Hi Pavel, 於 日,2013-08-25 於 18:25 +0200,Pavel Machek 提到: > On Thu 2013-08-22 19:01:50, Lee, Chun-Yi wrote: > > Introduced a hibernate_key.c file to query the key pair from EFI variables > > and maintain key pair for check signature of S4 snapshot image. We > > loaded the private key when snapshot image stored success. > > > > This patch introduced 2 EFI variables for store the key to sign S4 image and > > verify signature when S4 wake up. The names and GUID are: > > S4SignKey-fe141863-c070-478e-b8a3-878a5dc9ef21 > > S4WakeKey-fe141863-c070-478e-b8a3-878a5dc9ef21 > > > > S4SignKey is used by EFI bootloader to pass the RSA private key that packaged > > by PKCS#8 format, kernel will read and parser it when system boot and reload > > it when S4 resume. EFI bootloader need gnerate a new private key when every > > time system boot. > > > > S4WakeKey is used to pass the RSA public key that packaged by X.509 > > certificate, kernel will read and parser it for check the signature of > > S4 snapshot image when S4 resume. > > > > The follow-up patch will remove S4SignKey and S4WakeKey after load them > > to kernel for avoid anyone can access it through efivarfs. > > > > v3: > > - Load S4 sign key before ExitBootServices. > > Load private key before ExitBootServices() then bootloader doesn't need > > generate key-pair for each booting: > > + Add setup_s4_keys() to eboot.c to load S4 sign key before ExitBootServices. > > + Reserve the memory block of sign key data blob in efi.c > > - In Makefile, moved hibernate_keys.o before hibernate.o for load S4 sign > > key before check hibernate image. It makes sure the new sign key will be > > transfer to resume target kernel. > > - Set "depends on EFI_STUB" in Kconfig > > > > v2: > > Add CONFIG_SNAPSHOT_VERIFICATION for build of hibernate_keys.c depend on > > Kconfig. > > > > Cc: Matthew Garrett <mjg59@xxxxxxxxxxxxx> > > Cc: Takashi Iwai <tiwai@xxxxxxx> > > Reviewed-by: Jiri Kosina <jkosina@xxxxxxx> > > Signed-off-by: Lee, Chun-Yi <jlee@xxxxxxxx> > > > > --- a/arch/x86/boot/compressed/eboot.c > > +++ b/arch/x86/boot/compressed/eboot.c > > @@ -368,6 +368,91 @@ free_handle: > > return status; > > } > > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION > > +static efi_status_t setup_s4_keys(struct boot_params *params) > > +{ > > + struct setup_data *data; > > + unsigned long datasize; > > + u32 attr; > > + struct efi_s4_key *s4key; > > + efi_status_t status; > > + > > + data = (struct setup_data *)(unsigned long)params->hdr.setup_data; > > A bit too many casts. Thanks. Yes, here is my mistake, I will remove "unsigned long" cast. > > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table, > > > > setup_efi_pci(boot_params); > > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION > > + setup_s4_keys(boot_params); > > +#endif > > + > > Move ifdef inside the function? OK, I will define a dummy function for non-verification situation. > > > @@ -729,6 +792,11 @@ void __init efi_init(void) > > > > set_bit(EFI_SYSTEM_TABLES, &x86_efi_facility); > > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION > > + /* keep s4 key from setup_data */ > > + efi_reserve_s4_skey_data(); > > +#endif > > + > > Here too. > I will also use dummy function here. Thanks Joey Lee -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html