ACK: [PATCH] UBUNTU: SAUCE: (efi-lockdown) efi: ignore efivar_ssdt cmdline parameter when locked down

[Seth Forshee]

On Sun, Jun 14, 2020 at 11:55:24PM -0600, Jason A. Donenfeld wrote:
> Sorry, I guess I should have prefixed the subject with "[SRU][B]",
> though I don't know if there are additional subtitles and tags beyond
> those ones. You'll probably also want to look whether this applies to
> the other kernels; I was only concerned with Bionic in my brief
> investigation. Should be easy enough to open up
> drivers/firmware/efi/efi.c and see if efivar_ssdt_setup has anything
> about lockdown at the top of the function.

The patch looks good to me.

Acked-by: Seth Forshee <seth.forshee at canonical.com>

I'm having a look at our other kernel trees to see which might need a
similar patch. The lockdown patches have been evolving for a number of
years now, and it looks like we missed flagging this addition to later
versions as something which needed to be backported.

Seth