From 8f09629fb11c81e0d9b38e51d8d1769018ea82d9 Mon Sep 17 00:00:00 2001
From: Julius Werner <jwerner@chromium.org>
Date: Wed, 6 Aug 2025 14:06:14 -0700
Subject: [PATCH] spi_flash: Fix initialization of `flags` field in
 lb_spi_flash

Commit 8dec5fcaf8d4 ("drivers/spi: Add 4-byte address mode flag to
lb_spi_flash") split the existing 32-bit `erase_cmd` field into multiple
fields. The new `flags` field thus created is used to pass information
about whether the flash is in 4-byte address mode.

Unfortunately, we forgot to initialize the new fields in the case that
the flash is not in 4-byte address mode. This means it can have any
arbitrary value, including values where the new flag bit is accidentally
set (causing flash access errors in the payload).

This patch fixes the problem and tries to prevent further issues with
field changes in the future by explicitly zeroing the entire coreboot
table structure before starting to fill in the values.

Change-Id: I3ad9812fc76ae2989dcf4a294034c4e31456c74e
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/88700
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
---
 src/drivers/spi/spi_flash.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/drivers/spi/spi_flash.c b/src/drivers/spi/spi_flash.c
index dda089e917..daf8a219db 100644
--- a/src/drivers/spi/spi_flash.c
+++ b/src/drivers/spi/spi_flash.c
@@ -743,6 +743,7 @@ void lb_spi_flash(struct lb_header *header)
 		return;
 
 	flash = (struct lb_spi_flash *)lb_new_record(header);
+	memset(flash, 0, sizeof(*flash));
 
 	flash->tag = LB_TAG_SPI_FLASH;
 	flash->size = sizeof(*flash);
@@ -761,9 +762,7 @@ void lb_spi_flash(struct lb_header *header)
 		flash->erase_cmd = CMD_BLOCK_ERASE;
 	}
 
-	if (!CONFIG(BOOT_DEVICE_MEMORY_MAPPED)) {
-		flash->mmap_count = 0;
-	} else {
+	if (CONFIG(BOOT_DEVICE_MEMORY_MAPPED)) {
 		struct flash_mmap_window *table = (struct flash_mmap_window *)(flash + 1);
 		flash->mmap_count = spi_flash_get_mmap_windows(table);
 		flash->size += flash->mmap_count * sizeof(*table);
@@ -771,7 +770,7 @@ void lb_spi_flash(struct lb_header *header)
 
 	/* Pass 4-byte address mode information to payload */
 	if (CONFIG(SPI_FLASH_FORCE_4_BYTE_ADDR_MODE))
-		flash->flags = LB_SPI_FLASH_FLAG_IN_4BYTE_ADDR_MODE;
+		flash->flags |= LB_SPI_FLASH_FLAG_IN_4BYTE_ADDR_MODE;
 }
 
 int spi_flash_ctrlr_protect_region(const struct spi_flash *flash,