diff options
| author | Ahmad Fatoum <a.fatoum@pengutronix.de> | 2024-04-08 16:31:31 +0200 |
|---|---|---|
| committer | Sascha Hauer <s.hauer@pengutronix.de> | 2024-04-10 08:36:19 +0200 |
| commit | 933db056bbdf0bb675aef53f0d938a397faa16df (patch) | |
| tree | b4118dd539b115b644b40b25958abe2a02a49c08 /include | |
| parent | 7c80ebdcecd9bc047050a63d3b60dad43c2c0e45 (diff) | |
| download | barebox-933db056bbdf0bb675aef53f0d938a397faa16df.tar.gz barebox-933db056bbdf0bb675aef53f0d938a397faa16df.tar.xz | |
bootm: add support for dynamically forcing signature verification
So far, secure booting systems statically configured
CONFIG_BOOTM_FORCE_SIGNED_IMAGES=y to restrict bootm to signed images.
This remains the recommended way, but some systems require the ability
to decide at runtime whether to enforce secure boot or to disable it,
e.g. after verifying a JSON web token with the appropriate claim.
For such systems, provide a bootm_force_signed_images() function.
There's intentionally no unforce counterpart as this is meant to be
non-reversible.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Link: https://lore.barebox.org/20240408143131.3630347-2-m.felsch@pengutronix.de
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'include')
| -rw-r--r-- | include/bootm.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/bootm.h b/include/bootm.h index e4d59b566e..98ac5e5a93 100644 --- a/include/bootm.h +++ b/include/bootm.h @@ -153,6 +153,7 @@ enum bootm_verify bootm_get_verify_mode(void); void bootm_set_verify_mode(enum bootm_verify mode); bool bootm_signed_images_are_forced(void); +void bootm_force_signed_images(void); #define UIMAGE_SOME_ADDRESS (UIMAGE_INVALID_ADDRESS - 1) |