Launchpad Entry: encrypted-swap-with-hibernation-support
Packages affected: ecryptfs-utils, ubiquity
Currently home encryption turns on swap encryption. However, since a random boot password is used, it is not possible to resume from hibernation. Normal boot should not require any user input. Resume from hibernation should require any recently logged-in user to type in their password.
After turning on encrypted swap with hibernation support, the user will have to enter their login password to resume from hibernation.
Hibernation should work.
Jane chooses encrypted home directory as an install option. After computer is installed, Jane logs in, then hibernates the computer. Jane resumes the computer at a later time, and enters her own login password when prompted by the resume process.
Jane changes her password. When she hibernates/resumes she enters the new password, not her original.
Jane reboots the computer. No input is required for booting.
Only one swap device is configured.
On install, swap is set up with LUKS encryption. The swap device is /dev/mapper/cryptswap1.
- if only slot 0 is set up in LUKS, then the swap device is reformatted with a new random password in slot 0. The random passowrd is stored in /lib/init/rw/.swap/password.
- if any slot other than 0 is set up in LUKS, the user is prompted for their password for unlocking the swap device, then resume is attempted.
- if the user does not remember their password, they should be able to bypass the password prompt. In this case reformat the LUKS swap device with a random password and store it as in the first case.
- Slots 1-7 are cleared
On local login:
- A slot is chosen for this user, cached in /lib/init/rw/.swap/usermap
- The login password is applied to the chosen slot
- If the all slots are full, LRU policy applies
On change password:
- If user in /lib/init/rw/.swap/usermap, apply new password to chosen slot
Change initramfs config to handle asking user for swap password when needed.
New pam module to handle local login and password change.
Write script to migrate to this setup from:
- non-encrypted swap
- swap encrypted with random key (non-luks)
It's important that we are able to test new features, and demonstrate them to users. Use this section to describe a short plan that anybody can follow that demonstrates the feature is working. This can then be used during testing, and to show off after release. Please add an entry to http://testcases.qa.ubuntu.com/Coverage/NewFeatures for tracking test coverage.
This need not be added or completed until the specification is nearing beta.
- Only last 7 local users are able to resume from hibernation.
BoF agenda and discussion
Use this section to take notes during the BoF; if you keep it in the approved spec, use it for summarising what was discussed and note any options that were rejected.