aboutsummaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorAlex Bennée <alex.bennee@linaro.org>2022-01-05 13:49:56 +0000
committerAlex Bennée <alex.bennee@linaro.org>2022-01-18 16:42:42 +0000
commit33973e1e1f88b7588fe9629645e279ff2c6ca1c4 (patch)
treebddb1128cb4c4346513d2744a5fc413b02bce852 /include
parent7bef20d72985c5da4082d198ad175715272cd50c (diff)
downloadqemu-33973e1e1f88b7588fe9629645e279ff2c6ca1c4.zip
qemu-33973e1e1f88b7588fe9629645e279ff2c6ca1c4.tar.gz
qemu-33973e1e1f88b7588fe9629645e279ff2c6ca1c4.tar.bz2
hw/arm: add control knob to disable kaslr_seed via DTB
Generally a guest needs an external source of randomness to properly enable things like address space randomisation. However in a trusted boot environment where the firmware will cryptographically verify components having random data in the DTB will cause verification to fail. Add a control knob so we can prevent this being added to the system DTB. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Message-Id: <20220105135009.1584676-22-alex.bennee@linaro.org>
Diffstat (limited to 'include')
-rw-r--r--include/hw/arm/virt.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h
index dc6b66f..be05346 100644
--- a/include/hw/arm/virt.h
+++ b/include/hw/arm/virt.h
@@ -148,6 +148,7 @@ struct VirtMachineState {
bool virt;
bool ras;
bool mte;
+ bool dtb_kaslr_seed;
OnOffAuto acpi;
VirtGICType gic_version;
VirtIOMMUType iommu;