nixos/…/swap.nix: don't create a LUKS header for randomEncryption #27188
Conversation
Creating and then erasing the key relies on the disk erasing data correctly, and otherwise allows attackers to simply decrypt swap just using "secretkey". We don't actually need a LUKS header, so we can save ourselves some pointless disk writes and identifiability. In addition, I wouldn't have made the awful mistake of backing up my swap partition's LUKS header instead of my zpool's. May my data rest in peace.
|
See also #25999 |
|
*shrug* |
|
Yeah probably giving too much choices is sometimes a bad thing in security. |
|
cc @abbradar |
|
Quick heads-up -- I won't be able to work on NixOS (and generally be available online) for two more weeks. |
|
I propose we merge this first, then. Seems like an obvious improvement & doesn't preclude any of the other enhancements. |
To be true on this #25999 does not break the user config because it uses |
|
I think we should merge this. @GeNTooFReaK are you saying we shouldn't? IMO this is a serious bug. |
|
@grahamc I'm totally in to merge this ASAP. I just wanted to note that #25999 would be nice too (and it does not break config), because it enables me and others to change the cipher for swap to something more performant which is a great benefit especially on low-end hardware (without AES-NI). I'm speaking of 20 MB/s with the default |
fpletz
added
1.severity: security
|
Gotcha. Thank you @GeNTooFReaK! |
Creating and then erasing the key relies on the disk erasing data
correctly, and otherwise allows attackers to simply decrypt swap just
using "secretkey". We don't actually need a LUKS header, so we can save
ourselves some pointless disk writes and identifiability.
In addition, I wouldn't have made the awful mistake of backing up my swap partition's LUKS header instead of my zpool's. May my data rest in peace.