[openfirmware] [commit] r2510 - cpu/arm/olpc/1.75 dev/olpc/spiflash

repository service svn at openfirmware.info
Thu Sep 15 08:08:18 CEST 2011


Author: quozl
Date: Thu Sep 15 08:08:18 2011
New Revision: 2510
URL: http://tracker.coreboot.org/trac/openfirmware/changeset/2510

Log:
OLPC XO-1.75 - enforce SPI FLASH write protect during security startup, #11228

Modified:
   cpu/arm/olpc/1.75/fw.bth
   dev/olpc/spiflash/flashif.fth
   dev/olpc/spiflash/spiflash.fth

Modified: cpu/arm/olpc/1.75/fw.bth
==============================================================================
--- cpu/arm/olpc/1.75/fw.bth	Thu Sep 15 07:39:43 2011	(r2509)
+++ cpu/arm/olpc/1.75/fw.bth	Thu Sep 15 08:08:18 2011	(r2510)
@@ -82,9 +82,16 @@
 false to stand-init-debug?
 \ true to stand-init-debug?
 
+: sec-trg   ( -- )      d# 73 gpio-set  ;  \ rising edge latches SPI_WP# low
+: sec-trg?  ( -- bit )  d# 73 gpio-pin@  ;
+
+alias ec-indexed-io-off sec-trg
+alias ec-indexed-io-off? sec-trg?
+alias ec-ixio-reboot ec-power-cycle  \ clears latch, brings SPI_WP# high
+
 false value secure?
 
-: protect-fw  ( -- )  ;
+: protect-fw  ( -- )  secure?  if  flash-protect sec-trg  then  ;
 
 hex
 : i-key-wait  ( ms -- pressed? )
@@ -280,9 +287,6 @@
 defer rm-go-hook  \ Not used, but makes security happy
 : tsc@  ( -- d.ticks )  timer0@ u>d  ;
 d# 6500 constant ms-factor
-0 value ec-indexed-io-off?    \ !!!
-: ec-indexed-io-off  ( -- )  ;  \ !!!
-: ec-ixio-reboot  ( -- )  ;   \ !!!
 
 \ idt1338 rtc and ram address map
 \     00 -> 0f  rtc

Modified: dev/olpc/spiflash/flashif.fth
==============================================================================
--- dev/olpc/spiflash/flashif.fth	Thu Sep 15 07:39:43 2011	(r2509)
+++ dev/olpc/spiflash/flashif.fth	Thu Sep 15 08:08:18 2011	(r2510)
@@ -9,6 +9,7 @@
 defer flash-read           ( adr len offset -- )
 defer flash-verify         ( adr len offset -- mismatch? )
 defer flash-erase-block    ( offset -- )
+defer flash-protect        ( -- )
 h# 10.0000 value /flash
 h# 10000 value /flash-block
 

Modified: dev/olpc/spiflash/spiflash.fth
==============================================================================
--- dev/olpc/spiflash/spiflash.fth	Thu Sep 15 07:39:43 2011	(r2509)
+++ dev/olpc/spiflash/spiflash.fth	Thu Sep 15 08:08:18 2011	(r2510)
@@ -91,6 +91,38 @@
    1 spi-cmd  ( b ) spi-out  stop-writing
 ;
 
+\ Protect the device from further writes, by setting the Status
+\ Register Protect (SRP) bit, and the Block Protect (BP2 BP1 BP0)
+\ bits.
+
+\ Caller must then lower /WP pin, which prevents further write access
+\ to the status register until the /WP pin is raised.
+
+: spi-protect  ( -- )  h# 9c spi-write-status  ;
+
+\ Turn off the protection bits.
+
+\ Is only permitted by the device if the /WP pin is high, otherwise it
+\ is ignored and the status register protection bits are unchanged.
+
+: spi-unprotect  ( -- )  h# 0 spi-write-status  ;
+
+\ Check if the device is protected from further writes, by testing for
+\ a set SRP, and if so trying to clear it, and checking if it remained
+\ clear.
+
+: spi-protected?  ( -- flag )
+    spi-read-status h# 80 and if
+	spi-read-status                ( status )
+	spi-unprotect                  ( status )
+	spi-read-status h# 80 and if   ( status )
+	    drop true exit             ( status )
+	then                           ( status )
+	spi-write-status
+    then
+    false
+;
+
 \ Erase a 64k block
 : erase-spi-block  ( offset -- )  h# d8 setup-spi-write  stop-writing  ;
 
@@ -282,7 +314,7 @@
       ( default )  true abort" Unsupported SPI FLASH ID"
    endcase
    to write-spi-flash
-   0 spi-write-status  \ Turn off write protect bits
+   spi-unprotect
 ;
 
 \ Display a message telling what kind of part was found
@@ -299,14 +331,17 @@
    then
 ;
 
-
 : spi-flash-open  ( -- )
    \ One retry
    spi-start  ['] spi-identify catch  if
       spi-start  spi-identify
    then
 ;
-: spi-flash-write-enable  ( -- )  flash-open  .spi-id cr  ;
+
+: spi-flash-write-enable  ( -- )
+   flash-open  .spi-id cr
+   spi-protected?  abort" Write Protected SPI FLASH"
+;
 
 : use-spi-flash-read  ( -- )  ['] read-spi-flash to flash-read  ;
 
@@ -319,6 +354,7 @@
    ['] write-spi-flash         to flash-write
    ['] verify-spi-flash        to flash-verify
    ['] erase-spi-block         to flash-erase-block
+   ['] spi-protect             to flash-protect
    use-spi-flash-read          \ Might be overridden
    h# 10.0000  to /flash
    /spi-eblock to /flash-block



More information about the openfirmware mailing list