linux/Documentation/ABI/testing/sysfs-driver-spi-intel

What:		/sys/devices/.../intel_spi_protected
Date:		Feb 2025
KernelVersion:	6.13
Contact:	Alexander Usyskin <alexander.usyskin@intel.com>
Description:	This attribute allows the userspace to check if the
		Intel SPI flash controller is write protected from the host.

What:		/sys/devices/.../intel_spi_locked
Date:		Feb 2025
KernelVersion:	6.13
Contact:	Alexander Usyskin <alexander.usyskin@intel.com>
Description:	This attribute allows the user space to check if the
		Intel SPI flash controller locks supported opcodes.

What:		/sys/devices/.../intel_spi_bios_locked
Date:		Feb 2025
KernelVersion:	6.13
Contact:	Alexander Usyskin <alexander.usyskin@intel.com>
Description:	This attribute allows the user space to check if the
		Intel SPI flash controller BIOS region is locked for writes.
spi: intel: Add protected and locked attributes The manufacturing access to the PCH/SoC SPI device is traditionally performed via userspace driver accessing registers via /dev/mem but due to security concerns /dev/mem access is being much restricted, hence the reason for utilizing dedicated Intel PCH/SoC SPI controller driver, which is already implemented in the Linux kernel. Intel PCH/SoC SPI controller protects the flash storage via two mechanisms one is the via region protection registers and second via BIOS lock. The BIOS locks only the BIOS regions usually 0 and/or 6. The device always boots with BIOS lock set, but during manufacturing the BIOS lock has to be lifted in order to enable the write access. This can be done by passing "writeable=1" in the command line when the driver is loaded. This "locked" state is exposed through new sysfs attributes (intel_spi_locked, intel_spi_bios_locked). Second, also the region protection status is exposed via sysfs attribute (intel_spi_protected) as the manufacturing will need the both files in order to validate that the device is properly sealed. Includes code written by Tamar Mashiah. Signed-off-by: Alexander Usyskin <alexander.usyskin@intel.com> Co-developed-by: Tomas Winkler <tomasw@gmail.com> Signed-off-by: Tomas Winkler <tomasw@gmail.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com> Link: https://patch.msgid.link/20241009062244.2436793-1-mika.westerberg@linux.intel.com Signed-off-by: Mark Brown <broonie@kernel.org> 2024-10-09 09:22:44 +03:00			`What: /sys/devices/.../intel_spi_protected`
			`Date: Feb 2025`
			`KernelVersion: 6.13`
			`Contact: Alexander Usyskin <alexander.usyskin@intel.com>`
			`Description: This attribute allows the userspace to check if the`
			`Intel SPI flash controller is write protected from the host.`

			`What: /sys/devices/.../intel_spi_locked`
			`Date: Feb 2025`
			`KernelVersion: 6.13`
			`Contact: Alexander Usyskin <alexander.usyskin@intel.com>`
			`Description: This attribute allows the user space to check if the`
			`Intel SPI flash controller locks supported opcodes.`

			`What: /sys/devices/.../intel_spi_bios_locked`
			`Date: Feb 2025`
			`KernelVersion: 6.13`
			`Contact: Alexander Usyskin <alexander.usyskin@intel.com>`
			`Description: This attribute allows the user space to check if the`
			`Intel SPI flash controller BIOS region is locked for writes.`