Page MenuHomeFreeBSD

rijndael (AES): Avoid leaking sensitive data on kernel stack
ClosedPublic

Authored by cem on Aug 29 2018, 4:28 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jan 18, 5:09 PM
Unknown Object (File)
Tue, Jan 14, 5:51 PM
Unknown Object (File)
Mon, Jan 13, 5:44 PM
Unknown Object (File)
Nov 23 2024, 11:29 AM
Unknown Object (File)
Nov 17 2024, 11:21 PM
Unknown Object (File)
Nov 17 2024, 10:08 PM
Unknown Object (File)
Nov 17 2024, 9:15 PM
Unknown Object (File)
Nov 17 2024, 9:13 PM
Subscribers

Details

Summary

Noticed this investigating Fortuna. Remove useless duplicate stack copies
of sensitive contents when possible, or if not possible, be sure to zero
them out when we're finished.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Mostly LGTM.

sys/crypto/rijndael/rijndael-api-fst.c
448 ↗(On Diff #47424)

Could you please change this to use some better name, e.g. something like 'cleanup' instead?

sys/crypto/rijndael/rijndael-api-fst.c
448 ↗(On Diff #47424)

I think 'out' is well understood:

$ cd sys
$ ag 'goto out;' | wc -l
    5333
$ ag 'goto cleanup;' | wc -l
     222

I can change it if you still prefer it, but I don't think "cleanup" is any better (or worse).

Ping -- do you still want a different label or is out ok? Thanks!

gordon added a subscriber: gordon.

Approved based on timeout from delphij.

This revision was not accepted when it landed; it landed in state Needs Review.Oct 26 2018, 8:53 PM
This revision was automatically updated to reflect the committed changes.