lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <531D91C9.80000@keymile.com>
Date:	Mon, 10 Mar 2014 11:19:53 +0100
From:	Gerlando Falauto <gerlando.falauto@...mile.com>
To:	Austin Boyle <boyle.austin@...il.com>,
	Brian Norris <computersforpeace@...il.com>
CC:	"linux-mtd@...ts.infradead.org" <linux-mtd@...ts.infradead.org>,
	David Woodhouse <dwmw2@...radead.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Artem Bityutskiy <artem.bityutskiy@...ux.intel.com>,
	Marek Vasut <marex@...x.de>, Angus Clark <angus.clark@...com>
Subject: Re: [PATCH] mtd: m25p80: Calculate flash block protect bits based
 on number of sectors

Hi Austin,

On 03/08/2014 05:36 PM, Austin Boyle wrote:
> Existing calculation of block protect bits only works for devices with 64
> sectors or more. This patch generalises the calculation based on the number of
> sectors. This logic is applicable to the STmicro devices:
> m25p10, p20, p40, p80, p16, pe16, p32, p64, p128.
> Note m25p128 has 128 sectors but only supports protection to 64 sector resolution.

Wait, are you talking about m25p128 or m25p64?
Confusing as it might sound, m25p64 has 128 * 64K sectors, whereas 
m25p128 has 64 * 256K sectors.
Plus, what do you mean by "64 sectors resolution"?
 From what I can read, you can lock *all* 128 sectors -- but since we 
only have 7 bits, you must lock *at least* 2 sectors (that is, 1/64th of 
the total size).

> Added flag to m25p_ids table to indicate if flash protection is supported.
>
> Added n_sectors to m25p flash structure so it can be used in block protect bit
> calculation.
>
> From: Austin Boyle <boyle.austin@...il.com>
> Signed-off-by: Austin Boyle <boyle.austin@...il.com>
> ---
> diff --git a/drivers/mtd/devices/m25p80.c b/drivers/mtd/devices/m25p80.c
> index ad19139..a14ebe9 100644
> --- a/drivers/mtd/devices/m25p80.c
> +++ b/drivers/mtd/devices/m25p80.c
> @@ -77,8 +77,13 @@
>   #define	SR_BP0			4	/* Block protect 0 */
>   #define	SR_BP1			8	/* Block protect 1 */
>   #define	SR_BP2			0x10	/* Block protect 2 */
> +#define	SR_BP_BIT_OFFSET	2	/* Offset to Block protect 0 */
> +#define	SR_BP_BIT_MASK		(SR_BP2 | SR_BP1 | SR_BP0)
>   #define	SR_SRWD			0x80	/* SR write protect */
>
> +/* Highest resolution of sector locking */
> +#define M25P_MAX_LOCKABLE_SECTORS	64
> +
>   #define SR_QUAD_EN_MX           0x40    /* Macronix Quad I/O */
>
>   /* Configuration Register bits. */
> @@ -104,6 +109,7 @@ struct m25p {
>   	struct mtd_info		mtd;
>   	u16			page_size;
>   	u16			addr_width;
> +	u16			n_sectors;
>   	u8			erase_opcode;
>   	u8			read_opcode;
>   	u8			program_opcode;
> @@ -741,8 +747,16 @@ static int m25p80_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
>   	struct m25p *flash = mtd_to_m25p(mtd);
>   	uint32_t offset = ofs;
>   	uint8_t status_old, status_new;
> +	uint8_t lock_bits;
> +	uint16_t lock_sectors;
> +	uint32_t protected_area;
>   	int res = 0;
>
> +	if (flash->n_sectors > M25P_MAX_LOCKABLE_SECTORS)
> +		lock_sectors = M25P_MAX_LOCKABLE_SECTORS;
> +	else
> +		lock_sectors = flash->n_sectors;
> +

don't we have a min() macro for this?
Anyway, instead of putting it in terms of "protected portion", can't we 
just make it simpler by putting it in terms of "protected multiples 
(powers of two, particularly) of the minimum lockable size [in sectors]"?
In other words, why not something like:

min_lockable_sectors = max(1, flash->n_sectors/M25P_MAX_LOCKABLE_SECTORS);

In the end, I believe it all started (with smaller flash parts) as a way 
of telling: lock "0,1,2,4,8,16,32,64" sectors; only LATER did things 
start to scale UP as soon as the number of sectors started exceeding 64. 
Or am I wrong?

