diff options
author | Jakob Unterwurzacher | 2018-02-18 11:33:47 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2018-02-18 11:39:10 +0100 |
commit | 18f6c6106c66ba1fe6e7b48aaa5dd444ba0f9b09 (patch) | |
tree | 98d0fd648fee94bd6b4852144250f1a53e247da3 /mount.go | |
parent | 719693ec5dd1153318606f151915231d71ddfe0b (diff) |
main: try to wipe cryptocore's secret keys on unmount
Raise the bar for recovering keys from memory.
https://github.com/rfjakob/gocryptfs/issues/211
Diffstat (limited to 'mount.go')
-rw-r--r-- | mount.go | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -123,7 +123,7 @@ func doMount(args *argContainer) int { // We cannot use JSON for pretty-printing as the fields are unexported tlog.Debug.Printf("cli args: %#v", args) // Initialize FUSE server - srv := initFuseFrontend(masterkey, args, confFile) + srv, wipeKeys := initFuseFrontend(masterkey, args, confFile) tlog.Info.Println(tlog.ColorGreen + "Filesystem mounted and ready." + tlog.ColorReset) // We have been forked into the background, as evidenced by the set // "notifypid". @@ -162,6 +162,8 @@ func doMount(args *argContainer) int { debug.FreeOSMemory() // Jump into server loop. Returns when it gets an umount request from the kernel. srv.Serve() + // Try to wipe secrect keys from memory + wipeKeys() return 0 } @@ -194,7 +196,7 @@ type ctlsockFs interface { // initFuseFrontend - initialize gocryptfs/fusefrontend // Calls os.Exit on errors -func initFuseFrontend(masterkey []byte, args *argContainer, confFile *configfile.ConfFile) *fuse.Server { +func initFuseFrontend(masterkey []byte, args *argContainer, confFile *configfile.ConfFile) (srv *fuse.Server, wipeKeys func()) { // Reconciliate CLI and config file arguments into a fusefrontend.Args struct // that is passed to the filesystem implementation cryptoBackend := cryptocore.BackendGoGCM @@ -361,7 +363,7 @@ func initFuseFrontend(masterkey []byte, args *argContainer, confFile *configfile // directories with the requested permissions. syscall.Umask(0000) - return srv + return srv, func() { cCore.Wipe() } } func handleSigint(srv *fuse.Server, mountpoint string) { |