the following patch was just integrated into master:
commit 463a8587844cb9efd236c4e7b3bb52e94756d0c8
Author: Stefan Reinauer <[email protected]>
Date: Thu Oct 6 16:47:51 2011 -0700
Don't run any Option ROMs stored outside of the system flash
Right now coreboot only executes VGA Option ROMs. However, this is not
good enough. For security reasons we want to execute only Option ROMs
stored in our r/o CBFS.
This patch adds a new option to disable execution of arbitrary Option
ROMs.
Also fix the capitalization of Option ROM in src/devices/Kconfig
Change-Id: I485291c06ec5cd1f875357401831fe32ccfc5f2f
Signed-off-by: Stefan Reinauer <[email protected]>
Build-Tested: build bot (Jenkins) at Fri Mar 9 17:25:23 2012, giving +1
Reviewed-By: Ronald G. Minnich <[email protected]> at Fri Mar 9 18:33:10
2012, giving +2
Reviewed-By: Mathias Krause <[email protected]> at Fri Mar 9 20:01:31
2012, giving +2
See http://review.coreboot.org/730 for details.
-gerrit
--
coreboot mailing list: [email protected]
http://www.coreboot.org/mailman/listinfo/coreboot
