[coreboot] flashrom: Support Pm49FL004/2 Block Locking Registers
c-d.hailfinger.devel.2006 at gmx.net
Sat May 17 15:46:03 CEST 2008
On 17.05.2008 14:35, Peter Stuge wrote:
> On Sat, May 17, 2008 at 01:51:32PM +0200, Stefan Reinauer wrote:
>> Peter Stuge wrote:
>>> I don't think any other part of flashrom bit twiddling does restore,
>> Yes. They all leave it open, as they do with the board enable and the
>> chipset enable. This is a very high security risk.
> Why do you think so?
> If flashrom was able to unlock something, then another process with
> sufficient credentials will also be able to unlock that something.
> I seem to recall that there was discussion about restoring the board
> enable/chipset enable signals too. Someone mentioned that it wasn't
> always possible or safe to restore signals. I am not sure what the
> technical motivation for that was. I guess this is what has left the
> code in limbo..
Allow me to clarify. In the past, we restored the memory which was
written to during the flash chip probe sequence. That has proven to be
harmful, especially because the restored values sometimes did constitute
a valid command sequence for some flash chips. Since flash chips are
supposed to be ROM, a restore is only needed/possible if the flash chip
is shadowed by memory and in that case we can't probe for it anyway. So
any restore of the memory location contents touched during chip probe is
dangerous and pointless.
Restoring the state of the chipset and the lockbits of a chip is not
dangerous (unless a restore has unwanted side effects which would be
triggered by touching the register in the first place as well) and could
even be argued to constitute good style.
More information about the coreboot