e1b77cf7f0
The kdump-config uses files under /sys/firmware/efi/efivars to detect secure boot status. But efivars isn't in use because CONFIG_EFIVAR_FS is not set. We don't want to enable it because when applying the preempt_rt patch to the Linux kernel, EFI variables at runtime are disabled by default due to high latencies (https://www.spinics.net/lists/linux-rt-users/msg19980.html). So change to use /sys/kernel/security/lockdown to detect secure boot status because it is set to 'integrity' in the debian patch [efi: Lock down the kernel if booted in secure boot mode] which is in use by us. Test Plan: PASS: Run "sudo kdump-config reload" on target successfully. PASS: Can generate vmcore files in /var/log/crash after kernel panic. PASS: Above tests are done with both secure boot enabled and disabled. Story: 2009221 Task: 46644 Signed-off-by: Li Zhou <li.zhou@windriver.com> Change-Id: I4c305ef49af6da84a7558d1fce6bbb19b8569401 |
||
---|---|---|
.. | ||
0001-kdump-tools-add-vmlinuz-and-initrd.img-soft-link.patch | ||
0002-kdump-tools-adapt-check_secure_boot-checking.patch | ||
series |