On Fri, 25 Apr, at 05:09:14PM, Leif Lindholm wrote: > From: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > > Loading unauthenticated FDT blobs directly from storage is a security hazard, > so this should only be allowed when running with UEFI Secure Boot disabled. > > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > Signed-off-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> > --- > drivers/firmware/efi/arm-stub.c | 39 +++++++++++++++++++++++++++++++++++---- > 1 file changed, 35 insertions(+), 4 deletions(-) Acked-by: Matt Fleming <matt.fleming@xxxxxxxxx> -- Matt Fleming, Intel Open Source Technology Center -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html