[dm-devel] dm-crypt userland key patch
Bjorn Andersson
bjorn.andersson at silversmedjan.se
Thu Apr 14 12:14:59 UTC 2005
> Bjorn Andersson wrote:
> > Patch to the dm-crypt module so that it hides the crypto-key from
> > userland. (dmsetup table)
>
> Does it also overwrite the key in memory when unloading dm-crypt, make
> sure that the memory is pinned so the key doesn't leak to swap, unload
> the key before a 'hibernate', and that sort of stuff?
>
> --
> dm-devel mailing list
> dm-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/dm-devel
No, this does only report a key of zeros when the status is requested.
The unloading thing is no problem to fix, but how should the
'hibernate' thing work? When you resume after a 'hibernate' you probably
expect that the device is there, especially if it's on the root
partition. But I clearly see your point.
// Bjorn
More information about the dm-devel
mailing list