GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lockdown: Add Kconfigs for SPI media protection mode 

SPI_WRITE_PROTECTION_REBOOT seems to be a Winbond thing, other vendors
such as Macronix only support permanent protection but conditional on
the WP# pin state.

Change-Id: Iba7c1229c82c86e1303d74c7bc8f89662b5bb58c
Signed-off-by: Daniel Gröber <dxld@darkboxed.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41747
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
Daniel Gröber 2020-05-26 22:18:44 +02:00 committed by Patrick Georgi
parent 231020132c
commit 16dbbeb895
2 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/drivers/spi/boot_device_rw_nommap.c
View File

@ -96,9 +96,17 @@ int boot_device_wp_region(const struct region_device *rd,
if (type == MEDIA_WP) { if (type == MEDIA_WP) {
if (spi_flash_is_write_protected(boot_dev, if (spi_flash_is_write_protected(boot_dev,
region_device_region(rd)) != 1) { region_device_region(rd)) != 1) {
enum spi_flash_status_reg_lockdown lock =
SPI_WRITE_PROTECTION_REBOOT;
if (CONFIG(BOOTMEDIA_SPI_LOCK_REBOOT))
lock = SPI_WRITE_PROTECTION_REBOOT;
else if (CONFIG(BOOTMEDIA_SPI_LOCK_PIN))
lock = SPI_WRITE_PROTECTION_PIN;
else if (CONFIG(BOOTMEDIA_SPI_LOCK_PERMANENT))
lock = SPI_WRITE_PROTECTION_PERMANENT;
return spi_flash_set_write_protected(boot_dev, return spi_flash_set_write_protected(boot_dev,
region_device_region(rd), region_device_region(rd), lock);
SPI_WRITE_PROTECTION_REBOOT);
} }
/* Already write protected */ /* Already write protected */

28
src/security/lockdown/Kconfig
View File

@ -82,3 +82,31 @@ config BOOTMEDIA_LOCK_IN_VERSTAGE
possible. This option prevents using write protecting facilities in possible. This option prevents using write protecting facilities in
ramstage, like the MRC cache for example. ramstage, like the MRC cache for example.
Use this option if you don't trust code running after verstage. Use this option if you don't trust code running after verstage.
choice
prompt "SPI Flash write protection duration"
default BOOTMEDIA_SPI_LOCK_REBOOT
depends on BOOTMEDIA_LOCK_CHIP
depends on BOOT_DEVICE_SPI_FLASH
config BOOTMEDIA_SPI_LOCK_REBOOT
bool "Lock SPI flash until next reboot"
help
The SPI chip is locked until power is removed and re-applied.
Supported by Winbond parts.
config BOOTMEDIA_SPI_LOCK_PIN
bool "Lock SPI flash using WP# pin"
help
The SPI chip is locked using a non-volatile configuration bit. Writes
are only possible if the WP# is not asserted. Supported by Winbond
and Macronix parts.
config BOOTMEDIA_SPI_LOCK_PERMANENT
bool "Lock SPI flash permanently"
help
The SPI chip is permanently locked using a non-volatile configuration
bit. No writes are ever possible again after we perform the lock.
Supported by Winbond parts.
endchoice