diff options
Diffstat (limited to 'docs/hcl/gm45_remove_me.md')
| -rw-r--r-- | docs/hcl/gm45_remove_me.md | 520 |
1 files changed, 0 insertions, 520 deletions
diff --git a/docs/hcl/gm45_remove_me.md b/docs/hcl/gm45_remove_me.md deleted file mode 100644 index 9d2209f4..00000000 --- a/docs/hcl/gm45_remove_me.md +++ /dev/null @@ -1,520 +0,0 @@ ---- -title: "GM45 chipsets: remove the ME (manageability engine)" -... - -This sections relates to disabling and removing the ME (Intel -**M**anagement **E**ngine) on GM45. This was originally done on the -ThinkPad X200, and later adapted for the ThinkPad R400/T400/T500. It can -in principle be done on any GM45 or GS45 system. - -The ME is a blob that typically must be left inside the flash chip (in -the ME region, as outlined by the default descriptor). On GM45, it is -possible to remove it without any ill effects. All other parts of -coreboot on GM45 systems (provided GMA MHD4500 / Intel graphics) can be -blob-free, so removing the ME was the last obstacle to make GM45 a -feasible target in libreboot (the systems can also work without the -microcode blobs). - -The ME is removed and disabled in libreboot by modifying the descriptor. -More info about this can be found in the ich9deblob/ich9gen source code -in resources/utilities/ich9deblob/ in libreboot, or more generally on -this page. - -More information about the ME can be found at -<http://www.coreboot.org/Intel_Management_Engine> and -<http://me.bios.io/Main_Page>. - -Another project recently found: <http://io.smashthestack.org/me/> - -ICH9 gen utility {#ich9gen} -================ - -It is no longer necessary to use [ich9deblob](#ich9deblob) to generate a -deblobbed descriptor+gbe image for GM45 targets. ich9gen is a small -utility within ich9deblob that can generate them from scratch, without a -factory.bin dump. - -ich9gen executables can be found under ./ich9deblob/ statically compiled -in libreboot\_util. If you are using src or git, build ich9gen from -source with: - $ ./oldbuild module ich9deblob - -The executable will appear under resources/utilities/ich9deblob/ - -Run: - $ ./ich9gen - -Running ich9gen this way (without any arguments) generates a default -descriptor+gbe image with a generic MAC address. You probably don't -want to use the generic one; the ROM images in libreboot contain a -descriptor+gbe image by default (already inserted) just to prevent or -mitigate the risk of bricking your laptop, but with the generic MAC -address (the libreboot project does not know what your real MAC address -is). - -You can find out your MAC address from **ip addr** or **ifconfig** in -GNU+Linux. Alternatively, if you are running libreboot already (with the -correct MAC address in your ROM), dump it (flashrom -r) and read the -first 6 bytes from position 0x1000 (or 0x2000) in a hex editor (or, -rename it to factory.rom and run it in ich9deblob: in the newly created -mkgbe.c will be the individual bytes of your MAC address). If you are -currently running the stock firmware and haven't installed libreboot -yet, you can also run that through ich9deblob to get the mac address. - -An even simpler way to get the MAC address would be to read what's on -the little sticker on the bottom/base of the laptop. - -On GM45 laptops that use flash descriptors, the MAC address or the -onboard ethernet chipset is flashed (inside the ROM image). You should -generate a descriptor+gbe image with your own MAC address inside (with -the Gbe checksum updated to match). Run: - - $ ./ich9gen --macaddress XX:XX:XX:XX:XX:XX -(replace the XX chars with the hexadecimal chars in the MAC address that -you want) - -Two new files will be created: - -- **ich9fdgbe\_4m.bin**: this is for GM45 laptops with the 4MB flash - chip. -- **ich9fdgbe\_8m.bin**: this is for GM45 laptops with the 8MB flash - chip. -- **ich9fdgbe\_16m.bin**: this is for GM45 laptops with the 16MB flash - chip. - -Assuming that your libreboot image is named **libreboot.rom**, copy the -file to where **libreboot.rom** is located and then insert the -descriptor+gbe file into the ROM image.\ -For 16MiB flash chips:\ -\$ **dd if=ich9fdgbe\_16m.bin of=libreboot.rom bs=1 count=12k -conv=notrunc**\ -For 8MiB flash chips:\ -\$ **dd if=ich9fdgbe\_8m.bin of=libreboot.rom bs=1 count=12k -conv=notrunc**\ -For 4MiB flash chips:\ -\$ **dd if=ich9fdgbe\_4m.bin of=libreboot.rom bs=1 count=12k -conv=notrunc**\ - -Your libreboot.rom image is now ready to be flashed on the system. Refer -back to [../install/\#flashrom](../install/#flashrom) for how to flash -it. - -Write-protecting the flash chip -------------------------------- - -Look in *resources/utilities/ich9deblob/src/descriptor/descriptor.c* for -the following lines in the *descriptorHostRegionsUnlocked* function: - - descriptorStruct.masterAccessSection.flMstr1.fdRegionWriteAccess = 0x1; - descriptorStruct.masterAccessSection.flMstr1.biosRegionWriteAccess = 0x1; - descriptorStruct.masterAccessSection.flMstr1.meRegionWriteAccess = 0x1; - descriptorStruct.masterAccessSection.flMstr1.gbeRegionWriteAccess = 0x1; - descriptorStruct.masterAccessSection.flMstr1.pdRegionWriteAccess = 0x1; - -Also look in *resources/utilities/ich9deblob/src/ich9gen/mkdescriptor.c* -for the following lines: - - descriptorStruct.masterAccessSection.flMstr1.fdRegionWriteAccess = 0x1; /* see ../descriptor/descriptor.c */ - descriptorStruct.masterAccessSection.flMstr1.biosRegionWriteAccess = 0x1; /* see ../descriptor/descriptor.c */ - descriptorStruct.masterAccessSection.flMstr1.meRegionWriteAccess = 0x1; /* see ../descriptor/descriptor.c */ - descriptorStruct.masterAccessSection.flMstr1.gbeRegionWriteAccess = 0x1; /* see ../descriptor/descriptor.c */ - descriptorStruct.masterAccessSection.flMstr1.pdRegionWriteAccess = 0x1; /* see ../descriptor/descriptor.c */ - -NOTE: When you write-protect the flash chip, re-flashing is no longer -possible unless you use dedicated external equipment, which also means -disassembling the laptop. The same equipment can also be used to remove -the write-protection later on, if you choose to do so. \*Only\* -write-protect the chip if you have the right equipment for external -flashing later on; for example, see -[../install/bbb\_setup.html](../install/bbb_setup.html). - -Change them all to 0x0, then re-compile ich9gen. After you have done -that, follow the notes in [\#ich9gen](#ich9gen) to generate a new -descriptor+gbe image and insert that into your ROM image, then flash it. -The next time you boot, the flash chip will be read-only in software -(hardware re-flashing will still work, which you will need for -re-flashing the chip after write-protecting it, to clear the write -protection or to flash yet another ROM image with write protection set -in the descriptor). - -Flashrom will tell you that you can still forcefully re-flash, using *-p -internal:ich\_spi\_force=yes* but this won't actually work; it'll just -brick your laptop. - -For external flashing guides, refer to [../install/](../install/). - -ICH9 deblob utility {#ich9deblob} -=================== - -**This is no longer strictly necessary. Libreboot ROM images for GM45 -systems now contain the 12KiB descriptor+gbe generated from ich9gen, by -default.