[flashrom] Porting flashrom to OpenBSD

[Theo de Raadt]

> I think I should clarify a bit what flashrom (BIOS/EFI/optionROM
> flasher) does/needs.
> 
> PCI config space writes (usually only to the PCI<->LPC bridge) are
> needed to tell that bridge to enable pass through for flash chip accesses.
> I/O port access is needed on some chipsets which have the passthrough
> enable in I/O space instead of PCI config space.
> Raw memory access is needed to the top 16 MB of the 32bit address space
> because that's where the BIOS flash ROM chip is mapped on i386/amd64,
> and to access the SPI flash ROM controller MMIO regions (somewhere in
> the address space, needs to be determined from PCI config space
> registers) on most chipsets released in the last 4 years.
> 
> flashrom accesses PCI config space read/write via pciutils/libpci which
> uses /dev/pci AFAICS. The problem flashrom has right now is that PCI
> config writes via /dev/pci don't work. Without PCI config space write
> access, everything else is sort of pointless (you won't have access to
> the flash chip).

I understand very well what you are trying to do.

But it is the kernel's job to protect the hardware from all manner of
direct access.  Even essentially in single user mode.

Now it is an accident of history that X is so terribly designed.  It
is currently accepted that this is so, and that's too bad, so there is
a "hole" for X.  There's a 10+ year effort to improve X so that this
hole can go away.  When it does, stuff like your code will stop working.

Unix is designed to hide the hardware, to protect the hardware, and it
does this by providing and using highly abstracted interfaces.  What
you are trying to do is get around Unix.

> Some people use flashrom to read out the flash chip and check it for
> malware, and I heard that's one of the motivations (well, besides BIOS
> updates) for trying to get it working on OpenBSD.

I don't buy any of that stuff.  By the time this has happened, you're
already hosed.