Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S966447AbdCXUkF (ORCPT ); Fri, 24 Mar 2017 16:40:05 -0400 Received: from mail-qk0-f193.google.com ([209.85.220.193]:36167 "EHLO mail-qk0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934439AbdCXUj5 (ORCPT ); Fri, 24 Mar 2017 16:39:57 -0400 MIME-Version: 1.0 In-Reply-To: References: From: Andy Shevchenko Date: Fri, 24 Mar 2017 22:39:55 +0200 Message-ID: Subject: Re: [PATCH v2 0/7] efi: Enhance capsule loader to support signed Quark images To: Jan Kiszka Cc: Matt Fleming , Ard Biesheuvel , linux-efi@vger.kernel.org, Linux Kernel Mailing List , "Bryan O'Donoghue" , Hock Leong Kweh , Borislav Petkov , Sascha Weisenberger Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1682 Lines: 48 On Fri, Mar 24, 2017 at 7:34 PM, Jan Kiszka wrote: > This addresses the review feedback provided on round 1, specifically > - refactored queue to keep the Quark mess in > - only check for CSH on Quark CPUs > - added some smaller cleanups of the capsule loader > - documented capsule header / linked to original code > > See last patch for the background of the series. > > The series has been tested on the Galileo Gen2, to exclude regressions, > with a firmware.cap with AND without security header and the SIMATIC > IOT2040 which requires the header because of its mandatory secure boot. The series looks good to me from code prospective. It's clean and understandable, though I have couple of comments (see related patches). Please, address them. I wasn't able to test it, thus FWIW: Reviewed-by: Andy Shevchenko > > Jan > > Jan Kiszka (7): > efi/capsule: Fix return code on failing kmap/vmap > efi/capsule: Remove pr_debug on ENOMEM or EFAULT > efi/capsule: Clean up pr_err/info messages > efi/capsule: Adjust return type of efi_capsule_setup_info > efi/capsule: Prepare for loading images with security header > efi/capsule: Factor out overloadable efi_capsule_identify_image > efi/capsule: Add support for Quark security header > > arch/x86/platform/efi/quirks.c | 95 ++++++++++++++++++++++++ > drivers/firmware/efi/capsule-loader.c | 136 +++++++++++++++++++--------------- > drivers/firmware/efi/capsule.c | 21 +++++- > include/linux/efi.h | 19 +++++ > 4 files changed, 208 insertions(+), 63 deletions(-) > > -- > 2.10.2 > -- With Best Regards, Andy Shevchenko