Re: [GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel

From: Matthew Garrett
Date: Tue May 05 2020 - 13:29:20 EST

Next message: Paul E. McKenney: "Re: Re: [PATCH net v2 0/2] Revert the 'socket_alloc' life cycle change"
Previous message: Nick Desaulniers: "Re: [PATCH v6 1/2] x86: fix bitops.h warning with a moved cast"
In reply to: Daniel Kiper: "[GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel"
Next in thread: Daniel Kiper: "Re: [GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, May 4, 2020 at 4:25 PM Daniel Kiper <daniel.kiper@xxxxxxxxxx> wrote:
>
> Otherwise the kernel does not know its state and cannot enable various
> security features depending on UEFI Secure Boot.

I think this needs more context. If the kernel is loaded via the EFI
boot stub, the kernel is aware of the UEFI secure boot state. Why
duplicate this functionality in order to avoid the EFI stub?

Next message: Paul E. McKenney: "Re: Re: [PATCH net v2 0/2] Revert the 'socket_alloc' life cycle change"
Previous message: Nick Desaulniers: "Re: [PATCH v6 1/2] x86: fix bitops.h warning with a moved cast"
In reply to: Daniel Kiper: "[GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel"
Next in thread: Daniel Kiper: "Re: [GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]