> -----Original Message----- > From: platform-driver-x86-owner@xxxxxxxxxxxxxxx <platform-driver-x86- > owner@xxxxxxxxxxxxxxx> On Behalf Of Mika Westerberg > Sent: Friday, May 8, 2020 3:20 AM > To: Limonciello, Mario > Cc: hughsient@xxxxxxxxx; platform-driver-x86@xxxxxxxxxxxxxxx; linux- > security-module@xxxxxxxxxxxxxxx > Subject: Re: [PATCH] platform/x86: Export LPC attributes for the system > SPI chip > > > [EXTERNAL EMAIL] > > On Thu, May 07, 2020 at 08:03:21PM +0000, Mario.Limonciello@xxxxxxxx > wrote: > > > -----Original Message----- > > > From: Richard Hughes <hughsient@xxxxxxxxx> > > > Sent: Thursday, May 7, 2020 2:49 PM > > > To: Limonciello, Mario > > > Cc: Platform Driver; linux-security-module; > mika.westerberg@xxxxxxxxxxxxxxx > > > Subject: Re: [PATCH] platform/x86: Export LPC attributes for the > system SPI > > > chip > > > > > > > > > [EXTERNAL EMAIL] > > > > > > On Thu, 7 May 2020 at 20:22, <Mario.Limonciello@xxxxxxxx> wrote: > > > > By default the driver exposes SPI serial flash contents as read- > only but it > > > can > > > > be changed from kernel command line, passing “intel- > spi.writeable=1”. > > > > > > Ahh, that was the bit I didn't know; having the SPI as readonly by > > > default is certainly a good idea, and probably sane enough to enable > > > for Fedora/RHEL as you still need to "do" something manual to enable > > > SPI writing. I guess I can add my securityfs additions to > > > intel-spi-pci.c with Mikas approval. > > > > > > Richard > > > > Mika, > > > > Since you're being joined into the thread late, here is the context: > > https://www.spinics.net/lists/platform-driver-x86/msg21646.html > > Thanks for the information. I actually prefer that this would be in a > separate driver because I do not want distros to enable intel-spi just > for this. It is really only meant for special setups where firmware > upgrade/access flow has been thoroughly tested. Mika, Thanks for those comments and context on that driver. Considering this, what do you think about as part of this new driver, moving the list of supported IDs in there to something that can be sourced by both drivers? I think it should help avoid having to keep the two lists fully in sync as new silicon comes out. Thanks,
