Re: [PATCH 07/24] hibernate: Disable when the kernel is locked down

From: Pavel Machek
Date: Thu Apr 26 2018 - 03:26:55 EST

Next message: Rafael J. Wysocki: "Re: [tip:timers/urgent] Revert: Unify CLOCK_MONOTONIC and CLOCK_BOOTTIME"
Previous message: jacopo mondi: "Re: [PATCH 2/2] ARM: dts: r8a7740: Enable CEU0"
Next in thread: Rafael J. Wysocki: "Re: [PATCH 07/24] hibernate: Disable when the kernel is locked down"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu 2018-04-19 15:38:53, David Howells wrote:
> Pavel Machek <pavel@xxxxxx> wrote:
>
> > > There is currently no way to verify the resume image when returning
> > > from hibernate. This might compromise the signed modules trust model,
> > > so until we can work with signed hibernate images we disable it when the
> > > kernel is locked down.
> >
> > I'd rather see hibernation fixed than disabled like this.
>
> The problem is that you have to store the hibernated kernel image encrypted,
> but you can't store the decryption key on disk unencrypted or you've just
> wasted the effort.

That's not how the crypto needs to work. Talk to Jiri Kosina, ok?

Firmware gives you a key, you keep it secret, use it to sign the
hibernation image on suspend, and verify the signature on resume. Or
something like that.

Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Attachment: signature.asc
Description: Digital signature

Next message: Rafael J. Wysocki: "Re: [tip:timers/urgent] Revert: Unify CLOCK_MONOTONIC and CLOCK_BOOTTIME"
Previous message: jacopo mondi: "Re: [PATCH 2/2] ARM: dts: r8a7740: Enable CEU0"
Next in thread: Rafael J. Wysocki: "Re: [PATCH 07/24] hibernate: Disable when the kernel is locked down"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]