x86: Add CONFIG_DELAY_ENVIRONMENT to delay environment loading

This option delays loading of the environment until later, so that only the default environment will be available to U-Boot. This can address the security risk of untrusted data being used during boot. When CONFIG_DELAY_ENVIRONMENT is defined, it is convenient to have a run-time way of enabling loadinlg of the environment. Add this to the fdt as /config/delay-environment. Note: This patch depends on http://patchwork.ozlabs.org/patch/194342/ Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Stefan Reinauer <reinauer@chromium.org>
2024-11-25 22:20:45 +00:00 · 2012-11-03 11:41:29 +00:00 · 2012-11-03 11:41:29 +00:00 · 05b71646a9
commit 05b71646a9
parent 91d82a29e7
1 changed files with 27 additions and 1 deletions
--- a/arch/x86/lib/init_wrappers.c
+++ b/arch/x86/lib/init_wrappers.c
@ -21,6 +21,7 @@
 * MA 02111-1307 USA
 */
 #include <common.h>
+#include <environment.h>
 #include <serial.h>
 #include <kgdb.h>
 #include <scsi.h>
@ -36,10 +37,35 @@ int serial_initialize_r(void)
 	return 0;
 }

+/*
+ * Tell if it's OK to load the environment early in boot.
+ *
+ * If CONFIG_OF_CONFIG is defined, we'll check with the FDT to see
+ * if this is OK (defaulting to saying it's not OK).
+ *
+ * NOTE: Loading the environment early can be a bad idea if security is
+ *       important, since no verification is done on the environment.
+ *
+ * @return 0 if environment should not be loaded, !=0 if it is ok to load
+ */
+static int should_load_env(void)
+{
+#ifdef CONFIG_OF_CONTROL
+	return fdtdec_get_config_int(gd->fdt_blob, "load-environment", 0);
+#elif defined CONFIG_DELAY_ENVIRONMENT
+	return 0;
+#else
+	return 1;
+#endif
+}
+
 int env_relocate_r(void)
 {
 	/* initialize environment */
-	env_relocate();
+	if (should_load_env())
+		env_relocate();
+	else
+		set_default_env(NULL);

 	return 0;
 }