Bug 1163396

Summary: Missing userspace support for cold boot attack mitigation
Product: [openSUSE] openSUSE Tumbleweed Reporter: Dan Robinson <dlrobin874>
Component: KernelAssignee: E-mail List <kernel-maintainers>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: alynx.zhou, jslaby
Version: Current   
Target Milestone: ---   
Hardware: x86-64   
OS: Linux   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Dan Robinson 2020-02-11 18:10:32 UTC 
OpenSUSE's kernel is built with CONFIG_RESET_ATTACK_MITIGATION=y, see bug 1108302.

However there is no accompanying userspace component to tell EFI that the system was shut down cleanly as recommended in the kernel help for that option. The mitigation causes unusual reboots at least on my hardware (and I've seen other bug reports of similar behavior, e.g. https://bugzilla.redhat.com/show_bug.cgi?id=1532058).

This could be resolved either by adding a systemd unit as described in the RH bug I linked or disabling this option.
Comment 1 Jiri Slaby 2020-02-26 09:37:45 UTC 
Pushed to master & stable.