[PATCH v3 3/3] x86/setup: Populate bootinfo with secure boot status

From: Joel Stanley
Date: Fri Feb 04 2022 - 02:23:04 EST

Next message: Christoph Hellwig: "Re: [PATCH v4 1/5] mm: Fix invalid page pointer returned with FOLL_PIN gups"
Previous message: Joel Stanley: "[PATCH v3 2/3] ARM: aspeed: Add secure boot controller support"
In reply to: Joel Stanley: "[PATCH v3 2/3] ARM: aspeed: Add secure boot controller support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

bootinfo indicates to userspace that firmware is configured to boot with
secure boot.

Signed-off-by: Joel Stanley <joel@xxxxxxxxx>
---
v2: new
v3: no change
---
arch/x86/kernel/setup.c | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index f7a132eb794d..b805b758478f 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -23,6 +23,7 @@
#include <linux/usb/xhci-dbgp.h>
#include <linux/static_call.h>
#include <linux/swiotlb.h>
+#include <linux/firmware_bootinfo.h>

#include <uapi/linux/mount.h>

@@ -1100,17 +1101,22 @@ void __init setup_arch(char **cmdline_p)
setup_log_buf(1);

if (efi_enabled(EFI_BOOT)) {
+ struct bootinfo bootinfo = {};
+
switch (boot_params.secure_boot) {
case efi_secureboot_mode_disabled:
pr_info("Secure boot disabled\n");
+ BOOTINFO_SET(bootinfo, secure_boot, false);
break;
case efi_secureboot_mode_enabled:
pr_info("Secure boot enabled\n");
+ BOOTINFO_SET(bootinfo, secure_boot, true);
break;
default:
pr_info("Secure boot could not be determined\n");
break;
}
+ firmware_bootinfo_init(&bootinfo);
}

reserve_initrd();
--
2.34.1

Next message: Christoph Hellwig: "Re: [PATCH v4 1/5] mm: Fix invalid page pointer returned with FOLL_PIN gups"
Previous message: Joel Stanley: "[PATCH v3 2/3] ARM: aspeed: Add secure boot controller support"
In reply to: Joel Stanley: "[PATCH v3 2/3] ARM: aspeed: Add secure boot controller support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]