From nobody Sun Jul 21 05:25:23 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WRX1H5v9qz5R0Yy; Sun, 21 Jul 2024 05:25:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WRX1H4zppz4ShF; Sun, 21 Jul 2024 05:25:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721539523; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JvpIBAdx3FhNBCrGB0lL0BmPWMxea0QmQ7IYvxI6c6o=; b=w0ZmryIP1Lj8IJZLk/o+5EqACWUSvmhlkcVvWnT0oOpGjyRI7RA41RF3LVVpg03Hn1oK8e 1Nw096KTd/3mc5YwpRmHVDpYb/Hpa8SioyiFtV4njtLhBPmmrZByaQiJ4mZEte5A6lWMwx SqvUknLZ9CrfrsnFi1OSjksp41AUJKcvFoCWcxIJl85rb8EWY25MocEPBZKHPlraxhdHNV YxwEG0S3fx0wM88JjKpYIjKAkGcdmIjPbkx+13l8VEowKy/SVVXl+cqDf6OsIyj65GVaGr iBt3KXjNsoCEZn1avwvEEClPnp9YnfPb15dZMtC4HBCynLpEQYnVoKOH82dC6A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1721539523; a=rsa-sha256; cv=none; b=uCgyilVqJ0EfkkWfsDertLQVsi3rMisCFUY/l/yjf+eiaLFm8b+Pt1hPeKw7BaOpMvOJoy vF1/1HTyohr6uPoYJtXqPvLGp+tQMKU6RiN0LqA2yRDLbzmEwVquJXrpYgEN3/eRjqbk0F LCUgmIFCvqQEcWbjpJZtMRgoyLSYSEi+FDGkKbQe7SLPvG0EvxZVGojZBYAfY2A4vV4qc1 d3il9PUDlAJHpsxy56wdoI2PzdFmhmn+CacGLrq5e32lWl93ivSHHSj/0/EIA7Jb6K8fJR QTDM6FUIBIj0Q0Cr7WXyiFTMqWW99ISYMoju4b0y/lp8zZHG1T7aUtYv3P/2ag== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721539523; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JvpIBAdx3FhNBCrGB0lL0BmPWMxea0QmQ7IYvxI6c6o=; b=tvPx9RkltvrAVPoLJ/eHUQ8RmJIqJI3Fl2YP+NV2zkivGcRtAjwgejGw2il8bBe5To3FV2 yrlpKB6ygxxEclMVdRBG2GFfASWCoB2RH5l+GsSfZ2vdPWO38THvQKIpnewdO9ViKruV8n ynD/LBozguKEa2c4Y5TwV/Ag7iZU+D+oLQzkjfeTSfKPkfqAwMYxm9L8vqMa21iCoQzS4B Q7KEBCIaSZbrUg/eMO0z9b8Z82BKK/45Qj3uJ0YzX6ijODNX189zgv3Jck9UIMGRW6jmef eUyE32Ne6xEg5I/LKG9j65Pj4ApO+c3cfrWPeJh4azEFbV9GdrxigsW5eDRDAg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WRX1H4b5hznKv; Sun, 21 Jul 2024 05:25:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 46L5PNBc017318; Sun, 21 Jul 2024 05:25:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 46L5PNXq017315; Sun, 21 Jul 2024 05:25:23 GMT (envelope-from git) Date: Sun, 21 Jul 2024 05:25:23 GMT Message-Id: <202407210525.46L5PNXq017315@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 98e1ee23857c - stable/13 - kern: zero out stack buffer after copying out random bits List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 98e1ee23857cf858a66dff23b39f80ede00d2311 Auto-Submitted: auto-generated The branch stable/13 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=98e1ee23857cf858a66dff23b39f80ede00d2311 commit 98e1ee23857cf858a66dff23b39f80ede00d2311 Author: Kyle Evans AuthorDate: 2024-07-15 20:17:47 +0000 Commit: Kyle Evans CommitDate: 2024-07-21 05:25:12 +0000 kern: zero out stack buffer after copying out random bits The kern.arandom sysctl handler uses an intermediate buffer on the stack to hold random data that it subsequently copies out to the sysctl request. Err on the side of caution and zero out the stack buffer after we're done with it to avoid a potential entropy leak later on. Reviewed by: cem, emaste, markj (cherry picked from commit 5862c891bb7c588aa00538d85eb26ffe77d3f709) --- sys/kern/kern_mib.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_mib.c b/sys/kern/kern_mib.c index c9056503925f..aa4798a5a956 100644 --- a/sys/kern/kern_mib.c +++ b/sys/kern/kern_mib.c @@ -182,10 +182,14 @@ sysctl_kern_arnd(SYSCTL_HANDLER_ARGS) { char buf[256]; size_t len; + int error; len = MIN(req->oldlen, sizeof(buf)); read_random(buf, len); - return (SYSCTL_OUT(req, buf, len)); + + error = SYSCTL_OUT(req, buf, len); + explicit_bzero(buf, len); + return (error); } SYSCTL_PROC(_kern, KERN_ARND, arandom,