[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1515507745-17391-3-git-send-email-daniel.kiper@oracle.com>
Date: Tue, 9 Jan 2018 15:22:23 +0100
From: Daniel Kiper <daniel.kiper@...cle.com>
To: linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org,
x86@...nel.org, xen-devel@...ts.xenproject.org
Cc: ard.biesheuvel@...aro.org, boris.ostrovsky@...cle.com,
hpa@...or.com, jgross@...e.com, konrad.wilk@...cle.com,
mingo@...hat.com, tglx@...utronix.de
Subject: [PATCH 2/4] x86/xen/efi: Initialize boot_params.secure_boot in xen_efi_init()
Otherwise the kernel reports incorrect UEFI secure boot state in the Xen dom0.
By the way fix CFLAGS_mmu_pv.o assignment alignment.
Signed-off-by: Daniel Kiper <daniel.kiper@...cle.com>
---
arch/x86/xen/Makefile | 4 +++-
arch/x86/xen/efi.c | 11 +++++++++++
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/arch/x86/xen/Makefile b/arch/x86/xen/Makefile
index d83cb54..1b07664 100644
--- a/arch/x86/xen/Makefile
+++ b/arch/x86/xen/Makefile
@@ -12,7 +12,9 @@ endif
# Make sure early boot has no stackprotector
nostackp := $(call cc-option, -fno-stack-protector)
CFLAGS_enlighten_pv.o := $(nostackp)
-CFLAGS_mmu_pv.o := $(nostackp)
+CFLAGS_mmu_pv.o := $(nostackp)
+
+CFLAGS_efi.o += -I$(srctree)/drivers/firmware
obj-y := enlighten.o multicalls.o mmu.o irq.o \
time.o xen-asm.o xen-asm_$(BITS).o \
diff --git a/arch/x86/xen/efi.c b/arch/x86/xen/efi.c
index a18703b..e089fa7 100644
--- a/arch/x86/xen/efi.c
+++ b/arch/x86/xen/efi.c
@@ -28,6 +28,15 @@
#include <asm/setup.h>
#include <asm/xen/hypercall.h>
+#define pr_efi(sys_table, msg)
+#define pr_efi_err(sys_table, msg)
+
+#define get_efi_var(name, vendor, attr, data_size, data) \
+ xen_efi_get_variable((efi_char16_t *)name, (efi_guid_t *)vendor, \
+ attr, data_size, data)
+
+#include <efi/libstub/secureboot-core.c>
+
static efi_char16_t vendor[100] __initdata;
static efi_system_table_t efi_systab_xen __initdata = {
@@ -129,6 +138,8 @@ void __init xen_efi_init(void)
boot_params.efi_info.efi_systab = (__u32)__pa(efi_systab_xen);
boot_params.efi_info.efi_systab_hi = (__u32)(__pa(efi_systab_xen) >> 32);
+ boot_params.secure_boot = efi_get_secureboot(efi_systab_xen);
+
set_bit(EFI_BOOT, &efi.flags);
set_bit(EFI_PARAVIRT, &efi.flags);
set_bit(EFI_64BIT, &efi.flags);
--
1.7.10.4
Powered by blists - more mailing lists