[dm-devel] dm-crypt userland key patch
Molle Bestefich
molle.bestefich at gmail.com
Fri Apr 15 21:48:09 UTC 2005
Bjorn Andersson wrote:
> > > Patch to the dm-crypt module so that it hides the crypto-key from
> > > userland. (dmsetup table)
> >
> > Does it also overwrite the key in memory when unloading dm-crypt, make
> > sure that the memory is pinned so the key doesn't leak to swap, unload
> > the key before a 'hibernate', and that sort of stuff?
>
> No, this does only report a key of zeros when the status is requested.
>
> The unloading thing is no problem to fix, but how should the
> 'hibernate' thing work? When you resume after a 'hibernate' you probably
> expect that the device is there, especially if it's on the root
> partition. But I clearly see your point.
*Scratches head*, I'd expect the default to be "doing the safe thing",
eg. picking up on hibernation and nuking the key (disabling any crypto
devices). If there's a lean no-hassles user interface to get the
password entered and the devices up again when the machine is resumed,
I'd imagine most users to be happy about it, especially when they're
told that it's done to protect their encrypted data?
There might be a few people annoyed by it? Or there might even be
some obscure technical reason why you'd want your keys to survive
hibernation.. For those cases there could be an option to disable
"hibernation protection" or what not.
Dunno, IANA expert :-o.
More information about the dm-devel
mailing list