On Thu, May 11, 2017 at 11:32:30AM -0700, Luis R. Rodriguez wrote: > On Thu, May 11, 2017 at 11:26 AM, Luis R. Rodriguez <mcg...@suse.com> wrote: > > > > It would seems to make sense to me to only need to verify files when read > > for the first time, once its cache I don't see why we would re-verify them ? > > To be clear, the fw cache feature reads the files from the fs prior to > suspend, and then uses the in-memory cache on resume. So it would make > sense to me only to rely on fw verification on resume then when the fw > cache is used ?
Good point. I was thinking of need for verification on resume. As cache is not protected and visible to the kernel, some malware might want to rewrite it :) Thanks, -Takahiro AKASHI > Luis
