Message ID | 20200401003426.7198-2-erichte@linux.ibm.com |
---|---|
State | Superseded |
Headers | show |
Series | Add initial secure variable storage and backend drivers | expand |
Context | Check | Description |
---|---|---|
snowpatch_ozlabs/apply_patch | success | Successfully applied on branch master (6826095796c91583f344950ff76ef8ccf6e756b5) |
snowpatch_ozlabs/snowpatch_job_snowpatch-skiboot | success | Test snowpatch/job/snowpatch-skiboot on branch master |
snowpatch_ozlabs/snowpatch_job_snowpatch-skiboot-dco | success | Signed-off-by present |
diff --git a/core/init.c b/core/init.c index f4924c36..257a15a7 100644 --- a/core/init.c +++ b/core/init.c @@ -1256,7 +1256,7 @@ void __noreturn __nomcount main_cpu_entry(const void *fdt) trustedboot_init(); /* Secure variables init, handled by platform */ - if (platform.secvar_init) + if (platform.secvar_init && is_fw_secureboot()) platform.secvar_init(); /* diff --git a/libstb/secureboot.c b/libstb/secureboot.c index 022e2aa0..a7865627 100644 --- a/libstb/secureboot.c +++ b/libstb/secureboot.c @@ -62,6 +62,11 @@ bool secureboot_is_compatible(struct dt_node *node, int *version, const char **c return false; } +bool is_fw_secureboot(void) +{ + return secure_mode; +} + void secureboot_init(void) { struct dt_node *node; diff --git a/libstb/secureboot.h b/libstb/secureboot.h index 426483ff..8aa995ac 100644 --- a/libstb/secureboot.h +++ b/libstb/secureboot.h @@ -17,6 +17,7 @@ enum secureboot_version { bool secureboot_is_compatible(struct dt_node *node, int *version, const char **compat); void secureboot_init(void); +bool is_fw_secureboot(void); /** * secureboot_verify - verify a PNOR partition content