Hi -current,

I have a pending enhancement to the boot loader that Colin P. and I
have been working on together.

URL: https://reviews.freebsd.org/D2105 <https://reviews.freebsd.org/D2105>

The nature of the patch is to cause the boot loader to prompt for the
GELI passphrase and then pass that on (through a kenv(1) variable)
to Colin’s code in geom_eli.ko where it will be:

(a) picked up for-use as the initial passphrase attempt(s)
(b) zeroed after being picked-up so “kenv kern.geom.eli.passphrase”
returns nothing

NB: Actually, “kenv kern.geom.eli.passphrase” generates the error
“kenv: unable to get kern.geom.eli.passphrase”

The problem that I (we) need help in solving is:

If the geom_eli.ko module doesn’t get loaded, then the variable
(kern.geom.eli.passphrase) is not zeroed.

While I do think that this is of minimal concern (not loading the GELI
module means you won’t be able to get past the mountroot prompt in
the case where GELI is required to boot), I discussed with Colin and
I think we are in consensus that the resetting of the variable should
perhaps be moved to another section of the kernel to prevent leakage
of this sensitive information being passed through kenv(1) variable(s).

Issue for me is, I’m not sure where the best place to move this to.
Here’s the code that needs to be moved (Lines 108-109 of g_eli.c):


                              /* Wipe the passphrase from the environment. */

Need to move that preferably to some place in the kernel that is NOT
optional in the compilation process. Suggestions?
freebsd-current@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Reply via email to