From owner-soc-status@FreeBSD.ORG  Mon Jul 15 14:15:34 2013
Return-Path: <owner-soc-status@FreeBSD.ORG>
Delivered-To: soc-status@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 80E78694
 for <soc-status@freebsd.org>; Mon, 15 Jul 2013 14:15:34 +0000 (UTC)
 (envelope-from def@freebsd.org)
Received: from mail1.uj.edu.pl (mail1.uj.edu.pl [149.156.89.193])
 by mx1.freebsd.org (Postfix) with ESMTP id 4604FD04
 for <soc-status@freebsd.org>; Mon, 15 Jul 2013 14:15:34 +0000 (UTC)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; CHARSET=US-ASCII; format=flowed
Received: from [192.168.0.145] ([89.64.234.87])
 by mta.uoks.uj.edu.pl (Oracle Communications Messaging Server 7u4-27.01
 (7.0.4.27.0) 64bit (built Aug 30 2012))
 with ESMTPSA id <0MPZ003WPE1E6D00@mta.uoks.uj.edu.pl> for
 soc-status@freebsd.org; Mon, 15 Jul 2013 16:10:27 +0200 (CEST)
X-Antivirus: Dr.Web (R) for Unix mail servers drweb plugin ver.6.0.2.0
X-Antivirus-Code: 0x100000
Message-id: <51E402D0.8080906@freebsd.org>
Date: Mon, 15 Jul 2013 16:10:24 +0200
From: Konrad Witaszczyk <def@freebsd.org>
Organization: FreeBSD
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620
 Thunderbird/17.0.7
To: soc-status@freebsd.org
Subject: Report #4: Unattended encrypted kernel crash dumps
X-BeenThere: soc-status@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Summer of Code Status Reports and Discussion <soc-status.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/soc-status>
List-Post: <mailto:soc-status@freebsd.org>
List-Help: <mailto:soc-status-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2013 14:15:34 -0000

Things that I've finished recently:
* Import XTS implementation from pefs - create crypto/xts.h.
* Change the kerneldumpheader structure to store data required to 
decrypt data.
* Change the dumperinfo structure to encrypt data in the dump_write 
function.
* Add a kernel option to compile kernel with encrypted crash dumps on 
demand.
* Display encryption details in savecore.
* Encrypt a crash dump with a constant AES key and make it suitable for 
savecore.

I modified dump_write to save data in a dumperinfo buffer so when the 
buffer is full I can encrypt data and call a dumper function to write 
them to a dump device. The buffer should have the same size as a block. 
There is one limitation at the moment: dump_write should receive data in 
a natural order, one after another. Otherwise it will save data in a 
wrong order.

The plan for the next week is to do at least the following things:
* Change savecore to save a key and a tweak in a separate file.
* Create a script to decrypt a crash dump.


Regards,
Konrad Witaszczyk