svn commit: r364443 - head/lib/libsecureboot
Simon J. Gerraty
sjg at FreeBSD.org
Fri Aug 21 00:27:06 UTC 2020
Author: sjg
Date: Fri Aug 21 00:27:06 2020
New Revision: 364443
URL: https://svnweb.freebsd.org/changeset/base/364443
Log:
veloader: insist on verifying .4th .lua etc
When files are read from .rc or .4th, verify_file is asked to
guess the severity (VE_TRY,VE_WANT,VE_MUST)
Reviewed by: stevek
MFC after: 1 week
Sponsored by: Juniper Networks
Modified:
head/lib/libsecureboot/verify_file.c
Modified: head/lib/libsecureboot/verify_file.c
==============================================================================
--- head/lib/libsecureboot/verify_file.c Fri Aug 21 00:03:24 2020 (r364442)
+++ head/lib/libsecureboot/verify_file.c Fri Aug 21 00:27:06 2020 (r364443)
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2017-2018, Juniper Networks, Inc.
+ * Copyright (c) 2017-2020, Juniper Networks, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -255,6 +255,10 @@ severity_guess(const char *filename)
strcmp(cp, ".cookie") == 0 ||
strcmp(cp, ".hints") == 0)
return (VE_TRY);
+ if (strcmp(cp, ".4th") == 0 ||
+ strcmp(cp, ".lua") == 0 ||
+ strcmp(cp, ".rc") == 0)
+ return (VE_MUST);
}
return (VE_WANT);
}
More information about the svn-src-head
mailing list