From patchwork Mon Feb 6 11:22:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93404 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp1660917qgi; Mon, 6 Feb 2017 03:23:45 -0800 (PST) X-Received: by 10.98.149.218 with SMTP id c87mr12415302pfk.88.1486380225823; Mon, 06 Feb 2017 03:23:45 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u17si400362pgn.198.2017.02.06.03.23.45; Mon, 06 Feb 2017 03:23:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751754AbdBFLXo (ORCPT + 25 others); Mon, 6 Feb 2017 06:23:44 -0500 Received: from mail-wm0-f44.google.com ([74.125.82.44]:37904 "EHLO mail-wm0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751615AbdBFLXj (ORCPT ); Mon, 6 Feb 2017 06:23:39 -0500 Received: by mail-wm0-f44.google.com with SMTP id r141so109549175wmg.1 for ; Mon, 06 Feb 2017 03:23:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=avIyvrNmpHBYjGVp/2OCkBuZNusG0Gw8s8ZRPWmqdxw=; b=iu6I3LpZc3tqZaqYeY1HeaK/I8CTnZtb4uUmqtao+aYnPmI7cViM/YvwcLggs4U9f/ cOqYMD8+n0gkdwZ7s4WpefS0gIaK1hjg9LFysUP7xTRPeND81RIMK/O4EId0yRrWDyiZ aZL/VHYMkM+Tg8A9H1JzuOqiCXl8/IMSl25yc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=avIyvrNmpHBYjGVp/2OCkBuZNusG0Gw8s8ZRPWmqdxw=; b=TtTWegr1fIJWjl4NSTrOv1GHM5aetlSMpjgILb7L605Mn4kBmBXUN8F29xaw24tNeE jf6B1s1JM2R9Zx2+3jB13r87DaILc1UV8QmjFdkFF2AeY30iP5IbBhMNq5tE5xA2BFmS v4y4ceQCKlKDni8EjD9afBD+MhMv4dLb7j0FgWxtyvpxW06fVnNmpWRsKemlr8CsvNim F7hwInN5aeIHOTBkOZp2sTkqTHPL7V8cg+IPNn/5jR49dYm7aJKswycV0I4FmUcKZg78 ANtMJV4ujiDdw7QJlY2Rj4oLXWtcC5RsZ97vIQi2Xm/vfFvl1sdh/FpThyIEdbtUjcTo RdsQ== X-Gm-Message-State: AMke39mXfhUzsDxuzw4g06Rm4uYxm35qzEDD9S0KbB4XM5RDoKHHjX3k+c9Na6t+1bs2wD5+ X-Received: by 10.28.11.135 with SMTP id 129mr7807188wml.111.1486380218107; Mon, 06 Feb 2017 03:23:38 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id o70sm903698wrc.20.2017.02.06.03.23.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 06 Feb 2017 03:23:37 -0800 (PST) From: Ard Biesheuvel To: matt@codeblueprint.co.uk, Ingo Molnar , Thomas Gleixner , "H . Peter Anvin" Cc: David Howells , Ard Biesheuvel , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH 1/7] x86/efi: Allow invocation of arbitrary runtime services Date: Mon, 6 Feb 2017 11:22:40 +0000 Message-Id: <1486380166-31868-2-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells Provide the ability to perform mixed-mode runtime service calls for x86 in the same way that commit 0a637ee61247bd4bed9b2a07568ef7a1cfc76187 ("x86/efi: Allow invocation of arbitrary boot services") provides the ability to invoke arbitrary boot services. Suggested-by: Lukas Wunner Cc: Matt Fleming Signed-off-by: David Howells Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/eboot.c | 1 + arch/x86/boot/compressed/head_32.S | 6 +++--- arch/x86/boot/compressed/head_64.S | 8 ++++---- arch/x86/include/asm/efi.h | 5 +++++ 4 files changed, 13 insertions(+), 7 deletions(-) -- 2.7.4 diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c index 6d3aeabbce68..f99978db6b6f 100644 --- a/arch/x86/boot/compressed/eboot.c +++ b/arch/x86/boot/compressed/eboot.c @@ -32,6 +32,7 @@ static void setup_boot_services##bits(struct efi_config *c) \ \ table = (typeof(table))sys_table; \ \ + c->runtime_services = table->runtime; \ c->boot_services = table->boottime; \ c->text_output = table->con_out; \ } diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S index fd0b6a272dd5..d85b9625e836 100644 --- a/arch/x86/boot/compressed/head_32.S +++ b/arch/x86/boot/compressed/head_32.S @@ -82,7 +82,7 @@ ENTRY(efi_pe_entry) /* Relocate efi_config->call() */ leal efi32_config(%esi), %eax - add %esi, 32(%eax) + add %esi, 40(%eax) pushl %eax call make_boot_params @@ -108,7 +108,7 @@ ENTRY(efi32_stub_entry) /* Relocate efi_config->call() */ leal efi32_config(%esi), %eax - add %esi, 32(%eax) + add %esi, 40(%eax) pushl %eax 2: call efi_main @@ -264,7 +264,7 @@ relocated: #ifdef CONFIG_EFI_STUB .data efi32_config: - .fill 4,8,0 + .fill 5,8,0 .long efi_call_phys .long 0 .byte 0 diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 4d85e600db78..d2ae1f821e0c 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -264,7 +264,7 @@ ENTRY(efi_pe_entry) /* * Relocate efi_config->call(). */ - addq %rbp, efi64_config+32(%rip) + addq %rbp, efi64_config+40(%rip) movq %rax, %rdi call make_boot_params @@ -284,7 +284,7 @@ handover_entry: * Relocate efi_config->call(). */ movq efi_config(%rip), %rax - addq %rbp, 32(%rax) + addq %rbp, 40(%rax) 2: movq efi_config(%rip), %rdi call efi_main @@ -456,14 +456,14 @@ efi_config: #ifdef CONFIG_EFI_MIXED .global efi32_config efi32_config: - .fill 4,8,0 + .fill 5,8,0 .quad efi64_thunk .byte 0 #endif .global efi64_config efi64_config: - .fill 4,8,0 + .fill 5,8,0 .quad efi_call .byte 1 #endif /* CONFIG_EFI_STUB */ diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h index e99675b9c861..2f77bcefe6b4 100644 --- a/arch/x86/include/asm/efi.h +++ b/arch/x86/include/asm/efi.h @@ -191,6 +191,7 @@ static inline efi_status_t efi_thunk_set_virtual_address_map( struct efi_config { u64 image_handle; u64 table; + u64 runtime_services; u64 boot_services; u64 text_output; efi_status_t (*call)(unsigned long, ...); @@ -226,6 +227,10 @@ static inline bool efi_is_64bit(void) #define __efi_call_early(f, ...) \ __efi_early()->call((unsigned long)f, __VA_ARGS__); +#define efi_call_runtime(f, ...) \ + __efi_early()->call(efi_table_attr(efi_runtime_services, f, \ + __efi_early()->runtime_services), __VA_ARGS__) + extern bool efi_reboot_required(void); #else From patchwork Mon Feb 6 11:22:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93410 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp1661328qgi; Mon, 6 Feb 2017 03:25:06 -0800 (PST) X-Received: by 10.98.157.83 with SMTP id i80mr12378395pfd.177.1486380306033; Mon, 06 Feb 2017 03:25:06 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v5si398850pgg.234.2017.02.06.03.25.05; Mon, 06 Feb 2017 03:25:06 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751936AbdBFLZE (ORCPT + 25 others); Mon, 6 Feb 2017 06:25:04 -0500 Received: from mail-wm0-f42.google.com ([74.125.82.42]:35410 "EHLO mail-wm0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751714AbdBFLXm (ORCPT ); Mon, 6 Feb 2017 06:23:42 -0500 Received: by mail-wm0-f42.google.com with SMTP id b65so115686421wmf.0 for ; Mon, 06 Feb 2017 03:23:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=zm7ySq0FVgwTpKe4KKtJ5+ZlWMQXqVdxQhqRQdk5qcU=; b=SpXnZJENDZF6Ooc8+0tdXtvL2b9dJ9Q0xLZnazX6L+jmJFGIY1NZFiMmZns59lVi1q