lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 27 Oct 2018 11:10:07 +0200 From: Borislav Petkov <bp@...en8.de> To: Baoquan He <bhe@...hat.com> Cc: Petr Tesarik <ptesarik@...e.cz>, lijiang <lijiang@...hat.com>, linux-kernel@...r.kernel.org, x86@...nel.org, kexec@...ts.infradead.org, mingo@...hat.com, tglx@...utronix.de, dyoung@...hat.com Subject: Re: [PATCH] kdump, vmcoreinfo: Export sme_me_mask value to vmcoreinfo On Sat, Oct 27, 2018 at 04:13:43PM +0800, Baoquan He wrote: > Yes, agree. So sme_me_mask itself or the encryption bit number, both is > fine. You need the encryption bit position and it better be properly formatted and extracted into a vmcoreinfo-specific variable because we don't expose arch-specific details like sme_me_mask to the outside. > we may use cp to copy /proc/vmcore to a file directly, then analyze > it in another compupter. This often happen when there's something > wrong with makedumpfile, we need debug makedumpfile with the complete > copied file. So for the analyze-on-another-computer scenario you absolutely must copy anything from the first kernel decrypted because you can't decrypt it on the other machine. Which means, in a sensitive environment, you probably should copy and *encrypt* the dump again with gpg or so. -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply. --
Powered by blists - more mailing lists