Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Put back the changes made by Wiz

This commit is contained in:
blymn 2005-04-24 13:16:26 +00:00
parent 05e15c389d
commit 97b6046c76
1 changed files with 21 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
share/man/man4/veriexec.4
View File

@ -1,4 +1,4 @@
.\" $NetBSD: veriexec.4,v 1.4 2005/04/24 13:09:48 blymn Exp $ .\" $NetBSD: veriexec.4,v 1.5 2005/04/24 13:16:26 blymn Exp $
.\" .\"
.\" Copyright 2005 Elad Efrat <elad@bsd.org.il> .\" Copyright 2005 Elad Efrat <elad@bsd.org.il>
.\" Copyright 2005 Brett Lymn <blymn@netbsd.org> .\" Copyright 2005 Brett Lymn <blymn@netbsd.org>
@ -26,7 +26,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE. .\" SUCH DAMAGE.
.\" .\"
.\" $Id: veriexec.4,v 1.4 2005/04/24 13:09:48 blymn Exp $ .\" $Id: veriexec.4,v 1.5 2005/04/24 13:16:26 blymn Exp $
.\" .\"
.Dd March 24, 2005 .Dd March 24, 2005
.Dt VERIEXEC 4 .Dt VERIEXEC 4
@ -39,38 +39,35 @@
The The
.Nm .Nm
pseudo-device is used to interface the kernel's Veriexec data-structures. pseudo-device is used to interface the kernel's Veriexec data-structures.
It is used to size the kernel data structures, load the veriexec It is used to size the kernel data structures, load the Veriexec
fingerprints into kernel memory and report the fingerprint methods fingerprints into kernel memory and report the fingerprint methods
supported by the currently running kernel. supported by the currently running kernel.
.Pp
.Ss Veriexec file operations .Ss Veriexec file operations
All the following operations are invoked using the All the following operations are invoked using the
.Xr ioctl 2 .Xr ioctl 2
system call. system call.
Refer to that man page for the description of Refer to that man page for the description of the
.Em request .Em request
and and
.Em argp .Em argp
parameters. parameters.
The following section lists the requests that can be made via The following section lists the requests that can be made via
.Xr ioctl 2 . .Xr ioctl 2 .
.Pp
.Ss Veriexec file request descriptions .Ss Veriexec file request descriptions
.Pp
.Bl -tag -width VERIEXEC_FINGERPRINTS .Bl -tag -width VERIEXEC_FINGERPRINTS
.It Dv VERIEXEC_TABLESIZE Fa struct veriexec_sizing_params .It Dv VERIEXEC_TABLESIZE Fa struct veriexec_sizing_params
Sizes the in kernel hash tables to accommodate the fingerprint entries. Sizes the in kernel hash tables to accommodate the fingerprint entries.
This request must be made prior to loading the fingerprints into the This request must be made prior to loading the fingerprints into the
kernel. kernel.
The argument structure contains the device the hash table relates to The argument structure contains the device to which the hash table relates
and the number of fingerprint entries that will be loaded into the and the number of fingerprint entries that will be loaded into the
kernel for the device. kernel for the device.
.It Dv VERIEXEC_LOAD Fa struct veriexec_params .It Dv VERIEXEC_LOAD Fa struct veriexec_params
Inserts a fingerprint into the in kernel tables, these tables must have Inserts a fingerprint into the in-kernel tables.
been previously sized using the These tables must have been previously sized using the
.Dv VERIEXEC_TABLESIZE .Dv VERIEXEC_TABLESIZE
request. request.
The argument structure defined in The argument structure is, as defined in
.Pa /usr/include/sys/verified_exec.h : .Pa /usr/include/sys/verified_exec.h :
.Bd -literal .Bd -literal
struct veriexec_params { struct veriexec_params {
@ -82,7 +79,7 @@ struct veriexec_params {
}; };
.Ed .Ed
.Pp .Pp
Where type contains the type of access allowed which may be one of: Where type contains the type of access allowed, which may be one of:
.Bl -tag -width VERIEXEC_INDIRECT .Bl -tag -width VERIEXEC_INDIRECT
.It Dv VERIEXEC_DIRECT .It Dv VERIEXEC_DIRECT
Allow execution of the file if fingerprint matches. Allow execution of the file if fingerprint matches.
@ -93,10 +90,10 @@ line invocation is disallowed.
The file is a plain file, not an executable. The file is a plain file, not an executable.
.El .El
.Pp .Pp
Followed by fp_type which is the fingerprint type. Followed by fp_type, which is the fingerprint type.
This is a case insensitive character string that must match one of This is a case-insensitive character string that must match one of
the fingerprint types supported by the running kernel. the fingerprint types supported by the running kernel.
Next the path to the file the fingerprint applies to. Next the path to the file to which the fingerprint applies.
The field size is the number of bytes contained in the The field size is the number of bytes contained in the
fingerprint, this is used by the kernel to provide a simple sanity check fingerprint, this is used by the kernel to provide a simple sanity check
on the fingerprint passed. on the fingerprint passed.
@ -107,12 +104,13 @@ Copies a string that contains the fingerprint methods supported by the
kernel into the buffer pointed to in the argument structure. kernel into the buffer pointed to in the argument structure.
The argument structure also contains the size of the storage that has The argument structure also contains the size of the storage that has
been allocated by the caller to hold the string. been allocated by the caller to hold the string.
If the size of the storage is insufficient to hold the entire string If the size of the storage is insufficient to hold the entire string,
then the string will not be copied into the buffer by the kernel, instead then the string will not be copied into the buffer by the kernel; instead
the size field will be updated with the amount of storage required to hold the size field will be updated with the amount of storage required to hold
the fingerprint string. the fingerprint string.
After performing this request the caller must check the size field in the After performing this request the caller must check the size field in the
argument structure, if this field differs from what was set prior to the argument structure.
If this field differs from what was set prior to the
request then the caller should reallocate the storage with the updated size request then the caller should reallocate the storage with the updated size
and perform the request again. and perform the request again.
.El .El
@ -127,16 +125,16 @@ by setting
using using
.Xr sysctl 8 . .Xr sysctl 8 .
.Sh SEE ALSO .Sh SEE ALSO
.Xr sysctl 8 ,
.Xr veriexecctl 8 .Xr veriexecctl 8
.Xr sysctl 8
.Sh NOTES .Sh NOTES
The size field in the The size field in the
.Dv VERIEXEC_LOAD .Dv VERIEXEC_LOAD
structure is only used to validate the size of the fingerprint being structure is only used to validate that the size of the fingerprint being
passed is the expected size for that fingerprint hash type, it is not used passed is the expected size for that fingerprint hash type; it is not used
for any other purpose. for any other purpose.
A malicious person could deliberately mismatch the size of the fingerprint A malicious person could deliberately mismatch the size of the fingerprint
array and, possibly, cause a kernel page fault panic when the kernel array and, possibly, cause a kernel page fault panic when the kernel
reads the input fingerprint array memory. reads the input fingerprint array memory.
Due to this, it is recommended only the root user be allowed to access to Due to this, it is recommended only the root user be allowed to access
this device. this device.