** Changed in: linux (Ubuntu Saucy)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1223195
Title:
efivarfs built as a module in saucy, so not mounted at boot
Status in “linux” package in Ubuntu:
Fix Committed
Status in “linux” source package in Saucy:
Fix Committed
Bug description:
The efivarfs driver in the saucy amd64 kernel is built as a module
instead of being built in. As a consequence, when mountall checks
/proc/filesystems to see what optional filesystems are supported, it
doesn't find efivarfs there and efivarfs is never mounted at boot.
This in turn means that secureboot-db will not be able to apply
secureboot database updates to firmware, potentially leaving systems
vulnerable to boot exploits.
This used to all work in raring and earlier, where efivarfs was built
into the kernel (which was the only option). Please fix the config to
make efivarfs built-in again (CONFIG_EFIVARFS=y).
For reference, please note that any kernel filesystem that mountall
has flagged as "optional" in /lib/init/fstab must be a built-in driver
in order to get the correct results. In addition to efivarfs, this
includes debugfs, securityfs, spufs, binfmt_misc, and fusectl.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1223195/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
