From nobody Mon Jul 15 20:18:06 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WND662Y00z5RZhQ; Mon, 15 Jul 2024 20:18:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WND6622nGz4dD2; Mon, 15 Jul 2024 20:18:06 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721074686; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Xoe3szaHstUvtgEZAHAl36dMXFLwd+zRetXm223FeKo=; b=uBRNn9HMBT1Ir9QZ3QpbnVsX+janaZH06BTNuuU9FgbD/OfHDLv8wCURImIyltDRMXTGyw OdPv9wIFL3xF2Gg6n4XLWzehbBLP5mau2062F50x8flUWBATLyctiLJQNupG/juSsJWK+S qjZ8qqrF5LBFyB5yRwmmgONavRUv8Q5u4J/ShnmWqN8EexZms3/h8YNz51lfTO0VOJ58jv nqLKj7Vq3hBk4Wxmf8WUIh/yFfbfUyr9RY5t+efs+Chww+pDsog4/uS2LtiPqXB8ddgkt1 o0feTfzoE3/m51EwxnHZ9PqxGCSo7NY+HwtU3UPJdg8gYiinvb3tUi6RMG/PYA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1721074686; a=rsa-sha256; cv=none; b=BRE3StriMm1FpB7/iVc3jeAzx7taGrpmzQecx+7971Hb2Foagr2GvgrP8Z2cxnsV/MsT98 fQ29Lk0LZmi2tbBTnP238CYl8TXaLQt+g6ry8FPWjn09JcTYQLV1r8lpNrDXObgCSHwWbV qbBMElmg8CVb0mrD8JSViIh/yWaGqfVx0+9euNDoVZ2j9I8erNLgVM3n9OOAO72hc3jbFT /HqvyBzY0pg1vf35vf4XIk4KsIInxG2t7AgjBnBAjtk2eyutYklrBJxNRVxyCikcOUJ0y6 DyVx8iYwfhQ3S8XjGKP9Hj9uUWeS9Fb8ylv/ZfqghWbFmsSdkDeJgHY7W0yw1w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721074686; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Xoe3szaHstUvtgEZAHAl36dMXFLwd+zRetXm223FeKo=; b=ds9gowrEQhbVebciQ6LINzHnyeyWaAi3TBp2uGQZKA8nJvHP1tIo/4bVhqMWy0DdoqUUxP tvOuu/YrUqgksrRazQBCkN+MLXwcCO+s3zKZQZ4LHz6Q6q8hOqcchsIrAxe5gHYNbYuifW WgAvva0Qr6mKne+1AIBkUGER2FSVbyvCgC/GK2SwLt8G54/Qle7T8IsnqFss718P8OoTZ2 zSN67RqfofMyGLwua90g9JHtRtFqEEaT9PZtSVnJUO6rGOO/jhjxJn7JrkF2H+YV0epG9V 3uuupW6MofQdfPHZLizGFcmavorGH7534OUlcG2D8JqhSAMVcXlBhoysLqrJ6Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WND661XNLz15fv; Mon, 15 Jul 2024 20:18:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 46FKI6mo041764; Mon, 15 Jul 2024 20:18:06 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 46FKI6pV041761; Mon, 15 Jul 2024 20:18:06 GMT (envelope-from git) Date: Mon, 15 Jul 2024 20:18:06 GMT Message-Id: <202407152018.46FKI6pV041761@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kyle Evans Subject: git: 5862c891bb7c - main - kern: zero out stack buffer after copying out random bits List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 5862c891bb7c588aa00538d85eb26ffe77d3f709 Auto-Submitted: auto-generated The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=5862c891bb7c588aa00538d85eb26ffe77d3f709 commit 5862c891bb7c588aa00538d85eb26ffe77d3f709 Author: Kyle Evans AuthorDate: 2024-07-15 20:17:47 +0000 Commit: Kyle Evans CommitDate: 2024-07-15 20:17:47 +0000 kern: zero out stack buffer after copying out random bits The kern.arandom sysctl handler uses an intermediate buffer on the stack to hold random data that it subsequently copies out to the sysctl request. Err on the side of caution and zero out the stack buffer after we're done with it to avoid a potential entropy leak later on. Reviewed by: cem, emaste, markj MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D45978 --- sys/kern/kern_mib.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_mib.c b/sys/kern/kern_mib.c index 5724ed3f6932..fe6e49865682 100644 --- a/sys/kern/kern_mib.c +++ b/sys/kern/kern_mib.c @@ -182,10 +182,14 @@ sysctl_kern_arnd(SYSCTL_HANDLER_ARGS) { char buf[256]; size_t len; + int error; len = MIN(req->oldlen, sizeof(buf)); read_random(buf, len); - return (SYSCTL_OUT(req, buf, len)); + + error = SYSCTL_OUT(req, buf, len); + explicit_bzero(buf, len); + return (error); } SYSCTL_PROC(_kern, KERN_ARND, arandom,