Fix information leak in geli(8) integrity mode

Authored by cem on Sep 8 2017, 5:21 AM.



In integrity mode, a larger logical sector (e.g., 4096 bytes) spans several
physical sectors (e.g., 512 bytes) on the backing device. Due to hash
overhead, a 4096 byte logical sector takes 8.5625 512-byte physical sectors.
This means that only 288 bytes (256 data + 32 hash) of the last 512 byte
sector are used.

The memory allocation used to store the encrypted data to be written to the
physical sectors comes from malloc(9) and does not use M_ZERO.

Previously, nothing initialized the final physical sector backing each
logical sector, aside from the hash + encrypted data portion. So 224 bytes
of kernel heap memory was leaked to every block :-(.

This patch addresses the issue by initializing the trailing physical sector
in every logical sector to zeros before use. A much simpler but higher
overhead fix would be to tag the entire allocation M_ZERO.

PR: 222077

Test Plan

I manually confirmed each 224 byte portion before every 0x1200 (9*512) boundary
in the backing device was correctly initialized, regardless of IO size used to
initialize the logical volume, using the repro from the PR:

dd if=/dev/zero bs=1M count=1 status=none
md=$(mdconfig -f || exit
echo fakekey | geli init -a HMAC/SHA256 -B none -K - -P -s 4096 $md || exit
echo fakekey | geli attach -k - -p $md || exit
dd if=/dev/zero of=/dev/$md.eli bs=1M status=none
geli detach /dev/$md.eli
mdconfig -du $md

Diff Detail

rS FreeBSD src repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.
cem created this revision.Sep 8 2017, 5:21 AM
cem edited the test plan for this revision. (Show Details)Sep 8 2017, 2:50 PM
cem updated this revision to Diff 32811.Sep 8 2017, 5:43 PM
  • Simplify comment
  • Only zero sector on writes
  • Only zero out the unused portion of the block

All suggestions from emaste offline of Phabricator

emaste accepted this revision.Sep 9 2017, 12:30 AM
This revision is now accepted and ready to land.Sep 9 2017, 12:30 AM
This revision was automatically updated to reflect the committed changes.