Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/arch/powerpc/kernel/secure_boot.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  1) // SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  3)  * Copyright (C) 2019 IBM Corporation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  4)  * Author: Nayna Jain
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  5)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  6) #include <linux/types.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  7) #include <linux/of.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  8) #include <asm/secure_boot.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  9) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) static struct device_node *get_ppc_fw_sb_node(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) 	static const struct of_device_id ids[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) 		{ .compatible = "ibm,secureboot", },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) 		{ .compatible = "ibm,secureboot-v1", },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) 		{ .compatible = "ibm,secureboot-v2", },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) 		{},
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) 	};
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) 	return of_find_matching_node(NULL, ids);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) bool is_ppc_secureboot_enabled(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) 	struct device_node *node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) 	bool enabled = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) 	u32 secureboot;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) 	node = get_ppc_fw_sb_node();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) 	enabled = of_property_read_bool(node, "os-secureboot-enforcing");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) 	of_node_put(node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) 	if (enabled)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) 	if (!of_property_read_u32(of_root, "ibm,secure-boot", &secureboot))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) 		enabled = (secureboot > 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) 	pr_info("Secure boot mode %s\n", enabled ? "enabled" : "disabled");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) 	return enabled;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) bool is_ppc_trustedboot_enabled(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) 	struct device_node *node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) 	bool enabled = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) 	u32 trustedboot;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) 	node = get_ppc_fw_sb_node();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) 	enabled = of_property_read_bool(node, "trusted-enabled");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) 	of_node_put(node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) 	if (enabled)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) 	if (!of_property_read_u32(of_root, "ibm,trusted-boot", &trustedboot))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) 		enabled = (trustedboot > 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) 	pr_info("Trusted boot mode %s\n", enabled ? "enabled" : "disabled");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) 	return enabled;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.