Arch Linux

ruffy

Member

Registered: 2017-06-10

Posts: 70

hibernation with encrypted swap partition

Hi,

I currently have three partitions: boot, swap, and root. Both swap and root are encrypted with LUKS, and the root partition uses a btrfs filesystem. However, I haven't been able to get hibernation to work with this setup. Is hibernation truly infeasible with this configuration, or is there something I might be missing?

In the following, I have replaced the UUIDs with placeholders (<U1>, …, <U6>) to make it easier to see which ones are being used.
I use arch linux 6.12.49-1-lts.

/etc/crypttab:

cryptroot UUID=<U1> none luks,discard
cryptswap UUID=<U2> /etc/k/swap.key luks,discard

lsblk:

NAME          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
nvme0n1       259:0    0 953.9G  0 disk 
├─nvme0n1p1   259:1    0     1G  0 part  /boot
├─nvme0n1p2   259:2    0    64G  0 part 
│ └─cryptswap 254:1    0    64G  0 crypt [SWAP]
└─nvme0n1p3   259:3    0 888.9G  0 part 
  └─cryptroot 254:0    0 888.9G  0 crypt
                                         /home
                                         /

blkid

blkid
/dev/mapper/cryptswap: UUID="<U3>" TYPE="swap"
/dev/nvme0n1p3: UUID="<U4>" TYPE="crypto_LUKS" PARTUUID="..."
/dev/nvme0n1p2: UUID="<U5>" TYPE="crypto_LUKS" PARTUUID="..."
/dev/mapper/cryptroot: UUID="<U6>" UUID_SUB="..." BLOCK_SIZE="4096" TYPE="btrfs"
...

/etc/default/grub

GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet cryptdevice=UUID=<U1>:cryptroot root=/dev/mapper/cryptroot rootflags=subvol=@ resume=UUID=<U3>"

/etc/mkinitcpio.conf

HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt filesystems resume fsck)
RESUME=/dev/mapper/cryptswap

Without hibernation, I get the following error after entering the passphrase to unlock the cryptroot volume:

Failed to stat resume device '/dev/disk/by-uuid/<U3>': no such file or directory

With hibernation, I get the same error after entering the passphrase to unlock the cryptroot volume:

Reported hibernation image: ID=arch kernel=6.12.49-1-lts UUID=<U3> offset=0
Failed to stat resume device '/dev/disk/by-uuid/<U3>': no such file or directory

Does anyone know how I can fix this, or is hibernation simply not possible with an encrypted swap partition setup?

Mrkd1904

Member

Registered: 2023-11-08

Posts: 84

Re: hibernation with encrypted swap partition

Hi,

I currently have three partitions: boot, swap, and root. Both swap and root are encrypted with LUKS, and the root partition uses a btrfs filesystem. However, I haven't been able to get hibernation to work with this setup. Is hibernation truly infeasible with this configuration, or is there something I might be missing?

In the following, I have replaced the UUIDs with placeholders (<U1>, …, <U6>) to make it easier to see which ones are being used.
I use arch linux 6.12.49-1-lts.

/etc/crypttab:

cryptroot UUID=<U1> none luks,discard
cryptswap UUID=<U2> /etc/k/swap.key luks,discard

lsblk:

NAME          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
nvme0n1       259:0    0 953.9G  0 disk 
├─nvme0n1p1   259:1    0     1G  0 part  /boot
├─nvme0n1p2   259:2    0    64G  0 part 
│ └─cryptswap 254:1    0    64G  0 crypt [SWAP]
└─nvme0n1p3   259:3    0 888.9G  0 part 
  └─cryptroot 254:0    0 888.9G  0 crypt
                                         /home
                                         /

blkid

blkid
/dev/mapper/cryptswap: UUID="<U3>" TYPE="swap"
/dev/nvme0n1p3: UUID="<U4>" TYPE="crypto_LUKS" PARTUUID="..."
/dev/nvme0n1p2: UUID="<U5>" TYPE="crypto_LUKS" PARTUUID="..."
/dev/mapper/cryptroot: UUID="<U6>" UUID_SUB="..." BLOCK_SIZE="4096" TYPE="btrfs"
...

/etc/default/grub

GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet cryptdevice=UUID=<U1>:cryptroot root=/dev/mapper/cryptroot rootflags=subvol=@ resume=UUID=<U3>"

/etc/mkinitcpio.conf

HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt filesystems resume fsck)
RESUME=/dev/mapper/cryptswap

Without hibernation, I get the following error after entering the passphrase to unlock the cryptroot volume:

Failed to stat resume device '/dev/disk/by-uuid/<U3>': no such file or directory

With hibernation, I get the same error after entering the passphrase to unlock the cryptroot volume:

Reported hibernation image: ID=arch kernel=6.12.49-1-lts UUID=<U3> offset=0
Failed to stat resume device '/dev/disk/by-uuid/<U3>': no such file or directory

Does anyone know how I can fix this, or is hibernation simply not possible with an encrypted swap partition setup?

Might be a stupid question, but how are you unlocking the swap partition? Passphrase? If so, is it prompting you to unlock at boot?

seth

Member

From: Don't DM me only for attention

Registered: 2012-09-03

Posts: 70,972

Re: hibernation with encrypted swap partition

https://wiki.archlinux.org/title/Dm-cry … _swap_file
https://wiki.archlinux.org/title/Dm-cry … _initramfs

Have you considered to hibernate https://wiki.archlinux.org/title/Dm-cry … _swap_file ?

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

ruffy

Member

Registered: 2017-06-10

Posts: 70

Re: hibernation with encrypted swap partition

Might be a stupid question, but how are you unlocking the swap partition? Passphrase? If so, is it prompting you to unlock at boot?

I tried either passphrase or keyfile (which was stored on the encrypted root partition), however, the swap partition is always decrypted too late for the hibernation image to be found.

Last edited by ruffy (2025-10-22 13:54:47)

ruffy

Member

Registered: 2017-06-10

Posts: 70

Re: hibernation with encrypted swap partition

https://wiki.archlinux.org/title/Dm-cry … _swap_file
https://wiki.archlinux.org/title/Dm-cry … _initramfs

Have you considered to hibernate https://wiki.archlinux.org/title/Dm-cry … _swap_file ?

Thanks, yes I followed already the different approaches from the wiki, however until now nothing did work out.

Yes, I also tried hibernating to a swapfile stored on the encrypted root partition. What I did not try is storing the swapfile on the encrypted swap partition.

seth

Member

From: Don't DM me only for attention

Registered: 2012-09-03

Posts: 70,972

Re: hibernation with encrypted swap partition

What I did not try is storing the swapfile on the encrypted swap partition.

That's not gonna work, encryption or not.

Did you see that you'll have to decrypt/open  the swap partition in the initramfs?

Yes, I also tried hibernating to a swapfile stored on the encrypted root partition.

What does that look like and what error do you get for it?

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

ruffy

Member

Registered: 2017-06-10

Posts: 70

Re: hibernation with encrypted swap partition

I tried specifying /etc/crypttab.initramfs for swap, but that did not work. I will re-read this section in the wiki on the weekend and see if I missed something.