From: Heiko Rosemann <heiko.rosemann@web.de>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Dmcrypt and hibernate key disclosure
Date: Sat, 08 Jan 2011 12:53:10 +0100 [thread overview]
Message-ID: <4D285026.3060902@web.de> (raw)
In-Reply-To: <4D27EBFC.3080401@kdzbn.homelinux.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/08/11 05:45, Bryan Kadzban wrote:
> Arno Wagner wrote:
>>>> It seems to me that there is actually no software hook or script
>>>> thet gets executed during resume,
>>> From hibernate, there is. It's a normal bootup, including
>>> initramfs, until some string gets written into /sys/power/resume.
>>> There might be restrictions on when this write can happen, but I'm
>>> sure they at least allow some initramfs code to run.
>>
>> Seems I misunderstood the respective kernel parameter then. Or it is
>> an alternative to the mechanism you describe. So writing to
>> /sys/power/resume replaces the current system with the suspended one?
>
> If you mean the "resume=" kernel command-line parameter, then I am
> fairly sure it will be used by the kernel only in the absence of an
> initramfs. If an initramfs is present, the kernel will do nothing, and
> the initramfs will need to support all options like resume= on its own.
This might be implementation dependend (there is more than one
suspend-to-disk-option for linux). If a resume2= parameter is present
for tuxonice, the initramfs "only" needs to write "1" to
/sys/power/tuxonice/do_resume.
Regards,
Heiko
- --
eMails verschlüsseln mit PGP - privacy is your right!
Mein PGP-Key zur Verifizierung: http://pgp.mit.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk0oUCYACgkQ/Vb5NagElAWmfwCeLfsTTpZpJEabKq8VeYSG2Ln2
PPgAoJuAQEluPGKHCiYXWKYAF7ShAdUU
=tKBj
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2011-01-08 11:53 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-07 1:40 [dm-crypt] Dmcrypt and hibernate key disclosure Aaron Lewis
2011-01-07 2:49 ` Arno Wagner
2011-01-07 4:08 ` Bryan Kadzban
2011-01-07 4:39 ` Arno Wagner
2011-01-08 4:45 ` Bryan Kadzban
2011-01-08 11:53 ` Heiko Rosemann [this message]
2011-01-08 14:55 ` iggy
2011-01-07 10:42 ` Heiko Rosemann
2011-01-11 0:08 ` Richard
2011-01-11 9:11 ` Arno Wagner
2011-01-11 10:31 ` Milan Broz
2011-01-11 16:35 ` Richard
2011-01-11 17:08 ` Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D285026.3060902@web.de \
--to=heiko.rosemann@web.de \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox