Bug 185084 - [regression][geli] Keyfile content potentially cleared prematurely after r259428
Summary: [regression][geli] Keyfile content potentially cleared prematurely after r259428
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: Unspecified
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-12-22 11:00 UTC by Fabian Keil
Modified: 2014-06-25 10:33 UTC (History)
3 users (show)

See Also:

Attachments
file.txt (737 bytes, text/plain)
2013-12-22 11:00 UTC, Fabian Keil 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Fabian Keil 2013-12-22 11:00:00 UTC 
After r259428 the loaded keyfile content is cleared in g_eli_keyfiles_load().

This is potentially prematurely.

If there's also a passphrase and the user fails to get it right the first time, the following attempts are now guaranteed to fail due to lacking keyfile content (unless the keyfile only contained zeroes anyway).

Fix: Revert r259428, (optionally) apply a patch like the attached one to clear the keyfile content once it's no longer needed.

Patch attached with submission follows:
How-To-Repeat: Boot with a geli provider that has the BOOT flag set and requires a keyfile and a passphrase to attach, enter an incorrect passphrase the first time and try again using the correct one.
Comment 1 Brad Davis freebsd_committer freebsd_triage 2014-06-03 20:11:07 UTC 
Pawel,

Can you take a look at this. I made a combined version of the patch that works for me:

http://people.freebsd.org/~brd/geli-passphrase-retry-with-key.diff


Regards,
Brad Davis
Comment 2 commit-hook freebsd_committer freebsd_triage 2014-06-06 03:18:11 UTC 
A commit references this bug:

Author: brd
Date: Fri Jun  6 03:17:37 UTC 2014
New revision: 267145
URL: http://svnweb.freebsd.org/changeset/base/267145

Log:
  - Fix the keyfile being cleared prematurely after r259428

  PR:		185084
  Submitted by:	fk@fabiankeil.de
  Reviewed by:	pjd@

Changes:
  head/sys/geom/eli/g_eli.c
Comment 3 commit-hook freebsd_committer freebsd_triage 2014-06-25 10:17:13 UTC 
A commit references this bug:

Author: marius
Date: Wed Jun 25 10:17:00 UTC 2014
New revision: 267860
URL: http://svnweb.freebsd.org/changeset/base/267860

Log:
  MFC: r267145

  Fix the keyfile being cleared prematurely after r259428 (MFCed to stable/10
  in r266749).

  PR:		185084
  Submitted by:	fk@fabiankeil.de
  Reviewed by:	pjd

Changes:
_U  stable/10/
  stable/10/sys/geom/eli/g_eli.c
Comment 4 commit-hook freebsd_committer freebsd_triage 2014-06-25 10:17:14 UTC 
A commit references this bug:

Author: marius
Date: Wed Jun 25 10:17:10 UTC 2014
New revision: 267861
URL: http://svnweb.freebsd.org/changeset/base/267861

Log:
  MFC: r267145

  Fix the keyfile being cleared prematurely after r259428 (MFCed to stable/9
  in r266750).

  PR:		185084
  Submitted by:	fk@fabiankeil.de
  Reviewed by:	pjd

Changes:
_U  stable/9/sys/
  stable/9/sys/geom/eli/g_eli.c
Comment 5 commit-hook freebsd_committer freebsd_triage 2014-06-25 10:28:16 UTC 
A commit references this bug:

Author: marius
Date: Wed Jun 25 10:27:17 UTC 2014
New revision: 267862
URL: http://svnweb.freebsd.org/changeset/base/267862

Log:
  MFC: r267145

  Fix the keyfile being cleared prematurely after r259428 (MFCed to stable/9
  in r266750).

  PR:		185084
  Submitted by:	fk@fabiankeil.de
  Reviewed by:	pjd
  Approved by:	re (glebius)

Changes:
_U  releng/9.3/sys/
  releng/9.3/sys/geom/eli/g_eli.c