internal bool Verify(SecureFSInode inode)
{
Contract.Requires(CurrentState == State.Encrypted);
Contract.Ensures(!Contract.Result <bool>() || CurrentState == State.Verified);
Contract.Ensures(Contract.Result <bool>() || CurrentState == Contract.OldValue(CurrentState));
Contract.Ensures(Next == Contract.OldValue(Next));
var r = inode.VerifyPage(this);
if (r)
{
CurrentState = State.Verified;
}
return(r);
}
internal bool Load(SecureFSInode inode)
{
Contract.Requires(CurrentState == State.Empty);
Contract.Ensures(Next == Contract.OldValue(Next));
Contract.Ensures(!Contract.Result <bool>() || CurrentState == State.Decrypted);
inode.LoadPageRaw(this);
if (!Verify(inode))
{
return(false);
}
Decrypt();
return(true);
}
internal static SecureFSInode Create(Thread current, ByteBufferRef header, int linux_fd, int size_on_disk, ref int p_ret)
{
var proc = current.Parent;
int data_pgoffset;
byte[] page_signatures;
uint real_file_size;
var ret = NativeMethods.sfs_initialize_and_verify_metadata(new Pointer(header.Location), header.Length, size_on_disk,
out data_pgoffset, out real_file_size, out page_signatures);
var metadata_verified = ret == 0;
if (!metadata_verified)
{
Arch.Console.WriteLine("SFSINode::Failed to verify metadata");
p_ret = ret;
return(null);
}
var access_permission_checked = Globals.SecurityManager.CanAccessFile(current, header);
if (!access_permission_checked)
{
return(null);
}
var arch_inode = new Arch.ArchINode(linux_fd, (uint)size_on_disk, proc.helperPid);
Contract.Assert(metadata_verified && access_permission_checked);
var inode = new SecureFSInode(linux_fd, (uint)size_on_disk, proc.helperPid, real_file_size);
inode.DataPageOffset = data_pgoffset;
inode.Signatures = page_signatures;
return(inode);
}
internal static GenericINode HandleOpenFileCompletion(OpenFileCompletion completion, int linux_fd, int size, ref int p_ret)
{
var current = completion.thr;
return(SecureFSInode.Create(current, completion.buf, linux_fd, size, ref p_ret));
}