* joeyli: > Yes, Matthew raised this concern at before. I modified patch to load > private key in efi stub kernel, before ExitBootServices(), that means we > don't need generate key-pair at every system boot. So, the above > procedure of efi bootloader will only run one time.
But if you don't generate fresh keys on every boot, the persistent keys are mor exposed to other UEFI applications. Correct me if I'm wrong, but I don't think UEFI variables are segregated between different UEFI applications, so if anyone gets a generic UEFI variable dumper (or setter) signed by the trusted key, this cryptographic validation of hibernate snapshots is bypassable. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
