From patchwork Mon Sep 21 16:28:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "gregkh@linuxfoundation.org" X-Patchwork-Id: 309363 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0D58CC43465 for ; Mon, 21 Sep 2020 16:55:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C626F2076E for ; Mon, 21 Sep 2020 16:55:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600707328; bh=xdeqEMggzB4FvlJF3TTpzHbNj9IqrUdNiNTNJo4ZUfA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=UL6PP7I0nbmQK9N7S5XMyhaifVugf2EeELTHY8aUbN+UMHQVykeLYUq1e8Gy3bWRg Xh+1y/DkJLdyGtS/STKngTQdSNOYY2c1pY6aleoIZWuUWnEDcAgLDAsv4pX6NgaulQ mICMAtZopwigmT4L0aXmALHgk/V1ae+nLwLmV2YA= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729181AbgIUQzR (ORCPT ); Mon, 21 Sep 2020 12:55:17 -0400 Received: from mail.kernel.org ([198.145.29.99]:52020 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727665AbgIUQpx (ORCPT ); Mon, 21 Sep 2020 12:45:53 -0400 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 474BE20874; Mon, 21 Sep 2020 16:45:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600706752; bh=xdeqEMggzB4FvlJF3TTpzHbNj9IqrUdNiNTNJo4ZUfA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=O979cFsWmcFiiAX8J8ddP3eBBXruGgC51G1JkGfI182QGoa8gLSZbybwqHUaeuXxw L/7TJortzon0n0AxiNn7fv8yUSiAas9TGsh6Ht38taoLPTwecx+6CfmZ+HOvxRyVXD iBaBJfaz5KRwssZM/ltx3jvLLp7JUSvYXF1Yqw3k= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Branden Sherrell , Ard Biesheuvel , Sasha Levin Subject: [PATCH 5.8 080/118] efi: efibc: check for efivars write capability Date: Mon, 21 Sep 2020 18:28:12 +0200 Message-Id: <20200921162040.049943315@linuxfoundation.org> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200921162036.324813383@linuxfoundation.org> References: <20200921162036.324813383@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Ard Biesheuvel [ Upstream commit 46908326c6b801201f1e46f5ed0db6e85bef74ae ] Branden reports that commit f88814cc2578c1 ("efi/efivars: Expose RT service availability via efivars abstraction") regresses UEFI platforms that implement GetVariable but not SetVariable when booting kernels that have EFIBC (bootloader control) enabled. The reason is that EFIBC is a user of the efivars abstraction, which was updated to permit users that rely only on the read capability, but not on the write capability. EFIBC is in the latter category, so it has to check explicitly whether efivars supports writes. Fixes: f88814cc2578c1 ("efi/efivars: Expose RT service availability via efivars abstraction") Tested-by: Branden Sherrell Link: https://lore.kernel.org/linux-efi/AE217103-C96F-4AFC-8417-83EC11962004@gmail.com/ Signed-off-by: Ard Biesheuvel Signed-off-by: Sasha Levin --- drivers/firmware/efi/efibc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/firmware/efi/efibc.c b/drivers/firmware/efi/efibc.c index 35dccc88ac0af..15a47539dc563 100644 --- a/drivers/firmware/efi/efibc.c +++ b/drivers/firmware/efi/efibc.c @@ -84,7 +84,7 @@ static int __init efibc_init(void) { int ret; - if (!efi_enabled(EFI_RUNTIME_SERVICES)) + if (!efivars_kobject() || !efivar_supports_writes()) return -ENODEV; ret = register_reboot_notifier(&efibc_reboot_notifier);