Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sbin Added fingerprint loader tool for verified exec.
details: https://anonhg.NetBSD.org/src/rev/cdea710d2a65
branches: trunk
changeset: 538764:cdea710d2a65
user: blymn <blymn%NetBSD.org@localhost>
date: Tue Oct 29 13:58:01 2002 +0000
description:
Added fingerprint loader tool for verified exec.
diffstat:
sbin/Makefile | 4 +-
sbin/verifiedexec_load/Makefile | 11 ++
sbin/verifiedexec_load/verifiedexec_conf.l | 52 +++++++++
sbin/verifiedexec_load/verifiedexec_load.8 | 95 ++++++++++++++++++
sbin/verifiedexec_load/verifiedexec_load.c | 62 +++++++++++
sbin/verifiedexec_load/verifiedexec_parse.h | 8 +
sbin/verifiedexec_load/verifiedexec_parse.y | 147 ++++++++++++++++++++++++++++
7 files changed, 377 insertions(+), 2 deletions(-)
diffs (truncated from 417 to 300 lines):
diff -r 0df7e7bc97f0 -r cdea710d2a65 sbin/Makefile
--- a/sbin/Makefile Tue Oct 29 13:50:11 2002 +0000
+++ b/sbin/Makefile Tue Oct 29 13:58:01 2002 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.78 2002/10/04 18:41:48 elric Exp $
+# $NetBSD: Makefile,v 1.79 2002/10/29 13:58:01 blymn Exp $
# @(#)Makefile 8.5 (Berkeley) 3/31/94
# Not ported: XNSrouted enpload scsiformat startslip
@@ -9,7 +9,7 @@
lmcctl mbrlabel mknod modload modunload mount newbtconf nologin \
pdisk ping pppoectl raidctl reboot rcorder rndctl route routed \
savecore scsictl shutdown slattach swapctl sysctl ttyflags umount \
- wdogctl wsconsctl
+ verifiedexec_load wdogctl wsconsctl
# support for various file systems
SUBDIR+= fsck_ext2fs
diff -r 0df7e7bc97f0 -r cdea710d2a65 sbin/verifiedexec_load/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sbin/verifiedexec_load/Makefile Tue Oct 29 13:58:01 2002 +0000
@@ -0,0 +1,11 @@
+PROG = verifiedexec_load
+MAN = verifiedexec_load.8
+SRCS = verifiedexec_parse.y verifiedexec_conf.l verifiedexec_load.c
+
+CFLAGS += -g
+LDADD = -ll -static
+YFLAGS += -d
+LDFLAGS += -g
+CLEANFILES = *.o *~ y.tab.h
+
+.include <bsd.prog.mk>
diff -r 0df7e7bc97f0 -r cdea710d2a65 sbin/verifiedexec_load/verifiedexec_conf.l
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sbin/verifiedexec_load/verifiedexec_conf.l Tue Oct 29 13:58:01 2002 +0000
@@ -0,0 +1,52 @@
+%{
+/*
+ * Configuration file lexer for Verified exec
+ *
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "verifiedexec_parse.h"
+
+int lineno = 1;
+
+void yyerror(const char *message);
+void warning(const char *message);
+int yylex __P((void));
+
+%}
+
+%%
+
+path { return PATH; }
+string { return STRING; }
+eol { return EOL; }
+
+\/[^ ]+ {
+ yylval.string = strdup(yytext);
+ return PATH;
+}
+
+[0-9a-zA-Z]+ {
+ yylval.string = strdup(yytext);
+ return STRING;
+}
+
+\n {
+ lineno++; /* for error reporting */
+ return EOL;
+}
+
+[ \t\r] ; /* eat white ones */
+
+#.* ; /* comment */
+
+. yyerror("invalid character");
+
+%%
+
+void yyerror(const char *string)
+{
+ fprintf(stderr, "%d: %s at %s\n", lineno, string, yytext);
+}
diff -r 0df7e7bc97f0 -r cdea710d2a65 sbin/verifiedexec_load/verifiedexec_load.8
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sbin/verifiedexec_load/verifiedexec_load.8 Tue Oct 29 13:58:01 2002 +0000
@@ -0,0 +1,95 @@
+.\" Copyright (c) 1999
+.\" Brett Lymn - blymn%baea.com.au@localhost, brett_lymn%yahoo.com.au@localhost
+.\"
+.\" This code is donated to The NetBSD Foundation by the author.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. The name of the Author may not be used to endorse or promote
+.\" products derived from this software without specific prior written
+.\" permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id: verifiedexec_load.8,v 1.1 2002/10/29 13:58:02 blymn Exp $
+.\"
+.Dd January, 2000
+.Dt VERIFIEDEXEC_LOAD 8
+.Os BSD 4
+.Sh NAME
+.Nm verifiedexec_load
+.Nd load verified exec fingerprints
+.Sh SYNOPSIS
+.Nm
+.Ar fingerprints
+.Sh DESCRIPTION
+The
+.Nm
+command loads the in kernel fingerprint table from the fingerprints
+given in the
+.Ar fingerprints
+file.
