From 41027153f4f057d30950e5aa58ca4661f936a06d Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 18:27:36 +0000 Subject: [PATCH 1/11] First draft. --- diff --git a/hibernationstatus.md b/hibernationstatus.md new file mode 100644 index 0000000..238d7f5 --- /dev/null +++ b/hibernationstatus.md @@ -0,0 +1,82 @@ +# Supporting hibernation in Workstation ed., draft 1 + +2020-05-28 + +**Synopsis:** The Fedora Workstation working group recognizes hibernation can be useful, but due to impediments it's currently not practical to support it. This is a recognition of the current state of affairs, but the working group wishes hibernation could be relied upon, and thinks there is a viable approach for limited support of hibernation in the future. We encourage interested parties to pursue the needed improvements. In the meantime, Workstation Edition won't be constrained by the current status. There are desired enhancements to performance and security that are hindered by the status quo. The working group will re-evaluate when the significant impediments have been adequately addressed. + +We would like to see an install time means of enabling hibernation retained via Custom partitioning. If the user chooses to create a swap partition, the installer will include a resume=UUID kernel parameter hint so that the kernel can find the hibernation image. + +**Prior discussions in Fedora:** +- Support for hibernation 1/2: background and summary 2020-02-09 [1] +- Support for hibernation 2/2: questions 2020-02-09 [1] + +**Working hibernation is helpful:** +- less power consumption than S0 or S3; +- even if resume is slower than boot, it can be faster at restoring the user's prior working environment; +- avoids data loss in low battery situations, the alternative is power off or suspend-to-RAM followed by power off when the battery arrives at 0%, both of which are often abrupt. + +**Alternatives:** +- Windows and macOS favor Modern Standby and Power Nap, a.k.a. S0 low power idle [2]; +- Short waits, and cpuidle [3]; +- application autosave and recover statefulness. + +*Note 1:* These items are complementary to hibernation. But if fully developed they could be alternatives. Windows, macOS, Android, iOS, Chrome OS do such things, and either deemphasize hibernation or lack it entirely. + +*Note 2:* There is a pernicious problem with laptop batteries. As they age, they often won't tolerate load very well, leading to rapid discharge and very short or no notice before a compulsory power off. In such cases, even when the system is hibernation capable, hibernation can fail. Power can be lost during hibernation entry. There isn't much software can do to second guess the commonly confused state of aged batteries. + +**Current significant impediments:** +- UEFI Secure Boot is overwhelmingly present and enabled by default on new computers; +- kernel lockdown policy inhibits hibernation when Secure Boot is enabled; +- ACPI bugs can be transient and difficult to fix or work around; hibernation can mean data loss due to failed entry or exit; +- resource requirements for the permanent swap partition can be excessive, Anaconda history states the reason for the current swap partition size is to accommodate hibernation; +- large swap partition exacerbates performance problems in swap heavy workloads. + +**Necessary enhancements to hibernation:** +- signed and encrypted hibernation image [4]; + +**Nice to have enhancements to hibernation:** +- dynamic swapfiles created and enabled prior to hibernation entry [5]; +- single interface for determining the location of the hibernation image for all file systems [6] +- TPM2 support, or alternative, for storing the key(s) needed to resume. + + +[1] +https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/V5MOCX23KU45J3WXUN6TCGEJYQLXQYUL/ +https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/J2EG7DXIVSUV3ENXRSQYUFXWQXH56GNC/ +https://pagure.io/fedora-workstation/issue/121 +https://pagure.io/fedora-workstation/issue/120 + +[2] +low power idle in Linux +https://lwn.net/Articles/762132/ + +[3] +Short waits with umwait +https://lwn.net/Articles/790920/ +The pseudo cpuidle driver +https://lwn.net/Articles/820870/ + +[4] +It's not enough to encrypt swap because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be signed and encrypted. Joey Lee @ SUSE recently confirmed this is the latest status of that work: +https://lkml.org/lkml/2019/7/10/601 +This is the most central nugget that's needed to get to limited hibernation support. + +[5] +Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time. +https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MML5MAKBFNEXBT67TCOVUWGFNOUDYUUP/ +https://pagure.io/fedora-workstation/issue/120#comment-618549 + +[6] +https://github.com/systemd/systemd/issues/11939#issuecomment-471684411 + + +Appendix + +Hibernation in the cloud +https://lwn.net/Articles/821158/ + +Article about Fedora 29 suspend-then-hibernate +https://lwn.net/Articles/764841/ + +hybrid-sleep vs suspend-then-hibernate +https://www.freedesktop.org/software/systemd/man/systemd-sleep.conf.html From d25619444bd0b436fd3920f877c443cd16b742f5 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 18:31:36 +0000 Subject: [PATCH 2/11] formatting 1 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index 238d7f5..8d1e5c7 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -2,20 +2,24 @@ 2020-05-28 -**Synopsis:** The Fedora Workstation working group recognizes hibernation can be useful, but due to impediments it's currently not practical to support it. This is a recognition of the current state of affairs, but the working group wishes hibernation could be relied upon, and thinks there is a viable approach for limited support of hibernation in the future. We encourage interested parties to pursue the needed improvements. In the meantime, Workstation Edition won't be constrained by the current status. There are desired enhancements to performance and security that are hindered by the status quo. The working group will re-evaluate when the significant impediments have been adequately addressed. +**Synopsis:** +The Fedora Workstation working group recognizes hibernation can be useful, but due to impediments it's currently not practical to support it. This is a recognition of the current state of affairs, but the working group wishes hibernation could be relied upon, and thinks there is a viable approach for limited support of hibernation in the future. We encourage interested parties to pursue the needed improvements. In the meantime, Workstation Edition won't be constrained by the current status. There are desired enhancements to performance and security that are hindered by the status quo. The working group will re-evaluate when the significant impediments have been adequately addressed. We would like to see an install time means of enabling hibernation retained via Custom partitioning. If the user chooses to create a swap partition, the installer will include a resume=UUID kernel parameter hint so that the kernel can find the hibernation image. **Prior discussions in Fedora:** + - Support for hibernation 1/2: background and summary 2020-02-09 [1] - Support for hibernation 2/2: questions 2020-02-09 [1] **Working hibernation is helpful:** + - less power consumption than S0 or S3; - even if resume is slower than boot, it can be faster at restoring the user's prior working environment; - avoids data loss in low battery situations, the alternative is power off or suspend-to-RAM followed by power off when the battery arrives at 0%, both of which are often abrupt. **Alternatives:** + - Windows and macOS favor Modern Standby and Power Nap, a.k.a. S0 low power idle [2]; - Short waits, and cpuidle [3]; - application autosave and recover statefulness. @@ -25,6 +29,7 @@ We would like to see an install time means of enabling hibernation retained via *Note 2:* There is a pernicious problem with laptop batteries. As they age, they often won't tolerate load very well, leading to rapid discharge and very short or no notice before a compulsory power off. In such cases, even when the system is hibernation capable, hibernation can fail. Power can be lost during hibernation entry. There isn't much software can do to second guess the commonly confused state of aged batteries. **Current significant impediments:** + - UEFI Secure Boot is overwhelmingly present and enabled by default on new computers; - kernel lockdown policy inhibits hibernation when Secure Boot is enabled; - ACPI bugs can be transient and difficult to fix or work around; hibernation can mean data loss due to failed entry or exit; @@ -32,9 +37,11 @@ We would like to see an install time means of enabling hibernation retained via - large swap partition exacerbates performance problems in swap heavy workloads. **Necessary enhancements to hibernation:** + - signed and encrypted hibernation image [4]; **Nice to have enhancements to hibernation:** + - dynamic swapfiles created and enabled prior to hibernation entry [5]; - single interface for determining the location of the hibernation image for all file systems [6] - TPM2 support, or alternative, for storing the key(s) needed to resume. @@ -70,7 +77,7 @@ https://pagure.io/fedora-workstation/issue/120#comment-618549 https://github.com/systemd/systemd/issues/11939#issuecomment-471684411 -Appendix +**Appendix** Hibernation in the cloud https://lwn.net/Articles/821158/ From 93e57117cfb54822608d5dfc9fd1245372e70178 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 18:36:08 +0000 Subject: [PATCH 3/11] formatting 2 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index 8d1e5c7..f192921 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -47,43 +47,43 @@ We would like to see an install time means of enabling hibernation retained via - TPM2 support, or alternative, for storing the key(s) needed to resume. -[1] -https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/V5MOCX23KU45J3WXUN6TCGEJYQLXQYUL/ -https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/J2EG7DXIVSUV3ENXRSQYUFXWQXH56GNC/ -https://pagure.io/fedora-workstation/issue/121 -https://pagure.io/fedora-workstation/issue/120 - -[2] -low power idle in Linux +[1] +https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/V5MOCX23KU45J3WXUN6TCGEJYQLXQYUL/ +https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/J2EG7DXIVSUV3ENXRSQYUFXWQXH56GNC/ +https://pagure.io/fedora-workstation/issue/121 +https://pagure.io/fedora-workstation/issue/120 + +[2] +low power idle in Linux https://lwn.net/Articles/762132/ -[3] -Short waits with umwait -https://lwn.net/Articles/790920/ -The pseudo cpuidle driver +[3] +Short waits with umwait +https://lwn.net/Articles/790920/ +The pseudo cpuidle driver https://lwn.net/Articles/820870/ -[4] -It's not enough to encrypt swap because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be signed and encrypted. Joey Lee @ SUSE recently confirmed this is the latest status of that work: -https://lkml.org/lkml/2019/7/10/601 +[4] +It's not enough to encrypt swap because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be signed and encrypted. Joey Lee @ SUSE recently confirmed this is the latest status of that work: +https://lkml.org/lkml/2019/7/10/601 This is the most central nugget that's needed to get to limited hibernation support. -[5] -Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time. -https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MML5MAKBFNEXBT67TCOVUWGFNOUDYUUP/ +[5] +Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time. +https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MML5MAKBFNEXBT67TCOVUWGFNOUDYUUP/ https://pagure.io/fedora-workstation/issue/120#comment-618549 -[6] +[6] https://github.com/systemd/systemd/issues/11939#issuecomment-471684411 **Appendix** -Hibernation in the cloud +Hibernation in the cloud https://lwn.net/Articles/821158/ -Article about Fedora 29 suspend-then-hibernate +Article about Fedora 29 suspend-then-hibernate https://lwn.net/Articles/764841/ -hybrid-sleep vs suspend-then-hibernate +hybrid-sleep vs suspend-then-hibernate https://www.freedesktop.org/software/systemd/man/systemd-sleep.conf.html From 72f4b38de5dd9af18d89f899e832c8dbd54f6cd9 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 18:39:06 +0000 Subject: [PATCH 4/11] formatting 3 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index f192921..b082535 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -40,6 +40,8 @@ We would like to see an install time means of enabling hibernation retained via - signed and encrypted hibernation image [4]; +*Note:* This is the most central nugget needed for limited hibernation support. + **Nice to have enhancements to hibernation:** - dynamic swapfiles created and enabled prior to hibernation entry [5]; @@ -66,7 +68,6 @@ https://lwn.net/Articles/820870/ [4] It's not enough to encrypt swap because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be signed and encrypted. Joey Lee @ SUSE recently confirmed this is the latest status of that work: https://lkml.org/lkml/2019/7/10/601 -This is the most central nugget that's needed to get to limited hibernation support. [5] Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time. From f56c097a52d8246e58ef8b9e1462182cd12541ec Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 18:40:35 +0000 Subject: [PATCH 5/11] formatting 4 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index b082535..a877015 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -3,6 +3,7 @@ 2020-05-28 **Synopsis:** + The Fedora Workstation working group recognizes hibernation can be useful, but due to impediments it's currently not practical to support it. This is a recognition of the current state of affairs, but the working group wishes hibernation could be relied upon, and thinks there is a