From 3cd749c99791d43ee929b9401fb14fc6739ce360 Mon Sep 17 00:00:00 2001
From: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Date: Tue, 10 Jul 2018 16:25:32 +1000
Subject: Recognise signed VERSION partition

A few things need to change to support a signed VERSION partition:

- A signed VERSION partition will be 4K + SECURE_BOOT_HEADERS_SIZE (4K).
- The VERSION partition needs to be loaded after secure/trusted boot is
  set up, and therefore after nvram_init().
- Added to the trustedboot resources array.

This also moves the ipmi_dt_add_bmc_info() call to after
flash_dt_add_fw_version() since it adds info to ibm,firmware-versions.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Signed-off-by: Stewart Smith <stewart@linux.ibm.com>
---
 core/flash.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'core/flash.c')

diff --git a/core/flash.c b/core/flash.c
index e3be576..e258fe1 100644
--- a/core/flash.c
+++ b/core/flash.c
@@ -51,7 +51,7 @@ static u32 nvram_offset, nvram_size;
 
 /* ibm,firmware-versions support */
 static char *version_buf;
-static size_t version_buf_size = 0x1000;
+static size_t version_buf_size = 0x2000;
 
 bool flash_reserve(void)
 {
@@ -235,6 +235,8 @@ void flash_dt_add_fw_version(void)
 	fw_version = dt_new(dt_root, "ibm,firmware-versions");
 	assert(fw_version);
 
+	if (stb_is_container(version_buf, version_buf_size))
+		numbytes += SECURE_BOOT_HEADERS_SIZE;
 	for ( ; (numbytes < version_buf_size) && version_buf[numbytes]; numbytes++) {
 		if (version_buf[numbytes] == '\n') {
 			version_data[i] = '\0';
-- 
cgit v1.1