On 20/04/2021 08:05, Ulrich Windl wrote:
Kairui Song schrieb am 19.04.2021 um 12:00 in
> Nachricht
> :
>> Hi all,
>>
>> I'm currently trying to add kdump support for systemd with full‑disk
>> LUKS encryption. vmcores contain sensitive data so they should also be
>> protected, and network dump
Hi,
Thanks a lot, these info are very helpful.
Better to keep it for debugging for now, and ask users to use it very carefully.
On Tue, Apr 20, 2021 at 3:54 PM Milan Broz wrote:
>
> Hi,
>
> TL;DR what you are trying to do is to actually reverse many security measures
> we added. It is perhaps ac
Hi,
TL;DR what you are trying to do is to actually reverse many security measures
we added. It is perhaps acceptable for debugging but hardly for real generic
system.
- using memory-hard function increases cost of dictionary and brute-force
attacks
You can always decrease amount of memory neede
On Mon, 2021-04-19 at 18:24 +0100, Daniel P. Berrangé wrote:
> On Mon, Apr 19, 2021 at 01:12:07PM -0400, Simo Sorce wrote:
> > On Mon, 2021-04-19 at 12:02 +0100, Richard W.M. Jones wrote:
> > > On Mon, Apr 19, 2021 at 06:00:38PM +0800, Kairui Song wrote:
> > > > 2. LUKS2 prefers Argon2 as the key d
On Mon, Apr 19, 2021 at 01:12:07PM -0400, Simo Sorce wrote:
> On Mon, 2021-04-19 at 12:02 +0100, Richard W.M. Jones wrote:
> > On Mon, Apr 19, 2021 at 06:00:38PM +0800, Kairui Song wrote:
> > > 2. LUKS2 prefers Argon2 as the key derivation function, designed to
> > > use a lot of memory. kdump is e
On Mon, Apr 19, 2021 at 01:12:07PM -0400, Simo Sorce wrote:
> On Mon, 2021-04-19 at 12:02 +0100, Richard W.M. Jones wrote:
> > On Mon, Apr 19, 2021 at 06:00:38PM +0800, Kairui Song wrote:
> > > 2. LUKS2 prefers Argon2 as the key derivation function, designed to
> > > use a lot of memory. kdump is e
On Mon, 2021-04-19 at 12:02 +0100, Richard W.M. Jones wrote:
> On Mon, Apr 19, 2021 at 06:00:38PM +0800, Kairui Song wrote:
> > 2. LUKS2 prefers Argon2 as the key derivation function, designed to
> > use a lot of memory. kdump is expected to use a minimal amount of
> > memory. Users will have to re
On 19.04.2021 13:02, Richard W.M. Jones wrote:
I'm just going to sympathise with you rather than provide a good
answer here ... We had the same problem in libguestfs where Argon2
used too much memory for our small appliance when opening LUKS2 disks.
We had to simply increase the amount of memory
On Mon, Apr 19, 2021 at 06:00:38PM +0800, Kairui Song wrote:
> 2. LUKS2 prefers Argon2 as the key derivation function, designed to
> use a lot of memory. kdump is expected to use a minimal amount of
> memory. Users will have to reserve a huge amount of memory for kdump
> to work (eg. 1G reserve for
Hi all,
I'm currently trying to add kdump support for systemd with full-disk
LUKS encryption. vmcores contain sensitive data so they should also be
protected, and network dumps sometimes are not available. So kdump has
to open the LUKS encrypted device in the kdump environment.
I'm using systemd/
10 matches
Mail list logo
