From owner-freebsd-current@FreeBSD.ORG Tue Aug 21 12:05:40 2012 Return-Path: Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1E937106566B; Tue, 21 Aug 2012 12:05:40 +0000 (UTC) (envelope-from uqs@FreeBSD.org) Received: from acme.spoerlein.net (acme.spoerlein.net [IPv6:2a01:4f8:131:23c2::1]) by mx1.freebsd.org (Postfix) with ESMTP id A83E48FC0C; Tue, 21 Aug 2012 12:05:39 +0000 (UTC) Received: from localhost (acme.spoerlein.net [IPv6:2a01:4f8:131:23c2::1]) by acme.spoerlein.net (8.14.5/8.14.5) with ESMTP id q7LC5cBx007076 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 21 Aug 2012 14:05:38 +0200 (CEST) (envelope-from uqs@FreeBSD.org) Date: Tue, 21 Aug 2012 14:05:37 +0200 From: Ulrich =?utf-8?B?U3DDtnJsZWlu?= To: "Simon L. B. Nielsen" Message-ID: <20120821120537.GL1202@acme.spoerlein.net> Mail-Followup-To: "Simon L. B. Nielsen" , freebsd-security@FreeBSD.org, freebsd-current@FreeBSD.org References: <5032AB28.9070306@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5032AB28.9070306@FreeBSD.org> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-security@FreeBSD.org, freebsd-current@FreeBSD.org Subject: Re: [HEADSUP] geli(4) weak master key generation on -CURRENT X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Aug 2012 12:05:40 -0000 On Mon, 2012-08-20 at 22:24:56 +0100, Simon L. B. Nielsen wrote: > Hello, > > If you are not using geli(4) on -CURRENT (AKA FreeBSD 10) you can safely > ignore this mail. If you are, please read on! > > -CURRENT users of geli(4) should be advised that, a geli(4) device may > have weak master key, if the provider is created on -CURRENT system > built against source code between r238116 (Jul 4 17:54:17 2012 UTC) > and r239184 (non-inclusive, Aug 10 18:43:29 2012 UTC). > > One can verify if its provider was created with weak keys by running: > > # geli dump | grep version > > If the version is 7 and the system did not include this fix (r239184) > when provider was initialized, then the data has to be backed up, > underlying provider overwritten with random data, system upgraded and > provider recreated. > > Thanks to Fabian Keil for reporting the issue, Pawel Jakub Dawidek for > fixing it, and Xin Li for drafting this text. > > PS. This only affects FreeBSD 10 / -CURRENT, and as -CURRENT isn't > supported by the FreeBSD Security Team, we are not releasing an > advisory, just this heads up. I haven't read commit mails in a very long time, but is there code in place that will issue a warning upon geli attach if version 7 is detected? While -CURRENT is not supported, there might be a lot of disks initialized with version 7 and they'll eventually be upgraded to 10.0-RELEASE (the OS, not necessarily the geli volumes). Thanks Uli