Re: mlock(1)

[Nigel Cunningham]

Hi.

On Sat, 2004-09-25 at 08:59, Andrea Arcangeli wrote:
> On Fri, Sep 24, 2004 at 10:07:25PM +0100, Alan Cox wrote:
> > Keys are a different case anyway. We can swap them if we have encrypted
> > swap (hardware or software) and we could use the crypto lib just to
> > crypt some pages in swap although that might be complex. As such a
> > MAP_CRYPT seems better than mlock. If we don't have cryptable swap then
> > fine its mlock.
> 
> I really like encrypted swap, it should already work fine, I think we
> should make it the default. The cpu cost during swapping should be
> really not significant. It's needed anyways for running suspend on a
> laptop (currently suspend dumps into the swap the cleartext key of any
> cryptoloop device, making cryptoloop pretty much useless).  And the good
> thing is that it won't even need to ask for a password.

I plan on making a plugin for suspend2 that will use the cryptoapi to
encrypt the data. One of the problems with encrypting the swap partition
wholesale is that suspend implementations need to check whether the
image exists and get some unencrypted metadata before beginning to read
the image proper. Currently, they all store the location of the metadata
in the swap header. If that's encrypted, how will they know whether the
image exists. If we're working on an abstraction of swap (transparent
[en|de]cryption), will the actual header still be visible? Will it be
able to be set up early enough in the boot sequence for resuming? (That
later shouldn't be a problem for suspend2 as it lets you set things up
in an initrd before resuming).

Regards,

Nigel

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/