153 lines
4.9 KiB
C
153 lines
4.9 KiB
C
|
/*
|
||
|
* ich9show.c
|
||
|
* Just a little hack by Leah to show the ICH9 region read/write status
|
||
|
*
|
||
|
* Purpose: disable and remove the ME from ich9m/gm45 systems in coreboot.
|
||
|
*
|
||
|
* Copyright (C) 2014 Steve Shenton <sgsit@libreboot.org>
|
||
|
* Copyright (C) 2014,2015,2019 Leah Rowe <info@minifree.org>
|
||
|
*
|
||
|
* This program is free software: you can redistribute it and/or modify
|
||
|
* it under the terms of the GNU General Public License as published by
|
||
|
* the Free Software Foundation, either version 3 of the License, or
|
||
|
* (at your option) any later version.
|
||
|
*
|
||
|
* This program is distributed in the hope that it will be useful,
|
||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
* GNU General Public License for more details.
|
||
|
*
|
||
|
* You should have received a copy of the GNU General Public License
|
||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||
|
*/
|
||
|
|
||
|
/* Initially based on proof of concept by Steve Shenton. */
|
||
|
/* Original utility can be found at https://gitorious.org/ich9descriptortool */
|
||
|
|
||
|
/*
|
||
|
* Read a factory.rom dump (ich9m/gm45 systems) and
|
||
|
* modify the flash descriptor to remove all regions except descriptor,
|
||
|
* Gbe and BIOS. Set BIOS region to full size of the ROM image (after
|
||
|
* the flash descriptor and gbe). Basically, deblob the descriptor.
|
||
|
*
|
||
|
* This will will generate a concatenated descriptor+gbe dump suitable
|
||
|
* for use in libreboot. Currently tested: ThinkPad X200 (coreboot/libreboot)
|
||
|
*/
|
||
|
|
||
|
/*
|
||
|
* See docs/hardware/x200_remove_me.html for info plus links to datasheet (also linked below)
|
||
|
*
|
||
|
* Info about flash descriptor (read page 845 onwards):
|
||
|
* http://www.intel.co.uk/content/dam/doc/datasheet/io-controller-hub-9-datasheet.pdf
|
||
|
*
|
||
|
* Info about Gbe region (read whole datasheet):
|
||
|
* http://www.intel.co.uk/content/dam/doc/application-note/i-o-controller-hub-9m-82567lf-lm-v-nvm-map-appl-note.pdf
|
||
|
* https://web.archive.org/web/20150912070329/https://communities.intel.com/community/wired/blog/2010/10/14/how-to-basic-eeprom-checksums
|
||
|
*/
|
||
|
|
||
|
#include "ich9show.h"
|
||
|
|
||
|
int main(int argc, char *argv[])
|
||
|
{
|
||
|
if(argc!=2) {
|
||
|
printf("Incorrect number of arguments. Please specify *one* ROM path.\n");
|
||
|
return 1;
|
||
|
} /* TODO: Make ich9show support dumping stats of multiple ROM images */
|
||
|
|
||
|
struct DESCRIPTORREGIONRECORD descriptorStruct;
|
||
|
uint8_t* descriptorBuffer = (uint8_t*)&descriptorStruct;
|
||
|
|
||
|
struct GBEREGIONRECORD_8K gbeStruct8k;
|
||
|
uint8_t* gbeBuffer8k = (uint8_t*)&gbeStruct8k;
|
||
|
uint32_t gbeRegionStart;
|
||
|
|
||
|
char* romFilename = argv[1];
|
||
|
|
||
|
unsigned int bufferLength;
|
||
|
unsigned int romSize;
|
||
|
|
||
|
/*
|
||
|
* ------------------------------------------------------------------
|
||
|
* Compatibility checks. This version of ich9deblob is not yet portable.
|
||
|
* ------------------------------------------------------------------
|
||
|
*/
|
||
|
|
||
|
if (systemOrCompilerIncompatible(descriptorStruct, gbeStruct8k)) return 1;
|
||
|
/* If true, fail with error message */
|
||
|
|
||
|
/*
|
||
|
* ------------------------------------------------------------------
|
||
|
* Extract the descriptor and gbe regions from the factory.rom dump
|
||
|
* ------------------------------------------------------------------
|
||
|
*/
|
||
|
FILE* fp = NULL;
|
||
|
fp = fopen(romFilename, "rb");
|
||
|
if (NULL == fp)
|
||
|
{
|
||
|
printf("\nerror: could not open %s\n", romFilename);
|
||
|
fclose(fp);
|
||
|
return 1;
|
||
|
}
|
||
|
printf("\n%s opened successfully\n", romFilename);
|
||
|
|
||
|
/*
|
||
|
* Get the descriptor region dump from the the given ROM
|
||
|
* (goes in factoryDescriptorBuffer variable)
|
||
|
*/
|
||
|
bufferLength = fread(descriptorBuffer, 1, DESCRIPTORREGIONSIZE, fp);
|
||
|
if (DESCRIPTORREGIONSIZE != bufferLength) //
|
||
|
{
|
||
|
printf("\nerror: could not read descriptor from %s (%i) bytes read\n", romFilename, bufferLength);
|
||
|
fclose(fp);
|
||
|
return 1;
|
||
|
}
|
||
|
printf("\ndescriptor region read successfully\n");
|
||
|
|
||
|
if(!validDescriptor(descriptorStruct)) {
|
||
|
printf("Invalid input: incorrect signature in the given descriptor.");
|
||
|
fclose(fp);
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
if (descriptorDefinesGbeRegion(descriptorStruct))
|
||
|
{
|
||
|
gbeRegionStart = descriptorStruct.regionSection.flReg3.BASE << FLREGIONBITSHIFT;
|
||
|
|
||
|
/*
|
||
|
* Set offset so that we can read the data from
|
||
|
* the gbe region
|
||
|
*/
|
||
|
fseek(fp, gbeRegionStart, SEEK_SET);
|
||
|
/* Read the gbe data from the given ROM and put it in factoryGbeBuffer8k */
|
||
|
bufferLength = fread(gbeBuffer8k, 1, GBEREGIONSIZE_8K, fp);
|
||
|
if (GBEREGIONSIZE_8K != bufferLength)
|
||
|
{
|
||
|
printf("\nerror: could not read GBe region from %s (%i) bytes read\n", romFilename, bufferLength);
|
||
|
fclose(fp);
|
||
|
return 1;
|
||
|
}
|
||
|
printf("\ngbe (8KiB) region read successfully\n");
|
||
|
}
|
||
|
|
||
|
fseek(fp, 0L, SEEK_END);
|
||
|
romSize = ftell(fp);
|
||
|
printf("\n%s size: [%i] bytes\n", romFilename, romSize);
|
||
|
|
||
|
fclose(fp);
|
||
|
|
||
|
showDescriptorData(descriptorStruct);
|
||
|
|
||
|
if (descriptorDefinesGbeRegion(descriptorStruct))
|
||
|
{
|
||
|
printf("\nMain GbE region:\n\n");
|
||
|
showGbeData(gbeStruct8k.main);
|
||
|
printf("\n");
|
||
|
|
||
|
printf("\nBackup GbE region:\n\n");
|
||
|
showGbeData(gbeStruct8k.backup);
|
||
|
printf("\n");
|
||
|
}
|
||
|
|
||
|
return 0;
|
||
|
}
|