dgit.raspbian.org Git - linux.git/commit

author	David Howells <dhowells@redhat.com>
	Mon, 18 Feb 2019 12:45:03 +0000 (12:45 +0000)
committer	Ben Hutchings <ben@decadent.org.uk>
	Tue, 19 Nov 2019 01:43:33 +0000 (01:43 +0000)
commit	e2e27d9802f0006a712cb22e47c2d8ff39782755
tree	c682a5ede27dcd16f4bf9e98b6d38405dba973fb	tree \| snapshot
parent	0099238c4d4e473520c5399c9b30a4f34401e8d0	commit \| diff

efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode

UEFI machines can be booted in Secure Boot mode. Add an EFI_SECURE_BOOT
flag that can be passed to efi_enabled() to find out whether secure boot is
enabled.

Move the switch-statement in x86's setup_arch() that inteprets the
secure_boot boot parameter to generic code and set the bit there.

Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
cc: linux-efi@vger.kernel.org

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0028-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-b.patch

arch/x86/kernel/setup.c		diff \| blob \| history
drivers/firmware/efi/Makefile		diff \| blob \| history
drivers/firmware/efi/secureboot.c	[new file with mode: 0644]	blob
include/linux/efi.h		diff \| blob \| history