[flashrom] [PATCH 5/7] warn if SMM BIOS Write Protection is detected in BIOS_CNTL
Stefan Reinauer
stefan.reinauer at coreboot.org
Thu Nov 3 19:08:37 CET 2011
* Stefan Tauner <stefan.tauner at student.tuwien.ac.at> [111103 12:04]:
> > > - new = old | 1;
> > > + /*
> > > + * Quote from the 6 Series datasheet:
> > > + * "5: SMM BIOS Write Protect Disable (SMM_BWP)
> > > + * 1 = BIOS region SMM protection is enabled.
> > > + * The BIOS Region is not writable unless all processors are in SMM."
> > > + * In earlier chipsets this bit is reserved. */
> > > + if (old& (5<< 1)) {
> > > + msg_pinfo("WARNING: BIOS region SMM protection is enabled!\n");
> > > + return -1;
> > You might still be successful doing the write, in case the SMM handler
> > does not enforce the protection, so maybe you should just print a
> > warning but not return here?
>
> in chromium-os you are trying to unset that bit[1], but according to the
> data sheet this is impossible - it is R/W LO (read/write lock once).
Maybe there is some confusion about R/W LO. The bit can be locked, but
that does not mean it is locked automatically by writing / clearing it.
Once it is locked, the lock can not be undone except by a chipset reset.
> and you degraded the warning to dbg level... certainly not suited for
> upstream, but maybe desirable for chromium(?).
Yes, that was done on purpose, because the lock bit that prevents the
bit from being cleared also produces a warning.
> have you tested this on a board where SMM_BWP is really set to 1? we
> may wanna try to write it anyway, but it would be far more interesting
> if it really works on some chipsets :)
Yes, this was implemented to fix a problem I was seeing, and it solved
the problem. :-)
Stefan
More information about the flashrom
mailing list