Page MenuHomeFreeBSD

sjg (Simon Gerraty)
User

Projects

User Details

User Since
Apr 9 2015, 9:27 PM (215 w, 3 d)

Recent Activity

Fri, May 24

sjg committed rS348249: ficl pfopen: verify file.
ficl pfopen: verify file
Fri, May 24, 7:44 PM
sjg closed D20387: ficl pfopen: verify file.
Fri, May 24, 7:44 PM

Thu, May 23

sjg updated the diff for D20387: ficl pfopen: verify file.

stand.h needs to define O_ACCMODE

Thu, May 23, 9:43 PM
sjg added a comment to D20387: ficl pfopen: verify file.

Good point

Thu, May 23, 9:33 PM
sjg updated the diff for D20387: ficl pfopen: verify file.

Use O_ACCMODE

Thu, May 23, 9:33 PM
sjg added reviewers for D20387: ficl pfopen: verify file: mindal_semihalf.com, stevek.
Thu, May 23, 8:15 PM
sjg updated the diff for D20387: ficl pfopen: verify file.

Add ficl.mk

Thu, May 23, 8:14 PM
sjg added a comment to D20373: stand: Add a call to verify_file from ficl..

Ok I never committed my changes to loader.c because I had some other junk in there so it would work with Junos - for testing.
See
https://reviews.freebsd.org/D20387

Thu, May 23, 8:12 PM
sjg created D20387: ficl pfopen: verify file.
Thu, May 23, 8:10 PM
sjg added a comment to D20373: stand: Add a call to verify_file from ficl..

Actually it would be better to call verify_file and THEN consider mode.
If the file is verified writing should not be allowed, if it is not verified reading should not be allowed.

Thu, May 23, 7:53 PM
sjg added inline comments to D20373: stand: Add a call to verify_file from ficl..
Thu, May 23, 7:45 PM

Wed, May 22

sjg committed rS348131: load_key_buf do not free data from dearmor.
load_key_buf do not free data from dearmor
Wed, May 22, 11:23 PM
sjg committed rS348129: libsecureboot: allow control of when pseudo pcr is updated.
libsecureboot: allow control of when pseudo pcr is updated
Wed, May 22, 11:19 PM

Sun, May 19

sjg committed rS347981: libsecureboot: allow control of when pseudo pcr is updated.
libsecureboot: allow control of when pseudo pcr is updated
Sun, May 19, 8:29 PM
sjg closed D20297: libsecureboot: allow control of when pseudo pcr is updated.
Sun, May 19, 8:29 PM
sjg committed rS347980: load_key_buf do not free data from dearmor.
load_key_buf do not free data from dearmor
Sun, May 19, 8:24 PM

Fri, May 17

sjg retitled D20297: libsecureboot: allow control of when pseudo pcr is updated from libsecureboot: allow control of when pseuod pcr is updated to libsecureboot: allow control of when pseudo pcr is updated.
Fri, May 17, 7:24 PM
sjg added reviewers for D20297: libsecureboot: allow control of when pseudo pcr is updated: stevek, mindal_semihalf.com.
Fri, May 17, 7:22 PM
sjg created D20297: libsecureboot: allow control of when pseudo pcr is updated.
Fri, May 17, 7:21 PM
sjg accepted D20295: Support for setting labels via veriexec.

Thanks!

Fri, May 17, 7:16 PM

Thu, May 16

sjg committed rS347759: libsecureboot: make it easier to customize trust anchors.
libsecureboot: make it easier to customize trust anchors
Thu, May 16, 4:15 PM

Thu, May 9

sjg committed rS347408: libsecureboot: make it easier to customize trust anchors.
libsecureboot: make it easier to customize trust anchors
Thu, May 9, 10:25 PM
sjg closed D20208: libsecureboot: make it easier to customize trust anchors.
Thu, May 9, 10:25 PM
sjg added reviewers for D20208: libsecureboot: make it easier to customize trust anchors: mindal_semihalf.com, mw, stevek.
Thu, May 9, 12:58 AM
sjg created D20208: libsecureboot: make it easier to customize trust anchors.
Thu, May 9, 12:56 AM

