Tree - kernel/kernel-source - Pagure for openSUSE

kernel / kernel-source

Source
Stats

Files

Commit: 6f01e8cfb4a016c4c2f3182bf84155a030cbcadf

Blob Blame History Raw

From fb0d0358cce0e0e36b4155f3bc28b01ac58096c3 Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer@fedoraproject.org>
Date: Fri, 20 Jun 2014 08:53:24 -0400
Subject: [PATCH 14/16] hibernate: Disable when securelevel is set

Patch-mainline: Queued in subsystem maintainer repository
Git-repo: https://github.com/mjg59/linux
Git-commit: fb0d0358cce0e0e36b4155f3bc28b01ac58096c3
References: fate#320387

There is currently no way to verify the resume image when returning
from hibernate.  This might compromise the securelevel trust model,
so until we can work with signed hibernate images we disable it in
a secure modules environment.

Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
Acked-by: Lee, Chun-Yi <jlee@suse.com>
---
 kernel/power/hibernate.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/kernel/power/hibernate.c
+++ b/kernel/power/hibernate.c
@@ -29,6 +29,7 @@
 #include <linux/ctype.h>
 #include <linux/genhd.h>
 #include <linux/ktime.h>
+#include <linux/security.h>
 #include <trace/events/power.h>
 
 #include "power.h"
@@ -66,7 +67,7 @@ static const struct platform_hibernation
 
 bool hibernation_available(void)
 {
-	return (nohibernate == 0);
+	return ((nohibernate == 0) && (get_securelevel() <= 0));
 }
 
 /**

kernel / kernel-source

Source Code

Files