On Mon, Nov 20, 2023 at 10:07 PM Kelvie Wong <kelvie@xxxxxxxxx> wrote: > On Mon, 20 Nov 2023 at 13:12, Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > On Mon, Nov 13, 2023 at 11:01 PM Randy Dunlap <rdunlap@xxxxxxxxxxxxx> wrote: > > > > > > [add security & dhowells] > > > > > > On 11/13/23 18:23, Kelvie Wong wrote: > > > > This allows the user to tell the kernel that they know better (namely, > > > > they secured their swap properly), and that it can enable hibernation. > > > > > > > > I've been using this for about a year now, as it doesn't seem like > > > > proper secure hibernation was going to be implemented back then, and > > > > it's now been a year since I've been building my own kernels with this > > > > patch, so getting this upstreamed would save some CO2 from me building > > > > my own kernels every upgrade. > > > > > > > > Some other not-me users have also tested the patch: > > > > > > > > https://community.frame.work/t/guide-fedora-36-hibernation-with-enabled-secure-boot-and-full-disk-encryption-fde-decrypting-over-tpm2/25474/17 > > > > > > > > Signed-off-by: Kelvie Wong <kelvie@xxxxxxxxx> > > > > I would feel a lot better about this if there was a way to verify that > > the swap was protected as opposed to leaving that as a note in a doc > > that the majority of users will never see, read, or understand. > > I'd argue that this wouldn't even be necessary if we detect the swap was > protected -- hibernation should just be enabled in that case without setting > any parameters. > > My understanding is that it was disabled waiting for this > functionality, and it's been > at least a couple of years now [1], so it looks like it's not such an > easy problem. I've got to warn you that I have an allergic reaction to arguments that start with "the right solution is really hard, so let's pick the easier, worse solution." ;) > Anyway, my argument is that the majority of users will never use this kernel > parameter anyway, so I think it's a fair assumption that the power users that > *do* use this will educate themselves on why this parameter even exists. I guess I'm still not sold on this idea, I'm sorry. -- paul-moore.com
