kernel-packages team mailing list archive

Thread
Date

[Bug 1223195] Re: efivarfs built as a module in saucy, so not mounted at boot

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1223195@xxxxxxxxxxxxxxxxxx>
Date: Wed, 11 Sep 2013 04:11:04 -0000
Reply-to: Bug 1223195 <1223195@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package linux - 3.11.0-7.13

---------------
linux (3.11.0-7.13) saucy; urgency=low

  * Release tracker
    - LP: #1223545

  [ Andy Whitcroft ]

  * SAUCE: (no-up) scsi: add scsi device flag to request VPD pages be used at SPC-2
    - LP: #1223499
  * SAUCE: (no-up) scsi: add scsi device flag to request READ CAPACITY (16) be preferred
    - LP: #1223499
  * SAUCE: (no-up) scsi: hyper-v storage -- mark as VPD capable at SPC-2
    - LP: #1223499
  * SAUCE: (no-up) scsi: hyper-v storage -- mark as preferring READ CAPACITY (16) at SPC-2
    - LP: #1223499

  [ Maximiliano Curia ]

  * SAUCE: (no-up) Only let characters through when there are active readers.
    - LP: #1208740

  [ Tim Gardner ]

  * [Debian] getabis: Commit new ABI directory, remove the old
  * [Config] CONFIG_EFIVAR_FS=y
    - LP: #1223195
  * [Config] CONFIG_EFI_VARS_PSTORE=m,
    CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE=n
  * SAUCE: (no-up) USB: input: cm109.c: Convert high volume dev_err() to dev_err_ratelimited()
    - LP: #1222850

  [ Upstream Kernel Changes ]

  * Intel xhci: refactor EHCI/xHCI port switching
    - LP: #1210858
 -- Tim Gardner <tim.gardner@xxxxxxxxxxxxx>   Tue, 10 Sep 2013 09:00:19 -0600

** Changed in: linux (Ubuntu Saucy)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1223195

Title:
  efivarfs built as a module in saucy, so not mounted at boot

Status in “linux” package in Ubuntu:
  Fix Released
Status in “linux” source package in Saucy:
  Fix Released

Bug description:
  The efivarfs driver in the saucy amd64 kernel is built as a module
  instead of being built in. As a consequence, when mountall checks
  /proc/filesystems to see what optional filesystems are supported, it
  doesn't find efivarfs there and efivarfs is never mounted at boot.
  This in turn means that secureboot-db will not be able to apply
  secureboot database updates to firmware, potentially leaving systems
  vulnerable to boot exploits.

  This used to all work in raring and earlier, where efivarfs was built
  into the kernel (which was the only option).  Please fix the config to
  make efivarfs built-in again (CONFIG_EFIVARFS=y).

  For reference, please note that any kernel filesystem that mountall
  has flagged as "optional" in /lib/init/fstab must be a built-in driver
  in order to get the correct results.  In addition to efivarfs, this
  includes debugfs, securityfs, spufs, binfmt_misc, and fusectl.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1223195/+subscriptions

References

[Bug 1223195] [NEW] efivarfs built as a module in saucy, so not mounted at boot
From: Steve Langasek, 2013-09-10