viable approach for limited support of hibernation in the future. We encourage interested parties to pursue the needed improvements. In the meantime, Workstation Edition won't be constrained by the current status. There are desired enhancements to performance and security that are hindered by the status quo. The working group will re-evaluate when the significant impediments have been adequately addressed. We would like to see an install time means of enabling hibernation retained via Custom partitioning. If the user chooses to create a swap partition, the installer will include a resume=UUID kernel parameter hint so that the kernel can find the hibernation image. From ec94fdcfb9b24085ac74955c351f3da7a61ea078 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 19:21:34 +0000 Subject: [PATCH 6/11] formatting 5 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index a877015..91c1751 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -10,8 +10,9 @@ We would like to see an install time means of enabling hibernation retained via **Prior discussions in Fedora:** -- Support for hibernation 1/2: background and summary 2020-02-09 [1] -- Support for hibernation 2/2: questions 2020-02-09 [1] +- [Support for hibernation 1/2: background and summary 2020-02-09 on desktop@ list](https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/V5MOCX23KU45J3WXUN6TCGEJYQLXQYUL/) +- [Support for hibernation 2/2: questions 2020-02-09 on desktop@ list](https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/J2EG7DXIVSUV3ENXRSQYUFXWQXH56GNC/) +- Workstation WG issues [1] **Working hibernation is helpful:** @@ -39,39 +40,33 @@ We would like to see an install time means of enabling hibernation retained via **Necessary enhancements to hibernation:** -- signed and encrypted hibernation image [4]; +- signed and encrypted hibernation image [4]. *Note:* This is the most central nugget needed for limited hibernation support. **Nice to have enhancements to hibernation:** - dynamic swapfiles created and enabled prior to hibernation entry [5]; -- single interface for determining the location of the hibernation image for all file systems [6] +- single interface for determining the location of the hibernation image for all file systems [6]; - TPM2 support, or alternative, for storing the key(s) needed to resume. [1] -https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/V5MOCX23KU45J3WXUN6TCGEJYQLXQYUL/ -https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/J2EG7DXIVSUV3ENXRSQYUFXWQXH56GNC/ -https://pagure.io/fedora-workstation/issue/121 -https://pagure.io/fedora-workstation/issue/120 +[#121 Support for hibernation?](https://pagure.io/fedora-workstation/issue/121) +[#120 Anaconda creates way too much swap space](https://pagure.io/fedora-workstation/issue/120) [2] -low power idle in Linux -https://lwn.net/Articles/762132/ +[LWN: low power idle in Linux](https://lwn.net/Articles/762132/) [3] -Short waits with umwait -https://lwn.net/Articles/790920/ -The pseudo cpuidle driver -https://lwn.net/Articles/820870/ +[LWN: Short waits with umwait](https://lwn.net/Articles/790920/) +[LWN: The pseudo cpuidle driver](https://lwn.net/Articles/820870/) [4] -It's not enough to encrypt swap because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be signed and encrypted. Joey Lee @ SUSE recently confirmed this is the latest status of that work: -https://lkml.org/lkml/2019/7/10/601 +It's not enough to encrypt swap because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be signed and encrypted. Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. [5] -Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time. +Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time. https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MML5MAKBFNEXBT67TCOVUWGFNOUDYUUP/ https://pagure.io/fedora-workstation/issue/120#comment-618549 @@ -81,11 +76,8 @@ https://github.com/systemd/systemd/issues/11939#issuecomment-471684411 **Appendix** -Hibernation in the cloud -https://lwn.net/Articles/821158/ +[LWN: Hibernation in the cloud](https://lwn.net/Articles/821158/) -Article about Fedora 29 suspend-then-hibernate -https://lwn.net/Articles/764841/ +[LWN: Fedora reawakens the hibernation debate](https://lwn.net/Articles/764841/) -hybrid-sleep vs suspend-then-hibernate -https://www.freedesktop.org/software/systemd/man/systemd-sleep.conf.html +[Freedesktop reference: hybrid-sleep vs suspend-then-hibernate](https://www.freedesktop.org/software/systemd/man/systemd-sleep.conf.html) From 584cc783978fd0fbe919231da6d00d4a23e07660 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 