On Wed, 31 Oct 2012, Alan Cox wrote: > All this depends on your threat model. If I have physical access to > suspend/resume your machine then you already lost. If I don't have > physical access then I can't boot my unsigned OS to patch your S4 image > so it doesn't matter. Prepare (as a root) a hand-crafted image, reboot, let the kernel resume from that artificial image. It can be viewed as a very obscure way of rewriting the kernel through /dev/mem (which is obviously not possible when in 'secure boot' environment). -- Jiri Kosina SUSE Labs -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html