[flashrom] [SPAM?]Re: [PATCH] revamp the warning of failing to set BIOS write enable in enable_flash_ich

Feldschmid, Ingo ifel at msc-ge.com
Wed Sep 14 13:51:04 CEST 2011 

I checked with some boards with different Intel chipsets (some ICHx and Tunnel Creeks), and the bios write enable bit does affect the SPI bus. It will quite likely be ignored for PCI accesses, but everything that goes through the chipset is affected by this bit. So if this bit is not set, write accesses to the bios flash will not be clocked to the SPI bus.

And there is really nothing we can do about the SMM-based locking mechanism if it is enabled. SMIs cannot be prevented, and the code from SMM mode cannot be changed (except through some tricky code injection on faulty S3 resumes, but that is something we should leave to the black hats :-) ). 

Besides, if I remember correctly, I think the Computrace OS modules can also restore their corresponding bios modules as long as at least one of their protection parts (bios, bootloader, OS, etc) survives. So at least in this case we don't really gain anything by trying to find a new way to break into SMM mode. 

Best regards,
Ingo

Es gelten unsere Allgemeinen Leistungsbedingungen die 
unter http://www.msc-ge.com/alb abrufbar sind. 

Our standard terms and conditions apply which are 
available under http://www.msc-ge.com/alb .

 
MSC Vertriebs GmbH

Sitz der Gesellschaft:	Industriestrasse 16, 76297 Stutensee 
Handelsregister: 	Mannheim, HRB Nr. 10 3631
Geschäftsführung: 	Manfred Schwarztrauber, Lothar Kümmerlin, Rüdiger Kuhn, Silvano Geissler
Umsatzsteuer ID Nr.: 	DE 143 585 507
WEEE Reg. Nr. :		DE 31011852
 

Gleichmann & Co. Electronics GmbH

Sitz der Gesellschaft:	Schraderstrasse 44, 67227 Frankenthal 
Handelsregister:	Ludwigshafen, HRB Nr. 21305
Geschäftsführung:	Manfred Schwarztrauber, Thomas Klein
Umsatzsteuer ID Nr. :	DE 148 421 329            
WEEE Reg. Nr.:		DE 72277043
 

Diese E-Mail enthält vertrauliche und/ oder rechtlich geschützte Informationen. 
Wenn Sie nicht der beabsichtigte Empfänger sind, informieren Sie bitte sofort den
Absender und löschen Sie diese E-Mail. 
 
The information contained in this message is confidential and/ or protected by law. 
If you are not the intended recipient, please contact the sender and delete this message. 


-----Ursprüngliche Nachricht-----
Von: flashrom-bounces+ifel=msc-ge.com at flashrom.org [mailto:flashrom-bounces+ifel=msc-ge.com at flashrom.org] Im Auftrag von Stefan Tauner
Gesendet: Mittwoch, 14. September 2011 01:05
An: Carl-Daniel Hailfinger
Cc: flashrom at flashrom.org
Betreff: [SPAM?]Re: [flashrom] [PATCH] revamp the warning of failing to set BIOS write enable in enable_flash_ich

On Wed, 14 Sep 2011 00:27:47 +0200
Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net> wrote:

> Am 20.06.2011 15:15 schrieb Stefan Tauner:
> > and if we are at it... shouldn't we tell the user, that writes will
> > most probably fail in cases where we could not enable bios writes?
> 
> Ah, you assume that this is an interface similar to SPI where commands
> exist. That is not the case.
> Parallel/LPC/FWH flash uses normal reads/writes as commands, and the
> state machine inside the flash chip decides whether a write is indeed a
> write of the flash chip or rather a command sent to the flash chip. Due
> to that, a Parallel/LPC/FWH programmer with disabled write can't even
> probe because the probe function uses writes which are treated as
> commands by the chip.
> If you want an appropriate warning, it should be something like this:
> "Could not enable full flash access on chipset FOO. flashrom may be
> unable to find the flash chip and/or write to it."
> 
> 
> > e.g. the dell optiplex in the "It is hard to report a bug...."-thread:
> > BIOS Lock Enable: enabled, BIOS Write Enable: disabled, BIOS_CNTL is 0x2
> > tried to set 0xdc to 0x3 on ICH8/ICH8R failed (WARNING ONLY)
> >
> > as far as i understand this, an SMI is triggered and in this case the
> > SMM prohibits us from setting the BIOS WE bit, but this may not be
> > always the case. is there a way around it? i don't know enough about SMM
> > to be sure if that's correct.
> >
> > in any case we won't be able to erase/write if the WE bit is not set and
> > we should indicate this clearly to the user imho. what do you think?
> 
> Sure, warning the user is good. But please consider the problems
> outlined above.

after a quick recheck on IRC the real problem is this:
we always try to set the BIOS write enable bit in enable_flash_ich and
warn it this fails even though it may not be necessary for accessing
the attached flash chip (because we think SPI is not affected).

a patch for this problem would need to know which bus we want to
access. this is (more or less) derivable from the chipset's boot straps
in GCS. the best option is probably to not call enable_flash_ich at all
if the motherboard is strapped to spi (or pci), rename enable_flash_ich
to enable_flash_ich_lpc (or so) and to add a warning to it like the one
mentioned by carldani above.

does that sound like a plan?

-- 
Kind regards/Mit freundlichen Grüßen, Stefan Tauner

_______________________________________________
flashrom mailing list
flashrom at flashrom.org
http://www.flashrom.org/mailman/listinfo/flashrom

More information about the flashrom mailing list