2 * Copyright (c) 2019 Stormshield.
3 * Copyright (c) 2019 Semihalf.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
17 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
18 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
19 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
22 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
23 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
24 * POSSIBILITY OF SUCH DAMAGE.
26 #include <sys/cdefs.h>
29 #include "libsecureboot-priv.h"
30 #include <verify_file.h>
33 * Values to pass to kernel by envs.
35 static char manifest_path[MAXPATHLEN];
36 static char manifest_prefix[MAXPATHLEN];
37 static char manifest_hash[2 * br_sha256_SIZE + 2];
38 static int manifest_present = 0;
41 * Verify and pass manifest path and digest to kernel through envs.
42 * The paths in manifest can be either absolute,
43 * or "prefix", if exists will be added to the ones that are not.
46 pass_manifest(const char *path, const char *prefix)
50 unsigned char digest[br_sha256_SIZE];
51 const br_hash_class *md;
52 br_hash_compat_context ctx;
56 md = &br_sha256_vtable;
58 if (strnlen(path, MAXPATHLEN) == MAXPATHLEN ||
59 strnlen(prefix, MAXPATHLEN) == MAXPATHLEN)
66 if (!S_ISREG(st.st_mode)) {
71 rc = is_verified(&st);
73 if (rc != VE_NOT_CHECKED && rc != VE_VERIFIED) {
78 if (rc == VE_VERIFIED)
79 content = read_file(path, NULL);
81 content = (char *)verify_signed(path, VEF_VERBOSE);
83 if (content == NULL) {
84 add_verify_status(&st, VE_FINGERPRINT_WRONG);
89 add_verify_status(&st, VE_VERIFIED);
91 md->init(&ctx.vtable);
92 md->update(&ctx.vtable, content, st.st_size);
93 md->out(&ctx.vtable, digest);
96 manifest_prefix[0] = '\0';
98 strcpy(manifest_prefix, prefix);
100 strcpy(manifest_path, path);
102 hexdigest(manifest_hash, 2 * br_sha256_SIZE + 2,
103 digest, br_sha256_SIZE);
104 manifest_hash[2*br_sha256_SIZE] = '\0';
106 manifest_present = 1;
117 * Set appropriate envs to inform kernel about manifest location and digest.
118 * This should be called right before boot so that envs can't be replaced.
121 pass_manifest_export_envs()
125 /* If we have nothing to pass make sure that envs are empty. */
126 if (!manifest_present) {
127 unsetenv("veriexec.manifest_path");
128 unsetenv("veriexec.manifest_hash");
129 unsetenv("veriexec.manifest_prefix");
133 rc = setenv("veriexec.manifest_path", manifest_path, 1);
137 rc = setenv("veriexec.manifest_hash", manifest_hash, 1);
139 unsetenv("veriexec.manifest_path");
143 if (manifest_prefix[0] != '\0')
144 rc = setenv("veriexec.manifest_prefix", manifest_prefix, 1);