| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d10ab191-d75b-4fad-aed2-33d08815f7a5@linaro.org> Date: Tue, 24 Sep 2024 07:01:42 +0100 From: Tudor Ambarus <tudor.ambarus@...aro.org> To: Erez <erezgeva2@...il.com> Cc: Erez Geva <erezgeva@...ime.org>, linux-mtd@...ts.infradead.org, Pratyush Yadav <pratyush@...nel.org>, Michael Walle <mwalle@...nel.org>, linux-kernel@...r.kernel.org, Miquel Raynal <miquel.raynal@...tlin.com>, Richard Weinberger <richard@....at>, Vignesh Raghavendra <vigneshr@...com>, devicetree@...r.kernel.org, Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>, Esben Haabendal <esben@...nix.com> Subject: Re: [PATCH v5 1/5] mtd: spi-nor: core: add manufacturer flags On 9/23/24 8:30 PM, Erez wrote: > On Mon, 23 Sept 2024 at 19:53, Tudor Ambarus <tudor.ambarus@...aro.org> wrote: cut >>>>> You ask if it is possible to deduce it from JEDEC ID and SFDP, >>>>> I answer that this is not possible, at least in some cases.. >>>> >>>> I'm interested just about your case, not all the possible cases. >>> >>> Actually it is the MX25L3233F and its previous chips. >> >> Which previous chips? Do you have any such chip at hand? If not, why are >> we talking about collisions? > > JEDEC ID 0xc22016 > MX25L3205D - No SFDP, 2 OTP regions of 128-bit, 384-bit, Status:End of Life, > Recommended Product MX25L3206E > MX25L3206E - support SFDP, 2 OTP regions of 128-bit, 384-bit, Status: > Not recommend for new design Recommended Product MX25L3233F > MX25L3233F - support SFDP, 1 OTP region of 4096-bit, Status Production > Okay. So you have just MX25L3233F on your table and you are worried about possible ID collisions with MX25L3206E and MX25L3205D. But you don't have access to MX25L3206E and MX25L3205D. Is my understanding correct? If it's a yes, then don't worry about ID collisions at all, you can't test the other flashes anyway. OTP is not used by the older flashes as there's no support right now, so you don't break anything. Just add your OTP organization to your flash and I (or other SPI NOR maintainer) will decide on how to handle the ID collisions when/if they appear. > JEDEC ID 0xc22017 > MX25L6405D - No SFDP, 2 OTP regions of 128-bit, 384-bit, Status: End > of Life, recommend Product MX25L6406E. > MX25L6406E - support SFDP, 2 OTP regions of 128-bit, 384-bit, > Status:Not recommended for new design, > Recommended Product MX25L6433F. > MX25L6433F - support SFDP, 2 OTP regions of 4096-bit, 4096-bit, Status > Production. > > JEDEC ID 0xc22015 > MX25L1606E - support SFDP, 2 OTP regions of 128-bit, 384-bit,Status: > Not recommend for new design, > Recommended Product MX25V16066 > MX25V16066 - support SFDP, No OTP. Status Production. Thanks for the dive. We can ignore these because you can't test any of them. I'll worry about them when someone adds OTP support for them. cut >> >>> This is not because I oppose probing, >>> this is because you ask for indirect probing, against Macronix own >>> recommendation. >> >> What did macronix exactly recommend? Did they say that we shouldn't >> interrogate the SFDP data in order to differentiate the flashes at >> run-time? If yes, why is that? > > > I forward the reply from Holger Schulze, Field Application Engineer, > Macronix Europe N.V. I received on the 3 Jul. > > I ask: > "But the OTP setting is not in the SFDP. > How can we know which OTP size and number of regions to set?" > > And the reply: > "You are correct, the OTP setting is not defined in the JEDEC spec for > the SFDP table. The only way is to refer to the data sheet." We already know that the OTP is not defined in any SFDP table. This doesn't mean that we can't compare SFDP tables to determine which flavor of flash is present. That is the reason why we ask for SFDP dumps when someone proposes a flash update or addition. So that we can compare the SFDP dumps and correctly identify the flash or assure backward compatibility for it.
Powered by blists - more mailing lists