noah wrote: > 2008/2/22, Arno Wagner <wagner@xxxxxxxxxxxxxx>: >> Would be nice to have, but is technologically infeasible. >> The attack relies on hard-reset. This stops everything in its >> tracks. No additional code can be executed. > > This doesn't mean it shouldn't be done on a controlled shutdown/reboot. > Several userland tools scrub memory used for storing key material even > though they've been mlock'd. Why shouldn't the kernel do the same when > they're not needed anymore? dm-crypt removes key from memory when mapping is removed. (so after luksClose) Also there is message interface to wipe key, see Alasdair's mail in other thread. (For suspend to disk, script should use: device-mapper suspend + message wipe key, resume from disk: ask for key -> message set key -> resume dm-crypt) (Only key for encrypted swap cannot be removed this way during suspend to disk...) If you find some key material left in memory when not needed anymore, please report a bug :) Milan -- mbroz@xxxxxxxxxx --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx