mirror of
https://review.coreboot.org/flashrom.git
synced 2025-10-13 22:10:23 +02:00
2a092bbef7
This patch introduces chipset-level protections and adds checks that abort writing to flash if any of the requested regions are write-protected by chip, dynamically by a chipset, or are defined as read-only. This change is done so it's harder for user to brick his own platform. Information about read-only regions can easily be missed as flashrom can output a lot of information on screen. Even if you notice you might not know if one of the regions you requested falls inside read-only range, especially if using different names for those regions. If you are flashing multiple regions or ones that partially overlap with read-only parts then that could result in flashrom failing in the middle leaving you in unknown state. This patch was tested with multiple combinations of unprotected/protected regions: - dummy programmer ```sh flashrom -p dummy:hwwp=yes,emulate=S25FL128L --wp-enable \ --wp-range 0x00040000,0x00fc0000 \ -l <(echo '00000000:0004ffff part1') -i part1 -E ``` - internal programmer on Protectli VP6670 with Dasharo UEFI firmware with locked BIOS boot medium (PR0, part of bios region) ```sh flashrom -p internal --ifd -i me -i bios -w test.rom ``` Normal reads and flashing non-protected regions was also tested. Change-Id: Ia0dd847923e20ff0081ceae68984369e98952c2f Signed-off-by: Michał Iwanicki <michal.iwanicki@3mdeb.com> Reviewed-on: https://review.coreboot.org/c/flashrom/+/89222 Reviewed-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
41 lines
1.4 KiB
ReStructuredText
41 lines
1.4 KiB
ReStructuredText
===============================
|
|
Recent development (unreleased)
|
|
===============================
|
|
|
|
This document describes the major changes that are expected to be included in
|
|
the next release of flashrom and which are currently only available by source
|
|
code checkout (see :doc:`../dev_guide/building_from_source`). These changes
|
|
may be further revised before the next release.
|
|
|
|
Known issues
|
|
============
|
|
|
|
AMD-based PCs with FCH are unable to read flash contents for internal (BIOS
|
|
flash) chips larger than 16 MB, and attempting to do so may crash the system.
|
|
Systems with AMD "Promontory" IO extenders (mostly "Zen" desktop platforms) are
|
|
not currently supported.
|
|
|
|
https://ticket.coreboot.org/issues/370
|
|
|
|
Added support
|
|
=============
|
|
|
|
* Intel Wildcat Lake chipset
|
|
* Eon EN25QX128A
|
|
* PUYA P25D80H
|
|
|
|
New features
|
|
============
|
|
|
|
Fail immediately when trying to write/erase wp regions
|
|
------------------------------------------------------
|
|
|
|
This change is done so it's harder for user to brick his own platform.
|
|
Information about read-only regions can easily be missed as flashrom
|
|
can output a lot of information on screen. Even if you notice you might
|
|
not know if one of the regions you requested falls inside read-only
|
|
range, especially if using different names for those regions.
|
|
If you are flashing multiple regions or ones that partially overlap with
|
|
read-only parts then that could result in flashrom failing in the
|
|
middle, leaving you in unknown state.
|