upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-18 18:20:26 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/lib
History
Simon J. Gerraty 16d49d0e4f libsecureboot do not report expected unverified files 
By default only report unverified files at severity VE_WANT
and above.  This inlcudes *.conf but not *.hints, *.cookie
or *.tgz which get VE_TRY as their severity.

If Verbose is set to 0, then VerifyFlags should default to 0 too.
Thus the combination of

	module_verbose=0
	VE_VEBOSE=0

is sufficient to make the loader almost totally silent.

When verify_prep has to find_manifest and it is verified ok
return VE_NOT_CHECKED to verify_file so that it can skip
repeating verify_fd

Also add better debugging output for is_verified and add_verify_status.

vectx handle compressed modules

When verifying a compressed module (.ko.gz or .ko.bz2)
stat() reports the size as -1 (unknown).
vectx_lseek needs to spot this during closing - and just read until
EOF is hit.

Note: because of the way libsa's open() works, verify_prep will see
the path to be verified as module.ko not module.ko.bz2 etc.  This is
actually ok, because we need a separate module.ko.bz2 entry so that
the package can be verified, and the hash for module.ko is of the
uncompressed file which is what vectx will see.

Re-work local.trust.mk so site.trust.mk need only set
VE_SIGN_URL_LIST (if using the mentioned signing server)

interp.c: restrict interactive input

Apply the same restrictions to interactive input as for
unverified conf and hints files.

Use version.veriexec when LOADER_VERIEXEC is yes

Reviewed by:	kevans
Sponsored by:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D43810

