[PATCH 3/5] efi_capsule: Add a weak function to check whether capsule authentication is enabled

Sughosh Ganu sughosh.ganu at linaro.org
Fri Apr 9 08:25:05 CEST 2021


On Fri, 9 Apr 2021 at 01:22, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:

> On 4/7/21 1:53 PM, Sughosh Ganu wrote:
> > Define a weak function which checks if the environment variable
> > capsule_authentication_enabled has been set, for enabling capsule
> > authentication. Other platforms might have a different mechanism to
> > determine this, and would then define their own platform specific
> > function.
>
> I cannot yet understand the concrete need for such a function.
>
> Is there any Linaro customer who actually needs it? What is the use case?
>

This point was discussed in another mail thread[1]. I will be dropping the
additional knob, so this weak function will go away.

-sughosh

[1] - https://lists.denx.de/pipermail/u-boot/2021-April/446694.html


> Best regards
>
> Heinrich
>
> >
> > Signed-off-by: Sughosh Ganu <sughosh.ganu at linaro.org>
> > ---
> >   board/emulation/common/qemu_capsule.c | 6 ------
> >   lib/efi_loader/efi_capsule.c          | 6 ++++++
> >   2 files changed, 6 insertions(+), 6 deletions(-)
> >
> > diff --git a/board/emulation/common/qemu_capsule.c
> b/board/emulation/common/qemu_capsule.c
> > index 5cb461d52b..6b8a87022a 100644
> > --- a/board/emulation/common/qemu_capsule.c
> > +++ b/board/emulation/common/qemu_capsule.c
> > @@ -41,9 +41,3 @@ int efi_get_public_key_data(void **pkey, efi_uintn_t
> *pkey_len)
> >
> >       return 0;
> >   }
> > -
> > -bool efi_capsule_auth_enabled(void)
> > -{
> > -     return env_get("capsule_authentication_enabled") != NULL ?
> > -             true : false;
> > -}
> > diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
> > index 0cfff0daf7..1423b675c8 100644
> > --- a/lib/efi_loader/efi_capsule.c
> > +++ b/lib/efi_loader/efi_capsule.c
> > @@ -218,6 +218,12 @@ __weak int efi_get_public_key_data(void **pkey,
> efi_uintn_t *pkey_len)
> >       return 0;
> >   }
> >
> > +__weak bool efi_capsule_auth_enabled(void)
> > +{
> > +     return env_get("capsule_authentication_enabled") ?
> > +             true : false;
> > +}
> > +
> >   efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t
> capsule_size,
> >                                     void **image, efi_uintn_t
> *image_size)
> >   {
> >
>
>


More information about the U-Boot mailing list