[PATCH 1/1] MTD: Unlocking all Intel flash that is locked on power up

Nicolas Pitre nico at cam.org
Mon Nov 12 23:48:58 EST 2007


On Mon, 12 Nov 2007, Jared Hulbert wrote:

> > Don't make the unlocking the default.  The flag has simply to be set
> > explicitly for the unlock to occur.  Few reasons for this:
> >
> > 1) you don't know if a particular flash requires unlocking after boot,
> >    (most flash models don't) so doing it unconditionally is wasteful;
> >
> > 2) the partition might as well be meant to remain locked, except for
> >    rare occasions when its content is updated (think bootloader) meaning
> >    it cannot be marked read-only;
> >
> > 3) this is a security feature and should not be bypassed "by
> >    default", and therefore the auto-unlock should be dependent on an
> >    explicit flag so people needing it will have the opportunity to think
> >    about it.
> 
> Why is it a security feature to have a partition marked as r/w come up
> as locked?  That's nutty.

How do you update your bootloader from Linux but protect it from 
possible corruptions otherwise?  By recompiling your kernel?  _That_ is 
nutty.

> If someone want's to implement some complex
> scheme to prevent errant programs, they can use the userspace tools
> and readonly flag for that.

Well, actually I just looked and the core already has the code to 
auto-unlock flash when they have the MTD_STUPID_LOCK bit set.

So... if one partition should _not_ be automatically unlocked, it just 
has to put MTD_STUPID_LOCK in its flag_mask.  I'd have prefered if the 
auto-unlock was explicitly enabled instead of its prevention, but 
whatever.

> The mailinglist gets an awful lot of
> questions that have pointlessly locked partitions as the core.

I guess it's only a matter of properly flagging flash models that do 
power up locked then.


Nicolas



More information about the linux-mtd mailing list