From 631e30291d76fc34b24edfca6bc48b6d9dad4f80 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Thu, 29 Oct 2020 15:54:52 -0400 Subject: [PATCH 01/11] xx20 blobs extraction scripts fixes to neuter, deativate, trim ME and output reduced ME under blob dir and modify both ME and BIOS regions accordingly to be able to accept CONFIG_CBFS_SIZE=0x750000 defined under coreboot configs (attempt to fix #870) --- blobs/t420/extract.sh | 3 +-- blobs/x220/extract.sh | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/blobs/t420/extract.sh b/blobs/t420/extract.sh index 422924741..883c434a2 100755 --- a/blobs/t420/extract.sh +++ b/blobs/t420/extract.sh @@ -55,10 +55,9 @@ cp "$FILE" $bioscopy cd "$extractdir" $IFDTOOL -x $bioscopy cp "$extractdir/flashregion_3_gbe.bin" "$BLOBDIR/gbe.bin" -$MECLEAN -O "$BLOBDIR/me.bin" -r -t "$extractdir/flashregion_2_intel_me.bin" +$MECLEAN -r -t -d -O /tmp/unneeded.bin -D "$BLOBDIR/ifd.bin" -M "$BLOBDIR/me.bin" "$extractdir/flashregion_2_intel_me.bin" $IFDTOOL -n "$BLOBDIR/layout.txt" $bioscopy $IFDTOOL -x $bioscopy.new -cp "$extractdir/flashregion_0_flashdescriptor.bin" "$BLOBDIR/ifd.bin" rm "$bioscopy" rm "$bioscopy.new" diff --git a/blobs/x220/extract.sh b/blobs/x220/extract.sh index 422924741..812d51664 100755 --- a/blobs/x220/extract.sh +++ b/blobs/x220/extract.sh @@ -55,10 +55,9 @@ cp "$FILE" $bioscopy cd "$extractdir" $IFDTOOL -x $bioscopy cp "$extractdir/flashregion_3_gbe.bin" "$BLOBDIR/gbe.bin" -$MECLEAN -O "$BLOBDIR/me.bin" -r -t "$extractdir/flashregion_2_intel_me.bin" +$MECLEAN -r -t -d -O /tmp/unneeded.bin -D "$BLOBDIR/ifd.bin" -M "$BLOBDIR/me.bin" "$extractdir/flashregion_2_intel_me.bin" $IFDTOOL -n "$BLOBDIR/layout.txt" $bioscopy $IFDTOOL -x $bioscopy.new -cp "$extractdir/flashregion_0_flashdescriptor.bin" "$BLOBDIR/ifd.bin" rm "$bioscopy" rm "$bioscopy.new" From 315eb5c435f6f4275b80a07a1bc480c2b62397ac Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 4 Nov 2020 13:11:25 -0500 Subject: [PATCH 02/11] t420 blobs: adapt extract.sh script to export modified ifd with freed space assigned to BIOS region from freed ME region. TODO: adapt #830 consequently. --- blobs/t420/extract.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blobs/t420/extract.sh b/blobs/t420/extract.sh index 883c434a2..812d51664 100755 --- a/blobs/t420/extract.sh +++ b/blobs/t420/extract.sh @@ -55,7 +55,7 @@ cp "$FILE" $bioscopy cd "$extractdir" $IFDTOOL -x $bioscopy cp "$extractdir/flashregion_3_gbe.bin" "$BLOBDIR/gbe.bin" -$MECLEAN -r -t -d -O /tmp/unneeded.bin -D "$BLOBDIR/ifd.bin" -M "$BLOBDIR/me.bin" "$extractdir/flashregion_2_intel_me.bin" +$MECLEAN -r -t -d -O /tmp/unneeded.bin -D "$BLOBDIR/ifd.bin" -M "$BLOBDIR/me.bin" "$extractdir/flashregion_2_intel_me.bin" $IFDTOOL -n "$BLOBDIR/layout.txt" $bioscopy $IFDTOOL -x $bioscopy.new From f559c82d0f097a3c20c6033d7d8cedfa841649b0 Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Fri, 27 Nov 2020 22:21:40 -0500 Subject: [PATCH 03/11] boards: use depricated x220 coreboot-config --- boards/x220/x220.config | 2 +- .../{coreboot-x220.config => coreboot-x220-deprecated.config} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename config/{coreboot-x220.config => coreboot-x220-deprecated.config} (100%) diff --git a/boards/x220/x220.config b/boards/x220/x220.config index ffa8f5ba0..d0b1af495 100644 --- a/boards/x220/x220.config +++ b/boards/x220/x220.config @@ -3,7 +3,7 @@ export CONFIG_COREBOOT=y export CONFIG_COREBOOT_VERSION=4.8.1 export CONFIG_LINUX_VERSION=4.14.62 -CONFIG_COREBOOT_CONFIG=config/coreboot-x220.config +CONFIG_COREBOOT_CONFIG=config/coreboot-x220-deprecated.config CONFIG_LINUX_CONFIG=config/linux-x230.config CONFIG_CRYPTSETUP=y diff --git a/config/coreboot-x220.config b/config/coreboot-x220-deprecated.config similarity index 100% rename from config/coreboot-x220.config rename to config/coreboot-x220-deprecated.config From 66c2c3c593d397ddf0638428b22d9d76da2739cb Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Fri, 27 Nov 2020 22:22:09 -0500 Subject: [PATCH 04/11] boards: use depricated t420 coreboot-config --- boards/t420/t420.config | 2 +- .../{coreboot-t420.config => coreboot-t420-deprecated.config} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename config/{coreboot-t420.config => coreboot-t420-deprecated.config} (100%) diff --git a/boards/t420/t420.config b/boards/t420/t420.config index 4a8a0b12b..e70cc64ff 100644 --- a/boards/t420/t420.config +++ b/boards/t420/t420.config @@ -3,7 +3,7 @@ export CONFIG_COREBOOT=y export CONFIG_COREBOOT_VERSION=4.8.1 export CONFIG_LINUX_VERSION=4.14.62 -CONFIG_COREBOOT_CONFIG=config/coreboot-t420.config +CONFIG_COREBOOT_CONFIG=config/coreboot-t420-deprecated.config CONFIG_LINUX_CONFIG=config/linux-x230.config CONFIG_CRYPTSETUP=y diff --git a/config/coreboot-t420.config