From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mike Snitzer Subject: Re: [PATCH 0/3] dm-crypt: Adds support for wiping key when doing suspend/hibernation Date: Mon, 6 Apr 2015 09:00:46 -0400 Message-ID: <20150406130045.GA18583@redhat.com> References: <1428254419-7334-1-git-send-email-pali.rohar@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Return-path: Content-Disposition: inline In-Reply-To: <1428254419-7334-1-git-send-email-pali.rohar@gmail.com> Sender: linux-raid-owner@vger.kernel.org To: Pali =?iso-8859-1?Q?Roh=E1r?= Cc: Alasdair Kergon , Neil Brown , "Rafael J. Wysocki" , Len Brown , Pavel Machek , dm-devel@redhat.com, linux-raid@vger.kernel.org, linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org List-Id: linux-raid.ids On Sun, Apr 05 2015 at 1:20pm -0400, Pali Roh=E1r wrote: > This patch series increase security of suspend and hibernate actions.= It allows > user to safely wipe crypto keys before suspend and hibernate actions = starts > without race conditions on userspace process with heavy I/O. >=20 > To automatically wipe cryto key for before hibernate action = call: > $ dmsetup message 0 key wipe_on_hibernation 1 >=20 > To automatically wipe cryto key for before suspend action ca= ll: > $ dmsetup message 0 key wipe_on_suspend 1 >=20 > (Value 0 after wipe_* string reverts original behaviour - to not wipe= key) Can you elaborate on the attack vector your changes are meant to protec= t against? The user already authorized access, why is it inherently dangerous to _not_ wipe the associated key across these events? -- To unsubscribe from this list: send the line "unsubscribe linux-raid" i= n the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html