Date: Wed, 11 Aug 2021 20:55:03 GMT From: Eric van Gyzen <vangyzen@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 96f9bd46547d - main - dumpon: fix encrypted dumps after commit 372557d8c3d Message-ID: <202108112055.17BKt3hx006719@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by vangyzen: URL: https://cgit.FreeBSD.org/src/commit/?id=96f9bd46547d6dfbaf219ab449efacacb0dacccc commit 96f9bd46547d6dfbaf219ab449efacacb0dacccc Author: Eric van Gyzen <vangyzen@FreeBSD.org> AuthorDate: 2021-08-07 08:59:02 +0000 Commit: Eric van Gyzen <vangyzen@FreeBSD.org> CommitDate: 2021-08-11 15:54:56 +0000 dumpon: fix encrypted dumps after commit 372557d8c3d That commit moved key generation into a child process, including a memory allocation referenced by a structure. The child wrote the structure to the parent over a pipe, but did not write the referenced allocation. The parent read the structure from the child and used its pointer, which was bogus in the parent. In the child, send both chunks of data to the parent. In the parent, make a corresponding allocation and read both chunks. Fixes: 372557d8c3d37dd0c1d9be56513a436393963848 Reviewed by: bdrewery, markj MFC after: 1 week Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D31452 --- sbin/dumpon/dumpon.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/sbin/dumpon/dumpon.c b/sbin/dumpon/dumpon.c index e83994d01314..291239c4bcc8 100644 --- a/sbin/dumpon/dumpon.c +++ b/sbin/dumpon/dumpon.c @@ -332,6 +332,10 @@ genkey(const char *pubkeyfile, struct diocskerneldump_arg *kdap) bytes = write(filedes[1], kdap, sizeof(*kdap)); if (bytes != sizeof(*kdap)) err(1, "genkey pipe write"); + bytes = write(filedes[1], kdap->kda_encryptedkey, + kdap->kda_encryptedkeysize); + if (bytes != kdap->kda_encryptedkeysize) + err(1, "genkey pipe write kda_encryptedkey"); _exit(0); } close(filedes[1]); @@ -339,6 +343,16 @@ genkey(const char *pubkeyfile, struct diocskerneldump_arg *kdap) bytes = read(filedes[0], kdap, sizeof(*kdap)); if (bytes != sizeof(*kdap)) errx(1, "genkey pipe read"); + if (kdap->kda_encryptedkeysize > KERNELDUMP_ENCKEY_MAX_SIZE) + errx(1, "Public key has to be at most %db long.", + 8 * KERNELDUMP_ENCKEY_MAX_SIZE); + kdap->kda_encryptedkey = calloc(1, kdap->kda_encryptedkeysize); + if (kdap->kda_encryptedkey == NULL) + err(1, "Unable to allocate encrypted key"); + bytes = read(filedes[0], kdap->kda_encryptedkey, + kdap->kda_encryptedkeysize); + if (bytes != kdap->kda_encryptedkeysize) + errx(1, "genkey pipe read kda_encryptedkey"); error = waitpid(pid, &status, WEXITED); if (error == -1) err(1, "waitpid");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202108112055.17BKt3hx006719>