[pkg-cryptsetup-devel] Bug#707591: cryptsetup: speed up initramfs by reading the passphrase early
Helmut Grohne
helmut at subdivi.de
Fri May 10 06:10:53 UTC 2013
On Fri, May 10, 2013 at 12:32:14AM +0100, Alasdair G Kergon wrote:
> The rest of the tools try to be careful to track any memory into which the
> passphrase or key is written and to wipe that memory before freeing it.
What kind of scenario are you trying to cover here? When an adversary
can read the main memory of the system she can read the keys directly.
The current cryptsetup scripts move the pass phrase via a pipe. How do
you wipe the memory in the kernel used to pass the phrase?
> Your proposal could document cases where this isn't done so users
> are aware.
Documentation definitely does not hurt here.
Note that the remote unlock procedure implemented in the dropbear
package suffers from the very same issue.
Note that I do not believe that this early pass phrase reading tool
should be enabled by default. It only works reliably in the case where
there is only one encrypted device and all it does is save the user
possibly a few seconds. It really is an optimization not needed by
everyone. I would only enable it on machines where it makes a difference
to me.
Helmut
More information about the pkg-cryptsetup-devel
mailing list