From 6ee52814672e95bf1649d45362a6fc5df78a0f52 Mon Sep 17 00:00:00 2001 From: Taylor R Campbell Date: Thu, 3 Jun 2021 11:27:34 +0000 Subject: [PATCH] uvm(9): Enable swap encryption by default. For machines where the performance impact of swapping before the system has an opportunity to process `vm.swap_encrypt=0' in /etc/sysctl.conf, you can disable it again by adding options VMSWAP_DEFAULT_PLAINTEXT to the kernel config. --- share/man/man4/options.4 | 10 ++++++++++ sys/uvm/files.uvm | 1 + sys/uvm/uvm_swap.c | 5 +++++ 3 files changed, 16 insertions(+) diff --git a/share/man/man4/options.4 b/share/man/man4/options.4 index e0940df6cecf..f969bb7b3940 100644 --- a/share/man/man4/options.4 +++ b/share/man/man4/options.4 @@ -2203,6 +2203,16 @@ for details. .It Cd options VMSWAP Enable paging device/file support. This option is on by default. +.It Cd options VMSWAP_DEFAULT_PLAINTEXT +Store swap in plaintext, not encrypted, which may expose secrets if the +underlying nonvolatile medium is disclosed. +This option is off by default; it is available only for extremely slow +machines where the performance impact of swapping early at boot +outweighs the security risks. +Swap encryption can still be turned on dynamically with the +.Em vm.swap_encrypt +.Xr sysctl 7 +knob. .It Cd options PDPOLICY_CLOCKPRO Use CLOCK-Pro, an alternative page replace policy. .El diff --git a/sys/uvm/files.uvm b/sys/uvm/files.uvm index 223c661e433b..baef1567038c 100644 --- a/sys/uvm/files.uvm +++ b/sys/uvm/files.uvm @@ -8,6 +8,7 @@ defflag opt_uvmhist.h UVMHIST_PRINT: KERNHIST_PRINT defparam opt_uvmhist.h UVMHIST_MAPHIST_SIZE UVMHIST_PDHIST_SIZE defflag opt_uvm.h UVMMAP_COUNTERS defparam opt_uvm.h UVM_RESERVED_PAGES_PER_CPU +defflag opt_vmswap.h VMSWAP_DEFAULT_PLAINTEXT defflag opt_vmswap.h VMSWAP : aes defflag opt_readahead.h READAHEAD_STATS defflag opt_ubc.h UBC_STATS diff --git a/sys/uvm/uvm_swap.c b/sys/uvm/uvm_swap.c index 1602bbd27d89..dfc23f19d745 100644 --- a/sys/uvm/uvm_swap.c +++ b/sys/uvm/uvm_swap.c @@ -35,6 +35,7 @@ __KERNEL_RCSID(0, "$NetBSD: uvm_swap.c,v 1.204 2021/05/23 00:36:36 mrg Exp $"); #include "opt_uvmhist.h" #include "opt_compat_netbsd.h" #include "opt_ddb.h" +#include "opt_vmswap.h" #include #include @@ -210,7 +211,11 @@ static struct workqueue *sw_reg_workqueue; /* tuneables */ u_int uvm_swapisfull_factor = 99; +#if VMSWAP_DEFAULT_PLAINTEXT bool uvm_swap_encrypt = false; +#else +bool uvm_swap_encrypt = true; +#endif /* * prototypes