EP80579 Datasheet, PDF(800/1916 Page) Intel Corporation – Intel® EP80579 Integrated Processor Product Line

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

EP80579 Datasheet, PDF (800/1916 Pages) Intel Corporation – Intel® EP80579 Integrated Processor Product Line

◁

IntelÂ® EP80579 Integrated Processor

21.4.3.3

Flash Protection

There are two types of Flash Protection mechanisms:

1. BIOS Range Write Protection

2. SMI#-Based Global Write Protection

The two mechanisms are conceptually ORed together such that if any of the

mechanisms indicate that the access should be blocked, then it is blocked. Table 21-16

provides a summary of the three mechanisms.

Table 21-16. Flash Protection Mechanism Summary

Mechanism

Accesses

Blocked

BIOS Range

Write Protection

Writes

SMI#-Based

Global Write

Protection

Writes

Range

Specific

Yes

No

Reset-Override

or SMI#-

Override

Reset Override

SMI# Override

Equivalent Function on FWH

FWH Sector Protection

Same as Write Protect in previous

chipsets for FWH

The EP80579 provides these protections in hardware. Note that it is critical that the

hardware must not allow malicious software to modify the address or opcode pointers

after determining that a cycle is allowed to run, such that the actual cycle that runs on

SPI should have been blocked.

If the command associated with an atomic cycle sequence is blocked according to the

EP80579 configuration, the EP80579 must not run any of the sequence.

A blocked command will appear to software to finish, except that the Blocked Access

Status bit in Offset 3020h: SPIS â SPI Status register is set in this case.

21.4.3.3.1

BIOS Range Write Protection

The EP80579 provides a method for blocking writes to specific ranges in the SPI flash

when the Protected BIOS Ranges are enabled. This is achieved by checking the Opcode

type information (which can be locked down by the initial Boot BIOS) and the address

of the requested command against the base and limit fields of a Write Protected BIOS

range.

Only the initial address is checked. Since writes wrap within a page, there should be no

issue with writes illegally occurring in the next page (assuming the BIOS has configured

the Protection Limit to align with the edge of a page).

Note that once BIOS has locked down the Protected BIOS Range registers, this

mechanism remains in place until the next system reset.

21.4.3.3.2

SMI# Based Global Write Protection

The EP80579 provides a method for blocking writes to the SPI flash when the Write

Protect bit is cleared (i.e., protected) in Offset DCh: BC: BIOS Control Register. This is

achieved by checking the Opcode type information (which can be locked down by the

initial Boot BIOS) of the requested command.

The Write Protect and Lock Enable bits interact in the same manner for SPI BIOS as

they do for the FWH BIOS.

IntelÂ® EP80579 Integrated Processor Product Line Datasheet

800

August 2009

Order Number: 320066-003US

▷