| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Feb 2022 17:52:34 +1030
From: Joel Stanley <joel@....id.au>
To: Arnd Bergmann <arnd@...db.de>, Andrew Jeffery <andrew@...id.au>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J . Wysocki" <rafael@...nel.org>,
Robin Murphy <robin.murphy@....com>
Cc: linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
linux-aspeed@...ts.ozlabs.org
Subject: [PATCH v3 3/3] x86/setup: Populate bootinfo with secure boot status
bootinfo indicates to userspace that firmware is configured to boot with
secure boot.
Signed-off-by: Joel Stanley <joel@....id.au>
---
v2: new
v3: no change
---
arch/x86/kernel/setup.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index f7a132eb794d..b805b758478f 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -23,6 +23,7 @@
#include <linux/usb/xhci-dbgp.h>
#include <linux/static_call.h>
#include <linux/swiotlb.h>
+#include <linux/firmware_bootinfo.h>
#include <uapi/linux/mount.h>
@@ -1100,17 +1101,22 @@ void __init setup_arch(char **cmdline_p)
setup_log_buf(1);
if (efi_enabled(EFI_BOOT)) {
+ struct bootinfo bootinfo = {};
+
switch (boot_params.secure_boot) {
case efi_secureboot_mode_disabled:
pr_info("Secure boot disabled\n");
+ BOOTINFO_SET(bootinfo, secure_boot, false);
break;
case efi_secureboot_mode_enabled:
pr_info("Secure boot enabled\n");
+ BOOTINFO_SET(bootinfo, secure_boot, true);
break;
default:
pr_info("Secure boot could not be determined\n");
break;
}
+ firmware_bootinfo_init(&bootinfo);
}
reserve_initrd();
--
2.34.1
Powered by blists - more mailing lists