19:25:41 +0000 Subject: [PATCH 7/11] formatting 6 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index 91c1751..84e6750 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -42,7 +42,7 @@ We would like to see an install time means of enabling hibernation retained via - signed and encrypted hibernation image [4]. -*Note:* This is the most central nugget needed for limited hibernation support. +*Note:* This is the most central nugget needed for limited hibernation support. Encrypted swap is inadequate because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be both signed and encrypted. **Nice to have enhancements to hibernation:** @@ -52,7 +52,7 @@ We would like to see an install time means of enabling hibernation retained via [1] -[#121 Support for hibernation?](https://pagure.io/fedora-workstation/issue/121) +[#121 Support for hibernation?](https://pagure.io/fedora-workstation/issue/121) [#120 Anaconda creates way too much swap space](https://pagure.io/fedora-workstation/issue/120) [2] @@ -63,7 +63,7 @@ We would like to see an install time means of enabling hibernation retained via [LWN: The pseudo cpuidle driver](https://lwn.net/Articles/820870/) [4] -It's not enough to encrypt swap because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be signed and encrypted. Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. + Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. [5] Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time. From 2e86385eade3035da0d9f5d9a85956b45ea4ac10 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 19:28:13 +0000 Subject: [PATCH 8/11] formatting 7, syntax --- diff --git a/hibernationstatus.md b/hibernationstatus.md index 84e6750..4f93ccd 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -66,7 +66,7 @@ We would like to see an install time means of enabling hibernation retained via Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. [5] -Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time. +Developing this means hibernation capability could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation would avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation would be supported without a swap partition being created at install time. https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MML5MAKBFNEXBT67TCOVUWGFNOUDYUUP/ https://pagure.io/fedora-workstation/issue/120#comment-618549 From 403fae34b051c21828a90507a35b26e45a0196c8 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 19:36:26 +0000 Subject: [PATCH 9/11] formatting 8 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index 4f93ccd..d309000 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -66,7 +66,7 @@ We would like to see an install time means of enabling hibernation retained via Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. [5] -Developing this means hibernation capability could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation would avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation would be supported without a swap partition being created at install time. +Developing this means hibernation capability could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation would avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation would be supported without a swap partition being created at install time. https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MML5MAKBFNEXBT67TCOVUWGFNOUDYUUP/ https://pagure.io/fedora-workstation/issue/120#comment-618549 From 773b038fdaa31198c2ae63e20f00e94b82b5eaa6 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 29 2020 17:23:40 +0000 Subject: [PATCH 10/11] incorporated suggested edits --- diff --git a/hibernationstatus.md b/hibernationstatus.md index d309000..beaa976 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -4,9 +4,9 @@ **Synopsis:** -The Fedora Workstation working group recognizes hibernation can be useful, but due to impediments it's currently not practical to support it. This is a recognition of the current state of affairs, but the working group wishes hibernation could be relied upon, and thinks there is a viable approach for limited support of hibernation in the future. We encourage interested parties to pursue the needed improvements. In the meantime, Workstation Edition won't be constrained by the current status. There are desired enhancements to performance and security that are hindered by the status quo. The working group will re-evaluate when the significant impediments have been adequately addressed. +The Fedora Workstation working group recognizes hibernation can be useful, but due to impediments