[p0llard]

> These OEM EEPROMs are exposed to the external world, just like normal registers.

> many hardware provides an explicit lock/unlock feature for protecting low-level configurations and registers

Is this really enough? It seems that devices which will eventually be connected to another system outside the purview of the manufacturer should have such registers isolated to as great an extent as possible; if these are only ever touched once during manufacture, they should only be accessible via e.g. JTAG; if the manufacturer sometimes pushes out updates which touch them, they should be on a different PCI(e) BAR which is only mapped into memory for the purpose of an update.

In this case it looks like the driver developers do share some of the blame, but it seems that such systems should be resilient enough to accept a lot more interference (I'm reminded of the FCC regulation, although it doesn't quite fit here since we don't want "undesired behaviour") on interfaces over which they have little to no control; what happens when a bit-flip results in the wrong MMIO address being written to?