halt.sh runs mkswap which wipes out existing swap labels. See also #167372 and http://lists.suspend2.net/lurker/message/20070217.204227.0d0ae22a.en.html
it only runs mkswap if you have $RC_SWAP_ERASE enabled ... if it's a problem, dont enable it
This can be addressed in one of three ways: - Not caring (what seems to have happened so far!) - Add a comment to /etc/conf.d/rc to the RC_SWAP_ERASE block noting that the label will also be destroyed - Add the following fix to halt.sh in the RC_SWAP_ERASE section: LABEL="`dd if=${s} bs=1 skip=1052 count=16 2>/dev/null | strings" ... zero it out ... mkswap -L "$LABEL" ${s} 2>/dev/null
trying to extract the label is really just a hack that relies on behavior that i doubt is guaranteed in any way adding a comment to the conf file is reasonable
It is only an unreliable hack if you think the Linux swap file format randomly changes frequently over time. There are exactly two swap formats for Linux. You can see the trivial struct definition for them by extracting util-linux and looking in disk-utils/swapheader.h Format zero has padding at that offset. Format one has 16 bytes of uuid and then 16 bytes of volume name, with the latter being at offset 1052. disk-utils/mkswap.c still has Linus' copyright on the top, as it changes *that* infrequently. Swap version 1 is default used by mkswap. To get version 0 you need use kernel less than 2.1.117 or to manually specify a pagesize less than 2048 bytes. (ie you have to try really hard to get version 0). So using "dd" will work with all known versions of Linux swap since Linux was originally released (ie version 0 and version 1). Version 1 put the new label and uuid fields into a padding reserved area of version 0. We can expect any future version to do the same thing, although I have never seen any discussion on why version 1 will ever be replaced. (To be clear it is only header changes that could be a problem). I am happy to write a C program that extracts the label. I can also write one that spits out what parameters you need to give to mkswap to get the same swap header back (ie preserve version, page size, label etc). Quite frankly I think that is way overkill and the "dd" stuff is perfectly fine, and an improvement over what is currently in Gentoo which trashes *all* possible parameters. With the increasing tendency of drives and partitions to become dynamic (eg pata controllers named as /dev/sd*), scsi naming being based on discovery order, adding a drive causing all subsequent names to change etc, it looks like using labels will provide a less brittle system for end users.
(In reply to comment #4) > It is only an unreliable hack if you think the Linux swap file format randomly > changes frequently over time. So for example would share swap partitions between say Linux and FreeBSD where this wouldn't work? Then we have encrypted swaps to think about too.
Err, the existing code unilaterally runs mkswap with no arguments having got the list of swap partitions in use from swapon -s. They are all deactivated and then zeroed and then have mkswap run on them. ie they were in use as active swap locations when halt.sh started running. The only behaviour change I am talking about is saving the swap label before the zero and restoring it afterwards when mkswap is run. This has *nothing* to with encrypted swaps or other operating systems. It will not change their behaviour in *any* way. Please read the code in halt.sh before further comments.
i know the code and i know i dont want to add this in fact, i'm thinking about simply removing the rc option altogether if people are just going to complain it doesnt suite their system ... it's a hack in the first place and the tin foil hats can add their own stuff to local.stop
I don't care what is done (I don't actually use the option - I was just looking for other places that trash labels on swap). It would seem that the choices are: - Do nothing (ie merrily trash labels even though the knowledge of how to preserve them is present in this ticket) - The same as above but add a comment to $RC_SWAP_ERASE in /etc/conf.d/rc - Correctly preserve the label (as documented in this bug, I am also willing to write additional code to preserve it that meets whatever the needs are) - Remove the $RC_SWAP_ERASE option since it currently does an incomplete job. (Another bug is that it is careful to only zero the amount in use, but when doing mkswap doesn't set the swap to the same size). Point users to this doc which does the job "properly" for secrecy/privacy reasons http://www.gentoo.org/proj/en/hardened/disk-cryptography.xml
i already said ive added the comment to svn about label trashing
Where exactly did you "already say" that? Comment #1 says don't enable it if wiping out the labels is a problem Comment #3 says that adding a comment is a reasonable action (but doesn't say that that action has been taken) Comment #7 says you know the code and don't want to fix the label getting trashed, and says you "are thinking about" removing the option
screw it, i'm tired of this code no longer exists in baselayout
It looks like RC_SWAP_ERASE has also been removed for BSD compatibility as well 5 months ago. http://sources.gentoo.org/viewcvs.py/baselayout/trunk/init.d/halt.sh?r1=2237&r2=2239 I have also updated the only Gentoo doc I could find that references this feature and pointed to a better alternative (the crypto page with random per boot keys for swap) which was on gentoo-wiki.com
