https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=222077

--- Comment #2 from Conrad Meyer <c...@freebsd.org> ---
It seems like the math in g_eli_auth_run (g_eli_integrity.c) is kind of
dubious, even ignoring the data leak.  Does it even work?  I think it is making
some invalid assumptions about C division rounding.  It looks like the logic
was copied from g_eli_crypto_run (g_eli_privacy.c).

I suspect this change wouldn't hurt, but I don't think it fixes the problem:

--- a/sys/geom/eli/g_eli_integrity.c
+++ b/sys/geom/eli/g_eli_integrity.c
@@ -445,7 +445,7 @@ g_eli_auth_run(struct g_eli_worker *wr, struct bio *bp)
                size += sizeof(*crda) * nsec;
                size += G_ELI_AUTH_SECKEYLEN * nsec;
                size += sizeof(uintptr_t);      /* Space for alignment. */
-               data = malloc(size, M_ELI, M_WAITOK);
+               data = malloc(size, M_ELI, M_WAITOK | M_ZERO);
                bp->bio_driver2 = data;
                p = data + encr_secsize * nsec;
        }

I think "nsec" is calculated wrong (and differently!) in both
g_eli_auth_write_done and g_eli_auth_run.

Probably avoid using geli in integrity mode if you care about privacy, for now.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

Reply via email to