* [GIT PULL] efi/urgent for v5.9-rc6
@ 2020-09-20 19:33 Borislav Petkov
2020-09-20 22:25 ` Linus Torvalds
2020-09-20 22:40 ` pr-tracker-bot
0 siblings, 2 replies; 4+ messages in thread
From: Borislav Petkov @ 2020-09-20 19:33 UTC (permalink / raw)
To: Linus Torvalds; +Cc: Ard Biesheuvel, x86-ml, lkml
Hi Linus,
please pull a single EFI/urgent fix. I'm simply forwarding Ard's tag, I hope
that's ok.
Thx.
---
The following changes since commit fb1201aececc59990b75ef59fca93ae4aa1e1444:
Documentation: efi: remove description of efi=old_map (2020-08-20 11:18:36 +0200)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/efi-urgent-for-v5.9-rc5
for you to fetch changes up to 46908326c6b801201f1e46f5ed0db6e85bef74ae:
efi: efibc: check for efivars write capability (2020-09-15 18:22:47 +0300)
----------------------------------------------------------------
Single EFI fix for v5.9-rc:
- ensure that the EFI bootloader control module only probes successfully
on systems that support the EFI SetVariable runtime service
----------------------------------------------------------------
Ard Biesheuvel (1):
efi: efibc: check for efivars write capability
drivers/firmware/efi/efibc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/firmware/efi/efibc.c b/drivers/firmware/efi/efibc.c
index 35dccc88ac0a..15a47539dc56 100644
--- a/drivers/firmware/efi/efibc.c
+++ b/drivers/firmware/efi/efibc.c
@@ -84,7 +84,7 @@ static int __init efibc_init(void)
{
int ret;
- if (!efi_enabled(EFI_RUNTIME_SERVICES))
+ if (!efivars_kobject() || !efivar_supports_writes())
return -ENODEV;
ret = register_reboot_notifier(&efibc_reboot_notifier);
--
Regards/Gruss,
Boris.
SUSE Software Solutions Germany GmbH, GF: Felix Imendörffer, HRB 36809, AG Nürnberg
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [GIT PULL] efi/urgent for v5.9-rc6
2020-09-20 19:33 [GIT PULL] efi/urgent for v5.9-rc6 Borislav Petkov
@ 2020-09-20 22:25 ` Linus Torvalds
2020-09-20 22:38 ` Borislav Petkov
2020-09-20 22:40 ` pr-tracker-bot
1 sibling, 1 reply; 4+ messages in thread
From: Linus Torvalds @ 2020-09-20 22:25 UTC (permalink / raw)
To: Borislav Petkov; +Cc: Ard Biesheuvel, x86-ml, lkml
On Sun, Sep 20, 2020 at 12:33 PM Borislav Petkov <bp@suse.de> wrote:
>
> I'm simply forwarding Ard's tag, I hope that's ok.
That's ok, although it shows perhaps a weakness in our model.
Git actually would have allowed you to create a signed tag pointing to
Ard's tag, and we'd have had the signature chain that way. Although
I'm not even sure the commit signature code has then ever been tested
with that kind of odd situation.
But that might have technically been the best way of doing things
(kind of like sign-offs on commits when forwarding them in email), but
I don't think it really matters.
I just mentioned this odd tag forwarding in the merge commit instead.
It all looks fine, it's just a bit unusual.
Linus
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] efi/urgent for v5.9-rc6
2020-09-20 22:25 ` Linus Torvalds
@ 2020-09-20 22:38 ` Borislav Petkov
0 siblings, 0 replies; 4+ messages in thread
From: Borislav Petkov @ 2020-09-20 22:38 UTC (permalink / raw)
To: Linus Torvalds; +Cc: Ard Biesheuvel, x86-ml, lkml
On Sun, Sep 20, 2020 at 03:25:12PM -0700, Linus Torvalds wrote:
> On Sun, Sep 20, 2020 at 12:33 PM Borislav Petkov <bp@suse.de> wrote:
> >
> > I'm simply forwarding Ard's tag, I hope that's ok.
>
> That's ok, although it shows perhaps a weakness in our model.
>
> Git actually would have allowed you to create a signed tag pointing to
> Ard's tag, and we'd have had the signature chain that way. Although
> I'm not even sure the commit signature code has then ever been tested
> with that kind of odd situation.
