svn commit: r192544 - head/sys/kern

Kostik Belousov kostikbel at gmail.com
Thu May 21 16:24:37 UTC 2009 

On Thu, May 21, 2009 at 04:19:54PM +0000, Ed Schouten wrote:
> Author: ed
> Date: Thu May 21 16:19:54 2009
> New Revision: 192544
> URL: http://svn.freebsd.org/changeset/base/192544
> 
> Log:
>   Add a new sysctl: kern.tty_inq_flush_secure.
>   
>   When enabled all TTY input queue buffers are zeroed when flushing or
>   closing the TTY. Because TTY input queues are also used to store filled
>   in passwords, this may be an interesting switch to enable for security
>   minded people.
Why is this enabled by sysctl ? Such feature shall be unconditional if
it has any value.

> 
> Modified:
>   head/sys/kern/tty_inq.c
> 
> Modified: head/sys/kern/tty_inq.c
> ==============================================================================
> --- head/sys/kern/tty_inq.c	Thu May 21 16:18:45 2009	(r192543)
> +++ head/sys/kern/tty_inq.c	Thu May 21 16:19:54 2009	(r192544)
> @@ -68,6 +68,9 @@ SYSCTL_ULONG(_kern, OID_AUTO, tty_inq_nf
>  static unsigned long ttyinq_nslow = 0;
>  SYSCTL_ULONG(_kern, OID_AUTO, tty_inq_nslow, CTLFLAG_RD,
>  	&ttyinq_nslow, 0, "Buffered reads to userspace on input");
> +static int ttyinq_flush_secure = 0;
> +SYSCTL_INT(_kern, OID_AUTO, tty_inq_flush_secure, CTLFLAG_RW,
> +	&ttyinq_flush_secure, 0, "Zero buffers while flushing");
>  
>  #define TTYINQ_QUOTESIZE	(TTYINQ_DATASIZE / BMSIZE)
>  #define BMSIZE			32
> @@ -376,28 +379,19 @@ ttyinq_findchar(struct ttyinq *ti, const
>  void
>  ttyinq_flush(struct ttyinq *ti)
>  {
> +	struct ttyinq_block *tib = ti->ti_lastblock;
>  
>  	ti->ti_begin = 0;
>  	ti->ti_linestart = 0;
>  	ti->ti_reprint = 0;
>  	ti->ti_end = 0;
> -}
> -
> -#if 0
> -void
> -ttyinq_flush_safe(struct ttyinq *ti)
> -{
> -	struct ttyinq_block *tib;
> -
> -	ttyinq_flush(ti);
>  
> -	/* Zero all data in the input queue to make it more safe */
> -	TAILQ_FOREACH(tib, &ti->ti_list, tib_list) {
> -		bzero(&tib->tib_quotes, sizeof tib->tib_quotes);
> -		bzero(&tib->tib_data, sizeof tib->tib_data);
> +	/* Zero all data in the input queue to get rid of passwords. */
> +	if (ttyinq_flush_secure) {
> +		for (tib = ti->ti_firstblock; tib != NULL; tib = tib->tib_next)
> +			bzero(&tib->tib_data, sizeof tib->tib_data);
>  	}
>  }
> -#endif
>  
>  int
>  ttyinq_peekchar(struct ttyinq *ti, char *c, int *quote)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/svn-src-all/attachments/20090521/e9a1aa5b/attachment.pgp

More information about the svn-src-all mailing list