[OLPC-devel] Secure BIOS on the OLPC
Mark J. Foster
mfoster at laptop.org
Fri Sep 1 15:36:46 EDT 2006
Richard Smith wrote:
> I think what we really want here is not cold/warm reboots but rather
> reset asserted vs non-reset asserted.
Which reset are you referring to? We've got about ten of them... :-)
> If you boot from a path that has had reset asserted then you are
> basically assured that the resulting code path will be a known path
> since it takes the reset vector.
Well, the CPU reset vector is run fairly often, including, for instance,
resume. It's not a deterministic path. In fact, we'll have to be
careful to remember to explicitly write-protect the Flash on a resume,
which normally bypasses all of the initialization code. I sure hope
that VSA exits don't run through the reset vector, or else the machine
will be toast.
> So I would propose that you hook up the "hard" reset line to a one
> shot timer and let the EC IO assert that timer.
> Then the whole system restarts as if you had pressed the reset button.
We can probably find a way to implement a "force cold boot" function,
then include a purely hardware-driven status flag that indicates a cold
reset. This status bit probably already exists, but I'll have to do a
lot of checking to ensure that it can't be emulated. Remember that
we'll actually be powering down the CPU every time you pause for a few
seconds, letting the RAM run in auto-refresh mode; most of the
"standard" status checks won't work in our case.
More information about the Devel