b/config/coreboot-t420-deprecated.config similarity index 100% rename from config/coreboot-t420.config rename to config/coreboot-t420-deprecated.config From a345015cc3e7939b56be4c721c6120e95dec8d60 Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Fri, 27 Nov 2020 22:31:53 -0500 Subject: [PATCH 05/11] blobs: add blobs/xx20 --- blobs/xx20/download_parse_me.sh | 35 ++ blobs/xx20/gbe.bin | Bin 0 -> 8192 bytes blobs/xx20/hashes.txt | 3 + blobs/xx20/ifd.bin | Bin 0 -> 4096 bytes blobs/xx20/layout.txt | 4 + blobs/xx20/me7_update_parser.py | 616 ++++++++++++++++++++++++++++++++ blobs/xx20/readme.md | 59 +++ 7 files changed, 717 insertions(+) create mode 100755 blobs/xx20/download_parse_me.sh create mode 100644 blobs/xx20/gbe.bin create mode 100644 blobs/xx20/hashes.txt create mode 100644 blobs/xx20/ifd.bin create mode 100644 blobs/xx20/layout.txt create mode 100644 blobs/xx20/me7_update_parser.py create mode 100644 blobs/xx20/readme.md diff --git a/blobs/xx20/download_parse_me.sh b/blobs/xx20/download_parse_me.sh new file mode 100755 index 000000000..ff6bee9f1 --- /dev/null +++ b/blobs/xx20/download_parse_me.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +BLOBDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +FINAL_ME_BIN_SHA256SUM="1eef6716aa61dd844d58eca15a85faa1bf5f82715defd30bd3373e79ca1a3339 $BLOBDIR/me.bin" +ME_EXE_SHA256SUM="48f18d49f3c7c79fa549a980f14688bc27c18645f64d9b6827a15ef5c547d210 83rf46ww.exe" +ME7_5M_UPD_PRODUCTION_SHA256SUM="760b0776b99ba94f56121d67c1f1226c77f48bd3b0799e1357a51842c79d3d36 app/ME7_5M_UPD_Production.bin" + + +echo "### Creating temp dir" +extractdir=$(mktemp -d) +cd "$extractdir" + +echo "### Downloading https://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles/83rf46ww.exe..." +wget https://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles/83rf46ww.exe || ( echo "ERROR: wget not found" && exit 1 ) +echo "### Verifying expected hash of 83rf46ww.exe" +echo "$ME_EXE_SHA256SUM" | sha256sum --check || ( echo "Failed sha256sum verification on downloaded binary..." && exit 1 ) + + +echo "### Extracting 83rf46ww.exe..." +innoextract -I app/ME7_5M_UPD_Production.bin 83rf46ww.exe || ( echo "Failed calling innoextract. Tool installed on host?" && exit 1) +echo "### Verifying expected hash of app/ME7_5M_UPD_Production.bin" +echo "$ME7_5M_UPD_PRODUCTION_SHA256SUM" | sha256sum --check || ( echo "Failed sha256sum verification on extracted binary..." && exit 1 ) + + +echo "###Generating neuter+deactivate+maximize reduction of ME on $bioscopy, outputting minimized ME under $BLOBDIR/me.bin... " +python3 "$BLOBDIR/me7_update_parser.py" -O "$BLOBDIR/me.bin" app/ME7_5M_UPD_Production.bin || ( echo "Failed to generate ME binary..." && exit 1 ) + +echo "### Verifying expected hash of me.bin" +echo "$FINAL_ME_BIN_SHA256SUM" | sha256sum --check || ( echo "Failed sha256sum verification on final binary..." && exit 1 ) + + +echo "###Cleaning up..." +cd - +rm -r "$extractdir" diff --git a/blobs/xx20/gbe.bin b/blobs/xx20/gbe.bin new file mode 100644 index 0000000000000000000000000000000000000000..0c9dfa1df053c351547cf46596df7cab4c9e8500 GIT binary patch literal 8192 zcmeI#F$%&k6vpw-6lsSJrII@oU3!E!-0)5t^vFN47m21kbJ3=A`o#p{?M zJSHGDSo}k(J3u}lRnMsU(GVC7fzc2c4S~@R7!85Z5Eu=C(GVC7fuRushZMvaSQS_m z-aA0({i@y!yb8Pu@*WHfq6(r43WX5yLvdnIbr4#i5Xv`z$PW$Q;& +# Copyright (C) 2016-2018 Nicola Corna +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# + +# Based on the amazing me_cleaner, https://github.com/corna/me_cleaner, parses +# the required signed partition from an ME update file to generate a valid +# flashable ME binary. +# +# This was written for Heads ROM, https://github.com/osresearch/heads +# to allow continuous integration reproducible builds for Lenovo xx20 models +# (X220, T420, T520, etc). +# +# A full model list can be found: +# https://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles/83rf46ww.txt + + +from struct import pack, unpack +from typing import List +import argparse +import sys +import hashlib +import binascii +import os.path + +############################################################################# + +FTPR_END = 0x76000 +MINIFIED_FTPR_OFFSET = 0x400 # offset start of Factory Partition (FTPR) +ORIG_FTPR_OFFSET = 0xCC000 +PARTITION_HEADER_OFFSET = 0x30 # size of partition header + +DEFAULT_OUTPUT_FILE_NAME = "flashregion_2_intel_me.bin" + +############################################################################# + + +class EntryFlags: + """EntryFlag bitmap values.""" + + ExclBlockUse = 8192 + WOPDisable = 4096 + Logical = 2048 + Execute = 1024 + Write = 512 + Read = 256 + DirectAccess = 128 + Type = 64 + + +def generateHeader() -> bytes: + """Generate Header.""" + ROM_BYPASS_INSTR_0 = binascii.unhexlify("2020800F") + ROM_BYPASS_INSTR_1 = binascii.unhexlify("40000010") + ROM_BYPASS_INSTR_2 = pack(" bytes: + """Partition table entry.""" + ENTRY_NAME = binascii.unhexlify("46545052") + ENTRY_OWNER = binascii.unhexlify("FFFFFFFF") # "None" + ENTRY_OFFSET = binascii.unhexlify("00040000") + ENTRY_LENGTH = binascii.unhexlify("00600700") + ENTRY_START_TOKENS = pack(" bytes: + """Copy data of a given size from FTPR starting from offset.""" + offset_end = offset + size + return self.ftpr[offset:offset_end] + + def unpack_next_int(self, offset: int) -> int: + """Sugar syntax for unpacking a little-endian UINT at offset.""" + return self.unpack_val(self.slice(offset, 4)) + + def unpack_val(self, data: bytes) -> int: + """Sugar syntax for unpacking a little-endian unsigned integer.""" + return unpack(" str: + """Decode bytes into ASCII.""" + return data.rstrip(b"\x00").decode("ascii") + + def clear_ftpr_data(self, start: int, end: int) -> None: + """Replace values in range with 0xFF.""" + empty_data = bytes() + + for i in range(0, end - start): + empty_data += b"\xff" + self.write_ftpr_data(start, empty_data) + + def write_ftpr_data(self, start: int, data: bytes) -> None: + """Replace data in FTPR starting at a given offset.""" + end = len(data) + start + + new_partition = self.ftpr[:start] + new_partition += data + + if end != FTPR_END: + new_partition += self.ftpr[end:] + + self.ftpr = new_partition + + ###################################################################### + # FTPR cleanig/checking functions + ###################################################################### + def get_chunks_offsets(self, llut: bytes): + """Calculate Chunk offsets from LLUT.""" + chunk_count = self.unpack_val(llut[0x04:0x08]) + huffman_stream_end = sum(unpack(" int: + """Relocate partition.""" + new_offset = MINIFIED_FTPR_OFFSET + name = self.bytes_to_ascii(self.slice(PARTITION_HEADER_OFFSET, 4)) + + old_offset, partition_size = unpack( + "> 4) & 7 == 0x01: + llut_start = self.unpack_val(mod_header[0x38:0x3C]) + llut_start += old_offset + break + + if self.mod_headers and llut_start != 0: + # Bytes 0x9:0xb of the LLUT (bytes 0x1:0x3 of the AddrBase) are + # added to the SpiBase (bytes 0xc:0x10 of the LLUT) to compute the + # final start of the LLUT. Since AddrBase is not modifiable, we can + # act only on SpiBase and here we compute the minimum allowed + # new_offset. + llut_start_corr = unpack(" int: + """Remove modules.""" + unremovable_huff_chunks = [] + chunks_offsets = [] + base = 0 + chunk_size = 0 + end_addr = 0 + + for mod_header in self.mod_headers: + name = self.bytes_to_ascii(mod_header[0x04:0x14]) + offset = self.unpack_val(mod_header[0x38:0x3C]) + size = self.unpack_val(mod_header[0x40:0x44]) + flags = self.unpack_val(mod_header[0x50:0x54]) + comp_type = (flags >> 4) & 7 + comp_type_name = self.COMPRESSION_TYPE_NAME[comp_type] + + print(" {:<16} ({:<7}, ".format(name, comp_type_name), end="") + + # If compresion type uncompressed or LZMA + if comp_type == 0x00 or comp_type == 0x02: + offset_end = offset + size + range_msg = "0x{:06x} - 0x{:06x} ): " + print(range_msg.format(offset, offset_end), end="") + + if name in self.UNREMOVABLE_MODULES: + end_addr = max(end_addr, offset + size) + print("NOT removed, essential") + else: + offset_end = min(offset + size, FTPR_END) + self.clear_ftpr_data(offset, offset_end) + print("removed") + + # Else if compression type huffman + elif comp_type == 0x01: + if not chunks_offsets: + # Check if Local Look Up Table (LLUT) is present + if self.slice(offset, 4) == b"LLUT": + llut = self.slice(offset, 0x40) + + chunk_count = self.unpack_val(llut[0x4:0x8]) + base = self.unpack_val(llut[0x8:0xC]) + 0x10000000 + chunk_size = self.unpack_val(llut[0x30:0x34]) + + llut = self.slice(offset, (chunk_count * 4) + 0x40) + + # calculate offsets of chunks from LLUT + chunks_offsets = self.get_chunks_offsets(llut) + else: + no_llut_msg = "Huffman modules found," + no_llut_msg += "but LLUT is not present." + sys.exit(no_llut_msg) + + module_base = self.unpack_val(mod_header[0x34:0x38]) + module_size = self.unpack_val(mod_header[0x3C:0x40]) + first_chunk_num = (module_base - base) // chunk_size + last_chunk_num = first_chunk_num + module_size // chunk_size + huff_size = 0 + + chunk_length = last_chunk_num + 1 + for chunk in chunks_offsets[first_chunk_num:chunk_length]: + huff_size += chunk[1] - chunk[0] + + size_in_kiB = "~" + str(int(round(huff_size / 1024))) + " KiB" + print( + "fragmented data, {:<9}): ".format(size_in_kiB), + end="", + ) + + # Check if module is in the unremovable list + if name in self.UNREMOVABLE_MODULES: + print("NOT removed, essential") + + # add to list of unremovable chunks + for x in chunks_offsets[first_chunk_num:chunk_length]: + if x[0] != 0: + unremovable_huff_chunks.append(x) + else: + print("removed") + + # Else unknown compression type + else: + unkwn_comp_msg = " 0x{:06x} - 0x{:06x}): " + unkwn_comp_msg += "unknown compression, skipping" + print(unkwn_comp_msg.format(offset, offset + size), end="") + + if chunks_offsets: + removable_huff_chunks = [] + + for chunk in chunks_offsets: + # if chunk is not in a unremovable chunk, it must be removable + if all( + not ( + unremovable_chk[0] <= chunk[0] < unremovable_chk[1] + or unremovable_chk[0] < chunk[1] <= unremovable_chk[1] + ) + for unremovable_chk in unremovable_huff_chunks + ): + removable_huff_chunks.append(chunk) + + for removable_chunk in removable_huff_chunks: + if removable_chunk[1] > removable_chunk[0]: + chunk_start = removable_chunk[0] - ORIG_FTPR_OFFSET + chunk_end = removable_chunk[1] - ORIG_FTPR_OFFSET + self.clear_ftpr_data(chunk_start, chunk_end) + + end_addr = max( + end_addr, max(unremovable_huff_chunks, key=lambda x: x[1])[1] + ) + end_addr -= ORIG_FTPR_OFFSET + + return end_addr + + def find_mod_header_size(self) -> None: + """Find module header size.""" + self.mod_header_size = 0 + data = self.slice(0x290, 0x84) + + # check header size + if data[0x0:0x4] == b"$MME": + if data[0x60:0x64] == b"$MME" or self.num_modules == 1: + self.mod_header_size = 0x60 + elif data[0x80:0x84] == b"$MME": + self.mod_header_size = 0x80 + + def find_mod_headers(self) -> None: + """Find module headers.""" + data = self.slice(0x290, self.mod_header_size * self.num_modules) + + for i in range(0, self.num_modules): + header_start = i * self.mod_header_size + header_end = (i + 1) * self.mod_header_size + self.mod_headers.append(data[header_start:header_end]) + + def resize_partition(self, end_addr: int) -> None: + """Resize partition.""" + spared_blocks = 4 + if end_addr > 0: + end_addr = (end_addr // 0x1000 + 1) * 0x1000 + end_addr += spared_blocks * 0x1000 + + # partition header not added yet + # remove trailing data the same size as the header. + end_addr -= MINIFIED_FTPR_OFFSET + + me_size_msg = "The ME minimum size should be {0} " + me_size_msg += "bytes ({0:#x} bytes)" + print(me_size_msg.format(end_addr)) + print("Truncating file at {:#x}...".format(end_addr)) + self.ftpr = self.ftpr[:end_addr] + + def check_and_clean_ftpr(self) -> None: + """Check and clean FTPR (factory partition).""" + self.num_modules = self.unpack_next_int(0x20) + self.find_mod_header_size() + + if self.mod_header_size != 0: + self.find_mod_headers() + + # ensure all of the headers begin with b'$MME' + if all(hdr.startswith(b"$MME") for hdr in self.mod_headers): + end_addr = self.remove_modules() + new_offset = self.relocate_partition() + end_addr += new_offset + + self.resize_partition(end_addr) + + # flip bit + # XXX: I have no idea why this works and passes RSA signiture + self.write_ftpr_data(0x39, b"\x00") + else: + sys.exit( + "Found less modules than expected in the FTPR " + "partition; skipping modules removal and exiting." + ) + else: + sys.exit( + "Can't find the module header size; skipping modules" + "removal and exiting." + ) + + +########################################################################## + + +def check_partition_signature(f, offset) -> bool: + """check_partition_signature copied/shamelessly stolen from me_cleaner.""" + f.seek(offset) + header = f.read(0x80) + modulus = int(binascii.hexlify(f.read(0x100)[::-1]), 16) + public_exponent = unpack(" None: + """Generate ME blob.""" + print("Starting ME 7.x Update parser.") + + orig_f = open(input_file, "rb") + cleaned_ftpr = clean_ftpr(orig_f.read(FTPR_END)) + orig_f.close() + + fo = open(output_file, "wb") + fo.write(generateHeader()) + fo.write(generateFtpPartition()) + fo.write(cleaned_ftpr.ftpr) + fo.close() + + +def verify_output(output_file: str) -> None: + """Verify Generated ME file.""" + file_verifiy = open(output_file, "rb") + + if check_partition_signature(file_verifiy, MINIFIED_FTPR_OFFSET): + print(output_file + " is VALID") + file_verifiy.close() + else: + print(output_file + " is INVALID!!") + file_verifiy.close() + sys.exit("The FTPR partition signature is not valid.") + + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Tool to remove as much code " + "as possible from Intel ME/TXE 7.x firmware " + "update and create paratition for a flashable ME parition." + ) + + +parser.add_argument("file", help="ME/TXE image or full dump") +parser.add_argument( + "-O", + "--output", + metavar="output_file", + help="save " + "save file name other than the default '" + DEFAULT_OUTPUT_FILE_NAME + "'", +) + +args = parser.parse_args() + +output_file_name = DEFAULT_OUTPUT_FILE_NAME if not args.output else args.output + +# Check if output file exists, ask to overwrite or exit +if os.path.isfile(output_file_name): + input_msg = output_file_name + input_msg += " exists. Do you want to overwrite? [y/N]: " + if not str(input(input_msg)).lower().startswith("y"): + sys.exit("Not overwriting file. Exiting.") + +generate_me_blob(args.file, output_file_name) +verify_output(output_file_name) diff --git a/blobs/xx20/readme.md b/blobs/xx20/readme.md new file mode 100644 index 000000000..001ed5c52 --- /dev/null +++ b/blobs/xx20/readme.md @@ -0,0 +1,59 @@ +To build for X220 we need to have the following files in this folder: +* `me.bin` - ME binary that has been stripped and truncated with me7_update_parser +* `gbe.bin` - Network card blob from the original firmware +* `ifd.bin` - Flash layout file has been provided as text + +The ME blobs dumped in this directory come from the following link: https://pcsupport.