On Fri, June 26, 2015 15:19, Arno Wagner wrote: > Hi Heinz, > > I doubt it. It is a valid question, bit also one any halfway > competent implementor of crypto on Linux has to ask themselves. > > Without verifying what is actually done (Milan is the expert for > that), I assume: > > - Passphrases get stored only in locked memory and that does > not get swapped. (Root permissions are needed anyways for > setting up any mapping. E.g. GnuPG has a harder job here > as it does not necessarily run as root. AFAIK it uses a > suid second stage exactly for the purpose of having locked > memory.) cryptsetup indeed mlocks() the whole process' memory as soon as possible including all future pages. That should even include all pages from all forked proceses IIRC. > - Passphrases are wiped from memory as soon as possible. > - I have no idea whether locked memory can end up in a > core-dump, but usually these are disabled anyways. There certainly is a debug option to get coredumps including locked pages, I presume. > - In-kernel keys are protected against leaking to disk. Again, I presume, since I did not check the kernel's source, that the relevant kernel pages are marked as unswappable. I guess when you dump the kernel for debugging you'll get the locked pages aswell - Doesn't make to much sense if all locked pages are missing from the dump. > > The thing is, system encryption is not easy to do and conceptually > does not help a lot. If it was necessary to prevent having > passphrases/keys to disk, that would be a major security flaw > in the handling of said passphrases/keys and it would affect > other things as well, like GnuPG, OpenSSL, etc. and so I hope > somebody would have complained by now if that was a real issue. It is quite difficult to i.e. encrypt /etc (which might include passphrases for services or something) by it's own, so doing a system encryption is quite tempting. Otherwhise you'll have to relocate specific files from /etc to other places and maintain a pile of config changes, which can be quite an effort aswell. > > Gr"usse, > Arno > > Regards -Sven > On Fri, Jun 26, 2015 at 14:59:18 CEST, Heinz Diehl wrote: >> On 26.06.2015, Arno Wagner wrote: >> >> > My advice is to not encrypt the system partition itself, just >> > all user and data partitions. >> >> I wonder if the passphrase could leak to the unencrypted system >> partition in such >> a scenario. E.g. memory contents dumped to disk while crashing or >> similar. In fact, I don't know what is possible or not, I'm just >> curious.. >> >> >> _______________________________________________ >> dm-crypt mailing list >> dm-crypt@xxxxxxxx >> http://www.saout.de/mailman/listinfo/dm-crypt > > -- > Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx > GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D > 9718 > ---- > A good decision is based on knowledge and not on numbers. -- Plato > > If it's in the news, don't worry about it. The very definition of > "news" is "something that hardly ever happens." -- Bruce Schneier > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
