svn commit: r257539 - head/sys/geom/eli

Xin LI delphij at FreeBSD.org
Sat Nov 2 01:16:10 UTC 2013 

Author: delphij
Date: Sat Nov  2 01:16:10 2013
New Revision: 257539
URL: http://svnweb.freebsd.org/changeset/base/257539

Log:
  When zero'ing out a buffer, make sure we are using right size.
  
  Without this change, in the worst but unlikely case scenario, certain
  administrative operations, including change of configuration, set or
  delete key from a GEOM ELI provider, may leave potentially sensitive
  information in buffer allocated from kernel memory.
  
  We believe that it is not possible to actively exploit these issues, nor
  does it impact the security of normal usage of GEOM ELI providers when
  these operations are not performed after system boot.
  
  Security:	possible sensitive information disclosure
  Submitted by:	Clement Lecigne <clecigne google com>
  MFC after:	3 days

Modified:
  head/sys/geom/eli/g_eli_ctl.c

Modified: head/sys/geom/eli/g_eli_ctl.c
==============================================================================
--- head/sys/geom/eli/g_eli_ctl.c	Sat Nov  2 01:03:14 2013	(r257538)
+++ head/sys/geom/eli/g_eli_ctl.c	Sat Nov  2 01:16:10 2013	(r257539)
@@ -471,7 +471,7 @@ g_eli_ctl_configure(struct gctl_req *req
 			    prov, error);
 		}
 		bzero(&md, sizeof(md));
-		bzero(sector, sizeof(sector));
+		bzero(sector, pp->sectorsize);
 		free(sector, M_ELI);
 	}
 }
@@ -562,7 +562,7 @@ g_eli_ctl_setkey(struct gctl_req *req, s
 
 	/* Encrypt Master Key with the new key. */
 	error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, mkeydst);
-	bzero(key, sizeof(key));
+	bzero(key, keysize);
 	if (error != 0) {
 		bzero(&md, sizeof(md));
 		gctl_error(req, "Cannot encrypt Master Key (error=%d).", error);
@@ -575,7 +575,7 @@ g_eli_ctl_setkey(struct gctl_req *req, s
 	bzero(&md, sizeof(md));
 	error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector,
 	    pp->sectorsize);
-	bzero(sector, sizeof(sector));
+	bzero(sector, pp->sectorsize);
 	free(sector, M_ELI);
 	if (error != 0) {
 		gctl_error(req, "Cannot store metadata on %s (error=%d).",
@@ -691,7 +691,7 @@ g_eli_ctl_delkey(struct gctl_req *req, s
 		(void)g_io_flush(cp);
 	}
 	bzero(&md, sizeof(md));
-	bzero(sector, sizeof(sector));
+	bzero(sector, pp->sectorsize);
 	free(sector, M_ELI);
 	if (*all)
 		G_ELI_DEBUG(1, "All keys removed from %s.", pp->name);

More information about the svn-src-head mailing list