Date: Tue, 12 Jan 2016 04:31:02 +0000 (UTC) From: Benjamin Kaduk <bjk@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r48000 - head/en_US.ISO8859-1/htdocs/news/status Message-ID: <201601120431.u0C4V2Lm029886@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bjk Date: Tue Jan 12 04:31:02 2016 New Revision: 48000 URL: https://svnweb.freebsd.org/changeset/doc/48000 Log: Add entry on encrypted kernel crash dumps from def Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Tue Jan 12 04:23:47 2016 (r47999) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Tue Jan 12 04:31:02 2016 (r48000) @@ -1980,4 +1980,45 @@ </task> </help> </project> + + <project cat='proj'> + <title>Encrypted Kernel Crash Dumps</title> + + <contact> + <person> + <name> + <given>Konrad</given> + <common>Witaszczyk</common> + </name> + <email>def@FreeBSD.org</email> + </person> + </contact> + + <links> + <url href="https://lists.FreeBSD.org/pipermail/freebsd-security/2015-December/008780.html">Technical Details</url> + <url href="https://reviews.FreeBSD.org/D4712">Patch Review</url> + </links> + + <body> + <p>Kernel crash dumps contain information about currently + running processes. This can include sensitive data, for example + passwords kept in memory by a browser when a kernel panic + occurred. An entity that can read data from a dump device or a + crash directory can also extract this information from a core + dump. In order to prevent this situation, the core dump should be + encrypted before it is stored on the dump device.</p> + + <p>This project allows a kernel to encrypt a core dump during + a panic. A user can configure the kernel for encrypted dumps and + save the core dump after reboot using the existing tools, + <tt>dumpon(8)</tt> and <tt>savecore(8)</tt>. A new tool + <tt>decryptcore(8)</tt> was added to decrypt the core files.</p> + + <p>A patch has been uploaded to Phabricator for review. The + project is currently being updated to address the review comments, + and should be committed as soon as it is accepted. For more + technical details, please visit the FreeBSD-security mailing list + archive or see the Phabricator review.</p> + </body> + </project> </report>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201601120431.u0C4V2Lm029886>