verified_exec.h revision 1.43
1 /* $NetBSD: verified_exec.h,v 1.43 2006/11/29 14:52:11 elad Exp $ */ 2 3 /*- 4 * Copyright 2005 Elad Efrat <elad (at) NetBSD.org> 5 * Copyright 2005 Brett Lymn <blymn (at) netbsd.org> 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Brett Lymn and Elad Efrat 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Neither the name of The NetBSD Foundation nor the names of its 16 * contributors may be used to endorse or promote products derived 17 * from this software without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #ifndef _SYS_VERIFIED_EXEC_H_ 33 #define _SYS_VERIFIED_EXEC_H_ 34 35 #include <sys/cdefs.h> 36 #include <sys/param.h> 37 #include <sys/hash.h> 38 #include <uvm/uvm_extern.h> 39 #include <uvm/uvm_pglist.h> 40 #include <uvm/uvm_page.h> 41 42 #include <prop/proplib.h> 43 44 /* Flags for a Veriexec entry. These can be OR'd together. */ 45 #define VERIEXEC_DIRECT 0x01 /* Direct execution (exec) */ 46 #define VERIEXEC_INDIRECT 0x02 /* Indirect execution (#!) */ 47 #define VERIEXEC_FILE 0x04 /* Plain file (open) */ 48 #define VERIEXEC_UNTRUSTED 0x10 /* Untrusted storage */ 49 50 /* Operations for /dev/veriexec. */ 51 #define VERIEXEC_LOAD _IOW('X', 0x1, struct plistref) 52 #define VERIEXEC_TABLESIZE _IOW('X', 0x2, struct plistref) 53 #define VERIEXEC_DELETE _IOW('X', 0x3, struct plistref) 54 #define VERIEXEC_QUERY _IOWR('X', 0x4, struct plistref) 55 56 /* Verified exec sysctl objects. */ 57 #define VERIEXEC_VERBOSE 1 /* Verbosity level. */ 58 #define VERIEXEC_STRICT 2 /* Strict mode level. */ 59 #define VERIEXEC_ALGORITHMS 3 /* Supported hashing algorithms. */ 60 #define VERIEXEC_COUNT 4 /* # of fingerprinted files on device. */ 61 62 /* Valid status field values. */ 63 #define FINGERPRINT_NOTEVAL 0 /* fingerprint has not been evaluated */ 64 #define FINGERPRINT_VALID 1 /* fingerprint evaluated and matches list */ 65 #define FINGERPRINT_NOMATCH 2 /* fingerprint evaluated but does not match */ 66 67 /* Per-page fingerprint status. */ 68 #define PAGE_FP_NONE 0 /* no per-page fingerprints. */ 69 #define PAGE_FP_READY 1 /* per-page fingerprints ready for use. */ 70 #define PAGE_FP_FAIL 2 /* mismatch in per-page fingerprints. */ 71 72 #ifdef _KERNEL 73 void veriexecattach(struct device *, struct device *, void *); 74 int veriexecopen(dev_t, int, int, struct lwp *); 75 int veriexecclose(dev_t, int, int, struct lwp *); 76 int veriexecioctl(dev_t, u_long, caddr_t, int, struct lwp *); 77 78 /* defined in kern_verifiedexec.c */ 79 extern char *veriexec_fp_names; 80 extern int veriexec_verbose; 81 extern int veriexec_strict; 82 /* this one requires sysctl.h to be included before verified_exec.h */ 83 #ifdef VERIEXEC_NEED_NODE 84 extern const struct sysctlnode *veriexec_count_node; 85 #endif /* VERIEXEC_NEED_NODE */ 86 extern int veriexec_hook; 87 88 /* 89 * Operations vector for verified exec, this defines the characteristics 90 * for the fingerprint type. 91 * Function types: init, update, final. 