From 18f6c6106c66ba1fe6e7b48aaa5dd444ba0f9b09 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sun, 18 Feb 2018 11:33:47 +0100 Subject: main: try to wipe cryptocore's secret keys on unmount Raise the bar for recovering keys from memory. https://github.com/rfjakob/gocryptfs/issues/211 --- mount.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'mount.go') diff --git a/mount.go b/mount.go index 7b1fd4e..9b7410d 100644 --- a/mount.go +++ b/mount.go @@ -123,7 +123,7 @@ func doMount(args *argContainer) int { // We cannot use JSON for pretty-printing as the fields are unexported tlog.Debug.Printf("cli args: %#v", args) // Initialize FUSE server - srv := initFuseFrontend(masterkey, args, confFile) + srv, wipeKeys := initFuseFrontend(masterkey, args, confFile) tlog.Info.Println(tlog.ColorGreen + "Filesystem mounted and ready." + tlog.ColorReset) // We have been forked into the background, as evidenced by the set // "notifypid". @@ -162,6 +162,8 @@ func doMount(args *argContainer) int { debug.FreeOSMemory() // Jump into server loop. Returns when it gets an umount request from the kernel. srv.Serve() + // Try to wipe secrect keys from memory + wipeKeys() return 0 } @@ -194,7 +196,7 @@ type ctlsockFs interface { // initFuseFrontend - initialize gocryptfs/fusefrontend // Calls os.Exit on errors -func initFuseFrontend(masterkey []byte, args *argContainer, confFile *configfile.ConfFile) *fuse.Server { +func initFuseFrontend(masterkey []byte, args *argContainer, confFile *configfile.ConfFile) (srv *fuse.Server, wipeKeys func()) { // Reconciliate CLI and config file arguments into a fusefrontend.Args struct // that is passed to the filesystem implementation cryptoBackend := cryptocore.BackendGoGCM @@ -361,7 +363,7 @@ func initFuseFrontend(masterkey []byte, args *argContainer, confFile *configfile // directories with the requested permissions. syscall.Umask(0000) - return srv + return srv, func() { cCore.Wipe() } } func handleSigint(srv *fuse.Server, mountpoint string) { -- cgit v1.2.3