git.baikalelectronics.ru Git - kernel.git/commit

author	Ard Biesheuvel <ardb@kernel.org>
	Sat, 1 Feb 2020 08:32:21 +0000 (09:32 +0100)
committer	Mimi Zohar <zohar@linux.ibm.com>
	Tue, 11 Feb 2020 19:42:37 +0000 (14:42 -0500)
commit	aa07de4c5e8e912dcb2951c6f70a5b7c13cd5622
tree	2c74d8c21779f5753a602cf9ffc6b39b468ff9de	tree \| snapshot
parent	9f9285b96014e47599924b03ab0c07fa1549e04b	commit \| diff

x86/ima: use correct identifier for SetupMode variable

The IMA arch code attempts to inspect the "SetupMode" EFI variable
by populating a variable called efi_SetupMode_name with the string
"SecureBoot" and passing that to the EFI GetVariable service, which
obviously does not yield the expected result.

Given that the string is only referenced a single time, let's get
rid of the intermediate variable, and pass the correct string as
an immediate argument. While at it, do the same for "SecureBoot".

Fixes: 53aaf7909b69 ("x86/ima: retry detecting secure boot mode")
Fixes: 749bf88ccbf4 ("x86/ima: check EFI SetupMode too")
Cc: Matthew Garrett <mjg59@google.com>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Cc: stable@vger.kernel.org # v5.3
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>