Unattended encrypted kernel crash dumps
Student: KonradWitaszczyk
Mentor: GlebKurtsou
Project description
Kernel dump may contain a backtrace of function calls, information about processes or even device data. These information should not be seen by a person trying to attack our OS because it might help to hack it. The main goal of the project is to implement encrypted crash dumps. It means that a user will have to decrypt a dump before analysing it. Crash dumps will be encrypted with an one-time AES key which will be shared with a user using an asymmetric key encryption.
Approach to solving the problem
In order to finish this feature it is required to modify crash dump routines, savecore(8) and crashinfo(8). Our solution will use a random symmetric key to encrypt data with AES using XTS mode which will be encrypted with an asymmetric key chosen by a user. We will start with constant keys to implement encryption and then we will make it more user-friendly. After reboot caused by a panic, savecore(8) will copy the dump and its key to dumpdir and make it able to decrypt with PEFS.
During my work I will be sending reports every Monday to the soc-status@FreeBSD.org mailing list:
Deliverables
- Write a rc.d script to generate a symmetric key and encrypt it with an asymmetric key.
- Change crash dump routines to write an encrypted data in a dump device.
Change savecore(8) to store the encrypted dump and its encrypted symmetric key in dumpdir.
Change crashinfo(8) to save an encrypted crash summary along with a crash dump.
Milestones
June 17: Start of coding
June 24: Define a new format of a crash dump header and change savecore(8) to support it
July 1: Import and change PEFS library to encrypt crash dumps
- July 8: Encrypt a crash dump with a constant AES key
July 15: Change savecore(8) to save encrypted crash dumps with its key
July 22: Change savecore(8) to support PEFS
July 29-August 2: Mid-term Evaluations
- August 5: Generate a random one-time symmetric key
- August 12: Encrypt a crash dump with the random symmetric key
August 19: Decrypt a crash dump with the encrypted random symmetric key (savecore(8))
- August 26: Decrypt a crash dump with the encrypted random symmetric key (PEFS)
- September 2: Encrypt a crash summary
- September 9: Tests and documentation
September 16: End of coding (soft)
September 23: End of coding (hard)
Test Plan
I would like to test my project in the following stages:
- Encrypting with a constant AES key.
Decrypting with PEFS after savecore(8) changes.
- Exchanging an one-time AES key.
- Encrypting/decrypting with the one-time AES key.
- Encrypting/decrypting crash summaries.
In order to test the project I will use a diskless virtual machine with a memory disk on a host machine as a dump device. Panics will be forced with the special sysctl variable: sysctl debug.kdb.panic=1.
The Code
Modified FreeBSD-HEAD: https://svnweb.freebsd.org/socsvn/soc2013/def/crashdump-head/
Presentation
The project was presented at FreeBSD Developer Summit during EuroBSDcon 2013. You can find the presentation here.
Useful links
Project in Melange: http://www.google-melange.com/gsoc/project/google/gsoc2013/def/25001
Kernel Debugging: http://www.freebsd.org/doc/en/books/developers-handbook/kerneldebug.html
The XTS-AES Mode for Confidentiality on Storage Devices: http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf
Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC: http://www.cs.ucdavis.edu/~rogaway/papers/offsets.pdf
PEFS: PEFS
savecore(8): http://www.freebsd.org/cgi/man.cgi?query=savecore&sektion=8
NFS Mount Network Booting VirtualBox: http://blog.eitanadler.com/2012/10/nfs-mount-network-booting-virtualbox.html
FreeBSD Development for Smarties. The quest for a better kernel development environment: https://www.bsdcan.org/2010/schedule/attachments/144_bsdcan2010_lstewart_smarties.pdf