Re: [PATCH 5/8] efi: Get the secure boot status [ver #6]

From: David Howells
Date: Mon Jan 23 2017 - 17:11:57 EST


Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx> wrote:

> > (4) extract_kernel() calls sanitize_boot_params() which would otherwise clear
> > the secure-boot flag.
>
> The ->sentinel flag should be clear (because you zero'd boot_params on
> alloc), so the code inside of sanitize_boot_params() should never
> trigger for the secure boot case.

But it *does* trigger, otherwise I wouldn't've noticed this.

David