[systemd-devel] RFC: luksSuspend support in sleep/sleep.c
Matthew Garrett
mjg59 at google.com
Fri Nov 1 14:31:27 UTC 2019
On Thu, Oct 31, 2019 at 5:06 PM Lennart Poettering
<lennart at poettering.net> wrote:
> Paging doesn't allow that really. It's always ugly. You'd have to have
> your own UI stack in the initrd, i.e. basically have an alternative
> root disk, that possesses the screen exclusively as long as the system
> is up but not unlocked yet.
The initrd already contains a UI stack in order to permit disk unlock
at boot time, so this really doesn't seem like a problem? Switch VTs
before suspend, suspend the LUKS devices so all access blocks and the
keys are dropped, suspend, resume, run the unlock codepath from
initramfs again, switch VTs back, we're good? Things are a little more
complicated if you want to use the disk unlock phrase to also trigger
desktop unlock, but everything else seems reasonably straightforward -
processes will sit in D state until unlocked, but time will continue
as expected.
More information about the systemd-devel
mailing list