FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F13.5 2023-08-23T17:43:22Z 2023-08-23T17:43:22Z Warner Losh imp@FreeBSD.org 2023-08-22T01:31:13Z urn:sha1:34041aac835a0bce462bccb7e0239c0ba092f872 Remove /^\s*\*+\s*\$FreeBSD\$.*$\n/ Similar commit in main: (cherry picked from commit 42b388439bd3) 2023-04-14T05:19:10Z Simon J. Gerraty sjg@FreeBSD.org 2021-12-19T00:34:58Z urn:sha1:8dd1299ca599cf7844a4b34c3c6b41df6287c4ff Reviewed by: stevek (cherry picked from commit 623ecf23325691a0cc13991e160b5f5d11471830) 2019-06-26T23:33:32Z Simon J. Gerraty sjg@FreeBSD.org 2019-06-26T23:33:32Z urn:sha1:f9510887eeb5ad2eab96b48c41631886f8f33ad6 Since we can now add OpenPGP trust anchors at runtime, ensure the latent support is available. Ensure we do not add duplicate keys to trust store. Also allow reporting names of trust anchors added/revoked We only do this for loader and only after initializing trust store. Thus only changes to initial trust store will be logged. Reviewed by: stevek MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D20700 2019-05-09T22:25:12Z Simon J. Gerraty sjg@FreeBSD.org 2019-05-09T22:25:12Z urn:sha1:9bee6a6083228d0e6abfb991fdbb4edf020fd438 Avoid making hash self-tests depend on X.509 certs. Include OpenPGP keys in trust store count. Reviewed by: stevek MFC after: 1 week Sponsored by: Juniper Networks Differential Revision: https://reviews.freebsd.org/D20208 2019-04-03T03:57:37Z Marcin Wojtas mw@FreeBSD.org 2019-04-03T03:57:37Z urn:sha1:b0fefb25c558179e9f9c7f0d375c6a03fb567eb9 The current approach of injecting manifest into mac_veriexec is to verify the integrity of it in userspace (veriexec (8)) and pass its entries into kernel using a char device (/dev/veriexec). This requires verifying root partition integrity in loader, for example by using memory disk and checking its hash. Otherwise if rootfs is compromised an attacker could inject their own data. This patch introduces an option to parse manifest in kernel based on envs. The loader sets manifest path and digest. EVENTHANDLER is used to launch the module right after the rootfs is mounted. It has to be done this way, since one might want to verify integrity of the init file. This means that manifest is required to be present on the root partition. Note that the envs have to be set right before boot to make sure that no one can spoof them. Submitted by: Kornel Duleba <mindal@semihalf.com> Reviewed by: sjg Obtained from: Semihalf Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D19281 2019-03-06T06:39:42Z Marcin Wojtas mw@FreeBSD.org 2019-03-06T06:39:42Z urn:sha1:13ea0450a9c8742119d36f3bf8f47accdce46e54 UEFI related headers were copied from edk2. A new build option "MK_LOADER_EFI_SECUREBOOT" was added to allow loading of trusted anchors from UEFI. Certificate revocation support is also introduced. The forbidden certificates are loaded from dbx variable. Verification fails in two cases: There is a direct match between cert in dbx and the one in the chain. The CA used to sign the chain is found in dbx. One can also insert a hash of TBS section of a certificate into dbx. In this case verifications fails only if a direct match with a certificate in chain is found. Submitted by: Kornel Duleba <mindal@semihalf.com> Reviewed by: sjg Obtained from: Semihalf Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D19093 2019-02-26T06:09:10Z Simon J. Gerraty sjg@FreeBSD.org 2019-02-26T06:09:10Z urn:sha1:5fff9558a43aaac53da41dc23c250c4e84f6fb02 Used by loader and veriexec Depends on libbearssl Reviewed by: emaste Sponsored by: Juniper Networks Differential Revision: D16335