>   	mutex_lock(&flash->lock);
>   	/* Wait until finished previous command */
>   	if (wait_till_ready(flash)) {
> @@ -752,24 +766,18 @@ static int m25p80_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
>
>   	status_old = read_sr(flash);
>
> -	if (offset < flash->mtd.size-(flash->mtd.size/2))
> -		status_new = status_old | SR_BP2 | SR_BP1 | SR_BP0;
> -	else if (offset < flash->mtd.size-(flash->mtd.size/4))
> -		status_new = (status_old & ~SR_BP0) | SR_BP2 | SR_BP1;
> -	else if (offset < flash->mtd.size-(flash->mtd.size/8))
> -		status_new = (status_old & ~SR_BP1) | SR_BP2 | SR_BP0;
> -	else if (offset < flash->mtd.size-(flash->mtd.size/16))
> -		status_new = (status_old & ~(SR_BP0|SR_BP1)) | SR_BP2;
> -	else if (offset < flash->mtd.size-(flash->mtd.size/32))
> -		status_new = (status_old & ~SR_BP2) | SR_BP1 | SR_BP0;
> -	else if (offset < flash->mtd.size-(flash->mtd.size/64))
> -		status_new = (status_old & ~(SR_BP2|SR_BP0)) | SR_BP1;
> -	else
> -		status_new = (status_old & ~(SR_BP2|SR_BP1)) | SR_BP0;
> +	for (lock_bits = 1; lock_bits < 7; lock_bits++) {
> +		protected_area =
> +			((1<<(lock_bits-1))*flash->mtd.size)/lock_sectors;

so if my idea above is accepted:

protected_area = (1<<(lock_bits-1)) * min_lockable_sectors * 
flash->mtd.sector_size;

> +		if (offset >= flash->mtd.size-protected_area)
> +			break;

[pedantic mode on]
Notice how here protected_area might get bigger than flash->mtd.size and 
you're comparing unsigned ints. But the loop will always terminate 
before reaching that condition anyway.
[pedantic mode off]

> +	}
> +
> +	status_new = (status_old & ~SR_BP_BIT_MASK) |
> +			((lock_bits << SR_BP_BIT_OFFSET) & SR_BP_BIT_MASK);
>
>   	/* Only modify protection if it will not unlock other areas */
> -	if ((status_new&(SR_BP2|SR_BP1|SR_BP0)) >
> -					(status_old&(SR_BP2|SR_BP1|SR_BP0))) {
> +	if ((status_new & SR_BP_BIT_MASK) > (status_old & SR_BP_BIT_MASK)) {
>   		write_enable(flash);
>   		if (write_sr(flash, status_new) < 0) {
>   			res = 1;
> @@ -786,8 +794,16 @@ static int m25p80_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
>   	struct m25p *flash = mtd_to_m25p(mtd);
>   	uint32_t offset = ofs;
>   	uint8_t status_old, status_new;
> +	uint8_t lock_bits;
> +	uint16_t lock_sectors;
> +	uint32_t protected_area;
>   	int res = 0;
>
> +	if (flash->n_sectors > M25P_MAX_LOCKABLE_SECTORS)
> +		lock_sectors = M25P_MAX_LOCKABLE_SECTORS;
> +	else
> +		lock_sectors = flash->n_sectors;
> +
>   	mutex_lock(&flash->lock);
>   	/* Wait until finished previous command */
>   	if (wait_till_ready(flash)) {
> @@ -797,24 +813,19 @@ static int m25p80_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
>
>   	status_old = read_sr(flash);
>
> -	if (offset+len > flash->mtd.size-(flash->mtd.size/64))
> -		status_new = status_old & ~(SR_BP2|SR_BP1|SR_BP0);
> -	else if (offset+len > flash->mtd.size-(flash->mtd.size/32))
> -		status_new = (status_old & ~(SR_BP2|SR_BP1)) | SR_BP0;
> -	else if (offset+len > flash->mtd.size-(flash->mtd.size/16))
> -		status_new = (status_old & ~(SR_BP2|SR_BP0)) | SR_BP1;
> -	else if (offset+len > flash->mtd.size-(flash->mtd.size/8))
> -		status_new = (status_old & ~SR_BP2) | SR_BP1 | SR_BP0;
> -	else if (offset+len > flash->mtd.size-(flash->mtd.size/4))
> -		status_new = (status_old & ~(SR_BP0|SR_BP1)) | SR_BP2;
> -	else if (offset+len > flash->mtd.size-(flash->mtd.size/2))
> -		status_new = (status_old & ~SR_BP1) | SR_BP2 | SR_BP0;
> -	else
> -		status_new = (status_old & ~SR_BP0) | SR_BP2 | SR_BP1;
> +	for (lock_bits = 1; lock_bits < 7; lock_bits++) {
> +		protected_area =
> +			((1<<(lock_bits-1))*flash->mtd.size)/lock_sectors;
> +		if (offset+len >= flash->mtd.size-protected_area)
> +			break;
> +	}
> +	lock_bits--;
> +
> +	status_new = (status_old & ~SR_BP_BIT_MASK) |
> +			((lock_bits << SR_BP_BIT_OFFSET) & SR_BP_BIT_MASK);
>
>   	/* Only modify protection if it will not lock other areas */
> -	if ((status_new&(SR_BP2|SR_BP1|SR_BP0)) <
> -					(status_old&(SR_BP2|SR_BP1|SR_BP0))) {
> +	if ((status_new & SR_BP_BIT_MASK) < (status_old & SR_BP_BIT_MASK)) {
>   		write_enable(flash);
>   		if (write_sr(flash, status_new) < 0) {
>   			res = 1;

since the logic is common to locking and unlocking, wouldn't it make 
more sense to factor out some of the common code in a separate function 
or macro?

> @@ -856,6 +867,7 @@ struct flash_info {
>   #define	M25P_NO_FR	0x08		/* Can't do fastread */
>   #define	SECT_4K_PMC	0x10		/* OPCODE_BE_4K_PMC works uniformly */
>   #define	M25P80_QUAD_READ	0x20    /* Flash supports Quad Read */
> +#define	M25P_FLASH_LOCK	0x40		/* Flash protection support */
>   };
>
>   #define INFO(_jedec_id, _ext_id, _sector_size, _n_sectors, _flags)	\
> @@ -981,25 +993,25 @@ static const struct spi_device_id m25p_ids[] = {
>
>   	/* ST Microelectronics -- newer production may have feature updates */
>   	{ "m25p05",  INFO(0x202010,  0,  32 * 1024,   2, 0) },
> -	{ "m25p10",  INFO(0x202011,  0,  32 * 1024,   4, 0) },
> -	{ "m25p20",  INFO(0x202012,  0,  64 * 1024,   4, 0) },
> -	{ "m25p40",  INFO(0x202013,  0,  64 * 1024,   8, 0) },
> -	{ "m25p80",  INFO(0x202014,  0,  64 * 1024,  16, 0) },
> -	{ "m25p16",  INFO(0x202015,  0,  64 * 1024,  32, 0) },
> -	{ "m25p32",  INFO(0x202016,  0,  64 * 1024,  64, 0) },
> -	{ "m25p64",  INFO(0x202017,  0,  64 * 1024, 128, 0) },
> -	{ "m25p128", INFO(0x202018,  0, 256 * 1024,  64, 0) },
> +	{ "m25p10",  INFO(0x202011,  0,  32 * 1024,   4, M25P_FLASH_LOCK) },
> +	{ "m25p20",  INFO(0x202012,  0,  64 * 1024,   4, M25P_FLASH_LOCK) },
> +	{ "m25p40",  INFO(0x202013,  0,  64 * 1024,   8, M25P_FLASH_LOCK) },
> +	{ "m25p80",  INFO(0x202014,  0,  64 * 1024,  16, M25P_FLASH_LOCK) },
> +	{ "m25p16",  INFO(0x202015,  0,  64 * 1024,  32, M25P_FLASH_LOCK) },
> +	{ "m25p32",  INFO(0x202016,  0,  64 * 1024,  64, M25P_FLASH_LOCK) },
> +	{ "m25p64",  INFO(0x202017,  0,  64 * 1024, 128, M25P_FLASH_LOCK) },
> +	{ "m25p128", INFO(0x202018,  0, 256 * 1024,  64, M25P_FLASH_LOCK) },
>   	{ "n25q032", INFO(0x20ba16,  0,  64 * 1024,  64, 0) },
>
>   	{ "m25p05-nonjedec",  INFO(0, 0,  32 * 1024,   2, 0) },
> -	{ "m25p10-nonjedec",  INFO(0, 0,  32 * 1024,   4, 0) },
> -	{ "m25p20-nonjedec",  INFO(0, 0,  64 * 1024,   4, 0) },
> -	{ "m25p40-nonjedec",  INFO(0, 0,  64 * 1024,   8, 0) },
> -	{ "m25p80-nonjedec",  INFO(0, 0,  64 * 1024,  16, 0) },
