| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 |
- From 29a398fd71efa8ca63a98125ec4e5c1de96bcb85 Mon Sep 17 00:00:00 2001
- From: Timothy Pearson <tpearson@raptorengineeringinc.com>
- Date: Tue, 7 Apr 2015 13:45:06 -0500
- Subject: [PATCH 01/17] southbridge/intel/common/spi: Add Flash lockdown option
- Under certain circumstances it is desirable to prevent
- software from altering the contents of the Flash device.
- This Expert-mode option allows the hardware write protect
- to be set on bootup.
- Change-Id: I92d3c60a69f1688579d954d0476e30a6892cf4d5
- Signed-off-by: Timothy Pearson <tpearson@raptorengineeringinc.com>
- ---
- src/southbridge/intel/common/Kconfig | 9 +++++++++
- src/southbridge/intel/common/spi.c | 20 ++++++++++++++------
- 2 files changed, 23 insertions(+), 6 deletions(-)
- diff --git a/src/southbridge/intel/common/Kconfig b/src/southbridge/intel/common/Kconfig
- index 949310b..52ada30 100644
- --- a/src/southbridge/intel/common/Kconfig
- +++ b/src/southbridge/intel/common/Kconfig
- @@ -1,2 +1,11 @@
- config SOUTHBRIDGE_INTEL_COMMON
- def_bool n
- +
- +config LOCK_DOWN_BIOS
- + bool "Lock down the Flash"
- + default n
- + depends on EXPERT
- + help
- + Lock down the Flash chip to prevent further modification by software.
- + WARNING: Altering the contents of the Flash chip further WILL require
- + a hardware programmer AND physical access to the Flash device!
- \ No newline at end of file
- diff --git a/src/southbridge/intel/common/spi.c b/src/southbridge/intel/common/spi.c
- index 1d3ebf6..04f05ed 100644
- --- a/src/southbridge/intel/common/spi.c
- +++ b/src/southbridge/intel/common/spi.c
- @@ -2,6 +2,7 @@
- * Copyright (c) 2011 The Chromium OS Authors.
- * Copyright (C) 2009, 2010 Carl-Daniel Hailfinger
- * Copyright (C) 2011 Stefan Tauner
- + * Copyright (C) 2015 Timothy Pearson <tpearson@raptorengineeringinc.com>, Raptor Engineering
- *
- * See file CREDITS for list of people who contributed to this
- * project.
- @@ -353,11 +354,19 @@ void spi_init(void)
-
- ich_set_bbar(0);
-
- - /* Disable the BIOS write protect so write commands are allowed. */
- - pci_read_config_byte(dev, 0xdc, &bios_cntl);
- - /* Deassert SMM BIOS Write Protect Disable. */
- - bios_cntl &= ~(1 << 5);
- - pci_write_config_byte(dev, 0xdc, bios_cntl | 0x1);
- + if (IS_ENABLED(CONFIG_LOCK_DOWN_BIOS)) {
- + /* Engage lockdown */
- + hsfs = readw_(&ich9_spi->hsfs);
- + hsfs = hsfs | HSFS_FLOCKDN;
- + writew_(hsfs, &ich9_spi->hsfs);
- + }
- + else {
- + /* Disable the BIOS write protect so write commands are allowed. */
- + pci_read_config_byte(dev, 0xdc, &bios_cntl);
- + /* Deassert SMM BIOS Write Protect Disable. */
- + bios_cntl &= ~(1 << 5);
- + pci_write_config_byte(dev, 0xdc, bios_cntl | 0x1);
- + }
- }
- #ifndef __SMM__
- static void spi_init_cb(void *unused)
- @@ -927,7 +936,6 @@ static int ich_hwseq_write(struct spi_flash *flash,
- return 0;
- }
-
- -
- static struct spi_flash *spi_flash_hwseq(struct spi_slave *spi)
- {
- struct spi_flash *flash = NULL;
- --
- 1.9.1
|
