* Are the keys of mounted encrypted disks secured during reboot? @ 2022-12-26 19:13 John Smith 2022-12-26 19:42 ` Milan Broz 0 siblings, 1 reply; 4+ messages in thread From: John Smith @ 2022-12-26 19:13 UTC (permalink / raw) To: cryptsetup During the course of proper shutdown/reboot/suspend-to-disk, does the kernel securely erase (or at least free memory of - as it pertains to init_on_free=1) encryption keys of all dmcrypt/luks systems which remained mounted? ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Are the keys of mounted encrypted disks secured during reboot? 2022-12-26 19:13 Are the keys of mounted encrypted disks secured during reboot? John Smith @ 2022-12-26 19:42 ` Milan Broz 2022-12-26 20:10 ` John Smith 0 siblings, 1 reply; 4+ messages in thread From: Milan Broz @ 2022-12-26 19:42 UTC (permalink / raw) To: John Smith, cryptsetup On 12/26/22 20:13, John Smith wrote: > During the course of proper shutdown/reboot/suspend-to-disk, does the > kernel securely erase (or at least free memory of - as it pertains to > init_on_free=1) encryption keys of all dmcrypt/luks systems which > remained mounted? If the device is properly deactivated, then keys are always wiped. (Actually, with LUKS2, dm-crypt no longer keeps own copy of the key, it is stored in kernel keyring only for activation and then, obviously, in kernel crypto where is is directly used for encryption. So if it is not deactivated, it is responsibility of these subsystems to wipe it on reboot.) For suspend to ram, it is more complicated - there is a way how to wipe key and freeze device temporarily (see luksSuspend), but I do no think many systems actually use it. Debian has cryptsetup-suspend that can do this AFAIK. For suspend to disk, the memory should be written to encrypted device. (And RAM contents disappears after some short time with no power anyway.) Milan ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Are the keys of mounted encrypted disks secured during reboot? 2022-12-26 19:42 ` Milan Broz @ 2022-12-26 20:10 ` John Smith 2022-12-28 8:51 ` Milan Broz 0 siblings, 1 reply; 4+ messages in thread From: John Smith @ 2022-12-26 20:10 UTC (permalink / raw) To: Milan Broz, cryptsetup I'm asking about when a regular shutdown/reboot/suspend-to-disk is issued. In most cases the rootfs volume is not unmounted because that would require a pivot_root to a special initrd/ramdisk-rootfs just for powering off. So that would mean the device isn't deactivated via cryptsetup - because that would fail. In that case, when the kernel is preparing to reboot/poweroff, will it wipe the keys or just leave them there vulnerable to cold boot or forensics? On Mon, Dec 26, 2022 at 7:42 PM Milan Broz <gmazyland@gmail.com> wrote: > > On 12/26/22 20:13, John Smith wrote: > > During the course of proper shutdown/reboot/suspend-to-disk, does the > > kernel securely erase (or at least free memory of - as it pertains to > > init_on_free=1) encryption keys of all dmcrypt/luks systems which > > remained mounted? > > If the device is properly deactivated, then keys are always wiped. > > (Actually, with LUKS2, dm-crypt no longer keeps own copy of the key, it > is stored in kernel keyring only for activation and then, obviously, in kernel > crypto where is is directly used for encryption. So if it is not > deactivated, it is responsibility of these subsystems to wipe it on reboot.) > > For suspend to ram, it is more complicated - there is a way how to wipe key > and freeze device temporarily (see luksSuspend), but I do no think many systems > actually use it. Debian has cryptsetup-suspend that can do this AFAIK. > > For suspend to disk, the memory should be written to encrypted device. > (And RAM contents disappears after some short time with no power anyway.) > > Milan ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Are the keys of mounted encrypted disks secured during reboot? 2022-12-26 20:10 ` John Smith @ 2022-12-28 8:51 ` Milan Broz 0 siblings, 0 replies; 4+ messages in thread From: Milan Broz @ 2022-12-28 8:51 UTC (permalink / raw) To: John Smith, cryptsetup On 12/26/22 21:10, John Smith wrote: > I'm asking about when a regular shutdown/reboot/suspend-to-disk is > issued. In most cases the rootfs volume is not unmounted because that > would require a pivot_root to a special initrd/ramdisk-rootfs just for > powering off. > So that would mean the device isn't deactivated via cryptsetup - > because that would fail. Cryptsetup (libcryptsetup) is just library that performs the job, it does not run itself any actions. Once it is called, keys should be wiped. The deactivation/reboot/suspend is handled by init scripts, usually systemd units these days - so check there. It really depends on system configuration. However, last time we played with memory scan for keys after reboot, cold boot is no longer such a problem as memory is wiped during reboot on modern hw (but virtual machines images is a different problem). m. > In that case, when the kernel is preparing to reboot/poweroff, will it > wipe the keys or just leave them there vulnerable to cold boot or > forensics? > > On Mon, Dec 26, 2022 at 7:42 PM Milan Broz <gmazyland@gmail.com> wrote: >> >> On 12/26/22 20:13, John Smith wrote: >>> During the course of proper shutdown/reboot/suspend-to-disk, does the >>> kernel securely erase (or at least free memory of - as it pertains to >>> init_on_free=1) encryption keys of all dmcrypt/luks systems which >>> remained mounted? >> >> If the device is properly deactivated, then keys are always wiped. >> >> (Actually, with LUKS2, dm-crypt no longer keeps own copy of the key, it >> is stored in kernel keyring only for activation and then, obviously, in kernel >> crypto where is is directly used for encryption. So if it is not >> deactivated, it is responsibility of these subsystems to wipe it on reboot.) >> >> For suspend to ram, it is more complicated - there is a way how to wipe key >> and freeze device temporarily (see luksSuspend), but I do no think many systems >> actually use it. Debian has cryptsetup-suspend that can do this AFAIK. >> >> For suspend to disk, the memory should be written to encrypted device. >> (And RAM contents disappears after some short time with no power anyway.) >> >> Milan ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-12-28 8:51 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-12-26 19:13 Are the keys of mounted encrypted disks secured during reboot? John Smith 2022-12-26 19:42 ` Milan Broz 2022-12-26 20:10 ` John Smith 2022-12-28 8:51 ` Milan Broz
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).