From: joeyli <jlee@suse.com>
To: Pavel Machek <pavel@ucw.cz>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>,
Alan Stern <stern@rowland.harvard.edu>,
David Howells <dhowells@redhat.com>,
linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, linux-efi@vger.kernel.org,
linux-pm@vger.kernel.org, linux-crypto@vger.kernel.org,
opensuse-kernel@opensuse.org, "Rafael J. Wysocki" <rjw@sisk.pl>,
Matthew Garrett <mjg59@srcf.ucam.org>,
Len Brown <len.brown@intel.com>, Josh Boyer <jwboyer@redhat.com>,
Vojtech Pavlik <vojtech@suse.cz>,
Matt Fleming <matt.fleming@intel.com>,
Greg KH <gregkh@linuxfoundation.org>,
JKosina@suse.com, Rusty Russell <rusty@rustcorp.com.au>,
Herbert Xu <herbert@gondor.hengli.com.au>,
"David S. Miller" <davem@davemloft.net>,
"H. Peter Anvin" <hpa@zytor.com>, Michal Marek <mmarek@suse.cz>,
Gary Lin <GLin@suse.com>, Vivek Goyal <vgoyal@redhat.com>
Subject: Re: [RFC V4 PATCH 00/15] Signature verification of hibernate snapshot
Date: Thu, 26 Sep 2013 12:40:03 +0800 [thread overview]
Message-ID: <1380170403.32302.52.camel@linux-s257.site> (raw)
In-Reply-To: <20130926002730.GA26857@amd.pavel.ucw.cz>
於 四,2013-09-26 於 02:27 +0200,Pavel Machek 提到:
> On Wed 2013-09-25 15:16:54, James Bottomley wrote:
> > On Wed, 2013-09-25 at 17:25 -0400, Alan Stern wrote:
> > > On Wed, 25 Sep 2013, David Howells wrote:
> > >
> > > > I have pushed some keyrings patches that will likely affect this to:
> > > >
> > > > http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-devel
> > > >
> > > > I intend to ask James to pull these into his next branch. If he's happy to do
> > > > so, I can look at pulling at least your asymmetric keys patch on top of them.
> > >
> > > This suggests a point that I raised at the Linux Plumbers conference:
> > >
> > > Why are asymmetric keys used for verifying the hibernation image? It
> > > seems that a symmetric key would work just as well. And it would be a
> > > lot quicker to generate, because it wouldn't need any high-precision
> > > integer computations.
> >
> > The reason is the desire to validate that the previous kernel created
> > something which it passed on to the current kernel (in this case, the
> > hibernation image) untampered with. To do that, something must be
> > passed to the prior kernel that can be validated but *not* recreated by
> > the current kernel.
>
> I don't get this. Why is it important that current kernel can't
> recreate the signature?
>
> Current kernel is not considered malicious (if it were, you have worse
> problems).
>
Current boot kernel should not malicious especially when UEFI secure
boot enabled.
> Pavel
>
> PS: And yes, it would be nice to have
> Documentation/power/swsusp-uefi.txt (or something) explaining the
> design.
>
Thanks for your suggestion, I will write the swsusp-uefi.txt to
explaining the design in next version.
Thanks a lot!