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x220/downloads/driver-list/component?name=Chipset + +This provides latest ME version 7.1.91.3272, for which only the BUP region will be kept as non-removable: +Here is what Lenovo provides as a Summary of Changes: +<7.1.91.3272> (83RF46WW) +- (Fix) Fixed CVE-2017-5689: Escalation of privilege vulnerability in Intel(R) + Active Management Technology (AMT), Intel(R) Standard Manageability + (ISM), and Intel(R) Small Business Technology. + + +1.0:Automatically extract and neuter me update then add partition table to me.bin +download_parse_me.sh : Downloads latest ME update from lenovo verify checksum, extract ME, neuters ME, add partition table relocate and trim it and place it into me.bin + +sha256sum: +1eef6716aa61dd844d58eca15a85faa1bf5f82715defd30bd3373e79ca1a3339 blobs/xx20/me.bin + + +1.1: Manually generating blobs +-------------------- +Manually generate me.bin: +You can arrive to the same result of the following me.bin by doing the following manually: +wget https://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles/83rf46ww.exe && innoextract 83rf46ww.exe && python3 blobs/xx20/me7_update_parser.py -O blobs/xx20/me.bin app/ME7_5M_UPD_Production.bin + +sha256sums: +48f18d49f3c7c79fa549a980f14688bc27c18645f64d9b6827a15ef5c547d210 83rf46ww.exe +760b0776b99ba94f56121d67c1f1226c77f48bd3b0799e1357a51842c79d3d36 app/ME7_5M_UPD_Production.bin +1eef6716aa61dd844d58eca15a85faa1bf5f82715defd30bd3373e79ca1a3339 blobs/xx20/me.bin + +ifd.bin is from an X220 and already ME partition resided to the new minimized size. The layout.txt has these updated sized and can be used with ifdtool to modify partition if needed. + +sha256sum: +c96d19bbf5356b2b827e1ef52d79d0010884bfc889eab48835e4af9a634d129b ifd.bin + +ls -al blobs/xx20/*.bin +-rw-r--r-- 1 tom users 8192 Nov 23 18:40 gbe.bin +-rw-r--r-- 1 tom users 4096 Nov 23 18:58 ifd.bin +-rw-r--r-- 1 tom users 86016 Nov 26 17:04 me.bin + +Manually regenerate gbe.bin: +blobs/x220/gbe.bin is generated per bincfg from the following coreboot patch: https://review.coreboot.org/c/coreboot/+/44510 +And then by following those instructions: +# Use this target to generate GbE for X220/x230 +gen-gbe-82579LM: + cd build/coreboot-4.8.1/util/bincfg/ + make + ./bincfg gbe-82579LM.spec gbe-82579LM.set gbe1.bin + # duplicate binary as per spec + cat gbe1.bin gbe1.bin > ../../../../blobs/xx20/gbe.bin + rm -f gbe1.bin + cd - + +sha256sum: +9f72818e23290fb661e7899c953de2eb4cea96ff067b36348b3d061fd13366e5 blobs/xx20/gbe.bin +------------------------ From b04a0a8fc4b2c56e63a92025d81fa84513d2c89f Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Fri, 27 Nov 2020 22:35:24 -0500 Subject: [PATCH 06/11] boards: add 220-external-flash --- boards/x220-external-flash/x220.config | 67 ++++++++++++++++++++++++++ config/coreboot-x220.config | 24 +++++++++ 2 files changed, 91 insertions(+) create mode 100644 boards/x220-external-flash/x220.config create mode 100644 config/coreboot-x220.config diff --git a/boards/x220-external-flash/x220.config b/boards/x220-external-flash/x220.config new file mode 100644 index 000000000..064a18384 --- /dev/null +++ b/boards/x220-external-flash/x220.config @@ -0,0 +1,67 @@ +# Configuration for a X220 running Qubes and other Linux Based OSes (through kexec) +# +# Includes +# - Deactivated+neutered ME and expended consequent IFD BIOS regions +# - Forged 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx20/extract.sh) +# - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set +# +# - Includes NKSTORECLI to support Nitrokey Storage administrative tool +# - Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code from +export CONFIG_COREBOOT=y +export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_LINUX_VERSION=4.14.62 + +CONFIG_COREBOOT_CONFIG=config/coreboot-x220.config +CONFIG_LINUX_CONFIG=config/linux-x230.config + +#Additional hardware support +CONFIG_LINUX_USB=y +CONFIG_LINUX_E1000E=y + +CONFIG_CRYPTSETUP=y +CONFIG_FLASHROM=y +CONFIG_FLASHTOOLS=y +CONFIG_GPG2=y +CONFIG_KEXEC=y +CONFIG_UTIL_LINUX=y +CONFIG_LVM2=y +CONFIG_MBEDTLS=y +CONFIG_PCIUTILS=y + +#Remote