I'm working on implementing a cryptographic algorithm.
I'm using locked memory pages to keep sensitive data (such as keys and intermediate values) locked in RAM (having them never be written to swap). See mmap(2).
Is there any way I can protect the CPUs registers and other "intermediate" memory from ever being written to swap?
Here's an example of how that may happen:
The cryptographic process is running. Another process is due to be run next. A context switch occurs (at which point all of the registers are placed somewhere into RAM). Then, the memory page at which those registers are placed gets swapped to disk.
This is a potential problem, no?
(Am I over-engineering this?)
An obvious solution is to have the algorithm check if swap is encrypted, of course.
Aucun commentaire:
Enregistrer un commentaire