pJyoROsIq2dDppRM/ASjNcHA2AYWs9CyDe9T54m9Yq0QTMgBJJ+m/BB73cRzoxn29Mh6 kj4KidF7ktQqjMSTeU5B0NzIpuOEs5VXN7EAc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=zm7ySq0FVgwTpKe4KKtJ5+ZlWMQXqVdxQhqRQdk5qcU=; b=e6E8/1FAq2ZtQ4LLAXaPqzeXOV26KrRrOGkcxFdBSeqpU+QcuQ5jkDITliEfcLlw+5 0CC97Al1Ut/2jaXgI+5/QmiizXThjeO2/wvz0JxSpeCdP0H5CjMOlFkAqAzG2lILLxOX gz2Oc+WVfXkC2X2nozo6gjofBo1JM/eCvQaBAOxKJPT8kYEwjzwjHqg/Iv5FUSYpqlsv E/yQi6T/qoDqRH81/scq76tZR4MVK3azcrA+YbFdMigfUu5zAzJ9hXvAZ/N5T3qt3Ne3 jrUgDTIAdwe1bO3xGw3lx+MfwVxgrDaJUb2Q0eUkmpgFpRalrt1P56cy7zE9jsDLc+fx ik9A== X-Gm-Message-State: AMke39ko9vV9FM5FYkpF6xkLCvAg2+p6C8fUTr7Q2YBVEtSxVszJ+p3rpy2Z7ipgg2oGFmRx X-Received: by 10.28.13.16 with SMTP id 16mr7838667wmn.101.1486380221145; Mon, 06 Feb 2017 03:23:41 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id o70sm903698wrc.20.2017.02.06.03.23.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 06 Feb 2017 03:23:40 -0800 (PST) From: Ard Biesheuvel To: matt@codeblueprint.co.uk, Ingo Molnar , Thomas Gleixner , "H . Peter Anvin" Cc: David Howells , Ard Biesheuvel , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH 2/7] arm/efi: Allow invocation of arbitrary runtime services Date: Mon, 6 Feb 2017 11:22:41 +0000 Message-Id: <1486380166-31868-3-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells efi_call_runtime() is provided for x86 to be able abstract mixed mode support. Provide this for ARM also so that common code work in mixed mode also. Suggested-by: Lukas Wunner Cc: Matt Fleming Signed-off-by: David Howells Signed-off-by: Ard Biesheuvel --- arch/arm/include/asm/efi.h | 1 + arch/arm64/include/asm/efi.h | 1 + 2 files changed, 2 insertions(+) -- 2.7.4 diff --git a/arch/arm/include/asm/efi.h b/arch/arm/include/asm/efi.h index 0b06f5341b45..e4e6a9d6a825 100644 --- a/arch/arm/include/asm/efi.h +++ b/arch/arm/include/asm/efi.h @@ -55,6 +55,7 @@ void efi_virtmap_unload(void); #define efi_call_early(f, ...) sys_table_arg->boottime->f(__VA_ARGS__) #define __efi_call_early(f, ...) f(__VA_ARGS__) +#define efi_call_runtime(f, ...) sys_table_arg->runtime->f(__VA_ARGS__) #define efi_is_64bit() (false) #define efi_call_proto(protocol, f, instance, ...) \ diff --git a/arch/arm64/include/asm/efi.h b/arch/arm64/include/asm/efi.h index 0b6b1633017f..e7445281e534 100644 --- a/arch/arm64/include/asm/efi.h +++ b/arch/arm64/include/asm/efi.h @@ -50,6 +50,7 @@ int efi_set_mapping_permissions(struct mm_struct *mm, efi_memory_desc_t *md); #define efi_call_early(f, ...) sys_table_arg->boottime->f(__VA_ARGS__) #define __efi_call_early(f, ...) f(__VA_ARGS__) +#define efi_call_runtime(f, ...) sys_table_arg->runtime->f(__VA_ARGS__) #define efi_is_64bit() (true) #define efi_call_proto(protocol, f, instance, ...) \ From patchwork Mon Feb 6 11:22:42 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93405 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp1660991qgi; Mon, 6 Feb 2017 03:24:01 -0800 (PST) X-Received: by 10.99.173.14 with SMTP id g14mr12829657pgf.176.1486380241322; Mon, 06 Feb 2017 03:24:01 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1si422082plk.2.2017.02.06.03.24.01; Mon, 06 Feb 2017 03:24:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751805AbdBFLXs (ORCPT + 25 others); Mon, 6 Feb 2017 06:23:48 -0500 Received: from mail-wr0-f176.google.com ([209.85.128.176]:34245 "EHLO mail-wr0-f176.