(cherry picked from commit f616d61ab6b071e5fbfdbae7033a9ef04c1444ad)
2024-04-16 13:54:22 -06:00
..
atf Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
clang Optionally create full debuginfo for llvm-related executables 2024-03-08 09:15:34 +01:00
csu dirdeps: Add missing dependency files 2024-04-15 20:32:03 -06:00
flua flua: Add hash module 2024-04-16 13:54:20 -06:00
geom glabel.8: Warn against using generic labels on a shared device 2023-10-04 09:41:29 -04:00
googletest Fix GoogleTest 1.14.0 import 2023-08-18 19:33:58 -07:00
lib9p Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
lib80211 Purge more stray embedded $FreeBSD$ strings 2023-10-24 10:10:12 -07:00
libalias Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libarchive Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libauditd Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libbe libbe: Fix some markup issues. 2024-03-22 09:07:03 +01:00
libbearssl libsecureboot: be more verbose about validation failures 2024-01-07 14:39:17 -05:00
libbegemot Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libblacklist Track upstream project rename in contrib/blocklistd 2024-01-07 14:31:11 -05:00
libblocksruntime Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libbluetooth Remove $FreeBSD$: one-line nroff pattern 2023-08-16 11:55:15 -06:00
libbsddialog Update/fix Makefile.depend for userland 2023-04-18 17:14:23 -07:00
libbsdstat Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libbsm Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libbsnmp Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libbz2 Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libc libc: Improve description of mktime() / timegm(). 2024-04-04 11:41:41 +02:00
libc++ Add missing /usr/include/c++/v1/__mdspan/mdspan.h header 2024-01-07 18:46:19 +01:00
libc++experimental Merge llvm-project main llvmorg-17-init-19304-gd0b54bb50e51 2024-01-07 18:46:17 +01:00
libc_nonshared Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libcalendar Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libcam Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libcapsicum Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libcasper libcasper: fix cap_rights_init usage 2024-03-22 09:30:32 -04:00
libcbor Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libclang_rt Slightly reorganize libclang_rt Makefile again 2024-03-24 01:36:26 +01:00
libcom_err Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libcompat libcompat: silence -Wdeprecated-non-prototype 2024-02-08 18:40:06 +01:00
libcompiler_rt Merge commit 4bb2416d42eb from llvm-project (by Jessica Clarke): 2023-09-11 22:46:57 +01:00
libcrypt Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libcuse Remove $FreeBSD$: one-line nroff pattern 2023-08-16 11:55:15 -06:00
libcxxrt Merge libcxxrt master 03c83f5a57be8c5b1a29a68de5638744f17d28ba 2024-02-08 20:26:04 +01:00
libdevctl Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libdevdctl Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libdevinfo Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libdevstat Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libdl Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libdpv Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libdwarf Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libedit Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libefivar Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libelf Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libelftc Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libevent1 Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libexecinfo Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libexpat MFC: MFV: expat 2.6.0. 2024-02-20 22:52:29 -08:00
libfdt libfdt: Make an internal FDT library available 2024-03-29 09:53:19 -04:00
libfetch libfetch: parse scheme://domain:/ correctly 2024-04-03 15:11:58 -04:00
libfido2 libfido2: update to 1.13.0 2023-09-22 07:03:36 -04:00
libfigpar Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libgcc_eh Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libgcc_s Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libgeom Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libgpio libgpio: Fix type mismatch for gpio_pin_[gs]et 2024-01-03 09:43:48 -08:00
libgssapi Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libiconv_modules Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libifconfig libifconfig: Fix bridge status member list 2024-01-28 18:55:56 +01:00
libipsec Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libipt Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libiscsiutil Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:42 -06:00
libjail libjail: Guard against programmer error in jailparam_export() 2024-02-11 10:14:59 -05:00
libkiconv Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libkvm Remove $FreeBSD$: one-line nroff pattern 2023-08-16 11:55:15 -06:00
libldns Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
liblua dirdeps: Add missing dependency files 2024-04-15 20:32:03 -06:00
liblutok Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
liblzma Backport export of lzma_mt_block_size symbol. 2024-04-07 21:01:25 -07:00
libmagic MFC: MFV: file 5.45. 2023-09-14 15:01:08 -07:00
libmd Remove $FreeBSD$: one-line nroff pattern 2023-08-16 11:55:15 -06:00
libmemstat Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libmilter Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libmixer mixer(3): Do not hardcode "/dev/mixer" 2024-02-27 00:22:31 +01:00
libmp Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libmt Add IBM TS1170 density codes and specs. 2023-12-14 15:55:24 -05:00
libnetbsd Remove $FreeBSD$: one-line bare tag 2023-08-16 11:55:20 -06:00
libnetgraph Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libnetmap Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libnv Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libomp Merge llvm-project main llvmorg-17-init-19304-gd0b54bb50e51 2024-01-07 18:46:17 +01:00
libopenbsd Remove $FreeBSD$: one-line bare tag 2023-08-16 11:55:20 -06:00
libopencsd Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libpam pam_xdg: Close the dir after removal 2024-04-11 15:24:49 +02:00
libpathconv Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libpcap Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libpe Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libpfctl libpfctl: handle pfctl_do_ioctl() failures better 2023-11-24 10:19:13 +01:00
libpjdlog Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libpmc dirdeps: Add missing dependency files 2024-04-15 20:32:03 -06:00
libpmcstat Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libproc Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libprocstat libprocstat: improve conditional for 32-bit compat 2023-10-26 00:31:02 +01:00
libradius Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libregex Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
librpcsec_gss Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
librpcsvc Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
librss Remove $FreeBSD$: one-line nroff pattern 2023-08-16 11:55:15 -06:00
librt zfs: merge openzfs/zfs@32949f256 (zfs-2.2-release) into stable/14 2023-09-03 09:15:24 +02:00
librtld_db Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libsbuf Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libsdp Remove $FreeBSD$: one-line nroff pattern 2023-08-16 11:55:15 -06:00
libsecureboot libsecureboot do not report expected unverified files 2024-04-16 13:54:22 -06:00
libsm Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libsmb Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libsmdb Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libsmutil Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libsqlite3 Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libssp Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libssp_nonshared Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libstats Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libstdbuf Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libstdthreads libstdthreads: destroy mutexattr in mtx_init() 2024-02-09 02:38:04 +02:00
libsysdecode libsysdecode: fix build after 3d0a736796a9 2024-04-12 13:14:35 -07:00
libtacplus Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libtelnet Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libthr libthr: remove explicit sys/cdefs.h includes 2024-03-13 02:30:40 +02:00
libthread_db Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libucl Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libufs Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libugidfw Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libulog Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libunbound unbound: Vendor import 1.19.3 2024-03-23 19:22:03 -07:00
libusb Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libusbhid Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libutil login_cap.h: Remove LOGIN_DEFPRI 2024-02-01 22:30:20 +01:00
libveriexec Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libvgl Remove $FreeBSD$: two-line nroff pattern 2023-08-16 11:55:10 -06:00
libvmmapi libvmmapi: add missing capability strings 2024-04-15 10:05:13 -04:00
libwrap Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libxo Remove $FreeBSD$: one-line nroff pattern 2023-08-16 11:55:15 -06:00
liby Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libypclnt Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
libz lib{c,lzma,z}: remove -DSYMBOL_VERSIONING from CFLAGS 2023-12-13 22:08:13 +00:00
libzstd libzstd: Explicitly define ZSTD_DISABLE_ASM 2023-08-22 21:01:03 +01:00
msun lib/msun: Fix tgammal(3) on IEEE 128-bit platforms 2024-04-12 16:27:21 +01:00
ncurses ncurses: avoid hardcoded assumptions about the layout of .OBJDIR 2023-12-14 18:58:04 -06:00
nss_tacplus nss_tacplus: Provide dummy setpwent(), getpwent_r(), endpwent(). 2023-09-07 20:28:30 +00:00
ofed Trim various $FreeBSD$ 2023-10-24 11:22:23 -07:00
tests Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
Makefile libfdt: Make an internal FDT library available 2024-03-29 09:53:19 -04:00
Makefile.inc Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00