Bug 1163396 - Missing userspace support for cold boot attack mitigation
Missing userspace support for cold boot attack mitigation
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Kernel
x86-64 Linux
: P5 - None : Normal (vote)
: ---
Assigned To: E-mail List
E-mail List
Depends on:
  Show dependency treegraph
Reported: 2020-02-11 18:10 UTC by Dan Robinson
Modified: 2020-02-26 09:37 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Dan Robinson 2020-02-11 18:10:32 UTC
OpenSUSE's kernel is built with CONFIG_RESET_ATTACK_MITIGATION=y, see bug 1108302.

However there is no accompanying userspace component to tell EFI that the system was shut down cleanly as recommended in the kernel help for that option. The mitigation causes unusual reboots at least on my hardware (and I've seen other bug reports of similar behavior, e.g. https://bugzilla.redhat.com/show_bug.cgi?id=1532058).

This could be resolved either by adding a systemd unit as described in the RH bug I linked or disabling this option.
Comment 1 Jiri Slaby 2020-02-26 09:37:45 UTC
Pushed to master & stable.