summaryrefslogtreecommitdiff
path: root/src/mainboard
diff options
context:
space:
mode:
authorPatrick Rudolph <patrick.rudolph@9elements.com>2018-11-07 15:24:37 +0100
committerPhilipp Deppenwiese <zaolin.daisuki@gmail.com>2018-12-04 07:11:56 +0000
commitfb444b0d201e39a91c28531892fd50571ada2ad4 (patch)
tree0324f44f39a6bcd18a7bbc8599f628352cb7a7c9 /src/mainboard
parente736015fffc973ccbd6de54751e312a1fda387dc (diff)
mb/opencellular/elgon: Enable write protection
* Verify the flash write protection on each boot * Program non-volatile write protection on first boot Tested using I715791b8ae5d1db1ef587321ae5c9daa10eb7dbc. The bootblock is write-protected as long as the #WP pin is asserted low: * Reprogramming of the status register fails. * Trying to write to WP_RO region fails. Programming the WP_RO is only possible if #WP pin is high. Change-Id: I6a940c69ecb1dfd9704b2101c263570bebc5540e Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com> Reviewed-on: https://review.coreboot.org/c/29532 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Diffstat (limited to 'src/mainboard')
-rw-r--r--src/mainboard/opencellular/elgon/bootblock.c45
1 files changed, 44 insertions, 1 deletions
diff --git a/src/mainboard/opencellular/elgon/bootblock.c b/src/mainboard/opencellular/elgon/bootblock.c
index e6109f1072..9dfd1b8ba3 100644
--- a/src/mainboard/opencellular/elgon/bootblock.c
+++ b/src/mainboard/opencellular/elgon/bootblock.c
@@ -18,6 +18,9 @@
#include <soc/spi.h>
#include <soc/uart.h>
#include <soc/gpio.h>
+#include <spi_flash.h>
+#include <console/console.h>
+#include <fmap.h>
#include "mainboard.h"
void bootblock_mainboard_early_init(void)
@@ -49,8 +52,48 @@ static void configure_spi_flash(void)
gpio_output(ELGON_GPIO_SPI_MUX, 1);
}
+/**
+ * Handle flash write protection.
+ * This code verifies the write-protection on each boot.
+ * Enabling the write protection does only run on the first boot.
+ * An error is fatal as it breaks the Chain Of Trust.
+ */
+static void protect_ro_rgn_spi_flash(void)
+{
+ const struct spi_flash *flash = boot_device_spi_flash();
+ const char *fmapname = "WP_RO";
+ struct region ro_rgn;
+
+ if (fmap_locate_area(fmapname, &ro_rgn)) {
+ printk(BIOS_ERR, "%s: No %s FMAP section.\n", __func__,
+ fmapname);
+ die("Can't verify flash protections!");
+ }
+
+ u8 reg8 = 0;
+ spi_flash_status(flash, &reg8);
+
+ /* Check if SRP0 is set and RO region is protected */
+ if (!(reg8 & 0x80) ||
+ spi_flash_is_write_protected(flash, &ro_rgn) != 1) {
+ printk(BIOS_WARNING, "%s: FMAP section %s is not write-protected\n",
+ __func__, fmapname);
+
+ /*
+ * Need to protect flash region :
+ * WP_RO read only and use /WP pin
+ * non-volatile programming
+ */
+ if (spi_flash_set_write_protected(flash, &ro_rgn, 1,
+ SPI_WRITE_PROTECTION_PIN) != 0)
+ die("Failed to write-protect WP_RO region!");
+ }
+ printk(BIOS_INFO, "%s: FMAP section %s is write-protected\n",
+ __func__, fmapname);
+}
+
void bootblock_mainboard_init(void)
{
configure_spi_flash();
- // FIXME: Check SPI flash WP bits
+ protect_ro_rgn_spi_flash();
}