lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 22 Jul 2021 09:12:45 +0200
From:   David Hildenbrand <>
To:     Evan Green <>,
        Andrew Morton <>
Cc:, Michal Hocko <>,
        Pavel Machek <>, Alex Shi <>,
        Alistair Popple <>,
        Johannes Weiner <>,
        Joonsoo Kim <>,
        "Matthew Wilcox (Oracle)" <>,
        Miaohe Lin <>,
        Minchan Kim <>,
        Suren Baghdasaryan <>,
        Vlastimil Babka <>,,
Subject: Re: [PATCH v3] mm: Enable suspend-only swap spaces

On 21.07.21 23:40, Evan Green wrote:
> Currently it's not possible to enable hibernation without also enabling
> generic swap for a given swap area. These two use cases are not the
> same. For example there may be users who want to enable hibernation,
> but whose drives don't have the write endurance for generic swap
> activities. Swap and hibernate also have different security/integrity
> requirements, prompting folks to possibly set up something like block-level
> integrity for swap and image-level integrity for hibernate. Keeping swap
> and hibernate separate in these cases becomes not just a matter of
> preference, but correctness.
> Add a new SWAP_FLAG_NOSWAP that adds a swap region but refuses to allow
> generic swapping to it. This region can still be wired up for use in
> suspend-to-disk activities, but will never have regular pages swapped to
> it. This flag will be passed in by utilities like swapon(8), usage would
> probably look something like: swapon -o noswap /dev/sda2.

Just a minor comment, I'd call it rather SWAP_FLAG_HIBERNATE_ONLY and 
SWAP_FLAG_HIBERNATE_ONLY -- that calls the child by its name.

I think some other flags might not apply with that new flag set, right? 
For example, does SWAP_FLAG_DISCARD_ONCE or SWP_AREA_DISCARD still have 
any meaning with the new flag being set?

We should most probably disallow enabling any flag that doesn't make any 
sense in combination.

Apart from that, I'd love to see a comment in here why the workaround 
suggested by Michal isn't feasible -- essentially a summary of what we 

I had a quick glimpse and nothing jumed at me, no mm/swapfile.c expert, 
though :)


David / dhildenb

Powered by blists - more mailing lists