Re: mlock(1)

From: Stefan Seyfried
Date: Mon Sep 27 2004 - 09:38:55 EST

Next message: Jean-Luc Cooke: "Re: [PROPOSAL/PATCH] Fortuna PRNG in /dev/random"
Previous message: Andrea Arcangeli: "Re: mlock(1)"
In reply to: Andrea Arcangeli: "Re: mlock(1)"
Next in thread: Andrea Arcangeli: "Re: mlock(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrea Arcangeli wrote:

On Mon, Sep 27, 2004 at 08:16:43AM +0200, Stefan Seyfried wrote:

Why not ask on every boot? (and yes, the passphrase could be stored on a

because I never use suspend/resume on my desktop, I never shutdown my
desktop. I don't see why should I spend time typing a password when
there's no need to. Every single guy out there will complain at linux
hanging during boot asking for password before reaching kdm.

Well, there is more than one use case -> probably we need more than one implementation :-)

I figured out how to make the swap encryption completely transparent to
userspace, and even to swap suspend, so I think it's much better than
having userspace asking the user for a password, or userspace choosing a
random password.

That's fine for the never-enter-a-password case, but for the suspend-case, it's not so good since i want to close the lid and pack away the notebook. Two scenarios, two implementations.

And a resume is - in the beginning - a boot, so just ask early enough
(maybe the bootloader could do this?)

yes, but the bootloader passes the paramters via /proc/cmdline, and it's
not nice to show the password in cleartext there.

We could mask it in /proc/cmdline or think of other mechanisms for passing the secret. Or just ask from the initramfs and start resuming after that.

Keep in mind the password cannot be stored on the harddisk, or it would
be trivial to find it for an attacker stoling the laptop.

suspend/resume is just unusable for me on the laptop until we fix the
crypto issues.

Well, as long as you need your entire $HOME or / encrypted, it's not easy. If you just need e.g. /secret/ encrypted userspace could umount it before suspend and remount it after resume (we also lock X etc, adding a umount / mount should be trivial).
--
Stefan Seyfried, QA / R&D Team Mobile Devices, SUSE LINUX AG Nürnberg.

"Any ideas, John?"
"Well, surrounding them's out."
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jean-Luc Cooke: "Re: [PROPOSAL/PATCH] Fortuna PRNG in /dev/random"
Previous message: Andrea Arcangeli: "Re: mlock(1)"
In reply to: Andrea Arcangeli: "Re: mlock(1)"
Next in thread: Andrea Arcangeli: "Re: mlock(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]