subject:"\[PATCH 5\/5\] PM \/ hibernate\: An option to request that snapshot image must be authenticated"

Re: [PATCH 5/5] PM / hibernate: An option to request that snapshot image must be authenticated

2018-09-13 Thread joeyli

Hi Randy, On Wed, Sep 12, 2018 at 09:24:38AM -0700, Randy Dunlap wrote: > Hi, > > On 9/12/18 7:23 AM, Lee, Chun-Yi wrote: > > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig > > index 7c5c30149dbc..3c998fd6dc4c 100644 > > --- a/kernel/power/Kconfig > > +++ b/kernel/power/Kconfig > > @@

Re: [PATCH 5/5] PM / hibernate: An option to request that snapshot image must be authenticated

2018-09-12 Thread Randy Dunlap

Hi, On 9/12/18 7:23 AM, Lee, Chun-Yi wrote: > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig > index 7c5c30149dbc..3c998fd6dc4c 100644 > --- a/kernel/power/Kconfig > +++ b/kernel/power/Kconfig > @@ -90,6 +90,17 @@ config HIBERNATION_ENC_AUTH > master key of hibernation. The TPM t

[PATCH 5/5] PM / hibernate: An option to request that snapshot image must be authenticated

2018-09-12 Thread Lee, Chun-Yi

This kernel option is similar to the option for kernel module signature verification. When this option is unselected, kernel will be tainted by restored from a snapshot image without (valid) signature. When the option is selected, kernel will refuse the system to be restored from a unauthenticated