Diffusion FreeBSD src repository 5862c891bb7c

kern: zero out stack buffer after copying out random bits
5862c891bb7c
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

kern: zero out stack buffer after copying out random bits

The kern.arandom sysctl handler uses an intermediate buffer on the stack
to hold random data that it subsequently copies out to the sysctl
request. Err on the side of caution and zero out the stack buffer after
we're done with it to avoid a potential entropy leak later on.

Reviewed by: cem, emaste, markj
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D45978

Details

Provenance

Authored on Jul 15 2024, 8:17 PM

Reviewer

Differential Revision

D45978: kern: zero out stack buffer after copying out random bits

Parents

rG9cc06bf7aa28: amd64 GENERIC: Switch uart hints from "isa" to "acpi"

Branches

Unknown

Tags

Unknown

Event Timeline

kevans committed rG5862c891bb7c: kern: zero out stack buffer after copying out random bits (authored by kevans).Jul 15 2024, 8:17 PM

kevans added an edge: D45978: kern: zero out stack buffer after copying out random bits.

kevans mentioned this in rG98e1ee23857c: kern: zero out stack buffer after copying out random bits.Jul 21 2024, 5:26 AM

kevans mentioned this in rG1eb62930e736: kern: zero out stack buffer after copying out random bits.

Changes (1)

Path

Size

sys/

kern/

rG5862c891bb7c

sys/kern/kern_mib.c

Loading...