Comment # 5 on bug 1228224 from Joey Lee 
(In reply to Alexander Krupp from comment #0)
> 15.5 was able to hibernate with encrypted swap
> 
> 15.6 fails as follows
> 
[...snip]
> 
> Maybe related lines in journal:
> ---
> Jul 22 21:37:46 nb kernel: Lockdown: systemd-logind: hibernation is
> restricted; see man kernel_lockdown.7
> Jul 22 21:37:46 nb kernel: PM: hibernation: the secret key is invalid
> ---

The EFI secret key for hibernation will be removed in the future because
upsteam does NOT accept it. So we disabled the function for auto-generate
secure key by default in 15-SP6 kernel (which is also 15.6 Leap kernel). If you
still want to use EFI secure key, please raise the regen flag and reboot for
triggering the generation process:

echo 1 > /sys/firmware/efi/secret-key/regen

After reboot, the "PM: hibernation: the secret key is invalid" message will
gone. Then you can start to use hibernation + secure_boot again.

Upstream prefer solution is TPM protected hibernation, but it still did NOT
show on upstream yet.

You are receiving this mail because: