Hi Ingo,
thanks a lot for taking the time to investigate and for sharing your results with us!
Am 14.09.2011 15:09 schrieb Feldschmid, Ingo:
I changed my local copy of the flashrom trunk to never set the write-enable-bit. Then, on the target machine, I double-checked with lspci that the bit isn't set. Next, I called "flashrom -w bios.bin" to let it try & write to the flash chip.
As a result, I got flashrom errors, telling me that it couldn't erase the chip:
Erasing and writing flash chip contents... Transaction error! spi_block_erase_20 failed during command execution at address 0xe3000 ... spi_block_erase_52 failed during command execution at address 0xe3000 ... spi_block_erase_d8 failed during command execution at address 0xe0000 ... spi_block_erase_60 failed during command execution ... spi_block_erase_c7 failed during command execution ... FAILED! Uh oh. Erase/write failed. Checking if anything changed. Good. It seems nothing was changed. Writing to the flash chip apparently didn't do anything.
Furthermore, a colleague told that they actually once have read the SPI accesses with a osci, and that no write / erase cycles have been executed without this bit set (sry don't have proof for that right now).
That's proof enough.
Now the interesting question is whether we can trick the chipset into thinking that we're not writing...
Regards, Carl-Daniel