head 1.3; access; symbols perseant-exfatfs-base-20250801:1.3 perseant-exfatfs-base-20240630:1.3 perseant-exfatfs:1.3.0.46 perseant-exfatfs-base:1.3 cjep_sun2x:1.3.0.44 cjep_sun2x-base:1.3 cjep_staticlib_x-base1:1.3 cjep_staticlib_x:1.3.0.42 cjep_staticlib_x-base:1.3 phil-wifi-20200421:1.3 phil-wifi-20200411:1.3 phil-wifi-20200406:1.3 pgoyette-compat-merge-20190127:1.3 pgoyette-compat-20190127:1.3 pgoyette-compat-20190118:1.3 pgoyette-compat-1226:1.3 pgoyette-compat-1126:1.3 pgoyette-compat-1020:1.3 pgoyette-compat-0930:1.3 pgoyette-compat-0906:1.3 pgoyette-compat-0728:1.3 pgoyette-compat-0625:1.3 pgoyette-compat-0521:1.3 pgoyette-compat-0502:1.3 pgoyette-compat-0422:1.3 pgoyette-compat-0415:1.3 pgoyette-compat-0407:1.3 pgoyette-compat-0330:1.3 pgoyette-compat-0322:1.3 pgoyette-compat-0315:1.3 pgoyette-compat:1.3.0.40 pgoyette-compat-base:1.3 perseant-stdc-iso10646:1.3.0.38 perseant-stdc-iso10646-base:1.3 prg-localcount2-base3:1.3 prg-localcount2-base2:1.3 prg-localcount2-base1:1.3 prg-localcount2:1.3.0.36 prg-localcount2-base:1.3 pgoyette-localcount-20170426:1.3 bouyer-socketcan-base1:1.3 pgoyette-localcount-20170320:1.3 bouyer-socketcan:1.3.0.34 bouyer-socketcan-base:1.3 pgoyette-localcount-20170107:1.3 pgoyette-localcount-20161104:1.3 localcount-20160914:1.3 pgoyette-localcount-20160806:1.3 pgoyette-localcount-20160726:1.3 pgoyette-localcount:1.3.0.32 pgoyette-localcount-base:1.3 netbsd-5-2-3-RELEASE:1.3 netbsd-5-1-5-RELEASE:1.3 yamt-pagecache-base9:1.3 yamt-pagecache-tag8:1.3 tls-earlyentropy:1.3.0.28 tls-earlyentropy-base:1.3 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.3 riastradh-drm2-base3:1.3 netbsd-5-2-2-RELEASE:1.3 netbsd-5-1-4-RELEASE:1.3 netbsd-5-2-1-RELEASE:1.3 netbsd-5-1-3-RELEASE:1.3 agc-symver:1.3.0.30 agc-symver-base:1.3 tls-maxphys-base:1.3 yamt-pagecache-base8:1.3 netbsd-5-2:1.3.0.26 yamt-pagecache-base7:1.3 netbsd-5-2-RELEASE:1.3 netbsd-5-2-RC1:1.3 yamt-pagecache-base6:1.3 yamt-pagecache-base5:1.3 yamt-pagecache-base4:1.3 netbsd-5-1-2-RELEASE:1.3 netbsd-5-1-1-RELEASE:1.3 yamt-pagecache-base3:1.3 yamt-pagecache-base2:1.3 yamt-pagecache:1.3.0.24 yamt-pagecache-base:1.3 bouyer-quota2-nbase:1.3 bouyer-quota2:1.3.0.22 bouyer-quota2-base:1.3 matt-nb5-pq3:1.3.0.20 matt-nb5-pq3-base:1.3 netbsd-5-1:1.3.0.18 netbsd-5-1-RELEASE:1.3 netbsd-5-1-RC4:1.3 netbsd-5-1-RC3:1.3 netbsd-5-1-RC2:1.3 netbsd-5-1-RC1:1.3 netbsd-5-0-2-RELEASE:1.3 netbsd-5-0-1-RELEASE:1.3 jym-xensuspend-nbase:1.3 netbsd-5-0:1.3.0.16 netbsd-5-0-RELEASE:1.3 netbsd-5-0-RC4:1.3 netbsd-5-0-RC3:1.3 netbsd-5-0-RC2:1.3 jym-xensuspend:1.3.0.14 jym-xensuspend-base:1.3 netbsd-5-0-RC1:1.3 netbsd-5:1.3.0.12 netbsd-5-base:1.3 yamt-pf42-base4:1.3 yamt-pf42-base3:1.3 hpcarm-cleanup-nbase:1.3 yamt-pf42-base2:1.3 yamt-pf42:1.3.0.10 yamt-pf42-base:1.3 mjf-devfs2:1.3.0.8 mjf-devfs2-base:1.3 keiichi-mipv6-nbase:1.3 keiichi-mipv6:1.3.0.6 keiichi-mipv6-base:1.3 cube-autoconf:1.3.0.4 cube-autoconf-base:1.3 hpcarm-cleanup:1.3.0.2 hpcarm-cleanup-base:1.3 netbsd-3-1-1-RELEASE:1.1.6.1 netbsd-3-0-3-RELEASE:1.1.6.1 abandoned-netbsd-4-base:1.2 abandoned-netbsd-4:1.2.0.2 netbsd-3-1:1.1.6.1.0.4 netbsd-3-1-RELEASE:1.1.6.1 netbsd-3-0-2-RELEASE:1.1.6.1 netbsd-3-1-RC4:1.1.6.1 netbsd-3-1-RC3:1.1.6.1 netbsd-3-1-RC2:1.1.6.1 netbsd-3-1-RC1:1.1.6.1 netbsd-3-0-1-RELEASE:1.1.6.1 netbsd-3-0:1.1.6.1.0.2 netbsd-3-0-RELEASE:1.1.6.1 netbsd-3-0-RC6:1.1.6.1 