** - -This was the tool originally used to disable the ME on X200 (later -adapted for other systems that use the GM45 chipset). -[ich9gen](#ich9gen) now supersedes it; ich9gen is better because it does -not rely on dumping the factory.rom image (whereas, ich9deblob does). - -This is what you will use to generate the deblobbed descriptor+gbe -regions for your libreboot ROM image. - -If you are working with libreboot\_src (or git), you can find the source -under resources/utilities/ich9deblob/ and will already be compiled if -you ran **./oldbuild module all** or **./oldbuild module ich9deblob** -from the main directory (./), otherwise you can build it like so: - - $ ./oldbuild module ich9deblob -An executable file named **ich9deblob** will now appear under -resources/utilities/ich9deblob/ - -If you are working with libreboot\_util release archive, you can find -the utility included, statically compiled (for i686 and x86\_64 on -GNU+Linux) under ./ich9deblob/. - -Place the factory.rom from your system (can be obtained using the -external flashing guides for GM45 targets linked -[../install/](../install/)) in the directory where you have your -ich9deblob executable, then run the tool: - - $ ./ich9deblob - -A 12kiB file named **deblobbed\_descriptor.bin** will now appear. **Keep -this and the factory.rom stored in a safe location!** The first 4KiB -contains the descriptor data region for your system, and the next 8KiB -contains the gbe region (config data for your gigabit NIC). These 2 -regions could actually be separate files, but they are joined into 1 -file in this case. - -A 4KiB file named **deblobbed\_4kdescriptor.bin** will alternatively -appear, if no GbE region was detected inside the ROM image. This is -usually the case, when a discrete NIC is used (eg Broadcom) instead of -Intel. Only the Intel NICs need a GbE region in the flash chip. - -Assuming that your libreboot image is named **libreboot.rom**, copy the -**deblobbed\_descriptor.bin** file to where **libreboot.rom** is located -and then run:\ -\$ **dd if=deblobbed\_descriptor.bin of=libreboot.rom bs=1 count=12k -conv=notrunc** - -Alternatively, if you got a the **deblobbed\_4kdescriptor.bin** file (no -GbE defined), do this: \$ **dd if=deblobbed\_4kdescriptor.bin -of=libreboot.rom bs=1 count=4k conv=notrunc** - -The utility will also generate 4 additional files: - -- mkdescriptor.c -- mkdescriptor.h -- mkgbe.c -- mkgbe.h - -These are C source files that can re-generate the very same Gbe and -Descriptor structs (from ich9deblob/ich9gen). To use these, place them -in src/ich9gen/ in ich9deblob, then re-build. The newly built -**ich9gen** executable will be able to re-create the very same 12KiB -file from scratch, based on the C structs, this time **without** the -need for a factory.rom dump! - -You should now have a **libreboot.rom** image containing the correct 4K -descriptor and 8K gbe regions, which will then be safe to flash. Refer -back to [../install/\#flashrom](../install/#flashrom) for how to flash -it. - -demefactory utility {#demefactory} -=================== - -This takes a factory.rom dump and disables the ME/TPM, but leaves the -region intact. It also sets all regions read-write. - -The ME interferes with flash read/write in flashrom, and the default -descriptor locks some regions. The idea is that doing this will remove -all of those restrictions. - -Simply run (with factory.rom in the same directory): - - $ ./demefactory - -It will generate a 4KiB descriptor file (only the descriptor, no GbE). -Insert that into a factory.rom image (NOTE: do this on a copy of it. -Keep the original factory.rom stored safely somewhere):\ -\$ **dd if=demefactory\_4kdescriptor.bin of=factory\_nome.rom bs=1 -count=4k conv=notrunc** - -TODO: test this.