Edward O'Callaghan has uploaded this change for review. ( https://review.coreboot.org/c/flashrom/+/68662 )

Change subject: programmer: Add rget_io_perms programmer req framework ......................................................................

programmer: Add rget_io_perms programmer req framework

Some programmers require special i/o port access permissions. Add a flag in the programmer entry to allow the programmer to flag this requirement to the flashrom core logic rather than each bespoke programmer init() calling rget_io_perms() in their own ways.

This allows for flashrom core logic to assume and drop privileges exactly where they are needed rather than for the entire life-time of the program. It also deduplicates the assuming privilege code in each driver.

Change-Id: I2be81995f8fe7e212a01008a5e7bdb49b1592ca2 Signed-off-by: Edward O'Callaghan quasisec@google.com --- M flashrom.c M include/programmer.h 2 files changed, 30 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/flashrom refs/changes/62/68662/1

diff --git a/flashrom.c b/flashrom.c index 624c463..908f46e 100644 --- a/flashrom.c +++ b/flashrom.c @@ -32,6 +32,7 @@ #include "flashchips.h" #include "programmer.h" #include "hwaccess_physmap.h" +#include "hwaccess_x86_io.h" /* required for rget_io_perms() */ #include "chipdrivers.h"

const char flashrom_version[] = FLASHROM_VERSION; @@ -149,6 +150,13 @@ /* Default to allowing writes. Broken programmers set this to 0. */ programmer_may_write = true;

+ if (prog->rget_io_perms) { +#if defined(__i386__) || defined(__x86_64__) + if (rget_io_perms()) + return -2; +#endif + } + struct programmer_cfg cfg;

if (param) { diff --git a/include/programmer.h b/include/programmer.h index 9603443..6da1be9 100644 --- a/include/programmer.h +++ b/include/programmer.h @@ -43,6 +43,7 @@ struct programmer_entry { const char *name; const enum programmer_type type; + const bool rget_io_perms_req; union { const struct dev_entry *const dev; const char *const note;