Re: [PATCH encrypted swsusp 1/3] core functionality

[Andreas Steinmetz]

Pavel Machek wrote:
> Applied (it is *not* going to make it into 2.6.12, and not sure about
> 2.6.13, but it is in my local tree now. You had Kconfig and docs
> changes, too, can you retransmit them?
> 								Pavel

No changes to config and docs, but I'll attach them again nevertheless.
BTW: it was quite clear to me that this can't make 2.6.12 and that
2.6.13 might be a bit early.
-- 
Andreas Steinmetz                       SPAMmers use robotrap@xxxxxxxx
--- linux-2.6.11.2/kernel/power/Kconfig.ast	2005-04-10 20:44:48.000000000 +0200
+++ linux-2.6.11.2/kernel/power/Kconfig	2005-04-10 21:01:36.000000000 +0200
@@ -72,3 +72,14 @@
 	  suspended image to. It will simply pick the first available swap 
 	  device.
 
+config SWSUSP_ENCRYPT
+	bool "Encrypt suspend image"
+	depends on SOFTWARE_SUSPEND && CRYPTO=y && (CRYPTO_AES=y || CRYPTO_AES_586=y)
+	default ""
+	---help---
+	  To prevent data gathering from swap after resume you can encrypt
+	  the suspend image with a temporary key that is deleted on
+	  resume.
+
+	  Note that the temporary key is stored unencrypted on disk while the
+	  system is suspended.
--- linux-2.6.11.2/Documentation/power/swsusp.txt.ast	2005-04-10 21:07:01.000000000 +0200
+++ linux-2.6.11.2/Documentation/power/swsusp.txt	2005-04-10 21:10:56.000000000 +0200
@@ -30,6 +30,13 @@
 echo platform > /sys/power/disk; echo disk > /sys/power/state
 
 
+Encrypted suspend image:
+------------------------
+If you want to store your suspend image encrypted with a temporary
+key to prevent data gathering after resume you must compile
+crypto and the aes algorithm into the kernel - modules won't work
+as they cannot be loaded at resume time.
+
 
 Article about goals and implementation of Software Suspend for Linux
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~