|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [RFC v1 2/8] kexec: implement kexec_file_load() for PECOFF+Authenticode files
This change adds to Xen the kexec_file_load() entry point. The
kexec_file_load() is nearly identical to kexec_load(), but with the
added code to handle checking and handling of PECOFF Authenticode
signature verification.
Signed-off-by: Eric DeVolder <eric.devolder@xxxxxxxxxx>
---
xen/common/kexec.c | 131 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 129 insertions(+), 2 deletions(-)
diff --git a/xen/common/kexec.c b/xen/common/kexec.c
index 44ae95d..b013514 100644
--- a/xen/common/kexec.c
+++ b/xen/common/kexec.c
@@ -33,6 +33,10 @@
#include <compat/kexec.h>
#endif
+#include "ped.h"
+#include "TrustedCert.h"
+int verify_openssl (pecoff_image_t *pe, const uint8_t *TrustedCert, int
TrustedCertSize);
+
bool_t kexecing = FALSE;
/* Memory regions to store the per cpu register state etc. on a crash. */
@@ -1112,6 +1116,126 @@ error:
return ret;
}
+static int kexec_file_load(XEN_GUEST_HANDLE_PARAM(void) uarg)
+{
+ xen_kexec_load_t load;
+ xen_kexec_segment_t *segments;
+ struct kexec_image *kimage = NULL;
+ int ret;
+ int k, numSigned = 0, numPassed = 0;
+
+ if ( copy_from_guest(&load, uarg, 1) )
+ return -EFAULT;
+
+ if ( load.nr_segments >= KEXEC_SEGMENT_MAX )
+ return -EINVAL;
+
+ segments = xmalloc_array(xen_kexec_segment_t, load.nr_segments);
+ if ( segments == NULL )
+ return -ENOMEM;
+
+ if ( copy_from_guest(segments, load.segments.h, load.nr_segments) )
+ {
+ ret = -EFAULT;
+ goto error;
+ }
+
+ /* Handle signature verification of signed segments */
+ for (k = 0; k < load.nr_segments; ++k)
+ {
+ xen_kexec_segment_t *segment = &segments[k];
+ uint8_t *imageBase = NULL;
+ size_t imageSize;
+ pecoff_image_t *pe = NULL;
+ int j; (void)j;
+
+ if (NULL == segment->buf.h.p) continue;
+
+ imageSize = segment->buf_size;
+ imageBase = xmalloc_array(unsigned char, imageSize);
+ if (NULL == imageBase)
+ {
+ printk("Ooops %u\n", (unsigned)imageSize);
+ ret = -ENOMEM;
+ goto error;
+ }
+ if ( copy_from_guest(imageBase, segment->buf.h, segment->buf_size) )
+ {
+ xfree(imageBase);
+ ret = -EFAULT;
+ goto error;
+ }
+
+ /* Handle PECOFF w/ Authenticode, only ... */
+ pe = pecoff_image_decode(imageBase, imageSize);
+ if (pe && pe->iddc.dd && pe->iddc.dd->CertificateTable.VirtualAddress)
+ {
+ ++numSigned;
+ pecoff_setup_verify(pe);
+ ret = verify_openssl(pe, TrustedCert, sizeof(TrustedCert));
+
+ /* if all is well ... */
+ if (1 == ret)
+ {
+ coff_header_t *ch = pe->chc.ch;
+ unsigned x;
+
+ ++numPassed; /* success! */
+
+ /* point to text executable */
+ for (x = 0; x < ch->NumberOfSections; ++x)
+ {
+ pecoff_section_t *s = pe->sectioncs[x].s;
+ if (
+ (s->Name[0] == '.') &&
+ (s->Name[1] == 't') &&
+ (s->Name[2] == 'e') &&
+ (s->Name[3] == 'x') &&
+ (s->Name[4] == 't')
+ )
+ {
+ /* Adjust segment info for proper load */
+ uint8_t *p = (uint8_t *)segment->buf.h.p;
+ /* adjust to point to start of .text */
+ p += s->PointerToRawData;
+ segment->buf.h.p = p;
+ /* adjust size accordingly */
+ segment->buf_size -= s->PointerToRawData;
+ }
+ }
+ }
+ }
+ if (pe) pecoff_image_free(pe);
+ if (imageBase) xfree(imageBase);
+ }
+ printk("KEXEC_file_load signed %d passed %d\n", numSigned, numPassed);
+
+ if (! ((numPassed == numSigned) && (numSigned > 0)) )
+ ret = -ENOEXEC;
+ else
+ ret = kimage_alloc(&kimage, load.type, load.arch, load.entry_maddr,
+ load.nr_segments, segments);
+
+ if ( ret < 0 )
+ goto error;
+
+ ret = kimage_load_segments(kimage);
+ if ( ret < 0 )
+ goto error;
+
+ ret = kexec_load_slot(kimage);
+ if ( ret < 0 )
+ goto error;
+
+ return 0;
+
+error:
+ if ( ! kimage )
+ xfree(segments);
+ kimage_free(kimage);
+ return ret;
+}
+
static int kexec_do_unload(xen_kexec_unload_t *unload)
{
struct kexec_image *old_kimage;
@@ -1237,8 +1361,11 @@ static int do_kexec_op_internal(unsigned long op,
ret = kexec_unload(uarg);
break;
case KEXEC_CMD_kexec_status:
- ret = kexec_status(uarg);
- break;
+ ret = kexec_status(uarg);
+ break;
+ case KEXEC_CMD_kexec_file_load:
+ ret = kexec_file_load(uarg);
+ break;
}
spin_unlock(&kexec_op_spinlock);
--
2.7.4
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |