GELI suspend/resume
September 28, 2007 by pjd · 39 Comments
I use geli to encrypt partition on my laptop for a very long time.
The only problem is when I need to suspend the laptop (yes, suspend works almost like a charm on my t43) – I need to detach my encrypted partition then. It would be more or less safe for me to leave it attached, as I lock my console with ‘vlock -a’ command, so the only thing a thief can do is to turn off the laptop, thus remove keys from the memory. Although leaving attached partition with all the keys in memory doesn’t seem right…
BTW. ‘vlock -a’ is really nice, because when everything is locked, it will reset the system when one tries to enter DDB. Not sure if that is intended behaviour, but very useful.
Detaching encrypted partition is a bit PITA, as I keep a lot of stuff in there, so before I can unmount the file system and detach it, I need to go through all my x-terms and cd out of directories from encrypted file system, I need to close all encrypted files, etc.
I decided to implement suspend and resume subcommand for geli(8). Before I suspend my laptop I execute ‘geli suspend’. This command tells GELI GEOM class in the kernel to remove all sensitive informations, and delay all further I/O request until ‘geli resume’ (or ‘geli detach’) command is called. This way I don’t need to unmount file system sitting on top of the encrypted partition. When I execute ‘geli resume’ command after resume, I provide my password just like for ‘geli attach’ command, which allows GEOM class to recreate all the keys in the kernel and start the I/O traffic again.
The tricky part is not to suspend a provider which ‘geli resume’ needs to access, because you will simply deadlock your system. For example it most likely won’t work for fully encrypted disk. One way to fix this is to join functionality of suspend and resume geli subcommands, ie. ‘geli suspend’ will automatically ask for the passphrase (without the need of reading or executing anything), which can be given after resuming the laptop. I haven’t decided what to do about that yet, the code is in my perforce tree for now and will probably be committed after the RELENG_7 is branched.
Very Nice!
-aW
HQ0mud U from Russia?
Hey nice site you have. Anyways I just thought I?d chat about some new chess software I found lately. Its called Chess Analysis Pro 7000. its really neat. tryed and tested it cool.
cool site for my mind its very goodPlease, send your abuse here!!! [email protected]
The tournament is looking great so far. I have 3 out of 4 of my Final Four picks still in it. I’m hoping I can win my office pool.
cool site for my mind its very goodPlease, send your abuse here!!! [email protected]
cool site for my mind its very goodPlease, send your abuse here!!! [email protected]
cool site for my mind its very goodPlease, send your abuse here!!! [email protected]
cool site for my mind its very goodPlease, send your abuse here!!! [email protected]
It is one of things I can never understand … how people can think that way. It’s so illogical that it can only be based upon moronity.
Sir, yes sir! I’m agreeing with you, but I don’t think everybody do. You should not be so rude, it frightens of.
? ??? ????, ???? ?? ?????
Hey! nice blog GELI suspend/resume with Betting
Interesting encrypt
nice blog, i am sure i will back here often
Order the top quality abercrombie and fitch clothes from w,you will get a lot of profit.
Order the top quality abercrombie and fitch clothes from now,you will get a lot of profit.
Hello, I am very happy to read your blog. This is another fantastic blog post what I have read. There are so many tools available that it becomes difficult to know which will work. And how best to use them.
ullertonsportsarea3137$anchor$basketball Betting,final Four,final Four Betting,final Four Gambling,final Four Sports Book,final Four S
thank you so much because you post this information.
this blog i think is one of the meaning full for us because it provides us nice and informative data very nicely have done your work and also creates interest in it so i like it and amazed by the work of author in the last i would like to thank you for posting and sharing this very nice blog with us so nice of you
Main have shoes eyes (circle, qian), LACES, deck cloth, Velcro, zipper, silk, cotton, linen suture (string), nail, rivets, non-woven fabric, cardboard, and the Lord in baotou with use of leather, all kinds of ornamental, support a, adhesives, Nike Dunksand paste etc.
Negative with the shoe is a kind of orthopaedic shoes, rehabilitation supplies. As the name suggests, is the height of heel negative, is also the sole is former high low, the function is forced human body back center of gravity, and correct posture.Nike High Tops For Girls Common with the shoe brand has negative: earth’s shoes, thin body fitness shoes, form training shoes.
Womens Nike Dunks LowThe origin of the high-heeled shoes translation-theories, and some say high heels originated from China. When the six dynasties have given high with. The manchu women wear shoes in the flag, some with up to five inches above the central part.
Wow nice information you have shared here. Actually Google made searching of information easy on any topic. Well keep it up and post more interesting blogs.Thanks for sharing.
Checkout,Western Union?It is unlikely that any scammer has their extraordinary credit ranking greeting card digesting facilities(via a digesting opportunity like SagePay,Protx,Worldpay,etc).Instead they make utilization of Paypal,Google Checkout,Western Union(or a blend coming from
Boots issue your efficiency of the person. Your star are invariably glamorous around the frequency, the celebrity curve ball you made a number of people will be anxious, New Mercurial Steam Superfly III FG Crimson provides the top the feeling about the aspect of comfort in addition to effect. Mercurial Water vapor Superfly 3 FG might make players always preserve a great talk about to meet up with the contests the field.
I can’t determine if you really find it irresistible just like me. But i perform propose it. Naturally, if you love the actual soccer super star, Cristiano Ronaldo, check it out!
Nike Mercurial Victory CR7 II TF Astro Turf Trainers Football Boots on sale-White /Black
That is certainly that! I’m not truly exprienced with the little league matches as well as instruction but i think that the wonderful sports boots can make a variation!
i choose this specific set of two football sneakers, or else the low cost, simply because i love Ronaldo! He could be the most popular little league star. i aspiration to experience little league similar to hime. involving cause, every guy which really likes football features a dream that he could get the planet mug! But i comprehend it is only a fantasy, and i am able to participate in with regard to my own Pot.
Cheap Soccer Shoes
Nike Mercurial Vapor Superfly
http://www.soccershoesu.com/us/adidas-adipure-11pro-trx
rx
http://blog.grupthink.com/2011/03/04/update-4-2-1-2-notes/comment-page-2/#comment-60648