Re: [PATCH] x86/efi: pull NV+BS variables out before we exit bootservices

From: Matthew Garrett
Date: Tue Mar 19 2013 - 14:50:13 EST

On Tue, Mar 19, 2013 at 06:40:56PM +0000, James Bottomley wrote:
> On Tue, 2013-03-19 at 18:28 +0000, Matthew Garrett wrote:
> > It requires the key to survive the system being entirely powered down,
> > which means it needs to be BS+NV. It shouldn't be possible for userspace
> > to access this key.
> It requires the *public* key to survive power down, certainly. The
> private key can be thrown away once the hibernate image is signed. I
> think the scheme can be constructed so the private key is never in NV
> storage ... that also makes it more secure against tampering.

Well, that somewhat complicates implementation - we'd be encrypting the
entire contents of memory except for the key that we're using to encrypt
memory. Keeping the public key away from userspace avoids having to care
about that.

Matthew Garrett | mjg59@xxxxxxxxxxxxx
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at