proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-07-27 08:01:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

loader/linux: Report the UEFI Secure Boot status to the Linux kernel

Browse Source 
Now that the GRUB has a grub_efi_get_secureboot() function to check the
UEFI Secure Boot status, use it to report that to the Linux kernel.

Signed-off-by: Ignat Korchagin <ignat@cloudflare.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Marco A Benatto <mbenatto@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Daniel Kiper 2020-12-03 16:01:50 +01:00
parent 132ddc42c7
commit a195dbb677
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
grub-core/loader/i386/linux.c
View File

@ -46,6 +46,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
#ifdef GRUB_MACHINE_EFI #ifdef GRUB_MACHINE_EFI
#include <grub/efi/efi.h> #include <grub/efi/efi.h>
#include <grub/efi/sb.h>
#define HAS_VGA_TEXT 0 #define HAS_VGA_TEXT 0
#define DEFAULT_VIDEO_MODE "auto" #define DEFAULT_VIDEO_MODE "auto"
#define ACCEPTS_PURE_TEXT 0 #define ACCEPTS_PURE_TEXT 0
@ -583,6 +584,9 @@ grub_linux_boot (void)
grub_efi_uintn_t efi_desc_size; grub_efi_uintn_t efi_desc_size;
grub_size_t efi_mmap_target; grub_size_t efi_mmap_target;
grub_efi_uint32_t efi_desc_version; grub_efi_uint32_t efi_desc_version;
ctx.params->secure_boot = grub_efi_get_secureboot ();
err = grub_efi_finish_boot_services (&efi_mmap_size, efi_mmap_buf, NULL, err = grub_efi_finish_boot_services (&efi_mmap_size, efi_mmap_buf, NULL,
&efi_desc_size, &efi_desc_version); &efi_desc_size, &efi_desc_version);
if (err) if (err)
@ -794,7 +798,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
linux_params.code32_start = prot_mode_target + lh.code32_start - GRUB_LINUX_BZIMAGE_ADDR; linux_params.code32_start = prot_mode_target + lh.code32_start - GRUB_LINUX_BZIMAGE_ADDR;
linux_params.kernel_alignment = (1 << align); linux_params.kernel_alignment = (1 << align);
linux_params.ps_mouse = linux_params.padding10 = 0; linux_params.ps_mouse = linux_params.padding11 = 0;
linux_params.type_of_loader = GRUB_LINUX_BOOT_LOADER_TYPE; linux_params.type_of_loader = GRUB_LINUX_BOOT_LOADER_TYPE;
/* These two are used (instead of cmd_line_ptr) by older versions of Linux, /* These two are used (instead of cmd_line_ptr) by older versions of Linux,

8
include/grub/i386/linux.h
View File

@ -277,7 +277,11 @@ struct linux_kernel_params
grub_uint8_t mmap_size; /* 1e8 */ grub_uint8_t mmap_size; /* 1e8 */
grub_uint8_t padding9[0x1f1 - 0x1e9]; grub_uint8_t padding9[0x1ec - 0x1e9];
grub_uint8_t secure_boot; /* 1ec */
grub_uint8_t padding10[0x1f1 - 0x1ed];
/* Linux setup header copy - BEGIN. */ /* Linux setup header copy - BEGIN. */
grub_uint8_t setup_sects; /* The size of the setup in sectors */ grub_uint8_t setup_sects; /* The size of the setup in sectors */
@ -288,7 +292,7 @@ struct linux_kernel_params
grub_uint16_t vid_mode; /* Video mode control */ grub_uint16_t vid_mode; /* Video mode control */
grub_uint16_t root_dev; /* Default root device number */ grub_uint16_t root_dev; /* Default root device number */
grub_uint8_t padding10; /* 1fe */ grub_uint8_t padding11; /* 1fe */
grub_uint8_t ps_mouse; /* 1ff */ grub_uint8_t ps_mouse; /* 1ff */
grub_uint16_t jump; /* Jump instruction */ grub_uint16_t jump; /* Jump instruction */