[Skiboot] [PATCH v5 10/20] secvar_devtree: add physical presence mode helper

[Eric Richter]

This patch adds a simple function to detect whether or not physical
presence has been asserted. In the current implementation, all physical
presence assertion modes are treated the same.

Signed-off-by: Eric Richter <erichte at linux.ibm.com>
---
 libstb/secvar/secvar_devtree.c | 15 +++++++++++++++
 libstb/secvar/secvar_devtree.h |  2 ++
 2 files changed, 17 insertions(+)

diff --git a/libstb/secvar/secvar_devtree.c b/libstb/secvar/secvar_devtree.c
index 998093f7..5903ee34 100644
--- a/libstb/secvar/secvar_devtree.c
+++ b/libstb/secvar/secvar_devtree.c
@@ -64,3 +64,18 @@ void secvar_set_update_status(uint64_t val)
 	dt_add_property_u64(secvar_node, "update-status", val);
 }
 
+bool secvar_check_physical_presence(void)
+{
+	struct dt_node *secureboot;
+
+	secureboot = dt_find_by_path(dt_root, "ibm,secureboot");
+	if (!secureboot)
+		return false;
+
+	if (dt_find_property(secureboot, "clear-os-keys")
+			|| dt_find_property(secureboot, "clear-all-keys")
+			|| dt_find_property(secureboot, "clear-mfg-keys"))
+		return true;
+
+	return false;
+}
diff --git a/libstb/secvar/secvar_devtree.h b/libstb/secvar/secvar_devtree.h
index c1c923d9..04eb00de 100644
--- a/libstb/secvar/secvar_devtree.h
+++ b/libstb/secvar/secvar_devtree.h
@@ -10,4 +10,6 @@ void secvar_init_devnode(const char *compatible);
 void secvar_set_status(const char *status);
 void secvar_set_update_status(uint64_t val);
 
+bool secvar_check_physical_presence(void);
+
 #endif
-- 
2.27.0