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751716AbdBFLXp (ORCPT ); Mon, 6 Feb 2017 06:23:45 -0500 Received: by mail-wr0-f176.google.com with SMTP id o16so21719773wra.1 for ; Mon, 06 Feb 2017 03:23:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Fu210U+mcdlVyTfi3yJ5YVbWDV7eA+Yl7o6VhATWCyo=; b=TCW8GQVn51OUubUC4mG8Zs/g4JD3mBwl9yCGGeinLx/Q6b2rlN8h6Tw5ZSXM6VZ85j rLgC8aZaYktVd/8ZPXjoDTG5Ty87lTmjfHMqe/zFzNQfNigaKR26Ffrnn/eZU73yv30Y oHlGvK+K9Lp1xlnXpBwMup9DzkEdJplhQ6xtw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Fu210U+mcdlVyTfi3yJ5YVbWDV7eA+Yl7o6VhATWCyo=; b=blo/m4/xAzF2Q/yGU56TiRHf95RogKaXyOSMEAQZwhbfAIMNRgl7/M3pwU5KdxwELE mKKNpFgL95cgsoRbH/KlIO5kLhZzyxHPvL1ZLNpYECSNhKOrIDm+6XSKhh0BFNWcHp+8 CHhl6r6EUKkdE0e3dLdxcUO4VtCoWT1ZGeeJsAeZ/hL3Q3y9hwjWnu750D9XDte7KB22 vHIRM6z861mKAIHmXTKcyTScRLimhYi+RCVjb13zEebljKCTY6dRzRv1Sq829OQRfsxy hvYRLeJdffmJRFfbqLAwpOmcwV/e+CQRNQQyGvXgXK4eLfra0AjrJRJFGIkMn3o2w1K7 2HfA== X-Gm-Message-State: AIkVDXJXsLhz7lE1+co+vG8nw+4T7g5k6sBqHhFW6IHqw7v51xz4YxzRAyBC44ccQabw1QVr X-Received: by 10.223.172.210 with SMTP id o76mr8741053wrc.21.1486380223742; Mon, 06 Feb 2017 03:23:43 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id o70sm903698wrc.20.2017.02.06.03.23.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 06 Feb 2017 03:23:42 -0800 (PST) From: Ard Biesheuvel To: matt@codeblueprint.co.uk, Ingo Molnar , Thomas Gleixner , "H . Peter Anvin" Cc: David Howells , Ard Biesheuvel , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, Josh Boyer Subject: [PATCH 3/7] efi: Add SHIM and image security database GUID definitions Date: Mon, 6 Feb 2017 11:22:42 +0000 Message-Id: <1486380166-31868-4-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells Add the definitions for shim and image security database, both of which are used widely in various Linux distros. Signed-off-by: Josh Boyer Signed-off-by: David Howells Cc: Matt Fleming Signed-off-by: Ard Biesheuvel --- include/linux/efi.h | 3 +++ 1 file changed, 3 insertions(+) -- 2.7.4 diff --git a/include/linux/efi.h b/include/linux/efi.h index 8c6e007a5408..52c87de3e50d 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -611,6 +611,9 @@ void efi_native_runtime_setup(void); #define EFI_CONSOLE_OUT_DEVICE_GUID EFI_GUID(0xd3b36f2c, 0xd551, 0x11d4, 0x9a, 0x46, 0x00, 0x90, 0x27, 0x3f, 0xc1, 0x4d) #define APPLE_PROPERTIES_PROTOCOL_GUID EFI_GUID(0x91bd12fe, 0xf6c3, 0x44fb, 0xa5, 0xb7, 0x51, 0x22, 0xab, 0x30, 0x3a, 0xe0) +#define EFI_IMAGE_SECURITY_DATABASE_GUID EFI_GUID(0xd719b2cb, 0x3d3a, 0x4596, 0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f) +#define EFI_SHIM_LOCK_GUID EFI_GUID(0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23) + /* * This GUID is used to pass to the kernel proper the struct screen_info * structure that was populated by the stub based on the GOP protocol instance From patchwork Mon Feb 6 11:22:45 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93408 