From: Petr Vorel <pvorel@suse.cz>
To: ltp@lists.linux.it
Subject: [LTP] [PATCH v3 1/2] Add tst_secureboot_enabled() helper function
Date: Thu, 12 Nov 2020 18:43:41 +0100 [thread overview]
Message-ID: <20201112174341.GB29575@pevik> (raw)
In-Reply-To: <2c091ecd-af38-2569-5fd4-a1f3e3458a01@suse.cz>
Hi,
> On 12. 11. 20 15:21, Cyril Hrubis wrote:
> > Hi!
> > I've looked into the library and what it actually does in this case is
> > that it opens a sysfs file and reads a few bytes from there. I guess
> > that we can even avoid linking the library in this case, since we just
> > want to know a value of the single bit in the SecureBoot file.
> > The full path is:
> > /sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c
> Yes, we could read the sysfile directly. But do we want to deal with
> potential compatibility issues and test breakage if the UEFI vars API
> changes in the future? The binary format of those sysfiles is controlled
> by the UEFI Forum, not by kernel devs. The efivars library is available
> on basically all modern distros and we most likely won't do any
> SecureBoot tests on distros that don't have it.
I also don't see a big deal to use the efivars library.
Kind regards,
Petr
next prev parent reply other threads:[~2020-11-12 17:43 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-09 16:46 [LTP] [PATCH v3 1/2] Add tst_secureboot_enabled() helper function Martin Doucha
2020-11-09 16:46 ` [LTP] [PATCH v3 2/2] syscalls/iopl, ioperm: Check for SecureBoot lockdown Martin Doucha
2020-11-10 5:54 ` Li Wang
2020-11-10 8:52 ` Cyril Hrubis
2020-11-10 9:16 ` Li Wang
2020-11-10 10:23 ` Petr Vorel
2020-11-10 11:51 ` Petr Vorel
2020-11-10 11:55 ` Cyril Hrubis
2020-11-10 11:49 ` [LTP] [PATCH v3 1/2] Add tst_secureboot_enabled() helper function Petr Vorel
2020-11-10 11:52 ` Martin Doucha
2020-11-10 12:04 ` Petr Vorel
2020-11-12 14:21 ` Cyril Hrubis
2020-11-12 14:57 ` Martin Doucha
2020-11-12 17:43 ` Petr Vorel [this message]
2020-11-13 6:02 ` Li Wang
2020-11-13 15:24 ` Cyril Hrubis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201112174341.GB29575@pevik \
--to=pvorel@suse.cz \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).