search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 3cb9bc8) | patch
efi/libstub: Enable reset attack mitigation
commitccc829ba3624beb9a703fc995d016b836d9eead8
authorMatthew Garrett <mjg59@google.com>
Fri, 25 Aug 2017 15:50:15 +0000 (25 16:50 +0100)
committerIngo Molnar <mingo@kernel.org>
Sat, 26 Aug 2017 07:20:33 +0000 (26 09:20 +0200)
treeb1791e31decb96c4fad4cd24b6b9dce5a351d2ebtree | snapshot (tar.gz zip)
parent3cb9bc85029f2ceb7a5babadcab445c7cb861da8commit | diff
efi/libstub: Enable reset attack mitigation

If a machine is reset while secrets are present in RAM, it may be
possible for code executed after the reboot to extract those secrets
from untouched memory. The Trusted Computing Group specified a mechanism
for requesting that the firmware clear all RAM on reset before booting
another OS. This is done by setting the MemoryOverwriteRequestControl
variable at startup. If userspace can ensure that all secrets are
removed as part of a controlled shutdown, it can reset this variable to
0 before triggering a hardware reboot.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170825155019.6740-2-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
arch/x86/boot/compressed/eboot.c diff | blob | blame | history
drivers/firmware/efi/Kconfig diff | blob | blame | history
drivers/firmware/efi/libstub/Makefile diff | blob | blame | history
drivers/firmware/efi/libstub/arm-stub.c diff | blob | blame | history
drivers/firmware/efi/libstub/tpm.c [new file with mode: 0644] blob
include/linux/efi.h diff | blob | blame | history
Linux with added FPC-III support