Re: mlock(1)

From: David Lang
Date: Fri Sep 24 2004 - 20:24:33 EST


On Sat, 25 Sep 2004, Andrea Arcangeli wrote:


We could use the cryptoloop or dm-crypto and everything would work fine
if we were ok to re-run mkswap after every reboot (right after choosing
the random password). But it sounds just simpler to leave the swap
header in cleartext. The swap header and the swap metadata in general,
are the only thing that can be written in cleartext safely.


if you don't do a -c mkswap runs fast enough that it shouldn't be a problem to do it every boot.

David Lang

--
There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies.
-- C.A.R. Hoare
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/