Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

finally do things properly. veriexec_report() takes flags, not three ints.

Browse Source
This commit is contained in:
elad 2006-07-24 21:15:05 +00:00
parent a640310a53
commit 32e391d158
4 changed files with 30 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sys/dev/verified_exec.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: verified_exec.c,v 1.39 2006/07/21 16:48:48 ad Exp $ */
/* $NetBSD: verified_exec.c,v 1.40 2006/07/24 21:15:05 elad Exp $ */
/*-
* Copyright 2005 Elad Efrat <elad@NetBSD.org>
@ -31,9 +31,9 @@
#include <sys/cdefs.h>
#if defined(__NetBSD__)
__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.39 2006/07/21 16:48:48 ad Exp $");
__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.40 2006/07/24 21:15:05 elad Exp $");
#else
__RCSID("$Id: verified_exec.c,v 1.39 2006/07/21 16:48:48 ad Exp $\n$NetBSD: verified_exec.c,v 1.39 2006/07/21 16:48:48 ad Exp $");
__RCSID("$Id: verified_exec.c,v 1.40 2006/07/24 21:15:05 elad Exp $\n$NetBSD: verified_exec.c,v 1.40 2006/07/24 21:15:05 elad Exp $");
#endif
#include <sys/param.h>
@ -338,9 +338,7 @@ veriexec_load(struct veriexec_params *params, struct lwp *l)
e->fp = malloc(e->ops->hash_len, M_TEMP, M_WAITOK);
memcpy(e->fp, params->fingerprint, e->ops->hash_len);
veriexec_report("New entry.", params->file, NULL,
REPORT_VERBOSE_HIGH, REPORT_NOALARM, REPORT_NOPANIC);
veriexec_report("New entry.", params->file, NULL, REPORT_DEBUG);
error = veriexec_hashadd(nid.ni_vp, e);

36
sys/kern/kern_verifiedexec.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_verifiedexec.c,v 1.61 2006/07/24 16:37:28 elad Exp $ */
/* $NetBSD: kern_verifiedexec.c,v 1.62 2006/07/24 21:15:05 elad Exp $ */
/*-
* Copyright 2005 Elad Efrat <elad@NetBSD.org>
@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.61 2006/07/24 16:37:28 elad Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.62 2006/07/24 21:15:05 elad Exp $");
#include "opt_veriexec.h"
@ -421,8 +421,7 @@ veriexec_verify(struct lwp *l, struct vnode *vp, const u_char *name, int flag,
error = veriexec_fp_calc(l, vp, vfe, digest);
if (error) {
veriexec_report("Fingerprint calculation error.",
name, NULL, REPORT_NOVERBOSE,
REPORT_NOALARM, REPORT_NOPANIC);
name, NULL, REPORT_ALWAYS);
free(digest, M_TEMP);
return (error);
}
@ -439,8 +438,7 @@ veriexec_verify(struct lwp *l, struct vnode *vp, const u_char *name, int flag,
if (!(vfe->type & flag)) {
veriexec_report("Incorrect access type.", name, l,
REPORT_NOVERBOSE, REPORT_ALARM,
REPORT_NOPANIC);
REPORT_ALWAYS|REPORT_ALARM);
/* IPS mode: Enforce access type. */
if (veriexec_strict >= 2)
@ -451,7 +449,7 @@ veriexec_verify(struct lwp *l, struct vnode *vp, const u_char *name, int flag,
/* No entry in the veriexec tables. */
if (vfe == NULL) {
veriexec_report("veriexec_verify: No entry.", name,
l, REPORT_VERBOSE, REPORT_NOALARM, REPORT_NOPANIC);
l, REPORT_VERBOSE);
/* Lockdown mode: Deny access to non-monitored files if
* strict is 3 or higher, make an exception for executables
@ -470,19 +468,19 @@ veriexec_verify(struct lwp *l, struct vnode *vp, const u_char *name, int flag,
/* Should not happen. */
veriexec_report("veriexec_verify: Not-evaluated status "
"post evaluation; inconsistency detected.", name,
NULL, REPORT_NOVERBOSE, REPORT_NOALARM, REPORT_PANIC);
NULL, REPORT_ALWAYS|REPORT_PANIC);
case FINGERPRINT_VALID:
/* Valid fingerprint. */
veriexec_report("veriexec_verify: Match.", name, NULL,
REPORT_VERBOSE, REPORT_NOALARM, REPORT_NOPANIC);
REPORT_VERBOSE);
break;
case FINGERPRINT_NOMATCH:
/* Fingerprint mismatch. */
veriexec_report("veriexec_verify: Mismatch.", name,
NULL, REPORT_NOVERBOSE, REPORT_ALARM, REPORT_NOPANIC);
NULL, REPORT_ALWAYS|REPORT_ALARM);
/* IDS mode: Deny access on fingerprint mismatch. */
if (veriexec_strict >= 1)
@ -493,8 +491,7 @@ veriexec_verify(struct lwp *l, struct vnode *vp, const u_char *name, int flag,
default:
/* Should never happen. */
veriexec_report("veriexec_verify: Invalid status "
"post evaluation.", name, NULL, REPORT_NOVERBOSE,
REPORT_NOALARM, REPORT_PANIC);
"post evaluation.", name, NULL, REPORT_ALWAYS|REPORT_PANIC);
}
return (error);
@ -548,8 +545,7 @@ veriexec_page_verify(struct veriexec_file_entry *vfe, struct vm_page *pg,
error = 0;
}
veriexec_report(msg, "[page_in]", l, REPORT_NOVERBOSE,
REPORT_ALARM, REPORT_NOPANIC);
veriexec_report(msg, "[page_in]", l, REPORT_ALWAYS|REPORT_ALARM);
if (error) {
ksiginfo_t ksi;
@ -588,8 +584,7 @@ veriexec_removechk(struct lwp *l, struct vnode *vp, const char *pathbuf)
return (0);
}
veriexec_report("Remove request.", pathbuf, l,
REPORT_NOVERBOSE, REPORT_ALARM, REPORT_NOPANIC);
veriexec_report("Remove request.", pathbuf, l, REPORT_ALWAYS|REPORT_ALARM);
/* IDS mode: Deny removal of monitored files. */
if (veriexec_strict >= 1)
@ -658,14 +653,13 @@ veriexec_renamechk(struct vnode *vp, struct vnode *tvp, const char *from,
* 'die' - if 1, the system will panic.
*/
void
veriexec_report(const u_char *msg, const u_char *filename,
struct lwp *l, int verbose, int alarm, int die)
veriexec_report(const u_char *msg, const u_char *filename, struct lwp *l, int f)
{
if (msg == NULL || filename == NULL)
return;
if (!verbose || (verbose <= veriexec_verbose)) {
if (!alarm || l == NULL)
if (((f & REPORT_LOGMASK) >> 1) <= veriexec_verbose) {
if ((f & REPORT_ALARM) || l == NULL)
log(LOG_NOTICE, "Veriexec: %s [%s]\n", msg,
filename);
else
@ -675,7 +669,7 @@ veriexec_report(const u_char *msg, const u_char *filename,
kauth_cred_getgid(l->l_cred));
}
if (die)
if (f & REPORT_PANIC)
panic("Veriexec: Unrecoverable error.");
}

7
sys/kern/vfs_vnops.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_vnops.c,v 1.118 2006/07/24 16:37:28 elad Exp $ */
/* $NetBSD: vfs_vnops.c,v 1.119 2006/07/24 21:15:05 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.118 2006/07/24 16:37:28 elad Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.119 2006/07/24 21:15:05 elad Exp $");
#include "fs_union.h"
#include "veriexec.h"
@ -223,8 +223,7 @@ restart:
#if NVERIEXEC > 0
if (vfe != NULL) {
veriexec_report("Write access request.",
pathbuf, l, REPORT_NOVERBOSE,
REPORT_ALARM, REPORT_NOPANIC);
pathbuf, l, REPORT_ALWAYS|REPORT_ALARM);
/* IPS mode: Deny writing to monitored files. */
if (veriexec_strict >= 2) {

18
sys/sys/verified_exec.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: verified_exec.h,v 1.33 2006/07/19 12:44:11 blymn Exp $ */
/* $NetBSD: verified_exec.h,v 1.34 2006/07/24 21:15:05 elad Exp $ */
/*-
* Copyright 2005 Elad Efrat <elad@NetBSD.org>
@ -152,13 +152,12 @@ struct veriexec_table_entry {
};
/* Readable values for veriexec_report(). */
#define REPORT_NOVERBOSE 0 /* Always print */
#define REPORT_VERBOSE 1 /* Print when verbose >= 1 */
#define REPORT_VERBOSE_HIGH 2 /* Print when verbose >= 2 (debug) */
#define REPORT_NOPANIC 0 /* Normal report */
#define REPORT_PANIC 1 /* Use panic() */
#define REPORT_NOALARM 0 /* Normal report */
#define REPORT_ALARM 1 /* Alarm - also print pid/uid/.. */
#define REPORT_ALWAYS 0x01 /* Always print */
#define REPORT_VERBOSE 0x02 /* Print when verbose >= 1 */
#define REPORT_DEBUG 0x04 /* Print when verbose >= 2 (debug) */
#define REPORT_PANIC 0x08 /* Call panic() */
#define REPORT_ALARM 0x10 /* Alarm - also print pid/uid/.. */
#define REPORT_LOGMASK (REPORT_ALWAYS|REPORT_VERBOSE|REPORT_DEBUG)
/* Initialize a fingerprint ops struct. */
#define VERIEXEC_OPINIT(ops, fp_type, hashlen, ctx_size, init_fn, \
@ -189,8 +188,7 @@ int veriexec_removechk(struct lwp *, struct vnode *, const char *);
int veriexec_renamechk(struct vnode *, struct vnode *, const char *,
const char *, struct lwp *);
void veriexec_init_fp_ops(void);
void veriexec_report(const u_char *, const u_char *,
struct lwp *, int, int, int);
void veriexec_report(const u_char *, const u_char *, struct lwp *, int);
int veriexec_newtable(struct veriexec_sizing_params *, struct lwp *);
int veriexec_load(struct veriexec_params *, struct lwp *);
int veriexec_delete(struct veriexec_delete_params *, struct lwp *);