mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-23 01:13:40 +07:00
Code Issues Packages Projects Releases Wiki Activity

protect against wipe RAM reboot loop

Browse Source
This commit is contained in:
Patrick Schleizer 2023-01-07 15:59:52 -05:00
parent c1b87d250c
commit c0b5fea680
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
usr/lib/dracut/modules.d/40cold-boot-attack-defense/wipe-ram.sh
View File

@ -36,6 +36,12 @@ ram_wipe() {
fi
fi
kernel_wiperamexit_setting=$(getarg wiperamexit)
if [ "$kernel_wiperamexit_setting" = "yes" ]; then
warn "wipe-ram.sh: Skip, because wiperamexit=yes to avoid RAM wipe reboot loop."
return 0
fi
info "wipe-ram.sh: Cold boot attack defense... Starting RAM wipe on shutdown..."
drop_caches
@ -73,6 +79,7 @@ dmsetup_actual_output: '$dmsetup_actual_output'"
sleep 5
fi
info "wipe-ram.sh: Now running kexec --exec..."
if kexec --exec ; then
info "wipe-ram.sh: kexec --exec succeeded."
return 0