Problems clearing disk encryption keys from RAM during migration Linux into standby mode
During the porting of the cryptsetup-suspend toolkit to NixOS, a bug was discovered in the LUKS disk encryption subsystem (Linux Unified Key Setup), due to which, starting from the kernel Linux 6.9 (the problematic commit), released in May 2024, stopped clearing encryption keys from RAM when the system went into suspend mode. The cryptsetup-suspend tool is used in Debian for automatic blocking […]
