Re: [PATCH] mtd: spi-nor: intel-spi: Do not try to make the SPI flash chip writable

From: Daniel Gutson <daniel@eclypsium.com>
To: Mika Westerberg <mika.westerberg@linux.intel.com>
Cc: Arnd Bergmann <arnd@arndb.de>,
	Tudor Ambarus <tudor.ambarus@microchip.com>,
	Miquel Raynal <miquel.raynal@bootlin.com>,
	Richard Weinberger <richard@nod.at>,
	Vignesh Raghavendra <vigneshr@ti.com>,
	Boris Brezillon <bbrezillon@kernel.org>,
	linux-mtd <linux-mtd@lists.infradead.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Alex Bazhaniuk <alex@eclypsium.com>,
	Richard Hughes <hughsient@gmail.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [PATCH] mtd: spi-nor: intel-spi: Do not try to make the SPI flash chip writable
Date: Mon, 24 Aug 2020 13:00:42 -0300	[thread overview]
Message-ID: <CAFmMkTFVVxqeg6bWj_4iSfSRwcOhxgBpMbyO8mFA2ze4q6LUFA@mail.gmail.com> (raw)
In-Reply-To: <20200824094448.GE1375436@lahna.fi.intel.com>

On Mon, Aug 24, 2020 at 6:44 AM Mika Westerberg
<mika.westerberg@linux.intel.com> wrote:
>
> On Mon, Aug 24, 2020 at 11:31:40AM +0200, Arnd Bergmann wrote:
> > On Mon, Aug 24, 2020 at 11:15 AM Mika Westerberg
> > <mika.westerberg@linux.intel.com> wrote:
> > > On Mon, Aug 24, 2020 at 11:08:33AM +0200, Arnd Bergmann wrote:
> > > > On Mon, Aug 24, 2020 at 10:22 AM Mika Westerberg
> > > > <mika.westerberg@linux.intel.com> wrote:
> > > > > On Sat, Aug 22, 2020 at 06:06:03PM +0200, Arnd Bergmann wrote:
> > > > > > On Wed, Aug 19, 2020 at 11:11 AM Mika Westerberg
> > > > > >
> > > > > > The mtd core just checks both the permissions on the device node (which
> > > > > > default to 0600 without any special udev rules) and the MTD_WRITEABLE
> > > > > > on the underlying device that is controlled by the module parameter
> > > > > > in case of intel-spi{,-platform,-pci}.c.
> > > > >
> > > > > OK, thanks.
> > > > >
> > > > > Since we cannot really get rid of the module parameter (AFAIK there are
> > > > > users for it), I still think we should just make the "writeable" to
> > > > > apply to the PCI part as well. That should at least make it consistent,
> > > > > and it also solves Daniel's case.
> > > >
> > > > Can you explain Daniel's case then? I still don't understand what he
> > > > actually wants.
> > > >
> > > > As I keep repeating, the module parameter *does* apply to the pci
> > > > driver front-end since it determines whether the driver will disallow
> > > > writes to the mtd device without it. The only difference is that the pci
> > > > driver will attempt to set the hardware bit without checking the
> > > > module parameter first, while the platform driver does not. If the
> > > > module parameter is not set however, the state of the hardware
> > > > bit is never checked again.
> > >
> > > I think Daniel wants the PCI driver not to set the hardware bit by
> > > default (same as the platform driver).
> >
> > Sure, but *why*?
>
> Because this is part of the platform firmware security check patch he is
> also working on and, I guess making the flash chip writeable by default
> is triggering some of the checks in that patch. Or something along those
> lines ;-)

Correct. I need these drivers to be enabled by default, but they are
documented as "DANGEROUS", so I want to also split the driver
in read-only mode and R/W mode. Currently, the driver is R/W,
and this would be a little first step in that direction.

-- 
Daniel Gutson
Argentina Site Director
Enginieering Director
Eclypsium

Below The Surface: Get the latest threat research and insights on
firmware and supply chain threats from the research team at Eclypsium.
https://eclypsium.com/research/#threatreport