On 12.05.2025 21:51, Kevin Lampis wrote: > On Mon, May 12, 2025 at 11:39 AM Jan Beulich <jbeul...@suse.com> wrote: >> >> I can't spot the effect the comment mentions anywhere in this patch. Is the >> description perhaps lacking some detail? It's rather odd after all to see ... >> >> ... such custom token splitting ahead of normal command line handling. > > If the UEFI firmware reports that secure boot mode is enabled then Xen > lockdown mode will always be enabled. > > But we also have a command line argument to enable lockdown mode without > secure > boot. This is the thing that lockdown_init() is looking for. > > It is important to know if we are in lockdown mode or not before parsing any > other arguments. Otherwise there will be a race between parsing potentially > unsafe arguments and finding the lockdown enable argument.
Well, there is an alternative: Require the lockdown argument to be absolutely first. (There are further alternatives, but likely less usable.) Jan
