On Fri, May 08, 2020 at 05:27:12PM +0000, Mario.Limonciello@xxxxxxxx wrote: > > -----Original Message----- > > From: platform-driver-x86-owner@xxxxxxxxxxxxxxx <platform-driver-x86- > > owner@xxxxxxxxxxxxxxx> On Behalf Of Mika Westerberg > > Sent: Friday, May 8, 2020 3:20 AM > > To: Limonciello, Mario > > Cc: hughsient@xxxxxxxxx; platform-driver-x86@xxxxxxxxxxxxxxx; linux- > > security-module@xxxxxxxxxxxxxxx > > Subject: Re: [PATCH] platform/x86: Export LPC attributes for the system > > SPI chip > > > > > > [EXTERNAL EMAIL] > > > > On Thu, May 07, 2020 at 08:03:21PM +0000, Mario.Limonciello@xxxxxxxx > > wrote: > > > > -----Original Message----- > > > > From: Richard Hughes <hughsient@xxxxxxxxx> > > > > Sent: Thursday, May 7, 2020 2:49 PM > > > > To: Limonciello, Mario > > > > Cc: Platform Driver; linux-security-module; > > mika.westerberg@xxxxxxxxxxxxxxx > > > > Subject: Re: [PATCH] platform/x86: Export LPC attributes for the > > system SPI > > > > chip > > > > > > > > > > > > [EXTERNAL EMAIL] > > > > > > > > On Thu, 7 May 2020 at 20:22, <Mario.Limonciello@xxxxxxxx> wrote: > > > > > By default the driver exposes SPI serial flash contents as read- > > only but it > > > > can > > > > > be changed from kernel command line, passing “intel- > > spi.writeable=1”. > > > > > > > > Ahh, that was the bit I didn't know; having the SPI as readonly by > > > > default is certainly a good idea, and probably sane enough to enable > > > > for Fedora/RHEL as you still need to "do" something manual to enable > > > > SPI writing. I guess I can add my securityfs additions to > > > > intel-spi-pci.c with Mikas approval. > > > > > > > > Richard > > > > > > Mika, > > > > > > Since you're being joined into the thread late, here is the context: > > > https://www.spinics.net/lists/platform-driver-x86/msg21646.html > > > > Thanks for the information. I actually prefer that this would be in a > > separate driver because I do not want distros to enable intel-spi just > > for this. It is really only meant for special setups where firmware > > upgrade/access flow has been thoroughly tested. > > Mika, > > Thanks for those comments and context on that driver. Considering this, > what do you think about as part of this new driver, moving the list of > supported IDs in there to something that can be sourced by both drivers? > I think it should help avoid having to keep the two lists fully in sync > as new silicon comes out. Hi, Since this is binding to the LPC/eSPI device I think you may be adding this functionality to drivers/mfd/lpc_ich.c. It is also filling the data for intel-spi so it is natural place to re-use the code. I actually think it already has some of these PCI IDs.