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp1661003qgi; Mon, 6 Feb 2017 03:24:02 -0800 (PST) X-Received: by 10.99.170.70 with SMTP id x6mr12743340pgo.14.1486380242419; Mon, 06 Feb 2017 03:24:02 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1si422082plk.2.2017.02.06.03.24.02; Mon, 06 Feb 2017 03:24:02 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751886AbdBFLX7 (ORCPT + 25 others); Mon, 6 Feb 2017 06:23:59 -0500 Received: from mail-wr0-f175.google.com ([209.85.128.175]:32885 "EHLO mail-wr0-f175.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751835AbdBFLXy (ORCPT ); Mon, 6 Feb 2017 06:23:54 -0500 Received: by mail-wr0-f175.google.com with SMTP id i10so21674367wrb.0 for ; Mon, 06 Feb 2017 03:23:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=EmRSFp6mb6gijgTtlCf5PaFVQv2uUQtrHfzPHXTSw9E=; b=Gi9c/m7+Ax+lm0/DZb6ueiAQ1w+w3fhAeA7FPWaVLY+F1/flTil9I8cSP0dPhv2TZm UrVDBDIdmj6qsUsHH0n1Cby6kDa/xcy7N9fpiAN3rnnaFnXCd78g0Klk9p5yRXIISSpb toQDeC27DsgQeV3LJh/sMn4kzDROZjFZf84J0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=EmRSFp6mb6gijgTtlCf5PaFVQv2uUQtrHfzPHXTSw9E=; b=qewwkbCvebLpHblraIc4+bcwcx8f9JHuQLinGV0D6MHK385OVvTypPBeJAoO59GV8B xfsMxhJ3P8sOBx2lMQtLET4xFoad60Myqpb8AP0WRQ+SE9CEP14oKvH1g6ayd3vtemh/ DX//qlhjqwBqrEJJvwYMJLraLV96owunCUm5lqJx7H+hrLBrJYEVA9y0NBn73bClwTnN BXMqGu4ScdEWl/7HCFHVsDqavo3TVJnMR4JOxjOd4K8PPmwFcT4QvCqTmYSpXNKNpnVF Jc6kfQ7xVu/G1d59uZyO4KjJlO/pseTHvx7IBZEeS2YlJXouIbsiPwhwWFj53SZJlz9M ZTGQ== X-Gm-Message-State: AIkVDXJ0Q+YwF+xNGFGjWsiGX8vyDI/Cxh4hrCkeBUitbi84FDZ01qQKe26w76dlOYAB/LPh X-Received: by 10.223.172.210 with SMTP id o76mr8741508wrc.21.1486380231236; Mon, 06 Feb 2017 03:23:51 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id o70sm903698wrc.20.2017.02.06.03.23.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 06 Feb 2017 03:23:50 -0800 (PST) From: Ard Biesheuvel To: matt@codeblueprint.co.uk, Ingo Molnar , Thomas Gleixner , "H . Peter Anvin" Cc: David Howells , Ard Biesheuvel , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH 6/7] efi: Print the secure boot status in x86 setup_arch() Date: Mon, 6 Feb 2017 11:22:45 +0000 Message-Id: <1486380166-31868-7-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells Print the secure boot status in the x86 setup_arch() but otherwise do nothing more for now. More functionality will be added later, but this at least allows for testing. Signed-off-by: David Howells Cc: Matt Fleming [ardb: use efi_enabled() instead of IS_ENABLED(CONFIG_EFI)] Signed-off-by: Ard Biesheuvel --- arch/x86/kernel/setup.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) -- 2.7.4 diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c index 4cfba947d774..69780edf0dde 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -1176,6 +1176,20 @@ void __init setup_arch(char **cmdline_p) /* Allocate bigger log buffer */ setup_log_buf(1); + if (efi_enabled(EFI_BOOT)) { + switch (boot_params.secure_boot) { + case efi_secureboot_mode_disabled: + pr_info("Secure boot disabled\n"); + break; + case efi_secureboot_mode_enabled: + pr_info("Secure boot enabled\n"); + break; + default: + pr_info("Secure boot could not be determined\n"); + break; + } + } + reserve_initrd(); acpi_table_upgrade();