\ -TODO: lenovobios (GM45 thinkpads) still write-protects parts of the -flash. Modify the assembly code inside. Note: the factory.rom (BIOS -region) from lenovobios is in a compressed format, which you have to -extract. bios\_extract upstream won't work, but the following was said -in \#coreboot on freenode IRC: - - <roxfan> vimuser: try bios_extract with ffv patch http://patchwork.coreboot.org/patch/3444/ - <roxfan> or https://github.com/coreboot/bios_extract/blob/master/phoenix_extract.py - <roxfan> what are you looking for specifically, btw? - - 0x74: 0x9fff03e0 PR0: Warning: 0x003e0000-0x01ffffff is read-only. - 0x84: 0x81ff81f8 PR4: Warning: 0x001f8000-0x001fffff is locked. - -Use-case: a factory.rom image modified in this way would theoretically -have no flash protections whatsoever, making it easy to quickly switch -between factory/libreboot in software, without ever having to -disassemble and re-flash externally unless you brick the device. - -demefactory is part of the ich9deblob src, found at -*resources/utilities/ich9deblob/* - -The sections below are adapted from (mostly) IRC logs related to early -development getting the ME removed on GM45. They are useful for -background information. This could not have been done without sgsit's -help. - -Early notes {#early_notes} ------------ - -- <http://www.intel.co.uk/content/dam/doc/datasheet/io-controller-hub-10-family-datasheet.pdf> - page 230 mentions about descriptor and non-descriptor mode (which - wipes out gbe and ME/AMT). -- ~~**See reference to HDA\_SDO (disable descriptor security)**~~ - strap connected GPIO33 pin is it on ICH9-M (X200). HDA\_SDO applies - to later chipsets (series 6 or higher). Disabling descriptor - security also disables the ethernet according to sgsit. sgsit's - method involves use of 'soft straps' (see IRC logs below) instead - of disabling the descriptor. -- **and the location of GPIO33 on the x200s: (was an external link. - Putting it here instead)** - [images/x200/gpio33\_location.jpg](images/x200/gpio33_location.jpg) - - it's above the number 7 on TP37 (which is above the big intel chip - at the bottom) -- The ME datasheet may not be for the mobile chipsets but it doesn't - vary that much. This one gives some detail and covers QM67 which is - what the X201 uses: - <http://www.intel.co.uk/content/dam/www/public/us/en/documents/datasheets/6-chipset-c200-chipset-datasheet.pdf> - -Flash chips {#flashchips} ------------ - -- Schematics for X200 laptop: - <http://pdf.datasheetarchive.com/indexerfiles/Datasheets-USER/DSAUPLD00006075.pdf> - **~~- Page 20 and page 9 refer to SDA\_HDO or SDA\_HDOUT~~** only on - series 6 or higher chipsets. ICH9-M (X200) does it with a strap - connected to GPIO33 pin (see IRC notes below) - - - According to page 29, the X200 can have any of the following flash - chips: - - ATMEL AT26DF321-SU 72.26321.A01 - this is a 32Mb (4MiB) chip - - MXIC (Macronix?) MX25L3205DM2I-12G 72.25325.A01 - another 32Mb - (4MiB) chip - - MXIC (Macronix?) MX25L6405DMI-12G 41R0820AA - this is a 64Mb - (8MiB) chip - - Winbond W25X64VSFIG 41R0820BA - another 64Mb (8MiB) chip - - sgsit says that the X200s with the 64Mb flash chips are (probably) - the ones with AMT (alongside the ME), whereas the 32Mb chips contain - only the ME. -- Schematics for X200s laptop: - <http://pdf.datasheetarchive.com/indexerfiles/Datasheets-USER/DSAUPLD00006104.pdf>. - -Early development notes {#early_development_notes} ------------------------ - - Start (hex) End (hex) Length (hex) Area Name - ----------- --------- ------------ --------- - 00000000 003FFFFF 00400000 Flash Image - - 00000000 00000FFF 00001000 Descriptor Region - 00000004 0000000F 0000000C Descriptor Map - 00000010 0000001B 0000000C Component Section - 00000040 0000004F 00000010 Region Section - 00000060 0000006B 0000000C Master Access Section - 00000060 00000063 00000004 CPU/BIOS - 00000064 00000067 00000004 Manageability Engine (ME) - 00000068 0000006B 00000004 GbE LAN - 00000100 00000103 00000004 ICH Strap 0 - 00000104 00000107 00000004 ICH Strap 1 - 00000200 00000203 00000004 MCH Strap 0 - 00000EFC 00000EFF 00000004 Descriptor Map 2 - 00000ED0 00000EF7 00000028 ME VSCC Table - 00000ED0 00000ED7 00000008 Flash device 1 - 00000ED8 00000EDF 00000008 Flash device 2 - 00000EE0 00000EE7 00000008 Flash device 3 - 00000EE8 00000EEF 00000008 Flash device 4 - 00000EF0 00000EF7 00000008 