Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Update copyright | Jon Bratseth | 2023-10-09 | 1 | -1/+1 |
| | |||||
* | Use timer | Valerij Fredriksen | 2023-05-02 | 1 | -5/+5 |
| | |||||
* | Throw `ConvergenceException` instead of `IllegalStateException` | Tor Brede Vekterli | 2023-02-01 | 1 | -3/+4 |
| | |||||
* | Fail closed when no core dump encryption public key is found | Tor Brede Vekterli | 2023-02-01 | 1 | -12/+9 |
| | |||||
* | Resolve /proc/cpuinfo with test filesystem | Valerij Fredriksen | 2023-01-10 | 1 | -0/+2 |
| | |||||
* | Update expected token with new token version | Tor Brede Vekterli | 2023-01-05 | 1 | -1/+1 |
| | |||||
* | Use ChaCha20-Poly1305 instead of AES-GCM for shared key-based crypto | Tor Brede Vekterli | 2023-01-05 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | This is to get around the limitation where AES GCM can only produce a maximum of 64 GiB of ciphertext for a particular <key, IV> pair before its security properties break down. ChaCha20-Poly1305 does not have any practical limitations here. ChaCha20-Poly1305 uses a 256-bit key whereas the shared key is 128 bits. A HKDF is used to internally expand the key material to 256 bits. To let token based decryption be fully backwards compatible, introduce a token version 2. V1 tokens will be decrypted with AES-GCM 128, while V2 tokens use ChaCha20-Poly1305. As a bonus, cryptographic operations will generally be _faster_ after this cipher change, as we use BouncyCastle ciphers and these do not use any native AES instructions. ChaCha20-Poly1305 is usually considerably faster when running without specialized hardware support. An ad-hoc experiment with a large ciphertext showed a near 70% performance increase over AES-GCM 128. | ||||
* | Stop using report-cores-via-cfg | Håkon Hallingstad | 2022-12-01 | 1 | -66/+35 |
| | |||||
* | Wire core dump encryption public key ID to core dump handler logic | Tor Brede Vekterli | 2022-11-04 | 1 | -4/+21 |
| | |||||
* | Merge pull request #24715 from vespa-engine/vekterli/encapsulate-key-id | Tor Brede Vekterli | 2022-11-02 | 1 | -1/+2 |
|\ | | | | | Encapsulate key identifier in own object | ||||
| * | Encapsulate key identifier in own object | Tor Brede Vekterli | 2022-11-02 | 1 | -1/+2 |
| | | | | | | | | Enforces invariants and avoids having to pass raw byte arrays around. | ||||
* | | Log core dump processing | Håkon Hallingstad | 2022-11-02 | 1 | -7/+7 |
|/ | |||||
* | Merge pull request #24689 from ↵ | Valerij Fredriksen | 2022-11-01 | 1 | -4/+8 |
|\ | | | | | | | | | vespa-engine/hakonhall/guard-core-dump-upload-via-cfg Guard core dump upload via cfg | ||||
| * | Guard core dump upload via cfg | Håkon Hallingstad | 2022-11-01 | 1 | -4/+8 |
| | | |||||
* | | Let token key IDs be UTF-8 byte strings instead of just an integer | Tor Brede Vekterli | 2022-11-01 | 1 | -1/+1 |
|/ | | | | | | | | | | | | | | This makes key IDs vastly more expressive. Max size is 255 bytes, and UTF-8 form is enforced by checking that the byte sequence can be identity-transformed to and from a string with UTF-8 encoding. In addition, we now protect the integrity of the key ID by supplying it as the AAD parameter to the key sealing and opening operations. Reduce v1 token max length of `enc` part to 255, since this is always an X25519 public key, which is never bigger than 32 bytes (but may be _less_ if the random `BigInteger` is small enough, so we still have to encode the length). | ||||
* | zst is the extension for std compressed files. | Henning Baldersheim | 2022-11-01 | 1 | -4/+4 |
| | |||||
* | Add encryption capabilities to core dump handler | Tor Brede Vekterli | 2022-11-01 | 1 | -23/+81 |
| | | | | | | | | | | | | | Once wired in (not currently the case), a Supplier of non-null `SecretSharedKey` instances will trigger: 1. Wrapping the output stream with an encrypting output stream using the secret component of the supplied key. Zstd compression is handled on the input stream, so this should transparently encrypt compressed data. To disambiguate, encrypted core dumps are suffixed with an additional `.enc` file extension. 2. Emitting a public decryption token as part of the metadata using the shared component of the supplied key. | ||||
* | Revert "Add encryption capabilities to core dump handler" | Henning Baldersheim | 2022-10-31 | 1 | -81/+23 |
| | |||||
