David Hendricks has uploaded this change for review. ( https://review.coreboot.org/c/flashrom/+/36986 )
Change subject: mysteries_intel: Add a section about SMM_BWP ......................................................................
mysteries_intel: Add a section about SMM_BWP
Something to point users to when SMM_BWP might be causing problems.
Change-Id: I394c033e8d4ff96433162f86aefb428d8acf6349 Signed-off-by: David Hendricks david.hendricks@gmail.com --- M Documentation/mysteries_intel.txt 1 file changed, 19 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/flashrom refs/changes/86/36986/1
diff --git a/Documentation/mysteries_intel.txt b/Documentation/mysteries_intel.txt index 10cb37d..d6ceb6a 100644 --- a/Documentation/mysteries_intel.txt +++ b/Documentation/mysteries_intel.txt @@ -5,6 +5,25 @@ A0h), so we have no clue if or where it is on ICH8. Out current policy is to not touch it at all and assume/hope it is 0.
+= SMM BIOS write protection = +Sometimes a hardware vendor will enable "SMM BIOS Write Protect" (SMM_BWP). +The bits that control this are in the BIOS_CNTL register in the LPC interface. + +When enabled, the SPI flash can only be written when the system is operating in +in System Management Mode (SMM). In other words, only code that was installed by +the BIOS can write to the flash chip. Reads are still possible with code that +runs outside of SMM, such as flashrom. + +Flashrom will attempt to detect this and print a message such as the following: +"Warning: BIOS region SMM protection is enabled!" + +Many vendor-supplied firmware update utilities do not actually write to the ROM; +instead they transfer data to/from memory which is read/written by a routine +running in SMM and is responsible for writing to the firmware ROM. This causes +severe system performance degradataion since all processors must be in SMM +context (ring -2) instead of OS context (ring 0) while the firmware ROM is being +written. + = Accesses beyond region bounds in descriptor mode = Intel's flash image tool will always expand the last region so that it covers the whole flash chip, but some boards ship with a different configuration.
Hello build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/flashrom/+/36986
to look at the new patch set (#2).
Change subject: mysteries_intel: Add a section about SMM_BWP ......................................................................
mysteries_intel: Add a section about SMM_BWP
Something to point users to when SMM_BWP might be causing problems.
Change-Id: I394c033e8d4ff96433162f86aefb428d8acf6349 Signed-off-by: David Hendricks david.hendricks@gmail.com --- M Documentation/mysteries_intel.txt 1 file changed, 19 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/flashrom refs/changes/86/36986/2
Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/36986 )
Change subject: mysteries_intel: Add a section about SMM_BWP ......................................................................
Patch Set 2: Code-Review+1
(2 comments)
Maybe mention that the "protection" is that a SMI gets triggered when trying to change the write protection status, and the handler just enables it again. I think it worked like that.
https://review.coreboot.org/c/flashrom/+/36986/2/Documentation/mysteries_int... File Documentation/mysteries_intel.txt:
https://review.coreboot.org/c/flashrom/+/36986/2/Documentation/mysteries_int... PS2, Line 9: Sometimes a hardware vendor will enable "SMM BIOS Write Protect" (SMM_BWP). Maybe mention this is done in firmware? I read this paragraph, and asked myself "How, though?"
https://review.coreboot.org/c/flashrom/+/36986/2/Documentation/mysteries_int... PS2, Line 17: Flashrom "flashrom" should be in lowercase, like on line 32
Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/36986 )
Change subject: mysteries_intel: Add a section about SMM_BWP ......................................................................
Patch Set 2: Code-Review+2
(1 comment)
Maybe mention that the "protection" is that a SMI gets triggered when trying to change the write protection status, and the handler just enables it again. I think it worked like that.
What you describe is actually an older mechanism that predates SMM_BWP. The latter became necessary because there was a race on SMP systems where one thread could write while the other was re-enabling the write protection in SMM.
https://review.coreboot.org/c/flashrom/+/36986/2/Documentation/mysteries_int... File Documentation/mysteries_intel.txt:
https://review.coreboot.org/c/flashrom/+/36986/2/Documentation/mysteries_int... PS2, Line 17: Flashrom
"flashrom" should be in lowercase, like on line 32
I'm not so sure...
