[PATCH 07/24] hibernate: Disable when the kernel is locked down
Andy Lutomirski
luto at kernel.org
Sun Apr 22 14:34:43 UTC 2018
On Thu, Apr 19, 2018 at 7:38 AM, David Howells <dhowells at redhat.com> wrote:
> Pavel Machek <pavel at ucw.cz> wrote:
>
>> > There is currently no way to verify the resume image when returning
>> > from hibernate. This might compromise the signed modules trust model,
>> > so until we can work with signed hibernate images we disable it when the
>> > kernel is locked down.
>>
>> I'd rather see hibernation fixed than disabled like this.
>
> The problem is that you have to store the hibernated kernel image encrypted,
> but you can't store the decryption key on disk unencrypted or you've just
> wasted the effort.
>
> So the firmware has to unlock the image, asking the user for a password to
> unlock the key.
Why firmware?
Either the boot kernel could figure out how to ask for a password (or
unseal using the TPM) or we could defer this to userspace. The latter
should already work using kexec-jump, no?
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list