| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3710.1479895641@warthog.procyon.org.uk>
Date: Wed, 23 Nov 2016 10:07:21 +0000
From: David Howells <dhowells@...hat.com>
To: Lukas Wunner <lukas@...ner.de>
Cc: dhowells@...hat.com, linux-efi@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
Josh Boyer <jwboyer@...oraproject.org>,
keyrings@...r.kernel.org
Subject: Re: [PATCH 6/6] efi: Add EFI_SECURE_BOOT bit [ver #2]
Lukas Wunner <lukas@...ner.de> wrote:
> > +#ifdef CONFIG_EFI
> > + if (boot_params.secure_boot) {
> > + set_bit(EFI_SECURE_BOOT, &efi.flags);
> > + pr_info("Secure boot enabled\n");
> > + }
> > +#endif
> > +
>
> Section 20 of Documentation/CodingStyle recommends IS_ENABLED()
> instead of #ifdef.
The problem is this:
arch/x86/include/asm/bitops.h:75: undefined reference to `efi'
To quote section 20: "... Thus, you still have to use an #ifdef if the code
inside the block references symbols that will not exist if the condition is
not met."
> Also, CONFIG_EFI_STUB might be more apt than CONFIG_EFI.
Other stuff in the same function is contingent on CONFIG_EFI. EFI_STUB is to
do with how the thing can be booted, I think - not whether EFI support is
enabled.
David
Powered by blists - more mailing lists