Attention is currently required from: Nico Huber, Patrick Rudolph, Benjamin Doron.
Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/40830 )
Change subject: security/intel: Add option to enable SMM flash access only
......................................................................
Patch Set 9:
(1 comment)
File src/soc/intel/common/block/smm/smihandler.c:
https://review.coreboot.org/c/coreboot/+/40830/comment/3ecff269_1ec0db8f
PS9, Line 296: if (CONFIG(SPI_FLASH_SMM))
`fast_spi_init` sets SPI read config bits (to the same value as before, it's called in bootblock too […]
The call to `fast_spi_enable_wp` is to ensure that WPD does not remain set, which only matters when one wants to restrict write access to flash. Without this, flash remains unprotected until something clears WPD.
In any case, removing the call to `fast_spi_init` as well as the associated discussion does not belong to this patch.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/40830
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I157db885b5f1d0f74009ede6fb2342b20d9429fa
Gerrit-Change-Number: 40830
Gerrit-PatchSet: 9
Gerrit-Owner: Patrick Rudolph
patrick.rudolph@9elements.com
Gerrit-Reviewer: Angel Pons
th3fanbus@gmail.com
Gerrit-Reviewer: Benjamin Doron
benjamin.doron00@gmail.com
Gerrit-Reviewer: Patrick Rudolph
siro@das-labor.org
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: Nico Huber
nico.h@gmx.de
Gerrit-CC: Paul Menzel
paulepanter@users.sourceforge.net
Gerrit-Attention: Nico Huber
nico.h@gmx.de
Gerrit-Attention: Patrick Rudolph
patrick.rudolph@9elements.com
Gerrit-Attention: Benjamin Doron
benjamin.doron00@gmail.com
Gerrit-Comment-Date: Thu, 25 Mar 2021 16:42:02 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Benjamin Doron
benjamin.doron00@gmail.com
Gerrit-MessageType: comment
