5fff09660e
GELI allows to read a user key from a standard input. However if user initialize multiple providers at once, the standard input will be empty for the second and next providers. This caused GELI to encrypt a master key with an empty key file. This commits initialize the HMAC with the key file, and then reuse the finalized structure to generate different encryption keys for different providers. Reported by: Nathan Dorfman Tested by: philip Security: FreeBSD-SA-23:01.geli Security: CVE-2023-0751 |
||
---|---|---|
.. | ||
cache | ||
concat | ||
eli | ||
journal | ||
label | ||
mirror | ||
mountver | ||
multipath | ||
nop | ||
part | ||
raid | ||
raid3 | ||
shsec | ||
stripe | ||
union | ||
virstor | ||
Makefile | ||
Makefile.classes | ||
Makefile.inc |