Differential D19093 Diff 54574 lib/libsecureboot/verify_file.c

Changeset View

Standalone View

lib/libsecureboot/verify_file.c

Show First 20 Lines • Show All 203 Lines • ▼ Show 20 Lines	for (tp = manifest_names; *tp; tp++) {
DEBUG_PRINTF(5, ("looking for %s\n", buf));		DEBUG_PRINTF(5, ("looking for %s\n", buf));
if (stat(buf, &st) == 0 && st.st_size > 0) {		if (stat(buf, &st) == 0 && st.st_size > 0) {
#ifdef MANIFEST_SKIP_ALWAYS /* very unlikely */		#ifdef MANIFEST_SKIP_ALWAYS /* very unlikely */
skip = MANIFEST_SKIP_ALWAYS;		skip = MANIFEST_SKIP_ALWAYS;
#else		#else
#ifdef MANIFEST_SKIP /* rare */		#ifdef MANIFEST_SKIP /* rare */
if (*tp[0] == '.') {		if (*tp[0] == '.') {
skip = MANIFEST_SKIP;		skip = MANIFEST_SKIP;
} else		} else
		sjgUnsubmitted Not Done Inline Actions skip is const char , not supposed to touch it. sjg:* skip is const char *, not supposed to touch it.
#endif		#endif
		sjgUnsubmitted Not Done Inline Actions This would defeat the point of skip. Perhaps you want a MANIFEST_SKIP_NEVER ? sjg: This would defeat the point of skip. Perhaps you want a MANIFEST_SKIP_NEVER ?
		kdAuthorUnsubmitted Not Done Inline Actions As for the skip, I'm not sure if I understand its purpose and if its working as intended. For example lets say that the manifest is in /boot/manifest and we want to verify /boot/kernel/kernel. This will look for and load /boot/kernel/../manifest. Without these changes the manifest will load with skip="kernel". This will result with only the files in /boot/kernel being found correctly. I can't find a reference to MANIFEST_SKIP_NEVER anywhere in code. kd: As for the skip, I'm not sure if I understand its purpose and if its working as intended. For…
		sjgUnsubmitted Not Done Inline Actions If the manifest is /boot/manifest and the path loaded is /boot/kernel/kernel the manifest entry should generally be kernel/kernel the manifest would be found via ../manifest and skip=kernel is likely correct. skip is badly named - though I've not come up with anything better, because prefix is already used - to identify where the manifest was found. without skip=kernel, the loader is probably going to look for just kernel in the manifest and not find it - skip=kernel causes it to look for kernel/kernel which should be correct given the layout you described. MANIFEST_SKIP_NEVER does not exist (yet) I was positing that you might be wanting something that simply disables the setting of skip regardless skip=NULL is better than skip = '\0' which should produce a compile error. sjg:* If the manifest is /boot/manifest and the path loaded is /boot/kernel/kernel the manifest entry…
skip = NULL;		skip = NULL;
#endif		#endif
rc = load_manifest(buf, skip ? prefix : NULL,		rc = load_manifest(buf, skip ? prefix : NULL,
skip, &st);		skip, &st);
break;		break;
}		}
}		}
free(prefix);		free(prefix);
▲ Show 20 Lines • Show All 119 Lines • ▼ Show 20 Lines	#endif
rc = find_manifest(filename);		rc = find_manifest(filename);
if (rc != VE_FINGERPRINT_WRONG && loaded_manifests) {		if (rc != VE_FINGERPRINT_WRONG && loaded_manifests) {
if (severity <= VE_GUESS)		if (severity <= VE_GUESS)
severity = severity_guess(filename);		severity = severity_guess(filename);
if ((rc = verify_fd(fd, filename, off, &st)) >= 0) {		if ((rc = verify_fd(fd, filename, off, &st)) >= 0) {
if (verbose \|\| severity > VE_WANT) {		if (verbose \|\| severity > VE_WANT) {
#if defined(VE_DEBUG_LEVEL) && VE_DEBUG_LEVEL > 0		#if defined(VE_DEBUG_LEVEL) && VE_DEBUG_LEVEL > 0
printf("Verified %s %llu,%llu\n", filename,		printf("Verified %s %llu,%llu\n", filename,
st.st_dev, st.st_ino);		(long long)st.st_dev, (long long)st.st_ino);
#else		#else
printf("Verified %s\n", filename);		printf("Verified %s\n", filename);
#endif		#endif
}		}
if (severity < VE_MUST) { /* not a kernel or module */		if (severity < VE_MUST) { /* not a kernel or module */

if ((cp = strrchr(filename, '/'))) {		if ((cp = strrchr(filename, '/'))) {
cp++;		cp++;
▲ Show 20 Lines • Show All 64 Lines • Show Last 20 Lines