On Tue, Jun 2, 2020 at 10:28 PM Samuel Sieb <samuel@xxxxxxxx> wrote: > > I would expect that using an encrypted partition for swap should be > sufficient to allow it though. Unfortunately not. Encryption provides no integrity or authenticity. The original set of patches for signed and authenticated hibernation images called for the use of an HMAC for signing, and upstream considered this insufficient and asked why not use AES-GCM to provide a real AE (authenticated encryption) model. Not only is encryption alone inadequate, the signature verification model should ensure that the hibernation image being restored was created by the computer it is being restored to. I am not a cryptographer. And I can't do a better job of explaining it. But it's a problem. And my disappointment isn't relevant to the security issue. It's relevant from a UX perspective I suppose. But, I've also just spent two days trying to track down a new hibernation bug, resulting in fatal hibernation entry. Even without the Secure Boot issue, hibernation can be a problem that requires resources that are not finite. I had this working reliably several months ago, and I've exhausted my time and interest for now doing kernel regression testing and have literally no idea why it's consistently failing now. On three machines (one is a VM). I did report it upstream, I haven't gotten a reply yet (normal). There are two emails, bottom one is the first. https://lore.kernel.org/linux-pm/CAJCQCtQVGqxtZZTRgscT7e4inTacAd7KAmoNOz3gB4Hf1Nkp0w@xxxxxxxxxxxxxx/ -- Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
