Matt Fleming wrote:
> - grub_memcpy (params, &lh, 2 * 512);
> + grub_memcpy (params, (grub_uint8_t *)&lh[512], 512);
It would appear this change is wrong and params needs to be changed to params
+ 512 or something similar.
David
On Mon, 23 Jan, at 10:11:43PM, David Howells wrote:
> Matt Fleming wrote:
>
> > > (4) extract_kernel() calls sanitize_boot_params() which would otherwise
> > > clear
> > > the secure-boot flag.
> >
> > The ->sentinel flag should be clear (because you zero'd boot_params on
> > alloc), so
Matt Fleming wrote:
> > (4) extract_kernel() calls sanitize_boot_params() which would otherwise
> > clear
> > the secure-boot flag.
>
> The ->sentinel flag should be clear (because you zero'd boot_params on
> alloc), so the code inside of sanitize_boot_params() should never
> trigger for
On Mon, 16 Jan, at 03:39:18PM, David Howells wrote:
> Matt Fleming wrote:
>
> > On Wed, 11 Jan, at 03:27:23PM, David Howells wrote:
> > > Matt Fleming wrote:
> > >
> > > > > + movb$0, BP_secure_boot(%rsi)
> > > > > #ifdef CONFIG_EFI_STUB
> > > > > /*
> > > > >* The entry
Hi Matt, Ard,
Any further thoughts?
Thanks,
David
Matt Fleming wrote:
> On Wed, 11 Jan, at 03:27:23PM, David Howells wrote:
> > Matt Fleming wrote:
> >
> > > > + movb$0, BP_secure_boot(%rsi)
> > > > #ifdef CONFIG_EFI_STUB
> > > > /*
> > > > * The entry point for the PE/COFF executable is efi_pe_entry,
> > > > so
>
(Cc'ing Peter A. and Peter J. for boot params discussion)
On Wed, 11 Jan, at 03:27:23PM, David Howells wrote:
> Matt Fleming wrote:
>
> > > + movb$0, BP_secure_boot(%rsi)
> > > #ifdef CONFIG_EFI_STUB
> > > /*
> > >* The entry point for the PE/COFF executable is efi_pe_entry, so
> >
>
Matt Fleming wrote:
> > + movb$0, BP_secure_boot(%rsi)
> > #ifdef CONFIG_EFI_STUB
> > /*
> > * The entry point for the PE/COFF executable is efi_pe_entry, so
>
> Is clearing ::secure_boot really necessary? Any code path that goes
> via efi_main() will set it correctly and all oth
On Thu, 08 Dec, at 12:30:45PM, David Howells wrote:
> Get the firmware's secure-boot status in the kernel boot wrapper and stash
> it somewhere that the main kernel image can find.
>
> The efi_get_secureboot() function is extracted from the arm stub and (a)
> generalised so that it can be called f
Get the firmware's secure-boot status in the kernel boot wrapper and stash
it somewhere that the main kernel image can find.
The efi_get_secureboot() function is extracted from the arm stub and (a)
generalised so that it can be called from x86 and (b) made to use
efi_call_runtime() so that it can
10 matches
Mail list logo
