This patch series adds support for the GRUB to detect the UEFI Secure Boot
status using the SecureBoot and SetupMode EFI variables. It also reports
this to Linux by setting the .secure_boot field of struct boot_params.
Besides that, it contains some cleanups and fixes mostly around EFI support.
Best regards,
Javier
Daniel Kiper (5):
efi: Make shim_lock GUID and protocol type public
efi: Return grub_efi_status_t from grub_efi_get_variable()
efi: Add a function to read EFI variables with attributes
efi: Add secure boot detection
loader/linux: Report the UEFI Secure Boot status to the Linux kernel
Javier Martinez Canillas (4):
i386: Don't include <grub/cpu/linux.h> in coreboot and ieee1275
startup.S
include/grub/i386/linux.h: Include missing <grub/types.h> header
arm/term: Fix linking error due multiple ps2_state definitions
efi: Only register shim_lock verifier if shim_lock protocol is found
and SB enabled
grub-core/Makefile.am | 1 +
grub-core/Makefile.core.def | 1 +
grub-core/commands/efi/efifwsetup.c | 8 +-
grub-core/commands/efi/shim_lock.c | 28 ++-----
grub-core/kern/efi/efi.c | 30 +++++--
grub-core/kern/efi/sb.c | 109 +++++++++++++++++++++++++
grub-core/kern/i386/coreboot/startup.S | 1 -
grub-core/kern/i386/ieee1275/startup.S | 1 -
grub-core/loader/i386/linux.c | 6 +-
grub-core/term/arm/cros.c | 2 +-
grub-core/term/arm/pl050.c | 2 +-
grub-core/video/efi_gop.c | 2 +-
include/grub/efi/api.h | 19 ++++-
include/grub/efi/efi.h | 12 ++-
include/grub/efi/sb.h | 40 +++++++++
include/grub/i386/linux.h | 10 ++-
16 files changed, 225 insertions(+), 47 deletions(-)
create mode 100644 grub-core/kern/efi/sb.c
create mode 100644 include/grub/efi/sb.h
--
2.28.0
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
