From nobody Sun Jul 21 05:25:29 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WRX1Q0Zwtz5R0bn; Sun, 21 Jul 2024 05:25:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WRX1P5Hv9z4Sxp; Sun, 21 Jul 2024 05:25:29 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721539529; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6ydTIC9hzRzW/FXLxu0m1c2aUXnDvB2j87212DwGNak=; b=TQuW2hQk7EPE1HgaTgmgjVKQKtt3w96tIwt++RIuPXC7xuplC9VsPg+niUsubVcfyMbWbX bNvIKtZhICTzUTy4mcuiMd6CGNrWNJX7yx8ez/8i1Z4T42vG/kB36FbXNubB7jufzOIDj9 ZBvgLStIrxupD2igy9nI7eISdvF//OqpmoRHuBnxR0Dm17zd2ZPbo7ShfWWOAmg4dSeymQ 2iw3oTKQLDMk2exNHhqlS/Z8NxGctRudwDKBmeWNiLQXrzHKbWNKDpYvxmN6hab3DK49Vo sMieLxHFuOiM+2fYGwcTUwX2ubtCA9ioQWA4NxcyqRfDsImdSMyuW9ocFg/gDg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1721539529; a=rsa-sha256; cv=none; b=q4swCPFEWeVtJbAprn3xb6rchjALEcxUgS1fayiZZyQeBLBtrkbrX4KlS3E6CbW1g4SPJ3 3rHYpqQ4bfNnDmyDO2N9jxpLE0vxWdo2aCX06CiT9XbQJ6k11D5YmDZEddM7be0qKaJ233 fGwyD5aMmNN0DdpniDPWLqBVoYbOIJ60YWkjzXpjlY/cm3xG5dkwCv6KT54HnxhuxJmQlS A6KcvOcE1P8M5CMmxqMW1Af07uytl3oYjNjpkwPZHW8BeQlcFu+eNuO/czLpWLu4n4kMbo LlBAbW5jUdW0s72I8/wjuk/UDtqUc95cLDlGqhx3RLI+qo2jxZGgOvM4UlS9vg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721539529; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6ydTIC9hzRzW/FXLxu0m1c2aUXnDvB2j87212DwGNak=; b=AdxTN76qRl3YTmUdjycWD8y6IFOZnz9R9J9mnjSo2s/T9Vi4pI3OzvVZHUQpSFYGFJW1CS bSQcXNb4KPOj29mK3KAVbXnNQrpvkO42Q6Tl6fl2uMST06EMjHQ1pxzzgfX8D4hU55Ehhk BDbk8gS+iZFH6DP8NDJ7CUwAgSE5zt9QVgXNzcB+HenCczfEo9C5gPMr5jRuoEAKxmYW12 v6Vr7P1us3J9cjd1S5VXg1fWNdtNatRmaEGeszXaux1Ke0ZlJZX36tTrNKoGgvRlbPaPzP npa/tnuKliZvLINwX7GMPJ7xFz+wCrIYuB6CZ51RWKoQuEIGrNI+GZ0wT98mNw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WRX1P4sRZzn3D; Sun, 21 Jul 2024 05:25:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 46L5PTbk017541; Sun, 21 Jul 2024 05:25:29 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 46L5PT7O017538; Sun, 21 Jul 2024 05:25:29 GMT (envelope-from git) Date: Sun, 21 Jul 2024 05:25:29 GMT Message-Id: <202407210525.46L5PT7O017538@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 1eb62930e736 - stable/14 - kern: zero out stack buffer after copying out random bits List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 1eb62930e73689ce8e9cc68cf6f5cdc337c56bf3 Auto-Submitted: auto-generated The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=1eb62930e73689ce8e9cc68cf6f5cdc337c56bf3 commit 1eb62930e73689ce8e9cc68cf6f5cdc337c56bf3 Author: Kyle Evans AuthorDate: 2024-07-15 20:17:47 +0000 Commit: Kyle Evans CommitDate: 2024-07-21 05:24:55 +0000 kern: zero out stack buffer after copying out random bits The kern.arandom sysctl handler uses an intermediate buffer on the stack to hold random data that it subsequently copies out to the sysctl request. Err on the side of caution and zero out the stack buffer after we're done with it to avoid a potential entropy leak later on. Reviewed by: cem, emaste, markj (cherry picked from commit 5862c891bb7c588aa00538d85eb26ffe77d3f709) --- sys/kern/kern_mib.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_mib.c b/sys/kern/kern_mib.c index 7d2a9e7f8474..8ce09a47ef58 100644 --- a/sys/kern/kern_mib.c +++ b/sys/kern/kern_mib.c @@ -182,10 +182,14 @@ sysctl_kern_arnd(SYSCTL_HANDLER_ARGS) { char buf[256]; size_t len; + int error; len = MIN(req->oldlen, sizeof(buf)); read_random(buf, len); - return (SYSCTL_OUT(req, buf, len)); + + error = SYSCTL_OUT(req, buf, len); + explicit_bzero(buf, len); + return (error); } SYSCTL_PROC(_kern, KERN_ARND, arandom,