On Fri, Mar 13, 2015 at 11:38:28AM -1000, Matthew Garrett wrote: > UEFI Secure Boot provides a mechanism for ensuring that the firmware will > only load signed bootloaders and kernels. Certain use cases may also > require that the kernel prevent userspace from inserting untrusted kernel > code at runtime. Add a configuration option that enforces this automatically > when enabled. > > Signed-off-by: Matthew Garrett <matthew.garr...@nebula.com> > --- > Documentation/x86/zero-page.txt | 2 ++ > arch/x86/Kconfig | 13 +++++++++++++ > arch/x86/boot/compressed/eboot.c | 33 +++++++++++++++++++++++++++++++++ > arch/x86/include/uapi/asm/bootparam.h | 3 ++- > arch/x86/kernel/setup.c | 6 ++++++ > 5 files changed, 56 insertions(+), 1 deletion(-) > > diff --git a/Documentation/x86/zero-page.txt b/Documentation/x86/zero-page.txt > index 82fbdbc..a811210 100644 > --- a/Documentation/x86/zero-page.txt > +++ b/Documentation/x86/zero-page.txt > @@ -30,6 +30,8 @@ Offset Proto Name Meaning > 1E9/001 ALL eddbuf_entries Number of entries in eddbuf (below) > 1EA/001 ALL edd_mbr_sig_buf_entries Number of entries in > edd_mbr_sig_buffer > (below) > +1EB/001 ALL kbd_status Numlock is enabled
This line looks like it was included by mistake? > +1EC/001 ALL secure_boot Secure boot is enabled in the firmware regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
