Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp235868yba; Fri, 5 Apr 2019 05:48:48 -0700 (PDT) X-Google-Smtp-Source: APXvYqziyCmyMpv2PGAcQcleRNstYbgwq/v0vpaqgi9KXNMgalHZh/gMQQsRg94bKonNN0cBrfVg X-Received: by 2002:a62:209c:: with SMTP id m28mr11971809pfj.233.1554468528395; Fri, 05 Apr 2019 05:48:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554468528; cv=none; d=google.com; s=arc-20160816; b=rql4tkofQQ9uZIN0mHm2Q7nSI34ITLui2OWOz43RwgF03ErdHkjDTqFxV2cd4wulWw 7HUVQeMr20kGFrm/bBKlNKuMwzGDBfVJOYOKe4Hizfr/5XH3vlFAuWlOwcfp2UY0qs3l BT3YZtt6Quml1A9pvreKT5y8U70SkHYlP1hTGhFNU17AqypNdfmtSwUtHCRf2tuMsCuM Hg0+UqzLSS0zhlf77VuSTCS6N/L/hBTMDudeK4EKGNF4FYdNJjWos0kUVoFiVFBUPH2m PHaR4MbKUO9P49TB0vuJQLqEs/ULk2cxNOcNpz/+Q/+a7QCvHswebNSniZTU80eoSTFP b4Jw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date; bh=9YthCWku20CcII+tS21JDsS4wF37rvJbXBwusmP0EZ4=; b=U2dzsLes6ZGKdHXrwW4Oeod0wOF2TqHDEmhZMyLdx6WjDJTDLK4adLoQ6ZVcaTXVmZ fkey2L5v8UX4UwFRwwqntsFAXIi1AcFQ3GmVLt8WEyN5S7HljVrNOH1VYw/TNYIQSEt8 JN1OI8LRhbjQ53TljiEt5tPlyYwahBA1OhU14K2Lxa+SbGRYhHF+tfCjlMll42x/jOJM ns/NPlw5wJMe26YB3lt2FBPH4dcFzHo/1hAM0353GWeIvV9lHF7pKEQvsQ3XCEaeHVO8 Wk3hlkcWchM+8PCc36yqqYAscfYEYZMaUc9Oh5HszW74/GhWg5CJlZXSnZf6QSMnPQ1X oBJg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a14si19004475pgd.176.2019.04.05.05.48.33; Fri, 05 Apr 2019 05:48:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730650AbfDEMry (ORCPT + 99 others); Fri, 5 Apr 2019 08:47:54 -0400 Received: from mx2.suse.de ([195.135.220.15]:58556 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726202AbfDEMry (ORCPT ); Fri, 5 Apr 2019 08:47:54 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id D7E51AD2C; Fri, 5 Apr 2019 12:47:52 +0000 (UTC) Date: Fri, 5 Apr 2019 14:47:51 +0200 From: Petr Vorel To: Mimi Zohar Cc: linux-integrity@vger.kernel.org, linux-kselftest@vger.kernel.org, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, Dave Young , Matthew Garrett Subject: Re: [PATCH] selftests/kexec: update get_secureboot_mode Message-ID: <20190405124751.GA26595@dell5510> Reply-To: Petr Vorel References: <1553607257-18906-1-git-send-email-zohar@linux.ibm.com> <1554300369.7309.59.camel@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1554300369.7309.59.camel@linux.ibm.com> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Mimi, Reviewed-by: Petr Vorel Some minor comments below. ... > diff --git a/tools/testing/selftests/kexec/kexec_common_lib.sh b/tools/testing/selftests/kexec/kexec_common_lib.sh ... > # Check efivar SecureBoot-$(the UUID) and SetupMode-$(the UUID). > +# (Based on kdump-lib.sh) > +get_efivarfs_secureboot_mode() > +{ > + local efivarfs="/sys/firmware/efi/efivars" > + local secure_boot_file="" > + local setup_mode_file="" > + local secureboot_mode=0 > + local setup_mode=0 NOTE: variables does not need to be initialized (in both functions). > + > + # Make sure that efivar_fs is mounted in the normal location > + if ! grep -q "^\S\+ $efivarfs efivarfs" /proc/mounts; then > + log_info "efivars is not mounted on $efivarfs" > + return 0; > + fi > + secure_boot_file=$(find "$efivarfs" -name SecureBoot-* 2>/dev/null) > + setup_mode_file=$(find "$efivarfs" -name SetupMode-* 2>/dev/null) > + if [ -f "$secure_boot_file" ] && [ -f "$setup_mode_file" ]; then > + secureboot_mode=$(hexdump -v -e '/1 "%d\ "' \ > + "$secure_boot_file"|cut -d' ' -f 5) > + setup_mode=$(hexdump -v -e '/1 "%d\ "' \ > + "$setup_mode_file"|cut -d' ' -f 5) > + > + if [ $secureboot_mode -eq 1 ] && [ $setup_mode -eq 0 ]; then > + log_info "secure boot mode enabled (efivar_fs)" Instead of efivar_fs maybe CONFIG_EFIVAR_FS or EFIVAR_FS? > + return 1; > + fi > + fi > + return 0; > +} > + > +get_efi_var_secureboot_mode() > +{ > + local efi_vars="/sys/firmware/efi/vars" > + local secure_boot_file="" > + local setup_mode_file="" > + local secureboot_mode=0 > + local setup_mode=0 > + > + if [ ! -d "$efi_vars" ]; then > + log_skip "efi_vars is not enabled\n" > + return 0; Return is not needed (log_skip exits). > + fi > + secure_boot_file=$(find "$efi_vars" -name SecureBoot-* 2>/dev/null) > + setup_mode_file=$(find "$efi_vars" -name SetupMode-* 2>/dev/null) > + if [ -f "$secure_boot_file/data" ] && \ > + [ -f "$setup_mode_file/data" ]; then > + secureboot_mode=`od -An -t u1 "$secure_boot_file/data"` > + setup_mode=`od -An -t u1 "$setup_mode_file/data"` > + > + if [ $secureboot_mode -eq 1 ] && [ $setup_mode -eq 0 ]; then > + log_info "secure boot mode enabled (efi_var)" Instead of efi_var maybe CONFIG_EFI_VARS or EFI_VARS? ... Kind regards, Petr