From: "Lee, Chun-Yi" <joeyli.kernel@gmail.com>
To: linux-kernel@vger.kernel.org
Cc: linux-efi@vger.kernel.org, linux-pm@vger.kernel.org,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
Matthew Garrett <matthew.garrett@nebula.com>,
Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>,
Josh Boyer <jwboyer@redhat.com>, Vojtech Pavlik <vojtech@suse.cz>,
Matt Fleming <matt.fleming@intel.com>,
Jiri Kosina <jkosina@suse.cz>, "H. Peter Anvin" <hpa@zytor.com>,
Ingo Molnar <mingo@redhat.com>, "Lee, Chun-Yi" <jlee@suse.com>
Subject: [PATCH v2 15/16] PM / hibernate: Bypass verification logic on legacy BIOS
Date: Tue, 11 Aug 2015 14:16:35 +0800 [thread overview]
Message-ID: <1439273796-25359-16-git-send-email-jlee@suse.com> (raw)
In-Reply-To: <1439273796-25359-1-git-send-email-jlee@suse.com>
Current hibernate signature verification solution relies on EFI stub
and efi boot service variable on x86 architecture. So the verification
logic was bypassed on legacy BIOS through checking EFI_BOOT flag.
Reviewed-by: Jiri Kosina <jkosina@suse.com>
Tested-by: Jiri Kosina <jkosina@suse.com>
Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
---
drivers/firmware/efi/efi-hibernate_keys.c | 3 +++
kernel/power/Kconfig | 3 ++-
kernel/power/snapshot.c | 8 ++++++--
kernel/power/user.c | 6 +++++-
4 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/drivers/firmware/efi/efi-hibernate_keys.c b/drivers/firmware/efi/efi-hibernate_keys.c
index 8a50bf1..2125302 100644
--- a/drivers/firmware/efi/efi-hibernate_keys.c
+++ b/drivers/firmware/efi/efi-hibernate_keys.c
@@ -17,6 +17,9 @@ void create_hibernation_key_regen_flag(void)
struct efivar_entry *entry = NULL;
int err = 0;
+ if (!efi_enabled(EFI_RUNTIME_SERVICES))
+ return;
+
if (!set_hibernation_key_regen_flag)
return;
diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
index 1a03777..c30598e 100644
--- a/kernel/power/Kconfig
+++ b/kernel/power/Kconfig
@@ -78,7 +78,8 @@ config HIBERNATE_VERIFICATION
This option provides support for generating and verifying the
signature of memory snapshot image by HMAC-SHA1. Current mechanism
relies on UEFI secure boot environment, EFI stub generates HMAC
- key for hibernate verification.
+ key for hibernate verification. So, the verification logic will be
+ bypassed on legacy BIOS.
config HIBERNATE_VERIFICATION_FORCE
bool "Require hibernate snapshot image to be validly signed"
diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.c
index 486dd73..22b80b7 100644
--- a/kernel/power/snapshot.c
+++ b/kernel/power/snapshot.c
@@ -29,6 +29,7 @@
#include <linux/slab.h>
#include <linux/compiler.h>
#include <linux/ktime.h>
+#include <linux/efi.h>
#include <asm/uaccess.h>
#include <asm/mmu_context.h>
@@ -1469,8 +1470,11 @@ error_digest:
forward_ret:
if (ret)
pr_warn("PM: Signature verifying failed: %d\n", ret);
- /* forward check result when verifying pass or not enforce verifying */
- if (!ret || !sigenforce) {
+ if (ret == -ENODEV && !efi_enabled(EFI_BOOT)) {
+ pr_warn("PM: Bypass verification on non-EFI machine\n");
+ ret = 0;
+ } else if (!ret || !sigenforce) {
+ /* forward check result when verifying pass or not enforce verifying */
snapshot_fill_sig_forward_info(ret);
ret = 0;
}
diff --git a/kernel/power/user.c b/kernel/power/user.c
index a183abd..686d095 100644
--- a/kernel/power/user.c
+++ b/kernel/power/user.c
@@ -24,6 +24,7 @@
#include <linux/console.h>
#include <linux/cpu.h>
#include <linux/freezer.h>
+#include <linux/efi.h>
