ficl pfopen: verify file

If the file is verified - do not allow write
otherwise do not allow read.

Add O_ACCMODE to stand.h

Reviewed by:	stevek, mindal_semihalf.com
MFC after:	3 days
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D20387
This commit is contained in:
Simon J. Gerraty 2019-05-24 19:43:38 +00:00
parent d3f78f00db
commit 2ef9ff7dd3
3 changed files with 22 additions and 0 deletions

View File

@ -16,3 +16,7 @@ CFLAGS+= -fPIC
CFLAGS+= -I${FICLSRC} -I${FICLSRC}/${FICL_CPUARCH} -I${LDRSRC}
CFLAGS+= -DBF_DICTSIZE=15000
.if ${MK_LOADER_VERIEXEC} != "no"
CFLAGS+= -DLOADER_VERIEXEC -I${SRCTOP}/lib/libsecureboot/h
.endif

View File

@ -502,6 +502,23 @@ static void pfopen(FICL_VM *pVM)
/* open the file */
fd = open(name, mode);
#ifdef LOADER_VERIEXEC
if (fd >= 0) {
if (verify_file(fd, name, 0, VE_GUESS) < 0) {
/* not verified writing ok but reading is not */
if ((mode & O_ACCMODE) != O_WRONLY) {
close(fd);
fd = -1;
}
} else {
/* verified reading ok but writing is not */
if ((mode & O_ACCMODE) != O_RDONLY) {
close(fd);
fd = -1;
}
}
}
#endif
free(name);
stackPushINT(pVM->pStack, fd);
return;

View File

@ -286,6 +286,7 @@ extern int open(const char *, int);
#define O_RDONLY 0x0
#define O_WRONLY 0x1
#define O_RDWR 0x2
#define O_ACCMODE 0x3
/* NOT IMPLEMENTED */
#define O_CREAT 0x0200 /* create if nonexistent */
#define O_TRUNC 0x0400 /* truncate to zero length */