Page MenuHomeFreeBSD
Differential D20297 Diff 57568 head/lib/libsecureboot/verify_file.c

Changeset View

Standalone View

View Options

head/lib/libsecureboot/verify_file.c

Show First 20 LinesShow All 334 Lines▼ Show 20 Lines#endif
if (rc != VE_NOT_CHECKED) { if (rc != VE_NOT_CHECKED) {
ve_status_set(fd, rc); ve_status_set(fd, rc);
return (rc); return (rc);
} }
rc = find_manifest(filename); rc = find_manifest(filename);
if (rc != VE_FINGERPRINT_WRONG && loaded_manifests) { if (rc != VE_FINGERPRINT_WRONG && loaded_manifests) {
if (severity <= VE_GUESS) if (severity <= VE_GUESS)
severity = severity_guess(filename); severity = severity_guess(filename);
#ifdef VE_PCR_SUPPORT
/*
* Only update pcr with things that must verify
* these tend to be processed in a more deterministic
* order, which makes our pseudo pcr more useful.
*/
ve_pcr_updating_set((severity == VE_MUST));
#endif
if ((rc = verify_fd(fd, filename, off, &st)) >= 0) { if ((rc = verify_fd(fd, filename, off, &st)) >= 0) {
if (verbose || severity > VE_WANT) { if (verbose || severity > VE_WANT) {
#if defined(VE_DEBUG_LEVEL) && VE_DEBUG_LEVEL > 0 #if defined(VE_DEBUG_LEVEL) && VE_DEBUG_LEVEL > 0
printf("%serified %s %llu,%llu\n", printf("%serified %s %llu,%llu\n",
(rc == VE_FINGERPRINT_IGNORE) ? "Unv" : "V", (rc == VE_FINGERPRINT_IGNORE) ? "Unv" : "V",
filename, filename,
(long long)st.st_dev, (long long)st.st_ino); (long long)st.st_dev, (long long)st.st_ino);
#else #else
▲ Show 20 LinesShow All 73 LinesShow Last 20 Lines