Date: Fri, 31 Mar 2017 00:04:32 +0000 (UTC) From: Allan Jude <allanjude@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r316311 - in head: lib/libstand sys/boot/geli sys/boot/i386/gptboot sys/boot/i386/loader sys/boot/i386/zfsboot Message-ID: <201703310004.v2V04W3A043449@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: allanjude Date: Fri Mar 31 00:04:32 2017 New Revision: 316311 URL: https://svnweb.freebsd.org/changeset/base/316311 Log: Add explicit_bzero() to libstand, and switch GELIBoot to using it Make sure sensitive memory is properly cleared when finished with it Reviewed by: Eric McCorkle <eric@metricspace.net> Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D9798 Modified: head/lib/libstand/Makefile head/sys/boot/geli/Makefile head/sys/boot/geli/geliboot.c head/sys/boot/geli/geliboot.h head/sys/boot/geli/geliboot_crypto.c head/sys/boot/i386/gptboot/gptboot.c head/sys/boot/i386/loader/main.c head/sys/boot/i386/zfsboot/zfsboot.c Modified: head/lib/libstand/Makefile ============================================================================== --- head/lib/libstand/Makefile Thu Mar 30 23:49:57 2017 (r316310) +++ head/lib/libstand/Makefile Fri Mar 31 00:04:32 2017 (r316311) @@ -155,5 +155,9 @@ SRCS+= pkgfs.c SRCS+= nandfs.c .endif +# explicit_bzero +.PATH: ${SRCTOP}/sys/libkern +SRCS+= explicit_bzero.c + .include <bsd.stand.mk> .include <bsd.lib.mk> Modified: head/sys/boot/geli/Makefile ============================================================================== --- head/sys/boot/geli/Makefile Thu Mar 30 23:49:57 2017 (r316310) +++ head/sys/boot/geli/Makefile Fri Mar 31 00:04:32 2017 (r316311) @@ -24,10 +24,6 @@ WARNS?= 0 .PATH: ${.CURDIR}/../../../lib/libc/string SRCS+= bcmp.c bcopy.c bzero.c -# need explicit_bzero for crypto -.PATH: ${.CURDIR}/../../../sys/libkern -SRCS+= explicit_bzero.c - # Our password input method SRCS+= pwgets.c Modified: head/sys/boot/geli/geliboot.c ============================================================================== --- head/sys/boot/geli/geliboot.c Thu Mar 30 23:49:57 2017 (r316310) +++ head/sys/boot/geli/geliboot.c Fri Mar 31 00:04:32 2017 (r316311) @@ -173,19 +173,19 @@ geli_attach(struct dsk *dskp, const char sizeof(geli_e->md.md_salt), passphrase, geli_e->md.md_iterations); g_eli_crypto_hmac_update(&ctx, dkey, sizeof(dkey)); - bzero(&dkey, sizeof(dkey)); + explicit_bzero(dkey, sizeof(dkey)); } g_eli_crypto_hmac_final(&ctx, key, 0); error = g_eli_mkey_decrypt(&geli_e->md, key, mkey, &keynum); - bzero(&key, sizeof(key)); + explicit_bzero(key, sizeof(key)); if (error == -1) { - bzero(&mkey, sizeof(mkey)); + explicit_bzero(mkey, sizeof(mkey)); printf("Bad GELI key: %d\n", error); return (error); } else if (error != 0) { - bzero(&mkey, sizeof(mkey)); + explicit_bzero(mkey, sizeof(mkey)); printf("Failed to decrypt GELI master key: %d\n", error); return (error); } @@ -203,7 +203,7 @@ geli_attach(struct dsk *dskp, const char g_eli_crypto_hmac(mkp, G_ELI_MAXKEYLEN, "\x10", 1, geli_e->sc.sc_ekey, 0); } - bzero(&mkey, sizeof(mkey)); + explicit_bzero(mkey, sizeof(mkey)); /* Initialize the per-sector IV. */ switch (geli_e->sc.sc_ealgo) { @@ -279,13 +279,13 @@ geli_read(struct dsk *dskp, off_t offset geli_e->sc.sc_ekeylen, iv); if (error != 