svn commit: r364876 - head/sys/kern

Thu, 27 Aug 2020 10:36:38 -0700 

Author: markj
Date: Thu Aug 27 17:36:06 2020
New Revision: 364876
URL: https://svnweb.freebsd.org/changeset/base/364876

Log:
  Fix writing of the final block of encrypted, compressed kernel dumps.
  
  Previously any residual data in the final block of a compressed kernel
  dump would be written unencrypted.  Note, such a configuration already
  does not work properly when using AES-CBC since the compressed data is
  typically not a multiple of the AES block length in size and EKCD does
  not implement any padding scheme.  However, EKCD more recently gained
  support for using the ChaCha20 cipher, which being a stream cipher does
  not have this problem.
  
  Submitted by: sig...@gmail.com
  Reviewed by:  cem
  MFC after:    1 week
  Differential Revision:        https://reviews.freebsd.org/D26188

Modified:
  head/sys/kern/kern_shutdown.c

Modified: head/sys/kern/kern_shutdown.c
==============================================================================
--- head/sys/kern/kern_shutdown.c       Thu Aug 27 17:30:57 2020        
(r364875)
+++ head/sys/kern/kern_shutdown.c       Thu Aug 27 17:36:06 2020        
(r364876)
@@ -1464,6 +1464,7 @@ kerneldumpcomp_write_cb(void *base, size_t length, off
                }
                resid = length - rlength;
                memmove(di->blockbuf, (uint8_t *)base + rlength, resid);
+               bzero((uint8_t *)di->blockbuf + resid, di->blocksize - resid);
                di->kdcomp->kdc_resid = resid;
                return (EAGAIN);
        }
@@ -1680,9 +1681,10 @@ dump_finish(struct dumperinfo *di, struct kerneldumphe
                error = compressor_flush(di->kdcomp->kdc_stream);
                if (error == EAGAIN) {
                        /* We have residual data in di->blockbuf. */
-                       error = dump_write(di, di->blockbuf, 0, di->dumpoff,
-                           di->blocksize);
-                       di->dumpoff += di->kdcomp->kdc_resid;
+                       error = _dump_append(di, di->blockbuf, 0, 
di->blocksize);
+                       if (error == 0)
+                               /* Compensate for _dump_append()'s adjustment. 
*/
+                               di->dumpoff -= di->blocksize - 
di->kdcomp->kdc_resid;
                        di->kdcomp->kdc_resid = 0;
                }
                if (error != 0)
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to