Merge pull request 'Remove ich9utils' (#137) from runxiyu/lbwww:remove_ich9utils into master

Reviewed-on: https://codeberg.org/libreboot/lbwww/pulls/137
2025-02-08 11:21:30 +00:00 · 2025-02-08 11:21:30 +00:00 · 990dc943d3
parent 84219b20eb 6f6ccc1ea9
commit 990dc943d3
10 changed files with 20 additions and 66 deletions
--- a/site/contrib.md
+++ b/site/contrib.md
@ -631,20 +631,19 @@ engineered the layout of the Intel GbE NVM (non-volatile memory) region in the
 boot flash. This region defines configuration options for the onboard Intel
 GbE NIC, if present.
-Based on this, I was able to take Steve's initial proof of concept and write
+Based on this, I was able to take Steve's initial proof of concept
 and work with him extensively to write
 the `ich9gen` utility, which generates an Intel Flash Descriptor and GbE NVM
-region, from scratch, without an Intel ME region defined. It is this tool,
+region, from scratch, without an Intel ME region defined,
-the `ich9gen` tool, that Libreboot uses to provide ROM images for GM45+ICH9M
+without needing a dump of the original Lenovo BIOS firmware.
 Libreboot used to use `ich9gen` to provide ROM images for GM45+ICH9M
 platforms (such as ThinkPad X200/T400/T500/W500), with a fully functional
 descriptor and functional Gigabit Ethernet, but *without* needing Intel
 Management Engine (ME) firmware, thus making those machines *libre* (the ME
 is fully disabled, when you use a descriptor+gbe image generated by `ich9gen`).
-
+Note that `ich9gen` is now obsolete as the Flash Descriptor and NVM region
-With *my* `ich9gen` tool (Steve's tool was called `ich9deblob`), you didn't
+are generated pre-assembled, and `nvmutil` is used to change MAC addresses
-need a dump of the original Lenovo BIOS firmware anymore! I could not have
+instead.
 written this tool, without Steve's initial proof of concept. I worked with him,
 extensively, for many months. All GM45+ICH9M support (X200, T400, etc) in
 Libreboot is made possible because of the work he did, back in 2014.
 ### Swift Geek
--- a/site/docs/install/ich9utils.md.description
+++ b/site/docs/install/ich9utils.md.description
@ -1 +1 @@
-Documentation pertaining to ich9utils which can generate or modify Intel Flash Descriptors, and Intel GbE NVM images.
+Documentation pertaining to the deprecated ich9utils which can generate or modify Intel Flash Descriptors, and Intel GbE NVM images.
--- a/site/docs/install/mac_address.md
+++ b/site/docs/install/mac_address.md
@ -86,18 +86,7 @@ init scripts or you can use your operating system's own networking
 configuration. Refer to your operating system's documentation for
 how to do this.
-Changing the MAC address on X200/T400/T500/W500
+Changing the MAC address (e.g. X230/T440p)
 -----------------------------------------------
 On GM45 laptops with ICH9M southbridge and Intel PHY module, the MAC address
 is hardcoded in boot flash, which means it can be changed if you re-flash.
 See [ich9utils documentation](../install/ich9utils.md)
 If *all* you want to do is change the MAC address, you might try `nvmutil`
 instead. See notes below:
 Changing the MAC address on ivybridge/sandybridge/haswell (e.g. X230/T440p)
 -----------------------------------------------------------------
 See [nvmutil documentation](../install/nvmutil.md)
@ -107,15 +96,6 @@ Sandybridge, Ivybridge and Haswell platforms, but it can be used on any
 platform with a valid GbE region in flash, where an Intel Flash Descriptor
 is used; this includes older GM45+ICH9M machines supported by Libreboot.
 The `ich9utils` program is more useful in an lbmk context, because it
 generates an entire Intel Flash Descriptor and GbE region from scratch;
 coreboot has a similar method in its build system, using its own utility
 called bincfg, but this tool is unused in lbmk.