attestation support +#TPM based requirements +export CONFIG_TPM=y +CONFIG_POPT=y +CONFIG_QRENCODE=y +CONFIG_TPMTOTP=y +#HOTP based remote attestation for supported USB Security dongle +#With/Without TPM support +CONFIG_HOTPKEY=y + +#Nitrokey Storage admin tool +CONFIG_NKSTORECLI=y + +#GUI Support +#Console based Whiptail support(Console based, no FB): +#CONFIG_SLANG=y +#CONFIG_NEWT=y +#FBWhiptail based (Graphical): +CONFIG_CAIRO=y +CONFIG_FBWHIPTAIL=y + +#Additional tools: +#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E) +CONFIG_DROPBEAR=y + +export CONFIG_BOOTSCRIPT=/bin/gui-init +export CONFIG_BOOT_REQ_HASH=n +export CONFIG_BOOT_REQ_ROLLBACK=n +export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off" +export CONFIG_BOOT_KERNEL_REMOVE="quiet" +export CONFIG_BOOT_DEV="/dev/sda1" +export CONFIG_BOARD_NAME="ThinkPad X220" +export CONFIG_FLASHROM_OPTIONS="--force --noverify-all -p internal:ich_spi_mode=hwseq" + +# xx20 boards require of you initially call one of the following to habe gbe.bin ifd.bin and me.bin +# - blobs/xx20/download_parse_me.sh +# To download Lenovo update ME binary, neuter+deactivate ME, produce reduced IFD ME region and expended BIOS IFD region. diff --git a/config/coreboot-x220.config b/config/coreboot-x220.config new file mode 100644 index 000000000..341f5e8b4 --- /dev/null +++ b/config/coreboot-x220.config @@ -0,0 +1,24 @@ +CONFIG_ANY_TOOLCHAIN=y +# CONFIG_INCLUDE_CONFIG_FILE is not set +# CONFIG_COLLECT_TIMESTAMPS is not set +CONFIG_USE_BLOBS=y +CONFIG_MEASURED_BOOT=y +CONFIG_VENDOR_LENOVO=y +CONFIG_CBFS_SIZE=0x750000 +CONFIG_ONBOARD_VGA_IS_PRIMARY=y +CONFIG_HAVE_IFD_BIN=y +CONFIG_HAVE_ME_BIN=y +CONFIG_HAVE_GBE_BIN=y +CONFIG_IFD_BIN_PATH="../../blobs/xx20/ifd.bin" +CONFIG_ME_BIN_PATH="../../blobs/xx20/me.bin" +CONFIG_BOARD_LENOVO_X220=y +CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_NO_POST=y +CONFIG_GBE_BIN_PATH="../../blobs/xx20/gbe.bin" +#CONFIG_DEBUG_TPM=y +CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 +CONFIG_PAYLOAD_LINUX=y +CONFIG_PAYLOAD_FILE="../../build/x220/bzImage" +CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet loglevel=3" +CONFIG_LINUX_INITRD="../../build/x220/initrd.cpio.xz" +CONFIG_DEBUG_SMM_RELOCATION=y From a1826272e9f56fca28d2a2d9d13f49ea543b529c Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Fri, 27 Nov 2020 22:35:50 -0500 Subject: [PATCH 07/11] boards: add t420-external-flash --- boards/t420-external-flash/t420.config | 67 ++++++++++++++++++++++++++ config/coreboot-t420.config | 24 +++++++++ 2 files changed, 91 insertions(+) create mode 100644 boards/t420-external-flash/t420.config create mode 100644 config/coreboot-t420.config diff --git a/boards/t420-external-flash/t420.config b/boards/t420-external-flash/t420.config new file mode 100644 index 000000000..7468debfc --- /dev/null +++ b/boards/t420-external-flash/t420.config @@ -0,0 +1,67 @@ +# Configuration for a T420 running Qubes and other Linux Based OSes (through kexec) +# +# Includes +# - Deactivated+neutered ME and expended consequent IFD BIOS regions +# - Forged 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx20/extract.sh) +# - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set +# +# - Includes NKSTORECLI to support Nitrokey Storage administrative tool +# - Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code from +export CONFIG_COREBOOT=y +export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_LINUX_VERSION=4.14.62 + +CONFIG_COREBOOT_CONFIG=config/coreboot-t420.config +CONFIG_LINUX_CONFIG=config/linux-x230.config + +#Additional hardware support +CONFIG_LINUX_USB=y +CONFIG_LINUX_E1000E=y + +CONFIG_CRYPTSETUP=y +CONFIG_FLASHROM=y +CONFIG_FLASHTOOLS=y +CONFIG_GPG2=y +CONFIG_KEXEC=y +CONFIG_UTIL_LINUX=y +CONFIG_LVM2=y +CONFIG_MBEDTLS=y +CONFIG_PCIUTILS=y + +#Remote attestation support +#TPM based requirements +export CONFIG_TPM=y +CONFIG_POPT=y +CONFIG_QRENCODE=y +CONFIG_TPMTOTP=y +#HOTP based remote attestation for supported USB Security dongle +#With/Without TPM support +CONFIG_HOTPKEY=y + +#Nitrokey Storage admin tool +CONFIG_NKSTORECLI=y + +#GUI Support +#Console based Whiptail support(Console based, no FB): +#CONFIG_SLANG=y +#CONFIG_NEWT=y +#FBWhiptail based (Graphical): +CONFIG_CAIRO=y +CONFIG_FBWHIPTAIL=y + +#Additional tools: +#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E) +CONFIG_DROPBEAR=y + +export CONFIG_BOOTSCRIPT=/bin/gui-init +export CONFIG_BOOT_REQ_HASH=n +export CONFIG_BOOT_REQ_ROLLBACK=n +export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off" +export CONFIG_BOOT_KERNEL_REMOVE="quiet" +export CONFIG_BOOT_DEV="/dev/sda1" +export CONFIG_BOARD_NAME="ThinkPad T420" +export CONFIG_FLASHROM_OPTIONS="--force --noverify-all -p internal:ich_spi_mode=hwseq" + +# xx20 boards require of you initially call one of the following