sleep-config: add comment about security

author Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>

Sun, 26 Mar 2023 02:31:38 +0000 (04:31 +0200)

committer Lennart Poettering <lennart@poettering.net>

Wed, 14 Jun 2023 13:27:41 +0000 (15:27 +0200)
author Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
Sun, 26 Mar 2023 02:31:38 +0000 (04:31 +0200)
committer Lennart Poettering <lennart@poettering.net>
Wed, 14 Jun 2023 13:27:41 +0000 (15:27 +0200)
diff --git a/src/shared/sleep-config.c b/src/shared/sleep-config.c

index 4fd129b27efe5815e822e3a4c5f531e17ce02769..dcc233ca6f3d9a75029ba9887a6b51f5aa7a2248 100644 (file)
--- a/src/shared/sleep-config.c
+++ b/src/shared/sleep-config.c
@@ -723,6 +723,14 @@ static bool location_is_resume_device(const HibernateLocation *location, dev_t s
   * Attempt to find the hibernation location by parsing /proc/swaps, /sys/power/resume, and
   * /sys/power/resume_offset.
   *
+ * Beware:
+ *  Never use a device or file as location that hasn't been somehow specified by a user that would also be
+ *  entrusted with full system memory access (for example via /sys/power/resume) or that isn't an already
+ *  active swap area!
+ *  Otherwise various security attacks might become possible, for example an attacker could silently attach
+ *  such a device and circumvent full disk encryption when it would be automatically used for hibernation.
+ *  Also, having a swap area on top of encryption is not per se enough to protect from all such attacks.
+ *
   * Returns:
   *  1 - Values are set in /sys/power/resume and /sys/power/resume_offset.
   *      ret_hibernate_location will represent matching /proc/swap entry if identified or NULL if not.
author	Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
	Sun, 26 Mar 2023 02:31:38 +0000 (04:31 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Wed, 14 Jun 2023 13:27:41 +0000 (15:27 +0200)