diff options
Diffstat (limited to '0001-efi-libstub-Treat-missing-SecureBoot-variable-as-Sec.patch')
-rw-r--r-- | 0001-efi-libstub-Treat-missing-SecureBoot-variable-as-Sec.patch | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/0001-efi-libstub-Treat-missing-SecureBoot-variable-as-Sec.patch b/0001-efi-libstub-Treat-missing-SecureBoot-variable-as-Sec.patch deleted file mode 100644 index 3bbdac708..000000000 --- a/0001-efi-libstub-Treat-missing-SecureBoot-variable-as-Sec.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 52e51f16407b7b34e26affb500a21e250d9fce0b Mon Sep 17 00:00:00 2001 -From: Ard Biesheuvel <ard.biesheuvel@linaro.org> -Date: Wed, 1 Mar 2017 19:04:35 +0000 -Subject: [PATCH] efi/libstub: Treat missing SecureBoot variable as Secure Boot - disabled - -The newly refactored code that infers the firmware's Secure Boot state -prints the following error when the EFI variable 'SecureBoot' does not -exist: - - EFI stub: ERROR: Could not determine UEFI Secure Boot status. - -However, this variable is only guaranteed to be defined on a system that -is Secure Boot capable to begin with, and so it is not an error if it is -missing. So report Secure Boot as being disabled in this case, without -printing any error messages. - -Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> -Cc: Linus Torvalds <torvalds@linux-foundation.org> -Cc: Matt Fleming <matt@codeblueprint.co.uk> -Cc: Peter Zijlstra <peterz@infradead.org> -Cc: Thomas Gleixner <tglx@linutronix.de> -Cc: linux-efi@vger.kernel.org -Link: http://lkml.kernel.org/r/1488395076-29712-2-git-send-email-ard.biesheuvel@linaro.org -Signed-off-by: Ingo Molnar <mingo@kernel.org> ---- - drivers/firmware/efi/libstub/secureboot.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/drivers/firmware/efi/libstub/secureboot.c b/drivers/firmware/efi/libstub/secureboot.c -index 6def402..5da36e5 100644 ---- a/drivers/firmware/efi/libstub/secureboot.c -+++ b/drivers/firmware/efi/libstub/secureboot.c -@@ -45,6 +45,8 @@ enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table_arg) - size = sizeof(secboot); - status = get_efi_var(efi_SecureBoot_name, &efi_variable_guid, - NULL, &size, &secboot); -+ if (status == EFI_NOT_FOUND) -+ goto secure_boot_disabled; - if (status != EFI_SUCCESS) - goto out_efi_err; - -@@ -78,7 +80,5 @@ enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table_arg) - - out_efi_err: - pr_efi_err(sys_table_arg, "Could not determine UEFI Secure Boot status.\n"); -- if (status == EFI_NOT_FOUND) -- goto secure_boot_disabled; - return efi_secureboot_mode_unknown; - } --- -2.9.3 - |