RE: [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Aditya Garg
> Sent: 09 February 2022 14:28
> 
> On T2 Macs, the secure boot is handled by the T2 Chip. If enabled, only
> macOS and Windows are allowed to boot on these machines. Thus we need to
> disable secure boot for Linux. If we boot into Linux after disabling
> secure boot, if CONFIG_LOAD_UEFI_KEYS is enabled, EFI Runtime services
> fail to start, with the following logs in dmesg
> 
..
> +static const struct dmi_system_id uefi_apple_ignore[] = {
> +	{
> +		 .matches = {
> +			DMI_MATCH(DMI_BOARD_VENDOR, "Apple Inc."),
> +			DMI_MATCH(DMI_PRODUCT_NAME, "MacBookPro15,1"),
> +		},

I think I'd use:
#define xxx(vendor, product) \
		 .matches = {
			DMI_MATCH(DMI_BOARD_VENDOR, vendor), \
			DMI_MATCH(DMI_PRODUCT_NAME, product), \
		}
somewhere with a suitable name (bikeshed blue) to reduce
the code size of this table.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux