rwsig: protect flash with EC_FLASH_PROTECT_ALL_NOW whenever possible

Use EC_FLASH_PROTECT_ALL_NOW to protect all flash before jump if posisble. If EC_FLASH_PROTECT_ALL_NOW does not work, try EC_FLASH_PROTECT_ALL_AT_BOOT next. BUG=b:37584134 TEST=on rose: 1) `flashwp enable` 2) `reboot` 3) `flashinfo` flags contains 'all_now' Change-Id: I2773410e97fae082fc6c20d47bdae3d991c57063 Reviewed-on: https://chromium-review.googlesource.com/497155 Commit-Ready: Wei-Ning Huang <wnhuang@chromium.org> Tested-by: Wei-Ning Huang <wnhuang@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org> Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
2025-12-30 10:31:02 +00:00 · 2017-05-08 08:02:06 +08:00
parent 375b607761
commit d3b49deb80
1 changed files with 21 additions and 14 deletions
--- a/common/rwsig.c
+++ b/common/rwsig.c
@@ -36,23 +36,30 @@ void rwsig_jump_now(void)
 {
 	/* Protect all flash before jumping to RW. */

-	/*
-	 * This may do nothing if WP is not enabled, RO is not
-	 * protected, or if ALL_AT_BOOT is already set.
-	 */
-	flash_set_protect(EC_FLASH_PROTECT_ALL_AT_BOOT, -1);
+	/* This may do nothing if WP is not enabled, RO is not protected. */
+	flash_set_protect(EC_FLASH_PROTECT_ALL_NOW, -1);

-	if (!(flash_get_protect() & EC_FLASH_PROTECT_ALL_NOW) &&
-	      flash_get_protect() & EC_FLASH_PROTECT_ALL_AT_BOOT) {
-		/*
-		 * If flash protection is still not enabled (some chips may
-		 * be able to enable it immediately), reboot.
-		 */
-		cflush();
-		system_reset(SYSTEM_RESET_HARD | SYSTEM_RESET_PRESERVE_FLAGS);
+	/*
+	 * For chips that does not support EC_FLASH_PROTECT_ALL_NOW, use
+	 * EC_FLASH_PROTECT_ALL_AT_BOOT.
+	 */
+	if (system_is_locked() &&
+	    !(flash_get_protect() & EC_FLASH_PROTECT_ALL_NOW)) {
+		flash_set_protect(EC_FLASH_PROTECT_ALL_AT_BOOT, -1);
+
+		if (!(flash_get_protect() & EC_FLASH_PROTECT_ALL_NOW) &&
+		    flash_get_protect() & EC_FLASH_PROTECT_ALL_AT_BOOT) {
+			/*
+			 * If flash protection is still not enabled (some chips
+			 * may be able to enable it immediately), reboot.
+			 */
+			cflush();
+			system_reset(SYSTEM_RESET_HARD |
+				     SYSTEM_RESET_PRESERVE_FLAGS);
+		}
 	}

-	/* When system is locked, only boot to RW is all flash is protected. */
+	/* When system is locked, only boot to RW if all flash is protected. */
 	if (!system_is_locked() ||
 	    flash_get_protect() & EC_FLASH_PROTECT_ALL_NOW)
 		system_run_image_copy(SYSTEM_IMAGE_RW);