Re: [PATCH v11 17/20] cryptodisk: wipe out the cached keys from protecto

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v11 17/20] cryptodisk: wipe out the cached keys from protecto

From:	Stefan Berger
Subject:	Re: [PATCH v11 17/20] cryptodisk: wipe out the cached keys from protectors
Date:	Fri, 12 Apr 2024 17:04:40 -0400
User-agent:	Mozilla Thunderbird



On 4/12/24 04:39, Gary Lin via Grub-devel wrote:

An attacker may insert a malicious disk with the same crypto UUID and
trick grub2 to mount the fake root. Even though the key from the key
protector fails to unlock the fake root, it's not wiped out cleanly so
the attacker could dump the memory to retrieve the secret key. To defend
such attack, wipe out the cached key when we don't need it.

Signed-off-by: Gary Lin <glin@suse.com>
Cc: Fabian Vogt <fvogt@suse.com>


Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>

---
  grub-core/disk/cryptodisk.c | 6 +++++-
  1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index 0dbf601c4..94507ec65 100644
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -1349,7 +1349,11 @@ grub_cryptodisk_clear_key_cache (struct 
grub_cryptomount_args *cargs)
      return;

for (i = 0; cargs->protectors[i]; i++)

-    grub_free (cargs->key_cache[i].key);
+    {
+      if (cargs->key_cache[i].key)
+       grub_memset (cargs->key_cache[i].key, 0, cargs->key_cache[i].key_len);
+      grub_free (cargs->key_cache[i].key);
+    }

grub_free (cargs->key_cache);

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v11 19/20] tpm2: Enable tpm2 module for grub-emu, (continued)
- [PATCH v11 10/20] tpm2: Add TPM Software Stack (TSS), Gary Lin, 2024/04/12
  - Re: [PATCH v11 10/20] tpm2: Add TPM Software Stack (TSS), Stefan Berger, 2024/04/12
    - Re: [PATCH v11 10/20] tpm2: Add TPM Software Stack (TSS), Gary Lin, 2024/04/15
- [PATCH v11 16/20] cryptodisk: Fallback to passphrase, Gary Lin, 2024/04/12
  - Re: [PATCH v11 16/20] cryptodisk: Fallback to passphrase, Stefan Berger, 2024/04/12
    - Re: [PATCH v11 16/20] cryptodisk: Fallback to passphrase, Patrick Colp, 2024/04/12
- [PATCH v11 15/20] tpm2: Implement NV index, Gary Lin, 2024/04/12
  - Re: [PATCH v11 15/20] tpm2: Implement NV index, Stefan Berger, 2024/04/12
- [PATCH v11 17/20] cryptodisk: wipe out the cached keys from protectors, Gary Lin, 2024/04/12
  - Re: [PATCH v11 17/20] cryptodisk: wipe out the cached keys from protectors, Stefan Berger <=
- [PATCH v11 12/20] cryptodisk: Support key protectors, Gary Lin, 2024/04/12
  - Re: [PATCH v11 12/20] cryptodisk: Support key protectors, Stefan Berger, 2024/04/12
- Re: [PATCH v11 00/20] Automatic Disk Unlock with TPM2, Stefan Berger, 2024/04/12
  - Re: [PATCH v11 00/20] Automatic Disk Unlock with TPM2, Gary Lin, 2024/04/15
    - Re: [PATCH v11 00/20] Automatic Disk Unlock with TPM2, Stefan Berger, 2024/04/15
    - Re: [PATCH v11 00/20] Automatic Disk Unlock with TPM2, Gary Lin, 2024/04/15

Prev by Date: Re: [PATCH v11 19/20] tpm2: Enable tpm2 module for grub-emu
Next by Date: Re: [PATCH v11 16/20] cryptodisk: Fallback to passphrase
Previous by thread: [PATCH v11 17/20] cryptodisk: wipe out the cached keys from protectors
Next by thread: [PATCH v11 12/20] cryptodisk: Support key protectors
Index(es):
- Date
- Thread