2008/2/22, Milan Broz <mbroz@xxxxxxxxxx>: > noah wrote: > > 2008/2/22, Arno Wagner <wagner@xxxxxxxxxxxxxx>: > >> Would be nice to have, but is technologically infeasible. > >> The attack relies on hard-reset. This stops everything in its > >> tracks. No additional code can be executed. > > > > This doesn't mean it shouldn't be done on a controlled shutdown/reboot. > > Several userland tools scrub memory used for storing key material even > > though they've been mlock'd. Why shouldn't the kernel do the same when > > they're not needed anymore? > > > dm-crypt removes key from memory when mapping is removed. > (so after luksClose) Is luksClose really called when a system with encrypted _root_ filesystem is rebooted? Imagine something like: initrd -> luksOpen some device -> mount fs from encrypted volume -> pivot_root to the fs on the encrypted volume -> boot system -> reboot system Just curious since the kernel complains about not being able to unmount the root filesystem when it's encrypted; I *think* it merely remounts it R/O, syncs it and then reboot. -- noah --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx