From ece2f6f796afa94dbc927e9c4f514a3e131c7897 Mon Sep 17 00:00:00 2001 From: Francis Rowe Date: Tue, 23 Dec 2014 16:44:59 +0000 Subject: ich9deblob: rename descriptor/struct.h to descriptor/descriptor.h --- resources/utilities/ich9deblob/Makefile | 4 +- .../utilities/ich9deblob/descriptor/descriptor.h | 316 +++++++++++++++++++++ resources/utilities/ich9deblob/descriptor/struct.h | 316 --------------------- resources/utilities/ich9deblob/ich9deblob.c | 2 +- resources/utilities/ich9deblob/x86compatibility.c | 2 +- 5 files changed, 320 insertions(+), 320 deletions(-) create mode 100644 resources/utilities/ich9deblob/descriptor/descriptor.h delete mode 100644 resources/utilities/ich9deblob/descriptor/struct.h (limited to 'resources/utilities/ich9deblob') diff --git a/resources/utilities/ich9deblob/Makefile b/resources/utilities/ich9deblob/Makefile index 5588ec53..0a69882a 100644 --- a/resources/utilities/ich9deblob/Makefile +++ b/resources/utilities/ich9deblob/Makefile @@ -20,8 +20,8 @@ CC=gcc CFLAGS=-I. -ich9deblob: ich9deblob.c descriptor/struct.h gbe/gbe.h - $(CC) $(CFLAGS) ich9deblob.c descriptor/struct.h gbe/gbe.h -o ich9deblob +ich9deblob: ich9deblob.c descriptor/descriptor.h gbe/gbe.h + $(CC) $(CFLAGS) ich9deblob.c descriptor/descriptor.h gbe/gbe.h -o ich9deblob clean: rm -f ich9deblob *.o diff --git a/resources/utilities/ich9deblob/descriptor/descriptor.h b/resources/utilities/ich9deblob/descriptor/descriptor.h new file mode 100644 index 00000000..710c09b9 --- /dev/null +++ b/resources/utilities/ich9deblob/descriptor/descriptor.h @@ -0,0 +1,316 @@ +/* + * descriptor/struct.h + * This file is part of the ich9deblob utility from the libreboot project + * + * Copyright (C) 2014 Steve Shenton + * Francis Rowe + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +// Purpose: provide struct representing descriptor region. +// Map actual buffers of this regions, directly to instances of these +// structs. This makes working with descriptor really easy. + +// bit fields used, corresponding to datasheet. See links to datasheets +// and documentation in ich9deblob.c + +#ifndef DESCRIPTORSTRUCT_H +#define DESCRIPTORSTRUCT_H + +#include +#include + +#define DESCRIPTORREGIONSIZE 0x1000 // 4 KiB + +// Related to the flash descriptor +#define FLREGIONBITSHIFT 0xC // bits 12(0xC)-24(0x18) are represented for words found in the flash descriptor + // To manipulate these easily in C, we shift them by FLREGIONBITSHIFT and then shift them back when done + +struct FLVALSIG{ + unsigned int signature; +}; + +struct FLMAP0 { + // least signicant bits + unsigned char FCBA : 8; + unsigned char NC : 2; + unsigned char reserved1 : 6; + // ^^^^ unnamed members like these represent unused bits (per datasheet). + // the same applies for all structs in this file. + unsigned char FRBA : 8; + unsigned char NR : 3; + unsigned char reserved2 : 5; + // most significant bits. + + // the datasheet lists msb's first and lsb's last, in each table. + // meanwhile, x86 gcc treats the members at the top of the struct as lsb's + // and at the bottom of the struct, the members there are msb's. The same + // fact applies to all the other structs below. + + // non-x86 (and/or non-gcc) is untested + // little endian assumed +}; + +// --------------------------------------------------------------------- +// Descriptor struct representing the data +// --------------------------------------------------------------------- + +struct FLMAP1 { + unsigned char FMBA : 8; + unsigned char NM : 3; + unsigned char reserved : 5; + unsigned char FISBA : 8; + unsigned char ISL : 8; +}; + +struct FLMAP2 { + unsigned char FMSBA : 8; + unsigned char MSL : 8; + unsigned short reserved : 16; +}; + +struct FLMAPS { + struct FLMAP0 flMap0; + struct FLMAP1 flMap1; + struct FLMAP2 flMap2; +}; + +struct FLCOMP { + unsigned char component1Density : 3; + unsigned char component2Density : 3; + unsigned char reserved1 : 2; + unsigned char reserved2 : 8; + unsigned char reserved3 : 1; + unsigned char readClockFrequency : 3; + unsigned char fastReadSupport : 1; + unsigned char fastreadClockFrequency : 3; + unsigned char writeEraseClockFrequency : 3; + unsigned char readStatusClockFrequency : 3; + unsigned char reserved4 : 2; +}; + +struct COMPONENTSECTIONRECORD { + struct FLCOMP flcomp; + unsigned int flill; + unsigned int flpb; + unsigned char padding[36]; +}; + +struct FLREG { + unsigned short BASE : 13; + unsigned short reserved1 : 3; + unsigned short LIMIT : 13; + unsigned short reserved2 : 3; +}; + +struct REGIONSECTIONRECORD { + struct FLREG flReg0; // Descriptor + struct FLREG flReg1; // BIOS + struct FLREG flReg2; // ME + struct FLREG flReg3; // Gbe + struct FLREG flReg4; // Platform + unsigned char padding[12]; +}; + +struct FLMSTR { + unsigned short requesterId : 16; + unsigned char fdRegionReadAccess : 1; + unsigned char biosRegionReadAccess : 1; + unsigned char meRegionReadAccess : 1; + unsigned char gbeRegionReadAccess : 1; + unsigned char pdRegionReadAccess : 1; + unsigned char reserved1 : 3; + unsigned char fdRegionWriteAccess : 1; + unsigned char biosRegionWriteAccess : 1; + unsigned char meRegionWriteAccess : 1; + unsigned char gbeRegionWriteAccess : 1; + unsigned char pdRegionWriteAccess : 1; + unsigned char reserved2 : 3; +}; + + +struct MASTERACCESSSECTIONRECORD { + struct FLMSTR flMstr1; + struct FLMSTR flMstr2; + struct FLMSTR flMstr3; + unsigned char padding[148]; +}; + +struct ICHSTRAP0 { + // todo: add MeSmBus2Sel (boring setting) + unsigned char meDisable : 1; // If true, ME is disabled. + unsigned char reserved1 : 6; + unsigned char tcoMode : 1; // TCO Mode: (Legacy,TCO Mode) The TCO Mode, along with the BMCMODE strap, determines the behavior of the IAMT SmBus controller. + unsigned char smBusAddress : 7; // The ME SmBus 7-bit address. + unsigned char bmcMode : 1; // BMC mode: If true, device is in BMC mode. If Intel(R) AMT or ASF using Intel integrated LAN then this should be false. + unsigned char tripPointSelect : 1; // Trip Point Select: false the NJCLK input buffer is matched to 3.3v signal from the external PHY device, true is matched to 1.8v. + unsigned char reserved2 : 2; + unsigned char integratedGbe : 1; // Integrated GbE or PCI Express select: (PCI Express,,Integrated GbE) Defines what PCIe Port 6 is used for. + unsigned char lanPhy : 1; // LANPHYPC_GP12_SEL: Set to 0 for GP12 to be used as GPIO (General Purpose Input/Output), or 1 for GP12 to be used for native mode as LAN_PHYPC for 82566 LCD device + unsigned char reserved3 : 3; + unsigned char dmiRequesterId : 1; // DMI requestor ID security check disable: The primary purpose of this strap is to support server environments with multiple CPUs that each have a different RequesterID that can access the Flash. + unsigned char smBus2Address : 7; // The ME SmBus 2 7-bit address. +}; + +struct ICHSTRAP1 { + unsigned char northMlink : 1; // North MLink Dynamic Clock Gate Disable : Sets the default value for the South MLink Dynamic Clock Gate Enable registers. + unsigned char southMlink : 1; // South MLink Dynamic Clock Gate Enable : Sets the default value for the South MLink Dynamic Clock Gate Enable registers. + unsigned char meSmbus : 1; // ME SmBus Dynamic Clock Gate Enable : Sets the default value for the ME SMBus Dynamic Clock Gate Enable for both the ME SmBus controllers. + unsigned char sstDynamic : 1; // SST Dynamic Clock Gate Enable : Sets the default value for the SST Clock Gate Enable registers. + unsigned char reserved1 : 4; + unsigned char northMlink2 : 1; // North MLink 2 Non-Posted Enable : 'true':North MLink supports two downstream non-posted requests. 'false':North MLink supports one downstream non-posted requests. + unsigned char reserved2 : 7; + unsigned short reserved3 : 16; +}; + + +struct ICHSTRAPSRECORD { + struct ICHSTRAP0 ichStrap0; + struct ICHSTRAP1 ichStrap1; + unsigned char padding[248]; +}; + +struct MCHSTRAP0 { + unsigned char meDisable : 1; // If true, ME is disabled. + unsigned char meBootFromFlash : 1; // ME boot from Flash - guessed location + unsigned char tpmDisable : 1; // iTPM Disable : When set true, iTPM Host Interface is disabled. When set false (default), iTPM is enabled. + unsigned char reserved1 : 3; + unsigned char spiFingerprint : 1; // SPI Fingerprint Sensor Present: Indicates if an SPI Fingerprint sensor is present at CS#1. + unsigned char meAlternateDisable : 1; // ME Alternate Disable: Setting this bit allows ME to perform critical chipset functions but prevents loading of any ME FW applications. + unsigned char reserved2 : 8; + unsigned short reserved3 : 16; +}; + +struct MCHSTRAPSRECORD { + struct MCHSTRAP0 mchStrap0; + unsigned char padding[3292]; +}; + +struct MEVSCCTABLERECORD { + unsigned int jid0; + unsigned int vscc0; + unsigned int jid1; + unsigned int vscc1; + unsigned int jid2; + unsigned int vscc2; + unsigned char padding[4]; +}; + +struct DESCRIPTORMAP2RECORD { + unsigned char meVsccTableBaseAddress : 8; + unsigned char meVsccTableLength : 8; + unsigned short reserved : 16; +}; + +struct OEMSECTIONRECORD { + unsigned char magicString[8]; + unsigned char padding[248]; +}; + +struct DESCRIPTORREGIONRECORD { + struct FLVALSIG flValSig; + struct FLMAPS flMaps; + struct COMPONENTSECTIONRECORD componentSection; + struct REGIONSECTIONRECORD regionSection; + struct MASTERACCESSSECTIONRECORD masterAccessSection; + struct ICHSTRAPSRECORD ichStraps; + struct MCHSTRAPSRECORD mchStraps; + struct MEVSCCTABLERECORD meVsccTable; + struct DESCRIPTORMAP2RECORD descriptor2Map; + struct OEMSECTIONRECORD oemSection; +}; + +// --------------------------------------------------------------------- +// Descriptor functions +// --------------------------------------------------------------------- + +// Modify the flash descriptor, to remove the ME/AMT, and disable all other regions +// Only Flash Descriptor, Gbe and BIOS regions (BIOS region fills factoryRomSize-12k) are left. +// Tested on ThinkPad X200 and X200S. X200T and other GM45 targets may also work. +struct DESCRIPTORREGIONRECORD deblobbedDescriptorStructFromFactory(struct DESCRIPTORREGIONRECORD factoryDescriptorStruct, unsigned int factoryRomSize) +{ + struct DESCRIPTORREGIONRECORD deblobbedDescriptorStruct; + memcpy(&deblobbedDescriptorStruct, &factoryDescriptorStruct, DESCRIPTORREGIONSIZE); + + // Now we need to modify the descriptor so that the ME can be excluded + // from the final ROM image (libreboot one) after adding the modified + // descriptor+gbe. Refer to libreboot docs for details: docs/hcl/x200_remove_me.html + + // set number of regions from 4 -> 2 (0 based, so 4 means 5 and 2 + // means 3. We want 3 regions: descriptor, gbe and bios, in that order) + deblobbedDescriptorStruct.flMaps.flMap0.NR = 2; + + // make descriptor writable from OS. This is that the user can run: + // sudo ./flashrom -p