git.baikalelectronics.ru Git - kernel.git/commit

author	Daniel Kiper <daniel.kiper@oracle.com>
	Fri, 4 May 2018 05:59:47 +0000 (07:59 +0200)
committer	Ingo Molnar <mingo@kernel.org>
	Mon, 14 May 2018 06:57:46 +0000 (08:57 +0200)
commit	1731c4cdeb4483832525814779b2291962551fa9
tree	fba523a21d33efb207ba5128c23350577ebefaaa	tree \| snapshot
parent	da362319830468b191c68eb45de2bcde1ad10ed9	commit \| diff

x86/xen/efi: Initialize UEFI secure boot state during dom0 boot

Initialize UEFI secure boot state during dom0 boot. Otherwise the kernel
may not even know that it runs on secure boot enabled platform.

Note that part of drivers/firmware/efi/libstub/secureboot.c is duplicated
by this patch, only in this case, it runs in the context of the kernel
proper rather than UEFI boot context. The reason for the duplication is
that maintaining the original code to run correctly on ARM/arm64 as well
as on all the quirky x86 firmware we support is enough of a burden as it
is, and adding the x86/Xen execution context to that mix just so we can
reuse a single routine just isn't worth it.

[ardb: explain rationale for code duplication]
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20180504060003.19618-2-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>

arch/x86/xen/efi.c		diff \| blob \| history
drivers/firmware/efi/libstub/secureboot.c		diff \| blob \| history