Re: [PATCH 1/5] PM / hibernate: Create snapshot keys handler
From: joeyli
Date: Thu Sep 13 2018 - 04:39:36 EST
Hi Randy,
On Wed, Sep 12, 2018 at 09:27:27AM -0700, Randy Dunlap wrote:
> Hi,
>
> On 9/12/18 7:23 AM, Lee, Chun-Yi wrote:
> > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
> > index 3a6c2f87699e..7c5c30149dbc 100644
> > --- a/kernel/power/Kconfig
> > +++ b/kernel/power/Kconfig
> > @@ -76,6 +76,20 @@ config HIBERNATION
> >
> > For more information take a look at <file:Documentation/power/swsusp.txt>.
> >
> > +config HIBERNATION_ENC_AUTH
> > + bool "Hibernation encryption and authentication"
> > + depends on HIBERNATION
> > + depends on TRUSTED_KEYS
> > + select CRYPTO_AES
> > + select CRYPTO_HMAC
> > + select CRYPTO_SHA512
> > + help
> > + This option will encrypt and authenticate the memory snapshot image
> > + of hibernation. It prevents that the snapshot image be arbitrary
>
> arbitrarily
>
> > + modified. User can use TPMs trusted key or user defined key as the
>
> The user
> or A user can use the TPM's trusted key
>
Thanks for your review! I will update it in next version.
Joey Lee