[src/trunk]: src/sys/uvm uvm(9): Enable swap encryption by default.

[riastradh <riastradh%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/9adcf7a57a11
branches:  trunk
changeset: 379507:9adcf7a57a11
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Thu Jun 03 20:18:06 2021 +0000

description:
uvm(9): Enable swap encryption by default.

For machines where the performance impact of swapping before the
system has an opportunity to process `vm.swap_encrypt=0' in
/etc/sysctl.conf, you can disable it again by adding

options         VMSWAP_DEFAULT_PLAINTEXT

to the kernel config.

diffstat:

 share/man/man4/options.4 |  12 +++++++++++-
 sys/uvm/files.uvm        |   3 ++-
 sys/uvm/uvm_swap.c       |   9 +++++++--
 3 files changed, 20 insertions(+), 4 deletions(-)

diffs (78 lines):

diff -r 01bd244f083c -r 9adcf7a57a11 share/man/man4/options.4
--- a/share/man/man4/options.4  Thu Jun 03 20:17:37 2021 +0000
+++ b/share/man/man4/options.4  Thu Jun 03 20:18:06 2021 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: options.4,v 1.518 2021/03/14 02:56:07 rin Exp $
+.\"    $NetBSD: options.4,v 1.519 2021/06/03 20:18:06 riastradh Exp $
 .\"
 .\" Copyright (c) 1996
 .\"    Perry E. Metzger.  All rights reserved.
@@ -2203,6 +2203,16 @@ for details.
 .It Cd options VMSWAP
 Enable paging device/file support.
 This option is on by default.
+.It Cd options VMSWAP_DEFAULT_PLAINTEXT
+Store swap in plaintext, not encrypted, which may expose secrets if the
+underlying nonvolatile medium is disclosed.
+This option is off by default; it is available only for extremely slow
+machines where the performance impact of swapping early at boot
+outweighs the security risks.
+Swap encryption can still be turned on dynamically with the
+.Em vm.swap_encrypt
+.Xr sysctl 7
+knob.
 .It Cd options PDPOLICY_CLOCKPRO
 Use CLOCK-Pro, an alternative page replace policy.
 .El
diff -r 01bd244f083c -r 9adcf7a57a11 sys/uvm/files.uvm
--- a/sys/uvm/files.uvm Thu Jun 03 20:17:37 2021 +0000
+++ b/sys/uvm/files.uvm Thu Jun 03 20:18:06 2021 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: files.uvm,v 1.36 2020/08/04 06:10:27 skrll Exp $
+#      $NetBSD: files.uvm,v 1.37 2021/06/03 20:18:06 riastradh Exp $
 
 #
 # UVM options
@@ -8,6 +8,7 @@ defflag opt_uvmhist.h           UVMHIST_PRINT: KE
 defparam opt_uvmhist.h         UVMHIST_MAPHIST_SIZE UVMHIST_PDHIST_SIZE
 defflag opt_uvm.h              UVMMAP_COUNTERS
 defparam opt_uvm.h             UVM_RESERVED_PAGES_PER_CPU
+defflag opt_vmswap.h           VMSWAP_DEFAULT_PLAINTEXT
 defflag opt_vmswap.h           VMSWAP : aes
 defflag opt_readahead.h                READAHEAD_STATS
 defflag opt_ubc.h              UBC_STATS
diff -r 01bd244f083c -r 9adcf7a57a11 sys/uvm/uvm_swap.c
--- a/sys/uvm/uvm_swap.c        Thu Jun 03 20:17:37 2021 +0000
+++ b/sys/uvm/uvm_swap.c        Thu Jun 03 20:18:06 2021 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: uvm_swap.c,v 1.204 2021/05/23 00:36:36 mrg Exp $       */
+/*     $NetBSD: uvm_swap.c,v 1.205 2021/06/03 20:18:06 riastradh Exp $ */
 
 /*
  * Copyright (c) 1995, 1996, 1997, 2009 Matthew R. Green
@@ -30,11 +30,12 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uvm_swap.c,v 1.204 2021/05/23 00:36:36 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uvm_swap.c,v 1.205 2021/06/03 20:18:06 riastradh Exp $");
 
 #include "opt_uvmhist.h"
 #include "opt_compat_netbsd.h"
 #include "opt_ddb.h"
+#include "opt_vmswap.h"
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -210,7 +211,11 @@ static struct workqueue *sw_reg_workqueu
 
 /* tuneables */
 u_int uvm_swapisfull_factor = 99;
+#if VMSWAP_DEFAULT_PLAINTEXT
 bool uvm_swap_encrypt = false;
+#else
+bool uvm_swap_encrypt = true;
+#endif
 
 /*
  * prototypes