[coreboot-gerrit] Change in ...coreboot[master]: mb/opencellular/elgon: Enable write protection
Philipp Deppenwiese (Code Review)
gerrit at coreboot.org
Tue Dec 4 08:11:59 CET 2018
Philipp Deppenwiese has submitted this change and it was merged. ( https://review.coreboot.org/c/coreboot/+/29532 )
Change subject: mb/opencellular/elgon: Enable write protection
......................................................................
mb/opencellular/elgon: Enable write protection
* Verify the flash write protection on each boot
* Program non-volatile write protection on first boot
Tested using I715791b8ae5d1db1ef587321ae5c9daa10eb7dbc.
The bootblock is write-protected as long as the #WP pin is asserted low:
* Reprogramming of the status register fails.
* Trying to write to WP_RO region fails.
Programming the WP_RO is only possible if #WP pin is high.
Change-Id: I6a940c69ecb1dfd9704b2101c263570bebc5540e
Signed-off-by: Patrick Rudolph <patrick.rudolph at 9elements.com>
Reviewed-on: https://review.coreboot.org/c/29532
Tested-by: build bot (Jenkins) <no-reply at coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki at gmail.com>
---
M src/mainboard/opencellular/elgon/bootblock.c
1 file changed, 44 insertions(+), 1 deletion(-)
Approvals:
build bot (Jenkins): Verified
Philipp Deppenwiese: Looks good to me, approved
diff --git a/src/mainboard/opencellular/elgon/bootblock.c b/src/mainboard/opencellular/elgon/bootblock.c
index e6109f1..9dfd1b8 100644
--- a/src/mainboard/opencellular/elgon/bootblock.c
+++ b/src/mainboard/opencellular/elgon/bootblock.c
@@ -18,6 +18,9 @@
#include <soc/spi.h>
#include <soc/uart.h>
#include <soc/gpio.h>
+#include <spi_flash.h>
+#include <console/console.h>
+#include <fmap.h>
#include "mainboard.h"
void bootblock_mainboard_early_init(void)
@@ -49,8 +52,48 @@
gpio_output(ELGON_GPIO_SPI_MUX, 1);
}
+/**
+ * Handle flash write protection.
+ * This code verifies the write-protection on each boot.
+ * Enabling the write protection does only run on the first boot.
+ * An error is fatal as it breaks the Chain Of Trust.
+ */
+static void protect_ro_rgn_spi_flash(void)
+{
+ const struct spi_flash *flash = boot_device_spi_flash();
+ const char *fmapname = "WP_RO";
+ struct region ro_rgn;
+
+ if (fmap_locate_area(fmapname, &ro_rgn)) {
+ printk(BIOS_ERR, "%s: No %s FMAP section.\n", __func__,
+ fmapname);
+ die("Can't verify flash protections!");
+ }
+
+ u8 reg8 = 0;
+ spi_flash_status(flash, ®8);
+
+ /* Check if SRP0 is set and RO region is protected */
+ if (!(reg8 & 0x80) ||
+ spi_flash_is_write_protected(flash, &ro_rgn) != 1) {
+ printk(BIOS_WARNING, "%s: FMAP section %s is not write-protected\n",
+ __func__, fmapname);
+
+ /*
+ * Need to protect flash region :
+ * WP_RO read only and use /WP pin
+ * non-volatile programming
+ */
+ if (spi_flash_set_write_protected(flash, &ro_rgn, 1,
+ SPI_WRITE_PROTECTION_PIN) != 0)
+ die("Failed to write-protect WP_RO region!");
+ }
+ printk(BIOS_INFO, "%s: FMAP section %s is write-protected\n",
+ __func__, fmapname);
+}
+
void bootblock_mainboard_init(void)
{
configure_spi_flash();
- // FIXME: Check SPI flash WP bits
+ protect_ro_rgn_spi_flash();
}
--
To view, visit https://review.coreboot.org/c/coreboot/+/29532
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I6a940c69ecb1dfd9704b2101c263570bebc5540e
Gerrit-Change-Number: 29532
Gerrit-PatchSet: 3
Gerrit-Owner: Patrick Rudolph <patrick.rudolph at 9elements.com>
Gerrit-Reviewer: David Hendricks <david.hendricks at gmail.com>
Gerrit-Reviewer: Patrick Rudolph <patrick.rudolph at 9elements.com>
Gerrit-Reviewer: Philipp Deppenwiese <zaolin.daisuki at gmail.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply at coreboot.org>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot-gerrit/attachments/20181204/6d660940/attachment.html>
More information about the coreboot-gerrit
mailing list