Linux Kernel Support Revived For Hibernation Encryption & Authentication

Written by Michael Larabel in Linux Kernel on 4 January 2019 at 06:23 AM EST. Add A Comment
The kernel work has been revived for supporting encryption and authentication of hibernation snapshot images for better security.

Last summer an Intel developer posted patches supporting in-kernel hibernation encryption so that the memory pages dumped to disk during the hibernate process could be secured and verified on resume. We hadn't seen anything from that patch series in the months since until SUSE's Lee Chun-Yi has sent out a revised version of this work for encryption/authentication of hibernation images.

The goal of this work remains to ensure that any snapshot images were not modified while on disk. The authentication can be done using a TPM's trusted key or a user-defined key.

The "V2" patches offer up several fixes, no longer rely upon VLAs that were since dropped from the upstream Linux kernel, added memory barriers, and other code improvements.

It's too late for seeing this functionality added to the Linux 4.21 kernel merge window, but perhaps it will be good to go for the next cycle. Those interested in learning more about this encryption support for Linux hibernation can find additional details via the V2 patch series.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week