Page MenuHomeFreeBSD
Differential D31170

eli: Zero pad bytes that arise when certain auth algos are used
ClosedPublic
Actions

Authored by markj on Jul 13 2021, 11:05 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Sep 18, 4:47 AM
Unknown Object (File)
Wed, Sep 18, 12:22 AM
Unknown Object (File)
Tue, Sep 17, 2:39 AM
Unknown Object (File)
Mon, Sep 16, 12:41 PM
Unknown Object (File)
Mon, Sep 16, 1:10 AM
Unknown Object (File)
Thu, Sep 5, 10:19 AM
Unknown Object (File)
Mon, Sep 2, 2:52 PM
Unknown Object (File)
Jul 30 2024, 10:39 PM
View All 46 Files
Subscribers
imp

Details

Reviewers
cem
asomers
delphij
Commits
rG0fcafe8516d1: eli: Zero pad bytes that arise when certain auth algorithms are used
Summary

When authentication is configured, GELI ensures that the amount of data
per sector is a multiple of 16 bytes. This is done in
eli_metadata_softc(). When the digest size is not a multiple of 16
bytes, this leaves some extra pad bytes at the end of every sector.
This change ensures that they are zeroed before being written to disk.

Reported by: KMSAN
MFC after: 2 weeks

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj created this revision.Jul 13 2021, 11:05 PM
Herald added a subscriber: imp. · View Herald TranscriptJul 13 2021, 11:05 PM
markj requested review of this revision.Jul 13 2021, 11:05 PM
Harbormaster completed remote builds in B40461: Diff 92164.Jul 13 2021, 11:05 PM
asomers accepted this revision.Jul 13 2021, 11:27 PM

LGTM, but would it be possible to add a test for this in the geli test suite?

This revision is now accepted and ready to land.Jul 13 2021, 11:27 PM
markj added a comment.Jul 13 2021, 11:36 PM
In D31170#701449, @asomers wrote:

LGTM, but would it be possible to add a test for this in the geli test suite?

FWIW, the test suite is how I found this - I just had to run it with KMSAN configured. Once KMSAN is committed to head I'll work on getting a KMSAN CI job added.

I suppose I could add a test to explicitly check the pad bytes. The idea would be to, for each auth algorithm, create a vnode-backed md, configure a GELI volume on it, overwrite the provider with zeros, detach GELI, and check the pad bytes. I'm not sure how best to do the last part.

delphij accepted this revision.Jul 14 2021, 8:04 AM

Note that this seems to be quite SA worthy as it might leave sensitive data on the drive when these auth algorithms are used (it seems to be HMAC/RIPEMD160 and HMAC/SHA384; is there any other algorithms that are affected), and the fix would be to read in and write every sectors of the provider?

markj added a comment.Jul 14 2021, 1:18 PM
In D31170#701527, @delphij wrote:

Note that this seems to be quite SA worthy as it might leave sensitive data on the drive when these auth algorithms are used (it seems to be HMAC/RIPEMD160 and HMAC/SHA384; is there any other algorithms that are affected), and the fix would be to read in and write every sectors of the provider?

Yes, I was planning on requesting at least an EN. HMAC/SHA1 is also affected. And yes I think the only simple way to clear those bytes is to read the entire volume and write it back.

Closed by commit rG0fcafe8516d1: eli: Zero pad bytes that arise when certain auth algorithms are used (authored by markj). · Explain WhyJul 15 2021, 4:26 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG0fcafe8516d1: eli: Zero pad bytes that arise when certain auth algorithms are used.

Revision Contents
Changeset List

PathSize
sys/
geom/
eli/
11 lines

Diff 92237

View Options

sys/geom/eli/g_eli_integrity.c

Loading...