92 */ 93 typedef void (*VERIEXEC_INIT_FN)(void *); 94 typedef void (*VERIEXEC_UPDATE_FN)(void *, u_char *, u_int); 95 typedef void (*VERIEXEC_FINAL_FN)(u_char *, void *); 96 97 struct veriexec_fp_ops { 98 const char *type; 99 size_t hash_len; 100 size_t context_size; 101 VERIEXEC_INIT_FN init; 102 VERIEXEC_UPDATE_FN update; 103 VERIEXEC_FINAL_FN final; 104 LIST_ENTRY(veriexec_fp_ops) entries; 105 }; 106 107 /* Veriexec per-file entry data. */ 108 struct veriexec_file_entry { 109 u_char type; /* Entry type. */ 110 u_char status; /* Evaluation status. */ 111 u_char page_fp_status; /* Per-page FP status. */ 112 u_char *fp; /* Fingerprint. */ 113 void *page_fp; /* Per-page fingerprints */ 114 size_t npages; /* Number of pages. */ 115 size_t last_page_size; /* To support < PAGE_SIZE */ 116 struct veriexec_fp_ops *ops; /* Fingerprint ops vector*/ 117 }; 118 119 /* Veriexec per-table data. */ 120 struct veriexec_table_entry { 121 uint64_t vte_count; /* Number of Veriexec entries. */ 122 const struct sysctlnode *vte_node; 123 }; 124 125 /* Veriexec modes (strict levels). */ 126 #define VERIEXEC_LEARNING 0 /* Learning mode. */ 127 #define VERIEXEC_IDS 1 /* Intrusion detection mode. */ 128 #define VERIEXEC_IPS 2 /* Intrusion prevention mode. */ 129 #define VERIEXEC_LOCKDOWN 3 /* Lockdown mode. */ 130 131 /* Readable values for veriexec_report(). */ 132 #define REPORT_ALWAYS 0x01 /* Always print */ 133 #define REPORT_VERBOSE 0x02 /* Print when verbose >= 1 */ 134 #define REPORT_DEBUG 0x04 /* Print when verbose >= 2 (debug) */ 135 #define REPORT_PANIC 0x08 /* Call panic() */ 136 #define REPORT_ALARM 0x10 /* Alarm - also print pid/uid/.. */ 137 #define REPORT_LOGMASK (REPORT_ALWAYS|REPORT_VERBOSE|REPORT_DEBUG) 138 139 /* Initialize a fingerprint ops struct. */ 140 #define VERIEXEC_OPINIT(ops, fp_type, hashlen, ctx_size, init_fn, \ 141 update_fn, final_fn) \ 142 do { \ 143 (ops)->type = fp_type; \ 144 (ops)->hash_len = (hashlen); \ 145 (ops)->context_size = (ctx_size); \ 146 (ops)->init = (VERIEXEC_INIT_FN) (init_fn); \ 147 (ops)->update = (VERIEXEC_UPDATE_FN) (update_fn); \ 148 (ops)->final = (VERIEXEC_FINAL_FN) (final_fn); \ 149 } while (0); 150 151 int veriexec_add_fp_ops(struct veriexec_fp_ops *); 152 void veriexec_init(void); 153 struct veriexec_fp_ops *veriexec_find_ops(const char *name); 154 int veriexec_fp_calc(struct lwp *, struct vnode *, struct veriexec_file_entry *, 155 u_char *); 156 int veriexec_fp_cmp(struct veriexec_fp_ops *, u_char *, u_char *); 157 struct veriexec_table_entry *veriexec_tblfind(struct vnode *); 158 struct veriexec_file_entry *veriexec_lookup(struct vnode *); 159 int veriexec_hashadd(struct vnode *, struct veriexec_file_entry *); 160 int veriexec_verify(struct lwp *, struct vnode *, 161 const u_char *, int, struct veriexec_file_entry **); 162 int veriexec_page_verify(struct veriexec_file_entry *, struct vm_page *, size_t, 163 struct lwp *); 164 int veriexec_removechk(struct vnode *, const char *, struct lwp *l); 165 int veriexec_renamechk(struct vnode *, const char *, struct vnode *, 166 const char *, struct lwp *); 167 void veriexec_report(const u_char *, const u_char *, struct lwp *, int); 168 void veriexec_clear(void *, int); 169 void veriexec_purge(struct veriexec_file_entry *); 170 171 #endif /* _KERNEL */ 172 173 #endif /* !_SYS_VERIFIED_EXEC_H_ */ 174
Indexes created Fri Sep 26 20:09:58 GMT 2025