tree:   https://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git next
head:   2c603650ee23c4596f4852e43ae40e42a0c771e1
commit: 2c603650ee23c4596f4852e43ae40e42a0c771e1 [1/1] x86/xen/efi: Initialize 
UEFI secure boot state during dom0 boot
reproduce:
        # apt-get install sparse
        git checkout 2c603650ee23c4596f4852e43ae40e42a0c771e1
        make ARCH=x86_64 allmodconfig
        make C=1 CF=-D__CHECK_ENDIAN__


sparse warnings: (new ones prefixed by >>)

>> arch/x86/xen/efi.c:133:35: sparse: incorrect type in argument 1 (different 
>> type sizes) @@    expected unsigned short [usertype] *name @@    got ype] 
>> *name @@
   arch/x86/xen/efi.c:133:35:    expected unsigned short [usertype] *name
   arch/x86/xen/efi.c:133:35:    got char *<noident>
   arch/x86/xen/efi.c:143:35: sparse: incorrect type in argument 1 (different 
type sizes) @@    expected unsigned short [usertype] *name @@    got ype] *name 
@@
   arch/x86/xen/efi.c:143:35:    expected unsigned short [usertype] *name
   arch/x86/xen/efi.c:143:35:    got char *<noident>
   arch/x86/xen/efi.c:154:35: sparse: incorrect type in argument 1 (different 
type sizes) @@    expected unsigned short [usertype] *name @@    got ype] *name 
@@
   arch/x86/xen/efi.c:154:35:    expected unsigned short [usertype] *name
   arch/x86/xen/efi.c:154:35:    got char *<noident>

vim +133 arch/x86/xen/efi.c

   117  
   118  /*
   119   * Determine whether we're in secure boot mode.
   120   *
   121   * Please keep the logic in sync with
   122   * drivers/firmware/efi/libstub/secureboot.c:efi_get_secureboot().
   123   */
   124  static enum efi_secureboot_mode xen_efi_get_secureboot(void)
   125  {
   126          static efi_guid_t efi_variable_guid = EFI_GLOBAL_VARIABLE_GUID;
   127          static efi_guid_t shim_guid = EFI_SHIM_LOCK_GUID;
   128          efi_status_t status;
   129          u8 moksbstate, secboot, setupmode;
   130          unsigned long size;
   131  
   132          size = sizeof(secboot);
 > 133          status = efi.get_variable(L"SecureBoot", &efi_variable_guid,
   134                                    NULL, &size, &secboot);
   135  
   136          if (status == EFI_NOT_FOUND)
   137                  return efi_secureboot_mode_disabled;
   138  
   139          if (status != EFI_SUCCESS)
   140                  goto out_efi_err;
   141  
   142          size = sizeof(setupmode);
   143          status = efi.get_variable(L"SetupMode", &efi_variable_guid,
   144                                    NULL, &size, &setupmode);
   145  
   146          if (status != EFI_SUCCESS)
   147                  goto out_efi_err;
   148  
   149          if (secboot == 0 || setupmode == 1)
   150                  return efi_secureboot_mode_disabled;
   151  
   152          /* See if a user has put the shim into insecure mode. */
   153          size = sizeof(moksbstate);
   154          status = efi.get_variable(L"MokSBStateRT", &shim_guid,
   155                                    NULL, &size, &moksbstate);
   156  
   157          /* If it fails, we don't care why. Default to secure. */
   158          if (status != EFI_SUCCESS)
   159                  goto secure_boot_enabled;
   160  
   161          if (moksbstate == 1)
   162                  return efi_secureboot_mode_disabled;
   163  
   164   secure_boot_enabled:
   165          pr_info("UEFI Secure Boot is enabled.\n");
   166          return efi_secureboot_mode_enabled;
   167  
   168   out_efi_err:
   169          pr_err("Could not determine UEFI Secure Boot status.\n");
   170          return efi_secureboot_mode_unknown;
   171  }
   172  

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to