Thanks for the patch, looks good to me
On Tue, Sep 15, 2020 at 9:21 PM Pingfan Liu <piliu(a)redhat.com> wrote:
On s390, if Secure-IPL is enabled, then "kexec -s -l" is required.
Otherwise kdump kernel can not be loaded.
Signed-off-by: Pingfan Liu <piliu(a)redhat.com>
---
kdump-lib.sh | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/kdump-lib.sh b/kdump-lib.sh
index e18c473..e24f74f 100755
--- a/kdump-lib.sh
+++ b/kdump-lib.sh
@@ -612,6 +612,7 @@ is_secure_boot_enforced()
return 0
fi
+ # Detect secure boot on x86 and arm64
secure_boot_file=$(find /sys/firmware/efi/efivars -name SecureBoot-*
2>/dev/null)
setup_mode_file=$(find /sys/firmware/efi/efivars -name SetupMode-* 2>/dev/null)
@@ -624,6 +625,12 @@ is_secure_boot_enforced()
fi
fi
+ # Detect secure boot on s390x
+ if [[ -e "/sys/firmware/ipl/has_secure" && "$(cat
/sys/firmware/ipl/has_secure)" == "1" \
+ && -e "/sys/firmware/ipl/secure" && "$(cat
/sys/firmware/ipl/secure)" == "1" ]]; then
As suggested by Philipp Rudo, and we've talked off the list, I'll
remove the has_secure check when merge the patch.
+ return 0
+ fi
+
return 1
}
--
2.7.5
Acked-by: Kairui Song <kasong(a)redhat.com>
--
Best Regards,
Kairui Song