HomeFreeBSD
Diffusion FreeBSD src repository 90ffac35b778

eli: Zero pad bytes that arise when certain auth algorithms are used
90ffac35b778
Actions

Description

eli: Zero pad bytes that arise when certain auth algorithms are used

When authentication is configured, GELI ensures that the amount of data
per sector is a multiple of 16 bytes. This is done in
eli_metadata_softc(). When the digest size is not a multiple of 16
bytes, this leaves some extra pad bytes at the end of every sector, and
they were not being zeroed before being written to disk. In particular,
this happens with the HMAC/SHA1, HMAC/RIPEMD160 and HMAC/SHA384 data
authentication algorithms.

This change ensures that they are zeroed before being written to disk.

Reported by: KMSAN
Reviewed by: delphij, asomers
Sponsored by: The FreeBSD Foundation

(cherry picked from commit 0fcafe8516d170852aa73f029a6a28bed1e29292)

Details

Provenance
markjAuthored on Jul 15 2021, 4:23 PM
Parents
rG822c62b7db64: Assert that valid PTEs are not overwritten when installing a new PTP
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
sys/
geom/
eli/

rG90ffac35b778

View Options

sys/geom/eli/g_eli_integrity.c

Loading...