On Wed, Jul 22, 2020 at 03:28:39PM -0400, Gabriel Krisman Bertazi wrote: Hi,
Well, after an analyze on my side, the EFI mode is detected based on the EFI stub, right ? Then the kernel populates the FDT with EFI properties into its own address space (based on what was previously found from the stub). Kexec simply does not preserve the EFI mode at all for arm64, it is only present for x86. With the original debian patch, we suppose that the "secure-boot" property will always be set in the FDT, simply because this information should be found in the EFI stub (unset, disabled, enabled, etc...), so the corresponding FDT property will always have a value and will always be present. So assume that it is always the case is correct, imho. Now, if the EFI stubs informations are not passed to the second stage kernel, either nor "system table" or "secure-boot" or the rest will be found, explaining the issue of the first comment (read the first comment it is "System table" that is not found). We should have a "setup_efi_info" like it is the case in the kexec-tools code base for x86, except we should have something similar for arm64. Regards, Romain
signature.asc
Description: PGP signature