Tue, Apr 30

sjg committed rS346977: Allow no_hash to appear in manifest..
Allow no_hash to appear in manifest.
Tue, Apr 30, 11:01 PM

Apr 23 2019

sjg committed rS346604: Allow no_hash to appear in manifest..
Allow no_hash to appear in manifest.
Apr 23 2019, 8:25 PM
sjg added reviewers for D20018: Allow no_hash to appear in manifest.: imp, mw, mindal_semihalf.com.
Apr 23 2019, 12:24 AM
sjg created D20018: Allow no_hash to appear in manifest..
Apr 23 2019, 12:22 AM

Apr 20 2019

sjg added a comment to D19962: stand: Don't verify entropy cache file..

I sent mindal a diff earlier, in our manifest source files we have a no_hash token to indicate files which should not be verified.
The change I'm thinking of simply exposes that to loader
sbin/veriexec which feeds hashes to kernel skips files which have no hash/fingerprint,
this is fine for the kernel since if it doesn't verify something the kernel itself doesn't care.
The loader implementation is quite different though, and explicit indication of "do not verify" is potentially useful.
Of course most of the files that might apply to are *.conf and *.hints files which I dealt with implicitly.

Apr 20 2019, 11:25 PM
sjg added a comment to D19962: stand: Don't verify entropy cache file..

Would it be worth adding a means of explicitly marking a file in manifest as not to be verified?

Apr 20 2019, 7:17 PM

Apr 12 2019

sjg committed rS346169: Regenerate src.conf.5 for recent changes..
Regenerate src.conf.5 for recent changes.
Apr 12 2019, 8:35 PM
sjg committed rS346145: Add support for loader veriexec.
Add support for loader veriexec
Apr 12 2019, 1:03 AM

Apr 9 2019

sjg committed rS346070: Always report file with incorrect hash..
Always report file with incorrect hash.
Apr 9 2019, 10:20 PM

Apr 8 2019

sjg committed rS346032: Add _PC_ACL_* to vop_stdpathconf.
Add _PC_ACL_* to vop_stdpathconf
Apr 8 2019, 3:52 PM

Apr 5 2019

sjg committed rS345972: Add _PC_ACL_* to vop_stdpathconf.
Add _PC_ACL_* to vop_stdpathconf
Apr 5 2019, 11:34 PM

Apr 1 2019

sjg accepted D19281: mac_veriexec: Create kernel module to parse manifest based on envs..

Looks better

Apr 1 2019, 4:01 PM

Mar 23 2019

sjg committed rS344564: Add libbearssl.
Add libbearssl
Mar 23 2019, 6:34 PM
sjg closed D16334: Build libbearssl for loader and sbin/veriexec.
Mar 23 2019, 6:34 PM

Mar 11 2019

sjg committed rS345024: Add _PC_ACL_* to vop_stdpathconf.
Add _PC_ACL_* to vop_stdpathconf
Mar 11 2019, 8:41 PM
sjg closed D19512: tmpfs silently ignore pathconf ACL requests.
Mar 11 2019, 8:41 PM
sjg added a comment to D19512: tmpfs silently ignore pathconf ACL requests.

I applied this same patch to stable/11 and while ktace shows that tmpfs no longer returns EINVAL for fpathconf
original ktrace:

Mar 11 2019, 8:30 PM

Mar 9 2019

sjg updated the diff for D19512: tmpfs silently ignore pathconf ACL requests.

Add zfs and nandfs, note zfs_vnops.c:zfs_pathconf is not compatible with this change

Mar 9 2019, 5:18 PM

Mar 8 2019

sjg updated the diff for D19512: tmpfs silently ignore pathconf ACL requests.

per feedback - not sure about zfs though

Mar 8 2019, 11:00 PM
sjg updated the diff for D19512: tmpfs silently ignore pathconf ACL requests.

Like this?

