Change in coreboot[master]: soc/intel/common: Prevent SMI storm when setting SPI WPD bit - coreboot-gerrit

19 Feb 2021


      Attention is currently required from: Patrick Rudolph, Benjamin Doron, Tim Wawrzynczak, Angel Pons.
Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/50754 )
Change subject: soc/intel/common: Prevent SMI storm when setting SPI WPD bit
......................................................................
Patch Set 1:
(2 comments)
Patchset:
PS1: 
Um, sorry, this is a mess. We first need to figure out how
the hardware behaves. Just from reading the datasheets my
interpretation is much different from what was discussed
here.
There are 3(!) BIOS_CNTL register descriptions. LPC, eSPI,
and SPI. While the former two share the PCI address, it's
possible that they indeed implement different registers (if
the platform is strapped for LPC you get one set, if strapped
for eSPI another?).
All datasheets I looked at say LPC BIOS_CNTL is 8 bits, and
eSPI and SPI BIOS_CNTL is 32 bits. I've never seen 16 bits
so far. It might not matter, though, if the LPC register
doesn't mind bigger reads/writes.
My interpretation about the SMIs:
Each device protects its own path. LPC WPD controls LPC
memory cycles, SPI WPD controls the SPI controller command,
eSPI WPD controls eSPI things (don't know what they do, have
not seen anything booting from it yet).
Each triggers its own SMI: With LPC LE and WPD high edge,
the TCO SMI is triggered. With SPI LE and WPD high edge,
the SPI SMI is triggered, ...
But that's just theory, I could be totally wrong. If it's
true though, we can handle each path individually and more
cleanly.
File src/soc/intel/common/block/smm/smihandler.c:
https://review.coreboot.org/c/coreboot/+/50754/comment/65b0bfde_758814e0 
PS1, Line 363: 	if (fast_spi_wpd_status()) {
...
I cite the homepage, emphasis is mine: https://coreboot.org/ […]
Sorry, this discussion doesn't seem to make any sense. The logic should be:
if (write enabled && configured for write disabled)
              set write disable;
Iow. just maintain the configured state. The only exception would be to
allow flashing after authentication or to allow flashing from SMM itself.
The former would need additional SMM code, so we can't fully prepare for
it anyway. And for the latter, there is dedicated hardware logic (no need
to set LE in the first place).
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/50754
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Iec498674ae70f6590c33a6bf4967876268f2b0c8
Gerrit-Change-Number: 50754
Gerrit-PatchSet: 1
Gerrit-Owner: Angel Pons th3fanbus@gmail.com
Gerrit-Reviewer: Benjamin Doron benjamin.doron00@gmail.com
Gerrit-Reviewer: Nico Huber nico.h@gmx.de
Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org
Gerrit-Reviewer: Tim Wawrzynczak twawrzynczak@chromium.org
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-CC: Patrick Rudolph patrick.rudolph@9elements.com
Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net
Gerrit-Attention: Patrick Rudolph patrick.rudolph@9elements.com
Gerrit-Attention: Benjamin Doron benjamin.doron00@gmail.com
Gerrit-Attention: Tim Wawrzynczak twawrzynczak@chromium.org
Gerrit-Attention: Angel Pons th3fanbus@gmail.com
Gerrit-Attention: Patrick Rudolph siro@das-labor.org
Gerrit-Comment-Date: Fri, 19 Feb 2021 14:23:31 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Benjamin Doron benjamin.doron00@gmail.com
Comment-In-Reply-To: Angel Pons th3fanbus@gmail.com
Gerrit-MessageType: comment