lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <09f5f76eb49a38c4b2960abe688b2892@walle.cc>
Date:   Fri, 20 Dec 2019 13:46:40 +0100
From:   Michael Walle <michael@...le.cc>
To:     Vignesh Raghavendra <vigneshr@...com>
Cc:     Tudor Ambarus <tudor.ambarus@...rochip.com>,
        linux-mtd@...ts.infradead.org, devicetree@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Miquel Raynal <miquel.raynal@...tlin.com>,
        Richard Weinberger <richard@....at>,
        Rob Herring <robh+dt@...nel.org>,
        Mark Rutland <mark.rutland@....com>
Subject: Re: [PATCH 1/2] dt-bindings: mtd: spi-nor: document new flag

Hi Vignesh,

Am 2019-12-19 06:33, schrieb Vignesh Raghavendra:
> Hi Michael,
> 
> [...]
>>>> +- no-unlock : By default, linux unlocks the whole flash because 
>>>> there
>>>> +           are legacy flash devices which are locked by default
>>>> +           after reset. Set this flag if you don't want linux to
>>>> +           unlock the whole flash automatically. In this case you
>>>> +           can control the non-volatile bits by the
>>>> +           flash_lock/flash_unlock tools.
>>>> 
>>> 
>>> Current SPI NOR framework unconditionally unlocks entire flash which
>>> I agree is not the best thing to do, but I don't think we need
>>> new DT property here. MTD cmdline partitions and DT partitions 
>>> already
>>> provide a way to specify that a partition should remain locked[1][2]
>> 
>> I know that the MTD layer has the same kind of unlocking. But that
>> unlocking is done on a per mtd partition basis. Eg. consider something
>> like the following
>> 
>>  mtd1 bootloader  (locked)
>>  mtd2 firmware    (locked)
>>  mtd3 kernel
>>  mtd4 environment
>> 
>> Further assume, that the end of mtd2 aligns with one of the possible
>> locking areas which are supported by the flash chip. Eg. the first 
>> quarter.
>> 
>> The mtd layer would do two (or four, if "lock" property is set) 
>> unlock()
>> calls, one for mtd1 and one for mtd2.
>> 
> 
> 
>> My point here is, that the mtd partitions doesn't always map to the
>> locking regions of the SPI flash (at least if the are not merged 
>> together).
>> 
> 
> You are right! This will be an issue if existing partitions are not
> aligned to locking regions.
> 
> I take my comments back... But I am not sure if a new DT property is 
> the
> needed. This does not describe HW and is specific to Linux SPI NOR
> stack. How about a module parameter instead?
> Module parameter won't provide per flash granularity in controlling
> unlocking behavior. But I don't think that matters.

I don't argue against having a kernel parameter, but just wanting to 
point
out another alternative (which might be controversial):

  - What is the purpose of this unlock_all() at all. Apparently there are
    some flashes which have the protection bits set. Either at startup
    (and then they are non-volatile) or they come in that state out of 
the
    factory. The latter makes little sense IMHO.

  - Actually, all newer flashes we've used have these bits non-volatile 
and
    are unlocked by default.

So can't we have a whitelist (ie. a new flag in the spi_nor_ids) which
supresses the unlock if they haven't any block protections bit set
according to the manual? Because in this case the unlocking makes never
sense IMHO.

-michael

> 
> Tudor,
> 
> You had a patch doing something similar. Does module param sound good 
> to
> you?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