Re: [PATCH] zero disk pages used by swsusp on resume

From: Jan Niehusmann
Date: Mon Apr 11 2005 - 09:19:24 EST

Next message: Troy Benjegerdes: "Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation"
Previous message: H. Peter Anvin: "Re: more git updates.."
In reply to: Andreas Steinmetz: "Re: [PATCH] zero disk pages used by swsusp on resume"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Andreas is right, his patches are needed.
>
> Currently, if your laptop is stolen after resume, they can still data
> in swsusp image.

Which shows that swsusp is a security risk if you have sensitive data in
RAM. A thief stealing a running computer can get access to memory
contents much more easy if he can just suspend the system and then
recover all the memory contents from disk. Encrypted swsusp wouldn't
help here if the key is stored on the disk as well.

(This is probably not a real risk in most applications, but one should
keep it in mind and disable swsusp if necessary)

Jan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Troy Benjegerdes: "Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation"
Previous message: H. Peter Anvin: "Re: more git updates.."
In reply to: Andreas Steinmetz: "Re: [PATCH] zero disk pages used by swsusp on resume"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]