lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Apr 2017 21:44:57 +0800 From: joeyli <jlee@...e.com> To: poma <pomidorabelisima@...il.com> Cc: Jiri Kosina <jikos@...nel.org>, "Rafael J. Wysocki" <rafael@...nel.org>, David Howells <dhowells@...hat.com>, Oliver Neukum <oneukum@...e.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Matthew Garrett <mjg59@...f.ucam.org>, linux-efi@...r.kernel.org, gnomes@...rguk.ukuu.org.uk, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Linux PM <linux-pm@...r.kernel.org>, linux-security-module@...r.kernel.org, keyrings@...r.kernel.org, matthew.garrett@...ula.com Subject: Re: [PATCH 11/24] uswsusp: Disable when the kernel is locked down On Sat, Apr 08, 2017 at 05:28:15AM +0200, poma wrote: > On 06.04.2017 22:25, Jiri Kosina wrote: > > On Thu, 6 Apr 2017, Rafael J. Wysocki wrote: > > > >>>>> Your swap partition may be located on an NVDIMM or be encrypted. > >>>> > >>>> An NVDIMM should be considered the same as any other persistent storage. > >>>> > >>>> It may be encrypted, but where's the key stored, how easy is it to retrieve > >>>> and does the swapout code know this? > >>>> > >>>>> Isn't this a bit overly drastic? > >>>> > >>>> Perhaps, but if it's on disk and it's not encrypted, then maybe not. > >>> > >>> Right. > >>> > >>> Swap encryption is not mandatory and I'm not sure how the hibernate > >>> code can verify whether or not it is in use. > >> > >> BTW, SUSE has patches adding secure boot support to the hibernate code > >> and Jiri promised me to post them last year even. :-) > > > > Oh, thanks for a friendly ping :) Adding Joey Lee to CC. > > > > Rafael J., are you talking about HIBERNATE_VERIFICATION ? > > Ref. > https://github.com/joeyli/linux-s4sign/commits/s4sign-hmac-v2-v4.2-rc8 > https://lkml.org/lkml/2015/8/11/47 > https://bugzilla.redhat.com/show_bug.cgi?id=1330335 > I am working on switch to HMAC-SHA512. On the other hand, some mechanisms keep signing/encryption key in memory. e.g. dm-crypt or hibernation verification. Kees Cook suggested that we should add kernel memory reads as a thread model of securelevel to prevent leaking those keys by /dev/kmem, bpf, kdump or hibernation... We still need time to implement it. Thanks a lot! Joey Lee
Powered by blists - more mailing lists