> -	{ "m25p16-nonjedec",  INFO(0, 0,  64 * 1024,  32, 0) },
> -	{ "m25p32-nonjedec",  INFO(0, 0,  64 * 1024,  64, 0) },
> -	{ "m25p64-nonjedec",  INFO(0, 0,  64 * 1024, 128, 0) },
> -	{ "m25p128-nonjedec", INFO(0, 0, 256 * 1024,  64, 0) },
> +	{ "m25p10-nonjedec",  INFO(0, 0,  32 * 1024,   4, M25P_FLASH_LOCK) },
> +	{ "m25p20-nonjedec",  INFO(0, 0,  64 * 1024,   4, M25P_FLASH_LOCK) },
> +	{ "m25p40-nonjedec",  INFO(0, 0,  64 * 1024,   8, M25P_FLASH_LOCK) },
> +	{ "m25p80-nonjedec",  INFO(0, 0,  64 * 1024,  16, M25P_FLASH_LOCK) },
> +	{ "m25p16-nonjedec",  INFO(0, 0,  64 * 1024,  32, M25P_FLASH_LOCK) },
> +	{ "m25p32-nonjedec",  INFO(0, 0,  64 * 1024,  64, M25P_FLASH_LOCK) },
> +	{ "m25p64-nonjedec",  INFO(0, 0,  64 * 1024, 128, M25P_FLASH_LOCK) },
> +	{ "m25p128-nonjedec", INFO(0, 0, 256 * 1024,  64, M25P_FLASH_LOCK) },
>
>   	{ "m45pe10", INFO(0x204011,  0, 64 * 1024,    2, 0) },
>   	{ "m45pe80", INFO(0x204014,  0, 64 * 1024,   16, 0) },
> @@ -1007,7 +1019,7 @@ static const struct spi_device_id m25p_ids[] = {
>
>   	{ "m25pe20", INFO(0x208012,  0, 64 * 1024,  4,       0) },
>   	{ "m25pe80", INFO(0x208014,  0, 64 * 1024, 16,       0) },
> -	{ "m25pe16", INFO(0x208015,  0, 64 * 1024, 32, SECT_4K) },
> +	{ "m25pe16", INFO(0x208015,  0, 64 * 1024, 32, SECT_4K | M25P_FLASH_LOCK) },
>
>   	{ "m25px16",    INFO(0x207115,  0, 64 * 1024, 32, SECT_4K) },
>   	{ "m25px32",    INFO(0x207116,  0, 64 * 1024, 64, SECT_4K) },
> @@ -1178,9 +1190,11 @@ static int m25p_probe(struct spi_device *spi)
>   	flash->mtd.size = info->sector_size * info->n_sectors;
>   	flash->mtd._erase = m25p80_erase;
>   	flash->mtd._read = m25p80_read;
> +	flash->n_sectors = info->n_sectors;

Move two lines up?

>
>   	/* flash protection support for STmicro chips */
> -	if (JEDEC_MFR(info->jedec_id) == CFI_MFR_ST) {
> +	if (JEDEC_MFR(info->jedec_id) == CFI_MFR_ST &&
> +					(info->flags & M25P_FLASH_LOCK)) {
>   		flash->mtd._lock = m25p80_lock;
>   		flash->mtd._unlock = m25p80_unlock;

As I said in my previous mail, wouldn't it be nice to also implement 
_is_locked here?

>   	}
>

Thank you very much again for your patience!
Gerlando
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