Hi David, Have verified and confirmed that coreboot process as well, it is disabling the BIOS write protect and Enable Prefetching and Caching as part of fast_spi_init().
/* Disable the BIOS write protect so write commands are allowed. */ bios_cntl &= ~SPIBAR_BIOS_CONTROL_EISS; bios_cntl |= SPIBAR_BIOS_CONTROL_WPD; /* Enable Prefetching and caching. */ bios_cntl |= SPIBAR_BIOS_CONTROL_PREFETCH_ENABLE; bios_cntl &= ~SPIBAR_BIOS_CONTROL_CACHE_DISABLE; -Balaji On Mon, Oct 26, 2020 at 1:08 AM David Hendricks <david.hendri...@gmail.com> wrote: > Hi Balaji, > > I have tried to disable it using setcpi utility and it remains the same >> value. Also the flashrom utility also tries but it remains the same. >> >> Warning: BIOS region SMM protection is enabled! >> Warning: Setting Bios Control at 0xdc from 0xab to 0x89 failed. >> >> Also FLOCKDN=1 is set as 1 as well. >> >> I can clearly tell the BIOS region is read and writable but Protected >> registers are read only that's also the reason I am not able to write the >> BIOS region. >> >> What are the options/methods to unlock / disable the Bios Write >> enable(BIOS_CNTL) or to access the HSFS registers to set the FLOCKDN bit to >> 0. >> > > Since BIOS_CNTL is 0xab, the SMM_BWP, BLE, and BIOSWE bits are set. This > means that you can only write to the BIOS region from within SMM. You > should not be able to change this from userspace. > > The BLE and BIOSWE bits are not set by default. You mentioned that you're > using coreboot, can you check the source code to see if BIOS_CNTL is > getting set anywhere? You can also check if FLOCKDN is getting set, > possibly by FSP (look for the SpiFlashCfgLockDown FSP parameter getting > set). > >> --
_______________________________________________ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org