Re: [GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel

From: Daniel Kiper
Date: Wed May 06 2020 - 09:34:42 EST

Next message: Steven Rostedt: "Re: [PATCH] kernel/trace: Stop and wait for kthread on preempt irq module unload"
Previous message: Will Deacon: "Re: [patch V4 part 1 06/36] compiler: Simple READ/WRITE_ONCE() implementations"
In reply to: Matthew Garrett: "Re: [GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel"
Next in thread: Matthew Garrett: "Re: [GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 05, 2020 at 10:29:05AM -0700, Matthew Garrett wrote:
> On Mon, May 4, 2020 at 4:25 PM Daniel Kiper <daniel.kiper@xxxxxxxxxx> wrote:
> >
> > Otherwise the kernel does not know its state and cannot enable various
> > security features depending on UEFI Secure Boot.
>
> I think this needs more context. If the kernel is loaded via the EFI
> boot stub, the kernel is aware of the UEFI secure boot state. Why
> duplicate this functionality in order to avoid the EFI stub?

It seems to me that this issue was discussed here [1] and here [2].
So, if you want me to improve the commit message I am OK with that.

Additionally, FYI I am not happy with that patch too. So, if somebody
has better idea how to do that then I am happy to discuss it here.

Daniel

[1] https://lkml.org/lkml/2020/3/25/982
[2] https://lkml.org/lkml/2020/3/26/985

Next message: Steven Rostedt: "Re: [PATCH] kernel/trace: Stop and wait for kthread on preempt irq module unload"
Previous message: Will Deacon: "Re: [patch V4 part 1 06/36] compiler: Simple READ/WRITE_ONCE() implementations"
In reply to: Matthew Garrett: "Re: [GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel"
Next in thread: Matthew Garrett: "Re: [GRUB PATCH RFC 12/18] i386/efi: Report UEFI Secure Boot status to the Linux kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]