Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp5534729imm; Wed, 12 Sep 2018 07:24:43 -0700 (PDT) X-Google-Smtp-Source: ANB0VdaOrg3IBMRVaNd4jY9IKLYZC7ZwpxUCE/vl3zLX9ik+NB/VEAhg5uYgwKpssEtnwoaNLp92 X-Received: by 2002:a63:dc17:: with SMTP id s23-v6mr2647580pgg.40.1536762283455; Wed, 12 Sep 2018 07:24:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536762283; cv=none; d=google.com; s=arc-20160816; b=k/YthBkNUARJ8+z8TJ6M8Bcu3q2S1iJiBtzlzySNiy1O9nQIXoUA6d42v09ybWoTqe Eo39tzp5LOlCbIlzLBUzTlVqJpJWDQ7G8G/beh7VQQaq6lLHd23JFQDNE0+JxcKj/EJ2 mypF+PNk5xQNEo5BqJtGl4uBrpW8iicAipJ0sQ7eXL4h2+3vKAuTZDqGrjUO67A6wTc1 h3Sl4IGqTDzxh+Hn5yIpzXVc7CFLll/fsJ0RfByK9NUUtGtHk229YlE3LDM8oUrHRjUZ 2DpJrDchR+ZCgDSKLbFrWc8sKFHhuWeLCPVMZBzM4vGGK5jZd8i6fr1qq5lR2+xtcPVu JkzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature; bh=3Su25iH5FovopcismpQqAWnRqtJ6RIIPdTIPIgNjw7Q=; b=zZai9gcHrPje+lt8ko4Z3k8IYUHbD69H0YDSbK0cCMgOs3tYCTsN1L3w/vhax8d4Qk loIsQ4rk87xegw7daSLXnvXt8QWD27KiUDFabmSaIpkaB7XmFt56N4s6u3gOTlDo6MQf /ncHei5W8cFVpsMxi6dETVutvYIhBS9Gk8ut1ol66sIPXlAgY/ugDeY4d+mOGXRVRmEt /vagRclUlclBAVROOgb3VI6jKDX/J1CHi/x7CMK2ebVxzHuRtO/UYwhXddjnPum3+rYn I98XMBOR/FxBwnZImeX1dURKVa1aQJcjeoG/ydCPRCEhK1iuOgCAJzBnr4Niqpn06rMb Jwdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=TWVCAkP6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u1-v6si1191307pgl.669.2018.09.12.07.24.28; Wed, 12 Sep 2018 07:24:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=TWVCAkP6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727365AbeILT2y (ORCPT + 99 others); Wed, 12 Sep 2018 15:28:54 -0400 Received: from mail-pg1-f195.google.com ([209.85.215.195]:45025 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726672AbeILT2y (ORCPT ); Wed, 12 Sep 2018 15:28:54 -0400 Received: by mail-pg1-f195.google.com with SMTP id r1-v6so1140103pgp.11; Wed, 12 Sep 2018 07:24:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=3Su25iH5FovopcismpQqAWnRqtJ6RIIPdTIPIgNjw7Q=; b=TWVCAkP65Z8NkLePWeSswydAojQkEU9F0IFZD0SE1g292xW9l+n/5a/92ratqtdx/X EMaJc0x2YJXFAEgPrWZQFrNBGwrRfF7p4Mes5JAWlHGKpzboJFAjQZ3OsJutkeTuI66K r0un1zv1ig+B3mJrABh32qxRD16oxTCRDRHCYTJC6y7ZK40Lg+b45BHEKaKz0cS8trDf RyaSZlGtIpQFSX3Q33tDknAAcZiBx2g9tjipFWy4KSRBwyLQlLDdc/f6ru/Bv19klxBr mxfSbExJuT4GDv8uqmJJMIkmeiIdBP/N4SlHWndooCfHC9LJ30yjpffHX87yoReW1C8e unWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=3Su25iH5FovopcismpQqAWnRqtJ6RIIPdTIPIgNjw7Q=; b=fYHrQMh9L+/cTaoN4Hah2+tNmZxHG+nd5foUR0y1Nsp84UCXvWmN2R5mc9JHaUiKGK bDphzxWMUHqVBfHIw7TYCJi3lZbPIzfhze1FuTdTSK+m6lNUo0BRfJafQUZT4Kd/1osU eU+etlaso6p4lv4N29DqPFOhkEXoyGu3dTFOzPWezsTiE4bo71RuLcAbseoWbaCTuYHT PPw6SUgt3z4Cmkrp3cIjmdQxfEbYnjNwOLVYG8ccMDAQ+wy2xUP4ku148en3BR4lfaOs QkNvu17F/Ta4p0+J6UDa/yKFgGcAIYUPSuv0BW2RYN4V/1LFlpI+PKTFGDyITPfdLr/p 1TQA== X-Gm-Message-State: APzg51CPED3vYh9gvJHRjTSkZjHM/ppxjA3RXKbo2gtWfsvKpJ5qmlE8 pmBohHMQxlCZ73D/YLJNg0k= X-Received: by 2002:a62:fd06:: with SMTP id p6-v6mr2648880pfh.167.1536762250423; Wed, 12 Sep 2018 07:24:10 -0700 (PDT) Received: from linux-l9pv.suse ([124.11.22.254]) by smtp.gmail.com with ESMTPSA id t9-v6sm2124213pgi.87.2018.09.12.07.24.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 12 Sep 2018 07:24:09 -0700 (PDT) From: "Lee, Chun-Yi" X-Google-Original-From: "Lee, Chun-Yi" To: "Rafael J . Wysocki" , Pavel Machek Cc: linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org, "Lee, Chun-Yi" , "Rafael J. Wysocki" , Chen Yu , Oliver Neukum , Ryan Chen , David Howells , Giovanni Gherdovich Subject: [PATCH 0/5][RFC] Encryption and authentication for hibernate snapshot image Date: Wed, 12 Sep 2018 22:23:32 +0800 Message-Id: <20180912142337.21955-1-jlee@suse.com> X-Mailer: git-send-email 2.12.3 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, This patchset is the implementation of encryption and authentication for hibernate snapshot image. The image will be encrypted by AES and authenticated by HMAC. The hibernate function can be used to snapshot memory pages to an image, then kernel restores the image to memory space in a appropriate time. There have secrets in snapshot image and cracker may modifies it for hacking system. Encryption and authentication of snapshot image can protect the system. Hibernate function requests the master key through key retention service. The snapshot master key can be a trusted key or a user defined key. The name of snapshot master key is fixed to "swsusp-kmk". User should loads swsusp-kmk to kernel by keyctl tool before the hibernation resume. e.g. The swsusp-kmk must be loaded before systemd-hibernate-resume The TPM trusted key type is preferred to be the master key. But user defined key can also be used for testing or when the platform doesn't have TPM. User must be aware that the security of user key relies on user space. If the root account be compromised, then the user key will easy to be grabbed. Cc: "Rafael J. Wysocki" Cc: Pavel Machek Cc: Chen Yu Cc: Oliver Neukum Cc: Ryan Chen Cc: David Howells Cc: Giovanni Gherdovich Signed-off-by: "Lee, Chun-Yi" Lee, Chun-Yi (5): PM / hibernate: Create snapshot keys handler PM / hibernate: Generate and verify signature for snapshot image PM / hibernate: Encrypt snapshot image PM / hibernate: Erase the snapshot master key in snapshot pages PM / hibernate: An option to request that snapshot image must be authenticated Documentation/admin-guide/kernel-parameters.txt | 6 + include/linux/kernel.h | 3 +- kernel/panic.c | 1 + kernel/power/Kconfig | 25 + kernel/power/Makefile | 1 + kernel/power/hibernate.c | 62 ++- kernel/power/power.h | 59 +++ kernel/power/snapshot.c | 576 +++++++++++++++++++++++- kernel/power/snapshot_key.c | 303 +++++++++++++ kernel/power/swap.c | 6 + kernel/power/user.c | 12 + 11 files changed, 1036 insertions(+), 18 deletions(-) create mode 100644 kernel/power/snapshot_key.c -- 2.13.6