New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 774343 link

Starred by 1 user
Status: Assigned
Owner:
rspangler@chromium.org
Last visit > 30 days ago
Cc:
rspangler@chromium.org
chromeos-factory-eng@google.com
vbendeb@chromium.org
nsanders@chromium.org
adurbin@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 3
Type: Bug



Sign in to add a comment

Firmware: Make SW WP status easily accessible.

Project Member Reported by hungte@chromium.org, Oct 13 2017 
This is forked from the discussion of Cr50 configuration.

We find that it may be useful for end users (and developers) to easily figure out "what's WP status of this device". Currently this needs several checks:

 1. HW - done by crossystem wpsw_cur or wpsw_boot.
 2. SW - done by flashrom --wp-status -p [host|ec] then grep.
    In fact for SW, there are two levels: (1) enabled or disabled (2) range/length not zero.

Randall mentioned the UMA stats should (already?) have WP status. I wonder if we should:

1. Make a easy command that reports better readable WP state, and easier interface (that simply returns 0/1 without grep) to check WP states.

2. Probably add some banner in Chrome startup screen to indicate WP was not set? (just like HWID error)

3. Improve or add a WP section in chrome://system so people can easily figure out WP states.

Any thoughts?

Comment 1 by hungte@chromium.org, Oct 13 2017

Labels: Hotlist-GoodFirstBug
(assign to Randall to see if he has anything to add / revise - feel free to re-assign to others)

Comment 2 by vbendeb@chromium.org, Oct 13 2017 

as a general consideration, it would be great to have some light weight
utility to check the flash SW write protect status for use in startup
scripts when deciding if Board ID programming fallback should kick in.

Maybe the AP firmware could query it and communicate to the kernel one way
or another (even grepping /sys/firmeare/log would be a good improvement
compared to the need to run flashrom).

Comment 3 by rspangler@chromium.org, Oct 16 2017 

Do you want the *current* status, or is the status at boot good enough?

If the status at boot is good enough, we could pass that information down from RW firmware - which also knows the EC's status because that's where software sync happens - to crossystem.

One question on range: What's the "right" answer?  Should something check the range vs. flashmap to see if they match?

Comment 4 by hungte@chromium.org, May 8 2018 

I think it would be best if we can get both (current and boot).

Ideally we should check flashmap to make "right"answer. But if that's not easy, checking if the WP size is non-zero can be a first step.

Comment 5 by hungte@chromium.org, Jun 22 2018

Status: Assigned (was: Untriaged)
Change status to Assigned - so it can be caught when Randall is going to finish rewriting vboot 2.

I think we do want the SW WP being easily accessed, for both boot time and current (if possible), just like HW WP.

And if the status can't be retrieved (old firmware), return error -1 in crossystem. Something like similar to wpsw_* (sw here stands for switch, not software)

 crossystem wpreg_boot (write protection registers)
 crossystem wpreg_cur

Or more specific,

 crossystem wpap_boot, wpap_cur, wpec_boot, wpec_cur, ... etc.

Sign in to add a comment