• Matthew Garrett's avatar
    x86/efi: Clarify that reset attack mitigation needs appropriate userspace · a5c03c31
    Matthew Garrett authored
    Some distributions have turned on the reset attack mitigation feature,
    which is designed to force the platform to clear the contents of RAM if
    the machine is shut down uncleanly. However, in order for the platform
    to be able to determine whether the shutdown was clean or not, userspace
    has to be configured to clear the MemoryOverwriteRequest flag on
    shutdown - otherwise the firmware will end up clearing RAM on every
    reboot, which is unnecessarily time consuming. Add some additional
    clarity to the kconfig text to reduce the risk of systems being
    configured this way.
    Signed-off-by: default avatarMatthew Garrett <mjg59@google.com>
    Acked-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Cc: linux-efi@vger.kernel.org
    Cc: linux-kernel@vger.kernel.org
    Cc: stable@vger.kernel.org
    Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
    a5c03c31
Kconfig 5.77 KB