From owner-svn-src-all@freebsd.org  Mon Apr 16 00:42:46 2018
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1057EF9C444;
 Mon, 16 Apr 2018 00:42:46 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id B73A47F745;
 Mon, 16 Apr 2018 00:42:45 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B22DA16491;
 Mon, 16 Apr 2018 00:42:45 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w3G0gjwI024623;
 Mon, 16 Apr 2018 00:42:45 GMT (envelope-from kevans@FreeBSD.org)
Received: (from kevans@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w3G0gjmN024619;
 Mon, 16 Apr 2018 00:42:45 GMT (envelope-from kevans@FreeBSD.org)
Message-Id: <201804160042.w3G0gjmN024619@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: kevans set sender to
 kevans@FreeBSD.org using -f
From: Kyle Evans <kevans@FreeBSD.org>
Date: Mon, 16 Apr 2018 00:42:45 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org
Subject: svn commit: r332522 - in stable/11: sbin/geom/class/eli sys/geom/eli
X-SVN-Group: stable-11
X-SVN-Commit-Author: kevans
X-SVN-Commit-Paths: in stable/11: sbin/geom/class/eli sys/geom/eli
X-SVN-Commit-Revision: 332522
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Apr 2018 00:42:46 -0000

Author: kevans
Date: Mon Apr 16 00:42:45 2018
New Revision: 332522
URL: https://svnweb.freebsd.org/changeset/base/332522

Log:
  MFC r308137, r316312, r332361
  
  r308137:
  Fix alignment issues on MIPS: align the pointers properly.
  
  All the 5520 GEOM_ELI tests passed successfully on MIPS64EB.
  
  r316312:
  sys/geom/eli: Switch bzero() to explicit_bzero() for sensitive data
  
  In GELI, anywhere we are zeroing out possibly sensitive data, like
  the metadata struct, the metadata sector (both contain the encrypted
  master key), the user key, or the master key, use explicit_bzero.
  
  Didn't touch the bzero() used to initialize structs.
  
  r332361:
  Introduce dry run option for attaching the device.
  This will allow us to verify if passphrase and key is valid without
  decrypting whole device.

Modified:
  stable/11/sbin/geom/class/eli/geom_eli.c
  stable/11/sys/geom/eli/g_eli.h
  stable/11/sys/geom/eli/g_eli_integrity.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sbin/geom/class/eli/geom_eli.c
==============================================================================
--- stable/11/sbin/geom/class/eli/geom_eli.c	Mon Apr 16 00:29:07 2018	(r332521)
+++ stable/11/sbin/geom/class/eli/geom_eli.c	Mon Apr 16 00:42:45 2018	(r332522)
@@ -672,7 +672,7 @@ static void
 eli_init(struct gctl_req *req)
 {
 	struct g_eli_metadata md;
-	unsigned char sector[sizeof(struct g_eli_metadata)];
+	unsigned char sector[sizeof(struct g_eli_metadata)] __aligned(4);
 	unsigned char key[G_ELI_USERKEYLEN];
 	char backfile[MAXPATHLEN];
 	const char *str, *prov;

Modified: stable/11/sys/geom/eli/g_eli.h
==============================================================================
--- stable/11/sys/geom/eli/g_eli.h	Mon Apr 16 00:29:07 2018	(r332521)
+++ stable/11/sys/geom/eli/g_eli.h	Mon Apr 16 00:42:45 2018	(r332522)
@@ -296,6 +296,7 @@ eli_metadata_encode_v1v2v3v4v5v6v7(struct g_eli_metada
 static __inline void
 eli_metadata_encode(struct g_eli_metadata *md, u_char *data)
 {
+	uint32_t hash[4];
 	MD5_CTX ctx;
 	u_char *p;
 
@@ -327,12 +328,14 @@ eli_metadata_encode(struct g_eli_metadata *md, u_char 
 	}
 	MD5Init(&ctx);
 	MD5Update(&ctx, data, p - data);
-	MD5Final(md->md_hash, &ctx);
+	MD5Final((void *)hash, &ctx);
+	bcopy(hash, md->md_hash, sizeof(md->md_hash));
 	bcopy(md->md_hash, p, sizeof(md->md_hash));
 }
 static __inline int
 eli_metadata_decode_v0(const u_char *data, struct g_eli_metadata *md)
 {
+	uint32_t hash[4];
 	MD5_CTX ctx;
 	const u_char *p;
 
@@ -348,7 +351,8 @@ eli_metadata_decode_v0(const u_char *data, struct g_el
 	bcopy(p, md->md_mkeys, sizeof(md->md_mkeys)); p += sizeof(md->md_mkeys);
 	MD5Init(&ctx);
 	MD5Update(&ctx, data, p - data);
-	MD5Final(md->md_hash, &ctx);
+	MD5Final((void *)hash, &ctx);
+	bcopy(hash, md->md_hash, sizeof(md->md_hash));
 	if (bcmp(md->md_hash, p, 16) != 0)
 		return (EINVAL);
 	return (0);
@@ -357,6 +361,7 @@ eli_metadata_decode_v0(const u_char *data, struct g_el
 static __inline int
 eli_metadata_decode_v1v2v3v4v5v6v7(const u_char *data, struct g_eli_metadata *md)
 {
+	uint32_t hash[4];
 	MD5_CTX ctx;
 	const u_char *p;
 
@@ -373,7 +378,8 @@ eli_metadata_decode_v1v2v3v4v5v6v7(const u_char *data,
 	bcopy(p, md->md_mkeys, sizeof(md->md_mkeys)); p += sizeof(md->md_mkeys);
 	MD5Init(&ctx);
 	MD5Update(&ctx, data, p - data);
-	MD5Final(md->md_hash, &ctx);
+	MD5Final((void *)hash, &ctx);
+	bcopy(hash, md->md_hash, sizeof(md->md_hash));
 	if (bcmp(md->md_hash, p, 16) != 0)
 		return (EINVAL);
 	return (0);

Modified: stable/11/sys/geom/eli/g_eli_integrity.c
==============================================================================
--- stable/11/sys/geom/eli/g_eli_integrity.c	Mon Apr 16 00:29:07 2018	(r332521)
+++ stable/11/sys/geom/eli/g_eli_integrity.c	Mon Apr 16 00:42:45 2018	(r332522)
@@ -444,12 +444,17 @@ g_eli_auth_run(struct g_eli_worker *wr, struct bio *bp
 		size += sizeof(*crde) * nsec;
 		size += sizeof(*crda) * nsec;
 		size += G_ELI_AUTH_SECKEYLEN * nsec;
+		size += sizeof(uintptr_t);	/* Space for alignment. */
 		data = malloc(size, M_ELI, M_WAITOK);
 		bp->bio_driver2 = data;
 		p = data + encr_secsize * nsec;
 	}
 	bp->bio_inbed = 0;
 	bp->bio_children = nsec;
+
+#if defined(__mips_n64) || defined(__mips_o64)
+	p = (char *)roundup((uintptr_t)p, sizeof(uintptr_t));
+#endif
 
 	for (i = 1; i <= nsec; i++, dstoff += encr_secsize) {
 		crp = (struct cryptop *)p;	p += sizeof(*crp);