aboutsummaryrefslogtreecommitdiffstats
path: root/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java
Commit message (Collapse)AuthorAgeFilesLines
* Update copyrightJon Bratseth2023-10-091-1/+1
|
* Use timerValerij Fredriksen2023-05-021-5/+5
|
* Throw `ConvergenceException` instead of `IllegalStateException`Tor Brede Vekterli2023-02-011-3/+4
|
* Fail closed when no core dump encryption public key is foundTor Brede Vekterli2023-02-011-12/+9
|
* Resolve /proc/cpuinfo with test filesystemValerij Fredriksen2023-01-101-0/+2
|
* Update expected token with new token versionTor Brede Vekterli2023-01-051-1/+1
|
* Use ChaCha20-Poly1305 instead of AES-GCM for shared key-based cryptoTor Brede Vekterli2023-01-051-1/+1
| | | | | | | | | | | | | | | | | | | | | This is to get around the limitation where AES GCM can only produce a maximum of 64 GiB of ciphertext for a particular <key, IV> pair before its security properties break down. ChaCha20-Poly1305 does not have any practical limitations here. ChaCha20-Poly1305 uses a 256-bit key whereas the shared key is 128 bits. A HKDF is used to internally expand the key material to 256 bits. To let token based decryption be fully backwards compatible, introduce a token version 2. V1 tokens will be decrypted with AES-GCM 128, while V2 tokens use ChaCha20-Poly1305. As a bonus, cryptographic operations will generally be _faster_ after this cipher change, as we use BouncyCastle ciphers and these do not use any native AES instructions. ChaCha20-Poly1305 is usually considerably faster when running without specialized hardware support. An ad-hoc experiment with a large ciphertext showed a near 70% performance increase over AES-GCM 128.
* Stop using report-cores-via-cfgHåkon Hallingstad2022-12-011-66/+35
|
* Wire core dump encryption public key ID to core dump handler logicTor Brede Vekterli2022-11-041-4/+21
|
* Merge pull request #24715 from vespa-engine/vekterli/encapsulate-key-idTor Brede Vekterli2022-11-021-1/+2
|\ | | | | Encapsulate key identifier in own object
| * Encapsulate key identifier in own objectTor Brede Vekterli2022-11-021-1/+2
| | | | | | | | Enforces invariants and avoids having to pass raw byte arrays around.
* | Log core dump processingHåkon Hallingstad2022-11-021-7/+7
|/
* Merge pull request #24689 from ↵Valerij Fredriksen2022-11-011-4/+8
|\ | | | | | | | | vespa-engine/hakonhall/guard-core-dump-upload-via-cfg Guard core dump upload via cfg
| * Guard core dump upload via cfgHåkon Hallingstad2022-11-011-4/+8
| |
* | Let token key IDs be UTF-8 byte strings instead of just an integerTor Brede Vekterli2022-11-011-1/+1
|/ | | | | | | | | | | | | | This makes key IDs vastly more expressive. Max size is 255 bytes, and UTF-8 form is enforced by checking that the byte sequence can be identity-transformed to and from a string with UTF-8 encoding. In addition, we now protect the integrity of the key ID by supplying it as the AAD parameter to the key sealing and opening operations. Reduce v1 token max length of `enc` part to 255, since this is always an X25519 public key, which is never bigger than 32 bytes (but may be _less_ if the random `BigInteger` is small enough, so we still have to encode the length).
* zst is the extension for std compressed files.Henning Baldersheim2022-11-011-4/+4
|
* Add encryption capabilities to core dump handlerTor Brede Vekterli2022-11-011-23/+81
| | | | | | | | | | | | | Once wired in (not currently the case), a Supplier of non-null `SecretSharedKey` instances will trigger: 1. Wrapping the output stream with an encrypting output stream using the secret component of the supplied key. Zstd compression is handled on the input stream, so this should transparently encrypt compressed data. To disambiguate, encrypted core dumps are suffixed with an additional `.enc` file extension. 2. Emitting a public decryption token as part of the metadata using the shared component of the supplied key.
* Revert "Add encryption capabilities to core dump handler"Henning Baldersheim2022-10-311-81/+23
|
* Patch existing metadata file with new decryption token, if presentTor Brede Vekterli2022-10-311-19/+33
| | | | | | | | | Since encryption keys are single-use and generated for each core dump processing invocation, we must ensure we store and report the token associated with the _latest_ (i.e. current) attempt at processing the core dump. Otherwise, the token will not be able to decrypt the core. To achieve this, parse any existing metadata file and patch the JSON field for the token with the updated value.
* Add encryption capabilities to core dump handlerTor Brede Vekterli2022-10-311-10/+54
| | | | | | | | | | | | | Once wired in (not currently the case), a Supplier of non-null `SecretSharedKey` instances will trigger: 1. Wrapping the output stream with an encrypting output stream using the secret component of the supplied key. Zstd compression is handled on the input stream, so this should transparently encrypt compressed data. To disambiguate, encrypted core dumps are suffixed with an additional `.enc` file extension. 2. Emitting a public decryption token as part of the metadata using the shared component of the supplied key.
* Non-functional cleanupValerij Fredriksen2022-09-011-2/+2
|
* Convert node-admin to junit5Bjørn Christian Seime2022-07-281-20/+23
|
* Compress coredumps with ZstandardValerij Fredriksen2022-06-161-18/+3
|
* Do not make coredump operator group readableValerij Fredriksen2022-04-261-1/+1
|
* Add PathScope to NodeAgentContext to resolve pathsValerij Fredriksen2021-11-041-10/+10
|
* Reapply 3 "Use ContainerPath"Valerij Fredriksen2021-10-181-48/+47
| | | | This reverts commit 459c86c8f4b0d7c04a0c3b5f9668edef524adf8d.
* Revert "Revert "Revert "Reapply "Use ContainerPath""""Valerij Fredriksen2021-10-181-47/+48
| | | | This reverts commit b71cefea
* Revert "Revert "Reapply "Use ContainerPath"""Valerij Fredriksen2021-10-181-48/+47
| | | | This reverts commit 723f37c12807edd819ef6b5d94bcd0a3c9ddda1d.
* Revert "Reapply "Use ContainerPath""Valerij Fredriksen2021-10-181-47/+48
|
* Revert "Revert "Use ContainerPath""Valerij Fredriksen2021-10-151-48/+47
|
* Revert "Use ContainerPath"Valerij Fredriksen2021-10-151-47/+48
|
* Use ContainerPathValerij Fredriksen2021-10-141-48/+47
|
* Use String instead of Path where possibleValerij Fredriksen2021-10-141-1/+1
|
* Create factory method for NodeAgentContext builderValerij Fredriksen2021-10-141-1/+1
|
* Pass user/group ID to file utilsValerij Fredriksen2021-10-071-1/+1
|
* Update 2018 copyright notices.gjoranv2021-10-071-1/+1
|
* Remove docker-apiMartin Polden2021-06-291-2/+2
|
* Report path to the core file insteadValerij Fredriksen2021-05-281-1/+1
|
* Do not start processing core/heap dumps until they've been fully writtenValerij Fredriksen2021-04-161-12/+13
|
* Move core attribute with the restValerij Fredriksen2021-04-161-1/+0
|
* Report system metadata fieldMorten Tokle2021-03-191-0/+1
|
* Report java heap dumpsValerij Fredriksen2020-10-301-1/+0
|
* Avoid collecting potential large directory listMartin Polden2020-06-301-4/+6
|
* Also include core being currently processedOla Aunrønning2020-05-081-1/+6
|
* Require the same FileSystem providerHåkon Hallingstad2020-05-031-2/+1
|
* Use full coredump pathOla Aunrønning2020-04-271-0/+1
|
* Filter hs_err files. Limit depth when counting coredumps. Create folders ↵Ola Aunrønning2020-04-161-2/+4
| | | | using UnixPath in tests
* Add metrics for enqueued and processed coredumpsOla Aunrønning2020-04-161-5/+23
|
* Move hs_err files with the coredumpValerij Fredriksen2020-01-091-6/+33
|
* Set coredump group ownerValerij Fredriksen2019-09-061-1/+1
|