git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Matthew Garrett <mjg59@google.com>
	Fri, 25 Aug 2017 15:50:15 +0000 (16:50 +0100)
committer	Ingo Molnar <mingo@kernel.org>
	Sat, 26 Aug 2017 07:20:33 +0000 (09:20 +0200)
commit	ccc829ba3624beb9a703fc995d016b836d9eead8
tree	b1791e31decb96c4fad4cd24b6b9dce5a351d2eb	tree
parent	3cb9bc85029f2ceb7a5babadcab445c7cb861da8	commit \| diff

efi/libstub: Enable reset attack mitigation

If a machine is reset while secrets are present in RAM, it may be
possible for code executed after the reboot to extract those secrets
from untouched memory. The Trusted Computing Group specified a mechanism
for requesting that the firmware clear all RAM on reset before booting
another OS. This is done by setting the MemoryOverwriteRequestControl
variable at startup. If userspace can ensure that all secrets are
removed as part of a controlled shutdown, it can reset this variable to
0 before triggering a hardware reboot.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170825155019.6740-2-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>

arch/x86/boot/compressed/eboot.c		diff \| blob \| blame \| history
drivers/firmware/efi/Kconfig		diff \| blob \| blame \| history
drivers/firmware/efi/libstub/Makefile		diff \| blob \| blame \| history
drivers/firmware/efi/libstub/arm-stub.c		diff \| blob \| blame \| history
drivers/firmware/efi/libstub/tpm.c	[new file with mode: 0644]	blob
include/linux/efi.h		diff \| blob \| blame \| history