I thought this would be a fairly good thing to share here. It looks like the Chromium developers are making an effort to get hibernation to work upstream in the linux kernel with secure boot by default. I’ve personally had my eyes on this thread for a while at this point because this is a fairly important piece of Linux on the framework to me.
I know you can implement some kernel patches (there’s even a guide for this on this forum) but from my point of view it looks like that has some issues:
- Lots of kernel recompiling as you update. Lots. Lots. Lots.
- Yes, you can encrypt the swap partition where the hibernation image is stored. That doesn’t actually resolve the whole integrity check portion discussed in the article.
https://lore.kernel.org/lkml/20221111231636.3748636-1-evgreen@chromium.org/
At the end of the day getting this put together completely with native support in the kernel is going to make Linux a really nice laptop OS.