On Sun, Sep 01, 2013 at 12:41:22PM +0200, Florian Weimer wrote: > But if you don't generate fresh keys on every boot, the persistent > keys are mor exposed to other UEFI applications. Correct me if I'm > wrong, but I don't think UEFI variables are segregated between > different UEFI applications, so if anyone gets a generic UEFI variable > dumper (or setter) signed by the trusted key, this cryptographic > validation of hibernate snapshots is bypassable. If anyone can execute arbitrary code in your UEFI environment then you've already lost. -- Matthew Garrett | mjg59@xxxxxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html