This module is meant to be used to prevent firmware modification as part of a SecureBoot authenticated execution environment. Where it is hardened such that there is no /dev/mem access or privileged IO available. (because if you have those things you can just do this from userspace)
These awesome slides give a full description of how this mechanism works.
Tested on amd64 debian, 3.16 kernel, and [ICH10R LPC Interface
With this miraculous technology you can:
- set Flash Regions Access Permission Register to control which regions of flash memory can be read and written.
- set Protected Ranges Registers to control which address ranges are read or write protected.
ALL FROM THE COMFORT OF RING 3!
But wait, there's more!
- Enabling FLOCKDN prevents SPI protected memory range registers from being modified. (See: Section 21.4.2 in Intel® 8 Series PCH Datasheet)
Tested on amd64 debian, 3.16 kernel, and ICH10R LPC Interface Controller
apt-get install linux-headers-$(uname -r)
git clone git@github.com:burritoaddict/spi-lockdown.git
cd spi-lockdown
make
insmod spi_lockdown.ko
sysctl -w dev.spi_lockdown.pr0=2415886336 # write protect entire
region (0x8fff8000)
sysctl -w dev.spi_lockdown.flockdn=1 # prevent SPI protection
modifications
Note: flockdn cannot be disabled after running sysctl without a 'reset'. On some systems that means waking from sleep
- dev.spi_lockdown.flockdn - FLOCKDN bit in Hardware Sequencing Flash Status Register
- dev.spi_lockdown.frap - Flash Regions Access Permissions Register
- dev.spi_lockdown.pr0 - Protected Range 0 Register
- dev.spi_lockdown.pr1 - Protected Range 1 Register
- dev.spi_lockdown.pr2 - Protected Range 2 Register
- dev.spi_lockdown.pr3 - Protected Range 3 Register
- dev.spi_lockdown.pr4 - Protected Range 4 Register
- switch to use sysfs instead of sysctl
- Review datasheets for all the chipsets dumped into lpc_chipsets to determine spibar calculation method... :(
Error handling and cleanupExpose SPI protected memory rangesExpose Flash Region Access Permissions Register- Expose Software Sequencing Flash Control Register
- Expose flash descriptor region and mark unwritable
- Re-write register values on wakeup from sleep?
- https://www.intel.com/content/dam/www/public/us/en/documents/datasheets/8-series-chipset-pch-datasheet.pdf
- http://opensecuritytraining.info/IntroBIOS_files/Day2_03_Advanced%20x86%20-%20BIOS%20and%20SMM%20Internals%20-%20SPI%20Flash%20Protection%20Mechanisms.pdf
- https://github.com/chipsec/chipsec/
- https://www.kernel.org/doc/Documentation/PCI/pci.txt
- https://static.lwn.net/images/pdf/LDD3/ch09.pdf
- https://github.com/torvalds/linux/blob/master/drivers/mfd/lpc_ich.c
- http://www.intelsecurity.com/advanced-threat-research/content/AttackingAndDefendingBIOS-RECon2015.pdf