Remove hardware modification information; it's out of scope and does not apply to the new models supported

author: Alyssa Rosenzweig <alyssa@rosenzweig.io> 2017-04-04 08:56:58 -0700
committer: Leah Rowe <info@minifree.org> 2017-04-04 23:48:23 +0100
commit: 337183ebbd1114346d2261b6eaebc0381b6515ae (patch)
tree: 7c8ce5cd005f42042b4e50e1ce8bcad91c333469 /docs/hardware/dock.md
parent: 8791c95748efa02fd8c998706883a0d23ff0e85e (diff)
download: librebootfr-337183ebbd1114346d2261b6eaebc0381b6515ae.tar.gz
librebootfr-337183ebbd1114346d2261b6eaebc0381b6515ae.zip
1 files changed, 0 insertions, 119 deletions
diff --git a/docs/hardware/dock.md b/docs/hardware/dock.md
deleted file mode 100644
index c65afe11..00000000
--- a/docs/hardware/dock.md
+++ /dev/null
@@ -1,119 +0,0 @@
-% Notes about DMA and the docking station (X60/T60)
-
-    Use case:
-    ---------
-    Usually when people do full disk encryption, it's not really full disk,
-    instead they still have a /boot in clear.
-
-    So an evil maid attack can still be done, in two passes:
-    1) Clone the hdd, Infect the initramfs or the kernel.
-    2) Wait for the user to enter its password, recover the password,
-    luksOpen the hdd image.
-
-    I wanted a real full-disk encryption so I've put grub in flash and I
-    have the following: The HDD has a LUKS rootfs(containing /boot) on an
-    lvm partition, so no partition is in clear.
-
-    So when the computer boots it executes coreboot, then grub as a payload.
-    Grub then opens the LUKS partition and loads the kernel and initramfs
-    from there.
-
-    To prevent hardware level tempering(like reflashing), I used nail
-    polish with a lot of gilder, that acts like a seal. Then a high
-    resolution picture of it is taken, to be able to tell the difference.
-
-    The problem:
-    ------------
-    But then comes the docking port issue: Some LPC pins are exported
-    there, such as the CLKRUN and LDRQ#.
-
-    LDRQ# is "Encoded DMA/Bus Master Request": "Only needed by
-    peripherals that need DMA or bus mastering. Requires an
-    individual signal per peripheral. Peripherals may not share
-    an LDRQ# signal."
-
-    So now DMA access is possible trough the dock connector.
-    So I want to be able to turn that off.
-
-    If I got it right, the X60 has 2 superio, one is in the dock, and the
-    other one is in the laptop, so we have:
-                                ________________
-     _________________         |                |
-    |                 |        | Dock connector:|
-    |Dock: NSC pc87982|<--LPC--->D_LPC_DREQ0    |
-    |_________________|        |_______^________|
-                                       |
-                                       |
-                                       |
-                                       |
-                    ___________________|____
-                   |                   v    |
-                   | SuperIO:        DLDRQ# |
-                   | NSC pc87382     LDRQ#  |
-                   |___________________^____|
-                                       |
-                                       |
-                                       |
-                                       |
-                    ___________________|___
-                   |                   v   |
-                   | Southbridge:    LDRQ0 |
-                   | ICH7                  |
-                   |_______________________|
-
-    The code:
-    ---------
-    Now if I look at the existing code, there is some superio drivers, like
-    pc87382 in src/superio/nsc, the code is very small. 
-    The only interesting part is the pnp_info pnp_dev_info struct.
-
-    Now if I look inside src/mainboard/lenovo/x60 there is some more
-    complete dock driver:
-
-    Inside dock.c I see some dock_connect and dock_disconnect functions.
-
-    Such functions are called during the initialisation (romstage.c) and
-    from the X60 SMI handler (smihandler.c).
-
-    Questions:
-    ----------
-    1) Would the following be sufficent to prevent DMA access from the
-    outside:
-    > int dock_connect(void)
-    > {
-    >          int timeout = 1000;
-    > +        int val;
-    > +        
-    > +        if (get_option(&val, "dock") != CB_SUCCESS)
-    > +                val = 1;
-    > +        if (val == 0)
-    > +                return 0;
-    >          [...]
-    > }
-    >
-    > void dock_disconnect(void) {
-    > +        if (dock_present())
-    > +                return;
-    >          [...]
-    > }
-    2) Would an nvram option be ok for that? Should a Kconfig option be
-    added too?
-
-    > config DOCK_AUTODETECT
-    >         bool "Autodetect"
-    >         help
-    >           The dock is autodetected. If unsure select this option.
-    >
-    > config DOCK_DISABLED
-    >         bool "Disabled"
-    >         help
-    >           The dock is always disabled.
-    >
-    > config DOCK_NVRAM_ENABLE
-    >         bool "Nvram"
-    >         help
-    >           The dock autodetection is tried only if it is also enabled
-    > trough nvram.
-
-Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\
-This page is available under the [CC BY SA 4.0](../cc-by-sa-4.0.txt)
author	Alyssa Rosenzweig <alyssa@rosenzweig.io>	2017-04-04 08:56:58 -0700
committer	Leah Rowe <info@minifree.org>	2017-04-04 23:48:23 +0100
commit	337183ebbd1114346d2261b6eaebc0381b6515ae (patch)
tree	7c8ce5cd005f42042b4e50e1ce8bcad91c333469 /docs/hardware/dock.md
parent	8791c95748efa02fd8c998706883a0d23ff0e85e (diff)
download	librebootfr-337183ebbd1114346d2261b6eaebc0381b6515ae.tar.gz librebootfr-337183ebbd1114346d2261b6eaebc0381b6515ae.zip