review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	David Howells <dhowells@redhat.com>
	Mon, 6 Feb 2017 11:22:43 +0000 (11:22 +0000)
committer	Ingo Molnar <mingo@kernel.org>
	Tue, 7 Feb 2017 09:42:10 +0000 (10:42 +0100)
commit	de8cb458625c164bb3f93c4e415e479afce8fa9d
tree	6da87e0a45c5d1e39bc5f46413123358734d8eba	tree \| snapshot
parent	e58910cdc9f43cda2e52fcdf2fddbdc74e80b2f7	commit \| diff

efi: Get and store the secure boot status

Get the firmware's secure-boot status in the kernel boot wrapper and stash
it somewhere that the main kernel image can find.

The efi_get_secureboot() function is extracted from the ARM stub and (a)
generalised so that it can be called from x86 and (b) made to use
efi_call_runtime() so that it can be run in mixed-mode.

For x86, it is stored in boot_params and can be overridden by the boot
loader or kexec. This allows secure-boot mode to be passed on to a new
kernel.

Suggested-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/1486380166-31868-5-git-send-email-ard.biesheuvel@linaro.org
[ Small readability edits. ]
Signed-off-by: Ingo Molnar <mingo@kernel.org>

Documentation/x86/zero-page.txt		diff \| blob \| history
arch/x86/boot/compressed/eboot.c		diff \| blob \| history
arch/x86/include/uapi/asm/bootparam.h		diff \| blob \| history
arch/x86/kernel/asm-offsets.c		diff \| blob \| history
drivers/firmware/efi/libstub/Makefile		diff \| blob \| history
drivers/firmware/efi/libstub/arm-stub.c		diff \| blob \| history
drivers/firmware/efi/libstub/secureboot.c	[new file with mode: 0644]	blob
include/linux/efi.h		diff \| blob \| history