From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751694AbdBFLXi (ORCPT ); Mon, 6 Feb 2017 06:23:38 -0500 Received: from mail-wm0-f43.google.com ([74.125.82.43]:37204 "EHLO mail-wm0-f43.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751615AbdBFLXg (ORCPT ); Mon, 6 Feb 2017 06:23:36 -0500 From: Ard Biesheuvel To: matt@codeblueprint.co.uk, Ingo Molnar , Thomas Gleixner , "H . Peter Anvin" Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, Arnd Bergmann , David Howells , Josh Boyer , Lukas Wunner Subject: [GIT PULL 0/7] EFI updates for v4.11 part 2 Date: Mon, 6 Feb 2017 11:22:39 +0000 Message-Id: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org These are patches that were still being discussed when I sent the first pull request last week, but we feel they are now in shape to be merged. Please pull. The following changes since commit a21a300289bb5a582cc96be23446fa35236a6a9a: efi: libstub: Preserve .debug sections after absolute relocation check (2017-01-31 11:47:39 +0000) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next for you to fetch changes up to dfe7b0e7e1ab9dc02d754c7dd11e465be0944603: efi: libstub: Make file I/O chunking x86-specific (2017-02-03 17:01:06 +0000) ---------------------------------------------------------------- Some more EFI changes we've queued up for v4.11: * Changes to the EFI init code to infer from various EFI and shim variables whether secure boot authentication was performed at boot time. (Note that this is the uncontroversial part: I expect some fierce debate about future patches that impose or relax certain restrictions based on this information, but collecting it is useful in itself.) * Disable a x86 specific file I/O chunking workaround on ARM so it does not spuriously trigger build time checks in the ARM decompressor. ---------------------------------------------------------------- Ard Biesheuvel (1): efi: libstub: Make file I/O chunking x86-specific David Howells (5): x86/efi: Allow invocation of arbitrary runtime services arm/efi: Allow invocation of arbitrary runtime services efi: Add SHIM and image security database GUID definitions efi: Get the secure boot status efi: Print the secure boot status in x86 setup_arch() Josh Boyer (1): efi: Disable secure boot if shim is in insecure mode Documentation/x86/zero-page.txt | 2 + arch/arm/include/asm/efi.h | 1 + arch/arm64/include/asm/efi.h | 1 + arch/x86/boot/compressed/eboot.c | 8 +++ arch/x86/boot/compressed/head_32.S | 6 +- arch/x86/boot/compressed/head_64.S | 8 +-- arch/x86/include/asm/efi.h | 5 ++ arch/x86/include/uapi/asm/bootparam.h | 3 +- arch/x86/kernel/asm-offsets.c | 1 + arch/x86/kernel/setup.c | 14 +++++ drivers/firmware/efi/libstub/Makefile | 2 +- drivers/firmware/efi/libstub/arm-stub.c | 63 ++----------------- drivers/firmware/efi/libstub/efi-stub-helper.c | 12 +++- drivers/firmware/efi/libstub/secureboot.c | 86 ++++++++++++++++++++++++++ include/linux/efi.h | 11 ++++ 15 files changed, 156 insertions(+), 67 deletions(-) create mode 100644 drivers/firmware/efi/libstub/secureboot.c