From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
To: joeyli <jlee@suse.com>
Cc: Ard Biesheuvel <ardb@kernel.org>,
linux-efi <linux-efi@vger.kernel.org>,
Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [PATCH 1/2] efi: Disable runtime services on RT
Date: Wed, 20 Oct 2021 09:20:12 +0200 [thread overview]
Message-ID: <20211020072012.wvqerq4xeafqldnd@linutronix.de> (raw)
In-Reply-To: <20211020064718.GD3965@linux-l9pv.suse>
On 2021-10-20 14:47:18 [+0800], joeyli wrote:
> > I have no idea what it does. This enrolling is only required once
> > per-lifetime and not on each system boot, right?
>
> Yes, no each system boot.
>
> But when boot loader or kernel be updated or user wants to install a
> self-signed kernel or module. Then they need to reboot with efi=runtime
> in the future.
I see.
> On the other hand, any RT distro that suppors MOK needs to modify their
> installation program/process to add efi=runtime in first boot. Otherwise
> the installation will be failed. Honestly this patch changed the kernel
> behavior and it may causes that old installation get problem.
Nope. It was in the -RT queue since v4.18-RT, and I see it backported
into latest v4.14.244-rt121 probably earlier kernels, too.
So unless you ship something pre v4.18-RT without that patch and you
update to post v4.18-RT you need to pay attention - independently of
this being now merged upstream.
This is also in the wiki
https://wiki.linuxfoundation.org/realtime/documentation/known_limitations#efi
> Joey Lee
Sebastian
next prev parent reply other threads:[~2021-10-20 7:20 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-24 13:49 [PATCH 0/2] efi: Disable runtime services on RT Sebastian Andrzej Siewior
2021-09-24 13:49 ` [PATCH 1/2] " Sebastian Andrzej Siewior
2021-09-28 13:30 ` Ard Biesheuvel
2021-09-28 13:33 ` Sebastian Andrzej Siewior
2021-09-28 13:34 ` Ard Biesheuvel
2021-09-28 14:24 ` Sebastian Andrzej Siewior
2021-10-20 6:09 ` joeyli
2021-10-20 6:28 ` Sebastian Andrzej Siewior
2021-10-20 6:47 ` joeyli
2021-10-20 7:20 ` Sebastian Andrzej Siewior [this message]
2021-09-28 20:28 ` Thomas Gleixner
2021-09-28 20:41 ` Ard Biesheuvel
2021-09-24 13:49 ` [PATCH 2/2] efi: Allow efi=runtime Sebastian Andrzej Siewior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211020072012.wvqerq4xeafqldnd@linutronix.de \
--to=bigeasy@linutronix.de \
--cc=ardb@kernel.org \
--cc=jlee@suse.com \
--cc=linux-efi@vger.kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).