#include <asm/uaccess.h>
@@ -393,7 +394,10 @@ static long snapshot_ioctl(struct file *filp, unsigned int cmd,
break;
case SNAPSHOT_REGENERATE_KEY:
- set_hibernation_key_regen_flag = !!arg;
+ if (!efi_enabled(EFI_BOOT))
+ error = -ENODEV;
+ else
+ set_hibernation_key_regen_flag = !!arg;
break;
default:
--
2.1.4
next prev parent reply other threads:[~2015-08-11 6:19 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-11 6:16 [PATCH v2 00/16] Signature verification of hibernate snapshot Lee, Chun-Yi
2015-08-11 6:16 ` [PATCH v2 01/16] PM / hibernate: define HMAC algorithm and digest size of hibernation Lee, Chun-Yi
2015-08-11 6:16 ` [PATCH v2 02/16] x86/efi: Add get and set variable to EFI services pointer table Lee, Chun-Yi
2015-08-19 16:35 ` Matt Fleming
2015-08-11 6:16 ` [PATCH v2 03/16] x86/boot: Public getting random boot function Lee, Chun-Yi
2015-08-11 6:16 ` [PATCH v2 04/16] x86/efi: Generating random number in EFI stub Lee, Chun-Yi
2015-08-20 14:12 ` Matt Fleming
2015-08-27 4:06 ` joeyli
2015-08-11 6:16 ` [PATCH v2 05/16] x86/efi: Get entropy through EFI random number generator protocol Lee, Chun-Yi
2015-08-20 14:47 ` Matt Fleming
2015-08-27 4:51 ` joeyli
2015-08-20 20:26 ` Matt Fleming
2015-08-27 6:17 ` joeyli
2015-08-11 6:16 ` [PATCH v2 06/16] x86/efi: Generating random HMAC key for siging hibernate image Lee, Chun-Yi
2015-08-20 20:40 ` Matt Fleming
2015-08-27 9:04 ` joeyli
2015-09-09 12:15 ` Matt Fleming
2015-09-13 2:47 ` joeyli
2015-08-11 6:16 ` [PATCH v2 07/16] efi: Make efi_status_to_err() public Lee, Chun-Yi
2015-08-20 15:07 ` Matt Fleming
2015-08-27 9:06 ` joeyli
2015-08-11 6:16 ` [PATCH v2 08/16] x86/efi: Carrying hibernation key by setup data Lee, Chun-Yi
2015-08-15 17:07 ` Pavel Machek
2015-08-16 5:28 ` joeyli
2015-08-16 21:23 ` Jiri Kosina
2015-08-17 6:54 ` Nigel Cunningham
2015-08-21 12:40 ` Matt Fleming
2015-08-27 9:28 ` joeyli
2015-08-11 6:16 ` [PATCH v2 09/16] PM / hibernate: Reserve hibernation key and erase footprints Lee, Chun-Yi
2015-08-13 2:45 ` Chen, Yu C
2015-08-13 3:25 ` joeyli
2015-08-13 14:33 ` joeyli
2015-08-21 13:27 ` Matt Fleming
2015-08-27 10:21 ` joeyli
2015-09-09 12:24 ` Matt Fleming
2015-09-13 2:58 ` joeyli
2015-08-11 6:16 ` [PATCH v2 10/16] PM / hibernate: Generate and verify signature of hibernate snapshot Lee, Chun-Yi
2015-08-11 6:16 ` [PATCH v2 11/16] PM / hibernate: Avoid including hibernation key to hibernate image Lee, Chun-Yi
2015-08-11 6:16 ` [PATCH v2 12/16] PM / hibernate: Forward signature verifying result and key to image kernel Lee, Chun-Yi
2015-08-11 6:16 ` [PATCH v2 13/16] PM / hibernate: Add configuration to enforce signature verification Lee, Chun-Yi
2015-08-11 6:16 ` [PATCH v2 14/16] PM / hibernate: Allow user trigger hibernation key re-generating Lee, Chun-Yi
2015-08-11 6:16 ` Lee, Chun-Yi [this message]
2015-08-11 6:16 ` [PATCH v2 16/16] PM / hibernate: Document signature verification of hibernate snapshot Lee, Chun-Yi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1439273796-25359-16-git-send-email-jlee@suse.com \
--to=joeyli.kernel@gmail.com \
--cc=hpa@zytor.com \
--cc=jkosina@suse.cz \
--cc=jlee@suse.com \
--cc=jwboyer@redhat.com \
--cc=len.brown@intel.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=matt.fleming@intel.com \
--cc=matthew.garrett@nebula.com \
--cc=mingo@redhat.com \
--cc=pavel@ucw.cz \
--cc=rjw@rjwysocki.net \
--cc=vojtech@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).