From: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
To: barebox@lists.infradead.org
Subject: [PATCH 09/13] boot_verify: add password request support
Date: Sun, 26 Mar 2017 04:45:00 +0200 [thread overview]
Message-ID: <1490496304-30850-9-git-send-email-plagnioj@jcrosoft.com> (raw)
In-Reply-To: <1490496304-30850-1-git-send-email-plagnioj@jcrosoft.com>
This will allow to let the user enter a password before booting more safe
than just a 'y'
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
common/boot_verify.c | 10 ++++++++++
common/password.c | 18 ++++++++++++++++++
include/password.h | 6 ++++++
3 files changed, 34 insertions(+)
diff --git a/common/boot_verify.c b/common/boot_verify.c
index 07ae07e16..2faa8d56c 100644
--- a/common/boot_verify.c
+++ b/common/boot_verify.c
@@ -10,6 +10,7 @@
#include <globalvar.h>
#include <magicvar.h>
#include <init.h>
+#include <password.h>
static unsigned int boot_verify_confirm_timeout = 10;
static enum boot_verify boot_verify_mode = BOOT_VERIFY_HASH;
@@ -63,6 +64,14 @@ int boot_can_start_unsigned(void)
printf("Are you sure you wish to run an unsigned binary\n");
printf("in a secure environment?\n");
+ if (IS_ENABLED(CONFIG_PASSWORD)) {
+ printf("enter password to confirm\n");
+ ret = request_password(timeout);
+ if (ret != -ENOTSUPP)
+ return -ESECVIOLATION;
+
+ }
+
printf("press y to confirm\n");
ret = console_countdown(timeout, CONSOLE_COUNTDOWN_ANYKEY, &c);
@@ -72,6 +81,7 @@ int boot_can_start_unsigned(void)
return c == 'y' ? 0 : -ESECVIOLATION;
}
+
static int init_boot_verify(void)
{
int size;
diff --git a/common/password.c b/common/password.c
index d52b746f0..1147111cd 100644
--- a/common/password.c
+++ b/common/password.c
@@ -435,6 +435,24 @@ void login(void)
}
}
+int request_password(int timeout)
+{
+ unsigned char passwd[PASSWD_MAX_LENGTH];
+ int ret;
+
+ if (!is_passwd_default_enable() && !is_passwd_env_enable())
+ return -ENOTSUPP;
+
+ ret = password(passwd, PASSWD_MAX_LENGTH, LOGIN_MODE, timeout);
+ if (ret < 0)
+ return ret;
+
+ if (check_passwd(passwd, ret) == 1)
+ return 0;
+
+ return -EINVAL;
+}
+
static int login_global_init(void)
{
login_fail_command = xstrdup("boot");
diff --git a/include/password.h b/include/password.h
index 8b9961815..5e8964929 100644
--- a/include/password.h
+++ b/include/password.h
@@ -31,10 +31,16 @@ int set_env_passwd(unsigned char *passwd, size_t length);
#ifdef CONFIG_PASSWORD
void login(void);
+int request_password(int timeout);
#else
static inline void login(void)
{
}
+
+static inline int request_password(int timeout)
+{
+ return 0;
+}
#endif
#endif /* __PASSWORD_H__ */
--
2.11.0
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
next prev parent reply other threads:[~2017-03-26 2:39 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-25 8:31 [PATCH 00/13] add efi secure boot support Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 01/13] bootm: move open to image_handler Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 02/13] boot_verify: use a new error ESECVIOLATION Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 7:59 ` Michael Olbrich
2017-03-26 2:44 ` [PATCH 03/13] bootm: make security generic Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 04/13] boot: invert the secure boot forcing support Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 05/13] move boot verify to generic code Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 06/13] boot_verify: make it modifiable at start time Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 8:16 ` Michael Olbrich
2017-03-26 2:44 ` [PATCH 07/13] go: only use it if boot signature is not required Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 8:23 ` Michael Olbrich
2017-03-27 11:50 ` Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 08/13] boot_verify: allow to force unsigned image to boot Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 8:25 ` Michael Olbrich
2017-03-26 2:45 ` Jean-Christophe PLAGNIOL-VILLARD [this message]
2017-03-27 6:11 ` [PATCH 09/13] boot_verify: add password request support Sascha Hauer
2017-03-26 2:45 ` [PATCH 10/13] efi: add more security related guid for the efivars Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:45 ` [PATCH 11/13] efi: fix lds for secure boot support Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 8:30 ` Michael Olbrich
2017-03-26 2:45 ` [PATCH 12/13] efi: fix secure and setup mode report Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:45 ` [PATCH 13/13] efi: enable sercure boot support Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 7:57 ` [PATCH 01/13] bootm: move open to image_handler Michael Olbrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1490496304-30850-9-git-send-email-plagnioj@jcrosoft.com \
--to=plagnioj@jcrosoft.com \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox