1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* |
3 | * Copyright (C) 2019 IBM Corporation |
4 | * Author: Nayna Jain |
5 | */ |
6 | #include <linux/types.h> |
7 | #include <linux/of.h> |
8 | #include <asm/secure_boot.h> |
9 | |
10 | static struct device_node *get_ppc_fw_sb_node(void) |
11 | { |
12 | static const struct of_device_id ids[] = { |
13 | { .compatible = "ibm,secureboot" , }, |
14 | { .compatible = "ibm,secureboot-v1" , }, |
15 | { .compatible = "ibm,secureboot-v2" , }, |
16 | {}, |
17 | }; |
18 | |
19 | return of_find_matching_node(NULL, matches: ids); |
20 | } |
21 | |
22 | bool is_ppc_secureboot_enabled(void) |
23 | { |
24 | struct device_node *node; |
25 | bool enabled = false; |
26 | u32 secureboot; |
27 | |
28 | node = get_ppc_fw_sb_node(); |
29 | enabled = of_property_read_bool(np: node, propname: "os-secureboot-enforcing" ); |
30 | of_node_put(node); |
31 | |
32 | if (enabled) |
33 | goto out; |
34 | |
35 | node = of_find_node_by_path(path: "/" ); |
36 | if (!of_property_read_u32(np: node, propname: "ibm,secure-boot" , out_value: &secureboot)) |
37 | enabled = (secureboot > 1); |
38 | of_node_put(node); |
39 | |
40 | out: |
41 | pr_info("Secure boot mode %s\n" , enabled ? "enabled" : "disabled" ); |
42 | |
43 | return enabled; |
44 | } |
45 | |
46 | bool is_ppc_trustedboot_enabled(void) |
47 | { |
48 | struct device_node *node; |
49 | bool enabled = false; |
50 | u32 trustedboot; |
51 | |
52 | node = get_ppc_fw_sb_node(); |
53 | enabled = of_property_read_bool(np: node, propname: "trusted-enabled" ); |
54 | of_node_put(node); |
55 | |
56 | if (enabled) |
57 | goto out; |
58 | |
59 | node = of_find_node_by_path(path: "/" ); |
60 | if (!of_property_read_u32(np: node, propname: "ibm,trusted-boot" , out_value: &trustedboot)) |
61 | enabled = (trustedboot > 0); |
62 | of_node_put(node); |
63 | |
64 | out: |
65 | pr_info("Trusted boot mode %s\n" , enabled ? "enabled" : "disabled" ); |
66 | |
67 | return enabled; |
68 | } |
69 | |