VERIEXEC(4) NetBSD Kernel Interfaces Manual VERIEXEC(4) NAME veriexec -- Veriexec pseudo-device SYNOPSIS pseudo-device veriexec DESCRIPTION Veriexec verifies the integrity of specified executables and files before they are run or read. This makes it much more difficult to insert a tro- jan horse into the system and also makes it more difficult to run bina- ries that are not supposed to be running, for example, packet sniffers, DDoS clients and so on. The veriexec pseudo-device is used to preform optimal table sizing, fin- gerprint loading, and querying of entries, as part of the Veriexec sub- system. Kernel-userland interaction Veriexec uses proplib(3) for communication between the kernel and user- land. VERIEXEC_TABLESIZE Sizes the in kernel tables to accommodate the fingerprint entries. This request must be made prior to loading the fingerprints into the kernel. The dictionary passed contains the following elements: Name Type Purpose mount string mount-point for the entries count uint64_t number of entries VERIEXEC_LOAD Inserts a fingerprint into the in-kernel tables. These tables must have been previously sized using the VERIEXEC_TABLESIZE request. The dictionary passed contains the following elements: Name Type Purpose file string filename for this entry entry-type uint8 entry type (see below) fp-type string fingerprint hashing algorithm fp data the fingerprint ``entry-type'' can be one or more (binary-OR'd) of the following: Type Effect VERIEXEC_DIRECT can execute directly VERIEXEC_INDIRECT can execute indirectly (interpreter, mmap(2)) VERIEXEC_FILE can be opened VERIEXEC_UNTRUSTED located on untrusted storage VERIEXEC_DELETE Removes either an entry for a single file or entries for an entire mount from Veriexec. The dictionary passed contains the following elements: Name Type Purpose file string filename or mount-point VERIEXEC_QUERY Queries Veriexec about a file, returning information that may be useful about it. The dictionary passed contains the following elements: Name Type Purpose file string filename The dictionary returned contains the following elements: Name Type Purpose entry-type uint8 entry type (see above) status uint8 entry status fp-type string fingerprint hashing algorithm fp data the fingerprint ``status'' can be one of the following: Status Meaning FINGERPRINT_NOTEVAL not evaluated FINGERPRINT_VALID fingerprint match FINGERPRINT_MISMATCH fingerprint mismatch Note that the requests VERIEXEC_TABLESIZE, VERIEXEC_LOAD, and VERIEXEC_DELETE are not permitted once the strict level has been raised past 0. SEE ALSO proplib(3), sysctl(3), sysctl(8), veriexecctl(8), veriexecgen(8), veriexec(9) NOTES veriexec is part of the default configuration on the following architec- tures: amd64, i386, prep, sparc64. AUTHORS Brett Lymn <blymn@NetBSD.org> Elad Efrat <elad@NetBSD.org> NetBSD 4.0 November 29, 2006 NetBSD 4.0