From 874c55200a1af5834f820cc4c6105aaf15db82ad Mon Sep 17 00:00:00 2001
From: Brian Maly <brian.maly@oracle.com>
Date: Thu, 7 Apr 2016 15:42:49 -0400
Subject: [PATCH] RHEL: uefi: copy secure_boot flag in boot params across kexec

Orabug: 23511799

(Dave Young) [1243998]

CVE-2015-7837

Signed-off-by: Brian Maly <brian.maly@oracle.com>
---
 arch/x86/kernel/kexec-bzimage64.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c
index ca05f86481aac..4c6da4b3a9012 100644
--- a/arch/x86/kernel/kexec-bzimage64.c
+++ b/arch/x86/kernel/kexec-bzimage64.c
@@ -179,6 +179,7 @@ setup_efi_state(struct boot_params *params, unsigned long params_load_addr,
 	if (efi_enabled(EFI_OLD_MEMMAP))
 		return 0;
 
+	params->secure_boot = boot_params.secure_boot;
 	ei->efi_loader_signature = current_ei->efi_loader_signature;
 	ei->efi_systab = current_ei->efi_systab;
 	ei->efi_systab_hi = current_ei->efi_systab_hi;
-- 
2.50.1