From: Fabian Pflug <f.pflug@pengutronix.de>
To: Ahmad Fatoum <a.fatoum@pengutronix.de>, barebox@lists.infradead.org
Subject: Re: [PATCH 1/3] startup: check for console before showing menu
Date: Tue, 28 Oct 2025 14:43:06 +0100 [thread overview]
Message-ID: <e23500c84662501cf43a2269d72539415da5211a.camel@pengutronix.de> (raw)
In-Reply-To: <2fc02718-032e-4ad4-89a5-e780836c430d@pengutronix.de>
Hello Ahmad,
On Tue, 2025-10-28 at 13:39 +0100, Ahmad Fatoum wrote:
> Hi Fabian,
>
> On 10/28/25 1:18 PM, Fabian Pflug wrote:
> > If there is no input available or possible due to policy settings, it
> > does not make sense to show a menu and ask for input.
> >
> > Signed-off-by: Fabian Pflug <f.pflug@pengutronix.de>
> > ---
> > common/startup.c | 18 ++++++++++--------
> > 1 file changed, 10 insertions(+), 8 deletions(-)
> >
> > diff --git a/common/startup.c b/common/startup.c
> > index 8d36ffceb4..3bc2609006 100644
> > --- a/common/startup.c
> > +++ b/common/startup.c
> > @@ -45,6 +45,7 @@
> > #include <pbl/handoff-data.h>
> > #include <libfile.h>
> > #include <fuzz.h>
> > +#include <security/config.h>
> >
> > extern initcall_t __barebox_initcalls_start[], __barebox_early_initcalls_end[],
> > __barebox_initcalls_end[];
> > @@ -361,14 +362,15 @@ static int run_init(void)
> > run_shell();
> > }
> >
> > - do {
> > - /*
> > - * Let's run the command once at least, so an error
> > - * message is printed if the file doesn't exist
> > - */
> > - run_command(MENUFILE);
> > - } while (stat(MENUFILE, &s) == 0);
> > -
> > + if(!IS_ENABLED(CONFIG_CONSOLE_DISABLE_INPUT) && IS_ALLOWED(SCONFIG_CONSOLE_INPUT)) {
>
> CONFIG_CONSOLE_DISABLE_INPUT only influences the default, it can still
> be changed later at runtime, so this is not necessarily correct.
>
> > + do {
>
> Move the IS_ALLOWED(SCONFIG_CONSOLE_INPUT) check here?
>
> Feels more natural to do it in the loop than outside. Extra benefit: We
> could use it for testing purposes (Menu entry that locks the console..)
I see the extra benefit for testing the console, but at this point, if there is no input possible, then we cannot enter
something into the console. The menu is a new screen on the device, which makes it hard to read the possible error
messages before going to console here, because the security policy did something during development, that was not
intended. I would love to have the system hang here instead and tell me as much.
I will not stop you in implementing it differently, but I will not do that.
Kind regards
Fabian
>
> Cheers,
> Ahmad
>
> > + /*
> > + * Let's run the command once at least, so an error
> > + * message is printed if the file doesn't exist
> > + */
> > + run_command(MENUFILE);
> > + } while (stat(MENUFILE, &s) == 0);
> > + }
> > hang();
> > }
> >
prev parent reply other threads:[~2025-10-28 13:43 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-28 12:18 Fabian Pflug
2025-10-28 12:18 ` [PATCH 2/3] startup: autoboot: disable on deactivated console Fabian Pflug
2025-10-28 12:49 ` Ahmad Fatoum
2025-10-28 12:18 ` [PATCH 3/3] startup: mount ps only on policy FS_EXTERNAL Fabian Pflug
2025-10-28 12:56 ` Ahmad Fatoum
2025-10-28 13:48 ` Fabian Pflug
2025-10-28 12:39 ` [PATCH 1/3] startup: check for console before showing menu Ahmad Fatoum
2025-10-28 13:43 ` Fabian Pflug [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e23500c84662501cf43a2269d72539415da5211a.camel@pengutronix.de \
--to=f.pflug@pengutronix.de \
--cc=a.fatoum@pengutronix.de \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox