[linux] 04/04: Complete forward-porting of "arm64: add kernel config option to set securelevel ..."
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Wed Apr 19 23:53:33 UTC 2017
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch master
in repository linux.
commit d85c3a332d728c7adff8c40aef5cd65bada5f24c
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Thu Apr 20 00:51:24 2017 +0100
Complete forward-porting of "arm64: add kernel config option to set securelevel ..."
efi_get_secureboot() now returns one of three enumerated values, not
a boolean. We need to either redefine the DT property the same way
(risky unless we also rename it) or squash them into a boolean.
Do the latter.
---
...arm64-add-kernel-config-option-to-set-securelevel-wh.patch | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch b/debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch
index 30403f3..10812f2 100644
--- a/debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch
+++ b/debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch
@@ -12,6 +12,8 @@ kernel using the FDT.
Signed-off-by: Linn Crosetto <linn at hpe.com>
[bwh: Forward-ported to 4.10: adjust context]
[Lukas Wunner: Forward-ported to 4.11: drop parts applied upstream]
+[bwh: Forward-ported to 4.11: convert result of efi_get_secureboot() to a
+ boolean]
---
v2:
@@ -28,7 +30,7 @@ v2:
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
-@@ -990,6 +990,19 @@ config EFI
+@@ -1033,6 +1033,19 @@ config EFI
allow the kernel to be booted as an EFI application. This
is only useful on systems that have UEFI firmware.
@@ -73,7 +75,7 @@ v2:
return;
--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
-@@ -612,7 +612,8 @@ static __initdata struct params fdt_para
+@@ -613,7 +613,8 @@ static __initdata struct params fdt_para
UEFI_PARAM("MemMap Address", "linux,uefi-mmap-start", mmap),
UEFI_PARAM("MemMap Size", "linux,uefi-mmap-size", mmap_size),
UEFI_PARAM("MemMap Desc. Size", "linux,uefi-mmap-desc-size", desc_size),
@@ -85,12 +87,13 @@ v2:
static __initdata struct params xen_fdt_params[] = {
--- a/drivers/firmware/efi/libstub/fdt.c
+++ b/drivers/firmware/efi/libstub/fdt.c
-@@ -134,6 +134,13 @@ static efi_status_t update_fdt(efi_syste
+@@ -134,6 +134,14 @@ static efi_status_t update_fdt(efi_syste
return efi_status;
}
}
+
-+ fdt_val32 = cpu_to_fdt32(efi_get_secureboot(sys_table));
++ fdt_val32 = cpu_to_fdt32(efi_get_secureboot(sys_table) !=
++ efi_secureboot_mode_disabled);
+ status = fdt_setprop(fdt, node, "linux,uefi-secure-boot",
+ &fdt_val32, sizeof(fdt_val32));
+ if (status)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list