0fcafe8516
When authentication is configured, GELI ensures that the amount of data per sector is a multiple of 16 bytes. This is done in eli_metadata_softc(). When the digest size is not a multiple of 16 bytes, this leaves some extra pad bytes at the end of every sector, and they were not being zeroed before being written to disk. In particular, this happens with the HMAC/SHA1, HMAC/RIPEMD160 and HMAC/SHA384 data authentication algorithms. This change ensures that they are zeroed before being written to disk. Reported by: KMSAN Reviewed by: delphij, asomers MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D31170 |
||
---|---|---|
.. | ||
g_eli_crypto.c | ||
g_eli_ctl.c | ||
g_eli_hmac.c | ||
g_eli_integrity.c | ||
g_eli_key_cache.c | ||
g_eli_key.c | ||
g_eli_privacy.c | ||
g_eli.c | ||
g_eli.h | ||
pkcs5v2.c | ||
pkcs5v2.h |