From owner-svn-src-head@freebsd.org Thu Aug 8 17:03:31 2019 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0BFD9ABC29; Thu, 8 Aug 2019 17:03:31 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 464F7k6WGcz4ZC9; Thu, 8 Aug 2019 17:03:30 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C0FF3555; Thu, 8 Aug 2019 17:03:30 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x78H3U5B062114; Thu, 8 Aug 2019 17:03:30 GMT (envelope-from mw@FreeBSD.org) Received: (from mw@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x78H3UQW062112; Thu, 8 Aug 2019 17:03:30 GMT (envelope-from mw@FreeBSD.org) Message-Id: <201908081703.x78H3UQW062112@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mw set sender to mw@FreeBSD.org using -f From: Marcin Wojtas Date: Thu, 8 Aug 2019 17:03:30 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r350761 - in head/stand: efi/loader i386/loader X-SVN-Group: head X-SVN-Commit-Author: mw X-SVN-Commit-Paths: in head/stand: efi/loader i386/loader X-SVN-Commit-Revision: 350761 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Aug 2019 17:03:31 -0000 Author: mw Date: Thu Aug 8 17:03:30 2019 New Revision: 350761 URL: https://svnweb.freebsd.org/changeset/base/350761 Log: Verify files loaded in chain command. The chain command can be used to chain load another binary. If veriexec is enabled we should verify it first. Note that on EFI systems the verification was already done through firmware, assuming that Secure Boot was enabled there. Submitted by: Kornel Duleba Reviewed by: sjg MFC after: 1 week Obtained from: Semihalf Differential Revision: https://reviews.freebsd.org/D20952 Modified: head/stand/efi/loader/main.c head/stand/i386/loader/chain.c Modified: head/stand/efi/loader/main.c ============================================================================== --- head/stand/efi/loader/main.c Thu Aug 8 16:54:22 2019 (r350760) +++ head/stand/efi/loader/main.c Thu Aug 8 17:03:30 2019 (r350761) @@ -1440,6 +1440,14 @@ command_chain(int argc, char *argv[]) return (CMD_ERROR); } +#ifdef LOADER_VERIEXEC + if (verify_file(fd, name, 0, VE_MUST) < 0) { + sprintf(command_errbuf, "can't verify: %s", name); + close(fd); + return (CMD_ERROR); + } +#endif + if (fstat(fd, &st) < -1) { command_errmsg = "stat failed"; close(fd); Modified: head/stand/i386/loader/chain.c ============================================================================== --- head/stand/i386/loader/chain.c Thu Aug 8 16:54:22 2019 (r350760) +++ head/stand/i386/loader/chain.c Thu Aug 8 17:03:30 2019 (r350761) @@ -75,6 +75,14 @@ command_chain(int argc, char *argv[]) return (CMD_ERROR); } +#ifdef LOADER_VERIEXEC + if (verify_file(fd, argv[1], 0, VE_MUST) < 0) { + sprintf(command_errbuf, "can't verify: %s", argv[1]); + close(fd); + return (CMD_ERROR); + } +#endif + len = strlen(argv[1]); if (argv[1][len-1] != ':') { if (fstat(fd, &st) == -1) {