0) { - bzero(&gkey, sizeof(gkey)); + explicit_bzero(&gkey, sizeof(gkey)); printf("Failed to decrypt in geli_read()!"); return (error); } pbuf += secsize; } - bzero(&gkey, sizeof(gkey)); + explicit_bzero(&gkey, sizeof(gkey)); return (0); } Modified: head/sys/boot/geli/geliboot.h ============================================================================== --- head/sys/boot/geli/geliboot.h Thu Mar 30 23:49:57 2017 (r316310) +++ head/sys/boot/geli/geliboot.h Fri Mar 31 00:04:32 2017 (r316311) @@ -36,6 +36,7 @@ #define _STRING_H_ #define _STRINGS_H_ #define _STDIO_H_ + #include <geom/eli/g_eli.h> #include <geom/eli/pkcs5v2.h> Modified: head/sys/boot/geli/geliboot_crypto.c ============================================================================== --- head/sys/boot/geli/geliboot_crypto.c Thu Mar 30 23:49:57 2017 (r316310) +++ head/sys/boot/geli/geliboot_crypto.c Fri Mar 31 00:04:32 2017 (r316311) @@ -110,7 +110,7 @@ g_eli_crypto_cipher(u_int algo, int enc, { u_char iv[keysize]; - bzero(iv, sizeof(iv)); + explicit_bzero(iv, sizeof(iv)); return (geliboot_crypt(algo, enc, data, datasize, key, keysize, iv)); } Modified: head/sys/boot/i386/gptboot/gptboot.c ============================================================================== --- head/sys/boot/i386/gptboot/gptboot.c Thu Mar 30 23:49:57 2017 (r316310) +++ head/sys/boot/i386/gptboot/gptboot.c Fri Mar 31 00:04:32 2017 (r316311) @@ -481,7 +481,7 @@ load(void) #ifdef LOADER_GELI_SUPPORT geliargs.size = sizeof(geliargs); bcopy(gelipw, geliargs.gelipw, sizeof(geliargs.gelipw)); - bzero(gelipw, sizeof(gelipw)); + explicit_bzero(gelipw, sizeof(gelipw)); #endif __exec((caddr_t)addr, RB_BOOTINFO | (opts & RBX_MASK), MAKEBOOTDEV(dev_maj[dsk.type], dsk.part + 1, dsk.unit, 0xff), Modified: head/sys/boot/i386/loader/main.c ============================================================================== --- head/sys/boot/i386/loader/main.c Thu Mar 30 23:49:57 2017 (r316310) +++ head/sys/boot/i386/loader/main.c Fri Mar 31 00:04:32 2017 (r316311) @@ -175,7 +175,7 @@ main(void) if (zargs != NULL && zargs->size >= offsetof(struct zfs_boot_args, gelipw)) { if (zargs->gelipw[0] != '\0') { setenv("kern.geom.eli.passphrase", zargs->gelipw, 1); - bzero(zargs->gelipw, sizeof(zargs->gelipw)); + explicit_bzero(zargs->gelipw, sizeof(zargs->gelipw)); } } } @@ -187,7 +187,7 @@ main(void) if (gargs != NULL && gargs->size >= offsetof(struct geli_boot_args, gelipw)) { if (gargs->gelipw[0] != '\0') { setenv("kern.geom.eli.passphrase", gargs->gelipw, 1); - bzero(gargs->gelipw, sizeof(gargs->gelipw)); + explicit_bzero(gargs->gelipw, sizeof(gargs->gelipw)); } } } Modified: head/sys/boot/i386/zfsboot/zfsboot.c ============================================================================== --- head/sys/boot/i386/zfsboot/zfsboot.c Thu Mar 30 23:49:57 2017 (r316310) +++ head/sys/boot/i386/zfsboot/zfsboot.c Fri Mar 31 00:04:32 2017 (r316311) @@ -926,7 +926,7 @@ load(void) zfsargs.primary_pool = primary_spa->spa_guid; #ifdef LOADER_GELI_SUPPORT bcopy(gelipw, zfsargs.gelipw, sizeof(zfsargs.gelipw)); - bzero(gelipw, sizeof(gelipw)); + explicit_bzero(gelipw, sizeof(gelipw)); #else zfsargs.gelipw[0] = '\0'; #endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201703310004.v2V04W3A043449>