The Kbit memory of the product provides a balanced solution for applications that benefit from higher data transfer speeds while retaining the simplicity and cost advantage of I2C.
This Device is organized as 65, bytes of 8 bits each 64 Kbytes and is optimized for use in consumer and industrial applications where reliable nonvolatile memory storage is essential. The 24CS makes data management easy with its software write protection, lockable ID page, and pre-programmed bit serial number. I am using a 28c64 but have wired it up like Ben ignoring the extra address pins set to ground.
I have looked at the code and cant see what is wrong. Regards Tony. Hi Mike, Thanks for the quick reply. I am a retired chemical engineer with no formal training in electronics or programming. I am amazed that you can figure out that address line A3 could be the problem. Clearly a genius. Maybe you can explain how you figured this out.
If it is I still have to try and find the fault is it more likely to be the chip or the wiring? When counting in binary A0 flips every address, A1 flips every two addresses, A2 flips every four address, A3 every 8 addresses, A3 every 16 addresses and so on. Thanks Mike You are a genius. Mike, your intro nails my situation. My brisk research turned up a number of references but yours stood out. Have you been able to verify the contents of your one AT28C separately from your sketch code? The code does this already.
Thanks for answering, Mike. I know this is a year back in your rearview mirror. I know my writeup was jumbled. This corresponds to the UX package type of the W25X40 chip. Top side marking according to datasheet is:. The resistor goes to 3V3.
So for write protection to work, something has to be done on the software side as well. Thanks in advance for everyone who has looked into this and is presently working on it. Yeah, but inserting a uSD card requires physical access, and having physical access nearly always trumps any security measures? As you already noted, "the mask rom gives recovery. I think my usage case may be worth describing as it clears up confusion about physical access.
Imagine this: A rack of about colocated Pi computers at a high security data center that has their own police and fire department. These Pi computers have no SD cards and have been configured to network boot. They are rented out to tenants who can reboot them using a web interface that toggles the run pin to load whatever image is selected--sort of like EC2 or VMware, except with real physical hardware to avoid the side-channel leakage of information that keep making security headlines and other difficulties.
At any rate, the tenants have full control of the Pi once it's booted and can do any root thing people do with stuff in a cloud. Tenants will come and go. Between them, it is important to clean up the Pi. In particular, it would be difficult to rent the Pi out if it no longer network boots. While the tenant did not have physical access, the person cleaning the Pi between tenants does not readily have physical access either.
It simply does not scale well to go to the data center, pass through security and insert the firmware reset SD card into the corresponding Pi between each tenant. Fortunately, such efforts would not be needed if after the network boot option was set, it couldn't be changed. See my long comment here. But if the tenants have full root access, then I guess they could theoretically use the unsupported flashrom mechanism for updating the eeprom on a network-booted Pi?
If one is colocating in a data center with crazy amounts of physical security while guaranteeing full protection from side-channel information leakage by renting simple single-tenant non-virtualised hardware one attracts two types: Those who need security and those attracted by the data of those who need the security.
That second group includes well funded criminals and spy agencies expert in advanced persistence threats. Thus, for this application, one needs a physical way to disable changing the firmware or any of its settings. The existence of such a mechanism is claimed by the documentation and clearly present in the hardware, but it is not properly described and the needed software tools to make it work are missing. Does the resister change still exist? Are we planning to document it?
Can anyone create an arbitrary boot loader and use that to break in to 'something'? The 'register' is documented in the public datasheet for Winbond and anyone is free to go and patch flashrom to configure it. I think Google might have had a fork which did that. If set it will break rpi-eeprom-update until flashrom is set to call it, so there's little motivation to wrap that into a standard tool.
Kernel and start. You don't gain anything by running stuff as the bootloader. There's a slight gap for the 'pi' user which has access to GPIO but clearly web-services etc shouldn't be run as 'pi'. If booting from an SD card it is possible to verify the card in a separate system and even write protect it, if necessary.
If the Pi is network booting from a secure file server or through rpiboot , it is possible to check the integrity of the boot files remotely from the server. The firmware on the Pi can not be checked in this way.
0コメント