FreeBSD src
Go to file
Conrad Meyer ea5eee641e Fix information leak in geli(8) integrity mode
In integrity mode, a larger logical sector (e.g., 4096 bytes) spans several
physical sectors (e.g., 512 bytes) on the backing device.  Due to hash
overhead, a 4096 byte logical sector takes 8.5625 512-byte physical sectors.
This means that only 288 bytes (256 data + 32 hash) of the last 512 byte
sector are used.

The memory allocation used to store the encrypted data to be written to the
physical sectors comes from malloc(9) and does not use M_ZERO.

Previously, nothing initialized the final physical sector backing each
logical sector, aside from the hash + encrypted data portion.  So 224 bytes
of kernel heap memory was leaked to every block :-(.

This patch addresses the issue by initializing the trailing portion of the
physical sector in every logical sector to zeros before use.  A much simpler
but higher overhead fix would be to tag the entire allocation M_ZERO.

PR:		222077
Reported by:	Maxim Khitrov <max AT mxcrypt.com>
Reviewed by:	emaste
Security:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D12272
2017-09-09 01:41:01 +00:00
bin Add basic tests for chflags, mkdir, rcp, and rmdir 2017-09-07 16:54:47 +00:00
cddl Add D definitions for the named values in socket.h 2017-09-07 03:05:16 +00:00
contrib Fix an incorrectly used conditional causing a stack buffer overflow. 2017-09-07 18:54:54 +00:00
crypto Upgrade to OpenSSH 7.5p1. 2017-08-04 12:57:24 +00:00
etc Add basic tests for chflags, mkdir, rcp, and rmdir 2017-09-07 16:54:47 +00:00
gnu Convert all the arm big endian tests into a regexp rather than a list. 2017-08-14 22:25:20 +00:00
include An MMC/SD/SDIO stack using CAM 2017-07-09 16:57:24 +00:00
kerberos5 Replace the include path using CURDIR with KRB5DIR. This is consistent 2017-08-21 12:42:05 +00:00
lib libgeom: Remove redundant and duplicated code 2017-09-08 15:44:52 +00:00
libexec Add a new getty/gettytab capability to generate an initial message dynamically. 2017-09-07 00:20:17 +00:00
release make-memstick.sh: use 'set -e' to abort if any step fails 2017-09-05 12:57:45 +00:00
rescue DIRDEPS_BUILD: Update dependencies. 2017-05-09 01:48:23 +00:00
sbin geom_virstor: Remove wholly unnecessary g_metadata_store copy 2017-09-08 15:38:02 +00:00
secure Convert traditional ${MK_TESTS} conditional idiom for including test 2017-08-02 08:35:51 +00:00
share Tweak comment for install -S usage since it does not impact the build. 2017-09-08 19:20:42 +00:00
sys Fix information leak in geli(8) integrity mode 2017-09-09 01:41:01 +00:00
targets Update targets/pseudo/tests/Makefile.depend after recent additions/subtractions 2017-07-19 16:45:57 +00:00
tests Add supporting changes for Add limited sandbox capability to "make check" 2017-08-14 19:21:37 +00:00
tools Bugfix: Don't treat NANO_IMAGES as a direcotory. 2017-09-05 21:17:20 +00:00
usr.bin Merge pipes and socket pairs. 2017-09-05 07:46:45 +00:00
usr.sbin crunchgen: quiet -Wmissing-prototypes 2017-09-07 17:20:47 +00:00
.arcconfig
.arclint
COPYRIGHT Bump copyright year. 2016-12-31 12:41:42 +00:00
LOCKS
MAINTAINERS Add asomers as a pjdfstest co-maintainer per the project status change 2017-06-28 09:25:15 +00:00
Makefile Quote ${MAKE} when passing in env in case it contains spaces. 2017-08-16 17:54:24 +00:00
Makefile.inc1 Makefile.inc1: bump elf tool chain version check after PR 215350 fix 2017-09-06 01:55:40 +00:00
Makefile.libcompat Honor NO_RTLD for rtld-elf, similar to what's done in libexec/Makefile, with 2017-08-17 20:15:20 +00:00
ObsoleteFiles.inc Rework and simplify the ksyms(4) implementation. 2017-08-03 00:38:13 +00:00
README Vendor import of OpenSSH 7.5p1. 2017-08-03 10:10:20 +00:00
README.md Remove hard line breaks from README.md 2017-03-01 15:39:58 +00:00
UPDATING Hide length of geli passphrase during boot. 2017-08-26 14:07:24 +00:00

FreeBSD Source:

This is the top level of the FreeBSD source directory. This file was last revised on: FreeBSD

For copyright information, please see the file COPYRIGHT in this directory (additional copyright information also exists for some sources in this tree - please see the specific source directories for more information).

The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7) and http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html for more information, including setting make(1) variables.

The buildkernel and installkernel targets build and install the kernel and the modules (see below). Please see the top of the Makefile in this directory for more information on the standard build targets and compile-time flags.

Building a kernel is a somewhat more involved process. See build(7), config(8), and http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html for more information.

Note: If you want to build and install the kernel with the buildkernel and installkernel targets, you might need to build world before. More information is available in the handbook.

The kernel configuration files reside in the sys/<arch>/conf sub-directory. GENERIC is the default configuration used in release builds. NOTES contains entries and documentation for all possible devices, not just those commonly used.

Source Roadmap:

bin				System/user commands.

cddl			Various commands and libraries under the Common Development  
				and Distribution License.

contrib			Packages contributed by 3rd parties.

crypto			Cryptography stuff (see crypto/README).

etc				Template files for /etc.

gnu				Various commands and libraries under the GNU Public License.  
				Please see gnu/COPYING* for more information.

include			System include files.

kerberos5		Kerberos5 (Heimdal) package.

lib				System libraries.

libexec			System daemons.

release			Release building Makefile & associated tools.

rescue			Build system for statically linked /rescue utilities.

sbin			System commands.

secure			Cryptographic libraries and commands.

share			Shared resources.

sys				Kernel sources.

tests			Regression tests which can be run by Kyua.  See tests/README
				for additional information.

tools			Utilities for regression testing and miscellaneous tasks.

usr.bin			User commands.

usr.sbin		System administration commands.

For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/synching.html