{"id":808095,"url":"http://patchwork.ozlabs.org/api/1.0/patches/808095/?format=json","project":{"id":44,"url":"http://patchwork.ozlabs.org/api/1.0/projects/44/?format=json","name":"skiboot firmware development","link_name":"skiboot","list_id":"skiboot.lists.ozlabs.org","list_email":"skiboot@lists.ozlabs.org","web_url":"http://github.com/open-power/skiboot","scm_url":"http://github.com/open-power/skiboot","webscm_url":""},"msgid":"<1504164285-15095-10-git-send-email-cclaudio@linux.vnet.ibm.com>","date":"2017-08-31T07:24:40","name":"[v2,09/14] libstb: clean up the force-secure-mode and force-trusted-mode from nvram","commit_ref":null,"pull_url":null,"state":"superseded","archived":false,"hash":"1b3888df673ec248a978e6371e50912782803d6f","submitter":{"id":69305,"url":"http://patchwork.ozlabs.org/api/1.0/people/69305/?format=json","name":"Claudio Carvalho","email":"cclaudio@linux.vnet.ibm.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/skiboot/patch/1504164285-15095-10-git-send-email-cclaudio@linux.vnet.ibm.com/mbox/","series":[{"id":760,"url":"http://patchwork.ozlabs.org/api/1.0/series/760/?format=json","date":"2017-08-31T07:24:31","name":"libstb: simplify the initialization of cvc drivers","version":2,"mbox":"http://patchwork.ozlabs.org/series/760/mbox/"}],"check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/808095/checks/","tags":{},"headers":{"Return-Path":"<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>","X-Original-To":["incoming@patchwork.ozlabs.org","skiboot@lists.ozlabs.org"],"Delivered-To":["patchwork-incoming@bilbo.ozlabs.org","skiboot@lists.ozlabs.org"],"Received":["from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\t(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xjYpp2R5Fz9sNc\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:26:58 +1000 (AEST)","from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 3xjYpp1bFxzDqXj\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:26:58 +1000 (AEST)","from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com\n\t[148.163.156.1])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmr6JgKzDqXh\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 17:25:16 +1000 (AEST)","from pps.filterd (m0098404.ppops.net [127.0.0.1])\n\tby mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id\n\tv7V7NikG073789\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:15 -0400","from e18.ny.us.ibm.com (e18.ny.us.ibm.com [129.33.205.208])\n\tby mx0a-001b2d01.pphosted.com with ESMTP id 2cp98rt19p-1\n\t(version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:15 -0400","from localhost\n\tby e18.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use\n\tOnly! Violators will be prosecuted\n\tfor <skiboot@lists.ozlabs.org> from <cclaudio@linux.vnet.ibm.com>;\n\tThu, 31 Aug 2017 03:25:13 -0400","from b01cxnp23032.gho.pok.ibm.com (9.57.198.27)\n\tby e18.ny.us.ibm.com (146.89.104.205) with IBM ESMTP SMTP Gateway:\n\tAuthorized Use Only! Violators will be prosecuted; \n\tThu, 31 Aug 2017 03:25:10 -0400","from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com\n\t[9.57.199.109])\n\tby b01cxnp23032.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP\n\tid v7V7PAwl25231364\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 07:25:10 GMT","from localhost (unknown [127.0.0.1])\n\tby IMSVA (Postfix) with SMTP id 1DE81112040\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:24:56 -0400 (EDT)","from legolas.ibm.com (unknown [9.85.193.48])\n\tby b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 30475112047;\n\tThu, 31 Aug 2017 03:24:55 -0400 (EDT)"],"X-IMSS-HAND-OFF-DIRECTIVE":"127.0.0.1:10026","From":"Claudio Carvalho <cclaudio@linux.vnet.ibm.com>","To":"skiboot@lists.ozlabs.org","Date":"Thu, 31 Aug 2017 04:24:40 -0300","X-Mailer":"git-send-email 2.7.4","In-Reply-To":"<1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com>","References":"<1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com>","X-TM-AS-GCONF":"00","x-cbid":"17083107-0044-0000-0000-00000385D467","X-IBM-SpamModules-Scores":"","X-IBM-SpamModules-Versions":"BY=3.00007640; HX=3.00000241; KW=3.00000007;\n\tPH=3.00000004; SC=3.00000226; SDB=6.00910098; UDB=6.00456511;\n\tIPR=6.00690378; \n\tBA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009;\n\tZB=6.00000000; \n\tZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938;\n\tXFM=3.00000015; UTC=2017-08-31 07:25:12","X-IBM-AV-DETECTION":"SAVI=unused REMOTE=unused XFE=unused","x-cbparentid":"17083107-0045-0000-0000-000007B3ED75","Message-Id":"<1504164285-15095-10-git-send-email-cclaudio@linux.vnet.ibm.com>","X-Proofpoint-Virus-Version":"vendor=fsecure engine=2.50.10432:, ,\n\tdefinitions=2017-08-31_02:, , signatures=0","X-Proofpoint-Spam-Details":"rule=outbound_notspam policy=outbound score=0\n\tspamscore=0 suspectscore=1\n\tmalwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam\n\tadjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000\n\tdefinitions=main-1708310114","Subject":"[Skiboot] [PATCH v2 09/14] libstb: clean up the force-secure-mode\n\tand force-trusted-mode from nvram","X-BeenThere":"skiboot@lists.ozlabs.org","X-Mailman-Version":"2.1.23","Precedence":"list","List-Id":"Mailing list for skiboot development <skiboot.lists.ozlabs.org>","List-Unsubscribe":"<https://lists.ozlabs.org/options/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=unsubscribe>","List-Archive":"<http://lists.ozlabs.org/pipermail/skiboot/>","List-Post":"<mailto:skiboot@lists.ozlabs.org>","List-Help":"<mailto:skiboot-request@lists.ozlabs.org?subject=help>","List-Subscribe":"<https://lists.ozlabs.org/listinfo/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=subscribe>","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"base64","Errors-To":"skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org","Sender":"\"Skiboot\"\n\t<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>"},"content":"This just renames the ibm_secureboot variable to node and organize the\ncode that checks the force-secure-mode and force-trusted-mode from\nnvram.\n\nSigned-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>\n---\n libstb/stb.c | 34 ++++++++++++++--------------------\n 1 file changed, 14 insertions(+), 20 deletions(-)","diff":"diff --git a/libstb/stb.c b/libstb/stb.c\nindex eb77038..a238378 100644\n--- a/libstb/stb.c\n+++ b/libstb/stb.c\n@@ -90,41 +90,35 @@ static void sb_enforce(void)\n \n void stb_init(void)\n {\n-\tstruct dt_node *ibm_secureboot;\n-\t/*\n-\t * The ibm,secureboot device tree properties are documented in\n-\t * 'doc/device-tree/ibm,secureboot.rst'\n-\t */\n-\tibm_secureboot = dt_find_by_path(dt_root, \"/ibm,secureboot\");\n-\tif (ibm_secureboot == NULL) {\n+\tstruct dt_node *node;\n+\n+\tnode = dt_find_by_path(dt_root, \"/ibm,secureboot\");\n+\tif (!node) {\n \t\tprlog(PR_NOTICE,\"STB: secure and trusted boot not supported\\n\");\n \t\treturn;\n \t}\n \n-\tsecure_mode = dt_has_node_property(ibm_secureboot, \"secure-enabled\",\n-\t\t\t\t\t   NULL);\n-\n \tif (nvram_query_eq(\"force-secure-mode\", \"always\")) {\n-\t\tprlog(PR_NOTICE, \"STB: secure mode on (FORCED by nvram)\\n\");\n \t\tsecure_mode = true;\n-\t} else if (secure_mode) {\n-\t\tprlog(PR_NOTICE, \"STB: secure mode on.\\n\");\n+\t\tprlog(PR_NOTICE, \"STB: secure mode on (FORCED by nvram)\\n\");\n \t} else {\n-\t\tprlog(PR_NOTICE, \"STB: secure mode off\\n\");\n+\t\tsecure_mode = dt_has_node_property(node, \"secure-enabled\", NULL);\n+\t\tprlog(PR_NOTICE, \"STB: secure mode %s\\n\",\n+\t\t      secure_mode ? \"on\" : \"off\");\n \t}\n \n-\ttrusted_mode = dt_has_node_property(ibm_secureboot, \"trusted-enabled\",\n-\t\t\t\t\t    NULL);\n \tif (nvram_query_eq(\"force-trusted-mode\", \"true\")) {\n-\t\tprlog(PR_NOTICE, \"STB: trusted mode ON (from NVRAM)\\n\");\n \t\ttrusted_mode = true;\n+\t\tprlog(PR_NOTICE, \"STB: trusted mode on (FORCED by nvram)\\n\");\n+\t} else {\n+\t\ttrusted_mode = dt_has_node_property(node, \"trusted-enabled\", NULL);\n+\t\tprlog(PR_NOTICE, \"STB: trusted mode %s\\n\",\n+\t\t      trusted_mode ? \"on\" : \"off\");\n \t}\n-\tprlog(PR_NOTICE, \"STB: trusted mode %s\\n\",\n-\t      trusted_mode ? \"on\" : \"off\");\n \n \tif (!secure_mode && !trusted_mode)\n \t\treturn;\n-\tc1vc = rom_init(ibm_secureboot);\n+\tc1vc = rom_init(node);\n \tif (secure_mode && !c1vc) {\n \t\tprlog(PR_EMERG, \"STB: compatible romcode driver not found\\n\");\n \t\tsb_enforce();\n","prefixes":["v2","09/14"]}