From owner-freebsd-fs@FreeBSD.ORG Sun Sep 5 15:04:06 2010 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8FE8E10656C3 for ; Sun, 5 Sep 2010 15:04:06 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: from mail.garage.freebsd.pl (60.wheelsystems.com [83.12.187.60]) by mx1.freebsd.org (Postfix) with ESMTP id 39E168FC08 for ; Sun, 5 Sep 2010 15:04:05 +0000 (UTC) Received: by mail.garage.freebsd.pl (Postfix, from userid 65534) id A3A1C45C9F; Sun, 5 Sep 2010 17:04:04 +0200 (CEST) Received: from localhost (chello089077043238.chello.pl [89.77.43.238]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.garage.freebsd.pl (Postfix) with ESMTP id 71BAC45685; Sun, 5 Sep 2010 17:03:58 +0200 (CEST) Date: Sun, 5 Sep 2010 17:03:44 +0200 From: Pawel Jakub Dawidek To: Carl Message-ID: <20100905150344.GD1900@garage.freebsd.pl> References: <4C834D1A.2010405@telus.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="AsxXAMtlQ5JHofzM" Content-Disposition: inline In-Reply-To: <4C834D1A.2010405@telus.net> User-Agent: Mutt/1.4.2.3i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 9.0-CURRENT amd64 X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on mail.garage.freebsd.pl X-Spam-Level: X-Spam-Status: No, score=-0.6 required=4.5 tests=BAYES_00,RCVD_IN_SORBS_DUL autolearn=no version=3.0.4 Cc: freebsd-fs@freebsd.org Subject: Re: geli'd swap and core dumps X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Sep 2010 15:04:06 -0000 --AsxXAMtlQ5JHofzM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Sep 05, 2010 at 12:56:10AM -0700, Carl wrote: > I would like to encrypt my swap partition like Pawel does on his=20 > company's production servers: >=20 >=20 > http://blogs.freebsdish.org/pjd/2010/08/06/from-sysinstall-to-zfs-only-co= nfiguration/ >=20 > Does Pawel's method result in kernel panics having no functional dump=20 > device? >=20 > What are best practices for achieving encrypted swap and functional core= =20 > dump recovery? Or are these mutually exclusive goals? Well, the idea to encrypt swap is to prevent any sensitive data to be stored on disk unencrypted where it might last for a long time. If you configure to dump kernel memory to a disk (kernel dumps are not encrypted) you kinda miss the point, as kernel memory can contain a lot of sensitive data. It would be best in such cases to use textdump(4) as there is quite a lot of useful info, but no sensitive data at all (or not much at least, depends on what you consider sensitive). Unfortunately rc.d scripts order doesn't allow geli-encrypted swap and dumpdev to co-operate, ie. geli is configured on swap device before savecore(8) has a chance to read underlying device (to be more precise not only read it, but also write to it, as it has to mark the data as already obtained, so we don't save the same crash info on every reboot). On the other hand we do want swap as soon as possible (even before mounting / or /var read-write so we have more memory for fsck(8) for example), so the solution is not as trival as changing scripts order. The better fix would be to obtain and save crash info in memory somewhere before we configure swap and copy it to /var/crash/ once we mount it. --=20 Pawel Jakub Dawidek http://www.wheelsystems.com pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --AsxXAMtlQ5JHofzM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkyDsVAACgkQForvXbEpPzQ/DACcDWH6RyT0T9urUBWXnF/hr5Dk F/4AoJibwtRtqm5KEtbBQ55Bdqgpiv9g =h9sb -----END PGP SIGNATURE----- --AsxXAMtlQ5JHofzM--