Bug 1163396 - Missing userspace support for cold boot attack mitigation
Missing userspace support for cold boot attack mitigation
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Kernel
Current
x86-64 Linux
: P5 - None : Normal (vote)
: ---
Assigned To: E-mail List
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-02-11 18:10 UTC by Dan Robinson
Modified: 2020-02-26 09:37 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dan Robinson 2020-02-11 18:10:32 UTC
OpenSUSE's kernel is built with CONFIG_RESET_ATTACK_MITIGATION=y, see bug 1108302.

However there is no accompanying userspace component to tell EFI that the system was shut down cleanly as recommended in the kernel help for that option. The mitigation causes unusual reboots at least on my hardware (and I've seen other bug reports of similar behavior, e.g. https://bugzilla.redhat.com/show_bug.cgi?id=1532058).

This could be resolved either by adding a systemd unit as described in the RH bug I linked or disabling this option.
Comment 1 Jiri Slaby 2020-02-26 09:37:45 UTC
Pushed to master & stable.