I just tried to sign the local version of the efi/urgent branch I had
which had Ard's tag ontop, using latest git 2.28.0. It worked and in
gitk, when clicking on the tag - it says "2 tags... " by the way -
shows, see '*' at the end of mail. I.e., two tags signing the same
object.
And tglx has done this with the previous efi/urgent pull, see '**'
below. Both tagging the same object and with two tag messages. Me being
lazy thought that since Ard has already written one, why should I even
try... :-)
> But that might have technically been the best way of doing things
> (kind of like sign-offs on commits when forwarding them in email), but
> I don't think it really matters.
I can do that if you prefer - it is trivial. Ard's stuff goes through
tip so we will have to forward tags soon again.
> I just mentioned this odd tag forwarding in the merge commit instead.
> It all looks fine, it's just a bit unusual.
Yeah, I thought I should ask because I don't remember seeing something
like that being done before.
Thx.
*
---
Tag: efi-urgent-for-v5.9-rc5
object 46908326c6b801201f1e46f5ed0db6e85bef74ae
type commit
tag efi-urgent-for-v5.9-rc5
tagger Ard Biesheuvel <ardb@kernel.org> 1600260469 +0300
Single EFI fix for v5.9-rc:
- ensure that the EFI bootloader control module only probes successfully
on systems that support the EFI SetVariable runtime service
-----BEGIN PGP SIGNATURE-----
...
-----END PGP SIGNATURE-----
Tag: efi_tag_signed_by_me
object 46908326c6b801201f1e46f5ed0db6e85bef74ae
type commit
tag efi_tag_signed_by_me
tagger Borislav Petkov <bp@suse.de> 1600640988 +0200
Test tag signing
-----BEGIN PGP SIGNATURE-----
...
-----END PGP SIGNATURE-----
**
---
Tag: efi-urgent-2020-08-23
object fb1201aececc59990b75ef59fca93ae4aa1e1444
type commit
tag efi-urgent-2020-08-23
tagger Thomas Gleixner <tglx@linutronix.de> 1598170304 +0200
A set of EFI fixes:
- Enforce NX on RO data in mixed EFI mode
- Destroy workqueue in an error handling path to prevent UAF
- Stop argument parser at '--' which is the delimiter for init
- Treat a NULL command line pointer as empty instead of dereferncing it
unconditionally.
- Handle an unterminated command line correctly
- Cleanup the 32bit code leftovers and remove obsolete documentation
-----BEGIN PGP SIGNATURE-----
...
-----END PGP SIGNATURE-----
Tag: efi-urgent-for-v5.9-rc1
object fb1201aececc59990b75ef59fca93ae4aa1e1444
type commit
tag efi-urgent-for-v5.9-rc1
tagger Ard Biesheuvel <ardb@kernel.org> 1597915176 +0200
EFI fixes for v5.9-rc1:
- Some followup fixes for the UV1 and EFI old_map removal
- EFI stub command line fixes from Arvind
- Stop mapping the kernel's .rodata executable in the mixed mode EFI page tables
- Add missing cleanup on the efisubsys_init() error path
-----BEGIN PGP SIGNATURE-----
...
-----END PGP SIGNATURE-----
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] efi/urgent for v5.9-rc6
2020-09-20 19:33 [GIT PULL] efi/urgent for v5.9-rc6 Borislav Petkov
2020-09-20 22:25 ` Linus Torvalds
@ 2020-09-20 22:40 ` pr-tracker-bot
1 sibling, 0 replies; 4+ messages in thread
From: pr-tracker-bot @ 2020-09-20 22:40 UTC (permalink / raw)
To: Borislav Petkov; +Cc: Linus Torvalds, Ard Biesheuvel, x86-ml, lkml
The pull request you sent on Sun, 20 Sep 2020 21:33:12 +0200:
> git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/efi-urgent-for-v5.9-rc5
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/5674d81c21d47e12c2def2df7360ef2dbca108e6
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-09-20 22:40 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-20 19:33 [GIT PULL] efi/urgent for v5.9-rc6 Borislav Petkov
2020-09-20 22:25 ` Linus Torvalds
2020-09-20 22:38 ` Borislav Petkov
2020-09-20 22:40 ` pr-tracker-bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).