New Secure Boot Patches Break Hibernate, Kexec Support on Linux

By Monday, January 28, 2013 0 , , Permalink 0

Released through a patch series titled Secure Boot: More controversial changes, the patches are known to break hibernate and kexec functionality “without providing any functional equivalent”. Garrett notes further “…, so I’m not suggesting that they be merged as-is.”

The reason behind disabling hibernate functionalities is that currently the Linux kernel doesn’t have the capability of verifying the resume image when returning from hibernation, which compromises the Secure Boot trust model. The reason for disabling the kexec support while running in Secure Boot is that the kernel execution mechanism may be used to attack the system by a malicious user such as disabling of swap, writing of a pre-formed resume image to swap, etc. Kexec can be used to load a modified kernel thus bypassing the trust model of Secure Boot.

To allow for hibernate and kexec in Secure Boot, the Linux kernel will need to be changes and improved to support signed hibernate images and signed kexec payloads.

Garrett has also released a set of patches titled Secure boot policy support that introduces a new capability whereby kernel integrity can be assured by some other mechanism instead of special casing UEFI.