diff options
Diffstat (limited to 'MODSIGN-Don-t-try-secure-boot-if-EFI-runtime-is-disa.patch')
| -rw-r--r-- | MODSIGN-Don-t-try-secure-boot-if-EFI-runtime-is-disa.patch | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/MODSIGN-Don-t-try-secure-boot-if-EFI-runtime-is-disa.patch b/MODSIGN-Don-t-try-secure-boot-if-EFI-runtime-is-disa.patch deleted file mode 100644 index 6f5d8b6ab..000000000 --- a/MODSIGN-Don-t-try-secure-boot-if-EFI-runtime-is-disa.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 71db1b222ecdf6cb4356f6f1e2bd45cd2f0e85e1 Mon Sep 17 00:00:00 2001 -From: Laura Abbott <labbott@redhat.com> -Date: Tue, 18 Oct 2016 13:58:44 -0700 -Subject: [PATCH] MODSIGN: Don't try secure boot if EFI runtime is disabled - -Secure boot depends on having EFI runtime variable access. The code -does not handle a lack of runtime variables gracefully. Add a check -to just bail out of EFI runtime is disabled. - -Signed-off-by: Laura Abbott <labbott@redhat.com> ---- - kernel/modsign_uefi.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/kernel/modsign_uefi.c b/kernel/modsign_uefi.c -index a41da14..2bdaf76 100644 ---- a/kernel/modsign_uefi.c -+++ b/kernel/modsign_uefi.c -@@ -71,6 +71,10 @@ static int __init load_uefi_certs(void) - if (!efi_enabled(EFI_SECURE_BOOT)) - return 0; - -+ /* Things blow up if efi runtime is disabled */ -+ if (efi_runtime_disabled()) -+ return 0; -+ - keyring = get_system_keyring(); - if (!keyring) { - pr_err("MODSIGN: Couldn't get system keyring\n"); --- -2.7.4 - |