 No tool like ich9utils exists for these boards yet, but lbmk includes the IFD
 and GbE files in-tree (Intel ME is handled by extracting from Lenovo updates,
 which the build system automatically fetches from the internet).
 You can use `nvmutil` to change the existing MAC address in a GbE region. This
 sets the "hardcoded" MAC address, typically a globally assigned one set by
 the vendor, but you can use local addresses, and you can use randomised MACs.
--- a/site/docs/install/r400.md
+++ b/site/docs/install/r400.md
@ -71,8 +71,7 @@ the palmrest: 4MiB is SOIC-8, 8MiB is SOIC-16.
 *The R400 laptops come with the ME (and sometimes AMT in addition)
 before flashing libreboot. libreboot disables and removes it by using a
-modified descriptor: see [../install/ich9utils.md](../install/ich9utils.md)*
+modified descriptor.*
 (contains notes, plus instructions)
 Flashing instructions can be found at
 [../install/\#flashprog](../install/#flashprog)
--- a/site/docs/install/t400.md
+++ b/site/docs/install/t400.md
@ -70,8 +70,7 @@ the palmrest: 4MiB is SOIC-8, 8MiB is SOIC-16.
 *The T400 laptops come with the ME (and sometimes AMT in addition)
 before flashing libreboot. libreboot disables and removes it by using a
-modified descriptor: see [../install/ich9utils.md](../install/ich9utils.md)*
+modified descriptor.*
 (contains notes, plus instructions)
 Flashing instructions can be found at
 [../install/\#flashprog](../install/#flashprog)
--- a/site/docs/install/t500.md
+++ b/site/docs/install/t500.md
@ -72,8 +72,7 @@ the palmrest: 4MiB is SOIC-8, 8MiB is SOIC-16.
 *The T500 laptops come with the ME (and sometimes AMT in addition)
 before flashing libreboot. libreboot disables and removes it by using a
-modified descriptor: see [../install/ich9utils.md](../install/ich9utils.md)*
+modified descriptor.*
 (contains notes, plus instructions)
 Flashing instructions can be found at
 [../install/\#flashprog](../install/#flashprog)
--- a/site/docs/install/x200.md
+++ b/site/docs/install/x200.md
@ -70,8 +70,7 @@ the palmrest: 4MiB is SOIC-8, 8MiB is SOIC-16.
 *The X200 laptops come with the ME (and sometimes AMT in addition)
 before flashing libreboot. libreboot disables and removes it by using a
-modified descriptor: see [../install/ich9utils.md](../install/ich9utils.md)*
+modified descriptor.*
 (contains notes, plus instructions)
 Flashing instructions can be found at
 [../install/\#flashprog](../install/#flashprog)
--- a/site/faq.md
+++ b/site/faq.md
@ -295,7 +295,7 @@ privacy that can't be ignored.
 Before version 6.0 (that is, on systems from 2008/2009 and earlier), the
 ME can be disabled by setting a couple of values in the SPI flash
 memory. The ME firmware can then be removed entirely from the flash
-memory space. The libreboot project [does this](docs/install/ich9utils.md) on
+memory space. The libreboot project does this on
 the Intel 4 Series systems that it supports, such as the [ThinkPad
 X200](../docs/install/x200.md) and [ThinkPad
 T400](../docs/install/t400.md). ME firmware versions 6.0 and
@ -516,13 +516,8 @@ inconvenient to use an external programmer.
 On some systems, it is possible to write-protect the firmware, such that
 it is rendered read-only at the OS level (external flashing is still
-possible, using dedicated hardware). For example, on current GM45
+possible, using dedicated hardware). [See instructions
-laptops (e.g. ThinkPad X200, T400), you can write-protect (see
+here.](docs/linux/grub_hardening.md#flash-write-protection)
 [ICH9 gen utility](docs/install/ich9utils.md#ich9gen)).
 It's possible to write-protect on all libreboot systems, but the instructions
 need to be written. The documentation is in the main git repository, so you are
 welcome to submit patches adding these instructions.
