 + 8 + 8 + 32)
+
+/*
* A segment descriptor.
*/
More information about the varnish-commit
mailing list