From a9d6d1a817ce20e834fe7c354629976e3e5f1108 Mon Sep 17 00:00:00 2001 From: David Hendricks Date: Tue, 19 Nov 2019 19:29:26 -0800 Subject: mysteries_intel: Add a section about SMM_BWP Something to point users to when SMM_BWP might be causing problems. Change-Id: I394c033e8d4ff96433162f86aefb428d8acf6349 Signed-off-by: David Hendricks Reviewed-on: https://review.coreboot.org/c/flashrom/+/36986 Tested-by: build bot (Jenkins) Reviewed-by: Nico Huber --- Documentation/mysteries_intel.txt | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/Documentation/mysteries_intel.txt b/Documentation/mysteries_intel.txt index 10cb37d22..60ad21a76 100644 --- a/Documentation/mysteries_intel.txt +++ b/Documentation/mysteries_intel.txt @@ -5,6 +5,27 @@ A0h), so we have no clue if or where it is on ICH8. Out current policy is to not touch it at all and assume/hope it is 0. += SMM BIOS Write Protection = +Sometimes a hardware vendor will enable "SMM BIOS Write Protect" (SMM_BWP) +in the firmware during boot time. The bits that control SMM_BWP are in the +BIOS_CNTL register in the LPC interface. + +When enabled, the SPI flash can only be written when the system is operating in +in System Management Mode (SMM). In other words, only certain code that was +installed by the BIOS can write to the flash chip. Programs that run in OS +context such as flashrom can still read the flash chip, but cannot write to the +flash chip. + +Flashrom will attempt to detect this and print a warning such as the following: +"Warning: BIOS region SMM protection is enabled!" + +Many vendor-supplied firmware update utilities do not actually write to the ROM; +instead they transfer data to/from memory which is read/written by a routine +running in SMM and is responsible for writing to the firmware ROM. This causes +severe system performance degradataion since all processors must be in SMM +context (ring -2) instead of OS context (ring 0) while the firmware ROM is being +written. + = Accesses beyond region bounds in descriptor mode = Intel's flash image tool will always expand the last region so that it covers the whole flash chip, but some boards ship with a different configuration. -- cgit v1.2.3