| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Apr 2018 09:26:46 +0200
From: Pavel Machek <pavel@....cz>
To: David Howells <dhowells@...hat.com>, jikos@...e.cz
Cc: torvalds@...ux-foundation.org, linux-man@...r.kernel.org,
linux-api@...r.kernel.org, jmorris@...ei.org,
linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: [PATCH 07/24] hibernate: Disable when the kernel is locked down
On Thu 2018-04-19 15:38:53, David Howells wrote:
> Pavel Machek <pavel@....cz> wrote:
>
> > > There is currently no way to verify the resume image when returning
> > > from hibernate. This might compromise the signed modules trust model,
> > > so until we can work with signed hibernate images we disable it when the
> > > kernel is locked down.
> >
> > I'd rather see hibernation fixed than disabled like this.
>
> The problem is that you have to store the hibernated kernel image encrypted,
> but you can't store the decryption key on disk unencrypted or you've just
> wasted the effort.
That's not how the crypto needs to work. Talk to Jiri Kosina, ok?
Firmware gives you a key, you keep it secret, use it to sign the
hibernation image on suspend, and verify the signature on resume. Or
something like that.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)
Powered by blists - more mailing lists