leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ccc829ba36
linux/drivers
History
Matthew Garrett ccc829ba36 efi/libstub: Enable reset attack mitigation 
If a machine is reset while secrets are present in RAM, it may be
possible for code executed after the reboot to extract those secrets
from untouched memory. The Trusted Computing Group specified a mechanism
for requesting that the firmware clear all RAM on reset before booting
another OS. This is done by setting the MemoryOverwriteRequestControl
variable at startup. If userspace can ensure that all secrets are
removed as part of a controlled shutdown, it can reset this variable to
0 before triggering a hardware reboot.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170825155019.6740-2-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-08-26 09:20:33 +02:00
..
accessibility
acpi Merge branch 'linus' into x86/mm to pick up fixes and to fix conflicts 2017-08-26 09:19:13 +02:00
amba
android binder: Use wake up hint for synchronous transactions. 2017-07-17 14:44:19 +02:00
ata libata: fix a couple of doc build warnings 2017-07-31 08:03:06 -07:00
atm atm: zatm: Fix an error handling path in 'zatm_init_one()' 2017-07-18 11:37:46 -07:00
auxdisplay
base driver core fixes for 4.13-rc5 2017-08-13 12:44:18 -07:00
bcma
block Merge branch 'stable/for-jens-4.13' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen into for-linus 2017-08-16 09:56:34 -06:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2017-07-05 12:31:59 -07:00
bus bus: uniphier-system-bus: set up registers when resuming 2017-08-04 12:57:18 +02:00
cdrom block: don't set bounce limit in blk_init_queue 2017-06-27 12:13:45 -06:00
char random: fix warning message on ia64 and parisc 2017-08-08 09:36:46 -07:00
clk clk: keystone: sci-clk: Fix sci_clk_get 2017-08-02 18:37:26 -07:00
clocksource clocksource/drivers/Kconfig: Fix CLKSRC_PISTACHIO dependencies 2017-08-11 12:53:29 +02:00
connector
cpufreq cpufreq: intel_pstate: report correct CPU frequencies during trace 2017-08-11 01:25:53 +02:00
cpuidle powerpc/powernv/idle: Disable LOSE_FULL_CONTEXT states when stop-api fails 2017-08-08 20:21:23 +10:00
crypto crypto: ixp4xx - Fix error handling path in 'aead_perform()' 2017-08-09 20:01:33 +08:00
dax - A few DM integrity fixes that improve performance. One that address 2017-07-28 12:17:17 -07:00
dca
devfreq PM / devfreq: constify attribute_group structures. 2017-07-06 10:17:24 +09:00
dio
dma dmaengine updates for 4.13-rc1 2017-07-08 12:36:50 -07:00
dma-buf dma-buf/sync_file: Allow multiple sync_files to wrap a single dma-fence 2017-07-31 10:55:24 -03:00
edac EDAC, pnd2: Fix Apollo Lake DIMM detection 2017-06-29 10:37:50 +02:00
eisa
extcon
firewire
firmware efi/libstub: Enable reset attack mitigation 2017-08-26 09:20:33 +02:00
fmc
fpga
fsi drivers/fsi: fix fsi_slave_mode prototype 2017-07-17 16:13:54 +02:00
gpio gpio: mvebu: Fix cause computation in irq handler 2017-08-14 15:00:43 +02:00
gpu Merge branch 'linus' into x86/mm to pick up fixes and to fix conflicts 2017-08-26 09:19:13 +02:00
hid HID: ortek: add one more buggy device 2017-07-24 17:38:21 +02:00
hsi HSI changes for the v4.13 series 2017-07-04 14:28:22 -07:00
hv vmbus: re-enable channel tasklet 2017-07-17 15:00:47 +02:00
hwmon hwmon: (applesmc) Avoid buffer overruns 2017-07-15 16:38:56 -07:00
hwspinlock
hwtracing Char/Misc patches for 4.13-rc1 2017-07-03 20:55:59 -07:00
i2c i2c: allow i2c-versatile for ARM MPS platforms 2017-07-31 17:05:16 +02:00
ide ide: avoid warning for timings calculation 2017-07-21 04:37:22 +01:00
idle Merge branch 'x86/boot' into x86/mm, to pick up interacting changes 2017-07-18 11:36:53 +02:00
iio First set of IIO fixes for the 4.13 cycle. 2017-07-23 20:54:31 -07:00
infiniband IB/mlx5: Always return success for RoCE modify port 2017-08-24 15:33:33 -04:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2017-08-17 13:45:44 -07:00
iommu Merge branch 'linus' into x86/mm to pick up fixes and to fix conflicts 2017-08-26 09:19:13 +02:00
ipack
irqchip irqchip fixes for 4.13 2017-08-14 09:34:10 +02:00
isdn mISDN: Fix null pointer dereference at mISDN_FsmNew 2017-08-11 14:56:23 -07:00
leds LED updates for 4.13 2017-07-06 11:32:40 -07:00
lguest
lightnvm lightnvm: pblk: advance bio according to lba index 2017-07-28 08:06:00 -06:00
macintosh Merge branch 'work.misc-set_fs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-05 13:13:32 -07:00
mailbox mailbox: pcc: Fix crash when request PCC channel 0 2017-07-26 02:11:47 +02:00
mcb
md MD: not clear ->safemode for external metadata array 2017-08-11 20:42:06 -07:00
media media: platform: davinci: drop VPFE_CMD_S_CCDC_RAW_PARAMS 2017-07-26 06:14:33 -04:00
memory memory: atmel-ebi: Fix smc cycle xlate converter 2017-07-26 22:37:54 +02:00
memstick
message
mfd ARM: SoC fixes for 4.13 2017-08-24 14:01:18 -07:00
misc mei: exclude device from suspend direct complete optimization 2017-08-10 14:13:18 -07:00
mmc mmc: block: fix lockdep splat when removing mmc_block module 2017-08-09 13:19:44 +02:00
mtd mtd: blkdevs: Fix mtd block write failure 2017-08-12 14:53:24 -07:00
mux mux: mux-core: unregister mux_class in mux_exit() 2017-07-17 16:38:35 +02:00
net net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled 2017-08-18 16:15:37 -07:00
nfc NFC 4.13 pull request 2017-07-01 14:30:39 -07:00
ntb ntb: Add error path/handling to Debug FS entry creation 2017-07-06 11:30:08 -04:00
nubus
nvdimm libnvdimm: fix badblock range handling of ARS range 2017-07-17 11:43:58 -07:00
nvme nvme-pci: set cqe_seen on polled completions 2017-08-18 09:19:39 +02:00
nvmem nvmem: rockchip-efuse: amend compatible rk322x-efuse to rk3228-efuse 2017-07-17 16:15:57 +02:00
of of: fix DMA mask generation 2017-08-17 10:23:45 +02:00
oprofile
parisc parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo 2017-08-16 09:50:39 +02:00
parport
pci PCI: Allow PCI express root ports to find themselves 2017-08-18 16:14:37 -07:00
pcmcia
perf drivers/perf: arm_pmu: Request PMU SPIs with IRQF_PER_CPU 2017-07-27 13:43:22 +01:00
phy phy: bcm-ns-usb3: fix MDIO_BUS dependency 2017-07-27 17:20:19 -07:00
pinctrl Pin control fixes for the v4.13 cycle: 2017-08-09 14:30:34 -07:00
platform platform/x86: intel-vbtn: match power button on press rather than release 2017-08-05 14:37:19 -07:00
pnp This is the bulk of GPIO changes for the v4.13 series: 2017-07-07 12:40:27 -07:00
power power supply and reset changes for the v4.13 series (part 2) 2017-07-13 11:47:59 -07:00
powercap powercap/RAPL: prevent overridding bits outside of the mask 2017-06-28 00:38:34 +02:00
pps
ps3
ptp ptp: introduce ptp auxiliary worker 2017-08-01 15:22:55 -07:00
pwm pwm: Changes for v4.13-rc1 2017-07-13 11:49:52 -07:00
rapidio
ras arm64 updates for 4.13: 2017-07-05 17:09:27 -07:00
regulator Merge remote-tracking branches 'regulator/topic/settle', 'regulator/topic/tps65910' and 'regulator/topic/tps65917' into regulator-next 2017-07-03 16:52:21 +01:00
remoteproc remoteproc/keystone: Fix circular dependencies for ARM configs 2017-06-27 16:21:34 -07:00
reset ARM: SoC driver updates 2017-07-04 14:47:47 -07:00
rpmsg rpmsg updates for v4.13 2017-07-06 15:38:31 -07:00
rtc rtc: ds1307: fix regmap config 2017-08-21 11:08:03 +02:00
s390 s390/qeth: fix L3 next-hop in xmit qeth hdr 2017-08-07 11:24:37 -07:00
sbus sbus: Convert to using %pOF instead of full_name 2017-07-20 12:37:10 -07:00
scsi SCSI fixes on 20170823 2017-08-23 11:34:40 -07:00
sfi x86/boot: Fix memremap() related build failure 2017-07-20 11:37:58 +02:00
sh drivers/sh/intc/virq.c: delete an error message for a failed memory allocation in add_virq_to_pirq() 2017-07-06 16:24:30 -07:00
sn
soc soc: ti: knav: Add a NULL pointer check for kdev in knav_pool_create 2017-08-21 09:19:50 +02:00
spi Merge branch 'for-spi' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-08 10:41:53 -07:00
spmi spmi: pmic-arb: Always allocate ppid_to_apid table 2017-07-17 15:00:47 +02:00
ssb
staging staging/iio fixes for 4.13-rc5 2017-08-13 12:30:17 -07:00
target target: Fix node_acl demo-mode + uncached dynamic shutdown regression 2017-08-09 20:55:19 -07:00
tc
tee
thermal Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2017-07-14 13:12:32 -07:00
thunderbolt char/misc fixes for 4.13-rc5 2017-08-13 12:41:58 -07:00
tty pty: Repair TIOCGPTPEER 2017-08-24 13:23:03 -07:00
uio
usb USB fixes for 4.13-rc5 2017-08-13 12:27:42 -07:00
uwb driver core patches for 4.13-rc1 2017-07-03 20:27:48 -07:00
vfio vfio/pci: Fix handling of RC integrated endpoint PCIe capability size 2017-07-27 10:39:33 -06:00
vhost Revert "vhost: cache used event for better performance" 2017-07-29 14:15:56 -07:00
video Merge branch 'x86/mm' into efi/core, to pick up dependencies 2017-08-26 09:20:01 +02:00
virt
virtio virtio-balloon: coding format cleanup 2017-07-25 16:37:35 +03:00
vlynq
vme
w1 w1: omap-hdq: fix error return code in omap_hdq_probe() 2017-07-17 16:48:15 +02:00
watchdog Merge git://www.linux-watchdog.org/linux-watchdog 2017-07-11 09:59:37 -07:00
xen Kbuild fixes for v4.13 2017-08-24 14:22:27 -07:00
zorro
Kconfig
Makefile