EFI Security Improvements & More For Linux 4.6
One of the big EFI changes for Linux 4.6 that was already delayed twice before is using separate EFI page tables when executing EFI firmware code, which is done in order to isolate the EFI context from the rest of the kernel. This obviously is a big help from a security perspective.
Linux 4.6 also will now run regular UEFI firmware with interrupts enabled, has various x86 EFI improvements, and also has various ARM64/AArch64 EFI improvements.
The full listing of EFI changes for the Linux 4.6 merge window can be found via this pull request.