diff options
author | Randall Spangler <rspangler@chromium.org> | 2012-12-10 15:23:57 -0800 |
---|---|---|
committer | Randall Spangler <rspangler@chromium.org> | 2012-12-10 15:42:21 -0800 |
commit | ab727c4941ddd0112be0e0de61c2900ae60913e7 (patch) | |
tree | 43cf3a0e39d3a771900423710c11f1d11a340b26 /common | |
parent | 7a2e3372eef4d8eee8ee140f517a309dc7065887 (diff) | |
download | chrome-ec-ab727c4941ddd0112be0e0de61c2900ae60913e7.tar.gz |
Add more paranoia for flash write protect
If the entire flash is protected (as it normally is after software
sync), fail all flash write/erase operations.
Add a shadow copy of the all_now flag.
BUG=chrome-os-partner:16727
BRANCH=link
TEST=manual
Verify that flash operations work properly before all_now. Then enable HW WP
and
flashwp enable
flashwp now
and try
flasherase 0x38000 0x1000
flashwrite 0x38000 0x100
Those commands should fail with error 7
From the host side
ectool flasherase 0x38000 0x1000
echo 'Khaaaaaaaaaaan' > /tmp/b16727
ectool flashwrite 0x38000 /tmp/b16727
should also fail.
Change-Id: I99a4d2bb86080bd12c900582a8fbdfc79c99916c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/39517
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'common')
-rw-r--r-- | common/flash_common.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/common/flash_common.c b/common/flash_common.c index 11cb8150f3..9407f3336a 100644 --- a/common/flash_common.c +++ b/common/flash_common.c @@ -155,6 +155,9 @@ static int command_flash_erase(int argc, char **argv) int size = CONFIG_FLASH_ERASE_SIZE; int rv; + if (flash_get_protect() & EC_FLASH_PROTECT_ALL_NOW) + return EC_ERROR_ACCESS_DENIED; + rv = parse_offset_size(argc, argv, 1, &offset, &size); if (rv) return rv; @@ -175,6 +178,9 @@ static int command_flash_write(int argc, char **argv) char *data; int i; + if (flash_get_protect() & EC_FLASH_PROTECT_ALL_NOW) + return EC_ERROR_ACCESS_DENIED; + rv = parse_offset_size(argc, argv, 1, &offset, &size); if (rv) return rv; @@ -268,6 +274,9 @@ static int flash_command_write(struct host_cmd_handler_args *args) { const struct ec_params_flash_write *p = args->params; + if (flash_get_protect() & EC_FLASH_PROTECT_ALL_NOW) + return EC_RES_ACCESS_DENIED; + if (p->size > sizeof(p->data)) return EC_RES_INVALID_PARAM; @@ -287,6 +296,9 @@ static int flash_command_erase(struct host_cmd_handler_args *args) { const struct ec_params_flash_erase *p = args->params; + if (flash_get_protect() & EC_FLASH_PROTECT_ALL_NOW) + return EC_RES_ACCESS_DENIED; + if (system_unsafe_to_overwrite(p->offset, p->size)) return EC_RES_ACCESS_DENIED; |