From owner-svn-src-all@freebsd.org Thu May 24 12:30:20 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0AFC1EEEBC6; Thu, 24 May 2018 12:30:20 +0000 (UTC) (envelope-from emeric.poupon@stormshield.eu) Received: from work.stormshield.eu (gwlille.netasq.com [91.212.116.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9EFBE689A3; Thu, 24 May 2018 12:30:19 +0000 (UTC) (envelope-from emeric.poupon@stormshield.eu) Received: from work.stormshield.eu (localhost [127.0.0.1]) by work.stormshield.eu (Postfix) with ESMTPS id C02F83761B8E; Thu, 24 May 2018 14:30:02 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by work.stormshield.eu (Postfix) with ESMTP id B1ED337614C3; Thu, 24 May 2018 14:30:02 +0200 (CEST) Received: from work.stormshield.eu ([127.0.0.1]) by localhost (work.stormshield.eu [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 9_9fH0Xo3BQ5; Thu, 24 May 2018 14:30:02 +0200 (CEST) Received: from work.stormshield.eu (localhost [127.0.0.1]) by work.stormshield.eu (Postfix) with ESMTP id 9AF223761361; Thu, 24 May 2018 14:30:02 +0200 (CEST) Date: Thu, 24 May 2018 14:30:02 +0200 (CEST) From: Emeric POUPON To: cem@freebsd.org Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers Message-ID: <1236617318.14311730.1527165002236.JavaMail.zimbra@stormshield.eu> In-Reply-To: References: <201805221554.w4MFsPQA083334@repo.freebsd.org> <822609135.13913713.1527060223167.JavaMail.zimbra@stormshield.eu> Subject: Re: svn commit: r334054 - in head: sys/kern sys/netipsec tools/tools/crypto usr.bin/netstat MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Thread-Topic: svn commit: r334054 - in head: sys/kern sys/netipsec tools/tools/crypto usr.bin/netstat Thread-Index: 0+ugSuZzyXPYU+3s2gc5o3fgWJAuPw== X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2018 12:30:20 -0000 ----- Original Message ----- > From: "Conrad Meyer" > To: "Emeric POUPON" > Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, "src-committers" > Sent: Wednesday, 23 May, 2018 18:47:57 > Subject: Re: svn commit: r334054 - in head: sys/kern sys/netipsec tools/tools/crypto usr.bin/netstat > On Wed, May 23, 2018 at 12:23 AM, Emeric POUPON > wrote: >>> From: "Conrad Meyer" >> >>> Can users control arbitrary key_allocsp() calls? If so, it seems >>> concerning to expose hit/miss stats on cached security keys. >> >> I am not sure to understand, could you please tell more about what you mean? > > If users can insert arbitrary keys into the cache, they can check the > hit/miss statistics to tell if that key was already present -- > revealing key contents. This would be a major problem. > > https://security.stackexchange.com/questions/10617/what-is-a-cryptographic-oracle Actually we just store traffic profiles and the associated security policy (SP). A SP is basically just a bunch of traffic selectors, there is no key or other sensitive information involved. > > Best, > Conrad