Unattended encrypted kernel crash dumps
Kernel dump may contain a backtrace of function calls, information about processes or even device data. These information should not be seen by a person trying to attack our OS because it might help to hack it. The main goal of the project is to implement encrypted crash dumps. It means that a user will have to decrypt a dump before analysing it. Crash dumps will be encrypted with an one-time AES key which will be shared with a user using an asymmetric key encryption.
In order to finish this feature it is required to modify crash dump routines, savecore(8) and crashinfo(8). Our solution will use a random symmetric key to encrypt data with AES using XTS mode which will be encrypted with an asymmetric key chosen by a user. We will start with constant keys to implement encryption and then we will make it more user-friendly. After reboot caused by a panic, savecore(8) will copy the dump and its key to dumpdir and make it able to decrypt with PEFS.