diff options
| author | Simon J. Gerraty <sjg@FreeBSD.org> | 2019-02-26 06:22:10 +0000 |
|---|---|---|
| committer | Simon J. Gerraty <sjg@FreeBSD.org> | 2019-02-26 06:22:10 +0000 |
| commit | 8df8b2d3e51d1b816201d8a1fe8bc29fe192e562 (patch) | |
| tree | ba0fc50fe6cf389e8d7aa457da88abb4b94d6067 /stand/liblua | |
| parent | eb12b8ea5e7fd3b2dd6386de0e96185d94f57249 (diff) | |
Notes
Diffstat (limited to 'stand/liblua')
| -rw-r--r-- | stand/liblua/Makefile | 3 | ||||
| -rw-r--r-- | stand/liblua/lstd.c | 15 |
2 files changed, 18 insertions, 0 deletions
diff --git a/stand/liblua/Makefile b/stand/liblua/Makefile index ed1b850d577f..edbbf60b2d25 100644 --- a/stand/liblua/Makefile +++ b/stand/liblua/Makefile @@ -35,5 +35,8 @@ CFLAGS+= -I${BOOTSRC}/include -I${LIBLUASRC} -I${LUASRC} -I${LDRSRC} .if ${MACHINE_CPUARCH} == "amd64" && ${DO32:U0} == 0 CFLAGS+= -fPIC .endif +.if ${MK_LOADER_VERIEXEC} == "yes" +CFLAGS+= -I${SRCTOP}/lib/libsecureboot/h -DLOADER_VERIEXEC +.endif .include <bsd.lib.mk> diff --git a/stand/liblua/lstd.c b/stand/liblua/lstd.c index c71232ee1024..8efdaf7256be 100644 --- a/stand/liblua/lstd.c +++ b/stand/liblua/lstd.c @@ -31,6 +31,10 @@ __FBSDID("$FreeBSD$"); #include "lstd.h" #include "math.h" +#ifdef LOADER_VERIEXEC +#include <verify_file.h> +#endif + FILE * fopen(const char *filename, const char *mode) { @@ -76,6 +80,17 @@ fopen(const char *filename, const char *mode) return (NULL); } +#ifdef LOADER_VERIEXEC + /* only regular files and only reading makes sense */ + if (S_ISREG(st.st_mode) && !(m & O_WRONLY)) { + if (verify_file(fd, filename, 0, VE_GUESS) < 0) { + free(f); + close(fd); + return (NULL); + } + } +#endif + f->fd = fd; f->offset = 0; f->size = st.st_size; |