Date: Thu, 25 Jul 2019 00:07:10 +0000 (UTC) From: "Simon J. Gerraty" <sjg@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r350312 - stable/12/stand/common Message-ID: <201907250007.x6P07Aub074876@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sjg Date: Thu Jul 25 00:07:10 2019 New Revision: 350312 URL: https://svnweb.freebsd.org/changeset/base/350312 Log: loader: ignore some variable settings if input unverified libsecureboot can tell us if the most recent file opened was verfied or not. If it's state is VE_UNVERIFIED_OK, skip if variable matches one of the restricted prefixes. MFC of r350099 Reviewed by: stevek Sponsored by: Juniper Networks Differential Revision: https://reviews.freebsd.org//D20909 Modified: stable/12/stand/common/commands.c Modified: stable/12/stand/common/commands.c ============================================================================== --- stable/12/stand/common/commands.c Wed Jul 24 23:08:49 2019 (r350311) +++ stable/12/stand/common/commands.c Thu Jul 25 00:07:10 2019 (r350312) @@ -304,6 +304,36 @@ command_set(int argc, char *argv[]) command_errmsg = "wrong number of arguments"; return (CMD_ERROR); } else { +#ifdef LOADER_VERIEXEC + /* + * Impose restrictions if input is not verified + */ + const char *restricted[] = { + "boot", + "init", + "loader.ve.", + "rootfs", + "secur", + "vfs.", + NULL, + }; + const char **cp; + int ves; + + ves = ve_status_get(-1); + if (ves == VE_UNVERIFIED_OK) { +#ifdef LOADER_VERIEXEC_TESTING + printf("Checking: %s\n", argv[1]); +#endif + for (cp = restricted; *cp; cp++) { + if (strncmp(argv[1], *cp, strlen(*cp)) == 0) { + printf("Ignoring restricted variable: %s\n", + argv[1]); + return (CMD_OK); + } + } + } +#endif if ((err = putenv(argv[1])) != 0) { command_errmsg = strerror(err); return (CMD_ERROR);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201907250007.x6P07Aub074876>