Add IMA arch dependent support for ARM64. Some IMA functions can check arch-specific status before running. For example, the ima_load_data function or the boot param "ima_appraise=" should not be executed when UEFI secure boot is enabled. We want to fill the gap in order to complete the IMA support on ARM64. Chester Lin (6): efistub: pass uefi secureboot flag via fdt params efi/arm: a helper to parse secure boot param in fdt params efi: add secure boot flag efi/arm: check secure boot status in efi init arm64/ima: add ima arch support docs/arm: add the description of uefi-secure-boot param Documentation/arm/uefi.rst | 2 ++ arch/arm64/Kconfig | 1 + arch/arm64/kernel/Makefile | 2 ++ arch/arm64/kernel/ima_arch.c | 37 ++++++++++++++++++++++++++++ drivers/firmware/efi/arm-init.c | 3 +++ drivers/firmware/efi/fdtparams.c | 23 ++++++++++++++++++ drivers/firmware/efi/libstub/fdt.c | 39 +++++++++++++++++++++++++++++- include/linux/efi.h | 2 ++ 8 files changed, 108 insertions(+), 1 deletion(-) create mode 100644 arch/arm64/kernel/ima_arch.c -- 2.26.1
