summaryrefslogtreecommitdiffstats
path: root/drivers
diff options
context:
space:
mode:
authorChristian Eggers <ceggers@arri.de>2020-02-21 13:15:12 +0100
committerSascha Hauer <s.hauer@pengutronix.de>2020-02-25 09:01:41 +0100
commitba08e336c85196affabb5983768c6b5996c6bb00 (patch)
treeacdce349d751aaca28948c43c39a66cb7f4d5500 /drivers
parented5d14afad1c303caab209549b33f795df3d6d6a (diff)
downloadbarebox-ba08e336c85196affabb5983768c6b5996c6bb00.tar.gz
gadget: f_fastboot: New Kconfig option USB_GADGET_FASTBOOT_CMD_OEM
Most fastboot commands are suitable for a secure boot environment as they only allow to download/flash/erase to files/partitions which were explicitly specified in the usbgadget command. The "oem" group of commands allows execution of arbitrary barebox commands. This needs to be disabled for secure boot devices. Signed-off-by: Christian Eggers <ceggers@arri.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'drivers')
-rw-r--r--drivers/usb/gadget/Kconfig11
-rw-r--r--drivers/usb/gadget/f_fastboot.c4
2 files changed, 14 insertions, 1 deletions
diff --git a/drivers/usb/gadget/Kconfig b/drivers/usb/gadget/Kconfig
index 9d6a262..a3e2a8b 100644
--- a/drivers/usb/gadget/Kconfig
+++ b/drivers/usb/gadget/Kconfig
@@ -58,6 +58,7 @@ config USB_GADGET_FASTBOOT
config USB_GADGET_FASTBOOT_SPARSE
bool
+ depends on USB_GADGET_FASTBOOT
select IMAGE_SPARSE
prompt "Enable Fastboot sparse image support"
help
@@ -77,4 +78,14 @@ config USB_GADGET_FASTBOOT_BUF
a buffer, then using a buffer might be better.
Say no here unless you know what you are doing.
+
+config USB_GADGET_FASTBOOT_CMD_OEM
+ bool
+ depends on USB_GADGET_FASTBOOT
+ prompt "Enable OEM commands"
+ help
+ This option enables the fastboot "oem" group of commands. They allow to
+ executing arbitrary barebox commands and may be disabled in secure
+ environments.
+
endif
diff --git a/drivers/usb/gadget/f_fastboot.c b/drivers/usb/gadget/f_fastboot.c
index 0a3aff3..2d76086 100644
--- a/drivers/usb/gadget/f_fastboot.c
+++ b/drivers/usb/gadget/f_fastboot.c
@@ -1251,7 +1251,7 @@ static const struct cmd_dispatch_info cmd_oem_dispatch_info[] = {
},
};
-static void cb_oem(struct f_fastboot *f_fb, const char *cmd)
+static void __maybe_unused cb_oem(struct f_fastboot *f_fb, const char *cmd)
{
pr_debug("%s: \"%s\"\n", __func__, cmd);
@@ -1279,9 +1279,11 @@ static const struct cmd_dispatch_info cmd_dispatch_info[] = {
}, {
.cmd = "erase:",
.cb = cb_erase,
+#if defined(CONFIG_USB_GADGET_FASTBOOT_CMD_OEM)
}, {
.cmd = "oem ",
.cb = cb_oem,
+#endif
},
};