openwrt/flashrom
1
0
Fork 0
mirror of https://review.coreboot.org/flashrom.git synced 2025-10-14 06:20:25 +02:00
Code Issues Releases Wiki Activity
Files
e681de4286b1326711470d2fa2b994b625822dd2
flashrom/include/layout.h
Michał Iwanicki 2a092bbef7 Fail immediately when trying to write/erase wp regions 
This patch introduces chipset-level protections and adds checks that
abort writing to flash if any of the requested regions are
write-protected by chip, dynamically by a chipset, or are defined as
read-only.

This change is done so it's harder for user to brick his own platform.
Information about read-only regions can easily be missed as flashrom
can output a lot of information on screen. Even if you notice you might
not know if one of the regions you requested falls inside read-only
range, especially if using different names for those regions.
If you are flashing multiple regions or ones that partially overlap with
read-only parts then that could result in flashrom failing in the
middle leaving you in unknown state.

This patch was tested with multiple combinations of
unprotected/protected regions:

- dummy programmer

```sh
flashrom -p dummy:hwwp=yes,emulate=S25FL128L --wp-enable \
  --wp-range 0x00040000,0x00fc0000 \
  -l <(echo '00000000:0004ffff part1') -i part1 -E
```

- internal programmer on Protectli VP6670 with Dasharo UEFI firmware
with locked BIOS boot medium (PR0, part of bios region)

```sh
flashrom -p internal --ifd -i me -i bios -w test.rom
```

Normal reads and flashing non-protected regions was also tested.

Change-Id: Ia0dd847923e20ff0081ceae68984369e98952c2f
Signed-off-by: Michał Iwanicki <michal.iwanicki@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/89222
Reviewed-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
2025-09-30 00:13:45 +00:00

96 lines
3.5 KiB
C
Raw Blame History

/*
* This file is part of the flashrom project.
*
* Copyright (C) 2005-2008 coresystems GmbH
* (Written by Stefan Reinauer <stepan@coresystems.de> for coresystems GmbH)
* Copyright (C) 2011-2013 Stefan Tauner
* Copyright (C) 2016 secunet Security Networks AG
* (Written by Nico Huber <nico.huber@secunet.com> for secunet)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
#ifndef __LAYOUT_H__
#define __LAYOUT_H__ 1
#include <stddef.h>
#include <stdint.h>
#include <stdbool.h>
/* Types and macros regarding the maximum flash space size supported by generic code. */
typedef uint32_t chipoff_t; /* Able to store any addressable offset within a supported flash memory. */
typedef uint32_t chipsize_t; /* Able to store the number of bytes of any supported flash memory. */
#define FL_MAX_CHIPOFF_BITS (24)
#define FL_MAX_CHIPOFF ((chipoff_t)(1ULL<<FL_MAX_CHIPOFF_BITS)-1)
#define PRIxCHIPOFF "06"PRIx32
#define PRIuCHIPSIZE PRIu32
#define MAX_ROMLAYOUT 128
struct flash_region {
char *name;
/*
* Note that because start and end are chipoff_t, end is an inclusive upper
* bound: the length of a region is (end - start + 1) bytes and it is
* impossible to represent a region with zero length.
*/
chipoff_t start;
chipoff_t end;
bool read_prot;
bool write_prot;
};
struct romentry {
struct romentry *next;
bool included;
char *file;
struct flash_region region;
};
struct protected_ranges {
int count;
struct flash_region *ranges;
};
struct flashrom_layout;
struct layout_include_args;
struct flashrom_flashctx;
const struct flashrom_layout *get_default_layout(const struct flashrom_flashctx *);
const struct flashrom_layout *get_layout(const struct flashrom_flashctx *);
int layout_from_file(struct flashrom_layout **, const char *name);
int register_include_arg(struct layout_include_args **, const char *arg);
int process_include_args(struct flashrom_layout *, const struct layout_include_args *);
int check_include_args_filename(const struct layout_include_args *);
void cleanup_include_args(struct layout_include_args **);
const struct romentry *layout_next_included_region(const struct flashrom_layout *, chipoff_t);
const struct romentry *layout_next_included(const struct flashrom_layout *, const struct romentry *);
const struct romentry *layout_next(const struct flashrom_layout *, const struct romentry *);
int included_regions_overlap(const struct flashrom_layout *);
void prepare_layout_for_extraction(struct flashrom_flashctx *);
int layout_sanity_checks(const struct flashrom_flashctx *);
int check_for_unwritable_regions(const struct flashrom_flashctx *flash, unsigned int start, unsigned int len);
void get_flash_region(const struct flashrom_flashctx *flash, int addr, struct flash_region *region);
/*
* Return chipset-level protections.
* ranges parameter has to be freed by the caller with release_protected_ranges
*/
void get_protected_ranges(const struct flashrom_flashctx *flash, struct protected_ranges *ranges);
void release_protected_ranges(const struct flashrom_flashctx *flash, struct protected_ranges *ranges);
#endif /* !__LAYOUT_H__ */
Reference in New Issue View Git Blame Copy Permalink