Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 8 Feb 2023 23:15:21 +0100
From:      Mariusz Zaborski <oshogbo@freebsd.org>
To:        grarpamp <grarpamp@gmail.com>
Cc:        freebsd-security@freebsd.org
Subject:   Re: FreeBSD Security Advisory FreeBSD-SA-23:01.geli
Message-ID:  <CAGOYWV-2tEa=nv7LecOBANH_wE=trKxcmTaabUgPwr-7WKCDLg@mail.gmail.com>
In-Reply-To: <CAD2Ti2_jM_efGLKGwUmsAXTjzusEEQL9wxJqDTg2cWc7iUrcqA@mail.gmail.com>
References:  <20230208190833.1DF6F8824@freefall.freebsd.org> <CAD2Ti2_jM_efGLKGwUmsAXTjzusEEQL9wxJqDTg2cWc7iUrcqA@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
When I was working on the patch, I analyzed this situation.
The issue with key files is that they can be arbitrary in size, and I think
this caused this issue.
The passfile/passwords are limited in size.
Because they are limited, they are cached in the memory of geli and reused.

My conclusion was that there isn't such an issue with them.

Ofc it is always good to double-check. You can follow the usage of the
cached_passphrase variable:
https://cgit.freebsd.org/src/tree/lib/geom/eli/geom_eli.c#n71

On Wed, 8 Feb 2023 at 22:13, grarpamp <grarpamp@gmail.com> wrote:

> Did anyone check if -j/-J might have similar edge cases?
>
>

[-- Attachment #2 --]
<div dir="ltr"><div dir="ltr">When I was working on the patch, I analyzed this situation.<br>The issue with key files is that they can be arbitrary in size, and I think this caused this issue.</div><div dir="ltr">The passfile/passwords are limited in size.<div>Because they are limited, they are cached in the memory of geli and reused.</div><div><br></div><div>My conclusion was that there isn&#39;t such an issue with them.</div></div><div><br></div>Ofc it is always good to double-check. You can follow the usage of the cached_passphrase variable:<br><a href="https://cgit.freebsd.org/src/tree/lib/geom/eli/geom_eli.c#n71">https://cgit.freebsd.org/src/tree/lib/geom/eli/geom_eli.c#n71</a><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, 8 Feb 2023 at 22:13, grarpamp &lt;<a href="mailto:grarpamp@gmail.com">grarpamp@gmail.com</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Did anyone check if -j/-J might have similar edge cases?<br>
<br>
</blockquote></div></div>
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGOYWV-2tEa=nv7LecOBANH_wE=trKxcmTaabUgPwr-7WKCDLg>