Forgot your password?
typodupeerror
Bug DRM Linux

New Secure Boot Patches Break Hibernation 196

Posted by Unknown Lamer
from the intentional-side-effects dept.
hypnosec writes "Matthew Garrett published some patches today which break hibernate and kexec support on Linux when Secure Boot is used. The reason for disabling hibernation is that currently the Linux kernel doesn't have the capability of verifying the resume image when returning from hibernation, which compromises the Secure Boot trust model. The reason for disabling the kexec support while running in Secure Boot is that the kernel execution mechanism may be used to load a modified kernel thus bypassing the trust model of Secure Boot." Before arming your tactical nuclear flame cannon, note that mjg says "These patches break functionality that people rely on without providing any functional equivalent, so I'm not suggesting that they be merged as-is." Support for signed kexec should come eventually, but it looks like hibernation will require some clever hacking to support properly in a Restricted Boot environment.
This discussion has been archived. No new comments can be posted.

New Secure Boot Patches Break Hibernation

Comments Filter:

I use technology in order to hate it more properly. -- Nam June Paik

Working...