RE: [PATCH v6 1/1] use crc32 instead of md5 for hibernation e820 integrity check

[David Laight]

From: Chris von Recklinghausen
> Sent: 12 April 2021 20:51
...
> > This is not about BIOS bugs. Hibernation is deep suspend/resume
> > grafted onto cold boot, and it is perfectly legal for the firmware to
> > present a different memory map to the OS after a cold boot. It is
> > Linux that decides that it can restore the entire system state from a
> > swap file, and carry on as if the cold boot was just a [firmware
> > assisted] suspend/resume.
> >
> > So forging collisions is *not* a concern here. Let's avoid accidental
> > or malicious, as those adjectives seem to confuse some people. The
> > bottom line is that there is no need to protect against deliberate
> > attempts to hide the fact that the memory map has changed, and so
> > there is no reason to use cryptographic hashes here.
> >
> How about :
> 
> The check is intended to differentiate between a resume (which expects
> an identical e820 map to the one saved in suspend), and a cold boot
> (which need not have an identical e820 map to that saved in suspend if
> any was done at all). It is not necessary here to protect against
> deliberate attempts to hide the fact that the memory map has changed, so
> crc32 is sufficient for detection.

That sort of implies that the 'resume' and 'cold boot' are
differenciated.

But the previous comment rather implies that it is the presence
of a valid saved image that signifies a 'resume'.

An interesting failure case would be moving the disk to a
different system.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)