From: Josh Boyer
Git-commit: Not yet, reviewing
Patch-mainline: Not yet, reviewing
References: fate#314486
Target: SLE-11 SP3
There is currently no way to verify the resume image when returning
from hibernate. This might compromise the secure boot trust model,
so until we can work with signed hibernate images we disable it in
a Secure Boot environment.
Signed-off-by: Josh Boyer
Signed-off-by: Matthew Garrett
Acked-by: Lee, Chun-Yi
kernel/power/hibernate.c | 14 +++++++++++++-
kernel/power/main.c | 4 +++-
kernel/power/user.c | 3 +++
3 files changed, 19 insertions(+), 2 deletions(-)
--- a/kernel/power/hibernate.c
+++ b/kernel/power/hibernate.c
@@ -632,6 +632,10 @@ int hibernate(void)
{
int error;
+ if (!capable(CAP_COMPROMISE_KERNEL)) {
+ return -EPERM;
+ }
+
lock_system_sleep();
/* The snapshot device should not be opened while we're running */
if (!atomic_add_unless(&snapshot_device_available, -1, 0)) {
@@ -723,7 +727,7 @@ static int software_resume(void)
/*
* If the user said "noresume".. bail out early.
*/
- if (noresume)
+ if (noresume || !capable(CAP_COMPROMISE_KERNEL))
return 0;
/*
@@ -889,6 +893,11 @@ static ssize_t disk_show(struct kobject
int i;
char *start = buf;
+ if (!capable(CAP_COMPROMISE_KERNEL)) {
+ buf += sprintf(buf, "[%s]\n", "disabled");
+ return buf-start;
+ }
+
for (i = HIBERNATION_FIRST; i <= HIBERNATION_MAX; i++) {
if (!hibernation_modes[i])
continue;
@@ -923,6 +932,9 @@ static ssize_t disk_store(struct kobject
char *p;
int mode = HIBERNATION_INVALID;
+ if (!capable(CAP_COMPROMISE_KERNEL))
+ return -EPERM;
+
p = memchr(buf, '\n', n);
len = p ? p - buf : n;
--- a/kernel/power/main.c
+++ b/kernel/power/main.c
@@ -301,7 +301,9 @@ static ssize_t state_show(struct kobject
}
#endif
#ifdef CONFIG_HIBERNATION
- s += sprintf(s, "%s\n", "disk");
+ if (capable(CAP_COMPROMISE_KERNEL)) {
+ s += sprintf(s, "%s\n", "disk");
+ }
#else
if (s != buf)
/* convert the last space to a newline */
--- a/kernel/power/user.c
+++ b/kernel/power/user.c
@@ -48,6 +48,9 @@ static int snapshot_open(struct inode *i
struct snapshot_data *data;
int error;
+ if (!capable(CAP_COMPROMISE_KERNEL))
+ return -EPERM;
+
lock_system_sleep();
if (!atomic_add_unless(&snapshot_device_available, -1, 0)) {
--
To unsubscribe, e-mail: opensuse-kernel+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-kernel+owner@opensuse.org