summaryrefslogtreecommitdiffstats
path: root/Documentation/x86/zero-page.txt
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2017-02-06 11:22:43 +0000
committerIngo Molnar <mingo@kernel.org>2017-02-07 10:42:10 +0100
commitde8cb458625c164bb3f93c4e415e479afce8fa9d (patch)
tree6da87e0a45c5d1e39bc5f46413123358734d8eba /Documentation/x86/zero-page.txt
parente58910cdc9f43cda2e52fcdf2fddbdc74e80b2f7 (diff)
downloadop-kernel-dev-de8cb458625c164bb3f93c4e415e479afce8fa9d.zip
op-kernel-dev-de8cb458625c164bb3f93c4e415e479afce8fa9d.tar.gz
efi: Get and store the secure boot status
Get the firmware's secure-boot status in the kernel boot wrapper and stash it somewhere that the main kernel image can find. The efi_get_secureboot() function is extracted from the ARM stub and (a) generalised so that it can be called from x86 and (b) made to use efi_call_runtime() so that it can be run in mixed-mode. For x86, it is stored in boot_params and can be overridden by the boot loader or kexec. This allows secure-boot mode to be passed on to a new kernel. Suggested-by: Lukas Wunner <lukas@wunner.de> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Matt Fleming <matt@codeblueprint.co.uk> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-efi@vger.kernel.org Link: http://lkml.kernel.org/r/1486380166-31868-5-git-send-email-ard.biesheuvel@linaro.org [ Small readability edits. ] Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'Documentation/x86/zero-page.txt')
-rw-r--r--Documentation/x86/zero-page.txt2
1 files changed, 2 insertions, 0 deletions
diff --git a/Documentation/x86/zero-page.txt b/Documentation/x86/zero-page.txt
index 95a4d34..b8527c6 100644
--- a/Documentation/x86/zero-page.txt
+++ b/Documentation/x86/zero-page.txt
@@ -31,6 +31,8 @@ Offset Proto Name Meaning
1E9/001 ALL eddbuf_entries Number of entries in eddbuf (below)
1EA/001 ALL edd_mbr_sig_buf_entries Number of entries in edd_mbr_sig_buffer
(below)
+1EB/001 ALL kbd_status Numlock is enabled
+1EC/001 ALL secure_boot Secure boot is enabled in the firmware
1EF/001 ALL sentinel Used to detect broken bootloaders
290/040 ALL edd_mbr_sig_buffer EDD MBR signatures
2D0/A00 ALL e820_map E820 memory map table
OpenPOWER on IntegriCloud