Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752581AbcCVVru (ORCPT <rfc822;w@1wt.eu>);
	Tue, 22 Mar 2016 17:47:50 -0400
Received: from AUSXIPPC110.us.dell.com ([143.166.85.200]:39013 "EHLO
	ausxippc110.us.dell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751325AbcCVVrq (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 22 Mar 2016 17:47:46 -0400
X-Greylist: delayed 586 seconds by postgrey-1.27 at vger.kernel.org; Tue, 22 Mar 2016 17:47:46 EDT
DomainKey-Signature: s=smtpout; d=dell.com; c=nofws; q=dns;
  h=X-LoopCount0:X-IronPort-AV:From:To:Cc:Subject:Date:
   Message-Id:X-Mailer;
  b=KVvINPSp55PDcca/30Vct7rpXM9bahFPymXqZ0nbe53HbB3V1Fu84qi2
   D3eKF3btB7sy3aBx7isVB4q+bGzQCdvznMkNdvbifrglpkm56exMUhXg8
   WrCEQhycdJf+vSBgf1LlmAhclGlvsBUiObPMx80WRsh88CLtFMQIw6Pjn
   4=;
X-LoopCount0: from 10.209.151.17
X-IronPort-AV: E=Sophos;i="5.24,379,1454997600"; 
   d="scan'208";a="289709650"
From: Mario Limonciello <mario_limonciello@dell.com>
To: LKML <linux-kernel@vger.kernel.org>
Cc: matt@codeblueprint.co.uk, mjg59@coreos.com, pjones@redhat.com,
        Mario Limonciello <mario_limonciello@dell.com>
Subject: [PATCH] Add fwupdate and Mok GUID's to the EFI variable immutable whitelist
Date: Tue, 22 Mar 2016 16:37:33 -0500
Message-Id: <1458682653-25831-1-git-send-email-mario_limonciello@dell.com>
X-Mailer: git-send-email 1.9.1
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1464
Lines: 42

ed8b0de5a33d2a2557dce7f9429dca8cb5bc5879 caused all variables to be
immutable by default.  This causes problems with userspace applications
mokutil and fwupdate.
---
 drivers/firmware/efi/vars.c | 2 ++
 include/linux/efi.h         | 8 ++++++++
 2 files changed, 10 insertions(+)

diff --git a/drivers/firmware/efi/vars.c b/drivers/firmware/efi/vars.c
index 0ac594c..16bd2a9 100644
--- a/drivers/firmware/efi/vars.c
+++ b/drivers/firmware/efi/vars.c
@@ -199,6 +199,8 @@ static const struct variable_validate variable_validate[] = {
 	{ EFI_GLOBAL_VARIABLE_GUID, "PlatformLang", validate_ascii_string },
 	{ EFI_GLOBAL_VARIABLE_GUID, "Timeout", validate_uint16 },
 	{ LINUX_EFI_CRASH_GUID, "*", NULL },
+	{ FWUPDATE_GUID, "fwupdate*", NULL },
+	{ MOK_GUID, "Mok*", NULL },
 	{ NULL_GUID, "", NULL },
 };
 
diff --git a/include/linux/efi.h b/include/linux/efi.h
index 1626474..c882cb0 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -575,6 +575,14 @@ void efi_native_runtime_setup(void);
 	EFI_GUID(0x8be4df61, 0x93ca, 0x11d2, \
 		 0xaa, 0x0d, 0x00, 0xe0, 0x98, 0x03, 0x2b, 0x8c)
 
+#define FWUPDATE_GUID \
+	EFI_GUID(0x0abba7dc, 0xe516, 0x4167, \
+		 0xbb, 0xf5, 0x4d, 0x9d, 0x1c, 0x73, 0x94, 0x16)
+
+#define MOK_GUID \
+	EFI_GUID(0x605dab50, 0xe046, 0x4300, \
+		 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23)
+
 #define UV_SYSTEM_TABLE_GUID \
 	EFI_GUID(0x3b13a7d4, 0x633e, 0x11dd, \
 		 0x93, 0xec, 0xda, 0x25, 0x56, 0xd8, 0x95, 0x93)
-- 
2.7.3