diff options
Diffstat (limited to 'src/usr/secureboot/runtime/rt_secureboot.C')
-rw-r--r-- | src/usr/secureboot/runtime/rt_secureboot.C | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/src/usr/secureboot/runtime/rt_secureboot.C b/src/usr/secureboot/runtime/rt_secureboot.C index 1c84c2bf1..2277cce29 100644 --- a/src/usr/secureboot/runtime/rt_secureboot.C +++ b/src/usr/secureboot/runtime/rt_secureboot.C @@ -40,7 +40,7 @@ #include <targeting/common/commontargeting.H> #include <targeting/common/targetservice.H> #include <devicefw/userif.H> - +#include <util/misc.H> namespace SECUREBOOT { @@ -87,6 +87,39 @@ bool enabled() } #endif +#ifdef __HOSTBOOT_RUNTIME +bool allowAttrOverrides() +{ + bool retVal = false; + + if (enabled()) + { + // Check attribute to see if overrides are allowed in secure mode + if ( Util::isTargetingLoaded() ) + { + TARGETING::TargetService& tS = TARGETING::targetService(); + TARGETING::Target* sys = nullptr; + (void) tS.getTopLevelTarget( sys ); + assert(sys, "SECUREBOOT::allowAttrOverrides() system target is NULL"); + + retVal = sys->getAttr< + TARGETING::ATTR_ALLOW_ATTR_OVERRIDES_IN_SECURE_MODE>(); + + SB_INF("SECUREBOOT::allowAttrOverrides: " + "Inside Attr check: retVal=0x%X", + retVal); + } + } + else + { + // Allow Attribute Overrides in unsecure mode + retVal = true; + } + + return retVal; +} +#endif + int verify_container( const void* i_pContainer, const void* i_pHwKeyHash, |