mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-15 12:54:27 +00:00
f616d61ab6
By default only report unverified files at severity VE_WANT and above. This inlcudes *.conf but not *.hints, *.cookie or *.tgz which get VE_TRY as their severity. If Verbose is set to 0, then VerifyFlags should default to 0 too. Thus the combination of module_verbose=0 VE_VEBOSE=0 is sufficient to make the loader almost totally silent. When verify_prep has to find_manifest and it is verified ok return VE_NOT_CHECKED to verify_file so that it can skip repeating verify_fd Also add better debugging output for is_verified and add_verify_status. vectx handle compressed modules When verifying a compressed module (.ko.gz or .ko.bz2) stat() reports the size as -1 (unknown). vectx_lseek needs to spot this during closing - and just read until EOF is hit. Note: because of the way libsa's open() works, verify_prep will see the path to be verified as module.ko not module.ko.bz2 etc. This is actually ok, because we need a separate module.ko.bz2 entry so that the package can be verified, and the hash for module.ko is of the uncompressed file which is what vectx will see. Re-work local.trust.mk so site.trust.mk need only set VE_SIGN_URL_LIST (if using the mentioned signing server) interp.c: restrict interactive input Apply the same restrictions to interactive input as for unverified conf and hints files. Use version.veriexec when LOADER_VERIEXEC is yes Reviewed by: kevans Sponsored by: Juniper Networks, Inc. Differential Revision: https://reviews.freebsd.org/D43810
68 lines
2.9 KiB
C
68 lines
2.9 KiB
C
/*-
|
|
* Copyright (c) 2017-2018, Juniper Networks, Inc.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
#ifndef _VERIFY_FILE_H_
|
|
#define _VERIFY_FILE_H_
|
|
|
|
#define VE_GUESS -1 /* let verify_file work it out */
|
|
#define VE_TRY 0 /* we don't mind if unverified */
|
|
#define VE_WANT 1 /* we want this verified */
|
|
#define VE_MUST 2 /* this must be verified */
|
|
|
|
#define VE_NOT_CHECKED -42
|
|
#define VE_VERIFIED 1 /* all good */
|
|
#define VE_UNVERIFIED_OK 0 /* not verified but that's ok */
|
|
#define VE_NOT_VERIFYING 2 /* we are not verifying */
|
|
|
|
/* suitable buf size for hash_string */
|
|
#ifndef SHA_DIGEST_LENGTH
|
|
# define SHA_DIGEST_LENGTH 20
|
|
#endif
|
|
|
|
struct stat;
|
|
|
|
int verify_prep(int, const char *, off_t, struct stat *, const char *);
|
|
void ve_debug_set(int);
|
|
char *ve_error_get(void);
|
|
void ve_efi_init(void);
|
|
void ve_status_set(int, int);
|
|
int ve_status_get(int);
|
|
int load_manifest(const char *, const char *, const char *, struct stat *);
|
|
int pass_manifest(const char *, const char *);
|
|
int pass_manifest_export_envs(void);
|
|
void verify_report(const char *, int, int, struct stat *);
|
|
int verify_file(int, const char *, off_t, int, const char *);
|
|
void verify_pcr_export(void);
|
|
int hash_string(char *s, size_t n, char *buf, size_t bufsz);
|
|
int is_verified(struct stat *);
|
|
void add_verify_status(struct stat *, int);
|
|
|
|
struct vectx;
|
|
struct vectx* vectx_open(int, const char *, off_t, struct stat *, int *, const char *);
|
|
ssize_t vectx_read(struct vectx *, void *, size_t);
|
|
off_t vectx_lseek(struct vectx *, off_t, int);
|
|
int vectx_close(struct vectx *, int, const char *);
|
|
|
|
#endif /* _VERIFY_FILE_H_ */
|