svn commit: r362127 - head/lib/libsecureboot
Simon J. Gerraty
sjg at FreeBSD.org
Fri Jun 12 21:55:31 UTC 2020
Author: sjg
Date: Fri Jun 12 21:55:30 2020
New Revision: 362127
URL: https://svnweb.freebsd.org/changeset/base/362127
Log:
verify_pcr_export: bump kenv_mvallen if needed
The loader.ve.hashed list can easily exceed KENV_MVALLEN.
If so, bump kenv_mvallen to a multiple of KENV_MVALLEN to
accommodate the value.
Reviewed by: stevek
MFC after: 1 week
Modified:
head/lib/libsecureboot/verify_file.c
Modified: head/lib/libsecureboot/verify_file.c
==============================================================================
--- head/lib/libsecureboot/verify_file.c Fri Jun 12 21:53:08 2020 (r362126)
+++ head/lib/libsecureboot/verify_file.c Fri Jun 12 21:55:30 2020 (r362127)
@@ -31,6 +31,7 @@ __FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <string.h>
#include <sys/queue.h>
+#include <sys/kenv.h>
#include "libsecureboot.h"
#include <verify_file.h>
@@ -532,6 +533,19 @@ verify_pcr_export(void)
DEBUG_PRINTF(1,
("%s: setenv(loader.ve.hashed, %s\n",
__func__, hinfo));
+ if ((hlen = strlen(hinfo)) > KENV_MVALLEN) {
+ /*
+ * bump kenv_mvallen
+ * roundup to multiple of KENV_MVALLEN
+ */
+ char mvallen[16];
+
+ hlen += KENV_MVALLEN -
+ (hlen % KENV_MVALLEN);
+ if (snprintf(mvallen, sizeof(mvallen),
+ "%d", (int) hlen) < sizeof(mvallen))
+ setenv("kenv_mvallen", mvallen, 1);
+ }
free(hinfo);
}
}
More information about the svn-src-all
mailing list