[dm-crypt] Dmcrypt and hibernate key disclosure

Bryan Kadzban cryptsetup at kdzbn.homelinux.net
Fri Jan 7 05:08:55 CET 2011


Arno Wagner wrote:
> The other option would be to modify the resume process to
> ask you for the passphrase to the swap partition. I don't 
> know whether that is possible.

In an initramfs, I bet it is, though I've never tried it.  Resuming from
hibernate is handled by writing the major:minor of the block device to
resume from into the /sys/power/resume file, and I would *guess* that
the device node can be a device-mapper child (such as dm-crypt or LVM
would create).

The issue would be whether the device-mapper setup would have to be the
same post-resume as it was pre-hibernate.  I expect it would have to be,
but this is no different from real filesystems; hibernate writes out all
of RAM, so the kernel recovers all of its pre-hibernate state exactly.
(Well, except things like the current time.)

Of course, whether any given distro's initramfs setup can actually do
this (assuming it's possible in the kernel) is a different story.  :-)

> It seems to me that there
> is actually no software hook or script thet gets executed
> during resume,

>From hibernate, there is.  It's a normal bootup, including initramfs,
until some string gets written into /sys/power/resume.  There might be
restrictions on when this write can happen, but I'm sure they at least
allow some initramfs code to run.

>From suspend, there is no hook I know of.  But suspend doesn't normally
write anything to disk either, so that's fine.


More information about the dm-crypt mailing list