| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 18 Nov 2023 11:20:21 -0800
From: Kelvie Wong <kelvie@...vie.ca>
To: Randy Dunlap <rdunlap@...radead.org>
Cc: linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-pm@...r.kernel.org,
linux-security-module <linux-security-module@...r.kernel.org>,
David Howells <dhowells@...hat.com>
Subject: Re: [PATCH RFC] Add a lockdown_hibernate parameter
Hello,
[sorry for the duplicate, had to re-send this as text/plain]
On Mon, 13 Nov 2023 at 20:01, Randy Dunlap <rdunlap@...radead.org> wrote:
>
> [add security & dhowells]
>
> On 11/13/23 18:23, Kelvie Wong wrote:
> > This allows the user to tell the kernel that they know better (namely,
> > they secured their swap properly), and that it can enable hibernation.
> >
> > I've been using this for about a year now, as it doesn't seem like
> > proper secure hibernation was going to be implemented back then, and
> > it's now been a year since I've been building my own kernels with this
> > patch, so getting this upstreamed would save some CO2 from me building
> > my own kernels every upgrade.
> >
> > Some other not-me users have also tested the patch:
> >
> > https://community.frame.work/t/guide-fedora-36-hibernation-with-enabled-secure-boot-and-full-disk-encryption-fde-decrypting-over-tpm2/25474/17
> > <snip>
Any comments on this patch? Or even a pulse (or a "this is a terrible
idea and it'll never be merged").
Or perhaps a "secure hibernate is on the way so we don't want this".
--
Kelvie
Powered by blists - more mailing lists