The capsule-key property contains the public key in the form of an EFI
Signature List(ESL) structure. This property is relevant only in
U-Boot, and is not to be passed to the OS. Register for purging this
property from the devicetree, before passing it to the OS.
Signed-off-by: Sughosh Ganu <sughosh.g...@linaro.org>
---
lib/efi_loader/efi_capsule.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index af8a2ee940..5c6c87458f 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -9,6 +9,7 @@
#define LOG_CATEGORY LOGC_EFI
#include <common.h>
+#include <dt-structs.h>
#include <efi_loader.h>
#include <efi_variable.h>
#include <env.h>
@@ -403,6 +404,12 @@ out:
return status;
}
+
+DT_NON_COMPLIANT_PURGE(capsule_key) = {
+ .node_path = "/signature",
+ .prop = "capsule-key",
+};
+
#endif /* CONFIG_EFI_CAPSULE_AUTHENTICATE */
static __maybe_unused bool fwu_empty_capsule(struct efi_capsule_header
*capsule)
--
2.34.1
