cryptodisk: Wipe the passphrase from memory

Daniel Kiper via Grub-devel Thu, 08 May 2025 10:04:22 -0700

From: Maxim Suhanov <dfirb...@gmail.com>

Switching to another EFI boot application while there are secrets in
RAM is dangerous, because not all firmware is wiping memory on free.


To reduce the attack surface, wipe the passphrase acquired when
unlocking an encrypted volume.

Signed-off-by: Maxim Suhanov <dfirb...@gmail.com>
Reviewed-by: Daniel Kiper <daniel.ki...@oracle.com>
---
 grub-core/disk/cryptodisk.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index 544a30d61..7065bcdcb 100644
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -1302,6 +1302,7 @@ grub_cryptodisk_scan_device_real (const char *name,
 
   if (askpass)
     {
+      grub_memset (cargs->key_data, 0, cargs->key_len);
       cargs->key_len = 0;
       grub_free (cargs->key_data);
     }
-- 
2.11.0


_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

[SECURITY PATCH 7/8] disk/cryptodisk: Wipe the passphrase from memory

Reply via email to