internal:laptop=force_I_want_a_brick + // from the OS, without relying an an external SPI flasher, while + // being able to write to the descriptor region (locked by default, + // until making the change below): + deblobbedDescriptorStruct.masterAccessSection.flMstr1.fdRegionWriteAccess = 1; + + // relocate BIOS region and increase size to fill image + deblobbedDescriptorStruct.regionSection.flReg1.BASE = 3; // 3<> FLREGIONBITSHIFT) - 1); + // ^ for example, 8MB ROM, that's 8388608 bytes. + // ^ 8388608>>FLREGIONBITSHIFT (or 8388608/4096) = 2048 bytes + // 2048 - 1 = 2047 bytes. + // This defines where the final 0x1000 (4KiB) page starts in the flash chip, because the hardware does: + // 2047<>FLREGIONBITSHIFT) is well outside the higher 8MB range. + + // relocate Gbe region to begin at 4KiB (immediately after the flash descriptor) + deblobbedDescriptorStruct.regionSection.flReg3.BASE = 1; // 1<>FLREGIONBITSHIFT) is well outside the higher 8MB range. + + // disable ME in ICHSTRAP0 - the ME is a blob, we don't want it in libreboot + deblobbedDescriptorStruct.ichStraps.ichStrap0.meDisable = 1; + + // disable ME and TPM in MCHSTRAP0 + deblobbedDescriptorStruct.mchStraps.mchStrap0.meDisable = 1; // ME is a blob. not wanted in libreboot. + deblobbedDescriptorStruct.mchStraps.mchStrap0.tpmDisable = 1; // not wanted in libreboot + + // disable ME, apart from chipset bugfixes (ME region should first be re-enabled above) + // This is sort of like the CPU microcode updates, but for the chipset + // (commented out below here, since blobs go against libreboot's purpose, + // but may be interesting for others) + // deblobbedDescriptorStruct.mchStraps.mchStrap0.meAlternateDisable = 1; + + // debugging + printf("\nOriginal (factory.rom) Descriptor start block: %08x ; Descriptor end block: %08x\n", factoryDescriptorStruct.regionSection.flReg0.BASE << FLREGIONBITSHIFT, factoryDescriptorStruct.regionSection.flReg0.LIMIT << FLREGIONBITSHIFT); + printf("Original (factory.rom) BIOS start block: %08x ; BIOS end block: %08x\n", factoryDescriptorStruct.regionSection.flReg1.BASE << FLREGIONBITSHIFT, factoryDescriptorStruct.regionSection.flReg1.LIMIT << FLREGIONBITSHIFT); + printf("Original (factory.rom) ME start block: %08x ; ME end block: %08x\n", factoryDescriptorStruct.regionSection.flReg2.BASE << FLREGIONBITSHIFT, factoryDescriptorStruct.regionSection.flReg2.LIMIT << FLREGIONBITSHIFT); + printf("Original (factory.rom) GBe start block: %08x ; GBe end block: %08x\n", factoryDescriptorStruct.regionSection.flReg3.BASE << FLREGIONBITSHIFT, factoryDescriptorStruct.regionSection.flReg3.LIMIT << FLREGIONBITSHIFT); + + printf("\nRelocated (libreboot.rom) Descriptor start block: %08x ; Descriptor end block: %08x\n", deblobbedDescriptorStruct.regionSection.flReg0.BASE << FLREGIONBITSHIFT, deblobbedDescriptorStruct.regionSection.flReg0.LIMIT << FLREGIONBITSHIFT); + printf("Relocated (libreboot.rom) BIOS start block: %08x ; BIOS end block: %08x\n", deblobbedDescriptorStruct.regionSection.flReg1.BASE << FLREGIONBITSHIFT, deblobbedDescriptorStruct.regionSection.flReg1.LIMIT << FLREGIONBITSHIFT); + printf("Relocated (libreboot.rom) ME start block: %08x ; ME end block: %08x\n", deblobbedDescriptorStruct.regionSection.flReg2.BASE << FLREGIONBITSHIFT, deblobbedDescriptorStruct.regionSection.flReg2.LIMIT << FLREGIONBITSHIFT); + printf("Relocated (libreboot.rom) GBe start block: %08x ; GBe end block: %08x\n", deblobbedDescriptorStruct.regionSection.flReg3.BASE << FLREGIONBITSHIFT, deblobbedDescriptorStruct.regionSection.flReg3.LIMIT << FLREGIONBITSHIFT); + + return deblobbedDescriptorStruct; +} + +#endif