packages/secGear
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
secGear/0093-add-detailed-log-of-file-opening-failures.patch
xuraoqing 4b7794d24e sync patches from upstream 
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
2025-03-18 20:18:49 +08:00

75 lines
3.3 KiB
Diff
Raw Blame History

From 9c04006b8f5281bd5b436f81ec855f78a719dff7 Mon Sep 17 00:00:00 2001
From: houmingyong <houmingyong@huawei.com>
Date: Wed, 18 Dec 2024 09:34:57 +0800
Subject: [PATCH] add detailed log of file opening failures
---
.../attestation-service/verifier/src/virtcca/ima.rs | 8 ++++----
.../attestation-service/verifier/src/virtcca/mod.rs | 9 ++++++---
2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/service/attestation/attestation-service/verifier/src/virtcca/ima.rs b/service/attestation/attestation-service/verifier/src/virtcca/ima.rs
index 7af55e8..e25e55e 100644
--- a/service/attestation/attestation-service/verifier/src/virtcca/ima.rs
+++ b/service/attestation/attestation-service/verifier/src/virtcca/ima.rs
@@ -9,7 +9,7 @@
* PURPOSE.
* See the Mulan PSL v2 for more details.
*/
-use anyhow::{Result, bail};
+use anyhow::{anyhow, Result, bail};
use ima_measurements::{Event, EventData, Parser};
use fallible_iterator::FallibleIterator;
use serde_json::{Value, Map, json};
@@ -47,7 +47,8 @@ impl ImaVerify {
bail!("ima log hash verify failed");
}
- let ima_refs: Vec<_> = file_reader(IMA_REFERENCE_FILE)?
+ let ima_refs: Vec<_> = file_reader(IMA_REFERENCE_FILE)
+ .map_err(|_err| anyhow!("{} is not found", IMA_REFERENCE_FILE))?
.into_iter()
.map(String::from)
.collect();
@@ -80,8 +81,7 @@ impl ImaVerify {
use std::io::BufRead;
use std::io::BufReader;
fn file_reader(file_path: &str) -> ::std::io::Result<Vec<String>> {
- let file = std::fs::File::open(file_path)
- .expect("open ima reference file failed");
+ let file = std::fs::File::open(file_path)?;
let mut strings = Vec::<String>::new();
let mut reader = BufReader::new(file);
let mut buf = String::new();
diff --git a/service/attestation/attestation-service/verifier/src/virtcca/mod.rs b/service/attestation/attestation-service/verifier/src/virtcca/mod.rs
index 97f5b6b..42f263a 100644
--- a/service/attestation/attestation-service/verifier/src/virtcca/mod.rs
+++ b/service/attestation/attestation-service/verifier/src/virtcca/mod.rs
@@ -161,9 +161,11 @@ impl Evidence {
// todo verify cert chain, now only verify signature
fn verify_dev_cert_chain(dev_cert: &[u8]) -> Result<()> {
let dev_cert = x509::X509::from_der(dev_cert)?;
- let sub_cert_file = std::fs::read(VIRTCCA_SUB_CERT)?;
+ let sub_cert_file = std::fs::read(VIRTCCA_SUB_CERT)
+ .map_err(|_err| anyhow!("{} is not found", VIRTCCA_SUB_CERT))?;
let sub_cert = x509::X509::from_pem(&sub_cert_file)?;
- let root_cert_file = std::fs::read(VIRTCCA_ROOT_CERT)?;
+ let root_cert_file = std::fs::read(VIRTCCA_ROOT_CERT)
+ .map_err(|_err| anyhow!("{} is not found", VIRTCCA_ROOT_CERT))?;
let root_cert = x509::X509::from_pem(&root_cert_file)?;
// verify dev_cert by sub_cert
@@ -229,7 +231,8 @@ impl Evidence {
}
#[cfg(feature = "no_as")]
fn compare_with_ref(&mut self) -> Result<()> {
- let ref_file = std::fs::read(VIRTCCA_REF_VALUE_FILE)?;
+ let ref_file = std::fs::read(VIRTCCA_REF_VALUE_FILE)
+ .map_err(|_err| anyhow!("{} is not found", VIRTCCA_REF_VALUE_FILE))?;
let js_ref = serde_json::from_slice(&ref_file)?;
match js_ref {
serde_json::Value::Object(obj) => {
--
2.43.0
Reference in New Issue View Git Blame Copy Permalink