FreeBSD Mail Archives

Date:      Tue, 5 Nov 2013 20:00:18 +0000 (UTC)
From:      Xin LI <delphij@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org
Subject:   svn commit: r257719 - in stable: 8/sys/geom/eli 9/sys/geom/eli
Message-ID:  <201311052000.rA5K0ImQ017164@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help

Author: delphij
Date: Tue Nov  5 20:00:17 2013
New Revision: 257719
URL: http://svnweb.freebsd.org/changeset/base/257719

Log:
  MFC r257539:
  
  When zero'ing out a buffer, make sure we are using right size.
  
  Without this change, in the worst but unlikely case scenario, certain
  administrative operations, including change of configuration, set or
  delete key from a GEOM ELI provider, may leave potentially sensitive
  information in buffer allocated from kernel memory.
  
  We believe that it is not possible to actively exploit these issues, nor
  does it impact the security of normal usage of GEOM ELI providers when
  these operations are not performed after system boot.
  
  Security:	possible sensitive information disclosure
  Submitted by:	Clement Lecigne <clecigne google com>

Modified:
  stable/8/sys/geom/eli/g_eli_ctl.c
Directory Properties:
  stable/8/sys/   (props changed)
  stable/8/sys/geom/   (props changed)

Changes in other areas also in this revision:
Modified:
  stable/9/sys/geom/eli/g_eli_ctl.c
Directory Properties:
  stable/9/sys/   (props changed)

Modified: stable/8/sys/geom/eli/g_eli_ctl.c
==============================================================================
--- stable/8/sys/geom/eli/g_eli_ctl.c	Tue Nov  5 19:58:40 2013	(r257718)
+++ stable/8/sys/geom/eli/g_eli_ctl.c	Tue Nov  5 20:00:17 2013	(r257719)
@@ -471,7 +471,7 @@ g_eli_ctl_configure(struct gctl_req *req
 			    prov, error);
 		}
 		bzero(&md, sizeof(md));
-		bzero(sector, sizeof(sector));
+		bzero(sector, pp->sectorsize);
 		free(sector, M_ELI);
 	}
 }
@@ -562,7 +562,7 @@ g_eli_ctl_setkey(struct gctl_req *req, s
 
 	/* Encrypt Master Key with the new key. */
 	error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, mkeydst);
-	bzero(key, sizeof(key));
+	bzero(key, keysize);
 	if (error != 0) {
 		bzero(&md, sizeof(md));
 		gctl_error(req, "Cannot encrypt Master Key (error=%d).", error);
@@ -575,7 +575,7 @@ g_eli_ctl_setkey(struct gctl_req *req, s
 	bzero(&md, sizeof(md));
 	error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector,
 	    pp->sectorsize);
-	bzero(sector, sizeof(sector));
+	bzero(sector, pp->sectorsize);
 	free(sector, M_ELI);
 	if (error != 0) {
 		gctl_error(req, "Cannot store metadata on %s (error=%d).",
@@ -691,7 +691,7 @@ g_eli_ctl_delkey(struct gctl_req *req, s
 		(void)g_io_flush(cp);
 	}
 	bzero(&md, sizeof(md));
-	bzero(sector, sizeof(sector));
+	bzero(sector, pp->sectorsize);
 	free(sector, M_ELI);
 	if (*all)
 		G_ELI_DEBUG(1, "All keys removed from %s.", pp->name);

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201311052000.rA5K0ImQ017164>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation