[dm-devel] [PATCH 0/3] dm-crypt: Adds support for wiping key when doing suspend/hibernation
Mike Snitzer
snitzer at redhat.com
Mon Apr 6 13:00:46 UTC 2015
On Sun, Apr 05 2015 at 1:20pm -0400,
Pali Rohár <pali.rohar at gmail.com> wrote:
> This patch series increase security of suspend and hibernate actions. It allows
> user to safely wipe crypto keys before suspend and hibernate actions starts
> without race conditions on userspace process with heavy I/O.
>
> To automatically wipe cryto key for <device> before hibernate action call:
> $ dmsetup message <device> 0 key wipe_on_hibernation 1
>
> To automatically wipe cryto key for <device> before suspend action call:
> $ dmsetup message <device> 0 key wipe_on_suspend 1
>
> (Value 0 after wipe_* string reverts original behaviour - to not wipe key)
Can you elaborate on the attack vector your changes are meant to protect
against? The user already authorized access, why is it inherently
dangerous to _not_ wipe the associated key across these events?
More information about the dm-devel
mailing list