From: Sascha Hauer <s.hauer@pengutronix.de>
To: BAREBOX <barebox@lists.infradead.org>
Cc: Ahmad Fatoum <a.fatoum@pengutronix.de>
Subject: [PATCH 12/24] bootm: support calling bootm_optional_signed_images at any time
Date: Wed, 20 Aug 2025 15:17:56 +0200 [thread overview]
Message-ID: <20250820-security-policies-v1-12-76fde70fdbd8@pengutronix.de> (raw)
In-Reply-To: <20250820-security-policies-v1-0-76fde70fdbd8@pengutronix.de>
From: Ahmad Fatoum <a.fatoum@pengutronix.de>
bootm_init is a late initcall and thus the code has the implicit
assumption that bootm_force_signed_images is called after it runs.
Rework the code to allow calling the function at any time.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
common/bootm.c | 32 +++++++++++++++++++++++---------
1 file changed, 23 insertions(+), 9 deletions(-)
diff --git a/common/bootm.c b/common/bootm.c
index 15b18c12faa1856e08e30f59a5c2151558f20ec3..755c9358ce3a17c8ce37a9db13cf18d0aea1b5e7 100644
--- a/common/bootm.c
+++ b/common/bootm.c
@@ -116,12 +116,22 @@ static const char * const bootm_verify_names[] = {
static bool force_signed_images = IS_ENABLED(CONFIG_BOOTM_FORCE_SIGNED_IMAGES);
-void bootm_force_signed_images(void)
+static void bootm_optional_signed_images(void)
{
- static unsigned int verify_mode = 0;
+ /* This function should not be exported */
+ BUG_ON(force_signed_images);
- if (force_signed_images)
- return;
+ globalvar_remove("bootm.verify");
+ /* recreate bootm.verify with a single enumeration as option */
+ globalvar_add_simple_enum("bootm.verify", (unsigned int *)&bootm_verify_mode,
+ bootm_verify_names, ARRAY_SIZE(bootm_verify_names));
+
+ bootm_verify_mode = BOOTM_VERIFY_AVAILABLE;
+}
+
+static void bootm_require_signed_images(void)
+{
+ static unsigned int verify_mode = 0;
/* recreate bootm.verify with a single enumeration as option */
globalvar_remove("bootm.verify");
@@ -129,6 +139,11 @@ void bootm_force_signed_images(void)
&bootm_verify_names[BOOTM_VERIFY_SIGNATURE], 1);
bootm_verify_mode = BOOTM_VERIFY_SIGNATURE;
+}
+
+void bootm_force_signed_images(void)
+{
+ bootm_require_signed_images();
force_signed_images = true;
}
@@ -1086,14 +1101,13 @@ static int bootm_init(void)
globalvar_add_simple("bootm.initrd.loadaddr", NULL);
}
- if (bootm_signed_images_are_forced())
- bootm_verify_mode = BOOTM_VERIFY_SIGNATURE;
-
globalvar_add_simple_bool("bootm.dryrun", &bootm_dryrun);
globalvar_add_simple_int("bootm.verbose", &bootm_verbosity, "%u");
- globalvar_add_simple_enum("bootm.verify", (unsigned int *)&bootm_verify_mode,
- bootm_verify_names, ARRAY_SIZE(bootm_verify_names));
+ if (bootm_signed_images_are_forced())
+ bootm_require_signed_images();
+ else
+ bootm_optional_signed_images();
if (IS_ENABLED(CONFIG_ROOTWAIT_BOOTARG))
globalvar_add_simple_int("linux.rootwait",
--
2.39.5
next prev parent reply other threads:[~2025-08-20 14:32 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-20 13:17 [PATCH 00/24] Add security policy support Sascha Hauer
2025-08-20 13:17 ` [PATCH 01/24] kconfig: allow setting CONFIG_ from the outside Sascha Hauer
2025-08-20 13:17 ` [PATCH 02/24] scripts: include scripts/include for all host tools Sascha Hauer
2025-08-20 13:17 ` [PATCH 03/24] kbuild: implement loopable loop_cmd Sascha Hauer
2025-08-20 13:17 ` [PATCH 04/24] Add security policy support Sascha Hauer
2025-08-20 13:17 ` [PATCH 05/24] kbuild: allow security config use without source tree modification Sascha Hauer
2025-08-20 13:17 ` [PATCH 06/24] defaultenv: update PS1 according to security policy Sascha Hauer
2025-08-20 15:33 ` [PATCH] fixup! " Ahmad Fatoum
2025-08-20 13:17 ` [PATCH 07/24] security: policy: support externally provided configs Sascha Hauer
2025-08-20 13:17 ` [PATCH 08/24] commands: implement sconfig command Sascha Hauer
2025-08-20 13:17 ` [PATCH 09/24] docs: security-policies: add documentation Sascha Hauer
2025-08-20 13:17 ` [PATCH 10/24] commands: go: add security config option Sascha Hauer
2025-08-20 13:17 ` [PATCH 11/24] console: ratp: " Sascha Hauer
2025-08-20 13:17 ` Sascha Hauer [this message]
2025-08-20 13:17 ` [PATCH 13/24] bootm: make unsigned image support runtime configurable Sascha Hauer
2025-08-20 13:17 ` [PATCH 14/24] ARM: configs: add virt32_secure_defconfig Sascha Hauer
2025-08-20 13:17 ` [PATCH 15/24] boards: qemu-virt: add security policies Sascha Hauer
2025-08-21 6:57 ` Ahmad Fatoum
2025-08-21 14:15 ` Sascha Hauer
2025-08-21 14:22 ` Ahmad Fatoum
2025-08-20 13:18 ` [PATCH 16/24] boards: qemu-virt: allow setting policy from command line Sascha Hauer
2025-08-20 13:18 ` [PATCH 17/24] test: py: add basic security policy test Sascha Hauer
2025-08-20 13:18 ` [PATCH 18/24] usbserial: add inline wrappers Sascha Hauer
2025-08-20 13:18 ` [PATCH 19/24] security: usbgadget: add usbgadget security policy Sascha Hauer
2025-08-20 13:18 ` [PATCH 20/24] security: fastboot: add security policy for fastboot oem Sascha Hauer
2025-08-20 13:18 ` [PATCH 21/24] security: shell: add policy for executing the shell Sascha Hauer
2025-08-20 13:18 ` [PATCH 22/24] security: add security policy for loading barebox environment Sascha Hauer
2025-08-20 13:18 ` [PATCH 23/24] security: add filesystem security policies Sascha Hauer
2025-08-20 14:39 ` Ahmad Fatoum
2025-08-20 13:18 ` [PATCH 24/24] security: console: add security policy for console input Sascha Hauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250820-security-policies-v1-12-76fde70fdbd8@pengutronix.de \
--to=s.hauer@pengutronix.de \
--cc=a.fatoum@pengutronix.de \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox