Go to file
Attila Fülöp f58e513f74
ICP: AES-GCM: Refactor gcm_clear_ctx()
Currently the temporary buffer in which decryption takes place
isn't cleared on context destruction. Further in some routines we
fail to call gcm_clear_ctx() on error exit. Both flaws may result
in leaking sensitive data.

We follow best practices and zero out the plaintext buffer before
freeing the memory holding it. Also move all cleanup into
gcm_clear_ctx() and call it on any context destruction.

The performance impact should be negligible.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Rob Norris <robn@despairlabs.com>
Signed-off-by: Attila Fülöp <attila@fueloep.org>
Closes #14528
2023-02-27 14:38:12 -08:00
.github Workaround GitHub Action failure 2023-02-27 09:19:25 -08:00
cmd Improve error message of zfs redact 2023-02-21 17:30:05 -08:00
config Linux: use filemap_range_has_page() 2023-02-14 11:04:34 -08:00
contrib initramfs: Make mountpoint=none work 2023-02-06 11:16:01 -08:00
etc etc/systemd/zfs-mount-generator: avoid strndupa 2023-01-10 13:40:31 -08:00
include Use .section .rodata instead of .rodata on FreeBSD 2023-02-24 16:45:48 -08:00
lib Use .section .rodata instead of .rodata on FreeBSD 2023-02-24 16:45:48 -08:00
man Increase default zfs_rebuild_vdev_limit to 64MB 2023-01-27 10:02:24 -08:00
module ICP: AES-GCM: Refactor gcm_clear_ctx() 2023-02-27 14:38:12 -08:00
rpm rpm: Use libtirpc-devel and /usr/lib on SUSE 2023-02-09 11:57:50 -08:00
scripts Add native-deb* targets to build native Debian packages 2022-12-13 17:33:05 -08:00
tests ZTS: Minor fixes 2023-02-23 17:10:46 -08:00
udev Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
.editorconfig Add an .editorconfig; document git whitespace settings 2020-01-27 13:32:52 -08:00
.gitignore autoconf: use include directives instead of recursing down cmd 2022-05-10 10:18:38 -07:00
.gitmodules .gitmodules: link to openzfs github repository 2021-04-12 09:37:23 -07:00
AUTHORS zfs_rename: support RENAME_* flags 2022-10-28 09:49:20 -07:00
autogen.sh Ubuntu 22.04 integration: ShellCheck 2022-11-18 11:24:48 -08:00
CODE_OF_CONDUCT.md Documentation corrections 2022-12-22 11:34:28 -08:00
configure.ac Add native-deb* targets to build native Debian packages 2022-12-13 17:33:05 -08:00
copy-builtin copy-builtin: add hooks with sed/>> 2022-05-10 10:17:43 -07:00
COPYRIGHT Fix typos 2020-06-09 21:24:09 -07:00
LICENSE Update build system and packaging 2018-05-29 16:00:33 -07:00
Makefile.am Process script directory for all configs 2022-10-27 16:45:14 -07:00
META Update META to 6.1 kernel 2023-01-10 15:53:33 -08:00
NEWS Fix NEWS file 2020-08-26 21:44:41 -07:00
NOTICE Update build system and packaging 2018-05-29 16:00:33 -07:00
README.md README: Update OpenZFS website url 2022-01-06 16:25:01 -08:00
RELEASES.md Add RELEASES.md file 2021-04-02 16:33:40 -07:00
TEST Remove CI builder customization from TEST 2020-03-16 10:46:03 -07:00
zfs.release.in Move zfs.release generation to configure step 2012-07-12 12:22:51 -07:00

img

OpenZFS is an advanced file system and volume manager which was originally developed for Solaris and is now maintained by the OpenZFS community. This repository contains the code for running OpenZFS on Linux and FreeBSD.

codecov coverity

Official Resources

Installation

Full documentation for installing OpenZFS on your favorite operating system can be found at the Getting Started Page.

Contribute & Develop

We have a separate document with contribution guidelines.

We have a Code of Conduct.

Release

OpenZFS is released under a CDDL license. For more details see the NOTICE, LICENSE and COPYRIGHT files; UCRL-CODE-235197

Supported Kernels

  • The META file contains the officially recognized supported Linux kernel versions.
  • Supported FreeBSD versions are any supported branches and releases starting from 12.2-RELEASE.