Re: CVS commit: src/sys/uvm

To: Alexander Nasonov <alnsn%yandex.ru@localhost>
Subject: Re: CVS commit: src/sys/uvm
From: Taylor R Campbell <campbell+netbsd-source-changes-d%mumble.net@localhost>
Date: Mon, 11 May 2020 03:25:40 +0000

> Date: Sun, 10 May 2020 23:53:00 +0100
> From: Alexander Nasonov <alnsn%yandex.ru@localhost>
> 
> Taylor R Campbell wrote:
> > Log Message:
> > Implement swap encryption.
> > 
> > Enabled by sysctl -w vm.swap_encrypt=1.
> 
> If secmodel_securelevel(9) is still a thing, locking down this sysctl
> at high securelevel may improve our security. Prior to this change,
> swap devices were readable (even if enrypted with cgd).  With this
> sysctl set to 1, all new swap devices will be encrypted, the only
> thing to worry about is if it's set back to 0 on a compromised host.

This sounds entirely reasonable.  Would you like to draft an
implementation of that?

Presumably it would require writing a sysctl callback function for
vm.swap_encrypt, and would somehow involve kauth, but I'm not sure
offhand what needs to happen beyond that.  Perhaps vm.user_va0_disable
can be a source of inspiration.

Follow-Ups:
- Re: CVS commit: src/sys/uvm
  - From: Alexander Nasonov

References:
- Re: CVS commit: src/sys/uvm
  - From: Alexander Nasonov

Prev by Date: Re: CVS commit: src/sys/uvm
Next by Date: Re: CVS commit: src/sys/uvm
Previous by Thread: Re: CVS commit: src/sys/uvm
Next by Thread: Re: CVS commit: src/sys/uvm
Indexes:

Home | Main Index | Thread Index | Old Index