summaryrefslogtreecommitdiff
path: root/arch/powerpc/kernel/secure_boot.c
diff options
context:
space:
mode:
Diffstat (limited to 'arch/powerpc/kernel/secure_boot.c')
-rw-r--r--arch/powerpc/kernel/secure_boot.c23
1 files changed, 21 insertions, 2 deletions
diff --git a/arch/powerpc/kernel/secure_boot.c b/arch/powerpc/kernel/secure_boot.c
index 4b982324d368..3a28795b4ed8 100644
--- a/arch/powerpc/kernel/secure_boot.c
+++ b/arch/powerpc/kernel/secure_boot.c
@@ -5,6 +5,7 @@
*/
#include <linux/types.h>
#include <linux/of.h>
+#include <linux/string_choices.h>
#include <asm/secure_boot.h>
static struct device_node *get_ppc_fw_sb_node(void)
@@ -23,13 +24,22 @@ bool is_ppc_secureboot_enabled(void)
{
struct device_node *node;
bool enabled = false;
+ u32 secureboot;
node = get_ppc_fw_sb_node();
enabled = of_property_read_bool(node, "os-secureboot-enforcing");
+ of_node_put(node);
+
+ if (enabled)
+ goto out;
+ node = of_find_node_by_path("/");
+ if (!of_property_read_u32(node, "ibm,secure-boot", &secureboot))
+ enabled = (secureboot > 1);
of_node_put(node);
- pr_info("Secure boot mode %s\n", enabled ? "enabled" : "disabled");
+out:
+ pr_info("Secure boot mode %s\n", str_enabled_disabled(enabled));
return enabled;
}
@@ -38,13 +48,22 @@ bool is_ppc_trustedboot_enabled(void)
{
struct device_node *node;
bool enabled = false;
+ u32 trustedboot;
node = get_ppc_fw_sb_node();
enabled = of_property_read_bool(node, "trusted-enabled");
+ of_node_put(node);
+
+ if (enabled)
+ goto out;
+ node = of_find_node_by_path("/");
+ if (!of_property_read_u32(node, "ibm,trusted-boot", &trustedboot))
+ enabled = (trustedboot > 0);
of_node_put(node);
- pr_info("Trusted boot mode %s\n", enabled ? "enabled" : "disabled");
+out:
+ pr_info("Trusted boot mode %s\n", str_enabled_disabled(enabled));
return enabled;
}
generated by cgit (git 2.34.1) at 2025-07-05 16:43:53 +0000