 TODO: Document PRx based flash protection on Intel platforms, and investigate
 other methods on AMD systems.
--- a/site/freedom-status.md
+++ b/site/freedom-status.md
@ -95,7 +95,7 @@ In a *descriptor* configuration, the flash is divided into regions such as:
  the initialisation firmware plus operating system for it is loaded from
  this dedicated region in the main boot flash. More info is available [in the
  FAQ](faq.md#intelme) - where ME firmware is otherwise present, Libreboot
-  either [removes](docs/install/ich9utils.html) it or (with the `me_cleaner` program) [reconfigures](https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F) it in such
+  either removes it or (with the `me_cleaner` program) [reconfigures](https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F) it in such
  a way where it is disabled during machine initialisation.
 * Platform region: non-program data, usually just a bunch of strings put there
  by the hardware vendor.
@ -152,11 +152,7 @@ whether the CPU comes out of reset).
 *Libreboot* provides a way to fully remove the ME firmware, while retaining
 full use of the machine, on GM45 platforms with ICH9M southbridge. These are
-laptops: ThinkPad X200/T400/T500/W500 and so on of that generation. See:
+laptops: ThinkPad X200/T400/T500/W500 and so on of that generation.
 [docs/install/ich9utils.md](docs/install/ich9utils.md)
 The `ich9utils` software is provided by Libreboot. The `ich9gen` utility was
 specifically written by Leah Rowe, in 2014 and improved incrementally since.
 On newer platforms as alluded to above, `me_cleaner` is used instead.
@ -301,7 +297,6 @@ Intel Flash Descriptors are provided as blobs on some boards, but these are
 not *software* blobs. They are configurations provided in a binary format,
 fully readable by libre software. For example:
 * Libreboot's `ich9gen` program generates ICH9M flash descriptors from scratch.
 * Coreboot's `ifdtool` program has extensive features for manipulating Intel
  flash descriptors.
 * Corebot's `bincfg` program generates any sort of binary from a `.spec` file
@ -311,8 +306,6 @@ fully readable by libre software. For example:
 Intel GbE NVM config (configuration data, binary-encoded, for gigabit NIC):
 * Libreboot's `ich9gen` program *also* generates GbE NVM images specifically
  for Intel NICs used in GM45 thinkpads.
 * Libreboot's `nvmutil` program can manipulate GbE NVM images
 ### ARM/chromebooks
--- a/site/git.md
+++ b/site/git.md
@ -35,9 +35,7 @@ needed something more stable, so now Libreboot is hosted on codeberg. See:
 There are also these programs, hosted by the Libreboot project, and libreboot
 either recommends them or makes use of them:
-The `ich9utils` project is now available under `util/ich9utils` in lbmk, and
+The old `ich9utils` and `bucts` repositories are available on notabug:
 lbmk uses *that*, but the old standalone repository is still available on
 notabug (bucts is also there):
 * Bucts (utility): <https://notabug.org/libreboot/bucts>
 * ich9utils (utility): <https://notabug.org/libreboot/ich9utils>
@ -60,13 +58,6 @@ internally an libreboot ROM onto a ThinkPad X60 or T60 that is currently running
 the original Lenovo BIOS. Instructions for that are available here:\
 [libreboot installation guides](docs/install/)
 The `ich9utils` repository is used heavily, by the `lbmk` build system. However,
 you can also download `ich9utils` on its own and use it. It generates ICH9M
 descriptor+GbE images for GM45 ThinkPads that use the ICH9M southbridge. It may
 also work for other systems using the same platform/chipset.
 Documentation for `ich9utils` is available here:\
 [ich9utils documentation](docs/install/ich9utils.md)
 ### lbmk (libreboot-make)
 This is the core build system in libreboot. You could say that `lbmk` *is*
`@ -1 +1 @@`
	`Documentation pertaining to ich9utils which can generate or modify Intel Flash Descriptors, and Intel GbE NVM images.`	`Documentation pertaining to the deprecated ich9utils which can generate or modify Intel Flash Descriptors, and Intel GbE NVM images.`