The problem arises for a multiuser computer with encrypted swap, as to how to allow each user to hibernate and resume from hibernation without compromising the security of the other users.
I'm looking for a way in which each user's swap usage is encrypted specifically for them, such that when they want to resume from hibernation they can do so by entering only their password/passphrase. They should not be able to decrypt other users' swap; all users' processes must be stopped until the respective user can provide their passphrase to decrypt their swap and continue their processes.
Users may wish for some or all of their processes to be unencrypted so that they can continue regardless of who resumes the computer.
As long as no personal data is stored in system processes and the system doesn't let users' keys hit swap, then the system's swap doesn't need to be encrypted, and that means that any user can resume the system without compromising other users.
Note that this could be complemented by encrypting the system with a key stored in BIOS firmware such as Coreboot or LibreBoot to make tampering very difficult, but this is a fundamentally different approach based on the apparent difficulty of tampering with the hardware involved rather than a complete cryptographic approach to preventing people from reading personal data of others assuming tampering is not an issue. For optimal security, these two mechanisms could be used together, but in this question, I'm asking for the fully cryptographic approach.
In theory it makes sense, but in practice it may not be implemented. I hope that this is possible in Linux.
Best Answer
Yes, anything is possible via software. You'd have to modify probably some significant portions of the kernel to do this. If you are talking about now....no. In fact you cannot allocate system swap space based on a given user at all.
Another avenue of approach is not to allocate any swap space on on physical partition and carve out a large preallocated file for a truecrypt volume, mount it, and create a swapfile under that. Then set the system to use that file under the truecrypt volume as a swap file. I do not guarantee the stability nor to processing efficiency of such a move however, this would be to you to experiment with. However, this would be per SYSTEM not per user.