Flash device 5 - 00000F00 00000FFF 00000100 OEM Section - 00001000 001F5FFF 001F5000 ME Region - 001F6000 001F7FFF 00002000 GbE Region - 001F8000 001FFFFF 00008000 PDR Region - 00200000 003FFFFF 00200000 BIOS Region - - Start (hex) End (hex) Length (hex) Area Name - ----------- --------- ------------ --------- - 00000000 003FFFFF 00400000 Flash Image - - 00000000 00000FFF 00001000 Descriptor Region - 00000004 0000000F 0000000C Descriptor Map - 00000010 0000001B 0000000C Component Section - 00000040 0000004F 00000010 Region Section - 00000060 0000006B 0000000C Master Access Section - 00000060 00000063 00000004 CPU/BIOS - 00000064 00000067 00000004 Manageability Engine (ME) - 00000068 0000006B 00000004 GbE LAN - 00000100 00000103 00000004 ICH Strap 0 - 00000104 00000107 00000004 ICH Strap 1 - 00000200 00000203 00000004 MCH Strap 0 - 00000ED0 00000EF7 00000028 ME VSCC Table - 00000ED0 00000ED7 00000008 Flash device 1 - 00000ED8 00000EDF 00000008 Flash device 2 - 00000EE0 00000EE7 00000008 Flash device 3 - 00000EE8 00000EEF 00000008 Flash device 4 - 00000EF0 00000EF7 00000008 Flash device 5 - 00000EFC 00000EFF 00000004 Descriptor Map 2 - 00000F00 00000FFF 00000100 OEM Section - 00001000 00002FFF 00002000 GbE Region - 00003000 00202FFF 00200000 BIOS Region - - Build Settings - -------------- - Flash Erase Size = 0x1000 - -It's a utility called 'Flash Image Tool' for ME 4.x that was used for -this. You drag a complete image into in and the utility decomposes the -various components, allowing you to set soft straps. - -This tool is proprietary, for Windows only, but was used to deblob the -X200. End justified means, and the utility is no longer needed since the -ich9deblob utility (documented on this page) can now be used to create -deblobbed descriptors. - -GBE (gigabit ethernet) region in SPI flash {#gbe_region} ------------------------------------------- - -Of the 8K, about 95% is 0xFF. The data is the gbe region is fully -documented in this public datasheet: -<http://www.intel.co.uk/content/dam/doc/application-note/i-o-controller-hub-9m-82567lf-lm-v-nvm-map-appl-note.pdf> - -The only actual content found was: - - 00 1F 1F 1F 1F 1F 00 08 FF FF 83 10 FF FF FF FF - 08 10 FF FF C3 10 EE 20 AA 17 F5 10 86 80 00 00 - 01 0D 00 00 00 00 05 06 20 30 00 0A 00 00 8B 8D - 02 06 40 2B 43 00 00 00 F5 10 AD BA F5 10 BF 10 - AD BA CB 10 AD BA AD BA 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - 00 01 00 40 28 12 07 40 FF FF FF FF FF FF FF FF - FF FF FF FF FF FF FF FF FF FF FF FF FF FF D9 F0 - 20 60 1F 00 02 00 13 00 00 80 1D 00 FF 00 16 00 - DD CC 18 00 11 20 17 00 DD DD 18 00 12 20 17 00 - 00 80 1D 00 00 00 1F - -The first part is the MAC address set to all 0x1F. It's repeated haly -way through the 8K area, and the rest is all 0xFF. This is all -documented in the datasheet. - -The GBe region starts at 0x20A000 bytes from the \*end\* of a factory -image and is 0x2000 bytes long. In libreboot (deblobbed) the descriptor -is set to put gbe directly after the initial 4K flash descriptor. So the -first 4K of the ROM is the descriptor, and then the next 8K is the gbe -region. - -### GBE region: change MAC address {#gbe_region_changemacaddress} - -According to the datasheet, it's supposed to add up to 0xBABA but can -actually be others on the X200. -<https://communities.intel.com/community/wired/blog/2010/10/14/how-to-basic-eeprom-checksums> - -*"One of those engineers loves classic rock music, so they selected -0xBABA"* - -In honour of the song *Baba O'Reilly* by *The Who* apparently. We're -not making this stuff up\... - -0x3ABA, 0x34BA, 0x40BA and more have been observed in the main Gbe -regions on the X200 factory.rom dumps. The checksums of the backup -regions match BABA, however. - -By default, the X200 (as shipped by Lenovo) actually has an invalid main -gbe checksum. The backup