int xen_build_id_check(const Elf_Note *n, unsigned int n_sz,
const void **p, unsigned int *len)
{
/* Check if we really have a build-id. */
ASSERT(n_sz > sizeof(*n));
if ( NT_GNU_BUILD_ID != n->type )
return -ENODATA;
if ( n->namesz + n->descsz < n->namesz )
return -EINVAL;
if ( n->namesz < 4 /* GNU\0 */)
return -EINVAL;
if ( n->namesz + n->descsz > n_sz - sizeof(*n) )
return -EINVAL;
/* Sanity check, name should be "GNU" for ld-generated build-id. */
if ( strncmp(ELFNOTE_NAME(n), "GNU", n->namesz) != 0 )
return -ENODATA;
if ( len )
*len = n->descsz;
if ( p )
*p = ELFNOTE_DESC(n);
return 0;
}
static void setup_note(Elf_Note *n, const char *name, int type, int descsz)
{
int l = strlen(name) + 1;
strlcpy(ELFNOTE_NAME(n), name, l);
n->namesz = l;
n->descsz = descsz;
n->type = type;
}
{
signedonly = 1;
return 0;
}
__setup("enforcemodulesig", sign_setup);
static int badsigok = 0;
static int __init setup_badsigok(char *str)
{
badsigok = 1;
return 0;
}
__setup("badsigok", setup_badsigok);
static const char modsign_note_name[] = ELFNOTE_NAME(MODSIGN_NOTE_NAME);
static const char modsign_note_section[] = ELFNOTE_SECTION(MODSIGN_NOTE_NAME);
/*
* verify a module's signature
*/
int module_verify_signature(struct module_verify_data *mvdata,
int *_gpgsig_ok)
{
const struct elf_note *note;
struct crypto_shash *tfm;
const Elf_Shdr *sechdrs = mvdata->sections;
const char *secstrings = mvdata->secstrings;
const char *sig;
unsigned note_size, sig_size, note_namesz;
int loop, ret;
