[OLPC-devel] Secure BIOS on the OLPC

Mark J. Foster mfoster at laptop.org
Fri Sep 1 15:36:46 EDT 2006

Richard Smith wrote:
> I think what we really want here is not cold/warm reboots but rather
> reset asserted vs non-reset asserted.
Which reset are you referring to?  We've got about ten of them... :-)
> If you boot from a path that has had reset asserted then you are
> basically assured that the resulting code path will be a known path
> since it takes the reset vector.
Well, the CPU reset vector is run fairly often, including, for instance, 
resume.  It's not a deterministic path.  In fact, we'll have to be 
careful to remember to explicitly write-protect the Flash on a resume, 
which normally bypasses all of the initialization code.  I sure hope 
that VSA exits don't run through the reset vector, or else the machine 
will be toast.
> So I would propose that you hook up the "hard" reset line to a one
> shot timer and let the EC IO assert that timer.
> Then the whole system restarts as if you had pressed the reset button.
We can probably find a way to implement a "force cold boot" function, 
then include a purely hardware-driven status flag that indicates a cold 
reset.  This status bit probably already exists, but I'll have to do a 
lot of checking to ensure that it can't be emulated.  Remember that 
we'll actually be powering down the CPU every time you pause for a few 
seconds, letting the RAM run in auto-refresh mode; most of the 
"standard" status checks won't work in our case.

More information about the Devel mailing list