From owner-freebsd-bugs@FreeBSD.ORG Sun Dec 22 11:00:00 2013 Return-Path: Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A546043B for ; Sun, 22 Dec 2013 11:00:00 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7FC6F13B8 for ; Sun, 22 Dec 2013 11:00:00 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id rBMB00jb092567 for ; Sun, 22 Dec 2013 11:00:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id rBMB00vF092566; Sun, 22 Dec 2013 11:00:00 GMT (envelope-from gnats) Resent-Date: Sun, 22 Dec 2013 11:00:00 GMT Resent-Message-Id: <201312221100.rBMB00vF092566@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Fabian Keil Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 702C3114 for ; Sun, 22 Dec 2013 10:51:32 +0000 (UTC) Received: from oldred.freebsd.org (oldred.freebsd.org [IPv6:2001:1900:2254:206a::50:4]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5AE94137A for ; Sun, 22 Dec 2013 10:51:32 +0000 (UTC) Received: from oldred.freebsd.org ([127.0.1.6]) by oldred.freebsd.org (8.14.5/8.14.7) with ESMTP id rBMApVMc066559 for ; Sun, 22 Dec 2013 10:51:31 GMT (envelope-from nobody@oldred.freebsd.org) Received: (from nobody@localhost) by oldred.freebsd.org (8.14.5/8.14.5/Submit) id rBMApVFG066549; Sun, 22 Dec 2013 10:51:31 GMT (envelope-from nobody) Message-Id: <201312221051.rBMApVFG066549@oldred.freebsd.org> Date: Sun, 22 Dec 2013 10:51:31 GMT From: Fabian Keil To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Subject: kern/185084: [regression][geli] Keyfile content potentially cleared prematurely after r259428 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Dec 2013 11:00:00 -0000 >Number: 185084 >Category: kern >Synopsis: [regression][geli] Keyfile content potentially cleared prematurely after r259428 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Dec 22 11:00:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Fabian Keil >Release: HEAD >Organization: >Environment: FreeBSD r500.local 11.0-CURRENT FreeBSD 11.0-CURRENT #622 r259649+aa0d7b0(fk): Sat Dec 21 21:30:53 CET 2013 fk@r500.local:/usr/obj/usr/src/sys/ZOEY amd64 >Description: After r259428 the loaded keyfile content is cleared in g_eli_keyfiles_load(). This is potentially prematurely. If there's also a passphrase and the user fails to get it right the first time, the following attempts are now guaranteed to fail due to lacking keyfile content (unless the keyfile only contained zeroes anyway). >How-To-Repeat: Boot with a geli provider that has the BOOT flag set and requires a keyfile and a passphrase to attach, enter an incorrect passphrase the first time and try again using the correct one. >Fix: Revert r259428, (optionally) apply a patch like the attached one to clear the keyfile content once it's no longer needed. Patch attached with submission follows: >From 584f628f5d5d4a2a8ee0af660b16b5ceb31f73b1 Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Sat, 21 Dec 2013 18:54:09 +0100 Subject: [PATCH] Let g_eli_taste() call g_eli_keyfiles_clear() upon successful master key retrieval --- sys/geom/eli/g_eli.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/geom/eli/g_eli.c b/sys/geom/eli/g_eli.c index 3dff46e..24be5af 100644 --- a/sys/geom/eli/g_eli.c +++ b/sys/geom/eli/g_eli.c @@ -1141,6 +1141,7 @@ g_eli_taste(struct g_class *mp, struct g_provider *pp, int flags __unused) g_eli_keyfiles_clear(pp->name); return (NULL); } + g_eli_keyfiles_clear(pp->name); G_ELI_DEBUG(1, "Using Master Key %u for %s.", nkey, pp->name); break; } -- 1.8.4.2 >Release-Note: >Audit-Trail: >Unformatted: