File 0001-Create-fake-AIX-style-ibm-secureboot.patch of Package qemu
From 162a48351af61fa8f7c293760366e7c16269e224 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Tue, 7 Jan 2020 11:21:48 +1100
Subject: [PATCH 1/3] Create fake AIX-style ibm,secureboot
ibm,fw-secure-boot: 0 - fw secure boot is disabled
1 - fw secure boot is enabled
ibm,secure-boot:
0 - secure boot is disabled
1 - secure boot in log-only mode
2 - secure boot enabled and enforced
3-9 - secure boot enabled and enforced; requirements and the discretion of the operating system
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
hw/ppc/spapr.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 81699d4f8b..bd5c43c16a 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -1115,6 +1115,13 @@ static void spapr_dt_hypervisor(SpaprMachineState *spapr, void *fdt)
}
}
+static void spapr_dt_stb(SpaprMachineState *spapr, void *fdt)
+{
+ _FDT(fdt_setprop_cell(fdt, 0, "ibm,fw-secure-boot", 1));
+ _FDT(fdt_setprop_cell(fdt, 0, "ibm,secure-boot", 2));
+}
+
+
void *spapr_build_fdt(SpaprMachineState *spapr, bool reset, size_t space)
{
MachineState *machine = MACHINE(spapr);
@@ -1232,6 +1239,9 @@ void *spapr_build_fdt(SpaprMachineState *spapr, bool reset, size_t space)
spapr_dt_hypervisor(spapr, fdt);
}
+ /* /ibm,secureboot */
+ spapr_dt_stb(spapr, fdt);
+
/* Build memory reserve map */
if (reset) {
if (spapr->kernel_size) {
--
2.33.1