Socflash says the bmc is write protected.

Oskar Senft osk at google.com
Tue Aug 20 00:21:01 AEST 2019


Hi Joe

I assume this is happening due to the fixes for
https://github.com/openbmc/openbmc/issues/3475 (CVE-2019-6260), which
effectively disable all communication from the host to the BMC by default.

I'm not sure which interface socflash uses exactly, though, so I cannot
recommend on what you'd have to re-enable to make it work again. Having
said that, all of the interfaces mentioned in the CVE should really be
disabled for security reasons.

Oskar.

On Mon, Aug 19, 2019 at 8:51 AM Zheng Bao <fishbaoz at hotmail.com> wrote:

> Hi, All,
> I use socflash to update the BMC firmware. The original BMC firmware can
> be updated, but openbmc can not be.
> Socflash says the BMC is protected. Does anybody know why?
>
> Thanks.
> Joe
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20190819/31587214/attachment.htm>


More information about the openbmc mailing list