Jason Haar wrote: > I've been exclusively using dm-crypt for around 9 months on my Dell laptop > (running FC7) - with a /boot partition and "/" fully encrypted. In the beginning > I also encrypted swap with a static password. > > I use suspend-to-disk a lot and it all worked - in principle. However every 3-4 > "un-suspends" I'd end up with ext3 errors occurring and file loss. In the end it > was diagnosed back to the encrypted swap (I have a ticket open with Fedora about > all this - https://bugzilla.redhat.com/show_bug.cgi?id=281691). Once I went > back to unencrypted swap, the problem appeared to disappear. Hi, problem was *only* if you are using both encrypted swap and suspend to disk (to swap), right? (the last issue seems to be pure hw fault) Well, this is my theory how this corruption could happen: In kernel dm-crypt processes request in special thread. - suspend to disk flushes all filesystems data - suspend stores memory pages into swap (normally simple block device) - power down Dm-crypt is probably still processing some writes to swap in separate thread which are not flushed to disk and lost. Probably some next synchronization point is missing in suspend path, maybe using empty barriers in flush implementation in recent kernels has some influence too. Seems to be suspend problem, not dm-crypt one. Anyway, I tried to fix it but unfortunately my test configuration works ok :) Firstly we need to prove that it is really the issue I described above. If so, then fix should be easy - adding a sync/flush after swap write in suspend path. (In some old kernels were dm-crypt writes processed directly, not in separate thread, maybe these kernels works...) > However, I recently replaced my laptop and so went to FC8 in the same > configuration. It worked well for around 3 weeks but today it totally killed > itself. Once I enter the decrypt password, I just start getting "ata1.0" errors > and eventually a EXT3 error and that's it - game over. > > I am 100% sure this isn't hardware-related. During this 8+ month period I have > successfully harrassed Dell into replacing the disk 3 times, the motherboard > once - and of course I've just got an entire new system. And yet these problems > continue. > > And yet when I read this list, it appears to be working for others (although > most are using to protect "sub-volumes" like /home). Again, problem is probably in combination suspend to disk + encrypted swap. (suspend to ram should be working - at least for me it works with encrypted swap) Encrypted home, root, etc. without suspend to disk should work with no problems. Please if anyone see this problem too (with recent Fedora or any other distribution), comment the bugzilla above (and describe configuration of your system). Thanks, Milan -- mbroz@xxxxxxxxxx --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx