svn commit: r346604 - in head/lib/libsecureboot: . h
Simon J. Gerraty
sjg at FreeBSD.org
Tue Apr 23 20:25:27 UTC 2019
Author: sjg
Date: Tue Apr 23 20:25:25 2019
New Revision: 346604
URL: https://svnweb.freebsd.org/changeset/base/346604
Log:
Allow no_hash to appear in manifest.
sbin/veriexec will ignore entries that have no hash anyway,
but loader needs to be explicitly told that such files are
ok to ignore (not verify).
We will report as Unverified depending on verbose level,
but with no reason - because we are not rejecting the file.
Reviewed by: imp, mindal_semihalf
Sponsored by: Juniper Networks
MFC After: 1 week
Differential Revision: https://reviews.freebsd.org//D20018
Modified:
head/lib/libsecureboot/h/libsecureboot.h
head/lib/libsecureboot/vectx.c
head/lib/libsecureboot/veopen.c
head/lib/libsecureboot/verify_file.c
Modified: head/lib/libsecureboot/h/libsecureboot.h
==============================================================================
--- head/lib/libsecureboot/h/libsecureboot.h Tue Apr 23 18:10:46 2019 (r346603)
+++ head/lib/libsecureboot/h/libsecureboot.h Tue Apr 23 20:25:25 2019 (r346604)
@@ -86,6 +86,7 @@ ssize_t ve_pcr_get(unsigned char *, size_t);
#define VEF_VERBOSE 1
#define VE_FINGERPRINT_OK 1
+#define VE_FINGERPRINT_IGNORE 2
/* errors from verify_fd */
#define VE_FINGERPRINT_NONE -2
#define VE_FINGERPRINT_WRONG -3
Modified: head/lib/libsecureboot/vectx.c
==============================================================================
--- head/lib/libsecureboot/vectx.c Tue Apr 23 18:10:46 2019 (r346603)
+++ head/lib/libsecureboot/vectx.c Tue Apr 23 20:25:25 2019 (r346604)
@@ -120,7 +120,10 @@ vectx_open(int fd, const char *path, off_t off, struct
ctx->vec_status = VE_FINGERPRINT_NONE;
ve_error_set("%s: no entry", path);
} else {
- if (strncmp(cp, "sha256=", 7) == 0) {
+ if (strncmp(cp, "no_hash", 7) == 0) {
+ ctx->vec_status = VE_FINGERPRINT_IGNORE;
+ hashsz = 0;
+ } else if (strncmp(cp, "sha256=", 7) == 0) {
ctx->vec_md = &br_sha256_vtable;
hashsz = br_sha256_SIZE;
cp += 7;
@@ -150,11 +153,13 @@ vectx_open(int fd, const char *path, off_t off, struct
*error = ctx->vec_status;
ctx->vec_hashsz = hashsz;
ctx->vec_want = cp;
- ctx->vec_md->init(&ctx->vec_ctx.vtable);
+ if (hashsz > 0) {
+ ctx->vec_md->init(&ctx->vec_ctx.vtable);
- if (hashsz > 0 && off > 0) {
- lseek(fd, 0, SEEK_SET);
- vectx_lseek(ctx, off, SEEK_SET);
+ if (off > 0) {
+ lseek(fd, 0, SEEK_SET);
+ vectx_lseek(ctx, off, SEEK_SET);
+ }
}
return (ctx);
Modified: head/lib/libsecureboot/veopen.c
==============================================================================
--- head/lib/libsecureboot/veopen.c Tue Apr 23 18:10:46 2019 (r346603)
+++ head/lib/libsecureboot/veopen.c Tue Apr 23 20:25:25 2019 (r346604)
@@ -345,7 +345,9 @@ verify_fingerprint(int fd, const char *path, const cha
size_t hlen;
int n;
- if (strncmp(cp, "sha256=", 7) == 0) {
+ if (strncmp(cp, "no_hash", 7) == 0) {
+ return (VE_FINGERPRINT_IGNORE);
+ } else if (strncmp(cp, "sha256=", 7) == 0) {
md = &br_sha256_vtable;
hlen = br_sha256_SIZE;
cp += 7;
@@ -423,6 +425,7 @@ verify_fd(int fd, const char *path, off_t off, struct
rc = verify_fingerprint(fd, path, cp, off);
switch (rc) {
case VE_FINGERPRINT_OK:
+ case VE_FINGERPRINT_IGNORE:
case VE_FINGERPRINT_UNKNOWN:
return (rc);
default:
Modified: head/lib/libsecureboot/verify_file.c
==============================================================================
--- head/lib/libsecureboot/verify_file.c Tue Apr 23 18:10:46 2019 (r346603)
+++ head/lib/libsecureboot/verify_file.c Tue Apr 23 20:25:25 2019 (r346604)
@@ -343,10 +343,14 @@ verify_file(int fd, const char *filename, off_t off, i
if ((rc = verify_fd(fd, filename, off, &st)) >= 0) {
if (verbose || severity > VE_WANT) {
#if defined(VE_DEBUG_LEVEL) && VE_DEBUG_LEVEL > 0
- printf("Verified %s %llu,%llu\n", filename,
+ printf("%serified %s %llu,%llu\n",
+ (rc == VE_FINGERPRINT_IGNORE) ? "Unv" : "V",
+ filename,
(long long)st.st_dev, (long long)st.st_ino);
#else
- printf("Verified %s\n", filename);
+ printf("%serified %s\n",
+ (rc == VE_FINGERPRINT_IGNORE) ? "Unv" : "V",
+ filename);
#endif
}
if (severity < VE_MUST) { /* not a kernel or module */
More information about the svn-src-all
mailing list