The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/sys/verified_exec.h

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*      $NetBSD: verified_exec.h,v 1.4 2003/07/08 06:49:23 itojun Exp $ */
    2 
    3 /*-
    4  * Copyright (c) 1998-1999 Brett Lymn
    5  *                         (blymn@baea.com.au, brett_lymn@yahoo.com.au)
    6  * All rights reserved.
    7  *
    8  * This code has been donated to The NetBSD Foundation by the Author.
    9  *
   10  * Redistribution and use in source and binary forms, with or without
   11  * modification, are permitted provided that the following conditions
   12  * are met:
   13  * 1. Redistributions of source code must retain the above copyright
   14  *    notice, this list of conditions and the following disclaimer.
   15  * 2. The name of the author may not be used to endorse or promote products
   16  *    derived from this software withough specific prior written permission
   17  *
   18  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
   19  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   20  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
   21  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
   22  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
   23  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
   24  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
   25  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
   26  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
   27  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
   28  *
   29  *
   30  */
   31 
   32 /*
   33  *
   34  * Definitions for the Verified Executables kernel function.
   35  *
   36  */
   37 #include <sys/param.h>
   38 
   39 #ifndef V_EXEC_H
   40 #define V_EXEC_H 1
   41 
   42 #define MAXFINGERPRINTLEN 20  /* enough room for largest signature... */
   43 
   44 struct verified_exec_params  {
   45         unsigned char type;
   46         unsigned char fp_type;  /* type of fingerprint this is */
   47         char file[MAXPATHLEN];
   48         unsigned char fingerprint[MAXFINGERPRINTLEN];
   49 };
   50 
   51 /*
   52  * Types of veriexec inodes we can have
   53  */
   54 #define VERIEXEC_DIRECT   0  /* Allow direct execution */
   55 #define VERIEXEC_INDIRECT 1  /* Only allow indirect execution */
   56 #define VERIEXEC_FILE     2  /* Fingerprint of a plain file */
   57 
   58 /*
   59  * Types of fingerprints we support.
   60  */
   61 #define FINGERPRINT_TYPE_MD5 1 /* MD5 hash */
   62 #define MD5_FINGERPRINTLEN 16  /* and it's length in chars */
   63 #define FINGERPRINT_TYPE_SHA1 2 /* SHA1 hash */
   64 #define SHA1_FINGERPRINTLEN 20  /* and it's length in chars */
   65 
   66 #define VERIEXECLOAD _IOW('S', 0x1, struct verified_exec_params)
   67 
   68 #ifdef _KERNEL
   69 void    verifiedexecattach __P((struct device *, struct device *, void *));
   70 int     verifiedexecopen __P((dev_t, int, int, struct proc *));
   71 int     verifiedexecclose __P((dev_t, int, int, struct proc *));
   72 int     verifiedexecioctl __P((dev_t, u_long, caddr_t, int, struct proc *));
   73 /*
   74  * list structure definitions - needed in kern_exec.c
   75  */
   76 
   77 struct veriexec_devhead veriexec_dev_head;
   78 struct veriexec_devhead veriexec_file_dev_head;
   79 
   80 struct veriexec_dev_list {
   81         unsigned long id;
   82         LIST_HEAD(inodehead, veriexec_inode_list) inode_head;
   83         LIST_ENTRY(veriexec_dev_list) entries;
   84 };
   85 
   86 struct veriexec_inode_list 
   87 {
   88         unsigned char type;
   89         unsigned char fp_type;
   90         unsigned long inode;
   91         unsigned char fingerprint[MAXFINGERPRINTLEN];
   92         LIST_ENTRY(veriexec_inode_list) entries;
   93 };
   94 
   95 struct veriexec_inode_list *get_veriexec_inode(struct veriexec_devhead *,
   96             long, long, char *);
   97 int evaluate_fingerprint(struct vnode *, struct veriexec_inode_list *,
   98             struct proc *, u_quad_t, char *);
   99 int fingerprintcmp(struct veriexec_inode_list *, unsigned char *);
  100 
  101 #endif
  102 #endif

Cache object: d06e6b1db8ef9a6d3b38feb9e18f49e2


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.