From owner-svn-doc-all@freebsd.org Tue Jan 12 04:31:03 2016 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D4B2FA6CD0A; Tue, 12 Jan 2016 04:31:03 +0000 (UTC) (envelope-from bjk@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 89AC21E35; Tue, 12 Jan 2016 04:31:03 +0000 (UTC) (envelope-from bjk@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u0C4V2CD029887; Tue, 12 Jan 2016 04:31:02 GMT (envelope-from bjk@FreeBSD.org) Received: (from bjk@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u0C4V2Lm029886; Tue, 12 Jan 2016 04:31:02 GMT (envelope-from bjk@FreeBSD.org) Message-Id: <201601120431.u0C4V2Lm029886@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bjk set sender to bjk@FreeBSD.org using -f From: Benjamin Kaduk Date: Tue, 12 Jan 2016 04:31:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r48000 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jan 2016 04:31:03 -0000 Author: bjk Date: Tue Jan 12 04:31:02 2016 New Revision: 48000 URL: https://svnweb.freebsd.org/changeset/doc/48000 Log: Add entry on encrypted kernel crash dumps from def Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Tue Jan 12 04:23:47 2016 (r47999) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Tue Jan 12 04:31:02 2016 (r48000) @@ -1980,4 +1980,45 @@ + + + Encrypted Kernel Crash Dumps + + + + + Konrad + Witaszczyk + + def@FreeBSD.org + + + + + Technical Details + Patch Review + + + +

Kernel crash dumps contain information about currently + running processes. This can include sensitive data, for example + passwords kept in memory by a browser when a kernel panic + occurred. An entity that can read data from a dump device or a + crash directory can also extract this information from a core + dump. In order to prevent this situation, the core dump should be + encrypted before it is stored on the dump device.

+ +

This project allows a kernel to encrypt a core dump during + a panic. A user can configure the kernel for encrypted dumps and + save the core dump after reboot using the existing tools, + dumpon(8) and savecore(8). A new tool + decryptcore(8) was added to decrypt the core files.

+ +

A patch has been uploaded to Phabricator for review. The + project is currently being updated to address the review comments, + and should be committed as soon as it is accepted. For more + technical details, please visit the FreeBSD-security mailing list + archive or see the Phabricator review.

+ +