diff --git a/resources/utilities/ich9deblob/descriptor/struct.h b/resources/utilities/ich9deblob/descriptor/struct.h deleted file mode 100644 index 710c09b9..00000000 --- a/resources/utilities/ich9deblob/descriptor/struct.h +++ /dev/null @@ -1,316 +0,0 @@ -/* - * descriptor/struct.h - * This file is part of the ich9deblob utility from the libreboot project - * - * Copyright (C) 2014 Steve Shenton - * Francis Rowe - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -// Purpose: provide struct representing descriptor region. -// Map actual buffers of this regions, directly to instances of these -// structs. This makes working with descriptor really easy. - -// bit fields used, corresponding to datasheet. See links to datasheets -// and documentation in ich9deblob.c - -#ifndef DESCRIPTORSTRUCT_H -#define DESCRIPTORSTRUCT_H - -#include -#include - -#define DESCRIPTORREGIONSIZE 0x1000 // 4 KiB - -// Related to the flash descriptor -#define FLREGIONBITSHIFT 0xC // bits 12(0xC)-24(0x18) are represented for words found in the flash descriptor - // To manipulate these easily in C, we shift them by FLREGIONBITSHIFT and then shift them back when done - -struct FLVALSIG{ - unsigned int signature; -}; - -struct FLMAP0 { - // least signicant bits - unsigned char FCBA : 8; - unsigned char NC : 2; - unsigned char reserved1 : 6; - // ^^^^ unnamed members like these represent unused bits (per datasheet). - // the same applies for all structs in this file. - unsigned char FRBA : 8; - unsigned char NR : 3; - unsigned char reserved2 : 5; - // most significant bits. - - // the datasheet lists msb's first and lsb's last, in each table. - // meanwhile, x86 gcc treats the members at the top of the struct as lsb's - // and at the bottom of the struct, the members there are msb's. The same - // fact applies to all the other structs below. - - // non-x86 (and/or non-gcc) is untested - // little endian assumed -}; - -// --------------------------------------------------------------------- -// Descriptor struct representing the data -// --------------------------------------------------------------------- - -struct FLMAP1 { - unsigned char FMBA : 8; - unsigned char NM : 3; - unsigned char reserved : 5; - unsigned char FISBA : 8; - unsigned char ISL : 8; -}; - -struct FLMAP2 { - unsigned char FMSBA : 8; - unsigned char MSL : 8; - unsigned short reserved : 16; -}; - -struct FLMAPS { - struct FLMAP0 flMap0; - struct FLMAP1 flMap1; - struct FLMAP2 flMap2; -}; - -struct FLCOMP { - unsigned char component1Density : 3; - unsigned char component2Density : 3; - unsigned char reserved1 : 2; - unsigned char reserved2 : 8; - unsigned char reserved3 : 1; - unsigned char readClockFrequency : 3; - unsigned char fastReadSupport : 1; - unsigned char fastreadClockFrequency : 3; - unsigned char writeEraseClockFrequency : 3; - unsigned char readStatusClockFrequency : 3; - unsigned char reserved4 : 2; -}; - -struct COMPONENTSECTIONRECORD { - struct FLCOMP flcomp; - unsigned int flill; - unsigned int flpb; - unsigned char padding[36]; -}; - -struct FLREG { - unsigned short BASE : 13; - unsigned short reserved1 : 3; - unsigned short LIMIT : 13; - unsigned short reserved2 : 3; -}; - -struct REGIONSECTIONRECORD { - struct FLREG flReg0; // Descriptor - struct FLREG flReg1; // BIOS - struct FLREG flReg2; // ME - struct FLREG flReg3; // Gbe - struct FLREG flReg4; // Platform - unsigned char padding[12]; -}; - -struct FLMSTR { - unsigned short requesterId : 16; - unsigned char fdRegionReadAccess : 1; - unsigned char biosRegionReadAccess : 1; - unsigned char meRegionReadAccess : 1; - unsigned