Timeline for How can Linux hibernation be enabled under UEFI Secure Boot with kernel lockdown on OpenSuSE?
Current License: CC BY-SA 4.0
16 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jul 11, 2024 at 7:55 | vote | accept | AlexK973 | ||
| Jul 11, 2024 at 7:47 | comment | added | AlexK973 | @0x2207 It is important, that the 3 items output by fwupdmgr are as shown. If one of them is different it does not work. | |
| May 4, 2024 at 13:38 | comment | added | 0x2207 | It seems that EFI_RNG_PROTOCOL have to be supported by your EFI firmware in order to make this machinery work. | |
| May 4, 2024 at 8:24 | comment | added | 0x2207 | For me it also doesn't work for Leap 15.5 physical machine. As far as I understand there are custom patches in openSUSE Linux kernel to support secure boot hibernation, however I cannot find exact algorithm what unblocks the feature. I.e. is it enough to encyrpt the swap only. | |
| Mar 17, 2024 at 21:16 | comment | added | AlexK973 | on 15.4 it is 5.14.21-150400.24.100-default; on 15.5 it is 5.14.21-150500.55.49-default, currently. No vanilla kernel, but distribution specific. | |
| Feb 13, 2024 at 17:50 | comment | added | Bink | @AlexK973 If you don't mind me asking, which kernel version did you use here? I might give this a try in the near future. | |
| Nov 12, 2023 at 12:05 | comment | added | cidra | I'm not using a virtual machine. I'm running on bare metal using a Thinkpad X13 Gen 1 | |
| Nov 11, 2023 at 23:54 | comment | added | AlexK973 | @cidra Are you trying this on a physical machine or a VM? I have been a little curious and tested this under QEMU with a similar result "Sleep verb...". The other installations I use are on physical machines, and there it works. Maybe something detects QEMU and refuses to hibernate? | |
| Nov 2, 2023 at 13:22 | comment | added | cidra | No worry, it was just for the record. I got a fresh install with LVM and LUKS1, then i converted to LUKS2. Nothing else. Physical volume is encrypted and contains system-swap, system-root and system-home. | |
| Oct 31, 2023 at 10:31 | comment | added | AlexK973 | I have tested the described solution for Leap 15.3 and .4 (and partly .5). No Tumbleweed, here. (Limited spare time, sorry.) Did you follow the fresh installation path, or did you modify your existing system? Difficult to diagnose via comment. | |
| Oct 30, 2023 at 16:42 | comment | added | cidra | I have root and swap in an encrypted LV but when I try to "sudo systemctl hibernate" I get 'Sleep verb "hibernate" not supported'. I'm using TumbleWeed. However, despite having system-swap in the encrypted LV, fwupdmgr says that I have unencrypted swap. | |
| Oct 29, 2023 at 19:04 | comment | added | AlexK973 | @cidra You have to create an encrypted LV (LVM) and place at least root and swap inside of that. You have to enter a password every time you boot - that includes wake-up from hibernation. You may enroll a decryption key with the TPM to get rid of this restriction. | |
| Oct 19, 2023 at 10:27 | comment | added | cidra | In New Installation (OpenSuse), both the physical volume and the swap logical volume are encrypted, right? If the swap logical volume is not encrypted would it still be possible to hibernate? | |
| Sep 29, 2023 at 19:57 | history | edited | AlexK973 | CC BY-SA 4.0 | + fwupdmgr output |
| Sep 29, 2023 at 19:55 | review | Late answers | |||
| Sep 30, 2023 at 3:53 | |||||
| Sep 29, 2023 at 19:33 | history | answered | AlexK973 | CC BY-SA 4.0 |