Bug 1518473 - Secure Boot Breaks Hibernate and Hybrid Sleep
Summary: Secure Boot Breaks Hibernate and Hybrid Sleep
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 27
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-11-29 03:02 UTC by 陳鐸元
Modified: 2019-04-02 22:50 UTC (History)
22 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-11-29 16:32:18 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description 陳鐸元 2017-11-29 03:02:46 UTC 
Description of problem:
When Secure Boot is on, /sys/power/disk is disabled.
Thus, hibernate and hybrid-sleep won't work.

Version-Release number of selected component (if applicable):
4.13.13-300.fc27.x86_64

How reproducible:
Always


Steps to Reproduce:
1. Turn on Secure Boot
2. systemctl hibernate or systemctl hybrid-sleep
3.

Actual results:

systemctl hibernate 
Failed to hibernate system via logind: Sleep verb not supported

systemctl hybrid-sleep 
Failed to put system into hybrid sleep via logind: Sleep verb not supported


Expected results:
The system hibernates or hybrid sleeps

Additional info:
Comment 1 Laura Abbott 2017-11-29 16:32:18 UTC 
This is intended behavior, per commit text on one of the patches

"There is currently no way to verify the resume image when returning
from hibernate.  This might compromise the signed modules trust model,
so until we can work with signed hibernate images we disable it when the
kernel is locked down."
Comment 2 John Soros 2018-11-06 11:34:50 UTC 
So what about the case when an OPAL hard disk is encrypted using the system firmware?
Note You need to log in before you can comment on or make changes to this bug.