On 04/06/2015 12:58, Devin Teske wrote:
> Hi -current,
> I have a pending enhancement to the boot loader that Colin P. and I
> have been working on together.
> URL: https://reviews.freebsd.org/D2105 <https://reviews.freebsd.org/D2105>
> The nature of the patch is to cause the boot loader to prompt for the
> GELI passphrase and then pass that on (through a kenv(1) variable)
> to Colin’s code in geom_eli.ko where it will be:
> (a) picked up for-use as the initial passphrase attempt(s)
> (b) zeroed after being picked-up so “kenv kern.geom.eli.passphrase”
> returns nothing
> NB: Actually, “kenv kern.geom.eli.passphrase” generates the error
> “kenv: unable to get kern.geom.eli.passphrase”
> The problem that I (we) need help in solving is:
> If the geom_eli.ko module doesn’t get loaded, then the variable
> (kern.geom.eli.passphrase) is not zeroed.
> While I do think that this is of minimal concern (not loading the GELI
> module means you won’t be able to get past the mountroot prompt in
> the case where GELI is required to boot), I discussed with Colin and
> I think we are in consensus that the resetting of the variable should
> perhaps be moved to another section of the kernel to prevent leakage
> of this sensitive information being passed through kenv(1) variable(s).
> Issue for me is, I’m not sure where the best place to move this to.
> Here’s the code that needs to be moved (Lines 108-109 of g_eli.c):
> /* Wipe the passphrase from the environment. */
> Need to move that preferably to some place in the kernel that is NOT
> optional in the compilation process. Suggestions?
How about putting it right after a successful mount of the root file system?
(I've never used GELI, so this could be as "right out" as five.)
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"