www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Dan Duval <dan.duval@oracle.com>
	Fri, 11 Dec 2015 20:20:20 +0000 (15:20 -0500)
committer	Santosh Shilimkar <santosh.shilimkar@oracle.com>
	Sat, 12 Dec 2015 03:06:52 +0000 (19:06 -0800)
commit	a954f7350658a8fde4b893c7b74de8137864ad12
tree	db78bb5b8d636baa4136c89178b4404c079f85e2	tree
parent	da474c119e750c2901c01692e44da2f84e38c26c	commit \| diff

x86/efi: Set securelevel when loaded without efi stub

Orabug: 22353360

With UEFI Secure Boot enabled and securelevel set, after a kernel is loaded
using kexec and booted, securelevel is disabled. With the securelevel patch
set, the state of UEFI Secure Boot is queried when booted via the efi stub, but
kexec does not use the efi stub.

To allow kernels which are not loaded through the efi stub to properly set
securelevel as well, add a new init routine to start_kernel() to query the
state of UEFI Secure Boot and enable securelevel if needed.

Taken from https://bugzilla.redhat.com/attachment.cgi?id=1052836 .

Signed-off-by: Linn Crosetto <linn@hp.com>
Signed-off-by: Dan Duval <dan.duval@oracle.com>

arch/x86/kernel/setup.c		diff \| blob \| history
arch/x86/platform/efi/efi.c		diff \| blob \| history
include/linux/efi.h		diff \| blob \| history
init/main.c		diff \| blob \| history