b0fefb25c5
The current approach of injecting manifest into mac_veriexec is to verify the integrity of it in userspace (veriexec (8)) and pass its entries into kernel using a char device (/dev/veriexec). This requires verifying root partition integrity in loader, for example by using memory disk and checking its hash. Otherwise if rootfs is compromised an attacker could inject their own data. This patch introduces an option to parse manifest in kernel based on envs. The loader sets manifest path and digest. EVENTHANDLER is used to launch the module right after the rootfs is mounted. It has to be done this way, since one might want to verify integrity of the init file. This means that manifest is required to be present on the root partition. Note that the envs have to be set right before boot to make sure that no one can spoof them. Submitted by: Kornel Duleba <mindal@semihalf.com> Reviewed by: sjg Obtained from: Semihalf Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D19281 |
||
|---|---|---|
| .. | ||
| boot | ||
| bsdbox | ||
| build | ||
| bus_space | ||
| debugscripts | ||
| diag | ||
| ifnet | ||
| kerneldoc | ||
| LibraryReport | ||
| regression | ||
| sched | ||
| test | ||
| tools | ||
| install.sh | ||
| make_libdeps.sh | ||
| README | ||
| tinder.sh | ||
$FreeBSD$ This directory tree contains tools used for the maintenance and testing of FreeBSD. There is no toplevel Makefile structure since these tools are not meant to be built as part of the standard system, though there may be individual Makefiles in some of the subdirs. Please read the README files in the subdirs for further information.