February 2012 - flashrom - mail.coreboot.org

[commit] r1496 - trunk
by repository service Feb. 16, 2012

Feb. 16, 2012

Author: hailfinger Date: Thu Feb 16 21:31:25 2012 New Revision: 1496 URL: http://flashrom.org/trac/flashrom/changeset/1496 Log: Reenable forced read Forced read functionality was disabled when programmer registration was merged in r1475. We now support registering more than one controller at once for each bus type. This can happen e.g. if one SPI controller has an attached flash chip and one controller doesn't. In such a case we rely on the probe mechanism to find exactly one chip, and the probe mechanism will remember which controller/bus the flash chip is attached to. A forced read does not have the luxury of knowing which compatible controller to use, so this case is handled by always picking the first one. That may or may not be the correct one, but there is no way (yet) to specify which controller a flash chip is attached to. Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> Acked-by: Stefan Tauner <stefan.tauner(a)student.tuwien.ac.at> Modified: trunk/cli_classic.c Modified: trunk/cli_classic.c ============================================================================== --- trunk/cli_classic.c Thu Feb 16 02:43:06 2012 (r1495) +++ trunk/cli_classic.c Thu Feb 16 21:31:25 2012 (r1496) @@ -168,7 +168,7 @@ struct flashctx *fill_flash; const char *name; int namelen, opt, i, j; - int startchip = 0, chipcount = 0, option_index = 0, force = 0; + int startchip = -1, chipcount = 0, option_index = 0, force = 0; #if CONFIG_PRINT_WIKI == 1 int list_supported_wiki = 0; #endif @@ -456,11 +456,27 @@ printf("Note: flashrom can never write if the flash " "chip isn't found automatically.\n"); } -#if 0 // FIXME: What happens for a forced chip read if multiple compatible programmers are registered? if (force && read_it && chip_to_probe) { + struct registered_programmer *pgm; + int compatible_programmers = 0; printf("Force read (-f -r -c) requested, pretending " "the chip is there:\n"); - startchip = probe_flash(0, &flashes[0], 1); + /* This loop just counts compatible controllers. */ + for (j = 0; j < registered_programmer_count; j++) { + pgm = &registered_programmers[j]; + if (pgm->buses_supported & flashes[0].bustype) + compatible_programmers++; + } + if (compatible_programmers > 1) + printf("More than one compatible controller " + "found for the requested flash chip, " + "using the first one.\n"); + for (j = 0; j < registered_programmer_count; j++) { + pgm = &registered_programmers[j]; + startchip = probe_flash(pgm, 0, &flashes[0], 1); + if (startchip != -1) + break; + } if (startchip == -1) { printf("Probing for flash chip '%s' failed.\n", chip_to_probe); @@ -471,7 +487,6 @@ "contain garbage.\n"); return read_flash_to_file(&flashes[0], filename); } -#endif ret = 1; goto out_shutdown; } else if (!chip_to_probe) {

1 0

Re: [flashrom] ASUS M3N78-VM: flashrom -V
by Stefan Tauner Feb. 16, 2012

Feb. 16, 2012

Hello Matthew, thanks for your report! That mainboard was already reported: http://www.flashrom.org/pipermail/flashrom/2011-May/006496.html -- Kind regards/Mit freundlichen Grüßen, Stefan Tauner

1 0

ASUS M3N78-VM: flashrom -V
by Matthew Nubbe Feb. 15, 2012

Feb. 15, 2012

flashrom v0.9.4-r1395 on Linux 3.1.9-2-ARCH (x86_64), built with libpci 3.1.8, GCC 4.6.2, little endian flashrom is free software, get the source code at http://www.flashrom.org Calibrating delay loop... OS timer resolution is 1 usecs, 741M loops per second, 10 myus = 11 us, 100 myus = 100 us, 1000 myus = 989 us, 10000 myus = 9909 us, 4 myus = 5 us, OK. Initializing internal programmer No coreboot table found. DMI string system-manufacturer: "System manufacturer" DMI string system-product-name: "System Product Name" DMI string system-version: "System Version" DMI string baseboard-manufacturer: "ASUSTeK Computer INC." DMI string baseboard-product-name: "M3N78-VM" DMI string baseboard-version: "Rev X.0x" DMI string chassis-type: "Desktop" Found ITE Super I/O, ID 0x8712 on port 0x2e Found chipset "NVIDIA MCP78S" with PCI ID 10de:075c. This chipset is marked as untested. If you are using an up-to-date version of flashrom please email a report to flashrom(a)flashrom.org including a verbose (-V) log. Thank you! Enabling flash write... This chipset is not really supported yet. Guesswork... ISA/LPC bridge reg 0x8a contents: 0x40, bit 6 is 1, bit 5 is 0 Flash bus type is SPI SPI on this chipset is WIP. Please report any success or failure by mailing us the verbose output to flashrom(a)flashrom.org, thanks! Found SMBus device 10de:0752 at 00:01:1 MCP SPI BAR is at 0xfbf80000 Mapping NVIDIA MCP6x SPI at 0xfbf80000, unaligned size 0x544. SPI control is 0xc01a, req=0, gnt=0 Please send the output of "flashrom -V" to flashrom(a)flashrom.org with your board name: flashrom -V as the subject to help us finish support for your chipset. Thanks. OK. This chipset supports the following protocols: SPI. Super I/O ID 0x8712 is not on the list of flash capable controllers. Probing for AMIC A25L05PT, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L05PU, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L10PT, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L10PU, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L20PT, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L20PU, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L40PT, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L40PU, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L80P, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L16PT, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L16PU, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L512, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L010, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L020, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L040, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L080, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L016, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25L032, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC A25LQ032, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DF021, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DF041A, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DF081, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DF081A, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DF161, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DF321, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DF321A, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DF641, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25DQ161, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25F512B, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25FS010, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT25FS040, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT26DF041, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT26DF081A, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT26DF161, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT26DF161A, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT26F004, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45CS1282, 16896 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45DB011D, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45DB021D, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45DB041D, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45DB081D, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45DB161D, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45DB321C, 4224 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45DB321D, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel AT45DB642D, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for EMST F25L008A, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B05, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B05T, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B10, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B10T, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B20, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B20T, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B40, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B40T, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B80, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B80T, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B16T, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B32, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B32T, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B64, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25B64T, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25F05, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25F10, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25F20, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25F40, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25F80, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25F16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25F32, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25Q40, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25Q80(A), 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25Q16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25Q32(A/B), 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25Q64, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25Q128, 16384 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon EN25QH16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L512, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L1005, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L2005, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L4005, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L8005, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Chip status register is 00 Chip status register: Status Register Write Disable (SRWD) is not set Chip status register: Bit 6 is not set Chip status register: Bit 5 / Block Protect 3 (BP3) is not set Chip status register: Bit 4 / Block Protect 2 (BP2) is not set Chip status register: Bit 3 / Block Protect 1 (BP1) is not set Chip status register: Bit 2 / Block Protect 0 (BP0) is not set Chip status register: Write Enable Latch (WEL) is not set Chip status register: Write In Progress (WIP/BUSY) is not set Found Macronix flash chip "MX25L8005" (1024 kB, SPI) at physical address 0xfff00000. Probing for Macronix MX25L1605, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L1635D, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L1635E, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L3205, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L3235D, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L6405, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix MX25L12805, 16384 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Numonyx M25PE10, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Numonyx M25PE20, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Numonyx M25PE40, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Numonyx M25PE80, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Numonyx M25PE16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for PMC Pm25LV010, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for PMC Pm25LV016B, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for PMC Pm25LV020, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for PMC Pm25LV040, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for PMC Pm25LV080B, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for PMC Pm25LV512, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Sanyo LF25FW203A, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Spansion S25FL004A, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Spansion S25FL008A, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Spansion S25FL016A, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Spansion S25FL032A, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Spansion S25FL064A, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for SST SST25VF010.REMS, 128 kB: probe_spi_rems: id1 0xc2, id2 0x13 Probing for SST SST25VF016B, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for SST SST25VF032B, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for SST SST25VF064C, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for SST SST25VF040.REMS, 512 kB: probe_spi_rems: id1 0xc2, id2 0x13 Probing for SST SST25VF040B, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for SST SST25LF040A.RES, 512 kB: probe_spi_res2: id1 0x13, id2 0x13 Probing for SST SST25VF040B.REMS, 512 kB: probe_spi_rems: id1 0xc2, id2 0x13 Probing for SST SST25VF080B, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P05-A, 64 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P05.RES, 64 kB: Ignoring RES in favour of RDID. Probing for ST M25P10-A, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P10.RES, 128 kB: Ignoring RES in favour of RDID. Probing for ST M25P20, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P40, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P40-old, 512 kB: Ignoring RES in favour of RDID. Probing for ST M25P80, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P32, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P64, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25P128, 16384 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25PX16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25PX32, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST M25PX64, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25Q80, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25Q16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25Q32, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25Q64, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25Q128, 16384 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25X10, 128 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25X20, 256 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25X40, 512 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25X80, 1024 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25X16, 2048 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25X32, 4096 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Winbond W25X64, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for AMIC unknown AMIC SPI chip, 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Atmel unknown Atmel SPI chip, 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Eon unknown Eon SPI chip, 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Macronix unknown Macronix SPI chip, 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for PMC unknown PMC SPI chip, 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for SST unknown SST SPI chip, 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for ST unknown ST SPI chip, 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Sanyo unknown Sanyo SPI chip, 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Generic unknown SPI chip (RDID), 0 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2014 Probing for Generic unknown SPI chip (REMS), 0 kB: probe_spi_rems: id1 0xc2, id2 0x13 Flash image seems to be a legacy BIOS. Disabling coreboot-related checks. Reading old flash chip contents... done. Erasing and writing flash chip... Trying erase function 0... 0x000000-0x000fff:EW, 0x001000-0x001fff:EW, 0x002000-0x002fff:EW, 0x003000-0x003fff:EW, 0x004000-0x004fff:EW, 0x005000-0x005fff:EW, 0x006000-0x006fff:EW, 0x007000-0x007fff:EW, 0x008000-0x008fff:EW, 0x009000-0x009fff:EW, 0x00a000-0x00afff:EW, 0x00b000-0x00bfff:EW, 0x00c000-0x00cfff:EW, 0x00d000-0x00dfff:EW, 0x00e000-0x00efff:EW, 0x00f000-0x00ffff:EW, 0x010000-0x010fff:EW, 0x011000-0x011fff:EW, 0x012000-0x012fff:EW, 0x013000-0x013fff:EW, 0x014000-0x014fff:EW, 0x015000-0x015fff:EW, 0x016000-0x016fff:EW, 0x017000-0x017fff:EW, 0x018000-0x018fff:EW, 0x019000-0x019fff:EW, 0x01a000-0x01afff:EW, 0x01b000-0x01bfff:EW, 0x01c000-0x01cfff:EW, 0x01d000-0x01dfff:EW, 0x01e000-0x01efff:EW, 0x01f000-0x01ffff:EW, 0x020000-0x020fff:EW, 0x021000-0x021fff:EW, 0x022000-0x022fff:EW, 0x023000-0x023fff:EW, 0x024000-0x024fff:EW, 0x025000-0x025fff:EW, 0x026000-0x026fff:EW, 0x027000-0x027fff:EW, 0x028000-0x028fff:EW, 0x029000-0x029fff:EW, 0x02a000-0x02afff:EW, 0x02b000-0x02bfff:EW, 0x02c000-0x02cfff:EW, 0x02d000-0x02dfff:EW, 0x02e000-0x02efff:EW, 0x02f000-0x02ffff:EW, 0x030000-0x030fff:EW, 0x031000-0x031fff:EW, 0x032000-0x032fff:EW, 0x033000-0x033fff:EW, 0x034000-0x034fff:EW, 0x035000-0x035fff:EW, 0x036000-0x036fff:EW, 0x037000-0x037fff:EW, 0x038000-0x038fff:EW, 0x039000-0x039fff:EW, 0x03a000-0x03afff:EW, 0x03b000-0x03bfff:EW, 0x03c000-0x03cfff:EW, 0x03d000-0x03dfff:EW, 0x03e000-0x03efff:EW, 0x03f000-0x03ffff:EW, 0x040000-0x040fff:EW, 0x041000-0x041fff:EW, 0x042000-0x042fff:EW, 0x043000-0x043fff:EW, 0x044000-0x044fff:EW, 0x045000-0x045fff:EW, 0x046000-0x046fff:EW, 0x047000-0x047fff:EW, 0x048000-0x048fff:EW, 0x049000-0x049fff:EW, 0x04a000-0x04afff:EW, 0x04b000-0x04bfff:EW, 0x04c000-0x04cfff:EW, 0x04d000-0x04dfff:EW, 0x04e000-0x04efff:EW, 0x04f000-0x04ffff:EW, 0x050000-0x050fff:EW, 0x051000-0x051fff:EW, 0x052000-0x052fff:EW, 0x053000-0x053fff:EW, 0x054000-0x054fff:EW, 0x055000-0x055fff:EW, 0x056000-0x056fff:EW, 0x057000-0x057fff:EW, 0x058000-0x058fff:EW, 0x059000-0x059fff:EW, 0x05a000-0x05afff:EW, 0x05b000-0x05bfff:EW, 0x05c000-0x05cfff:EW, 0x05d000-0x05dfff:EW, 0x05e000-0x05efff:EW, 0x05f000-0x05ffff:EW, 0x060000-0x060fff:EW, 0x061000-0x061fff:EW, 0x062000-0x062fff:W, 0x063000-0x063fff:W, 0x064000-0x064fff:W, 0x065000-0x065fff:W, 0x066000-0x066fff:W, 0x067000-0x067fff:W, 0x068000-0x068fff:S, 0x069000-0x069fff:S, 0x06a000-0x06afff:S, 0x06b000-0x06bfff:S, 0x06c000-0x06cfff:S, 0x06d000-0x06dfff:S, 0x06e000-0x06efff:S, 0x06f000-0x06ffff:S, 0x070000-0x070fff:S, 0x071000-0x071fff:S, 0x072000-0x072fff:S, 0x073000-0x073fff:S, 0x074000-0x074fff:S, 0x075000-0x075fff:S, 0x076000-0x076fff:S, 0x077000-0x077fff:S, 0x078000-0x078fff:S, 0x079000-0x079fff:S, 0x07a000-0x07afff:S, 0x07b000-0x07bfff:S, 0x07c000-0x07cfff:S, 0x07d000-0x07dfff:S, 0x07e000-0x07efff:S, 0x07f000-0x07ffff:S, 0x080000-0x080fff:S, 0x081000-0x081fff:S, 0x082000-0x082fff:S, 0x083000-0x083fff:S, 0x084000-0x084fff:S, 0x085000-0x085fff:S, 0x086000-0x086fff:S, 0x087000-0x087fff:S, 0x088000-0x088fff:S, 0x089000-0x089fff:S, 0x08a000-0x08afff:S, 0x08b000-0x08bfff:S, 0x08c000-0x08cfff:S, 0x08d000-0x08dfff:S, 0x08e000-0x08efff:S, 0x08f000-0x08ffff:EW, 0x090000-0x090fff:EW, 0x091000-0x091fff:EW, 0x092000-0x092fff:EW, 0x093000-0x093fff:EW, 0x094000-0x094fff:EW, 0x095000-0x095fff:EW, 0x096000-0x096fff:EW, 0x097000-0x097fff:EW, 0x098000-0x098fff:EW, 0x099000-0x099fff:EW, 0x09a000-0x09afff:EW, 0x09b000-0x09bfff:EW, 0x09c000-0x09cfff:EW, 0x09d000-0x09dfff:EW, 0x09e000-0x09efff:EW, 0x09f000-0x09ffff:EW, 0x0a0000-0x0a0fff:EW, 0x0a1000-0x0a1fff:EW, 0x0a2000-0x0a2fff:EW, 0x0a3000-0x0a3fff:EW, 0x0a4000-0x0a4fff:EW, 0x0a5000-0x0a5fff:EW, 0x0a6000-0x0a6fff:EW, 0x0a7000-0x0a7fff:EW, 0x0a8000-0x0a8fff:EW, 0x0a9000-0x0a9fff:EW, 0x0aa000-0x0aafff:EW, 0x0ab000-0x0abfff:EW, 0x0ac000-0x0acfff:EW, 0x0ad000-0x0adfff:EW, 0x0ae000-0x0aefff:EW, 0x0af000-0x0affff:EW, 0x0b0000-0x0b0fff:EW, 0x0b1000-0x0b1fff:EW, 0x0b2000-0x0b2fff:EW, 0x0b3000-0x0b3fff:EW, 0x0b4000-0x0b4fff:EW, 0x0b5000-0x0b5fff:EW, 0x0b6000-0x0b6fff:EW, 0x0b7000-0x0b7fff:EW, 0x0b8000-0x0b8fff:EW, 0x0b9000-0x0b9fff:EW, 0x0ba000-0x0bafff:EW, 0x0bb000-0x0bbfff:EW, 0x0bc000-0x0bcfff:EW, 0x0bd000-0x0bdfff:EW, 0x0be000-0x0befff:EW, 0x0bf000-0x0bffff:EW, 0x0c0000-0x0c0fff:EW, 0x0c1000-0x0c1fff:EW, 0x0c2000-0x0c2fff:EW, 0x0c3000-0x0c3fff:EW, 0x0c4000-0x0c4fff:EW, 0x0c5000-0x0c5fff:EW, 0x0c6000-0x0c6fff:EW, 0x0c7000-0x0c7fff:EW, 0x0c8000-0x0c8fff:EW, 0x0c9000-0x0c9fff:EW, 0x0ca000-0x0cafff:EW, 0x0cb000-0x0cbfff:EW, 0x0cc000-0x0ccfff:EW, 0x0cd000-0x0cdfff:EW, 0x0ce000-0x0cefff:EW, 0x0cf000-0x0cffff:EW, 0x0d0000-0x0d0fff:EW, 0x0d1000-0x0d1fff:EW, 0x0d2000-0x0d2fff:EW, 0x0d3000-0x0d3fff:EW, 0x0d4000-0x0d4fff:EW, 0x0d5000-0x0d5fff:EW, 0x0d6000-0x0d6fff:EW, 0x0d7000-0x0d7fff:EW, 0x0d8000-0x0d8fff:EW, 0x0d9000-0x0d9fff:EW, 0x0da000-0x0dafff:EW, 0x0db000-0x0dbfff:EW, 0x0dc000-0x0dcfff:E, 0x0dd000-0x0ddfff:E, 0x0de000-0x0defff:E, 0x0df000-0x0dffff:S, 0x0e0000-0x0e0fff:S, 0x0e1000-0x0e1fff:S, 0x0e2000-0x0e2fff:S, 0x0e3000-0x0e3fff:S, 0x0e4000-0x0e4fff:S, 0x0e5000-0x0e5fff:S, 0x0e6000-0x0e6fff:S, 0x0e7000-0x0e7fff:S, 0x0e8000-0x0e8fff:S, 0x0e9000-0x0e9fff:S, 0x0ea000-0x0eafff:S, 0x0eb000-0x0ebfff:S, 0x0ec000-0x0ecfff:S, 0x0ed000-0x0edfff:S, 0x0ee000-0x0eefff:S, 0x0ef000-0x0effff:S, 0x0f0000-0x0f0fff:EW, 0x0f1000-0x0f1fff:EW, 0x0f2000-0x0f2fff:EW, 0x0f3000-0x0f3fff:EW, 0x0f4000-0x0f4fff:EW, 0x0f5000-0x0f5fff:EW, 0x0f6000-0x0f6fff:EW, 0x0f7000-0x0f7fff:EW, 0x0f8000-0x0f8fff:EW, 0x0f9000-0x0f9fff:EW, 0x0fa000-0x0fafff:EW, 0x0fb000-0x0fbfff:EW, 0x0fc000-0x0fcfff:EW, 0x0fd000-0x0fdfff:EW, 0x0fe000-0x0fefff:EW, 0x0ff000-0x0fffff:EW Erase/write done. Verifying flash... VERIFIED.

1 0

Re: [flashrom] [PATCH] Workaround missing %hhx support in MinGW sscanf
by Carl-Daniel Hailfinger Feb. 15, 2012

Feb. 15, 2012

Am 16.02.2012 02:30 schrieb Idwer Vollering: > 2012/2/16 Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net>: >> > MinGW uses standard Windows C libraries and those apparently don't >> > support %hhx for sscanf into a uint8_t. SCNx8 isn't available either. >> > >> > Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> > Acked-by: Idwer Vollering <vidwer(a)gmail.com> Thanks, committed in r1495. Regards, Carl-Daniel -- http://www.hailfinger.org/

1 0

[commit] r1495 - trunk
by repository service Feb. 15, 2012

Feb. 15, 2012

Author: hailfinger Date: Thu Feb 16 02:43:06 2012 New Revision: 1495 URL: http://flashrom.org/trac/flashrom/changeset/1495 Log: Workaround missing %hhx support in MinGW sscanf MinGW uses standard Windows C libraries and those apparently don't support %hhx for sscanf into a uint8_t. SCNx8 isn't available either. Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> Acked-by: Idwer Vollering <vidwer(a)gmail.com> Modified: trunk/dummyflasher.c Modified: trunk/dummyflasher.c ============================================================================== --- trunk/dummyflasher.c Thu Feb 16 02:13:00 2012 (r1494) +++ trunk/dummyflasher.c Thu Feb 16 02:43:06 2012 (r1495) @@ -199,7 +199,12 @@ } } for (i = 0; i < spi_blacklist_size; i++) { - sscanf(tmp + i * 2, "%2hhx", &spi_blacklist[i]); + unsigned int tmp2; + /* SCNx8 is apparently not supported by MSVC (and thus + * MinGW), so work around it with an extra variable + */ + sscanf(tmp + i * 2, "%2x", &tmp2); + spi_blacklist[i] = (uint8_t)tmp2; } msg_pdbg("SPI blacklist is "); for (i = 0; i < spi_blacklist_size; i++) @@ -230,7 +235,12 @@ } } for (i = 0; i < spi_ignorelist_size; i++) { - sscanf(tmp + i * 2, "%2hhx", &spi_ignorelist[i]); + unsigned int tmp2; + /* SCNx8 is apparently not supported by MSVC (and thus + * MinGW), so work around it with an extra variable + */ + sscanf(tmp + i * 2, "%2x", &tmp2); + spi_ignorelist[i] = (uint8_t)tmp2; } msg_pdbg("SPI ignorelist is "); for (i = 0; i < spi_ignorelist_size; i++)

1 0

[PATCH] Workaround missing %hhx support in MinGW sscanf
by Carl-Daniel Hailfinger Feb. 15, 2012

Feb. 15, 2012

MinGW uses standard Windows C libraries and those apparently don't support %hhx for sscanf into a uint8_t. SCNx8 isn't available either. Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> Index: flashrom-mingw_workaround_broken_sscanf_uint8t/dummyflasher.c =================================================================== --- flashrom-mingw_workaround_broken_sscanf_uint8t/dummyflasher.c (Revision 1492) +++ flashrom-mingw_workaround_broken_sscanf_uint8t/dummyflasher.c (Arbeitskopie) @@ -199,7 +199,12 @@ } } for (i = 0; i < spi_blacklist_size; i++) { - sscanf(tmp + i * 2, "%2hhx", &spi_blacklist[i]); + unsigned int tmp2; + /* SCNx8 is apparently not supported by MSVC (and thus + * MinGW), so work around it with an extra variable + */ + sscanf(tmp + i * 2, "%2x", &tmp2); + spi_blacklist[i] = (uint8_t)tmp2; } msg_pdbg("SPI blacklist is "); for (i = 0; i < spi_blacklist_size; i++) @@ -230,7 +235,12 @@ } } for (i = 0; i < spi_ignorelist_size; i++) { - sscanf(tmp + i * 2, "%2hhx", &spi_ignorelist[i]); + unsigned int tmp2; + /* SCNx8 is apparently not supported by MSVC (and thus + * MinGW), so work around it with an extra variable + */ + sscanf(tmp + i * 2, "%2x", &tmp2); + spi_ignorelist[i] = (uint8_t)tmp2; } msg_pdbg("SPI ignorelist is "); for (i = 0; i < spi_ignorelist_size; i++) -- http://www.hailfinger.org/

2 1

Re: [flashrom] [PATCH] ichspi.c: warn user and disable writes when a protected address range is detected.
by Carl-Daniel Hailfinger Feb. 15, 2012

Feb. 15, 2012

Am 16.02.2012 00:58 schrieb Stefan Tauner: > This includes not only the notorious read-only flash descriptors and locked ME > regions, but also the more rarely used PRs (Protected Ranges). > The user can enforce write support by specifying ich_spi_force=yes in the > programmer options, but we don't tell him the exact syntax interactively. He > has to read it up in the man page. > > Signed-off-by: Stefan Tauner <stefan.tauner(a)student.tuwien.ac.at> > Acked-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> The Intel rant seems to be missing... I thought you only wanted to move it. > diff --git a/flashrom.8 b/flashrom.8 > index e5f9a29..76aacba 100644 > --- a/flashrom.8 > +++ b/flashrom.8 > @@ -315,6 +315,21 @@ important opcodes are inaccessible due to lockdown; or if more than one flash > chip is attached). The other options (swseq, hwseq) select the respective mode > (if possible). > .sp > +ICH8 and later southbridges may also have locked address ranges of different > +kinds if a valid descriptor was written to it. The flash address space is then > +partitioned in multiple so called "Flash Regions" containing the host firmware, > +the ME firmware and so on respectively. The flash descriptor can also specify up > +to 5 so called "Protected Regions", which are freely chosen address ranges > +independent from the aforementioned "Flash Regions". All of them can be write > +and/or read protected individually. If flashrom detects such a lock it will > +disable write support unless the user forces it with the > +.sp > +.B " flashrom \-p internal:ich_spi_force=yes" > +.sp > +syntax. If this leads to erase or write accesses to the flash it would most > +probably bring it into an inconsistent and unbootable state and we will not > +provide any support in such a case. > +.sp > If you have an Intel chipset with an ICH6 or later southbridge and if you want > to set specific IDSEL values for a non-default flash chip or an embedded > controller (EC), you can use the > diff --git a/ichspi.c b/ichspi.c > index 163ecf1..711f46c 100644 > --- a/ichspi.c > +++ b/ichspi.c > @@ -1444,11 +1445,16 @@ static void do_ich9_spi_frap(uint32_t frap, int i) > if (base > limit) { > /* this FREG is disabled */ > msg_pdbg("%s region is unused.\n", region_names[i]); > - return; > + return 0; > } > > - msg_pdbg("0x%08x-0x%08x is %s\n", base, (limit | 0x0fff), > + msg_pdbg("0x%08x-0x%08x is %s.\n", base, (limit | 0x0fff), > access_names[rwperms]); > + if (rwperms == 0x3) > + return 0; > + > + msg_pinfo("WARNING: %s region is not fully accessible.\n", region_names[i]); Odd. For FRAP, the _pinfo message just says "not fully accessible", but for PR, the _pinfo message mentions the actual read/write protection. Not terribly important to fix, just a small inconsistency I noticed. > + return 1; > } > > /* In contrast to FRAP and the master section of the descriptor the bits > @@ -1460,21 +1466,25 @@ static void do_ich9_spi_frap(uint32_t frap, int i) > #define ICH_PR_PERMS(pr) (((~((pr) >> PR_RP_OFF) & 1) << 0) | \ > ((~((pr) >> PR_WP_OFF) & 1) << 1)) > > -static void prettyprint_ich9_reg_pr(int i) > +/* returns 0 if range is unused (i.e. r/w) */ > +static int ich9_handle_pr(int i) > { > - static const char *const access_names[4] = { > - "locked", "read-only", "write-only", "read-write" > + static const char *const access_names[3] = { > + "locked", "read-only", "write-only" > }; > uint8_t off = ICH9_REG_PR0 + (i * 4); > uint32_t pr = mmio_readl(ich_spibar + off); > - int rwperms = ICH_PR_PERMS(pr); > + unsigned int rwperms = ICH_PR_PERMS(pr); > > - msg_pdbg2("0x%02X: 0x%08x (PR%u", off, pr, i); > - if (rwperms != 0x3) > - msg_pdbg2(")\n0x%08x-0x%08x is %s\n", ICH_FREG_BASE(pr), > - ICH_FREG_LIMIT(pr) | 0x0fff, access_names[rwperms]); > - else > - msg_pdbg2(", unused)\n"); > + if (rwperms == 0x3) { > + msg_pdbg2("0x%02X: 0x%08x (PR%u is unused)\n", off, pr, i); > + return 0; > + } > + > + msg_pdbg("0x%02X: 0x%08x ", off, pr); > + msg_pinfo("WARNING: PR%u: 0x%08x-0x%08x is %s.\n", i, ICH_FREG_BASE(pr), > + ICH_FREG_LIMIT(pr) | 0x0fff, access_names[rwperms]); > + return 1; > } > > /* Set/Clear the read and write protection enable bits of PR register @i > @@ -1537,6 +1547,8 @@ int ich_init_spi(struct pci_dev *dev, uint32_t base, void *rcrb, > uint16_t spibar_offset, tmp2; > uint32_t tmp; > char *arg; > + int ich_spi_force = 0; > + int ich_spi_has_locks = 0; Rename to ich_spi_has_region_locks or ich_spi_has_locked_regions or somesuch. Otherwise there is possibility for confusion between ich_spi_has_locks and ichspi_lock. > int desc_valid = 0; > struct ich_descriptors desc = {{ 0 }}; > enum ich_spi_mode { > @@ -1665,17 +1693,36 @@ int ich_init_spi(struct pci_dev *dev, uint32_t base, void *rcrb, > msg_pdbg("BRWA 0x%02x, ", ICH_BRWA(tmp)); > msg_pdbg("BRRA 0x%02x\n", ICH_BRRA(tmp)); > > - /* Decode and print FREGx and FRAP registers */ > + /* Handle FREGx and FRAP registers */ > for (i = 0; i < 5; i++) > - do_ich9_spi_frap(tmp, i); > + ich_spi_has_locks |= ich9_handle_frap(tmp, i); > } > > - /* try to disable PR locks before printing them */ > - if (!ichspi_lock) > - for (i = 0; i < 5; i++) > + for (i = 0; i < 5; i++) { > + /* if not locked down try to disable PR locks first */ > + if (!ichspi_lock) > ich9_set_pr(i, 0, 0); > - for (i = 0; i < 5; i++) > - prettyprint_ich9_reg_pr(i); > + ich_spi_has_locks |= ich9_handle_pr(i); > + } > + > + if (ich_spi_has_locks) { > Thanks for working tirelessly to get this code into an excellent shape! Regards, Carl-Daniel -- http://www.hailfinger.org/

2 1

[commit] r1494 - trunk
by repository service Feb. 15, 2012

Feb. 15, 2012

Author: stefanct Date: Thu Feb 16 02:13:00 2012 New Revision: 1494 URL: http://flashrom.org/trac/flashrom/changeset/1494 Log: ichspi.c: warn user and disable writes when a protected address range is detected. This includes not only the notorious read-only flash descriptors and locked ME regions, but also the more rarely used PRs (Protected Ranges). The user can enforce write support by specifying ich_spi_force=yes in the programmer options, but we don't tell him the exact syntax interactively. He has to read it up in the man page. Signed-off-by: Stefan Tauner <stefan.tauner(a)student.tuwien.ac.at> Acked-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> Modified: trunk/flashrom.8 trunk/ichspi.c Modified: trunk/flashrom.8 ============================================================================== --- trunk/flashrom.8 Thu Feb 16 00:40:23 2012 (r1493) +++ trunk/flashrom.8 Thu Feb 16 02:13:00 2012 (r1494) @@ -315,6 +315,21 @@ chip is attached). The other options (swseq, hwseq) select the respective mode (if possible). .sp +ICH8 and later southbridges may also have locked address ranges of different +kinds if a valid descriptor was written to it. The flash address space is then +partitioned in multiple so called "Flash Regions" containing the host firmware, +the ME firmware and so on respectively. The flash descriptor can also specify up +to 5 so called "Protected Regions", which are freely chosen address ranges +independent from the aforementioned "Flash Regions". All of them can be write +and/or read protected individually. If flashrom detects such a lock it will +disable write support unless the user forces it with the +.sp +.B " flashrom \-p internal:ich_spi_force=yes" +.sp +syntax. If this leads to erase or write accesses to the flash it would most +probably bring it into an inconsistent and unbootable state and we will not +provide any support in such a case. +.sp If you have an Intel chipset with an ICH6 or later southbridge and if you want to set specific IDSEL values for a non-default flash chip or an embedded controller (EC), you can use the Modified: trunk/ichspi.c ============================================================================== --- trunk/ichspi.c Thu Feb 16 00:40:23 2012 (r1493) +++ trunk/ichspi.c Thu Feb 16 02:13:00 2012 (r1494) @@ -1421,7 +1421,8 @@ #define ICH_BRWA(x) ((x >> 8) & 0xff) #define ICH_BRRA(x) ((x >> 0) & 0xff) -static void do_ich9_spi_frap(uint32_t frap, int i) +/* returns 0 if region is unused or r/w */ +static int ich9_handle_frap(uint32_t frap, int i) { static const char *const access_names[4] = { "locked", "read-only", "write-only", "read-write" @@ -1436,19 +1437,26 @@ int offset = ICH9_REG_FREG0 + i * 4; uint32_t freg = mmio_readl(ich_spibar + offset); - msg_pdbg("0x%02X: 0x%08x (FREG%i: %s)\n", - offset, freg, i, region_names[i]); - base = ICH_FREG_BASE(freg); limit = ICH_FREG_LIMIT(freg); if (base > limit) { /* this FREG is disabled */ - msg_pdbg("%s region is unused.\n", region_names[i]); - return; + msg_pdbg2("0x%02X: 0x%08x FREG%i: %s region is unused.\n", + offset, freg, i, region_names[i]); + return 0; + } + msg_pdbg("0x%02X: 0x%08x ", offset, freg); + if (rwperms == 0x3) { + msg_pdbg("FREG%i: %s region (0x%08x-0x%08x) is %s.\n", i, + region_names[i], base, (limit | 0x0fff), + access_names[rwperms]); + return 0; } - msg_pdbg("0x%08x-0x%08x is %s\n", base, (limit | 0x0fff), - access_names[rwperms]); + msg_pinfo("FREG%i: WARNING: %s region (0x%08x-0x%08x) is %s.\n", i, + region_names[i], base, (limit | 0x0fff), + access_names[rwperms]); + return 1; } /* In contrast to FRAP and the master section of the descriptor the bits @@ -1460,21 +1468,25 @@ #define ICH_PR_PERMS(pr) (((~((pr) >> PR_RP_OFF) & 1) << 0) | \ ((~((pr) >> PR_WP_OFF) & 1) << 1)) -static void prettyprint_ich9_reg_pr(int i) +/* returns 0 if range is unused (i.e. r/w) */ +static int ich9_handle_pr(int i) { - static const char *const access_names[4] = { - "locked", "read-only", "write-only", "read-write" + static const char *const access_names[3] = { + "locked", "read-only", "write-only" }; uint8_t off = ICH9_REG_PR0 + (i * 4); uint32_t pr = mmio_readl(ich_spibar + off); - int rwperms = ICH_PR_PERMS(pr); + unsigned int rwperms = ICH_PR_PERMS(pr); - msg_pdbg2("0x%02X: 0x%08x (PR%u", off, pr, i); - if (rwperms != 0x3) - msg_pdbg2(")\n0x%08x-0x%08x is %s\n", ICH_FREG_BASE(pr), - ICH_FREG_LIMIT(pr) | 0x0fff, access_names[rwperms]); - else - msg_pdbg2(", unused)\n"); + if (rwperms == 0x3) { + msg_pdbg2("0x%02X: 0x%08x (PR%u is unused)\n", off, pr, i); + return 0; + } + + msg_pdbg("0x%02X: 0x%08x ", off, pr); + msg_pinfo("PR%u: WARNING: 0x%08x-0x%08x is %s.\n", i, ICH_FREG_BASE(pr), + ICH_FREG_LIMIT(pr) | 0x0fff, access_names[rwperms]); + return 1; } /* Set/Clear the read and write protection enable bits of PR register @i @@ -1537,6 +1549,8 @@ uint16_t spibar_offset, tmp2; uint32_t tmp; char *arg; + int ich_spi_force = 0; + int ich_spi_rw_restricted = 0; int desc_valid = 0; struct ich_descriptors desc = {{ 0 }}; enum ich_spi_mode { @@ -1631,6 +1645,22 @@ } free(arg); + arg = extract_programmer_param("ich_spi_force"); + if (arg && !strcmp(arg, "yes")) { + ich_spi_force = 1; + msg_pspew("ich_spi_force enabled.\n"); + } else if (arg && !strlen(arg)) { + msg_perr("Missing argument for ich_spi_force.\n"); + free(arg); + return ERROR_FATAL; + } else if (arg) { + msg_perr("Unknown argument for ich_spi_force: \"%s\" " + "(not \"yes\").\n", arg); + free(arg); + return ERROR_FATAL; + } + free(arg); + tmp2 = mmio_readw(ich_spibar + ICH9_REG_HSFS); msg_pdbg("0x04: 0x%04x (HSFS)\n", tmp2); prettyprint_ich9_reg_hsfs(tmp2); @@ -1665,17 +1695,36 @@ msg_pdbg("BRWA 0x%02x, ", ICH_BRWA(tmp)); msg_pdbg("BRRA 0x%02x\n", ICH_BRRA(tmp)); - /* Decode and print FREGx and FRAP registers */ + /* Handle FREGx and FRAP registers */ for (i = 0; i < 5; i++) - do_ich9_spi_frap(tmp, i); + ich_spi_rw_restricted |= ich9_handle_frap(tmp, i); } - /* try to disable PR locks before printing them */ - if (!ichspi_lock) - for (i = 0; i < 5; i++) + for (i = 0; i < 5; i++) { + /* if not locked down try to disable PR locks first */ + if (!ichspi_lock) ich9_set_pr(i, 0, 0); - for (i = 0; i < 5; i++) - prettyprint_ich9_reg_pr(i); + ich_spi_rw_restricted |= ich9_handle_pr(i); + } + + if (ich_spi_rw_restricted) { + msg_pinfo("Please send a verbose log to " + "flashrom(a)flashrom.org if this board is not " + "listed on\n" + "http://flashrom.org/Supported_hardware#Supported_mainboards " + "yet.\n"); + if (!ich_spi_force) + programmer_may_write = 0; + msg_pinfo("Writes have been disabled. You can enforce " + "write support with the\nich_spi_force " + "programmer option, but it will most likely " + "harm your hardware!\nIf you force flashrom " + "you will get no support if something " + "breaks.\n"); + if (ich_spi_force) + msg_pinfo("Continuing with write support " + "because the user forced us to!\n"); + } tmp = mmio_readl(ich_spibar + ICH9_REG_SSFS); msg_pdbg("0x90: 0x%02x (SSFS)\n", tmp & 0xff);

1 0

Re: [flashrom] [PATCH] ichspi.c: warn user and disable writes when a protected address range is detected.
by Carl-Daniel Hailfinger Feb. 15, 2012

Feb. 15, 2012

Am 14.02.2012 16:39 schrieb Stefan Tauner: > This includes not only the notorious read-only flash descriptors and locked ME > regions, but also the more rarely used PRs (Protected Ranges). > The user can enforce write support by specifying ich_spi_force=yes in the Can you rename ich_spi_force to ich_ignore_locks or something similar? The PR stuff is not limited to SPI IIRC. > programmer options, but we don't tell him the exact syntax interactively. He > has to read it up in the man page. > --- > non-verbose sample output from my laptop (that contains both protection types): > […] > Found chipset "Intel QS57". Enabling flash write... WARNING: SPI Configuration Lockdown activated. > WARNING: Flash Descriptor region is not fully accessible and flashrom can > not deal with this correctly yet. > Intel does not provide us the necessary documention to support this. > Please send a verbose log to flashrom(a)flashrom.org if this board is not listed on > http://flashrom.org/Supported_hardware#Supported_mainboards yet. > Writes have been disabled. You can enforce write support with the > ich_spi_force programmer option, but it will most likely harm your hardware! > If you force flashrom you will get no support if something breaks. > WARNING: Management Engine region is not fully accessible and flashrom can > not deal with this correctly yet. > WARNING: PR0: 0x007d0000-0x01ffffff is read-only. > OK. > […] Ugh. This is the non-verbose version? I had trouble parsing that message flood on the first attempt. May I suggest an alternative wording? WARNING: Flash Descriptor region is not fully accessible. WARNING: Management Engine region is not fully accessible. WARNING: PR0: 0x007d0000-0x01ffffff is read-only. Please send a verbose log to flashrom(a)flashrom.org if this board is not listed on http://flashrom.org/Supported_hardware#Supported_mainboards yet. Writes have been disabled. You can force writing with the ich_ignore_locks programmer option, but it will most likely brick your mainboard. The idea of my wording is to postpone the explanatory message until all "not accessible"/"read-only" messages have been printed. The complaint about Intel belongs to the man page or to intel_mysteries.txt (if you choose the latter, just mention intel_mysteries.txt at the relevant location in the man page). For the override case, just print the message above and additionally "You have been warned. We will not support you if write/erase bricks your mainboard. Proceeding anyway because user specified ich_ignore_locks." or something similar. > Signed-off-by: Stefan Tauner <stefan.tauner(a)student.tuwien.ac.at> > --- > flashrom.8 | 15 ++++++++++ > ichspi.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++------------ > 2 files changed, 86 insertions(+), 19 deletions(-) > > diff --git a/flashrom.8 b/flashrom.8 > index 2f23cb8..0ca4fdb 100644 > --- a/flashrom.8 > +++ b/flashrom.8 > @@ -315,6 +315,21 @@ important opcodes are inaccessible due to lockdown; or if more than one flash > chip is attached). The other options (swseq, hwseq) select the respective mode > (if possible). > .sp > +ICH8 and later southbridges may also have locked address ranges of different > +kinds if a valid descriptor was written to it. The flash address space is then > +partitioned in multiple so called "Flash Regions" containing the host firmware, > +the ME firmware and so on respectively. The flash descriptor can also specify up > +to 5 so called "Protected Regions", which are freely chosen address ranges > +independent from the aforementioned "Flash Regions". All of them can be write > +and/or read protected individually. If flashrom detects such a lock it will > +disable write support unless the user forces it with the > +.sp > +.B " flashrom \-p internal:ich_spi_force=yes" > +.sp > +syntax. If this leads to erase or write accesses to the flash it would most > +probably bring it into an inconsistent and unbootable state and we will not > +provide any support in such a case. > +.sp > If you have an Intel chipset with an ICH6 or later southbridge and if you want > to set specific IDSEL values for a non-default flash chip or an embedded > controller (EC), you can use the > diff --git a/ichspi.c b/ichspi.c > index 163ecf1..f21bb35 100644 > --- a/ichspi.c > +++ b/ichspi.c > @@ -1416,12 +1416,36 @@ static int ich_spi_send_multicommand(struct flashctx *flash, > return ret; > } > > +static void ich9_disable_writes(int force, const char * const msg) > +{ > + /* Don't scare and spam the user even more if write support was already > + * disabled */ > + if (!programmer_may_write) > + return; > + > + msg_pinfo("%s", msg); > + msg_pinfo("Please send a verbose log to flashrom(a)flashrom.org if this " > + "board is not listed on\n" > + "http://flashrom.org/Supported_hardware#Supported_mainboards " > + "yet.\n"); > + if (!force) { > + programmer_may_write = 0; > + msg_pinfo("Writes have been disabled. You can enforce write " > + "support with the\nich_spi_force programmer option, " > + "but it will most likely harm your hardware!\n"); > + } > + msg_pinfo("If you force flashrom you will get no support if something " > + "breaks.\n"); > + if (force) > + msg_pinfo("Continuing anyway because the user forced us to!\n"); > +} > + > #define ICH_BMWAG(x) ((x >> 24) & 0xff) > #define ICH_BMRAG(x) ((x >> 16) & 0xff) > #define ICH_BRWA(x) ((x >> 8) & 0xff) > #define ICH_BRRA(x) ((x >> 0) & 0xff) > > -static void do_ich9_spi_frap(uint32_t frap, int i) > +static void ich9_handle_frap(uint32_t frap, int i, int force) > { > static const char *const access_names[4] = { > "locked", "read-only", "write-only", "read-write" > @@ -1447,8 +1471,15 @@ static void do_ich9_spi_frap(uint32_t frap, int i) > return; > } > > - msg_pdbg("0x%08x-0x%08x is %s\n", base, (limit | 0x0fff), > + msg_pdbg("0x%08x-0x%08x is %s.\n", base, (limit | 0x0fff), > access_names[rwperms]); > + if (rwperms == 0x3) > + return; > + > + msg_pinfo("WARNING: %s region is not fully accessible and flashrom " > + "can\nnot deal with this correctly yet.\n", region_names[i]); > + ich9_disable_writes(force, "Intel does not provide us the necessary " > + "documention to support this.\n"); > } > > /* In contrast to FRAP and the master section of the descriptor the bits > @@ -1460,21 +1491,25 @@ static void do_ich9_spi_frap(uint32_t frap, int i) > #define ICH_PR_PERMS(pr) (((~((pr) >> PR_RP_OFF) & 1) << 0) | \ > ((~((pr) >> PR_WP_OFF) & 1) << 1)) > > -static void prettyprint_ich9_reg_pr(int i) > +static void ich9_handle_pr(int i, int force) > { > - static const char *const access_names[4] = { > - "locked", "read-only", "write-only", "read-write" > + static const char *const access_names[3] = { > + "locked", "read-only", "write-only" > }; > uint8_t off = ICH9_REG_PR0 + (i * 4); > uint32_t pr = mmio_readl(ich_spibar + off); > - int rwperms = ICH_PR_PERMS(pr); > + unsigned int rwperms = ICH_PR_PERMS(pr); > > - msg_pdbg2("0x%02X: 0x%08x (PR%u", off, pr, i); > - if (rwperms != 0x3) > - msg_pdbg2(")\n0x%08x-0x%08x is %s\n", ICH_FREG_BASE(pr), > - ICH_FREG_LIMIT(pr) | 0x0fff, access_names[rwperms]); > - else > - msg_pdbg2(", unused)\n"); > + if (rwperms >= 0x3) { Why >= 0x3? AFAICS the ICH_PR_PERMS macro can only have values between 0x0 and 0x3. > + msg_pdbg2("0x%02X: 0x%08x (PR%u is unused)\n", off, pr, i); > + return; > + } > + > + msg_pdbg("0x%02X: 0x%08x ", off, pr); > + msg_pinfo("WARNING: PR%u: 0x%08x-0x%08x is %s.\n", i, ICH_FREG_BASE(pr), > + ICH_FREG_LIMIT(pr) | 0x0fff, access_names[rwperms]); > + ich9_disable_writes(force, "There is no way to change this from within " > + "the system.\n"); > } > > /* Set/Clear the read and write protection enable bits of PR register @i > @@ -1537,6 +1572,7 @@ int ich_init_spi(struct pci_dev *dev, uint32_t base, void *rcrb, > uint16_t spibar_offset, tmp2; > uint32_t tmp; > char *arg; > + int ich_spi_force = 0; > int desc_valid = 0; > struct ich_descriptors desc = {{ 0 }}; > enum ich_spi_mode { > @@ -1631,6 +1667,22 @@ int ich_init_spi(struct pci_dev *dev, uint32_t base, void *rcrb, > } > free(arg); > > + arg = extract_programmer_param("ich_spi_force"); > + if (arg && !strcmp(arg, "yes")) { > + ich_spi_force = 1; > + msg_pspew("ich_spi_force enabled.\n"); > + } else if (arg && !strlen(arg)) { > + msg_perr("Missing argument for ich_spi_force.\n"); > + free(arg); > + return ERROR_FATAL; > + } else if (arg) { > + msg_perr("Unknown argument for ich_spi_force: \"%s\" " > + "(not \"yes\").\n", arg); > + free(arg); > + return ERROR_FATAL; > + } > + free(arg); > + > tmp2 = mmio_readw(ich_spibar + ICH9_REG_HSFS); > msg_pdbg("0x04: 0x%04x (HSFS)\n", tmp2); > prettyprint_ich9_reg_hsfs(tmp2); > @@ -1665,17 +1717,17 @@ int ich_init_spi(struct pci_dev *dev, uint32_t base, void *rcrb, > msg_pdbg("BRWA 0x%02x, ", ICH_BRWA(tmp)); > msg_pdbg("BRRA 0x%02x\n", ICH_BRRA(tmp)); > > - /* Decode and print FREGx and FRAP registers */ > + /* Handle FREGx and FRAP registers */ > for (i = 0; i < 5; i++) > - do_ich9_spi_frap(tmp, i); > + ich9_handle_frap(tmp, i, ich_spi_force); > } > > - /* try to disable PR locks before printing them */ > - if (!ichspi_lock) > - for (i = 0; i < 5; i++) > + for (i = 0; i < 5; i++) { > + /* if not locked down try to disable PR locks first */ > + if (!ichspi_lock) > ich9_set_pr(i, 0, 0); > - for (i = 0; i < 5; i++) > - prettyprint_ich9_reg_pr(i); > + ich9_handle_pr(i, ich_spi_force); > + } > > tmp = mmio_readl(ich_spibar + ICH9_REG_SSFS); > msg_pdbg("0x90: 0x%02x (SSFS)\n", tmp & 0xff); Looks good otherwise. Acked-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> Regards, Carl-Daniel -- http://www.hailfinger.org/

2 3

Re: [flashrom] [PATCH] Warn of one-time programmable (OTP) memory
by Carl-Daniel Hailfinger Feb. 15, 2012

Feb. 15, 2012

Hi Stefan, I have waited very long to comment on this patch, but I simply don't have a good answer for it. I do think that OTP/security memory is outside the scope of flashrom because it behaves totally different (and testing could easily kill a dozen chips during inital implementation, and a few chips each time someone wants to retest). Now if something is outside the scope of flashrom, should flashrom care at all? Some flash chips have GPI pins (GPIO without output) and those are readable with commands very similar to those used by flashrom. Should we tell the user about that feature as well? We had such requests in the past, and I was not really happy about them. Am 14.08.2011 05:36 schrieb Stefan Tauner: > Some flash chips contain OTP memory that we cannot read or write (yet). This > prohibits us from cloning them, hence warn the user if we detect it. Not all > variations of the tagged chips contain OTP memory. They are often only > enabled on request or have there own ordering numbers. There is usually no > way to distinguish them afaict. Well, it's worse than that. I've seen datasheets for flash chips with the following features: - OTP memory, fully readable, fully writable once in one block (no partial writes) - OTP memory, fully readable, fully writable once per byte (partial writes work just fine) - OTP memory, fully readable, fully writable once per 2^n-byte block - OTP memory, fully readable, only half of it writable, the other half is programmed at the factory - OTP memory, fully readable, completely pre-written at the factory (so it's rather ROM than OTP) - Hidden OTP memory which can only be read if you know the correct security ID which is part of the OTP - (The complete flash chip behaves like OTP (well, like ROM) once a specific write-once status register is set)... not relevant here And then you have the problem that multiple chip generations often share the same device ID, so probing can't differentiate between a chip with OTP and one without unless you're extremely lucky. Do we want FEATURE_OTP and FEATURE_MAYBE_OTP? Do we warn if a chip has a readonly serial number? That means the chip can't be cloned. People who care about OTP for clonability reasons probably care about other readonly contents as well. OTOH, other people who don't use the OTP at all (for them, OTP is just an accidental feature of a cheap flash chip) don't want to be bothered by yet another line of output from flashrom which has no relevancy for them. > The manpage is extended to describe the backgrounds a bit. While i touched > that section, i also reformatted it a bit and removed the reference to the trac > bug reporting facility. > > This patch is based on the idea and code of Daniel Lenski. > --- > the reason i removed the trac reference is that it is not used, i have no (working) > login and it does not really fits our work flow anyway. the only user that used it > in my active flashrom time ranted about it. would anyone miss it? To be honest, trac is something I never got along with. Even if I'm logged in there is no way for me to read the email address of the person who opened the bug, so communication is pretty difficult. I'm all for checking all old trac tickets, closing what can be closed, and moving all other tickets in some way or another to the mailing list. However, we should mention that it's OK to report bugs via IRC as well as long as the reporter mentions a way to contact hi/her (i.e. email address). Removing the trac reference and adding the IRC reference should be a separate patch, though, which is Acked-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> One comment about the man page formatting: This part of the patch may conflict with the other man page formatting patch you sent. By the way, do you know any good reference about man page formatting? I had trouble finding out what .RE and .RS do. > the new default verbosity output is: > This chip may contain one-time programmable memory (see man page for details). > > the new dbg1/-V output is: > This chip may contain one-time programmable memory. > flashrom cannot read, and may never be able to write it. flashrom may not be > able to completely clone the contents of this chip (see man page for details). > > there are certainly more chips with OTP memories out there. additions are > welcome! > i have only tagged chips with user modifiably OTP/security memories. there > are some chips out there which have factory written IDs, but no OTP memory. > a similar warning could/should be printed for those, but i did not want to > abuse the OTP tag for this. also, there is nothing we can do, but read those IDs. > duplicating chips using them is not possible, so a warning in the man page might > suffice? > > since OTP memory (or any other data outside the linear address range of the > "main" memory) can not be handled very well in flashrom right now, it is not > clear how OTP memory access could be developed further. of course one could > start to implement the basic methods needed to read them, but how they > should be integrated then is not clear. > one could start by adding an otp_print field to the struct flashchip and just > dump the bytes on probing similar to the lock printing (not on default verbosity > and possibly only if there are bytes different from 0x00 and 0xff). > > carl-daniel seems to be quite sceptical regarding handling OTP at all in flashrom. > he stated "it does not really fit our device model at all", which is right, but could > be changed. > he also asked "should we really handle all features present in flash chips?" > and the answer is probably "no", although i don't see a reason why we should > not, if the effort is not too much and the architectural changes needed aren't > obvious NOGOs. > but OTP regions are somewhat special, they are not just *some* feature. Indeed. > one argument is the one stated in the message printed by this patch. flashrom > is not able to clone chips that have some kind of OTP memory written right now. > imo "cloning" a flash chip seems to be a valid use case for a tool like flashrom as > long as it is feasible (which is not for chips with unique, preconfigured IDs). > > the other more theoretical argument i have is: OTP memory is just some > memory in the flash chip. it may need other access patterns, but it is not much > different from other write protected memories apart from that. > some chips implement it in a way that it is even possible to erase the OTP > regions. those regions are just normal flash and are made unwriteable by fuses > in a register or another addressable byte. > > Signed-off-by: Daniel Lenski <dlenski(a)gmail.com> > Signed-off-by: Stefan Tauner <stefan.tauner(a)student.tuwien.ac.at> Stefan: I don't want to veto this patch, and although I think that OTP handling is not really a flashrom feature, I think that this implementation satisfies the quality criteria for merging, so the patch is Acked-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006(a)gmx.net> Regards, Carl-Daniel -- http://www.hailfinger.org/

2 3