Improve resilience against memory attacks#2805
Closed
droidmonkey wants to merge 1 commit intorelease/2.4.1from
Closed
Improve resilience against memory attacks#2805droidmonkey wants to merge 1 commit intorelease/2.4.1from
droidmonkey wants to merge 1 commit intorelease/2.4.1from
Conversation
31bd90a to
c51752d
Compare
16d8cec to
cff6f0f
Compare
Member
Author
|
punt! |
rockihack
reviewed
Mar 28, 2019
|
Would it be helpful (until then/after that) to enable memory page sanitation on the linux kernel (CONFIG_PAGE_POISONING)? |
cff6f0f to
8fbefdf
Compare
To reduce residual fragments of secret data in memory after deallocation, this patch replaces the global delete operator with a version that zeros out previously allocated memory. It makes use of the new C++14 sized deallocation, but provides an unsized fallback with platform-specific size deductions. This change is only a minor mitigation and cannot protect against buffer reallocations by the operating system or non-C++ libraries. Thus, we still cannot guarantee all memory to be wiped after free. As a further improvement, this patch uses libgcrypt and libsodium to write long-lived master key component hashes into a secure memory area and wipe it afterwards.
8fbefdf to
cb00281
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Type of change
Description and Context
To reduce residual fragments of secret data in memory after
deallocation, this patch replaces the global delete operator with a
version that zeros out previously allocated memory. It makes use of
the new C++14 sized deallocation, but provides an unsized fallback
with platform-specific size deductions.
This change is only a minor mitigation and cannot protect against
buffer reallocations by the operating system or non-C++ libraries.
Thus, we still cannot guarantee all memory to be wiped after free.
As a further improvement, this patch uses libgcrypt to write
long-lived master key component hashes into a secure memory area
and wipe it afterwards.
Finally, it ensures that all password form fields are cleared when
they are not in use anymore and fixes a bug where removing a component
from the master key would not mark the database as dirty.
Testing strategy
Incorporating into 2.4.1 to allow beta testers to test on many different machines.
Checklist:
-DWITH_ASAN=ON. [REQUIRED]