Patrick Georgi has submitted this change and it was merged. ( https://review.coreboot.org/c/coreboot/+/28724 )
Change subject: lib/boot_device: Add API for write protect a region ......................................................................
lib/boot_device: Add API for write protect a region
Add API that should be implemented by the boot media drivers for write-protecting a subregion.
Change-Id: I4c9376e2c2c7a4852f13c65824c6cd64a1c6ac0a Signed-off-by: Rizwan Qureshi rizwan.qureshi@intel.com Reviewed-on: https://review.coreboot.org/c/28724 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Patrick Rudolph siro@das-labor.org --- M src/drivers/spi/boot_device_rw_nommap.c M src/include/boot_device.h M src/lib/boot_device.c 3 files changed, 74 insertions(+), 0 deletions(-)
Approvals: build bot (Jenkins): Verified Patrick Rudolph: Looks good to me, approved
diff --git a/src/drivers/spi/boot_device_rw_nommap.c b/src/drivers/spi/boot_device_rw_nommap.c index 64d81c5..d01d778 100644 --- a/src/drivers/spi/boot_device_rw_nommap.c +++ b/src/drivers/spi/boot_device_rw_nommap.c @@ -108,3 +108,46 @@
return car_get_var_ptr(&sfg); } + +int boot_device_wp_region(struct region_device *rd, + const enum bootdev_prot_type type) +{ + uint32_t ctrlr_pr; + + /* Ensure boot device has been initialized at least once. */ + boot_device_init(); + + const struct spi_flash *boot_dev = boot_device_spi_flash(); + + if (boot_dev == NULL) + return -1; + + if (type == MEDIA_WP) { + if (spi_flash_is_write_protected(boot_dev, + region_device_region(rd)) != 1) { + return spi_flash_set_write_protected(boot_dev, + region_device_region(rd), true, + SPI_WRITE_PROTECTION_REBOOT); + } + + /* Already write protected */ + return 0; + } + + switch (type) { + case CTRLR_WP: + ctrlr_pr = WRITE_PROTECT; + break; + case CTRLR_RP: + ctrlr_pr = READ_PROTECT; + break; + case CTRLR_RWP: + ctrlr_pr = READ_WRITE_PROTECT; + break; + default: + return -1; + } + + return spi_flash_ctrlr_protect_region(boot_dev, + region_device_region(rd), ctrlr_pr); +} diff --git a/src/include/boot_device.h b/src/include/boot_device.h index cc70442..c882968 100644 --- a/src/include/boot_device.h +++ b/src/include/boot_device.h @@ -19,6 +19,22 @@ #include <commonlib/region.h>
/* + * Boot device region can be protected by 2 sources, media and controller. + * The following modes are identified. It depends on the flash chip and the + * controller if mode is actually supported. + * + * MEDIA_WP : Flash/Boot device enforces write protect + * CTRLR_WP : Controller device enforces write protect + * CTRLR_RP : Controller device enforces read protect + * CTRLR_RWP : Controller device enforces read-write protect + */ +enum bootdev_prot_type { + CTRLR_WP = 1, + CTRLR_RP = 2, + CTRLR_RWP = 3, + MEDIA_WP = 4, +}; +/* * Please note that the read-only boot device may not be coherent with * the read-write boot device. Thus, mixing mmap() and writeat() is * most likely not to work so don't rely on such semantics. @@ -45,6 +61,14 @@ struct region_device *subrd);
/* + * Write protect a sub-region of the boot device represented + * by the region device. + * Returns 0 on success, < 0 on error. + */ +int boot_device_wp_region(struct region_device *rd, + const enum bootdev_prot_type type); + +/* * Initialize the boot device. This may be called multiple times within * a stage so boot device implementations should account for this behavior. **/ diff --git a/src/lib/boot_device.c b/src/lib/boot_device.c index efbbedb..429a6d8 100644 --- a/src/lib/boot_device.c +++ b/src/lib/boot_device.c @@ -20,6 +20,13 @@ /* Provide weak do-nothing init. */ }
+int __weak boot_device_wp_region(struct region_device *rd, + const enum bootdev_prot_type type) +{ + /* return a failure, make aware WP is not implemented */ + return -1; +} + static int boot_device_subregion(const struct region *sub, struct region_device *subrd, const struct region_device *parent)