fdt: Treat device tree file type like ACPI
We now have signature check logic in grub which allows us to treat files differently depending on their file type. Treat a loaded device tree like an overlayed ACPI table. Both describe hardware, so I suppose their threat level is the same. Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
This commit is contained in:
		
							parent
							
								
									f1957dc8a3
								
							
						
					
					
						commit
						c956126a51
					
				
					 2 changed files with 3 additions and 2 deletions
				
			
		|  | @ -81,6 +81,7 @@ shim_lock_init (grub_file_t io, enum grub_file_type type, | |||
|       /* Fall through. */ | ||||
| 
 | ||||
|     case GRUB_FILE_TYPE_ACPI_TABLE: | ||||
|     case GRUB_FILE_TYPE_DEVICE_TREE_IMAGE: | ||||
|       *flags = GRUB_VERIFY_FLAGS_DEFER_AUTH; | ||||
| 
 | ||||
|       return GRUB_ERR_NONE; | ||||
|  |  | |||
|  | @ -74,8 +74,6 @@ enum grub_file_type | |||
| 
 | ||||
|     GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE, | ||||
| 
 | ||||
|     GRUB_FILE_TYPE_DEVICE_TREE_IMAGE, | ||||
| 
 | ||||
|     /* File holding signature.  */ | ||||
|     GRUB_FILE_TYPE_SIGNATURE, | ||||
|     /* File holding public key to verify signature once.  */ | ||||
|  | @ -100,6 +98,8 @@ enum grub_file_type | |||
|     GRUB_FILE_TYPE_FILE_ID, | ||||
|     /* File holding ACPI table.  */ | ||||
|     GRUB_FILE_TYPE_ACPI_TABLE, | ||||
|     /* File holding Device Tree.  */ | ||||
|     GRUB_FILE_TYPE_DEVICE_TREE_IMAGE, | ||||
|     /* File we intend show to user.  */ | ||||
|     GRUB_FILE_TYPE_CAT, | ||||
|     GRUB_FILE_TYPE_HEXCAT, | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue