Page MenuHomeFreeBSD
Differential D16935

rijndael (AES): Avoid leaking sensitive data on kernel stack
ClosedPublic
Actions

Authored by cem on Aug 29 2018, 4:28 AM.
Tags
None
Referenced Files
F151040767: D16935.diff
Sun, Apr 5, 2:51 PM
F150902093: D16935.diff
Sat, Apr 4, 8:20 PM
Unknown Object (File)
Thu, Mar 26, 12:42 AM
Unknown Object (File)
Wed, Mar 25, 3:08 AM
Unknown Object (File)
Tue, Mar 24, 7:16 PM
Unknown Object (File)
Fri, Mar 13, 5:24 PM
Unknown Object (File)
Sat, Mar 7, 10:38 AM
Unknown Object (File)
Feb 20 2026, 10:22 AM
View All 93 Files
Subscribers
gordon
imp

Details

Reviewers
delphij
jmg
Group Reviewers
secteam
Commits
rS339787: rijndael (AES): Avoid leaking sensitive data on kernel stack
Summary

Noticed this investigating Fortuna. Remove useless duplicate stack copies
of sensitive contents when possible, or if not possible, be sure to zero
them out when we're finished.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

cem created this revision.Aug 29 2018, 4:28 AM
Harbormaster completed remote builds in B19256: Diff 47424.Aug 29 2018, 4:28 AM
delphij added a comment.Aug 29 2018, 6:22 PM

Mostly LGTM.

sys/crypto/rijndael/rijndael-api-fst.c
448 ↗(On Diff #47424)

Could you please change this to use some better name, e.g. something like 'cleanup' instead?

cem added inline comments.Aug 29 2018, 7:25 PM
sys/crypto/rijndael/rijndael-api-fst.c
448 ↗(On Diff #47424)

I think 'out' is well understood:

$ cd sys
$ ag 'goto out;' | wc -l
    5333
$ ag 'goto cleanup;' | wc -l
     222

I can change it if you still prefer it, but I don't think "cleanup" is any better (or worse).

cem added a comment.Oct 20 2018, 7:48 PM

Ping -- do you still want a different label or is out ok? Thanks!

gordon accepted this revision as: secteam.Oct 24 2018, 6:04 PM
gordon added a subscriber: gordon.

Approved based on timeout from delphij.

This revision was not accepted when it landed; it landed in state Needs Review.Oct 26 2018, 8:53 PM
Closed by commit rS339787: rijndael (AES): Avoid leaking sensitive data on kernel stack (authored by cem). · Explain Why
This revision was automatically updated to reflect the committed changes.
Herald added a reviewer: jmg. · View Herald TranscriptOct 26 2018, 8:53 PM
Herald added a subscriber: imp. · View Herald Transcript

Revision Contents
Changeset List

PathSize
head/
sys/
crypto/
rijndael/
31 lines

Diff 49663

View Options

head/sys/crypto/rijndael/rijndael-api-fst.c

Loading...