On Thu 2019-02-28 15:11:45, Matthew Garrett wrote: > From: Josh Boyer <[email protected]> > > There is currently no way to verify the resume image when returning > from hibernate. This might compromise the signed modules trust model, > so until we can work with signed hibernate images we disable it when the > kernel is locked down. > > Signed-off-by: Josh Boyer <[email protected]> > Signed-off-by: David Howells <[email protected]> > Reviewed-by: "Lee, Chun-Yi" <[email protected]> > cc: [email protected]
It would be good to cc hibernation maintainers here.
> ---
> kernel/power/hibernate.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
> index abef759de7c8..802795becb88 100644
> --- a/kernel/power/hibernate.c
> +++ b/kernel/power/hibernate.c
> @@ -70,7 +70,7 @@ static const struct platform_hibernation_ops
> *hibernation_ops;
>
> bool hibernation_available(void)
> {
> - return (nohibernate == 0);
> + return nohibernate == 0 && !kernel_is_locked_down("Hibernation");
> }
>
> /**
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures)
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
signature.asc
Description: Digital signature