+Once loaded the kernel can then validate executed programs
+or files against the loaded fingerprints and report when fingerprints
+do not match.
+.Pp
+The
+.Ar fingerprints
+file contains lines of fields separated by one or more whitespace
+characters of the form:
+.Pp
+path fingerprint type options
+.Pp
+Where path is the full path to the executable, fingerprint is a
+hexadecimal representation of the fingerprint for the executable.
+Type is the type of fingerprint used, currently this may be either
+md5 or sha1, other fingerprints may be available depending on kernel
+support.
+Options are the associated options for the executable.
+Currently
+there are two valid options:
+.Pp
+.Bl -tag -width INDIRECT -compact
+.It Pa INDIRECT
+if this option is set then the executable cannot be invoked directly, it
+can only be used as an interpreter in shell scripts.
+.It Pa FILE
+indicates that the fingerprint is associated with a file not an
+executable. Files have their fingerprints verified during
+.Xr open 2
+and are automatically made read only.
+.El
+
+ There must be only one
+executable/fingerprint pair per line. Comments are indicated by the
+first character of a line being a `#' character.
+.Pp
+.Sh FILES
+.Bl -tag -width /dev/verifiedexec -compact
+.It Pa /dev/verifiedexec
+verified executable device node
+.El
+.Sh HISTORY
+.Nm
+first appeared in NetBSD 1.7
+.Sh NOTES
+.Nm
+requires the kernel to have been configured with the VERIFIED_EXEC
+option and verifiedexec pseudo-device.
+
diff -r 0df7e7bc97f0 -r cdea710d2a65 sbin/verifiedexec_load/verifiedexec_load.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sbin/verifiedexec_load/verifiedexec_load.c Tue Oct 29 13:58:01 2002 +0000
@@ -0,0 +1,62 @@
+/* $NetBSD: verifiedexec_load.c,v 1.1 2002/10/29 13:58:02 blymn Exp $ */
+
+/*-
+ * Copyright (c) 1998-1999 Brett Lymn
+ * (blymn%baea.com.au@localhost, brett_lymn%yahoo.com.au@localhost)
+ * All rights reserved.
+ *
+ * This code has been donated to The NetBSD Foundation by the Author.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author may not be used to endorse or promote products
+ * derived from this software withough specific prior written permission
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ *
+ */
+
+
+#include <stdio.h>
+#include <fcntl.h>
+
+/* globals */
+int fd;
+extern FILE *yyin;
+int yyparse(void);
+
+int
+main(int argc, char *argv[])
+{
+ if (argv[1] == NULL) {
+ fprintf(stderr, "Usage: verifiedexec_load signature_file\n");
+ exit(1);
+ }
+
+ fd = open("/dev/veriexec", O_WRONLY, 0);
+ if (fd < 0) {
+ fprintf(stderr, "Dev open failed\n");
+ exit(1);
+ }
+
+ if ((yyin = fopen(argv[1], "r")) == NULL) {
+ fprintf(stderr, "Input file open failed\n");
+ exit(1);
+ }
+
+ yyparse();
+ exit(0);
+}
diff -r 0df7e7bc97f0 -r cdea710d2a65 sbin/verifiedexec_load/verifiedexec_parse.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sbin/verifiedexec_load/verifiedexec_parse.h Tue Oct 29 13:58:01 2002 +0000
@@ -0,0 +1,8 @@
+#define EOL 257
+#define PATH 258
+#define STRING 259
+typedef union {
+ char *string;
+ int intval;
+} YYSTYPE;
+extern YYSTYPE yylval;
diff -r 0df7e7bc97f0 -r cdea710d2a65 sbin/verifiedexec_load/verifiedexec_parse.y
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sbin/verifiedexec_load/verifiedexec_parse.y Tue Oct 29 13:58:01 2002 +0000
@@ -0,0 +1,147 @@
+%{
+/*
+ * Parser for signed exec fingerprint file.
+ *
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <sys/ioctl.h>
+#include <sys/verified_exec.h>
+
+/* yacc internal function */
+static int yygrowstack __P((void));
+int yylex __P((void));
+void yyerror __P((const char *));
+
+/* function prototypes */
+static int
+convert(char *fp, unsigned int count, unsigned char *out);
+
+/* ioctl parameter struct */
+struct verified_exec_params params;
+extern int fd;
+extern int lineno;
+
+%}
+
+%union {
Home |
Main Index |
Thread Index |
Old Index