Joey Lee
next prev parent reply other threads:[~2013-09-26 4:40 UTC|newest]
Thread overview: 127+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-15 0:56 [RFC V4 PATCH 00/15] Signature verification of hibernate snapshot Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
[not found] ` <1379206621-18639-1-git-send-email-jlee-IBi9RG/b67k@public.gmane.org>
2013-09-15 0:56 ` [PATCH V4 01/15] asymmetric keys: add interface and skeleton for implement signature generation Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 02/15] asymmetric keys: implement EMSA_PKCS1-v1_5-ENCODE in rsa Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-17 21:51 ` Dmitry Kasatkin
2013-09-17 21:51 ` Dmitry Kasatkin
2013-09-17 21:51 ` Dmitry Kasatkin
2013-09-18 9:08 ` joeyli
2013-09-18 9:08 ` joeyli
[not found] ` <CACE9dm-7HKz4VFR1bNTTFd-YpYhnkNVwiW81iXSJZbqjUTBR_Q-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-09-18 9:08 ` joeyli
2013-09-18 9:08 ` joeyli
2013-09-18 9:08 ` joeyli
2013-09-18 9:08 ` joeyli
2013-09-17 22:29 ` Dmitry Kasatkin
2013-09-17 22:29 ` Dmitry Kasatkin
2013-09-17 22:29 ` Dmitry Kasatkin
2013-09-23 16:49 ` Phil Carmody
[not found] ` <20130923164931.GD6772-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2013-09-26 7:08 ` joeyli
2013-09-26 7:08 ` joeyli
2013-09-15 0:56 ` [PATCH V4 03/15] asymmetric keys: separate the length checking of octet string from RSA_I2OSP Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 04/15] asymmetric keys: implement OS2IP in rsa Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 05/15] asymmetric keys: implement RSASP1 Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 06/15] asymmetric keys: support parsing PKCS #8 private key information Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 07/15] asymmetric keys: explicitly add the leading zero byte to encoded message Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 08/15] Hibernate: introduced RSA key-pair to verify signature of snapshot Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 09/15] Hibernate: generate and " Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH 10/15] Hibernate: Avoid S4 sign key data included in snapshot image Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 11/15] Hibernate: taint kernel when signature check fail Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 12/15] Hibernate: show the verification time for monitor performance Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
2013-09-15 0:56 ` [PATCH V4 13/15] Hibernate: introduced SNAPSHOT_SIG_HASH config for select hash algorithm Lee, Chun-Yi
2013-09-15 0:56 ` Lee, Chun-Yi
[not found] ` <1379206621-18639-14-git-send-email-jlee-IBi9RG/b67k@public.gmane.org>
2013-09-18 13:45 ` Pavel Machek
2013-09-18 13:45 ` Pavel Machek
2013-09-26 1:43 ` joeyli
[not found] ` <20130918134535.GA3748-tWAi6jLit6GreWDznjuHag@public.gmane.org>
2013-09-26 1:43 ` joeyli
2013-09-26 1:43 ` joeyli
2013-09-26 1:43 ` joeyli
2013-09-26 1:43 ` joeyli
2013-09-26 8:21 ` Pavel Machek
2013-09-26 8:21 ` Pavel Machek
2013-09-26 1:43 ` joeyli
2013-09-15 0:57 ` [PATCH V4 14/15] Hibernate: notify bootloader regenerate key-pair for snapshot verification Lee, Chun-Yi
2013-09-15 0:57 ` Lee, Chun-Yi
2013-09-15 0:57 ` [PATCH V4 15/15] Hibernate: adapt to UEFI secure boot with signature check Lee, Chun-Yi
2013-09-15 0:57 ` Lee, Chun-Yi
2013-09-25 21:04 ` [RFC V4 PATCH 00/15] Signature verification of hibernate snapshot David Howells
