In message 200711181959.55060.matthias.fuchs@esd-electronics.com you wrote:
I noticed that the monitor flash autoprotection from drivers/cfi_flash.c is not completely safe. It does not protect all bootloader sectors in some situations:
...
Question: what's the best way to fix this? We could modify the call to flash_protect()
The bst way is to make sure that all sectors that need to be protected do get protected.
like this:
flash_protect (FLAG_PROTECT_SET, CFG_MONITOR_BASE, CFG_MONITOR_BASE + CFG_MONITOR_LEN - 1, flash_get_info(CFG_MONITOR_BASE));
But I am not sure if this is fine for all architectures. Any ideas?
The problem is that you don't have any guarantee that CFG_MONITOR_LEN includes the reset vector; also, there might be configurations where the U-Boot image is not stored at the end of the flash, so there is a bigger gap between the image and the sector with the reset vector, and it would be not good to enforce protection on that area that might be useful to the user otherwise.
I think as a short term fix we might define an additional area that needs to be protected (the reset vector). Mid/long term we should change the code so you can pass a list of areas (start/end or start/length pairs) that will be protected. This would, for example, also allow to keep certain other areas (FDT, kernel image, etc.) auto-protected as well - configurable by the user ona per-board base.
Best regards,
Wolfgang Denk