Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1957617imm; Thu, 21 Jun 2018 05:09:34 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIXgd0510Llgn1+fVqjZX0uSXPDS0KyTF34UeJrvkQ/CdyFd7HpOey6i8mOyvfdokuO3fB4 X-Received: by 2002:a17:902:42a3:: with SMTP id h32-v6mr27901283pld.72.1529582974144; Thu, 21 Jun 2018 05:09:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529582974; cv=none; d=google.com; s=arc-20160816; b=M2Fqaoh8AtD0r3Qgsu6vNp0hJnTHB7i8a1fWHGDQwKB9ZVmeQe6ccdIAxrmATFsRCD DEigBBbZGnLgkIM0z5murO2rt3A+pEEy4CapJ2ndTIUNhCTN1xkbH7+u82xMz/t2xZ/F h8XN8GT/+uD+V1sN7MC9FhlcIkY3AqaFKf5e+KSFoFnU50bnYi51+s/yQohigYO004Ke xXLBfiQkLIQ6HeDJAXHT1xl94cKUnG5IrukOxZC98aGHPt/RwuUVr101K8u5x0fYV6Yn ukwTWXNfDXdCTowejXeCobHhPRZbE5KRupvdIvoMQFAPzUg4BWscbk82t3Lad161qokn Bhrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=5KyQsGcoiybSnh99wWmMSLoH4N8vclmQSLrVsgJNx/Y=; b=ntvcJLJ+SkE06MvSBiMmgfmf8k0z/1g/GJwwa9AnJuofHC195P/yAnfAwHATHRMt2F CZdgMyDjKQqsYLMXyo58Ujuw3zdLhoRTbt7GizLw9ZO8d8OjqLLfzhrLnP+i0OYC1QK0 KEJlAUqLhXhI9rRo4YndGctOw1+PldYXe40kUFYeVu5Bt7GZrlSkxlmItpRUVGEBdaw5 wmjfPgN2H74roaI/PwVh7WnesDZAGpZ4zD3PNFJGNXn8QGMb8u7aGMqVES+FFBeX5f/W 5eUyMU837c/1+CjvysmKyb0TRMqP3gl/rPD4sdLMDqmxVNHifGFYpGRKPHeWlKM4E8AH lgSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=JjgXt+hs; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i9-v6si3989973pgo.36.2018.06.21.05.09.19; Thu, 21 Jun 2018 05:09:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=JjgXt+hs; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933308AbeFUMIm (ORCPT + 99 others); Thu, 21 Jun 2018 08:08:42 -0400 Received: from mail-ot0-f195.google.com ([74.125.82.195]:33688 "EHLO mail-ot0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932862AbeFUMIl (ORCPT ); Thu, 21 Jun 2018 08:08:41 -0400 Received: by mail-ot0-f195.google.com with SMTP id h6-v6so3296831otj.0; Thu, 21 Jun 2018 05:08:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=5KyQsGcoiybSnh99wWmMSLoH4N8vclmQSLrVsgJNx/Y=; b=JjgXt+hsbj++BqM83P3/l3ud+T+83a+C4/sOwEMymieF/CAChC/WMdcQt6lld9a1KZ gMwj2ZfX4RqcQhmw9J///sFXeuaYhMooD63T2QtaQ0tDRyzEiqh/hzEMJuBT0dEnbiKw dOee/tlFaBx/jtBjQMRQr98ZTRqaP6H8E9YKieeMJDmITcd+7nmVxmKiST/gg0V/iJch rRzCRnLjPhsQvg1aEeyOZCYBLjUS6IOxhP6eDD1N7lbkfRksvt1USndIedVeqSpdmL8U 1uwsd+qCWZz7jAOSTg7ywjhvI/Jp6HEbvHdFHL4CPeWr3k8gzM417EzMjLVjuepbD3KY BryA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=5KyQsGcoiybSnh99wWmMSLoH4N8vclmQSLrVsgJNx/Y=; b=Dv+DpjlfDAIIs8RFLFcVNghZMzHTGWLP2f8NjnIIIS4Z8jIS9vjkn/Ci6/fF+sj2WD TNbgXr04KIk2W/A37bdcmlyaLFtnWOaObAA5WLGghiCDNckBfCLPa1hPqB1h78vkyDmH TKk4XGY07xgSNElOSWQdxZ3xb4E5VRVQQiFQWB5MjR6vJGQrvSm4LijX9sfYTMNrzrS5 Pj+8o23wSkng9+Zg7kIj6R6Nqy9vypNAD9WO95GhRRA6PU8hYJ/gylnGtVgGpG0AML4m fCK27T0Tmcbjqyq52AtdSjQDy5cTkDR7PNedeSsRJuSxin4FVZvfg/OwxoSi3fb/86cf qy1Q== X-Gm-Message-State: APt69E01qzjJjeiFdAMZTNZM+Nd/2cYjNizTEfHg9MX13tMbsjxjL52j 5iYPEXnH8eeVie05LochKSJjWegLfS3Kal9cw6U= X-Received: by 2002:a9d:3e4c:: with SMTP id h12-v6mr14711509otg.150.1529582920534; Thu, 21 Jun 2018 05:08:40 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a9d:1429:0:0:0:0:0 with HTTP; Thu, 21 Jun 2018 05:08:40 -0700 (PDT) In-Reply-To: <20180621085332.GA21807@amd> References: <20180621085332.GA21807@amd> From: "Rafael J. Wysocki" Date: Thu, 21 Jun 2018 14:08:40 +0200 X-Google-Sender-Auth: B8vO3kAuesdq0Bu9M6NRjKApMLc Message-ID: Subject: Re: [PATCH 0/3][RFC] Introduce the in-kernel hibernation encryption To: Pavel Machek Cc: Chen Yu , "Rafael J. Wysocki" , Len Brown , "Lee, Chun-Yi" , Borislav Petkov , Linux PM , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 21, 2018 at 10:53 AM, Pavel Machek wrote: > Hi! > >> As security becomes more and more important, we add the in-kernel >> encryption support for hibernation. > ... >> There was a discussion on the mailing list on whether this key should >> be derived in kernel or in user space. And it turns out to be generating >> the key by user space is more acceptable[1]. So this patch set is divided >> into two parts: >> 1. The hibernation snapshot encryption in kernel space, >> 2. the key derivation implementation in user space. > > uswsusp was created so that this kind of stuff could be kept in > userspace. You get graphical progress bar (etc) too. As you already > have userspace component for key derivation, I see no advantages to > uswsusp. > > If you have some, please explain. Not having to transfer plain text kernel memory to user space is one IMO. Besides, the user space part of what you are calling uswsusp has not been actively maintained for years now and honestly I don't know how many users of it there are.