From patchwork Mon Feb 6 11:22:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93403 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp1660865qgi; Mon, 6 Feb 2017 03:23:38 -0800 (PST) X-Received: by 10.84.214.150 with SMTP id j22mr16764816pli.23.1486380217986; Mon, 06 Feb 2017 03:23:37 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k70si399764pgc.176.2017.02.06.03.23.37; Mon, 06 Feb 2017 03:23:37 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751618AbdBFLXh (ORCPT + 2 others); Mon, 6 Feb 2017 06:23:37 -0500 Received: from mail-wm0-f44.google.com ([74.125.82.44]:38889 "EHLO mail-wm0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751471AbdBFLXg (ORCPT ); Mon, 6 Feb 2017 06:23:36 -0500 Received: by mail-wm0-f44.google.com with SMTP id r141so109547456wmg.1 for ; Mon, 06 Feb 2017 03:23:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=f50C+V6Rh53PANxaU3W8Q8Mj5cA8y8xQWBDW8iX2Uxw=; b=JSoMkk3KX8y40YBgDhHQ57lqiTCdRFvO+x2uQMX4MC3mfzkoCKa9mpiPGx2MfCXkDe 3hEA5o7j/zNWdYKdqVhZvtCktoG76mpiPrcjv9lfa5WgrMA8BwwK5FO7tla+q4+Pn0PY EyZBdVd9ZDiWKA/lgzSQp7yYWTgKkROWvwk2E= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=f50C+V6Rh53PANxaU3W8Q8Mj5cA8y8xQWBDW8iX2Uxw=; b=Lqe9lXUyvzFKExEgnuSIEiA3oS1ue0MuBpoT4dg2vuMvTTTafRsPAV3+AKgszWxtxw fJInkUxtkdmZjMKG7yUywcmfm37TqdTf7erxNHTllktJb6KX84kz5TdQGWUaV8efzw4O HpW8VHcZlfhrerqxOCSaWW5xj69edLpYcyGA87MTZ60RtQnIUDTqhFE991j/9v5VgIKb X3J9HYlAcFT4liMcAJvmGCiX4xduhRvjpz29Sq5hQCikJ6XtOEB4ds4f+T8CbayYwQ1S FPV8HjvUtzr1+gxTpU1+v6iAOBlKBAM8dNmPOf4yjpFAJnDlLAr95wW7jkpemaCWGxPN RAsA== X-Gm-Message-State: AMke39nZ6+iqzwYiFCStwP9vjwLFZIUtuPzD/LedJYzVhQakcvskL2GEmkdYdEn4bnX+qjod X-Received: by 10.28.63.15 with SMTP id m15mr9019571wma.119.1486380215088; Mon, 06 Feb 2017 03:23:35 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id o70sm903698wrc.20.2017.02.06.03.23.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 06 Feb 2017 03:23:34 -0800 (PST) From: Ard Biesheuvel To: matt@codeblueprint.co.uk, Ingo Molnar , Thomas Gleixner , "H . Peter Anvin" Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, Arnd Bergmann , David Howells , Josh Boyer , Lukas Wunner Subject: [GIT PULL 0/7] EFI updates for v4.11 part 2 Date: Mon, 6 Feb 2017 11:22:39 +0000 Message-Id: <1486380166-31868-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org These are patches that were still being discussed when I sent the first pull request last week, but we feel they are now in shape to be merged. Please pull. The following changes since commit a21a300289bb5a582cc96be23446fa35236a6a9a: efi: libstub: Preserve .debug sections after absolute relocation check (2017-01-31 11:47:39 +0000) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next for you to fetch changes up to dfe7b0e7e1ab9dc02d754c7dd11e465be0944603: efi: libstub: Make file I/O chunking x86-specific (2017-02-03 17:01:06 +0000) ---------------------------------------------------------------- Some more EFI changes we've queued up for v4.11: * Changes to the EFI init code to infer from various EFI and shim variables whether secure boot authentication was performed at boot time. (Note that this is the uncontroversial part: I expect some fierce debate about future patches that impose or relax certain restrictions based on this information, but collecting it is useful in itself.) * Disable a x86 specific file I/O chunking workaround on ARM so it does not spuriously trigger build time checks in the ARM decompressor. ---------------------------------------------------------------- Ard Biesheuvel (1): efi: libstub: Make file I/O chunking x86-specific David Howells (5): x86/efi: Allow invocation of arbitrary runtime services arm/efi: Allow invocation of arbitrary runtime services efi: Add SHIM and image security database GUID definitions efi: Get the secure boot status efi: Print the secure boot status in x86 setup_arch() Josh Boyer (1): efi: Disable secure boot if shim is in insecure mode Documentation/x86/zero-page.txt | 2 + arch/arm/include/asm/efi.h | 1 + arch/arm64/include/asm/efi.h | 1 + arch/x86/boot/compressed/eboot.c | 8 +++ arch/x86/boot/compressed/head_32.S | 6 +- arch/x86/boot/compressed/head_64.S | 8 +-- arch/x86/include/asm/efi.h | 5 ++ arch/x86/include/uapi/asm/bootparam.h | 3 +- arch/x86/kernel/asm-offsets.c | 1 + arch/x86/kernel/setup.c | 14 +++++ drivers/firmware/efi/libstub/Makefile | 2 +- drivers/firmware/efi/libstub/arm-stub.c | 63 ++----------------- drivers/firmware/efi/libstub/efi-stub-helper.c | 12 +++- drivers/firmware/efi/libstub/secureboot.c | 86 ++++++++++++++++++++++++++ include/linux/efi.h | 11 ++++ 15 files changed, 156 insertions(+), 67 deletions(-) create mode 100644 drivers/firmware/efi/libstub/secureboot.c -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html