| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: verified_exec.h,v 1.58 2010/11/19 06:44:34 dholland Exp $ */ | | 1 | /* $NetBSD: verified_exec.h,v 1.59 2018/12/24 16:04:14 maxv Exp $ */ |
2 | | | 2 | |
3 | /*- | | 3 | /*- |
4 | * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org> | | 4 | * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org> |
5 | * Copyright (c) 2005, 2006 Brett Lymn <blymn@NetBSD.org> | | 5 | * Copyright (c) 2005, 2006 Brett Lymn <blymn@NetBSD.org> |
6 | * All rights reserved. | | 6 | * All rights reserved. |
7 | * | | 7 | * |
8 | * Redistribution and use in source and binary forms, with or without | | 8 | * Redistribution and use in source and binary forms, with or without |
9 | * modification, are permitted provided that the following conditions | | 9 | * modification, are permitted provided that the following conditions |
10 | * are met: | | 10 | * are met: |
11 | * 1. Redistributions of source code must retain the above copyright | | 11 | * 1. Redistributions of source code must retain the above copyright |
12 | * notice, this list of conditions and the following disclaimer. | | 12 | * notice, this list of conditions and the following disclaimer. |
13 | * 2. Redistributions in binary form must reproduce the above copyright | | 13 | * 2. Redistributions in binary form must reproduce the above copyright |
14 | * notice, this list of conditions and the following disclaimer in the | | 14 | * notice, this list of conditions and the following disclaimer in the |
| @@ -67,46 +67,26 @@ struct vm_page; | | | @@ -67,46 +67,26 @@ struct vm_page; |
67 | | | 67 | |
68 | /* Valid status field values. */ | | 68 | /* Valid status field values. */ |
69 | #define FINGERPRINT_NOTEVAL 0 /* fingerprint has not been evaluated */ | | 69 | #define FINGERPRINT_NOTEVAL 0 /* fingerprint has not been evaluated */ |
70 | #define FINGERPRINT_VALID 1 /* fingerprint evaluated and matches list */ | | 70 | #define FINGERPRINT_VALID 1 /* fingerprint evaluated and matches list */ |
71 | #define FINGERPRINT_NOMATCH 2 /* fingerprint evaluated but does not match */ | | 71 | #define FINGERPRINT_NOMATCH 2 /* fingerprint evaluated but does not match */ |
72 | | | 72 | |
73 | /* Per-page fingerprint status. */ | | 73 | /* Per-page fingerprint status. */ |
74 | #define PAGE_FP_NONE 0 /* no per-page fingerprints. */ | | 74 | #define PAGE_FP_NONE 0 /* no per-page fingerprints. */ |
75 | #define PAGE_FP_READY 1 /* per-page fingerprints ready for use. */ | | 75 | #define PAGE_FP_READY 1 /* per-page fingerprints ready for use. */ |
76 | #define PAGE_FP_FAIL 2 /* mismatch in per-page fingerprints. */ | | 76 | #define PAGE_FP_FAIL 2 /* mismatch in per-page fingerprints. */ |
77 | | | 77 | |
78 | #if defined(_KERNEL) && !defined(HAVE_NBTOOL_CONFIG_H) | | 78 | #if defined(_KERNEL) && !defined(HAVE_NBTOOL_CONFIG_H) |
79 | | | 79 | |
80 | #if NVERIEXEC > 0 | | | |
81 | /* FUTURE: remove this macro entirely - dholland 20100215 */ | | | |
82 | #define VERIEXEC_PATH_GET(from, cto, to) \ | | | |
83 | do { \ | | | |
84 | to = NULL; \ | | | |
85 | cto = from; \ | | | |
86 | } \ | | | |
87 | } while (/*CONSTCOND*/0) | | | |
88 | #define VERIEXEC_PATH_PUT(to) \ | | | |
89 | do { \ | | | |
90 | (void)(to); \ | | | |
91 | } while (/*CONSTCOND*/0) | | | |
92 | #else | | | |
93 | #define VERIEXEC_PATH_GET(from, cto, to) \ | | | |
94 | cto = from | | | |
95 | #define VERIEXEC_PATH_PUT(to) \ | | | |
96 | (void)to | | | |
97 | | | | |
98 | #endif | | | |
99 | | | | |
100 | /* | | 80 | /* |
101 | * Fingerprint operations vector for Veriexec. | | 81 | * Fingerprint operations vector for Veriexec. |
102 | * Function types: init, update, final. | | 82 | * Function types: init, update, final. |
103 | */ | | 83 | */ |
104 | typedef void (*veriexec_fpop_init_t)(void *); | | 84 | typedef void (*veriexec_fpop_init_t)(void *); |
105 | typedef void (*veriexec_fpop_update_t)(void *, u_char *, u_int); | | 85 | typedef void (*veriexec_fpop_update_t)(void *, u_char *, u_int); |
106 | typedef void (*veriexec_fpop_final_t)(u_char *, void *); | | 86 | typedef void (*veriexec_fpop_final_t)(u_char *, void *); |
107 | | | 87 | |
108 | void veriexec_init(void); | | 88 | void veriexec_init(void); |
109 | int veriexec_fpops_add(const char *, size_t, size_t, veriexec_fpop_init_t, | | 89 | int veriexec_fpops_add(const char *, size_t, size_t, veriexec_fpop_init_t, |
110 | veriexec_fpop_update_t, veriexec_fpop_final_t); | | 90 | veriexec_fpop_update_t, veriexec_fpop_final_t); |
111 | int veriexec_file_add(struct lwp *, prop_dictionary_t); | | 91 | int veriexec_file_add(struct lwp *, prop_dictionary_t); |
112 | int veriexec_verify(struct lwp *, struct vnode *, const u_char *, int, | | 92 | int veriexec_verify(struct lwp *, struct vnode *, const u_char *, int, |