Date: Wed, 8 Feb 2023 23:15:21 +0100 From: Mariusz Zaborski <oshogbo@freebsd.org> To: grarpamp <grarpamp@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-23:01.geli Message-ID: <CAGOYWV-2tEa=nv7LecOBANH_wE=trKxcmTaabUgPwr-7WKCDLg@mail.gmail.com> In-Reply-To: <CAD2Ti2_jM_efGLKGwUmsAXTjzusEEQL9wxJqDTg2cWc7iUrcqA@mail.gmail.com> References: <20230208190833.1DF6F8824@freefall.freebsd.org> <CAD2Ti2_jM_efGLKGwUmsAXTjzusEEQL9wxJqDTg2cWc7iUrcqA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000e5c09b05f43796f2 Content-Type: text/plain; charset="UTF-8" When I was working on the patch, I analyzed this situation. The issue with key files is that they can be arbitrary in size, and I think this caused this issue. The passfile/passwords are limited in size. Because they are limited, they are cached in the memory of geli and reused. My conclusion was that there isn't such an issue with them. Ofc it is always good to double-check. You can follow the usage of the cached_passphrase variable: https://cgit.freebsd.org/src/tree/lib/geom/eli/geom_eli.c#n71 On Wed, 8 Feb 2023 at 22:13, grarpamp <grarpamp@gmail.com> wrote: > Did anyone check if -j/-J might have similar edge cases? > > --000000000000e5c09b05f43796f2 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div dir=3D"ltr">When I was working on the patch, I analyz= ed this situation.<br>The issue with key files is that they can be arbitrar= y in size, and I think this caused this issue.</div><div dir=3D"ltr">The pa= ssfile/passwords are limited in size.<div>Because they are limited, they ar= e cached in the memory of geli and reused.</div><div><br></div><div>My conc= lusion was that there isn't such an issue with them.</div></div><div><b= r></div>Ofc it is always good to double-check. You can follow the usage of = the cached_passphrase variable:<br><a href=3D"https://cgit.freebsd.org/src/= tree/lib/geom/eli/geom_eli.c#n71">https://cgit.freebsd.org/src/tree/lib/geo= m/eli/geom_eli.c#n71</a><br><br><div class=3D"gmail_quote"><div dir=3D"ltr"= class=3D"gmail_attr">On Wed, 8 Feb 2023 at 22:13, grarpamp <<a href=3D"= mailto:grarpamp@gmail.com">grarpamp@gmail.com</a>> wrote:<br></div><bloc= kquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:= 1px solid rgb(204,204,204);padding-left:1ex">Did anyone check if -j/-J migh= t have similar edge cases?<br> <br> </blockquote></div></div> --000000000000e5c09b05f43796f2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGOYWV-2tEa=nv7LecOBANH_wE=trKxcmTaabUgPwr-7WKCDLg>