From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jari Ruusu Subject: Re: ACPI + loop(AES) + swsusp Date: Mon, 19 Aug 2002 19:44:00 +0300 Sender: acpi-devel-admin-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org Message-ID: <3D612050.F980C545@pp.inet.fi> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Return-path: Errors-To: acpi-devel-admin-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org List-Help: List-Post: List-Subscribe: , List-Unsubscribe: , List-Archive: To: "John J. Lee" Cc: Robert Stark , Linux Mailinglists , linux-crypto-qDhp9YYfzQpg9hUCZPvPmw@public.gmane.org, swsusp-LcL5texQODR2DW0IdvIQ2g@public.gmane.org, Sean Neakums List-Id: linux-acpi@vger.kernel.org "John J. Lee" wrote: > Given your point about security, wouldn't it be nice if there were yet > another flag to indicate that encrypted partitions should just be > turned off on suspend? > > This is more useful than it sounds -- not all partitions are mounted all > the time. It might actually be convenient if you don't want to > accidentally leave a partition accessible when you walk away from a > machine and forget to losetup -d, or whatever. Like Sean Neakums pointed out in earlier post to linux-crypto list, just forcing unmount or losetup -d is not really an option. Maybe just checking for encrypted loops in userspace _before_ starting suspend is a better solution. Something like this: #!/bin/bash if losetup -a | grep -q -s "AES" ; then echo "Found active encrypted loops, suspend aborted" exit 1 fi echo "now suspending..." echo "1 0 0" > /proc/sys/kernel/swsusp Regards, Jari Ruusu ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390