diff options
Diffstat (limited to 'sb-hibernate.patch')
-rw-r--r-- | sb-hibernate.patch | 115 |
1 files changed, 0 insertions, 115 deletions
diff --git a/sb-hibernate.patch b/sb-hibernate.patch deleted file mode 100644 index 4b1bd1673..000000000 --- a/sb-hibernate.patch +++ /dev/null @@ -1,115 +0,0 @@ -Bugzilla: N/A -Upstream-status: Fedora mustard - -From 9cdffb6980a2c573844b4b87f907da24d68fb916 Mon Sep 17 00:00:00 2001 -From: Josh Boyer <jwboyer@fedoraproject.org> -Date: Fri, 26 Oct 2012 14:02:09 -0400 -Subject: [PATCH] hibernate: Disable in a signed modules environment - -There is currently no way to verify the resume image when returning -from hibernate. This might compromise the signed modules trust model, -so until we can work with signed hibernate images we disable it in -a secure modules environment. - -Signed-off-by: Josh Boyer <jwboyer@fedoraproject.com> ---- - kernel/power/hibernate.c | 16 +++++++++++++++- - kernel/power/main.c | 7 ++++++- - kernel/power/user.c | 1 + - 3 files changed, 22 insertions(+), 2 deletions(-) - -diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c -index 49e0a20fd010..777eff68e8ef 100644 ---- a/kernel/power/hibernate.c -+++ b/kernel/power/hibernate.c -@@ -29,6 +29,8 @@ - #include <linux/ctype.h> - #include <linux/genhd.h> - #include <trace/events/power.h> -+#include <linux/module.h> -+#include <linux/efi.h> - - #include "power.h" - -@@ -642,6 +644,10 @@ int hibernate(void) - { - int error; - -+ if (secure_modules()) { -+ return -EPERM; -+ } -+ - lock_system_sleep(); - /* The snapshot device should not be opened while we're running */ - if (!atomic_add_unless(&snapshot_device_available, -1, 0)) { -@@ -734,7 +740,7 @@ static int software_resume(void) - /* - * If the user said "noresume".. bail out early. - */ -- if (noresume) -+ if (noresume || secure_modules()) - return 0; - - /* -@@ -900,6 +906,11 @@ static ssize_t disk_show(struct kobject *kobj, struct kobj_attribute *attr, - int i; - char *start = buf; - -+ if (efi_enabled(EFI_SECURE_BOOT)) { -+ buf += sprintf(buf, "[%s]\n", "disabled"); -+ return buf-start; -+ } -+ - for (i = HIBERNATION_FIRST; i <= HIBERNATION_MAX; i++) { - if (!hibernation_modes[i]) - continue; -@@ -934,6 +945,9 @@ static ssize_t disk_store(struct kobject *kobj, struct kobj_attribute *attr, - char *p; - int mode = HIBERNATION_INVALID; - -+ if (secure_modules()) -+ return -EPERM; -+ - p = memchr(buf, '\n', n); - len = p ? p - buf : n; - -diff --git a/kernel/power/main.c b/kernel/power/main.c -index 573410d6647e..f5201093adc4 100644 ---- a/kernel/power/main.c -+++ b/kernel/power/main.c -@@ -15,6 +15,7 @@ - #include <linux/workqueue.h> - #include <linux/debugfs.h> - #include <linux/seq_file.h> -+#include <linux/efi.h> - - #include "power.h" - -@@ -301,7 +302,11 @@ static ssize_t state_show(struct kobject *kobj, struct kobj_attribute *attr, - - #endif - #ifdef CONFIG_HIBERNATION -- s += sprintf(s, "%s\n", "disk"); -+ if (!efi_enabled(EFI_SECURE_BOOT)) { -+ s += sprintf(s, "%s\n", "disk"); -+ } else { -+ s += sprintf(s, "\n"); -+ } - #else - if (s != buf) - /* convert the last space to a newline */ -diff --git a/kernel/power/user.c b/kernel/power/user.c -index efe99dee9510..5f5d1026f1e2 100644 ---- a/kernel/power/user.c -+++ b/kernel/power/user.c -@@ -25,6 +25,7 @@ - #include <linux/cpu.h> - #include <linux/freezer.h> - #include <linux/module.h> -+#include <linux/efi.h> - - #include <asm/uaccess.h> - --- -1.9.3 - |