On Tue, Aug 23, 2022 at 03:25:22PM -0700, Evan Green wrote: > Enabling the kernel to be able to do encryption and integrity checks on > the hibernate image prevents a malicious userspace from escalating to > kernel execution via hibernation resume. As a first step toward this, add > the scaffolding needed for the kernel to do AEAD encryption on the > hibernate image, giving us both secrecy and integrity. I'd love Eric to take a look at this, just to make sure the crypto API is being used correctly here. :) -- Kees Cook