Hello HAOUAS Elyes, Angel Pons, build bot (Jenkins), Nico Huber,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/flashrom/+/36986
to look at the new patch set (#4).
Change subject: mysteries_intel: Add a section about SMM_BWP ......................................................................
mysteries_intel: Add a section about SMM_BWP
Something to point users to when SMM_BWP might be causing problems.
Change-Id: I394c033e8d4ff96433162f86aefb428d8acf6349 Signed-off-by: David Hendricks david.hendricks@gmail.com --- M Documentation/mysteries_intel.txt 1 file changed, 21 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/flashrom refs/changes/86/36986/4
David Hendricks has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/36986 )
Change subject: mysteries_intel: Add a section about SMM_BWP ......................................................................
Patch Set 4:
(2 comments)
https://review.coreboot.org/c/flashrom/+/36986/2/Documentation/mysteries_int... File Documentation/mysteries_intel.txt:
https://review.coreboot.org/c/flashrom/+/36986/2/Documentation/mysteries_int... PS2, Line 9: Sometimes a hardware vendor will enable "SMM BIOS Write Protect" (SMM_BWP).
Maybe mention this is done in firmware? I read this paragraph, and asked myself "How, though?"
Good idea, done.
https://review.coreboot.org/c/flashrom/+/36986/2/Documentation/mysteries_int... PS2, Line 17: Flashrom
I'm not so sure...
I was actually curious about that, I don't think there is a trademark for flashrom (or Flashrom?) that necessitates a particular usage.
Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/36986 )
Change subject: mysteries_intel: Add a section about SMM_BWP ......................................................................
Patch Set 4: Code-Review+2
Nico Huber has submitted this change. ( https://review.coreboot.org/c/flashrom/+/36986 )
Change subject: mysteries_intel: Add a section about SMM_BWP ......................................................................
mysteries_intel: Add a section about SMM_BWP
Something to point users to when SMM_BWP might be causing problems.
Change-Id: I394c033e8d4ff96433162f86aefb428d8acf6349 Signed-off-by: David Hendricks david.hendricks@gmail.com Reviewed-on: https://review.coreboot.org/c/flashrom/+/36986 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Nico Huber nico.h@gmx.de --- M Documentation/mysteries_intel.txt 1 file changed, 21 insertions(+), 0 deletions(-)
Approvals: build bot (Jenkins): Verified Nico Huber: Looks good to me, approved
diff --git a/Documentation/mysteries_intel.txt b/Documentation/mysteries_intel.txt index 10cb37d..60ad21a 100644 --- a/Documentation/mysteries_intel.txt +++ b/Documentation/mysteries_intel.txt @@ -5,6 +5,27 @@ A0h), so we have no clue if or where it is on ICH8. Out current policy is to not touch it at all and assume/hope it is 0.
+= SMM BIOS Write Protection = +Sometimes a hardware vendor will enable "SMM BIOS Write Protect" (SMM_BWP) +in the firmware during boot time. The bits that control SMM_BWP are in the +BIOS_CNTL register in the LPC interface. + +When enabled, the SPI flash can only be written when the system is operating in +in System Management Mode (SMM). In other words, only certain code that was +installed by the BIOS can write to the flash chip. Programs that run in OS +context such as flashrom can still read the flash chip, but cannot write to the +flash chip. + +Flashrom will attempt to detect this and print a warning such as the following: +"Warning: BIOS region SMM protection is enabled!" + +Many vendor-supplied firmware update utilities do not actually write to the ROM; +instead they transfer data to/from memory which is read/written by a routine +running in SMM and is responsible for writing to the firmware ROM. This causes +severe system performance degradataion since all processors must be in SMM +context (ring -2) instead of OS context (ring 0) while the firmware ROM is being +written. + = Accesses beyond region bounds in descriptor mode = Intel's flash image tool will always expand the last region so that it covers the whole flash chip, but some boards ship with a different configuration.
-
Angel Pons (Code Review) -
David Hendricks (Code Review)
-
Nico Huber (Code Review)