[strongSwan-dev] Memwipe of loaded secrets through VICI

[Jean-Francois HREN]

Hi Tobias, 

Thank you for your answer. I tested the branch and it works for me. 
For the mmap, I'm not expert and I use Strongswan under FreeBSD so I'm not sure the behavior is the same. 
However since decrypted private key blobs are written in the mmap chunk, memory should be allocated somewhere. This memory can be read by some other rogue processes later if not wiped properly. 

In src/swanctl/commands/load_creds.c:load_containers(), a call to chunk_unmap_clear() should be done too maybe ? 
The static buffer returned by getpass() calls in swanctl should be wiped too after use. 


De: "Tobias Brunner" <tobias at strongswan.org> 
À: "jean-francois hren" <jean-francois.hren at stormshield.eu>, "dev" <dev at lists.strongswan.org> 
Envoyé: Jeudi 30 Septembre 2021 15:42:18 
Objet: Re: [strongSwan-dev] Memwipe of loaded secrets through VICI 

Hi Jean-Francois, 

Thanks for the report and patch. I pushed several of these fixes (some 
with modifications) to the wipe-secrets branch, plus also added code to 
wipe the swanctl.conf file from memory in swanctl. 

I'm not entirely sure about the chunk_map() changes, though. As far as 
I can tell, after munmap() has been called, the process can't access 
that memory anymore (causes a segmentation fault). And mapping the same 
memory with MAP_ANONYMOUS and MAP_UNINITIALIZED (to prevent the 
initialization of the non-file backed area to zero) doesn't seem 
possible on generic kernels as it requires the 
CONFIG_MMAP_ALLOW_UNINITIALIZED kernel option, which is usually not 
enabled for security reasons. But since it's useful on platform that 
don't provide mmap() (e.g. Windows), I still pushed patches. 

Let me know what you think. 

Regards, 
Tobias 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20211001/ab9b9a22/attachment.html>