Re: [swsusp] encrypt suspend data for easy wiping

Hi!

> > To prevent data gathering from swap after resume you can encrypt the
> > suspend image with a temporary key that is deleted on resume. Note
> > that the temporary key is stored unencrypted on disk while the system
> > is suspended... still it means that saved data are wiped from disk
> > during resume by simply overwritting the key.
> 
> hm, how useful is that?  swap can still contain sensitive userspace
> stuff.

At least userspace has chance to mark *really* sensitive stuff as
unswappable. Unfortunately that does not work against swsusp :-(.

[BTW... I was thinking about just generating random key on swapon, and
using it, so that data in swap is garbage after reboot; no userspace
changes needed. What do you think?]

> Are there any plans to allow the user to type the key in on resume?

Plans... ;-).

> > +Encrypted suspend image:
> > +------------------------
> > +If you want to store your suspend image encrypted with a temporary
> > +key to prevent data gathering after resume you must compile
> > +crypto and the aes algorithm into the kernel - modules won't work
> > +as they cannot be loaded at resume time.
> 
> Why not just `select' the needed symbols in Kconfig?  It makes
> configuration much easier for the user.
> 
> > +	if(!*tfm) {
> > +	if(sizeof(key) < crypto_tfm_alg_min_keysize(*tfm)) {
> > +	if (mode) {
> 
> Coding style nit: please use a single space after `if'.
> 
> > +fail:	crypto_free_tfm(*tfm);
> > +out:	return error;
> 
> We conventionally insert a newline directly after labels.
> 
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> > +#ifdef CONFIG_SWSUSP_ENCRYPT
> 
> err, no.  Please find a way to reduce the ifdeffery.

Andreas, these are yours.
								Pavel
-- 
teflon -- maybe it is a trademark, but it should not be.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [swsusp] encrypt suspend data for easy wiping
    • From: Grzegorz Kulewski <[email protected]>

• References:
  • [swsusp] encrypt suspend data for easy wiping
    • From: Pavel Machek <[email protected]>
  • Re: [swsusp] encrypt suspend data for easy wiping
    • From: Andrew Morton <[email protected]>

• Prev by Date: Re: Linux 2.6.13-rc2 - Inconsistent kallsyms data
• Next by Date: speedstep-centrino on dothan
• Previous by thread: Re: [swsusp] encrypt suspend data for easy wiping
• Next by thread: Re: [swsusp] encrypt suspend data for easy wiping
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]