Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Encrypting swap partition/file....main memory?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
statikregimen
Apprentice
Apprentice


Joined: 16 Jul 2011
Posts: 168
Location: USA/Michigan

PostPosted: Thu Sep 17, 2020 2:09 am    Post subject: Encrypting swap partition/file....main memory? Reply with quote

This is a bit of a different question and not sure where to put it. I'm guessing here, or in Off the Wall....?

Backstory (probably not necessary to read): I bought this system with 32gb of memory, and apparently opted out of a swap partition. Cities Skylines is one of my favorite games, and it is becoming a beast when I get all my mods & assets installed. 32gb just isn't cutting it any more. Upgrading RAM would require dismantling the entire laptop, which is a no-go since it's getting pretty old and I'll be upgrading within the next year. To avoid modifying partitions, I looked into creating a swap file, like Windows. A quick google reminded me that I know how to make disk images using dd and that would do just fine.

My questions are pretty simple and I've done some research, but didn't find any really satisfying answers:

1- It feels like I should encrypt such a swap file?
2- That makes me wonder if I should also encrypt my swap partitions when I actually have them?
3- And then have to wonder about main memory encryption?
4- Am I being overly paranoid? It is a laptop that can be easily stolen, but is also my main PC so has plenty of personal information on it...

A quick google on #3 indicates that main memory encryption is not extremely well supported and/or not widely/wholly implemented at this point... Seems like some promising solutions are on the horizon, but I could be overlooking something.

Bonus question: if I decide to go full paranoid and implement something like SELinux, what kind of performance/compatibility issues might I expect in gaming and more importantly, heavy-hitting pro audio applications?

Thanks for reading!

Just FYI, the laptop is this one: https://wiki.gentoo.org/wiki/MSI_GT72S-G220 (twas me who wrote the original article :D)
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15967

PostPosted: Thu Sep 17, 2020 4:03 am    Post subject: Reply with quote

Encrypting data written to disk is valuable if you want to defend against an adversary who boots and runs his own operating system, where he can bypass any permissions you have defined. Encrypting data in main memory can refer to transparent encryption, where it appears unencrypted to the application, or to opaque encryption, where the application must explicitly decrypt the data for use. You appear to be asking about transparent encryption. As far as I know, this is indeed not widely used. It has a narrow and somewhat unusual threat model, which is probably why it is not widely used. Since the encryption is transparent to the application, the only threat this can stop is an attacker who dumps the raw contents of RAM. Most threat models assume an adversary will not attack RAM, because the hardware makes this inconvenient relative to other attacks.

Should you encrypt your disk? That depends on whether you are concerned an adversary would ever have unrestricted physical access to the disk. For a laptop, which as you note is portable and easily stolen, I would choose to encrypt. This is especially pertinent since laptops are more likely to use suspend-to-disk, and anything that was in main memory when you hibernated will persist into swap for an indefinite period. If swap is encrypted (and for this purpose, we assume encrypted well enough that an adversary cannot break it), then that persisted main memory is safe.

SELinux or similar are useful if you expect an adversary to achieve some limited amount of code execution on the system, and want to constrain what he can do with it. For a personal use only system, your biggest risk is probably your web browser, since modern browsers are massively overgrown and overly complicated. There are other options, such as Firejail for Firefox, to confine the browser without needing to configure a full system-wide security policy. If I did not expect a targeted attack, and the system was only for personal use (rather than offering servers to the world), and my main threat is indiscriminate malware, I would confine the browser, and not use a full system security policy.
Back to top
View user's profile Send private message
statikregimen
Apprentice
Apprentice


Joined: 16 Jul 2011
Posts: 168
Location: USA/Michigan

PostPosted: Thu Sep 17, 2020 7:03 pm    Post subject: Reply with quote

Thank you very much...that pretty much clears everything up for me!

Yes, I was def. talking about "transparent encryption" for main memory - wasn't aware of the terminology. I mainly had meltdown and spectre exploits in mind when I brought it up (not sure if there are others atm). Wondered if encryption could mitigate them effectively, without as much of a performance hit as the OS-level patches (and my thinking on performance, is that I know modern CPUs have built in AES instruction sets that seems like it'd be better than outright disabling OOE or whatever other magic is being done). But it's all speculation from the fringes of my knowledge/understanding of computer science. For example, it'd be kinda pointless if those exploits function at some step after the data had been decrypted already. So I wont worry too much about it for now, but may consider adopting such technology when it becomes more mainstream.

I will definitely be giving Firejail a shot. I have to agree after your reply, that SELinux probably would not offer any benefit to me, but rather a headache...Definitely not providing any hosting services (or any public facing services at all) from this machine!

Thanks again for the comprehensive reply!
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15967

PostPosted: Thu Sep 17, 2020 7:57 pm    Post subject: Reply with quote

I don't know if transparent encryption is the proper term for it, but I picked it because you correctly guessed what I meant by it. I think the speculative execution exploits are not impacted by it, because the relevant data is decrypted before being used in the way that the exploit incorrectly allows.
Back to top
View user's profile Send private message
toralf
Developer
Developer


Joined: 01 Feb 2004
Posts: 3809
Location: Hamburg

PostPosted: Thu Sep 17, 2020 8:13 pm    Post subject: Reply with quote

Hu wrote:
Should you encrypt your disk? That depends on whether you are concerned an adversary would ever have unrestricted physical access to the disk. For a laptop, which as you note is portable and easily stolen, I would choose to encrypt. This is especially pertinent since laptops are more likely to use suspend-to-disk, and anything that was in main memory when you hibernated will persist into swap for an indefinite period. If swap is encrypted (and for this purpose, we assume encrypted well enough that an adversary cannot break it), then that persisted main memory is safe.
IMO you cannot use encrypted swap and hibernation together.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15967

PostPosted: Thu Sep 17, 2020 8:52 pm    Post subject: Reply with quote

You are welcome to that opinion, but I've been doing that for more than 10 years, and it's generally considered good practice. You need a way to supply the passphrase during early boot, which typically means an initramfs.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum