d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2b9dde098f
freebsd-dev/stand
History
Marcin Wojtas b0fefb25c5 Create kernel module to parse Veriexec manifest based on envs 
The current approach of injecting manifest into mac_veriexec is to
verify the integrity of it in userspace (veriexec (8)) and pass its
entries into kernel using a char device (/dev/veriexec).
This requires verifying root partition integrity in loader,
for example by using memory disk and checking its hash.
Otherwise if rootfs is compromised an attacker could inject their own data.

This patch introduces an option to parse manifest in kernel based on envs.
The loader sets manifest path and digest.
EVENTHANDLER is used to launch the module right after the rootfs is mounted.
It has to be done this way, since one might want to verify integrity of the init file.
This means that manifest is required to be present on the root partition.
Note that the envs have to be set right before boot to make sure that no one can spoof them.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: sjg
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D19281
2019-04-03 03:57:37 +00:00
..
arm Go back to one loader.conf 2018-02-26 03:16:47 +00:00
arm64 No need to make objects here. 2018-04-27 22:15:18 +00:00
common Create kernel module to parse Veriexec manifest based on envs 2019-04-03 03:57:37 +00:00
defaults Enable lualoader's kernel autodetection, disabled on install media 2018-10-11 17:17:54 +00:00
efi Distinguish between "no partition" and "choose best partition" with a constant. 2019-03-24 18:51:52 +00:00
fdt stand: fdt: Drop some write-only assignments/variables and leaked bits 2018-08-23 18:01:34 +00:00
ficl Enable veriexec for loader 2019-02-26 06:22:10 +00:00
ficl32 Enable veriexec for loader 2019-02-26 06:22:10 +00:00
forth Regularize the Netflix copyright 2019-02-04 21:28:25 +00:00
i386 stand: remove CLANG_NO_IAS from zfsldr 2019-03-26 20:32:05 +00:00
kshim A more definitions to kernel emulation shim in order to build stand/usb. 2018-02-07 18:50:36 +00:00
liblua Enable veriexec for loader 2019-02-26 06:22:10 +00:00
liblua32 Add Lua as a scripting langauge to /boot/loader 2018-02-12 15:31:53 +00:00
libsa Distinguish between "no partition" and "choose best partition" with a constant. 2019-03-24 18:51:52 +00:00
libsa32 Enable veriexec for loader 2019-02-26 06:22:10 +00:00
lua lualoader: Fix up some luacheck concerns 2019-03-26 02:35:58 +00:00
man Improve formatting. 2018-08-15 11:39:13 +00:00
mips Distinguish between "no partition" and "choose best partition" with a constant. 2019-03-24 18:51:52 +00:00
ofw Stop using ../zfs/libzfs.h but instead use libzfs.h. 2018-07-08 07:42:58 +00:00
powerpc powerpc/boot: Move ubldr to /boot/uboot, and make this a separate filesystem 2019-02-18 01:57:47 +00:00
sparc64 MK_ZFS -> {MK_ZFS|MK_LOADER_ZFS}, this is so we can diable userland / kernel 2019-01-05 22:45:20 +00:00
uboot Distinguish between "no partition" and "choose best partition" with a constant. 2019-03-24 18:51:52 +00:00
usb Distinguish between "no partition" and "choose best partition" with a constant. 2019-03-24 18:51:52 +00:00
userboot Distinguish between "no partition" and "choose best partition" with a constant. 2019-03-24 18:51:52 +00:00
defs.mk Move inclusion of src.opts.mk later. 2018-12-03 17:51:10 +00:00
fdt.mk
ficl.mk Remove redundant defs.mk includes. They aren't needed. 2018-06-14 06:14:48 +00:00
loader.mk Create kernel module to parse Veriexec manifest based on envs 2019-04-03 03:57:37 +00:00
lua.mk Do not include float interfaces when using libsa. 2018-02-23 04:04:25 +00:00
Makefile Move ZFS files into libsa 2018-07-08 07:42:49 +00:00
Makefile.amd64 Create LOADER_UBOOT, and LOADER_OFW. Move these options out of 2018-03-01 19:50:55 +00:00
Makefile.inc Minor flags cleanup 2017-12-02 00:06:58 +00:00
uboot.mk Unify metadata load files for arm, mips, powerpc, sparc64 2018-02-13 03:44:50 +00:00