it's currently not practical to support it. This is a recognition of the current state of affairs, but the working group wishes hibernation could be relied upon, and thinks there is a viable approach for limited support of hibernation in the future. We encourage interested parties to pursue the needed improvements. In the meantime, given that hibernation isn't currently viable, the workstation WG decides that technical decisions will not be constrained by it. Decisions about Workstation's 'out of the box' configuration might conflict with the requirements of hibernation. There are desired enhancements to performance and security that are hindered by the status quo. The working group will re-evaluate when the significant impediments have been adequately addressed. -We would like to see an install time means of enabling hibernation retained via Custom partitioning. If the user chooses to create a swap partition, the installer will include a resume=UUID kernel parameter hint so that the kernel can find the hibernation image. +We will support an install time means of enabling hibernation retained via Custom partitioning. If the user chooses to create a swap partition, the installer will include a resume=UUID kernel parameter hint so that the kernel can find the hibernation image. **Prior discussions in Fedora:** @@ -35,18 +35,18 @@ We would like to see an install time means of enabling hibernation retained via - UEFI Secure Boot is overwhelmingly present and enabled by default on new computers; - kernel lockdown policy inhibits hibernation when Secure Boot is enabled; - ACPI bugs can be transient and difficult to fix or work around; hibernation can mean data loss due to failed entry or exit; -- resource requirements for the permanent swap partition can be excessive, Anaconda history states the reason for the current swap partition size is to accommodate hibernation; +- resource requirements for the permanent swap partition can be excessive, Anaconda history states the reason for the current swap partition size [4] is to accommodate hibernation; - large swap partition exacerbates performance problems in swap heavy workloads. **Necessary enhancements to hibernation:** -- signed and encrypted hibernation image [4]. +- signed and encrypted hibernation image [5]. *Note:* This is the most central nugget needed for limited hibernation support. Encrypted swap is inadequate because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be both signed and encrypted. **Nice to have enhancements to hibernation:** -- dynamic swapfiles created and enabled prior to hibernation entry [5]; +- dynamic swapfiles created and enabled prior to hibernation entry [6]; - single interface for determining the location of the hibernation image for all file systems [6]; - TPM2 support, or alternative, for storing the key(s) needed to resume. @@ -62,15 +62,18 @@ We would like to see an install time means of enabling hibernation retained via [LWN: Short waits with umwait](https://lwn.net/Articles/790920/) [LWN: The pseudo cpuidle driver](https://lwn.net/Articles/820870/) -[4] - Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. +[4] RAM to swap ratio is typically 1:1 although there is a cap at 64G. +https://github.com/rhinstaller/anaconda/blob/master/pyanaconda/core/storage.py#L299 [5] + Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. + +[6] Developing this means hibernation capability could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation would avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation would be supported without a swap partition being created at install time. https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MML5MAKBFNEXBT67TCOVUWGFNOUDYUUP/ https://pagure.io/fedora-workstation/issue/120#comment-618549 -[6] +[7] https://github.com/systemd/systemd/issues/11939#issuecomment-471684411 From dce181ef05ad455a8b9b3c9de54fb2893ec907f4 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 29 2020 17:25:25 +0000 Subject: [PATCH 11/11] formatting 8 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index beaa976..8f59347 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -62,7 +62,7 @@ We will support an install time means of enabling hibernation retained via Custo [LWN: Short waits with umwait](https://lwn.net/Articles/790920/) [LWN: The pseudo cpuidle driver](https://lwn.net/Articles/820870/) -[4] RAM to swap ratio is typically 1:1 although there is a cap at 64G. +[4] RAM to swap ratio is typically 1:1 although there is a cap at 64G. https://github.com/rhinstaller/anaconda/blob/master/pyanaconda/core/storage.py#L299 [5]