From owner-svn-src-head@freebsd.org Tue Apr 10 22:57:56 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DBA05FA11FC; Tue, 10 Apr 2018 22:57:56 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8D4EB76D32; Tue, 10 Apr 2018 22:57:56 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8731513F8D; Tue, 10 Apr 2018 22:57:56 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w3AMvuXs061051; Tue, 10 Apr 2018 22:57:56 GMT (envelope-from ian@FreeBSD.org) Received: (from ian@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w3AMvuIF061050; Tue, 10 Apr 2018 22:57:56 GMT (envelope-from ian@FreeBSD.org) Message-Id: <201804102257.w3AMvuIF061050@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ian set sender to ian@FreeBSD.org using -f From: Ian Lepore Date: Tue, 10 Apr 2018 22:57:56 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r332395 - head/sys/kern X-SVN-Group: head X-SVN-Commit-Author: ian X-SVN-Commit-Paths: head/sys/kern X-SVN-Commit-Revision: 332395 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Apr 2018 22:57:57 -0000 Author: ian Date: Tue Apr 10 22:57:56 2018 New Revision: 332395 URL: https://svnweb.freebsd.org/changeset/base/332395 Log: Use explicit_bzero() when cleaning values out of the kernel environment. Sometimes the values contain geli passphrases being communicated from loader(8) to the kernel, and some day the compiler may decide to start eliding calls to memset() for a pointer which is not dereferenced again before being passed to free(). Modified: head/sys/kern/kern_environment.c Modified: head/sys/kern/kern_environment.c ============================================================================== --- head/sys/kern/kern_environment.c Tue Apr 10 22:32:31 2018 (r332394) +++ head/sys/kern/kern_environment.c Tue Apr 10 22:57:56 2018 (r332395) @@ -289,7 +289,7 @@ init_dynamic_kenv(void *data __unused) if (i < KENV_SIZE) { kenvp[i] = malloc(len, M_KENV, M_WAITOK); strcpy(kenvp[i++], cp); - memset(cp, 0, strlen(cp)); + explicit_bzero(cp, strlen(cp)); } else printf( "WARNING: too many kenv strings, ignoring %s\n", @@ -308,7 +308,7 @@ freeenv(char *env) { if (dynamic_kenv && env != NULL) { - memset(env, 0, strlen(env)); + explicit_bzero(env, strlen(env)); free(env, M_KENV); } } @@ -486,7 +486,7 @@ kern_unsetenv(const char *name) kenvp[i++] = kenvp[j]; kenvp[i] = NULL; mtx_unlock(&kenv_lock); - memset(oldenv, 0, strlen(oldenv)); + explicit_bzero(oldenv, strlen(oldenv)); free(oldenv, M_KENV); return (0); }