aha/kernel
Andreas Steinmetz c2ff18f407 [PATCH] encrypt suspend data for easy wiping
The patch protects from leaking sensitive data after resume from suspend.
During suspend a temporary key is created and this key is used to encrypt the
data written to disk.  When, during resume, the data was read back into memory
the temporary key is destroyed which simply means that all data written to
disk during suspend are then inaccessible so they can't be stolen lateron.

Think of the following: you suspend while an application is running that keeps
sensitive data in memory.  The application itself prevents the data from being
swapped out.  Suspend, however, must write these data to swap to be able to
resume lateron.  Without suspend encryption your sensitive data are then
stored in plaintext on disk.  This means that after resume your sensitive data
are accessible to all applications having direct access to the swap device
which was used for suspend.  If you don't need swap after resume these data
can remain on disk virtually forever.  Thus it can happen that your system
gets broken in weeks later and sensitive data which you thought were encrypted
and protected are retrieved and stolen from the swap device.

Signed-off-by: Andreas Steinmetz <ast@domdv.de>
Acked-by: Pavel Machek <pavel@suse.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-05 00:06:16 -07:00
..
irq [PATCH] irqpoll 2005-06-28 21:20:35 -07:00
power [PATCH] encrypt suspend data for easy wiping 2005-09-05 00:06:16 -07:00
acct.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
audit.c [NETLINK]: Add "groups" argument to netlink_kernel_create 2005-08-29 16:01:11 -07:00
auditsc.c AUDIT: Record working directory when syscall arguments are pathnames 2005-05-27 12:17:28 +01:00
capability.c [PATCH] kernel/capability.c: add kerneldoc 2005-07-27 16:26:06 -07:00
compat.c [PATCH] Fix get_compat_sigevent() 2005-04-16 15:24:01 -07:00
configs.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
cpu.c [PATCH] i386 CPU hotplug 2005-06-25 16:24:29 -07:00
cpuset.c [PATCH] completely disable cpu_exclusive sched domain 2005-08-26 16:38:47 -07:00
crash_dump.c [PATCH] kernel/crash_dump.c: add kerneldoc 2005-07-27 16:26:06 -07:00
dma.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
exec_domain.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
exit.c [PATCH] revert "timer exit cleanup" 2005-08-04 16:57:49 -07:00
extable.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
fork.c [PATCH] lower VM_DONTCOPY total_vm 2005-07-12 16:00:58 -07:00
futex.c [PATCH] convert that currently tests _NSIG directly to use valid_signal() 2005-05-01 08:59:14 -07:00
intermodule.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
itimer.c [PATCH] itimer fixes 2005-07-27 16:25:51 -07:00
kallsyms.c [PATCH] ppc32: platform-specific functions missing from kallsyms. 2005-05-05 16:36:31 -07:00
Kconfig.hz [PATCH] i386: Selectable Frequency of the Timer Interrupt 2005-06-23 09:45:10 -07:00
Kconfig.preempt [PATCH] sched: voluntary kernel preemption 2005-06-25 16:24:45 -07:00
kexec.c [PATCH] kexec: fix sparse warnings 2005-06-28 14:53:40 -07:00
kfifo.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
kmod.c [PATCH] Keys: Pass session keyring to call_usermodehelper() 2005-06-24 00:05:18 -07:00
kprobes.c [PATCH] kprobes: fix namespace problem and sparc64 build 2005-07-05 19:19:00 -07:00
ksysfs.c [PATCH] Kdump: Export crash notes section address through sysfs 2005-06-25 16:24:51 -07:00
kthread.c [PATCH] use smp_mb/wmb/rmb where possible 2005-05-01 08:58:47 -07:00
Makefile [PATCH] kdump: Routines for copying dump pages 2005-06-25 16:24:53 -07:00
module.c [PATCH] Module per-cpu alignment cannot always be met 2005-08-01 21:38:01 -07:00
panic.c [PATCH] Call emergency_reboot from panic 2005-07-26 14:35:43 -07:00
params.c [PATCH] sysfs: (rest) if show/store is missing return -EIO 2005-06-20 15:15:03 -07:00
pid.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
posix-cpu-timers.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
posix-timers.c [PATCH] revert "timer exit cleanup" 2005-08-04 16:57:49 -07:00
printk.c [PATCH] CPU hotplug printk fix 2005-06-25 16:24:34 -07:00
profile.c [PATCH] mostly_read data section 2005-07-07 18:23:46 -07:00
ptrace.c [PATCH] convert that currently tests _NSIG directly to use valid_signal() 2005-05-01 08:59:14 -07:00
rcupdate.c [PATCH] Deprecate synchronize_kernel, GPL replacement 2005-05-01 08:59:04 -07:00
resource.c [PATCH] Use ALIGN to remove duplicate code 2005-06-25 16:25:02 -07:00
sched.c [PATCH] Make RLIMIT_NICE ranges consistent with getpriority(2) 2005-08-18 12:53:58 -07:00
seccomp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
signal.c [PATCH] NPTL signal delivery deadlock fix 2005-08-17 12:52:04 -07:00
softirq.c [PATCH] revert bogus softirq changes 2005-07-30 10:49:59 -07:00
spinlock.c [PATCH] spin_unlock_bh() and preempt_check_resched() 2005-05-21 10:46:48 -07:00
stop_machine.c [PATCH] smp_processor_id() cleanup 2005-06-21 18:46:13 -07:00
sys.c [PATCH] Remove suspend() calls from shutdown path 2005-08-04 08:20:47 -07:00
sys_ni.c [PATCH] remove sys_set_zone_reclaim() 2005-08-01 10:03:56 -07:00
sysctl.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
time.c [PATCH] clean up inline static vs static inline 2005-07-27 16:26:20 -07:00
timer.c [PATCH] preempt race in getppid 2005-08-23 11:44:29 -07:00
uid16.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
user.c [PATCH] inotify 2005-07-12 20:38:38 -07:00
wait.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
workqueue.c [PATCH] remove name length check in a workqueue 2005-08-10 11:55:19 -07:00