On Tuesday, June 2, 2020 9:45:45 PM MST Chris Murphy wrote:
On Tue, Jun 2, 2020 at 10:28 PM Samuel Sieb <samuel(a)sieb.net>
wrote:
>
>
> I would expect that using an encrypted partition for swap should be
> sufficient to allow it though.
Unfortunately not. Encryption provides no integrity or authenticity.
The original set of patches for signed and authenticated hibernation
images called for the use of an HMAC for signing, and upstream
considered this insufficient and asked why not use AES-GCM to provide
a real AE (authenticated encryption) model.
In what way do you believe it's not sufficient?
Not only is encryption alone inadequate, the signature verification
model should ensure that the hibernation image being restored was
created by the computer it is being restored to.
Why?
I am not a cryptographer. And I can't do a better job of
explaining
it. But it's a problem. And my disappointment isn't relevant to the
security issue. It's relevant from a UX perspective I suppose.
It's a severe UX issue that you cannot use a standard feature of normal
systems, hibernation.
But, I've also just spent two days trying to track down a new
hibernation bug, resulting in fatal hibernation entry. Even without
the Secure Boot issue, hibernation can be a problem that requires
resources that are not finite. I had this working reliably several
months ago, and I've exhausted my time and interest for now doing
kernel regression testing and have literally no idea why it's
consistently failing now. On three machines (one is a VM). I did
report it upstream, I haven't gotten a reply yet (normal).
There are two emails, bottom one is the first.
https://lore.kernel.org/linux-pm/CAJCQCtQVGqxtZZTRgscT7e4inTacAd7KAmoNOz3gB4
Hf1Nkp0w(a)mail.gmail.com/
--
Chris Murphy
--
John M. Harris, Jr.