On 11/26/13 13:36, Markus Armbruster wrote: > Your stated purpose for multiple -pflash: > > This accommodates the following use case: suppose that OVMF is split in > two parts, a writeable host file for non-volatile variable storage, and a > read-only part for bootstrap and decompressible executable code. > > Such a split between writable part and read-only part makes sense to me. > How is it done in physical hardware? Single device with configurable > write-protect, or two separate devices?
(Jordan could help more.) Likely one device that's fully writeable. The flash driver (through which the NvVar updates go) makes sure that a kind of journal is written and that the live variable store is not corrupted even if power is cut during an update. However, if something writes to the flash without going through the driver, it can brick the board. (Trample over the bootstrap code for example.) I think. Laszlo
