diff options
| author | Simon J. Gerraty <sjg@FreeBSD.org> | 2020-08-21 00:27:06 +0000 |
|---|---|---|
| committer | Simon J. Gerraty <sjg@FreeBSD.org> | 2020-08-21 00:27:06 +0000 |
| commit | 0929924b610c8365202e04e3482ecda88e895a1a (patch) | |
| tree | d0287725d12bf25ae6bd4b85779e429a6017e078 /lib/libsecureboot/verify_file.c | |
| parent | 773e541e8d088fb20dd4451f1304f805a558728f (diff) | |
veloader: insist on verifying .4th .lua etc
When files are read from .rc or .4th, verify_file is asked to
guess the severity (VE_TRY,VE_WANT,VE_MUST)
Reviewed by: stevek
MFC after: 1 week
Sponsored by: Juniper Networks
Notes
Notes:
svn path=/head/; revision=364443
Diffstat (limited to 'lib/libsecureboot/verify_file.c')
| -rw-r--r-- | lib/libsecureboot/verify_file.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/libsecureboot/verify_file.c b/lib/libsecureboot/verify_file.c index ca7c59abeffc..9773b02e5a1d 100644 --- a/lib/libsecureboot/verify_file.c +++ b/lib/libsecureboot/verify_file.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2017-2018, Juniper Networks, Inc. + * Copyright (c) 2017-2020, Juniper Networks, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -255,6 +255,10 @@ severity_guess(const char *filename) strcmp(cp, ".cookie") == 0 || strcmp(cp, ".hints") == 0) return (VE_TRY); + if (strcmp(cp, ".4th") == 0 || + strcmp(cp, ".lua") == 0 || + strcmp(cp, ".rc") == 0) + return (VE_MUST); } return (VE_WANT); } |