Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 17 May 2019 18:25:54 +0000 (UTC)
From:      "Stephen J. Kiernan" <stevek@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r347941 - head/sys/dev/veriexec
Message-ID:  <201905171825.x4HIPsDJ001967@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: stevek
Date: Fri May 17 18:25:53 2019
New Revision: 347941
URL: https://svnweb.freebsd.org/changeset/base/347941

Log:
  Add command to get version of the ioctl interface for the veriexec device.
  
  Obtained from:	Juniper Networks, Inc.
  MFC after:	1 week

Modified:
  head/sys/dev/veriexec/veriexec_ioctl.h
  head/sys/dev/veriexec/verified_exec.c

Modified: head/sys/dev/veriexec/veriexec_ioctl.h
==============================================================================
--- head/sys/dev/veriexec/veriexec_ioctl.h	Fri May 17 18:16:55 2019	(r347940)
+++ head/sys/dev/veriexec/veriexec_ioctl.h	Fri May 17 18:25:53 2019	(r347941)
@@ -1,7 +1,7 @@
 /*
  * $FreeBSD$
  *
- * Copyright (c) 2011-2013, 2015, Juniper Networks, Inc.
+ * Copyright (c) 2011-2013, 2015, 2019, Juniper Networks, Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -54,6 +54,7 @@ struct verified_exec_params  {
 #define VERIEXEC_DEBUG_OFF 	_IO('S', 0x6)	/* reset debug */
 #define VERIEXEC_GETSTATE 	_IOR('S', 0x7, int) /* get state */
 #define VERIEXEC_SIGNED_LOAD	_IOW('S', 0x8, struct verified_exec_params)
+#define VERIEXEC_GETVERSION	_IOR('S', 0x9, int) /* get version */
 
 #define	_PATH_DEV_VERIEXEC	_PATH_DEV "veriexec"
 

Modified: head/sys/dev/veriexec/verified_exec.c
==============================================================================
--- head/sys/dev/veriexec/verified_exec.c	Fri May 17 18:16:55 2019	(r347940)
+++ head/sys/dev/veriexec/verified_exec.c	Fri May 17 18:25:53 2019	(r347941)
@@ -138,6 +138,16 @@ verifiedexecioctl(struct cdev *dev __unused, u_long cm
 			error = EINVAL;
 		mtx_unlock(&ve_mutex);
 		break;
+	case VERIEXEC_GETVERSION:
+		{
+			int *ip = (int *)data;
+
+			if (ip)
+				*ip = MAC_VERIEXEC_VERSION;
+			else
+				error = EINVAL;
+		}
+		break;
 	case VERIEXEC_LOCK:
 		mtx_lock(&ve_mutex);
 		mac_veriexec_set_state(VERIEXEC_STATE_LOCKED);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201905171825.x4HIPsDJ001967>