Re: [PATCH encrypted swsusp 1/3] core functionality

From: Herbert Xu
Date: Wed Apr 13 2005 - 16:32:12 EST

Next message: Bjorn Helgaas: "[PATCH] PC300 pci_enable_device fix"
Previous message: Marcel Holtmann: "Re: [2.4] "Fix" introduced in 2.4.27pre2 for bluetooth hci_usbrace causes kernel hang"
In reply to: Andreas Steinmetz: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Next in thread: Andreas Steinmetz: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 13, 2005 at 02:59:28PM +0200, Andreas Steinmetz wrote:
> Herbert Xu wrote:
> > What's wrong with using swap over dmcrypt + initramfs? People have
> > already used that to do encrypted swsusp.
>
> Nothing. The problem is the fact that after resume there is then
> unencrypted(*) data on disk that should never have been there, e.g.
> dm-crypt keys, ssh keys, ...

Why is that? In the case of swap over dmcrypt, swsusp never reads/writes
the disk directly. All operations are done through dmcrypt.

The user has to enter a password before the system can be resumed.
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bjorn Helgaas: "[PATCH] PC300 pci_enable_device fix"
Previous message: Marcel Holtmann: "Re: [2.4] "Fix" introduced in 2.4.27pre2 for bluetooth hci_usbrace causes kernel hang"
In reply to: Andreas Steinmetz: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Next in thread: Andreas Steinmetz: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]