mirror of
https://github.com/torvalds/linux.git
synced 2026-04-18 06:44:00 -04:00
7caedbb5ad
security/integrity/secure_boot.c contains a single __weak function,
which breaks recordmcount when building with clang:
$ make -skj"$(nproc)" ARCH=powerpc LLVM=1 ppc64_defconfig security/integrity/secure_boot.o
Cannot find symbol for section 2: .text.
security/integrity/secure_boot.o: failed
Introduce a Kconfig symbol, CONFIG_HAVE_ARCH_GET_SECUREBOOT, to indicate
that an architecture provides a definition of arch_get_secureboot().
Provide a static inline stub when this symbol is not defined to achieve
the same effect as the __weak function, allowing secure_boot.c to be
removed altogether. Move the s390 definition of arch_get_secureboot()
out of the CONFIG_KEXEC_FILE block to ensure it is always available, as
it does not actually depend on KEXEC_FILE.
Reported-by: Arnd Bergmann <arnd@arndb.de>
Fixes: 31a6a07eef ("integrity: Make arch_ima_get_secureboot integrity-wide")
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
24 lines
527 B
C
24 lines
527 B
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
/*
|
|
* Copyright (C) 2026 Red Hat, Inc. All Rights Reserved.
|
|
*
|
|
* Author: Coiby Xu <coxu@redhat.com>
|
|
*/
|
|
|
|
#ifndef _LINUX_SECURE_BOOT_H
|
|
#define _LINUX_SECURE_BOOT_H
|
|
|
|
#include <linux/types.h>
|
|
|
|
#ifdef CONFIG_HAVE_ARCH_GET_SECUREBOOT
|
|
/*
|
|
* Returns true if the platform secure boot is enabled.
|
|
* Returns false if disabled or not supported.
|
|
*/
|
|
bool arch_get_secureboot(void);
|
|
#else
|
|
static inline bool arch_get_secureboot(void) { return false; }
|
|
#endif
|
|
|
|
#endif /* _LINUX_SECURE_BOOT_H */
|