From patchwork Tue Jan 25 13:55:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ying-Chun Liu X-Patchwork-Id: 536486 Delivered-To: patch@linaro.org Received: by 2002:ac0:f7d2:0:0:0:0:0 with SMTP id i18csp3731640imr; Tue, 25 Jan 2022 05:56:05 -0800 (PST) X-Google-Smtp-Source: ABdhPJxkjt/7oQzOUjkKwgfmLmdxgk5j/iMtv8QI8uwnoWxbE9ZLg2mT0MYWIBDS+U0W7TnW+REb X-Received: by 2002:a17:906:a148:: with SMTP id bu8mr16032942ejb.421.1643118964874; Tue, 25 Jan 2022 05:56:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643118964; cv=none; d=google.com; s=arc-20160816; b=UUJi1WN7EpGPqNZVF+e/MYBDi7dza5Lvfg9PikcCPdPWNyYSXcVPTVGJYoL3NcHTBN ZNRdpXhkCG6wPNZkIW3yldbEbEbi7gc+N7hyMmebfBXK+oSojZhdMOMEXei4+CwpEG2t xT1A/IJ1FVu08yKF6OIw+6OOiWgKzJiAb93ArSHSozluvZNnHMJpbpsv+5jnIcGg2P8v jTmulll5vKkDaH5hluujkD7PNCIzWIKRUclytSpGcbMupI506r9PUoa3TACIYPxFd5kU gZhb1IsYnvaEwABWHzPmOAKZn6zIACDeF7OOtp8vWqmR9xNmXlDHRqaInyiK3knsSuAL L16A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=RIss+cGVT9XZ1zmqRuL8mKp7k+pdGXPIBKDAANdsPy4=; b=a0965300DziRkrUtSadR8j033mF6UuxVHFBHREwhsmSj9QD+KRNSPfy5opGjC9C8G+ OJMRaknnC1tr9j6oKVmU3S8SFWiTmBTBp3nMQ3J4P+yLNvN1N7ldmmWtyCfcfyTBASe8 ujvLurdVE0fXh5ALGSyvl3QuZVya0qE/+9V2byFSYlCvUhnmbBuZRoG/7CsT6XEtuMHH BVxRkkEU3P7/15EE4BMh4P4XF7I4PAo87E+M0eTYtJuNT0xZq1Rt+CtQw2RdQyYDf2mM jq38YQmF7XD/h7pOIEjSPghCss56vpryoixOw4mxr/1aLZXZfiSBkin02r2pHG3/Yzos jqsw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=PWd84WsB; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id v18si8973849ejk.328.2022.01.25.05.56.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 05:56:04 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=PWd84WsB; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id D64E681432; Tue, 25 Jan 2022 14:55:56 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="PWd84WsB"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 7FEAC834E5; Tue, 25 Jan 2022 14:55:52 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 2872081DD6 for ; Tue, 25 Jan 2022 14:55:49 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=grandpaul@gmail.com Received: by mail-pf1-x431.google.com with SMTP id 192so16421590pfz.3 for ; Tue, 25 Jan 2022 05:55:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=RIss+cGVT9XZ1zmqRuL8mKp7k+pdGXPIBKDAANdsPy4=; b=PWd84WsB0N0BXFKRyzBnKpI682iHrcub4ltuVqwBm8hS0+Dkd4GYqWpaMRxpcFMhG4 T3M4J/RgCY6Xdmgd71cm9+JhUAqufYe0iQCDn220nJf2WnO4jyiAgSRhjz2nkh/oc/ro MA3GRxkBsGJHXkNiv5cCRSZiohGyz864g48U5bjsc2cSxmoChzPC2c0X2MmFAPZgU415 lquRmVr0qbMeHLmblDkwgI4uWsG+NalNyut6JlfR6defswJiFjrdEX81oGuAE3IR1E+P IEJEZ2f26BsjK5OinR9otJFE6tzI/eDZ2eUuXQac35+lM2py1H+Wm2CZHFFiwclMNeR8 w81Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=RIss+cGVT9XZ1zmqRuL8mKp7k+pdGXPIBKDAANdsPy4=; b=3I7BXrQmejqyLsY0GuZQY8EmFt2a7yb/SugEJjO9EmgoY+IDJFpmi72abNv5ueFzDT lapQxDS6EZSC5fGNqdOl64rvrdu5YNjytBjZOgnaNN51fBVGL4mZPrFAMv/2NayJbCU2 NBAq35+20DAeDfY9M0CvTViMuSFr4/BYpczieZ9lPM46NoBKyDaLy+Q743vtu+muaeOl +Z2GkqjukLaXkvretfJyUBjrEPQUce8MfZO1GSUqDfx9j+/et5Vyc3MVMwC2Zc5H+SL4 KzEdkDVInUaFkEP9E7RqIJnEn9s82iYMV6oQsyWagF485XgnLFYxjOZA4rPQ8M3ae3hE cldg== X-Gm-Message-State: AOAM532f+CbJNhDCOCABHYMlj92FMjjFIsGr6sN4Nf9DhzcXsA+i713X 2pwBQ0fnlj0iEPXhVwcTcxS1RI7l7cY= X-Received: by 2002:aa7:961d:0:b0:4ca:b9fc:4f63 with SMTP id q29-20020aa7961d000000b004cab9fc4f63mr3937028pfg.7.1643118947250; Tue, 25 Jan 2022 05:55:47 -0800 (PST) Received: from localhost (host-111-184-129-17.dynamic.kbtelecom.net. [111.184.129.17]) by smtp.gmail.com with ESMTPSA id u12sm5233232pfk.220.2022.01.25.05.55.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 05:55:46 -0800 (PST) From: Ying-Chun Liu To: u-boot@lists.denx.de Cc: "Ying-Chun Liu (PaulLiu)" , Peng Fan , Jaehoon Chung Subject: [RFC 1/2] drivers: mmc: write protect active boot area after mmc init. Date: Tue, 25 Jan 2022 21:55:34 +0800 Message-Id: <20220125135535.224061-2-grandpaul@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125135535.224061-1-grandpaul@gmail.com> References: <20220125135535.224061-1-grandpaul@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean From: "Ying-Chun Liu (PaulLiu)" This commit implements write protection for active boot partition for eMMC. The active boot partition is write protected, and it is still able to write to the inactive boot partition. Signed-off-by: Ying-Chun Liu (PaulLiu) Cc: Peng Fan Cc: Jaehoon Chung --- drivers/mmc/Kconfig | 10 ++++++++ drivers/mmc/mmc.c | 58 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+) diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig index e0927ce1c9..c4bae743e6 100644 --- a/drivers/mmc/Kconfig +++ b/drivers/mmc/Kconfig @@ -100,6 +100,16 @@ config MMC_HW_PARTITIONING This adds a command and an API to do hardware partitioning on eMMC devices. +config MMC_WRITE_PROTECT_ACTIVE_BOOT + bool "Write protection for active boot partition (eMMC)" + depends on MMC_HW_PARTITIONING + default n + help + Write protection for active boot partition when mmc initialized. + This option protects the active boot partition so that it cannot + be written. But it is still able to write to the inactive boot + partition. + config SUPPORT_EMMC_RPMB bool "Support eMMC replay protected memory block (RPMB)" imply CMD_MMC_RPMB diff --git a/drivers/mmc/mmc.c b/drivers/mmc/mmc.c index 4d9871d69f..8620918749 100644 --- a/drivers/mmc/mmc.c +++ b/drivers/mmc/mmc.c @@ -860,6 +860,60 @@ int mmc_boot_wp(struct mmc *mmc) return mmc_switch(mmc, EXT_CSD_CMD_SET_NORMAL, EXT_CSD_BOOT_WP, 1); } +/** + * mmc_boot_wp_single_partition() - set write protection to a boot partition. + * + * This function sets a single boot partition to protect and leave the + * other partition writable. + * + * @param mmc the mmc device. + * @param partition 0 - first boot partition, 1 - second boot partition. + */ +int mmc_boot_wp_single_partition(struct mmc *mmc, int partition) +{ + u8 value; + int ret; + + value = 1; + + if (partition == 0) { + value |= 0x80; + ret = mmc_switch(mmc, + EXT_CSD_CMD_SET_NORMAL, + EXT_CSD_BOOT_WP, + value); + } else if (partition == 1) { + value |= 0x80; + value |= 0x02; + ret = mmc_switch(mmc, + EXT_CSD_CMD_SET_NORMAL, + EXT_CSD_BOOT_WP, + value); + } else { + ret = mmc_boot_wp(mmc); + } + + return ret; +} + +/** + * mmc_boot_wp_active_partition() - set write protection to active boot + * partition. + * + * @param mmc the mmc device. + */ +static int mmc_boot_wp_active_partition(struct mmc *mmc) +{ + u8 part; + + if (mmc->part_config == MMCPART_NOAVAILABLE) + return -EOPNOTSUPP; + + part = EXT_CSD_EXTRACT_BOOT_PART(mmc->part_config); + + return mmc_boot_wp_single_partition(mmc, part - 1); +} + #if !CONFIG_IS_ENABLED(MMC_TINY) static int mmc_set_card_speed(struct mmc *mmc, enum bus_mode mode, bool hsdowngrade) @@ -2925,6 +2979,10 @@ static int mmc_complete_init(struct mmc *mmc) mmc->has_init = 0; else mmc->has_init = 1; + + if (!err && CONFIG_IS_ENABLED(MMC_WRITE_PROTECT_ACTIVE_BOOT)) + mmc_boot_wp_active_partition(mmc); + return err; }