search

Dasharo / dasharo-issues

The Dasharo issue tracker
https://dasharo.com/
24 stars 0 forks source link

BLS001.001 and SMM001.001 fails to enter read only mode and more #996

Open wiktormowinski opened 1 month ago

wiktormowinski commented 1 month ago

Device

MinnowBoard Turbot B41

RTE version

-

OSFV version

branch: minnow-update

Affected component(s) or functionality

No response

Brief summary

these two test cases share similar problems with writing flash and enablig bios protection

How reproducible

always

How to reproduce

run BLS001.001 or SMM001.001

Expected behavior

pass

Actual behavior

for bios lock: there is no is read-only in the output so the bios lock havent turned on properly (thus the very next test, BLS002.001 passes because it doesn't have to disable bios lock when it's already off)

on the other hand the smm bios write protection is unable to set bios control and then decide on chip definition and all regions are r-w

Link to screenshots or logs

BLS001.001.zip SMM001.001.zip

Additional context

No response

Solutions you've tried

No response

wiktormowinski commented 1 month ago

the problems are similar enough to include them under a single post for i believe they both come from the same place, I may be wrong though..

miczyg1 commented 4 weeks ago

SMM BWP seems not to be working yet, indeed. This will need investigation in the firmware

filipleple commented 3 weeks ago

Checked the logs:

[DEBUG] No SPI lockdown configuration.

Looks like setting flash lock configurations has to be implemented for each Bay Trail platform separately, keeping in mind the flash chip they use. Working on it here: https://github.com/Dasharo/coreboot/pull/551

filipleple commented 3 weeks ago

Managed to get BIOS lock to work so far:

ubuntu@3mdeb:~$ sudo flashrom -p internal -w read_dirty.rom -c "W25Q64JV-.Q"
[sudo] password for ubuntu:
flashrom v1.2-1033-g24b8fcf-dirty on Linux 6.5.0-45-generic (x86_64)
flashrom is free software, get the source code at https://flashrom.org

Using clock_gettime for delay loops (clk_id: 1, resolution: 1ns).
Cannot open file stream for /dev/mtd0
coreboot table found at 0x79d80000.
Found chipset "Intel Bay Trail".
Enabling flash write... Warning: Setting BIOS Control at 0x0 from 0x0b to 0x09 failed.
New value is 0x0b.
SPI Configuration is locked down.
FREG0: Flash Descriptor region (0x00000000-0x00000fff) is read-write.
FREG1: BIOS region (0x00200000-0x007fffff) is read-write.
FREG2: Management Engine region (0x00001000-0x001fffff) is read-write.
PR0: Warning: 0x002d0000-0x007fffff is read-only.

Working on SMM BWP.

filipleple commented 2 weeks ago

Managed to get SMM BWP to work as well:

bash-5.2# flashrom -p internal -c "W25Q64JV-.Q" -E
flashrom v1.2-1037-g5b4a5b4 on Linux 6.6.21-yocto-standard (x86_64)
flashrom is free software, get the source code at https://flashrom.org

Using clock_gettime for delay loops (clk_id: 1, resolution: 1ns).
coreboot table found at 0x79d7c000.
Found chipset "Intel Bay Trail".
Enabling flash write... Warning: BIOS region SMM protection is enabled!
Warning: Setting BIOS Control at 0x0 from 0x2b to 0x09 failed.
New value is 0x2b.
SPI Configuration is locked down.
FREG0: Flash Descriptor region (0x00000000-0x00000fff) is read-write.
FREG1: BIOS region (0x00200000-0x007fffff) is read-write.
FREG2: Management Engine region (0x00001000-0x001fffff) is read-write.
OK.
Found Winbond flash chip "W25Q64JV-.Q" (8192 kB, SPI) mapped at physical address 0x00000000ff800000.
Erasing and writing flash chip... Transaction error!
spi_write_cmd failed during command execution at address 0x0
Looking for another erase function.
spi_write_cmd failed during command execution at address 0x0
Looking for another erase function.
Transaction error!
spi_write_cmd failed during command execution at address 0x0
Looking for another erase function.
spi_simple_write_cmd failed during command execution
Looking for another erase function.
spi_simple_write_cmd failed during command execution
Looking for another erase function.
Looking for another erase function.
Looking for another erase function.
No usable erase functions left.
FAILED!
Your flash chip is in an unknown state.
Get help on IRC (see https://www.flashrom.org/Contact) or mail
flashrom@flashrom.org with the subject "FAILED: <your board name>"!-------------------------------------------------------------------------------
DO NOT REBOOT OR POWEROFF!
bash-5.2#

Will ship in upcoming rc2.