char gbeRegionReadAccess : 1; - unsigned char pdRegionReadAccess : 1; - unsigned char reserved1 : 3; - unsigned char fdRegionWriteAccess : 1; - unsigned char biosRegionWriteAccess : 1; - unsigned char meRegionWriteAccess : 1; - unsigned char gbeRegionWriteAccess : 1; - unsigned char pdRegionWriteAccess : 1; - unsigned char reserved2 : 3; -}; - - -struct MASTERACCESSSECTIONRECORD { - struct FLMSTR flMstr1; - struct FLMSTR flMstr2; - struct FLMSTR flMstr3; - unsigned char padding[148]; -}; - -struct ICHSTRAP0 { - // todo: add MeSmBus2Sel (boring setting) - unsigned char meDisable : 1; // If true, ME is disabled. - unsigned char reserved1 : 6; - unsigned char tcoMode : 1; // TCO Mode: (Legacy,TCO Mode) The TCO Mode, along with the BMCMODE strap, determines the behavior of the IAMT SmBus controller. - unsigned char smBusAddress : 7; // The ME SmBus 7-bit address. - unsigned char bmcMode : 1; // BMC mode: If true, device is in BMC mode. If Intel(R) AMT or ASF using Intel integrated LAN then this should be false. - unsigned char tripPointSelect : 1; // Trip Point Select: false the NJCLK input buffer is matched to 3.3v signal from the external PHY device, true is matched to 1.8v. - unsigned char reserved2 : 2; - unsigned char integratedGbe : 1; // Integrated GbE or PCI Express select: (PCI Express,,Integrated GbE) Defines what PCIe Port 6 is used for. - unsigned char lanPhy : 1; // LANPHYPC_GP12_SEL: Set to 0 for GP12 to be used as GPIO (General Purpose Input/Output), or 1 for GP12 to be used for native mode as LAN_PHYPC for 82566 LCD device - unsigned char reserved3 : 3; - unsigned char dmiRequesterId : 1; // DMI requestor ID security check disable: The primary purpose of this strap is to support server environments with multiple CPUs that each have a different RequesterID that can access the Flash. - unsigned char smBus2Address : 7; // The ME SmBus 2 7-bit address. -}; - -struct ICHSTRAP1 { - unsigned char northMlink : 1; // North MLink Dynamic Clock Gate Disable : Sets the default value for the South MLink Dynamic Clock Gate Enable registers. - unsigned char southMlink : 1; // South MLink Dynamic Clock Gate Enable : Sets the default value for the South MLink Dynamic Clock Gate Enable registers. - unsigned char meSmbus : 1; // ME SmBus Dynamic Clock Gate Enable : Sets the default value for the ME SMBus Dynamic Clock Gate Enable for both the ME SmBus controllers. - unsigned char sstDynamic : 1; // SST Dynamic Clock Gate Enable : Sets the default value for the SST Clock Gate Enable registers. - unsigned char reserved1 : 4; - unsigned char northMlink2 : 1; // North MLink 2 Non-Posted Enable : 'true':North MLink supports two downstream non-posted requests. 'false':North MLink supports one downstream non-posted requests. - unsigned char reserved2 : 7; - unsigned short reserved3 : 16; -}; - - -struct ICHSTRAPSRECORD { - struct ICHSTRAP0 ichStrap0; - struct ICHSTRAP1 ichStrap1; - unsigned char padding[248]; -}; - -struct MCHSTRAP0 { - unsigned char meDisable : 1; // If true, ME is disabled. - unsigned char meBootFromFlash : 1; // ME boot from Flash - guessed location - unsigned char tpmDisable : 1; // iTPM Disable : When set true, iTPM Host Interface is disabled. When set false (default), iTPM is enabled. - unsigned char reserved1 : 3; - unsigned char spiFingerprint : 1; // SPI Fingerprint Sensor Present: Indicates if an SPI Fingerprint sensor is present at CS#1. - unsigned char meAlternateDisable : 1; // ME Alternate Disable: Setting this bit allows ME to perform critical chipset functions but prevents loading of any ME FW applications. - unsigned char reserved2 : 8; - unsigned short reserved3 : 16; -}; - -struct MCHSTRAPSRECORD { - struct MCHSTRAP0 mchStrap0; - unsigned char padding[3292]; -}; - -struct MEVSCCTABLERECORD { - unsigned int jid0; - unsigned int vscc0; - unsigned int jid1; - unsigned int vscc1; - unsigned int jid2; - unsigned int vscc2; - unsigned char padding[4]; -}; - -struct DESCRIPTORMAP2RECORD { - unsigned char meVsccTableBaseAddress : 8; - unsigned char meVsccTableLength : 8; - unsigned short reserved : 16; -}; - -struct OEMSECTIONRECORD { - unsigned char magicString[8]; - unsigned char padding[248]; -}; - -struct DESCRIPTORREGIONRECORD { - struct FLVALSIG flValSig; - struct FLMAPS flMaps; - struct COMPONENTSECTIONRECORD componentSection; - struct REGIONSECTIONRECORD regionSection; - struct MASTERACCESSSECTIONRECORD masterAccessSection; - struct ICHSTRAPSRECORD ichStraps; - struct MCHSTRAPSRECORD mchStraps; - struct MEVSCCTABLERECORD meVsccTable; - struct DESCRIPTORMAP2RECORD descriptor2Map; - struct OEMSECTIONRECORD oemSection; -}; - -// --------------------------------------------------------------------- -// Descriptor functions -// --------------------------------------------------------------------- - -// Modify the flash descriptor, to remove the ME/AMT, and disable all other regions -// Only Flash Descriptor, Gbe and BIOS regions (BIOS region fills factoryRomSize-12k) are left. -// Tested on ThinkPad X200 and X200S. X200T and other GM45 targets may also work. -struct DESCRIPTORREGIONRECORD deblobbedDescriptorStructFromFactory(struct DESCRIPTORREGIONRECORD factoryDescriptorStruct, unsigned int factoryRomSize) -{ - struct DESCRIPTORREGIONRECORD deblobbedDescriptorStruct; - memcpy(&deblobbedDescriptorStruct, &factoryDescriptorStruct, DESCRIPTORREGIONSIZE); - - // Now we need to modify the descriptor so that the ME can be excluded - // from the final ROM image (libreboot one) after adding the modified - // descriptor+gbe. Refer to libreboot docs for details: docs/hcl/x200_remove_me.html - - // set number of regions from 4 -> 2 (0 based, so 4 means 5 and 2 - // means 3. We want 3 regions: descriptor, gbe and bios, in that order) - deblobbedDescriptorStruct.flMaps.flMap0.NR = 2; - - // make descriptor writable from OS. This is that the user can run: - // sudo ./flashrom -p internal:laptop=force_I_want_a_brick - // from the OS, without relying an an external SPI flasher, while - // being able to write to the descriptor region (locked by default, - // until making the change below): - deblobbedDescriptorStruct.masterAccessSection.flMstr1.fdRegionWriteAccess = 1; - - // relocate BIOS region and increase size to fill image - deblobbedDescriptorStruct.regionSection.flReg1.BASE = 3; // 3<> FLREGIONBITSHIFT) - 1); - // ^ for example, 8MB ROM, that's 8388608 bytes. - // ^ 8388608>>FLREGIONBITSHIFT (or 8388608/4096) = 2048 bytes - // 2048 - 1 = 2047 bytes. - // This defines where the final 0x1000 (4KiB) page starts in the flash chip, because the hardware does: - // 2047<>FLREGIONBITSHIFT) is well outside the higher 8MB range. - - // relocate Gbe region to begin at 4KiB (immediately after the flash descriptor) - deblobbedDescriptorStruct.regionSection.flReg3.BASE = 1; // 1<>FLREGIONBITSHIFT) is well outside the higher 8MB range. - - // disable ME in ICHSTRAP0 - the ME is a blob, we don't want it in libreboot - deblobbedDescriptorStruct.ichStraps.ichStrap0.meDisable = 1; - - // disable ME and TPM in MCHSTRAP0 - deblobbedDescriptorStruct.mchStraps.mchStrap0.meDisable = 1; // ME is a blob. not wanted in libreboot. - deblobbedDescriptorStruct.mchStraps.mchStrap0.tpmDisable = 1; // not