Re: [PATCH 6/7] efi: Handle secure boot from UEFI-2.6 [ver #7]

From: David Howells
Date: Wed Feb 01 2017 - 07:33:57 EST

Next message: Taeung Song: "[PATCH v3 0/4] Fill in lacking parts and Refactor several parts"
Previous message: Gabriele Paoloni: "RE: [PATCH V6 1/5] LIB: Indirect ISA/LPC port IO introduced"
In reply to: Ard Biesheuvel: "Re: [PATCH 6/7] efi: Handle secure boot from UEFI-2.6 [ver #7]"
Next in thread: Ard Biesheuvel: "Re: [PATCH 6/7] efi: Handle secure boot from UEFI-2.6 [ver #7]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:

> So this patch should take AuditMode into account, but not DeployedMode, i.e.,
>
> SecureBoot == 0x1
> SetupMode == 0x0
> AuditMode == 0x0 (or non-existent)

If we're in audit mode or setup mode SecureBoot==0 and SetupMode==1 according
to the flowchart, so the check of AuditMode would seem redundant.

Further, the checks above don't seem to differentiate deployed mode from user
mode. Should they?

David

Next message: Taeung Song: "[PATCH v3 0/4] Fill in lacking parts and Refactor several parts"
Previous message: Gabriele Paoloni: "RE: [PATCH V6 1/5] LIB: Indirect ISA/LPC port IO introduced"
In reply to: Ard Biesheuvel: "Re: [PATCH 6/7] efi: Handle secure boot from UEFI-2.6 [ver #7]"
Next in thread: Ard Biesheuvel: "Re: [PATCH 6/7] efi: Handle secure boot from UEFI-2.6 [ver #7]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]