gbe region is correct, and is what these -systems default to. Basically, you should do what you need on the -\*backup\* gbe region, and then correct the main one by copying from the -backup. - -Look at resources/utilities/ich9deblob/ich9deblob.c. - -- Add the first 0x3F 16bit numbers (unsigned) of the GBe descriptor - together (this includes the checksum value) and that has to add up - to 0xBABA. In other words, the checksum is 0xBABA minus the total of - the first 0x3E 16bit numbers (unsigned), ignoring any overflow. - -Flash descriptor region {#flash_descriptor_region} ------------------------ - -<http://www.intel.co.uk/content/dam/doc/datasheet/io-controller-hub-9-datasheet.pdf> -from page 850 onwards. This explains everything that is in the flash -descriptor, which can be used to understand what libreboot is doing -about modifying it. - -How to deblob: - -- patch the number of regions present in the descriptor from 5 - 3 -- originally descriptor + bios + me + gbe + platform -- modified = descriptor + bios + gbe -- the next stage is to patch the part of the descriptor which defines - the start and end point of each section -- then cut out the gbe region and insert it just after the region -- all this can be substantiated with public docs (ICH9 datasheet) -- the final part is flipping 2 bits. Halting the ME via 1 MCH soft - strap and 1 ICH soft strap -- the part of the descriptor described there gives the base address - and length of each region (bits 12:24 of each address) -- to disable a region, you set the base address to 0xFFF and the - length to 0 -- and you change the number of regions from 4 (zero based) to 2 - -There's an interesting parameter called 'ME Alternate disable', which -allows the ME to only handle hardware errata in the southbridge, but -disables any other functionality. This is similar to the 'ignition' in -the 5 series and higher but using the standard firmware instead of a -small 128K version. Useless for libreboot, though. - -To deblob GM45, you chop out the platform and ME regions and correct the -addresses in flReg1-4. Then you set meDisable to 1 in ICHSTRAP0 and -MCHSTRAP0. - -How to patch the descriptor from the factory.rom dump - -- map the first 4k into the struct (minus the gbe region) -- set NR in FLMAP0 to 2 (from 4) -- adjust BASE and LIMIT in flReg1,2,3,4 to reflect the new location of - each region (or remove them in the case of Platform and ME) -- set meDisable to 1/true in ICHSTRAP0 and MCHSTRAP0 -- extract the 8k GBe region and append that to the end of the 4k - descriptor -- output the 12k concatenated chunk -- Then it can be dd'd into the first 12K part of a coreboot image. -- the GBe region always starts 0x20A000 bytes from the end of the ROM - -This means that libreboot's descriptor region will simply define the -following regions: - -- descriptor (4K) -- gbe (8K) -- bios (rest of flash chip. CBFS also set to occupy this whole size) - -The data in the descriptor region is little endian, and it represents -bits 24:12 of the address (bits 12-24, written this way since bit 24 is -nearer to left than bit 12 in the binary representation). - -So, *x << 12 = address* - -If it's in descriptor mode, then the first 4 bytes will be 5A A5 F0 0F. - -platform data partition in boot flash (factory.rom / lenovo bios) {#platform_data_region} ------------------------------------------------------------------ - -Basically useless for libreboot, since it appears to be a blob. Removing -it didn't cause any issues in libreboot. - -This is a 32K region from the factory image. It could be data -(non-functional) that the original Lenovo BIOS used, but we don't know. - -It has only a 448 byte fragment different from 0x00 or 0xFF. - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -This page is available under the [CC BY SA 4.0](../cc-by-sa-4.0.txt) |