Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP

To: tech-kern%netbsd.org@localhost
Subject: Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
From: mlelstv%serpens.de@localhost (Michael van Elst)
Date: Tue, 19 May 2020 05:38:08 -0000 (UTC)

martin%duskware.de@localhost (Martin Husemann) writes:

>I agree with both. Leave it an admin decision (and maybe default to
>"encrypt"). Also assume that it is possible to complete enough of /etc/rc.d
>without any swapping ;-} so a simple setting in /etc/sysctl.conf will do.

If you don't allow to disable encryption, the code could be simplified to
not track encrypted and non-ecnrypted parts of the swap. Instead the
setting should be fixed before swap is enabled. Otherwise you still end
with unencrypted bits in the swap partition.

-- 
-- 
                                Michael van Elst
Internet: mlelstv%serpens.de@localhost
                                "A potential Snark may lurk in every tree."

References:
- Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
  - From: Alexander Nasonov
- re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
  - From: matthew green
- Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
  - From: Alexander Nasonov
- Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
  - From: Thor Lancelot Simon
- Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
  - From: Mouse
- Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
  - From: Martin Husemann

Prev by Date: Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
Next by Date: Re: sys/idtype.h unused enumeration values
Previous by Thread: Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
Next by Thread: Re: KAUTH_SYSTEM_UNENCRYPTED_SWAP
Indexes:

Home | Main Index | Thread Index | Old Index