Re: encrypted swap causing me troubles on boot
On Tue, 29 Apr 2008 09:31:59 -0700, Andrew Sackville-West wrote:
> On Tue, Apr 29, 2008 at 04:01:22PM +0000, Zoho Vignochi wrote:
>> Hello:
>>
>> I have one of the famous Eeepc's and I performed a hardware hack in
>> order to expand internal drive storage space. So I have the internal
>> ssd card (/ dev/sda) 4 GB and a usb stick soldered to one of the usb
>> ports and held internally (/dev/sdb) 32 GB.
>>
>> So I used lvm to install. I have a boot partition /dev/sda1 which is
>> 255M (a bit overkill I know) and the rest of sda is formatted for lvm
>> with the volume group "system" which contains a root, usr, var
>> partitions.
>>
>> On /dev/sdb I set up a volume group "data" which contains swap, tmp,
>> home all on encrypted lvm.
>>
>> The problem is that during the boot process uswsusp wants to access the
>> swap partition to resume from but the crypto device is not yet
>> available. Is there a kernel commandline option to mount the crypto
>> device earlier? I suppose I will have to make a device node in
>> /dev/.static/dev becuase it needs to mount before udev starts. Is this
>> correct?
>>
>>
> I do this, though not on lvm. I have written a little script that
> unencrypts the swap partition and I've put that script into the initrd
> so that it runs before uswsusp tries to start up. It mounts and reads a
> key from my sd card and uses that key to unlock the swap partition.
>
> Essentially, you need to activate the encryption and lvm early on,
> though I don't think you need a static device node to do it. you need
> dev-mapper up, but I think it comes up really early and shouldn't be a
> problem.
>
> If you need more details, I can send you my scripts later when I'm on my
> laptop.
>
That would be very helpful!
Reply to: