[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v6 11/11] fdt: Treat device tree file type like ACPI
From: |
Alistair Francis |
Subject: |
Re: [PATCH v6 11/11] fdt: Treat device tree file type like ACPI |
Date: |
Wed, 13 Feb 2019 00:40:20 +0000 |
On Tue, 2019-02-12 at 11:31 +0100, Alexander Graf wrote:
> We now have signature check logic in grub which allows us to treat
> files differently depending on their file type.
>
> Treat a loaded device tree like an overlayed ACPI table.
> Both describe hardware, so I suppose their threat level is the same.
>
> Signed-off-by: Alexander Graf <address@hidden>
> Reviewed-by: Daniel Kiper <address@hidden>
Reviewed-by: Alistair Francis <address@hidden>
Alistair
>
> ---
>
> v3 -> v4:
>
> - Rebase onto current git master
> ---
> grub-core/commands/efi/shim_lock.c | 1 +
> include/grub/file.h | 4 ++--
> 2 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/grub-core/commands/efi/shim_lock.c b/grub-
> core/commands/efi/shim_lock.c
> index 01246b0fc..83568cb2b 100644
> --- a/grub-core/commands/efi/shim_lock.c
> +++ b/grub-core/commands/efi/shim_lock.c
> @@ -81,6 +81,7 @@ shim_lock_init (grub_file_t io, enum grub_file_type
> type,
> /* Fall through. */
>
> case GRUB_FILE_TYPE_ACPI_TABLE:
> + case GRUB_FILE_TYPE_DEVICE_TREE_IMAGE:
> *flags = GRUB_VERIFY_FLAGS_DEFER_AUTH;
>
> return GRUB_ERR_NONE;
> diff --git a/include/grub/file.h b/include/grub/file.h
> index cbbd29465..31567483c 100644
> --- a/include/grub/file.h
> +++ b/include/grub/file.h
> @@ -74,8 +74,6 @@ enum grub_file_type
>
> GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE,
>
> - GRUB_FILE_TYPE_DEVICE_TREE_IMAGE,
> -
> /* File holding signature. */
> GRUB_FILE_TYPE_SIGNATURE,
> /* File holding public key to verify signature once. */
> @@ -100,6 +98,8 @@ enum grub_file_type
> GRUB_FILE_TYPE_FILE_ID,
> /* File holding ACPI table. */
> GRUB_FILE_TYPE_ACPI_TABLE,
> + /* File holding Device Tree. */
> + GRUB_FILE_TYPE_DEVICE_TREE_IMAGE,
> /* File we intend show to user. */
> GRUB_FILE_TYPE_CAT,
> GRUB_FILE_TYPE_HEXCAT,
[PATCH v6 02/11] PE: Add RISC-V definitions, Alexander Graf, 2019/02/12
[PATCH v6 09/11] RISC-V: Add libgcc helpers for clz, Alexander Graf, 2019/02/12
[PATCH v6 04/11] RISC-V: Add setjmp implementation, Alexander Graf, 2019/02/12