2013-09-25 21:04 ` David Howells
2013-09-25 21:25 ` Alan Stern
2013-09-25 21:25 ` Alan Stern
2013-09-25 22:16 ` James Bottomley
[not found] ` <1380147414.18835.36.camel-sFMDBYUN5F8GjUHQrlYNx2Wm91YjaHnnhRte9Li2A+AAvxtiuMwx3w@public.gmane.org>
2013-09-26 0:27 ` Pavel Machek
2013-09-26 0:27 ` Pavel Machek
[not found] ` <20130926002730.GA26857-tWAi6jLit6GreWDznjuHag@public.gmane.org>
2013-09-26 2:32 ` James Bottomley
2013-09-26 2:32 ` James Bottomley
[not found] ` <1380162771.18835.47.camel-sFMDBYUN5F8GjUHQrlYNx2Wm91YjaHnnhRte9Li2A+AAvxtiuMwx3w@public.gmane.org>
2013-09-26 6:24 ` Jiri Kosina
2013-09-26 6:24 ` Jiri Kosina
2013-09-26 14:44 ` James Bottomley
[not found] ` <1380206654.18835.56.camel-sFMDBYUN5F8GjUHQrlYNx2Wm91YjaHnnhRte9Li2A+AAvxtiuMwx3w@public.gmane.org>
2013-09-26 14:48 ` Jiri Kosina
2013-09-26 14:48 ` Jiri Kosina
[not found] ` <alpine.LNX.2.00.1309261646150.18703-ztGlSCb7Y1iN3ZZ/Hiejyg@public.gmane.org>
2013-09-26 14:56 ` Vojtech Pavlik
2013-09-26 14:56 ` Vojtech Pavlik
2013-09-26 14:56 ` Vojtech Pavlik
2013-09-26 4:40 ` joeyli
2013-09-26 4:40 ` joeyli [this message]
2013-09-26 4:40 ` joeyli
2013-09-26 4:40 ` joeyli
2013-09-26 4:40 ` joeyli
2013-09-26 4:40 ` joeyli
2013-09-26 1:11 ` Alan Stern
2013-09-26 1:11 ` Alan Stern
2013-09-26 1:11 ` Alan Stern
2013-09-26 2:19 ` joeyli
2013-09-26 2:19 ` joeyli
[not found] ` <Pine.LNX.4.44L0.1309251723001.26508-100000-pYrvlCTfrz9XsRXLowluHWD2FQJk+8+b@public.gmane.org>
2013-09-26 2:19 ` joeyli
2013-09-26 2:19 ` joeyli
2013-09-26 2:19 ` joeyli
2013-09-26 2:19 ` joeyli
2013-09-26 10:43 ` joeyli
2013-09-26 10:43 ` joeyli
2013-09-26 10:43 ` joeyli
2013-09-26 10:43 ` joeyli
2013-09-26 12:06 ` Pavel Machek
[not found] ` <20130926120621.GA7537-tWAi6jLit6GreWDznjuHag@public.gmane.org>
2013-09-26 12:21 ` Michal Marek
2013-09-26 12:21 ` Michal Marek
[not found] ` <524426C3.1050501-AlSwsSmVLrQ@public.gmane.org>
2013-09-26 12:23 ` Vojtech Pavlik
2013-09-26 12:23 ` Vojtech Pavlik
2013-09-26 12:22 ` Vojtech Pavlik
2013-09-26 12:22 ` Vojtech Pavlik
2013-09-26 13:20 ` joeyli
[not found] ` <20130926122210.GA30225-AlSwsSmVLrQ@public.gmane.org>
2013-09-26 13:20 ` joeyli
2013-09-26 13:20 ` joeyli
2013-09-26 13:20 ` joeyli
2013-09-26 13:20 ` joeyli
2013-09-26 13:20 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
2013-09-26 12:56 ` joeyli
[not found] ` <1380161957.32302.42.camel-ONCj+Eqt86TasUa73XJKwA@public.gmane.org>
2013-09-26 10:43 ` joeyli
2013-09-26 10:43 ` joeyli
2013-09-26 1:36 ` joeyli
2013-09-26 1:36 ` joeyli
2013-09-26 1:36 ` joeyli
2013-09-26 1:36 ` joeyli
2013-09-26 1:36 ` joeyli
[not found] ` <29408.1380143073-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
2013-09-26 1:36 ` joeyli
2013-10-17 14:18 ` Rafael J. Wysocki
2013-10-17 14:18 ` Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1380170403.32302.52.camel@linux-s257.site \
--to=jlee@suse.com \
--cc=GLin@suse.com \
--cc=JKosina@suse.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.hengli.com.au \
--cc=hpa@zytor.com \
--cc=jwboyer@redhat.com \
--cc=len.brown@intel.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matt.fleming@intel.com \
--cc=mjg59@srcf.ucam.org \
--cc=mmarek@suse.cz \
--cc=opensuse-kernel@opensuse.org \
--cc=pavel@ucw.cz \
--cc=rjw@sisk.pl \
--cc=rusty@rustcorp.com.au \
--cc=stern@rowland.harvard.edu \
--cc=vgoyal@redhat.com \
--cc=vojtech@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.