8512d82ea0
Ensure veriexec opens the file before doing any read operations. When the MAC_VERIEXEC_CHECK_PATH_SYSCALL syscall is requested, veriexec needs to open the file before calling mac_veriexec_check_vp. This is to ensure any set up is done by the file system. Most file systems do not explicitly need an open, but some (e.g. virtfs) require initialization of access tokens (file identifiers, etc.) before doing any read or write operations. The evaluate_fingerprint() function needs to ensure it has an open file for reading in order to evaluate the fingerprint. The ideal solution is to have a hook after the VOP_OPEN call in vn_open. For now, we open the file for reading, envaluate the fingerprint, and close the file. While this leaves a potential hole that could possibly be taken advantage of by a dedicated aversary, this code path is not typically visited often in our use cases, as we primarily encounter verified mounts and not individual files. This should be considered a temporary workaround until discussions about the post-open hook have concluded and the hook becomes available. Add MAC_VERIEXEC_GET_PARAMS_PATH_SYSCALL and MAC_VERIEXEC_GET_PARAMS_PID_SYSCALL to mac_veriexec_syscall so we can fetch and check label contents in an unconstrained manner. Add a check for PRIV_VERIEXEC_CONTROL to do ioctl on /dev/veriexec Make it clear that trusted process cannot be debugged. Attempts to debug a trusted process already fail, but the failure path is very obscure. Add an explicit check for VERIEXEC_TRUSTED in mac_veriexec_proc_check_debug. We need mac_veriexec_priv_check to not block PRIV_KMEM_WRITE if mac_priv_gant() says it is ok. Reviewed by: sjg Obtained from: Juniper Networks, Inc. |
||
---|---|---|
.cirrus-ci | ||
.github | ||
bin | ||
cddl | ||
contrib | ||
crypto | ||
etc | ||
gnu | ||
include | ||
kerberos5 | ||
lib | ||
libexec | ||
release | ||
rescue | ||
sbin | ||
secure | ||
share | ||
stand | ||
sys | ||
targets | ||
tests | ||
tools | ||
usr.bin | ||
usr.sbin | ||
.arcconfig | ||
.arclint | ||
.cirrus.yml | ||
.clang-format | ||
.git-blame-ignore-revs | ||
.gitattributes | ||
.gitignore | ||
CONTRIBUTING.md | ||
COPYRIGHT | ||
LOCKS | ||
MAINTAINERS | ||
Makefile | ||
Makefile.inc1 | ||
Makefile.libcompat | ||
Makefile.sys.inc | ||
ObsoleteFiles.inc | ||
README.md | ||
RELNOTES | ||
UPDATING |
FreeBSD Source:
This is the top level of the FreeBSD source directory.
FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.
For copyright information, please see the file COPYRIGHT in this directory. Additional copyright information also exists for some sources in this tree - please see the specific source directories for more information.
The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7), config(8), FreeBSD handbook on building userland, and Handbook for kernels for more information, including setting make(1) variables.
For information on the CPU architectures and platforms supported by FreeBSD, see the FreeBSD website's Platforms page.
Source Roadmap:
Directory | Description |
---|---|
bin | System/user commands. |
cddl | Various commands and libraries under the Common Development and Distribution License. |
contrib | Packages contributed by 3rd parties. |
crypto | Cryptography stuff (see crypto/README). |
etc | Template files for /etc. |
gnu | Commands and libraries under the GNU General Public License (GPL) or Lesser General Public License (LGPL). Please see gnu/COPYING and gnu/COPYING.LIB for more information. |
include | System include files. |
kerberos5 | Kerberos5 (Heimdal) package. |
lib | System libraries. |
libexec | System daemons. |
release | Release building Makefile & associated tools. |
rescue | Build system for statically linked /rescue utilities. |
sbin | System commands. |
secure | Cryptographic libraries and commands. |
share | Shared resources. |
stand | Boot loader sources. |
sys | Kernel sources (see sys/README.md). |
targets | Support for experimental DIRDEPS_BUILD |
tests | Regression tests which can be run by Kyua. See tests/README for additional information. |
tools | Utilities for regression testing and miscellaneous tasks. |
usr.bin | User commands. |
usr.sbin | System administration commands. |
For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see FreeBSD Handbook.