diff options
| author | Claudio Carvalho <cclaudio@linux.vnet.ibm.com> | 2016-10-24 01:11:29 -0200 |
|---|---|---|
| committer | Stewart Smith <stewart@linux.vnet.ibm.com> | 2016-10-26 16:07:01 +1100 |
| commit | 253a158663d653e9a4dd8fa0d7ad1a660afa2283 (patch) | |
| tree | b8fc8287fd06d7eaa98ab41718ce06f6ddab09e7 /doc | |
| parent | ee1bbae31c50bdc260a0d3e0eed33114155f0044 (diff) | |
| download | skiboot-253a158663d653e9a4dd8fa0d7ad1a660afa2283.zip skiboot-253a158663d653e9a4dd8fa0d7ad1a660afa2283.tar.gz skiboot-253a158663d653e9a4dd8fa0d7ad1a660afa2283.tar.bz2 | |
libstb/stb.c: ignore the secure mode flag unless forced in NVRAM
For this stage in Trusted Boot development, we are wishing to not
force Secure Mode through the whole firmware boot process, but we
are wanting to be able to test it (classic chicken and egg problem with
build infrastructure).
We disabled secure mode if the secure-enabled devtree property is
read from the device tree *IF* we aren't overriding it through NVRAM.
Seeing as we can only increase (not decrease) what we're checking through
the NVRAM variable, it is safe.
The NVRAM setting is force-secure-mode=true in the ibm,skiboot partition.
However, if you want to force secure mode even if Hostboot has *not* set
the secure-enabled proprety in the device tree, set force-secure-mode
to "always".
There is also a force-trusted-mode NVRAM setting to force trusted mode
even if Hostboot has not enabled it int the device tree.
To indicate to Linux that we haven't gone through the whole firmware
process in secure mode, we replace the 'secure-enabled' property with
'partial-secure-enabled', to indicate that only part of the firmware
boot process has gone through secure mode.
Signed-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>
[stewart@linux.vnet.ibm.com: add NVRAM flag, modify commit message]
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Diffstat (limited to 'doc')
0 files changed, 0 insertions, 0 deletions