wanted in libreboot - - // disable ME, apart from chipset bugfixes (ME region should first be re-enabled above) - // This is sort of like the CPU microcode updates, but for the chipset - // (commented out below here, since blobs go against libreboot's purpose, - // but may be interesting for others) - // deblobbedDescriptorStruct.mchStraps.mchStrap0.meAlternateDisable = 1; - - // debugging - printf("\nOriginal (factory.rom) Descriptor start block: %08x ; Descriptor end block: %08x\n", factoryDescriptorStruct.regionSection.flReg0.BASE << FLREGIONBITSHIFT, factoryDescriptorStruct.regionSection.flReg0.LIMIT << FLREGIONBITSHIFT); - printf("Original (factory.rom) BIOS start block: %08x ; BIOS end block: %08x\n", factoryDescriptorStruct.regionSection.flReg1.BASE << FLREGIONBITSHIFT, factoryDescriptorStruct.regionSection.flReg1.LIMIT << FLREGIONBITSHIFT); - printf("Original (factory.rom) ME start block: %08x ; ME end block: %08x\n", factoryDescriptorStruct.regionSection.flReg2.BASE << FLREGIONBITSHIFT, factoryDescriptorStruct.regionSection.flReg2.LIMIT << FLREGIONBITSHIFT); - printf("Original (factory.rom) GBe start block: %08x ; GBe end block: %08x\n", factoryDescriptorStruct.regionSection.flReg3.BASE << FLREGIONBITSHIFT, factoryDescriptorStruct.regionSection.flReg3.LIMIT << FLREGIONBITSHIFT); - - printf("\nRelocated (libreboot.rom) Descriptor start block: %08x ; Descriptor end block: %08x\n", deblobbedDescriptorStruct.regionSection.flReg0.BASE << FLREGIONBITSHIFT, deblobbedDescriptorStruct.regionSection.flReg0.LIMIT << FLREGIONBITSHIFT); - printf("Relocated (libreboot.rom) BIOS start block: %08x ; BIOS end block: %08x\n", deblobbedDescriptorStruct.regionSection.flReg1.BASE << FLREGIONBITSHIFT, deblobbedDescriptorStruct.regionSection.flReg1.LIMIT << FLREGIONBITSHIFT); - printf("Relocated (libreboot.rom) ME start block: %08x ; ME end block: %08x\n", deblobbedDescriptorStruct.regionSection.flReg2.BASE << FLREGIONBITSHIFT, deblobbedDescriptorStruct.regionSection.flReg2.LIMIT << FLREGIONBITSHIFT); - printf("Relocated (libreboot.rom) GBe start block: %08x ; GBe end block: %08x\n", deblobbedDescriptorStruct.regionSection.flReg3.BASE << FLREGIONBITSHIFT, deblobbedDescriptorStruct.regionSection.flReg3.LIMIT << FLREGIONBITSHIFT); - - return deblobbedDescriptorStruct; -} - -#endif diff --git a/resources/utilities/ich9deblob/ich9deblob.c b/resources/utilities/ich9deblob/ich9deblob.c index 4073453b..49d5a9b2 100644 --- a/resources/utilities/ich9deblob/ich9deblob.c +++ b/resources/utilities/ich9deblob/ich9deblob.c @@ -42,7 +42,7 @@ #include #include -#include "descriptor/struct.h" // structs describing what's in the descriptor region +#include "descriptor/descriptor.h" // structs describing what's in the descriptor region #include "gbe/gbe.h" // structs describing what's in the gbe region, plus functions that use them #include "x86compatibility.c" // compatibility checks. this utility is not portable yet. diff --git a/resources/utilities/ich9deblob/x86compatibility.c b/resources/utilities/ich9deblob/x86compatibility.c index ebbf2d21..4fe8d564 100644 --- a/resources/utilities/ich9deblob/x86compatibility.c +++ b/resources/utilities/ich9deblob/x86compatibility.c @@ -24,7 +24,7 @@ #include #include -#include "descriptor/struct.h" // structs describing what's in the descriptor region +#include "descriptor/descriptor.h" // structs describing what's in the descriptor region #include "gbe/gbe.h" // structs describing what's in the gbe region, plus functions that use them // --------------------------------------------------------------------- -- cgit v1.2.3-70-g09d2