From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56814)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lersek@redhat.com>) id 1VlIlG-0006Wt-Kx
	for qemu-devel@nongnu.org; Tue, 26 Nov 2013 08:33:12 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <lersek@redhat.com>) id 1VlIlA-0006mZ-Ky
	for qemu-devel@nongnu.org; Tue, 26 Nov 2013 08:33:06 -0500
Received: from mx1.redhat.com ([209.132.183.28]:42836)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lersek@redhat.com>) id 1VlIlA-0006mU-D1
	for qemu-devel@nongnu.org; Tue, 26 Nov 2013 08:33:00 -0500
Message-ID: <5294A301.9050101@redhat.com>
Date: Tue, 26 Nov 2013 14:32:49 +0100
From: Laszlo Ersek <lersek@redhat.com>
MIME-Version: 1.0
References: <1385072461-31317-1-git-send-email-lersek@redhat.com>
	<87iovkvd8t.fsf@blackfin.pond.sub.org>
	<528FA2AB.2040806@redhat.com>
	<871u244ic6.fsf@blackfin.pond.sub.org>
	<5293A8CF.1000602@redhat.com>
	<87y54bgx1e.fsf@blackfin.pond.sub.org>
In-Reply-To: <87y54bgx1e.fsf@blackfin.pond.sub.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [qemu PATCH] hw/i386/pc_sysfw: support more than
 one flash drive
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Markus Armbruster <armbru@redhat.com>
Cc: edk2-devel@lists.sourceforge.net, qemu-devel@nongnu.org, crobinso@redhat.com

On 11/26/13 13:36, Markus Armbruster wrote:

> Your stated purpose for multiple -pflash:
> 
>     This accommodates the following use case: suppose that OVMF is split in
>     two parts, a writeable host file for non-volatile variable storage, and a
>     read-only part for bootstrap and decompressible executable code.
> 
> Such a split between writable part and read-only part makes sense to me.
> How is it done in physical hardware?  Single device with configurable
> write-protect, or two separate devices?

(Jordan could help more.)

Likely one device that's fully writeable.

The flash driver (through which the NvVar updates go) makes sure that a
kind of journal is written and that the live variable store is not
corrupted even if power is cut during an update.

However, if something writes to the flash without going through the
driver, it can brick the board. (Trample over the bootstrap code for
example.) I think.

Laszlo