Re: [PATCH encrypted swsusp 1/3] core functionality

From: Andreas Steinmetz
Date: Fri Apr 15 2005 - 04:47:33 EST

Next message: Andreas Steinmetz: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Previous message: Jesper Juhl: "Re: [PATCH] reiserfs: fix a few 'empty body in an if-statement' warnings."
In reply to: Andreas Steinmetz: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Next in thread: Matt Mackall: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Matt Mackall wrote:
> Zero only the mlocked regions. This should take essentially no time at
> all. Swsusp knows which these are because they have to be mlocked
> after resume as well. If it's not mlocked, it's liable to be swapped
> out anyway.

Nitpicking:
What happens if the disk decides to relocate a close to failing sector
containing mlocked data during resume zeroing? This just means that
there will be sensitive data around on the disk that can't be zeroed
out anymore but which might be recovered by specialized
companies/institutions.
Encrypting these data in the first place reduces this problem to a
single potentially problematic sector.
If this risk is then still too high for you then there's always the
possiblity to use a sledgehammer :-)
--
Andreas Steinmetz SPAMmers use robotrap@xxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andreas Steinmetz: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Previous message: Jesper Juhl: "Re: [PATCH] reiserfs: fix a few 'empty body in an if-statement' warnings."
In reply to: Andreas Steinmetz: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Next in thread: Matt Mackall: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]