netbsd-3-0-RC5:1.1.6.1 netbsd-3-0-RC4:1.1.6.1 netbsd-3-0-RC3:1.1.6.1 netbsd-3-0-RC2:1.1.6.1 netbsd-3-0-RC1:1.1.6.1 netbsd-2-0-3-RELEASE:1.1 netbsd-2-1:1.1.0.8 netbsd-2-1-RELEASE:1.1 netbsd-2-1-RC6:1.1 netbsd-2-1-RC5:1.1 netbsd-2-1-RC4:1.1 netbsd-2-1-RC3:1.1 netbsd-2-1-RC2:1.1 netbsd-2-1-RC1:1.1 netbsd-2-0-2-RELEASE:1.1 netbsd-3:1.1.0.6 netbsd-3-base:1.1 netbsd-2-0-1-RELEASE:1.1 netbsd-2:1.1.0.4 netbsd-2-base:1.1 netbsd-2-0-RELEASE:1.1 netbsd-2-0-RC5:1.1 netbsd-2-0-RC4:1.1 netbsd-2-0-RC3:1.1 netbsd-2-0-RC2:1.1 netbsd-2-0-RC1:1.1 netbsd-2-0:1.1.0.2 netbsd-2-0-base:1.1 fvdl_fs64_base:1.1; locks; strict; comment @# @; 1.3 date 2006.09.16.21.03.12; author elad; state dead; branches; next 1.2; 1.2 date 2005.04.20.13.44.45; author blymn; state Exp; branches; next 1.1; 1.1 date 2002.11.23.10.25.04; author blymn; state Exp; branches 1.1.6.1; next ; 1.1.6.1 date 2005.06.10.14.47.10; author tron; state Exp; branches; next ; desc @@ 1.3 log @Obsolete old fingerprint generation scripts. @ text @#!/bin/sh # # $NetBSD: gen_sha1,v 1.2 2005/04/20 13:44:45 blymn Exp $ # # This is a helper script that scans all the file systems for # executables and generates an entry in the signatures file for # each one found. The script is probably best run by root and # will move the old signatures file prior to starting the real work. # mv signatures signatures.old echo "Fingerprinting the system, this may take a while...." # find / \( \( -fstype ffs -a ! -iregex '^/proc.*' -a -type f -a \( -perm -0100 -o -perm -0010 -o -perm -0001 \) \) -o -name 'lib*so*' \) -print | while read line do echo "Fingerprinting $line" hash=`sha1 < $line` flag="" if [ ! -x $line ] then flag=" FILE" fi if [ "${hash}" != "" ] then echo "$line sha1 ${hash}${flag}" >> signatures fi done @ 1.2 log @Rototill of the verified exec functionality. * We now use hash tables instead of a list to store the in kernel fingerprints. * Fingerprint methods handling has been made more flexible, it is now even simpler to add new methods. * the loader no longer passes in magic numbers representing the fingerprint method so veriexecctl is not longer kernel specific. * fingerprint methods can be tailored out using options in the kernel config file. * more fingerprint methods added - rmd160, sha256/384/512 * veriexecctl can now report the fingerprint methods supported by the running kernel. * regularised the naming of some portions of veriexec. @ text @d3 1 a3 1 # $NetBSD: gen_sha1,v 1.1 2002/11/23 10:25:04 blymn Exp $ @ 1.1 log @Example signature generating scripts. @ text @d3 1 a3 1 # $NetBSD$ d16 1 a16 1 hash=`sha1 $line | cut -d'=' -f2 | tr -d ' '` @ 1.1.6.1 log @Pull up revision 1.2 (requested by elad in ticket #389): Rototill of the verified exec functionality. * We now use hash tables instead of a list to store the in kernel fingerprints. * Fingerprint methods handling has been made more flexible, it is now even simpler to add new methods. * the loader no longer passes in magic numbers representing the fingerprint method so veriexecctl is not longer kernel specific. * fingerprint methods can be tailored out using options in the kernel config file. * more fingerprint methods added - rmd160, sha256/384/512 * veriexecctl can now report the fingerprint methods supported by the running kernel. * regularised the naming of some portions of veriexec. @ text @d16 1 a16 1 hash=`sha1 < $line` @