Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S266615AbUI0KcD (ORCPT ); Mon, 27 Sep 2004 06:32:03 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S266626AbUI0KcD (ORCPT ); Mon, 27 Sep 2004 06:32:03 -0400 Received: from cantor.suse.de ([195.135.220.2]:52132 "EHLO Cantor.suse.de") by vger.kernel.org with ESMTP id S266615AbUI0KcA (ORCPT ); Mon, 27 Sep 2004 06:32:00 -0400 Message-ID: <4157B04B.2000306@suse.de> Date: Mon, 27 Sep 2004 08:16:43 +0200 From: Stefan Seyfried User-Agent: Mozilla Thunderbird 0.8 (X11/20040913) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Andrea Arcangeli Cc: Bernd Eckenfels , Alan Cox , Chris Wright , Jeff Garzik , Linux Kernel Mailing List , Andrew Morton , Nigel Cunningham Subject: Re: mlock(1) References: <1096071873.3591.54.camel@desktop.cunninghams> <20040925011800.GB3309@dualathlon.random> In-Reply-To: <20040925011800.GB3309@dualathlon.random> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1106 Lines: 26 Andrea Arcangeli wrote: > random keys are exactly fine, but only for the swap usage on a desktop > machine (the one I mentioned above, where the user will not be asked for > a password), but it's not ok for suspend/resume, suspend/resume needs > a regular password asked to the user both at suspend time and at resume > time. Why not ask on every boot? (and yes, the passphrase could be stored on a fixed disk location - hashed with a function of sufficient complexity and number of bits, just to warn the user if he does a typo, couldn't it?). If suspend is working, you basically never reboot. So why ask on suspend _and_ resume? This also solves the "suspend on lid close" issue. And a resume is - in the beginning - a boot, so just ask early enough (maybe the bootloader could do this?) I'm not a crypto expert at all, just thinking loud... Stefan - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/