Re: crypted swapspace?

Frank v Waveren (fvw@var.cx)
Tue, 14 Dec 1999 17:12:33 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael Stiller: "vanilla 2.2.13 + 1Gb RAM + SMP + CONFIG_2GB crashes"
Previous message: Andrea Arcangeli: "Re: gettimeofday() a special case : why?"

How about just having the kernel generate a random key at boottime, and using
some cryptographic alg. that allow easy seeking, encrypt all that is written
/ read to the swapfile. It would give a slight performance hit, but shouldn't
be too difficult to implement. The key should ofcourse (like all kernel mem)
never be swapped out.

On Tue, Dec 14, 1999 at 11:49:02AM +0100, van Heusden, Folkert wrote:
> I suddenly realised that if your system crashes or reboots in a not so clean
> way, all
> kinds of sensitive data may end up in the swapfile, readable for every
> malicious user
> with a bootdisk.
> As far as I know, it is not possible for unprivilidged users to lock pages
> permanently
> in RAM, so another approach should be taken.
> The most preferable way would be a crypted-filesystem wherein you would have
> a swap-
> file. All of that outside the kernel. Is it possible to swap to something
> controlled
> by a userprocess? Or is a specific crypted swapper more appropriate?
>
>
>
>
> Folkert.
>
> Please send a copy of replies via e-mail; I'm not really in the mailinglist.
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/

Frank v Waveren fvw@var.cx ICQ# 10074100

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Michael Stiller: "vanilla 2.2.13 + 1Gb RAM + SMP + CONFIG_2GB crashes"
Previous message: Andrea Arcangeli: "Re: gettimeofday() a special case : why?"