VERIEXEC(4) NetBSD Kernel Interfaces Manual VERIEXEC(4)
NAME
veriexec -- Veriexec pseudo-device
SYNOPSIS
pseudo-device veriexec
DESCRIPTION
The veriexec pseudo-device is used to interface the kernel's Veriexec data-structures. It is used to size the kernel data structures and load the Veriexec fingerprints into kernel memory. Veriexec file operations All the following operations are invoked using the ioctl(2) system call. Refer to that man page for the description of the request and argp param- eters. The following section lists the requests that can be made via ioctl(2). Veriexec file request descriptions VERIEXEC_TABLESIZE struct veriexec_sizing_params Sizes the in kernel hash tables to accommodate the fingerprint entries. This request must be made prior to loading the fingerprints into the kernel. The argument structure contains the device to which the hash table relates and the number of fingerprint entries that will be loaded into the kernel for the device. VERIEXEC_LOAD struct veriexec_params Inserts a fingerprint into the in-kernel tables. These tables must have been previously sized using the VERIEXEC_TABLESIZE request. The argument struc- ture is, as defined in /usr/include/sys/verified_exec.h: struct veriexec_params { unsigned char type; unsigned char fp_type[VERIEXEC_TYPE_MAXLEN]; char file[MAXPATHLEN]; unsigned int size; unsigned char *fingerprint; }; Where type is a bitfield that can be binary-OR'd with one or more of: VERIEXEC_DIRECT Allow execution of the file if fingerprint matches. VERIEXEC_INDIRECT Allow execution of the file as a script interpreter only, direct command line invocation is disal- lowed. VERIEXEC_FILE The file is a plain file, not an executable. Followed by fp_type, which is the fingerprint type. This is a case-insensitive character string that must match one of the fingerprint types supported by the running kernel. Next the path to the file to which the fingerprint applies. The field size is the num- ber of bytes contained in the fingerprint, this is used by the kernel to provide a simple sanity check on the fingerprint passed. Lastly, the fingerprint is a pointer to an array of characters that comprise the fingerprint for the file. Note that the requests VERIEXEC_TABLESIZE and VERIEXEC_LOAD are not per- mitted once the veriexec strict level has been raised past 0 by setting kern.veriexec.strict using sysctl(8).
SEE ALSO
sysctl(3), sysctl(8), veriexecctl(8)
NOTES
The size field in the VERIEXEC_LOAD structure is only used to validate that the size of the fingerprint being passed is the expected size for that fingerprint hash type; it is not used for any other purpose. A malicious person could deliberately mismatch the size of the fingerprint array and, possibly, cause a kernel page fault panic when the kernel reads the input fingerprint array memory. Due to this, it is recommended only the root user be allowed to access this device. NetBSD 3.0.2 August 2, 2005 NetBSD 3.0.2
Powered by man-cgi (2024-08-26). Maintained for NetBSD by Kimmo Suominen. Based on man-cgi by Panagiotis Christias.