* | Patch existing metadata file with new decryption token, if present | Tor Brede Vekterli | 2022-10-31 | 1 | -19/+33 |
| | | | | | | | | | Since encryption keys are single-use and generated for each core dump processing invocation, we must ensure we store and report the token associated with the _latest_ (i.e. current) attempt at processing the core dump. Otherwise, the token will not be able to decrypt the core. To achieve this, parse any existing metadata file and patch the JSON field for the token with the updated value. | ||||
* | Add encryption capabilities to core dump handler | Tor Brede Vekterli | 2022-10-31 | 1 | -10/+54 |
| | | | | | | | | | | | | | Once wired in (not currently the case), a Supplier of non-null `SecretSharedKey` instances will trigger: 1. Wrapping the output stream with an encrypting output stream using the secret component of the supplied key. Zstd compression is handled on the input stream, so this should transparently encrypt compressed data. To disambiguate, encrypted core dumps are suffixed with an additional `.enc` file extension. 2. Emitting a public decryption token as part of the metadata using the shared component of the supplied key. | ||||
* | Non-functional cleanup | Valerij Fredriksen | 2022-09-01 | 1 | -2/+2 |
| | |||||
* | Convert node-admin to junit5 | Bjørn Christian Seime | 2022-07-28 | 1 | -20/+23 |
| | |||||
* | Compress coredumps with Zstandard | Valerij Fredriksen | 2022-06-16 | 1 | -18/+3 |
| | |||||
* | Do not make coredump operator group readable | Valerij Fredriksen | 2022-04-26 | 1 | -1/+1 |
| | |||||
* | Add PathScope to NodeAgentContext to resolve paths | Valerij Fredriksen | 2021-11-04 | 1 | -10/+10 |
| | |||||
* | Reapply 3 "Use ContainerPath" | Valerij Fredriksen | 2021-10-18 | 1 | -48/+47 |
| | | | | This reverts commit 459c86c8f4b0d7c04a0c3b5f9668edef524adf8d. | ||||
* | Revert "Revert "Revert "Reapply "Use ContainerPath"""" | Valerij Fredriksen | 2021-10-18 | 1 | -47/+48 |
| | | | | This reverts commit b71cefea | ||||
* | Revert "Revert "Reapply "Use ContainerPath""" | Valerij Fredriksen | 2021-10-18 | 1 | -48/+47 |
| | | | | This reverts commit 723f37c12807edd819ef6b5d94bcd0a3c9ddda1d. | ||||
* | Revert "Reapply "Use ContainerPath"" | Valerij Fredriksen | 2021-10-18 | 1 | -47/+48 |
| | |||||
* | Revert "Revert "Use ContainerPath"" | Valerij Fredriksen | 2021-10-15 | 1 | -48/+47 |
| | |||||
* | Revert "Use ContainerPath" | Valerij Fredriksen | 2021-10-15 | 1 | -47/+48 |
| | |||||
* | Use ContainerPath | Valerij Fredriksen | 2021-10-14 | 1 | -48/+47 |
| | |||||
* | Use String instead of Path where possible | Valerij Fredriksen | 2021-10-14 | 1 | -1/+1 |
| | |||||
* | Create factory method for NodeAgentContext builder | Valerij Fredriksen | 2021-10-14 | 1 | -1/+1 |
| | |||||
* | Pass user/group ID to file utils | Valerij Fredriksen | 2021-10-07 | 1 | -1/+1 |
| | |||||
* | Update 2018 copyright notices. | gjoranv | 2021-10-07 | 1 | -1/+1 |
| | |||||
* | Remove docker-api | Martin Polden | 2021-06-29 | 1 | -2/+2 |
| | |||||
* | Report path to the core file instead | Valerij Fredriksen | 2021-05-28 | 1 | -1/+1 |
| | |||||
* | Do not start processing core/heap dumps until they've been fully written | Valerij Fredriksen | 2021-04-16 | 1 | -12/+13 |
| | |||||
* | Move core attribute with the rest | Valerij Fredriksen | 2021-04-16 | 1 | -1/+0 |
| | |||||
* | Report system metadata field | Morten Tokle | 2021-03-19 | 1 | -0/+1 |
| | |||||
* | Report java heap dumps | Valerij Fredriksen | 2020-10-30 | 1 | -1/+0 |
| | |||||
* | Avoid collecting potential large directory list | Martin Polden | 2020-06-30 | 1 | -4/+6 |
| | |||||
* | Also include core being currently processed | Ola Aunrønning | 2020-05-08 | 1 | -1/+6 |
| | |||||
* | Require the same FileSystem provider | Håkon Hallingstad | 2020-05-03 | 1 | -2/+1 |
| | |||||
* | Use full coredump path | Ola Aunrønning | 2020-04-27 | 1 | -0/+1 |
| | |||||
* | Filter hs_err files. Limit depth when counting coredumps. Create folders ↵ | Ola Aunrønning | 2020-04-16 | 1 | -2/+4 |
| | | | | using UnixPath in tests | ||||
* | Add metrics for enqueued and processed coredumps | Ola Aunrønning | 2020-04-16 | 1 | -5/+23 |
| | |||||
* | Move hs_err files with the coredump | Valerij Fredriksen | 2020-01-09 | 1 | -6/+33 |
| | |||||
* | Set coredump group owner | Valerij Fredriksen | 2019-09-06 | 1 | -1/+1 |
| |