Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 6 Apr 2015 09:58:38 -0700
From:      Devin Teske <dteske@FreeBSD.org>
To:        freebsd-current@freebsd.org
Cc:        Devin Teske <dteske@FreeBSD.org>, cperciva@freebsd.org
Subject:   [RFC] Add "GELI Passphrase:" prompt to boot loader
Message-ID:  <0D7CA1BF-3052-41FD-A3E7-5BBAA51B214A@FreeBSD.org>
next in thread | raw e-mail | index | archive | help 
Hi -current,

I have a pending enhancement to the boot loader that Colin P. and I
have been working on together.

URL: https://reviews.freebsd.org/D2105 =
<https://reviews.freebsd.org/D2105>;

The nature of the patch is to cause the boot loader to prompt for the
GELI passphrase and then pass that on (through a kenv(1) variable)
to Colin=E2=80=99s code in geom_eli.ko where it will be:

(a) picked up for-use as the initial passphrase attempt(s)
(b) zeroed after being picked-up so =E2=80=9Ckenv =
kern.geom.eli.passphrase=E2=80=9D
returns nothing

NB: Actually, =E2=80=9Ckenv kern.geom.eli.passphrase=E2=80=9D generates =
the error
=E2=80=9Ckenv: unable to get kern.geom.eli.passphrase=E2=80=9D

The problem that I (we) need help in solving is:

If the geom_eli.ko module doesn=E2=80=99t get loaded, then the variable
(kern.geom.eli.passphrase) is not zeroed.

While I do think that this is of minimal concern (not loading the GELI
module means you won=E2=80=99t be able to get past the mountroot prompt =
in
the case where GELI is required to boot), I discussed with Colin and
I think we are in consensus that the resetting of the variable should
perhaps be moved to another section of the kernel to prevent leakage
of this sensitive information being passed through kenv(1) variable(s).

Issue for me is, I=E2=80=99m not sure where the best place to move this =
to.
Here=E2=80=99s the code that needs to be moved (Lines 108-109 of =
g_eli.c):

https://svnweb.freebsd.org/base?view=3Drevision&revision=3D273489 =
<https://svnweb.freebsd.org/base?view=3Drevision&revision=3D273489>;


108 =
<https://svnweb.freebsd.org/base/head/sys/geom/eli/g_eli.c?annotate=3D2734=
89&pathrev=3D273489#l108>	 	                 /* Wipe the =
passphrase from the environment. */
109 =
<https://svnweb.freebsd.org/base/head/sys/geom/eli/g_eli.c?annotate=3D2734=
89&pathrev=3D273489#l109>	 	                 =
kern_unsetenv("kern.geom.eli.passphrase");

Need to move that preferably to some place in the kernel that is NOT
optional in the compilation process. Suggestions?
=E2=80=94=20
Cheers,
Devin=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0D7CA1BF-3052-41FD-A3E7-5BBAA51B214A>