Mar 8 2019, 9:53 PM
sjg added a comment to D19512: tmpfs silently ignore pathconf ACL requests.
In D19512#417662, @kib wrote:
In D19512#417656, @sjg wrote:
In D19512#417632, @kib wrote:

You can remove handling of _PC_ACL_EXTENDED from nfs and zfs client vops.
You can remove any handling of _PC_ACL_EXTENDED and _PC_ACL_NFS4 from UFS wheh not compiled in (i.e. #else cases).

In the case of ufs this would get ugly no? The case would need to be within the #ifdef

No, as I said you drop #else part altogether.

Mar 8 2019, 9:50 PM
sjg removed reviewers for D19512: tmpfs silently ignore pathconf ACL requests: kib, jhb.
In D19512#417632, @kib wrote:

You can remove handling of _PC_ACL_EXTENDED from nfs and zfs client vops.
You can remove any handling of _PC_ACL_EXTENDED and _PC_ACL_NFS4 from UFS wheh not compiled in (i.e. #else cases).

Mar 8 2019, 9:32 PM
sjg updated the diff for D19512: tmpfs silently ignore pathconf ACL requests.

Add more cases

Mar 8 2019, 9:31 PM
sjg updated the diff for D19512: tmpfs silently ignore pathconf ACL requests.

shift to vop_stdpathconf

Mar 8 2019, 8:39 PM
sjg updated the diff for D19512: tmpfs silently ignore pathconf ACL requests.

fix patch skew

Mar 8 2019, 8:11 PM
sjg created D19512: tmpfs silently ignore pathconf ACL requests.
Mar 8 2019, 7:46 PM

Mar 4 2019

sjg added inline comments to D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.
Mar 4 2019, 10:05 PM
sjg committed rS344784: Allow for reproducible build.
Allow for reproducible build
Mar 4 2019, 10:04 PM
sjg closed D19464: Allow for reproducible build.
Mar 4 2019, 10:04 PM
sjg added a reviewer for D19464: Allow for reproducible build: emaste.
Mar 4 2019, 9:48 PM
sjg created D19464: Allow for reproducible build.
Mar 4 2019, 9:48 PM
sjg added inline comments to D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.
Mar 4 2019, 9:09 PM
sjg added inline comments to D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.
Mar 4 2019, 8:47 PM
sjg committed rS344780: Add -d flag to load command.
Add -d flag to load command
Mar 4 2019, 7:51 PM

Mar 3 2019

sjg added inline comments to D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.
Mar 3 2019, 5:02 PM

Mar 2 2019

sjg accepted D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.

One minor nit left

Mar 2 2019, 7:18 PM

Feb 28 2019

sjg added a comment to D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.

Looking better....

Feb 28 2019, 9:02 PM

Feb 26 2019

sjg accepted D16334: Build libbearssl for loader and sbin/veriexec.

this is committed

Feb 26 2019, 7:05 PM
sjg added inline comments to D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.
Feb 26 2019, 6:55 PM
sjg committed rS344568: Enable veriexec for loader.
Enable veriexec for loader
Feb 26 2019, 6:22 AM
sjg closed D16336: Add calls to verify_file to loader..
Feb 26 2019, 6:22 AM
sjg closed D16575: Add verifying loader for mac_veriexec.
Feb 26 2019, 6:17 AM
sjg committed rS344567: Add verifying manifest loader for mac_veriexec.
Add verifying manifest loader for mac_veriexec
Feb 26 2019, 6:17 AM
sjg committed rS344566: Enable build of libbearssl.
Enable build of libbearssl
Feb 26 2019, 6:11 AM
sjg closed D16337: Build options etc for libbearssl and libve.
Feb 26 2019, 6:11 AM
sjg committed rS344565: Add libsecureboot.
Add libsecureboot
Feb 26 2019, 6:09 AM
sjg closed D16335: Build libve for loader and sbin/veriexec.
Feb 26 2019, 6:09 AM

Feb 21 2019

sjg added a reviewer for D19281: mac_veriexec: Create kernel module to parse manifest based on envs.: stevek.
Feb 21 2019, 5:46 PM
sjg added a comment to D19281: mac_veriexec: Create kernel module to parse manifest based on envs..

First off; The changes to verify_file* should really be in a separate file.
Also this should all be guarded by a knob, since in the absence of verifying loader it introduces a new attack vector.
Thus anyone using this should be doing so very deliberately.

Feb 21 2019, 5:33 PM

Feb 13 2019

sjg updated the diff for D16336: Add calls to verify_file to loader..

liblua/Makefile -I

Feb 13 2019, 5:03 PM
sjg updated the diff for D16336: Add calls to verify_file to loader..

liblua/Makefile

Feb 13 2019, 4:14 PM
sjg updated the diff for D16336: Add calls to verify_file to loader..

Hook lua fopen

Feb 13 2019, 12:05 AM

Feb 12 2019

sjg updated the diff for D16335: Build libve for loader and sbin/veriexec.

Only pass prefix to load_manifest if skip!=NULL

Feb 12 2019, 9:23 PM

Feb 11 2019

sjg updated the diff for D16335: Build libve for loader and sbin/veriexec.

Trim trailing ../ from prefix

Feb 11 2019, 10:47 PM

Feb 8 2019

sjg added inline comments to D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.
Feb 8 2019, 12:56 AM

Feb 6 2019

sjg added inline comments to D19093: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation.
Feb 6 2019, 8:34 PM

Jan 22 2019

sjg updated the diff for D16575: Add verifying loader for mac_veriexec.

Use libsecureboot

Jan 22 2019, 11:51 PM

Jan 21 2019

sjg committed rS343283: Done with initial BearSSL import.
Done with initial BearSSL import
Jan 21 2019, 8:25 PM
sjg committed rS343282: tag bearssl-6433cc2.
tag bearssl-6433cc2
Jan 21 2019, 8:24 PM
sjg committed rS343281: Import bearssl-6433cc2.
Import bearssl-6433cc2
Jan 21 2019, 8:24 PM
sjg committed rS343279: For initial BearSSL import.
For initial BearSSL import
Jan 21 2019, 8:23 PM
sjg committed rS343277: bearssl for importing BearSSL.
bearssl for importing BearSSL
Jan 21 2019, 8:02 PM

Jan 16 2019

sjg updated the diff for D16335: Build libve for loader and sbin/veriexec.

Rename libve to libsecureboot

Jan 16 2019, 11:49 PM
sjg updated the diff for D16337: Build options etc for libbearssl and libve.

Fix src.libnames.mk

Jan 16 2019, 11:49 PM
sjg added inline comments to D16337: Build options etc for libbearssl and libve.
Jan 16 2019, 11:34 PM
sjg added inline comments to D16335: Build libve for loader and sbin/veriexec.
Jan 16 2019, 11:30 PM
sjg added inline comments to D16337: Build options etc for libbearssl and libve.
Jan 16 2019, 11:25 PM
sjg updated the diff for D16334: Build libbearssl for loader and sbin/veriexec.

Move some i62 methods to Makefile.libsa.inc

Jan 16 2019, 5:38 PM

Jan 15 2019

sjg committed rS343067: Fix STAGE_DIR.* to handle indirect *DIR variables..
Fix STAGE_DIR.* to handle indirect *DIR variables.
Jan 15 2019, 11:38 PM
sjg closed D18847: Fix STAGE_DIR.* setting inline with recent changes..
Jan 15 2019, 11:38 PM
sjg committed rS343066: Use .undef per variable.
Use .undef per variable
Jan 15 2019, 11:36 PM
sjg closed D17251: Use .undef per variable.
Jan 15 2019, 11:36 PM
sjg updated the diff for D16336: Add calls to verify_file to loader..

Update per feedback

Jan 15 2019, 10:23 PM
sjg added a reviewer for D18847: Fix STAGE_DIR.* setting inline with recent changes.: bdrewery.
Jan 15 2019, 10:18 PM
sjg created D18847: Fix STAGE_DIR.* setting inline with recent changes..
Jan 15 2019, 10:17 PM