diff options
| author | Alexander Usyskin <alexander.usyskin@intel.com> | 2024-10-09 09:22:44 +0300 |
|---|---|---|
| committer | Mark Brown <broonie@kernel.org> | 2024-10-09 14:41:00 +0100 |
| commit | b1258105f9ce5203f48a47fd2f2cec8c38c41841 (patch) | |
| tree | f61191cb9b60df86f4c0becb9f343367c2b64982 /Documentation/ABI | |
| parent | c2a59c892f20379a3e48124a83491a12374cd7e0 (diff) | |
| download | linux-b1258105f9ce5203f48a47fd2f2cec8c38c41841.tar.gz linux-b1258105f9ce5203f48a47fd2f2cec8c38c41841.tar.bz2 linux-b1258105f9ce5203f48a47fd2f2cec8c38c41841.zip | |
spi: intel: Add protected and locked attributes
The manufacturing access to the PCH/SoC SPI device is traditionally
performed via userspace driver accessing registers via /dev/mem but due
to security concerns /dev/mem access is being much restricted, hence the
reason for utilizing dedicated Intel PCH/SoC SPI controller driver,
which is already implemented in the Linux kernel.
Intel PCH/SoC SPI controller protects the flash storage via two
mechanisms one is the via region protection registers and second via
BIOS lock. The BIOS locks only the BIOS regions usually 0 and/or 6.
The device always boots with BIOS lock set, but during manufacturing the
BIOS lock has to be lifted in order to enable the write access. This can
be done by passing "writeable=1" in the command line when the driver is
loaded. This "locked" state is exposed through new sysfs attributes
(intel_spi_locked, intel_spi_bios_locked).
Second, also the region protection status is exposed via sysfs attribute
(intel_spi_protected) as the manufacturing will need the both files in
order to validate that the device is properly sealed.
Includes code written by Tamar Mashiah.
Signed-off-by: Alexander Usyskin <alexander.usyskin@intel.com>
Co-developed-by: Tomas Winkler <tomasw@gmail.com>
Signed-off-by: Tomas Winkler <tomasw@gmail.com>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Link: https://patch.msgid.link/20241009062244.2436793-1-mika.westerberg@linux.intel.com
Signed-off-by: Mark Brown <broonie@kernel.org>
Diffstat (limited to 'Documentation/ABI')
| -rw-r--r-- | Documentation/ABI/testing/sysfs-driver-spi-intel | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/Documentation/ABI/testing/sysfs-driver-spi-intel b/Documentation/ABI/testing/sysfs-driver-spi-intel new file mode 100644 index 000000000000..d7c9139ddbf3 --- /dev/null +++ b/Documentation/ABI/testing/sysfs-driver-spi-intel @@ -0,0 +1,20 @@ +What: /sys/devices/.../intel_spi_protected +Date: Feb 2025 +KernelVersion: 6.13 +Contact: Alexander Usyskin <alexander.usyskin@intel.com> +Description: This attribute allows the userspace to check if the + Intel SPI flash controller is write protected from the host. + +What: /sys/devices/.../intel_spi_locked +Date: Feb 2025 +KernelVersion: 6.13 +Contact: Alexander Usyskin <alexander.usyskin@intel.com> +Description: This attribute allows the user space to check if the + Intel SPI flash controller locks supported opcodes. + +What: /sys/devices/.../intel_spi_bios_locked +Date: Feb 2025 +KernelVersion: 6.13 +Contact: Alexander Usyskin <alexander.usyskin@intel.com> +Description: This attribute allows the user space to check if the + Intel SPI flash controller BIOS region is locked for writes. |