On 09/21/2016 02:09 PM, Ruiz, Edwin wrote: > 1. When LUKS is applied to a partition of a drive, is decrypted > data only stored in memory and never written back to the drive > (unencrypted). yes (if you encrypt swap as well - swapped pages could contain some plaintext and can reach swap drive) > 2. Is there any caching of decrypted data; If accessed again, > is it read from memory or decrypted again? not in dmcrypt, but there is page cache above it (as for all other devices) if direct-io is used, it always read data directly from the device (it avoids page cache) > 3. What are the implications of a system that is shut down > (powerloss, critical failure, etc.) without the command “lucksClose” > issued to an encrypted device? then volume key for active device is not properly wiped from memory (modern bios should wipe memory on reboot though) Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
