projects / platform / kernel / u-boot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b191aa4) | patch
efi_loader: correct determination of secure boot state
authorHeinrich Schuchardt <xypron.glpk@gmx.de>
Thu, 2 Sep 2021 05:11:45 +0000 (07:11 +0200)
committerHeinrich Schuchardt <xypron.glpk@gmx.de>
Sat, 4 Sep 2021 10:03:57 +0000 (12:03 +0200)
commit7219856daee8cd28872d2f7ef7405704af07bd7d
treec4c7de1a34eae50090b872d09e763be7e4158bbftree | snapshot
parentb191aa429e509ba6bf9eb446ae27b1a4fcd83276commit | diff
efi_loader: correct determination of secure boot state

When U-Boot is started we have to use the existing variables to determine
in which secure boot state we are.

* If a platform key PK is present and DeployedMode=1, we are in deployed
  mode.
* If no platform key PK is present and AuditMode=1, we are in audit mode.
* Otherwise if a platform key is present, we are in user mode.
* Otherwise if no platform key is present, we are in setup mode.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
lib/efi_loader/efi_var_common.c diff | blob | history
Domain: System / Kernel;