[RFC 1/2] drivers: mmc: write protect active boot area after mmc init.

Paul Liu paul.liu at linaro.org
Thu Jan 27 02:23:53 CET 2022 

Hi Jaehoon,

There are 2 boot partitions on eMMC. So the active one is write-protected.
Users can write the new firmware to another boot partition (inactive) which
is not write-protected.
And then switch it on.

In U-boot, execute "mmc wp" write-protect all of the boot partitions.
Maybe we can add an additional command that just write-protect only one
boot partition.

Yours,
Paul


On Thu, 27 Jan 2022 at 07:24, Jaehoon Chung <jh80.chung at samsung.com> wrote:

> Hi,
>
> On 1/25/22 22:55, Ying-Chun Liu wrote:
> > From: "Ying-Chun Liu (PaulLiu)" <paul.liu at linaro.org>
> >
> > This commit implements write protection for active boot partition for
> > eMMC. The active boot partition is write protected, and it is still
> > able to write to the inactive boot partition.
>
> It seems that you want to enable Write-protect  about boot partition
> without additional command, right?
> After initialized eMMC, how to update image into boot partition?
>
> Best Regards,
> Jaehoon Chung
>
> >
> > Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu at linaro.org>
> > Cc: Peng Fan <peng.fan at nxp.com>
> > Cc: Jaehoon Chung <jh80.chung at samsung.com>
> > ---
> >  drivers/mmc/Kconfig | 10 ++++++++
> >  drivers/mmc/mmc.c   | 58 +++++++++++++++++++++++++++++++++++++++++++++
> >  2 files changed, 68 insertions(+)
> >
> > diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
> > index e0927ce1c9..c4bae743e6 100644
> > --- a/drivers/mmc/Kconfig
> > +++ b/drivers/mmc/Kconfig
> > @@ -100,6 +100,16 @@ config MMC_HW_PARTITIONING
> >         This adds a command and an API to do hardware partitioning on
> eMMC
> >         devices.
> >
> > +config MMC_WRITE_PROTECT_ACTIVE_BOOT
> > +     bool "Write protection for active boot partition (eMMC)"
> > +     depends on MMC_HW_PARTITIONING
> > +     default n
> > +     help
> > +       Write protection for active boot partition when mmc initialized.
> > +       This option protects the active boot partition so that it cannot
> > +       be written. But it is still able to write to the inactive boot
> > +       partition.
> > +
> >  config SUPPORT_EMMC_RPMB
> >       bool "Support eMMC replay protected memory block (RPMB)"
> >       imply CMD_MMC_RPMB
> > diff --git a/drivers/mmc/mmc.c b/drivers/mmc/mmc.c
> > index 4d9871d69f..8620918749 100644
> > --- a/drivers/mmc/mmc.c
> > +++ b/drivers/mmc/mmc.c
> > @@ -860,6 +860,60 @@ int mmc_boot_wp(struct mmc *mmc)
> >       return mmc_switch(mmc, EXT_CSD_CMD_SET_NORMAL, EXT_CSD_BOOT_WP, 1);
> >  }
> >
> > +/**
> > + * mmc_boot_wp_single_partition() - set write protection to a boot
> partition.
> > + *
> > + * This function sets a single boot partition to protect and leave the
> > + * other partition writable.
> > + *
> > + * @param mmc the mmc device.
> > + * @param partition 0 - first boot partition, 1 - second boot partition.
> > + */
> > +int mmc_boot_wp_single_partition(struct mmc *mmc, int partition)
> > +{
> > +     u8 value;
> > +     int ret;
> > +
> > +     value = 1;
> > +
> > +     if (partition == 0) {
> > +             value |= 0x80;
> > +             ret = mmc_switch(mmc,
> > +                              EXT_CSD_CMD_SET_NORMAL,
> > +                              EXT_CSD_BOOT_WP,
> > +                              value);
> > +     } else if (partition == 1) {
> > +             value |= 0x80;
> > +             value |= 0x02;
> > +             ret = mmc_switch(mmc,
> > +                              EXT_CSD_CMD_SET_NORMAL,
> > +                              EXT_CSD_BOOT_WP,
> > +                              value);
> > +     } else {
> > +             ret = mmc_boot_wp(mmc);
> > +     }
> > +
> > +     return ret;
> > +}
> > +
> > +/**
> > + * mmc_boot_wp_active_partition() - set write protection to active boot
> > + * partition.
> > + *
> > + * @param mmc the mmc device.
> > + */
> > +static int mmc_boot_wp_active_partition(struct mmc *mmc)
> > +{
> > +     u8 part;
> > +
> > +     if (mmc->part_config == MMCPART_NOAVAILABLE)
> > +             return -EOPNOTSUPP;
> > +
> > +     part = EXT_CSD_EXTRACT_BOOT_PART(mmc->part_config);
> > +
> > +     return mmc_boot_wp_single_partition(mmc, part - 1);
> > +}
> > +
> >  #if !CONFIG_IS_ENABLED(MMC_TINY)
> >  static int mmc_set_card_speed(struct mmc *mmc, enum bus_mode mode,
> >                             bool hsdowngrade)
> > @@ -2925,6 +2979,10 @@ static int mmc_complete_init(struct mmc *mmc)
> >               mmc->has_init = 0;
> >       else
> >               mmc->has_init = 1;
> > +
> > +     if (!err && CONFIG_IS_ENABLED(MMC_WRITE_PROTECT_ACTIVE_BOOT))
> > +             mmc_boot_wp_active_partition(mmc);
> > +
> >       return err;
> >  }
> >
>
>

More information about the U-Boot mailing list