Bug 1498159
Summary: | incorrect downstream-only Platform Reset Attack Mitigation patch in the F24-F26 kernels | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Laszlo Ersek <lersek> |
Component: | kernel | Assignee: | Kernel Maintainer List <kernel-maint> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 26 | CC: | airlied, ajax, bskeggs, eparis, esandeen, hdegoede, ichavero, itamar, jarodwilson, jforbes, jglisse, jonathan, josef, jwboyer, kernel-maint, labbott, linville, mchehab, mjg59, nhorman, quintela, steved |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | kernel-4.14.4-200.fc26 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-12-13 09:57:51 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Laszlo Ersek
2017-10-03 15:05:40 UTC
The upstream patch I mentioned in comment 0 has indeed been released as part of v4.14: commit ccc829ba3624 ("efi/libstub: Enable reset attack mitigation", 2017-08-26). Fedora 26 was rebased to v4.14 in dist-git commit c75cb4d7fbb5 ("Linux v4.14.4 rebase", 2017-12-08). Among other things, this dist-git commit modified "efi-lockdown.patch", and removed: Subject: [PATCH 27/32] Enable cold boot attack mitigation (see 65673e37e61d in comment 0). So, I guess this bug is fixed, in Fedora 26. Fedora 24 is no longer supported, but Fedora 25 appears to be; I'm moving this report to F25 then. (Latest upstream base for F25 seems to be v4.13.16, from dist-git commit c75cb4d7fbb5, "Linux v4.14.4 rebase", 2017-12-08). ... LOL, Bugzilla doesn't let me change the Version field to "25"! What gives? Sorry, I managed to confuse myself -- F25 reached End-of-Life just yesterday, according to Wikipedia. Closing this one for good. |