Attention is currently required from: Arthur Heymans, Felix Held, Krystian Hebel, Martin L Roth, Patrick Rudolph, Paul Menzel, Sergii Dmytruk.

Benjamin Doron has posted comments on this change by Sergii Dmytruk. ( https://review.coreboot.org/c/coreboot/+/83424?usp=email )

Change subject: drivers/smmstore: add ability to write to whole flash ......................................................................

Patch Set 13:

(1 comment)

File src/drivers/smmstore/store.c:

https://review.coreboot.org/c/coreboot/+/83424/comment/f55da617_e4bceebc?usp... : PS9, Line 63: const struct region_device *rdev = boot_device_rw();

You're right that it's worth a note. […]

Okay, thanks. I am assuming that there might be code somewhere to send the disable command when entering update mode. I think this (and maybe the HMRFPO command sent first) will unlock the ME region, but I don't believe it will unlock the descriptor. Typically you don't need to, but it is still somewhat a possibility that might cause problems.

Although now I'm remembering that part of hardware sequencing *might* include a field that indicates which region we want to write. **This could all be a non-issue.**

Practically, how have you tested this? Does it work to flash the descriptor and ME, or are you not generating such capsules? The issue I'm describing applies to closed-source firmware as well (and Intel already has the FWUpdate tool), so I'm kind of assuming that capsules are BIOS region only.

If you know how this applies to AMD/other vendors, I'm curious: my knowledge is quite Intel-specific.