mirror of
				git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
				synced 2025-09-04 20:19:47 +08:00 
			
		
		
		
	efi/libstub/arm: Add opt-in Kconfig option for the DTB loader
There are various ways a platform can provide a device tree binary to the kernel, with different levels of sophistication: - ideally, the UEFI firmware, which is tightly coupled with the platform, provides a device tree image directly as a UEFI configuration table, and typically permits the contents to be manipulated either via menu options or via UEFI environment variables that specify a replacement image, - GRUB for ARM has a 'devicetree' directive which allows a device tree image to be loaded from any location accessible to GRUB, and supersede the one provided by the firmware, - the EFI stub implements a dtb= command line option that allows a device tree image to be loaded from a file residing in the same file system as the one the kernel image was loaded from. The dtb= command line option was never intended to be more than a development feature, to allow the other options to be implemented in parallel. So let's make it an opt-in feature that is disabled by default, but can be re-enabled at will. Note that we already disable the dtb= command line option when we detect that we are running with UEFI Secure Boot enabled. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Alexander Graf <agraf@suse.de> Acked-by: Leif Lindholm <leif.lindholm@linaro.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-efi@vger.kernel.org Link: http://lkml.kernel.org/r/20180711094040.12506-7-ard.biesheuvel@linaro.org Signed-off-by: Ingo Molnar <mingo@kernel.org>
This commit is contained in:
		
							parent
							
								
									f5dcc214aa
								
							
						
					
					
						commit
						3d7ee348aa
					
				| @ -87,6 +87,18 @@ config EFI_RUNTIME_WRAPPERS | |||||||
| config EFI_ARMSTUB | config EFI_ARMSTUB | ||||||
| 	bool | 	bool | ||||||
| 
 | 
 | ||||||
|  | config EFI_ARMSTUB_DTB_LOADER | ||||||
|  | 	bool "Enable the DTB loader" | ||||||
|  | 	depends on EFI_ARMSTUB | ||||||
|  | 	help | ||||||
|  | 	  Select this config option to add support for the dtb= command | ||||||
|  | 	  line parameter, allowing a device tree blob to be loaded into | ||||||
|  | 	  memory from the EFI System Partition by the stub. | ||||||
|  | 
 | ||||||
|  | 	  The device tree is typically provided by the platform or by | ||||||
|  | 	  the bootloader, so this option is mostly for development | ||||||
|  | 	  purposes only. | ||||||
|  | 
 | ||||||
| config EFI_BOOTLOADER_CONTROL | config EFI_BOOTLOADER_CONTROL | ||||||
| 	tristate "EFI Bootloader Control" | 	tristate "EFI Bootloader Control" | ||||||
| 	depends on EFI_VARS | 	depends on EFI_VARS | ||||||
|  | |||||||
| @ -202,8 +202,9 @@ unsigned long efi_entry(void *handle, efi_system_table_t *sys_table, | |||||||
| 	 * 'dtb=' unless UEFI Secure Boot is disabled.  We assume that secure | 	 * 'dtb=' unless UEFI Secure Boot is disabled.  We assume that secure | ||||||
| 	 * boot is enabled if we can't determine its state. | 	 * boot is enabled if we can't determine its state. | ||||||
| 	 */ | 	 */ | ||||||
| 	if (secure_boot != efi_secureboot_mode_disabled && | 	if (!IS_ENABLED(CONFIG_EFI_ARMSTUB_DTB_LOADER) || | ||||||
| 	    strstr(cmdline_ptr, "dtb=")) { | 	     secure_boot != efi_secureboot_mode_disabled) { | ||||||
|  | 		if (strstr(cmdline_ptr, "dtb=")) | ||||||
| 			pr_efi(sys_table, "Ignoring DTB from command line.\n"); | 			pr_efi(sys_table, "Ignoring DTB from command line.\n"); | ||||||
| 	} else { | 	} else { | ||||||
| 		status = handle_cmdline_files(sys_table, image, cmdline_ptr, | 		status = handle_cmdline_files(sys_table, image, cmdline_ptr, | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Ard Biesheuvel
						Ard Biesheuvel