to habe gbe.bin ifd.bin and me.bin +# - blobs/xx20/download_parse_me.sh +# To download Lenovo update ME binary, neuter+deactivate ME, produce reduced IFD ME region and expended BIOS IFD region. diff --git a/config/coreboot-t420.config b/config/coreboot-t420.config new file mode 100644 index 000000000..e572f64ea --- /dev/null +++ b/config/coreboot-t420.config @@ -0,0 +1,24 @@ +CONFIG_ANY_TOOLCHAIN=y +# CONFIG_INCLUDE_CONFIG_FILE is not set +# CONFIG_COLLECT_TIMESTAMPS is not set +CONFIG_USE_BLOBS=y +CONFIG_MEASURED_BOOT=y +CONFIG_VENDOR_LENOVO=y +CONFIG_CBFS_SIZE=0x750000 +CONFIG_ONBOARD_VGA_IS_PRIMARY=y +CONFIG_HAVE_IFD_BIN=y +CONFIG_HAVE_ME_BIN=y +CONFIG_HAVE_GBE_BIN=y +CONFIG_IFD_BIN_PATH="../../blobs/xx20/ifd.bin" +CONFIG_ME_BIN_PATH="../../blobs/xx20/me.bin" +CONFIG_BOARD_LENOVO_T420=y +CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_NO_POST=y +CONFIG_GBE_BIN_PATH="../../blobs/xx20/gbe.bin" +CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 +CONFIG_DEFAULT_CONSOLE_LOGLEVEL_5=y +CONFIG_PAYLOAD_LINUX=y +CONFIG_PAYLOAD_FILE="../../build/t420/bzImage" +CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet loglevel=3" +CONFIG_LINUX_INITRD="../../build/t420/initrd.cpio.xz" +CONFIG_DEBUG_SMM_RELOCATION=y From 052a8e9bf781bd1f11bf9cfd330a720cf78d16ef Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Fri, 27 Nov 2020 22:38:25 -0500 Subject: [PATCH 08/11] patch: coreboot-4.8.1 bincfg-Intel_GBE_82579LM_set_and_spec --- ...incfg-Intel_GBE_82579LM_set_and_spec.patch | 471 ++++++++++++++++++ 1 file changed, 471 insertions(+) create mode 100644 patches/coreboot-4.8.1/0061-bincfg-Intel_GBE_82579LM_set_and_spec.patch diff --git a/patches/coreboot-4.8.1/0061-bincfg-Intel_GBE_82579LM_set_and_spec.patch b/patches/coreboot-4.8.1/0061-bincfg-Intel_GBE_82579LM_set_and_spec.patch new file mode 100644 index 000000000..490318bf9 --- /dev/null +++ b/patches/coreboot-4.8.1/0061-bincfg-Intel_GBE_82579LM_set_and_spec.patch @@ -0,0 +1,471 @@ +diff --git a/util/bincfg/Makefile b/util/bincfg/Makefile +index 1b3e936..f568e67 100644 +--- a/util/bincfg/Makefile ++++ b/util/bincfg/Makefile + +@@ -19,6 +19,13 @@ + cat gbe1.bin gbe1.bin > flashregion_3_gbe.bin + rm -f gbe1.bin + ++# Use this target to generate GbE for X220/x230 ++gen-gbe-82579LM: ++ ./bincfg gbe-82579LM.spec gbe-82579LM.set gbe1.bin ++ # duplicate binary as per spec ++ cat gbe1.bin gbe1.bin > flashregion_3_gbe.bin ++ rm -f gbe1.bin ++ + # Use this target to generate IFD for X200 + gen-ifd-x200: + ./bincfg ifd-x200.spec ifd-x200.set flashregion_0_fd.bin + +diff --git a/util/bincfg/gbe-82579LM.set b/util/bincfg/gbe-82579LM.set +new file mode 100644 +index 0000000..01ae470 +--- /dev/null ++++ b/util/bincfg/gbe-82579LM.set + +@@ -0,0 +1,288 @@ ++# SPDX-License-Identifier: GPL-3.0-or-later ++ ++# ++# Datasheets: ++# ++# https://cdrdv2.intel.com/v1/dl/getContent/613456 ++ ++# The datasheet says that this spec covers the following pci ids: ++# 8086:1502 - Intel 82579LM gigabit ethernet controller ++# 8086:1503 - Intel 82579V gigabit ethernet controller ++ ++# Naming convention ++# * Word groups separated by a blank line ++# * Word groups with known meaning given a prefix ++# * prefix will be defined in comment before group ++# * Variable names to be named using a prefix, descriptive name and bit offset ++# within the word, separated by an underscore. ++# * Example: "prefix_description_0" ++# * Unidentified reserved word groups will be named reserved and LAN Word ++# * EXCEPTION: Word 0x24, Word 0x25, Word 0x26 also include bit offset ++# within the word ++# Offset hex address, separated by an underscore. ++# * Example: "reserved_x03" ++# * Nonprefixed names will be named reserved and LAN Word Offset hex address, ++# separated by an underscore. ++# * Example: "imageversioninfo_x05" ++# * Unspecified words are prefixed with "offset_" ++ ++# GbE values for 82579LM ++{ ++ # This example sets MAC address to 00:DE:AD:C0:FF:EE ++ # USE YOUR DEVICES MAC ADDRESS!! ++ # prefix: "mac_" ++ "mac_address_0" = 0x00, ++ "mac_address_1" = 0xDE, ++ "mac_address_2" = 0xAD, ++ "mac_address_3" = 0xC0, ++ "mac_address_4" = 0xFF, ++ "mac_address_5" = 0xEE, ++ ++ # Reserved (Word 0x3) ++ "reserved_x03" = 0x0800, ++ ++ # Reserved (Word 0x04) ++ "reserved_x04" = 0xffff, ++ ++ # Image Version Information (Word 0x05) ++ "imageversioninfo_x05" = 0x00D3, ++ ++ "reserved_x06" = 0xffff, ++ "reserved_x07" = 0xffff, ++ ++ # PBA Low and PBA High (Words 0x08 and 0x09) ++ # prefix: "pba_" ++ "pba_low_x08" = 0xffff, ++ "pba_high_x09" = 0xffff, ++ ++ # PCI Init Control Word (Word 0x0A) ++ # prefix: "pci_" ++ "pci_loaddeviceid_0" = 1, ++ "pci_loadsubsystemid_1" = 1, ++ "pci_reserved_2" = 0, ++ "pci_reserved_3" = 0x0, ++ "pci_pmenable_6" = 1, ++ "pci_auxpwr_7" = 1, ++ "pci_reserved_8" = 0x10, ++ ++ # ************* Configurable PCI IDs **************** ++ # TODO: make command line switch for these ++ # Subsystem ID (Word 0x0B) ++ "subsystemid_x0B" = 0, ++ # Subsystem Vendor ID (Word 0x0C) ++ "subsystemvendorid_x0C" = 0x8086, ++ # Device ID (Word 0x0D) ++ # TODO: 82579V uses "deviceid_x0D" = 0x1503, ++ "deviceid_x0D" = 0x1502, ++ # ************* END Configurable PCI IDs **************** ++ ++ # Words 0x0E and 0x0F Are Reserved ++ "reserved_x0E" = 0x0, ++ "reserved_x0F" = 0x0, ++ ++ # LAN Power Consumption (Word 0x10) ++ # prefix: "lanpwr_" ++ "lanpwr_d3pwr_0" = 0x2, ++ "lanpwr_reserved_5" = 0, ++ "lanpwr_d0pwr_8" = 0x7, ++ ++ # Word 0x12 and Word 0x11 Are Reserved ++ "reserved_x11" = 0x0000, ++ "reserved_x12" = 0x0000, ++ ++ # Shared Init Control Word (Word 0x13) ++ # prefix: "sicw_" ++ "sicw_dynamicclock_0" = 1, ++ "sicw_clkcnt_1" = 0, ++ "sicw_reserved_2" = 1, ++ "sicw_fullduplex_3" = 0, ++ "sicw_forcespeed_4" = 0, ++ "sicw_reserved_5" = 0, ++ "sicw_phydeviceype_6" = 0, ++ "sicw_reserved_8" = 1, ++ "sicw_phy_enpwrdown_9" = 0, ++ "sicw_reserved_10" = 1, ++ "sicw_macsecdisable_13" = 1, ++ "sicw_sign_14" = 0x2, ++ ++ # Extended Configuration Word 1 (Word 0x14) ++ # prefix: "ecw1_" ++ "ecw1_extcfgptr_0" = 0x0028, ++ "ecw1_oemload_12" = 1, ++ "ecw1_phyload_13" = 1, ++ "ecw1_reserved_14" = 0, ++ ++ # Extended Configuration Word 2 (Word 0x15) ++ # prefix: "ecw2_" ++ "ecw2_reserved_0" = 0x00, ++ "ecw2_extphylen_8" = 0x12, ++ ++ # Extended Configuration Word 3 (Word 0x16) ++ # prefix: "ecw3_" ++ "ecw3_extcfg1_0" = 0x00, ++ ++ # OEM Configuration Defaults (Word 0x17) ++ # prefix: "oem_" ++ "oem_reserved_0" = 0x000, ++ "oem_lpluenind0a_9" = 0, ++ "oem_lplueninnond0a_10" = 1, ++ "oem_gbedisinnond0a_11" = 1, ++ "oem_reserved_12" = 0, ++ "oem_gbedis_14" = 0, ++ "oem_reserved_15" = 0, ++ ++ # LED 0 - 2 Configuration Defaults (Word 0x18) ++ # prefix: "l02_" ++ # Lenovo default values ++ "l02_led0mode_0" = 0x4, ++ "l02_led0invert_3" = 0, ++ "l02_led0blink_4" = 0, ++ "l02_led1mode_5" = 0x3, ++ "l02_led1invert_8" = 0, ++ "l02_led1blink_9" = 1, ++ "l02_led2mode_10" = 0x2, ++ "l02_led2invert_13" = 1, ++ "l02_led2blink_14" = 0, ++ "l02_blinkrate_15" = 0, ++ ++ # Intel default Values ++ #"l02_led0mode_0" = 0x4, ++ #"l02_led0invert_3" = 0, ++ #"l02_led0blink_4" = 1, ++ #"l02_led1mode_5" = 0x7, ++ #"l02_led1invert_8" = 0, ++ #"l02_led1blink_9" = 0, ++ #"l02_led2mode_10" = 0x6, ++ #"l02_led2invert_13" = 0, ++ #"l02_led2blink_14" = 0, ++ #"l02_blinkrate_15" = 0, ++ ++ ++ # Reserved (Word 0x19) ++ # NOTE: bit 6 must be 1 for validation. See datasheet. ++ "reserved_x19" = 0x2B40, ++ ++ # Reserved (Word 0x1A) ++ # Advanced Power Management Wake Up Enable ++ # prefix: "amp_" ++ "amp_enable_0" = 1, ++ "amp_reserved_1" = 0x0421, ++ ++ # Reserved (Word 0x1B) ++ "reserved_x1B" = 0x0113, ++ ++ # Reserved (Word 0x1C) ++ "reserved_x1C" = 0x1502, ++ ++ # Reserved (Word 0x1D) ++ "reserved_x1D" = 0xBAAD, ++ ++ # Reserved (Word 0x1E) ++ "reserved_x1E" = 0x1502, ++ ++ # Reserved (Word 0x1F) ++ "reserved_x1F" = 0x1503, ++ ++ # Reserved (Word 0x20) ++ "reserved_x20" = 0xBAAD, ++ ++ # Reserved (Word 0x21) ++ "reserved_x21" = 0xBAAD, ++ ++ # Reserved (Word 0x22) ++ "reserved_x22" = 0xBAAD, ++ ++ # Reserved (Word 0x23) ++ "reserved_x23" = 0x1502, ++ ++ # Reserved (Word 0x24) ++ "reserved_x24_0" = 0x0000, ++ "reserved_x24_14" = 0, ++ "reserved_x24_15" = 1, ++ ++ # Reserved (Word 0x25) ++ "reserved_x25_0" = 0x0000, ++ "reserved_x25_4" = 1, ++ "reserved_x25_5" = 0, ++ "reserved_x25_7" = 1, ++ "reserved_x25_8" = 0x00, ++ "reserved_x25_15" = 1, ++ ++ # Reserved (Word 0x26) ++ "reserved_x26_0" = 0x00, ++ "reserved_x26_9" = 1, ++ "reserved_x26_10" = 1, ++ "reserved_x26_11" = 1, ++ "reserved_x26_12" = 0, ++ "reserved_x26_14" = 1, ++ "reserved_x26_15" = 0, ++ ++ # Reserved (Word 0x27) ++ "reserved_x27" = 0x80, ++ ++ # Offsets 0x28-0x2F ++ "offset_x28" = 0x0000, ++ "offset_x29" = 0x0000, ++ "offset_x2A" = 0x0000, ++ "offset_x2B" = 0x0000, ++ "offset_x2C" = 0x0000, ++ "offset_x2D" = 0x0000, ++ "offset_x2E" = 0x0000, ++ "offset_x2F" = 0x0000, ++ ++ # Boot Agent Main Setup Options (Word 0x30) ++ # Hardcoded PXE setup (disabled) ++ # prefix: "pxe30_" ++ "pxe30_protocolsel_0" = 0, ++ "pxe30_reserved_2" = 0, ++ "pxe30_defbootsel_3" = 0x3, ++ "pxe30_reserved_5" = 0, ++ "pxe30_prompttime_6" = 0x3, ++ "pxe30_dispsetup_8" = 0, ++ "pxe30_reserved_9" = 0, ++ "pxe30_forcespeed_10" = 0, ++ "pxe30_forcefullduplex_12" = 0, ++ "pxe30_reserved_13" = 0, ++ "pxe30_reserved_14" = 0, ++ ++ # Boot Agent Configuration Customization Options (Word 0x31) ++ # prefix: "pxe31_" ++ "pxe31_disablemenu_0" = 1, ++ "pxe31_disabletitle_1" = 1, ++ "pxe31_disableprotsel_2" = 0, ++ "pxe31_disbootorder_3" = 0, ++ "pxe31_dislegacywak_4" = 0, ++ "pxe31_disableflasicwpro_5" = 0, ++ "pxe31_reserved_6" = 0, ++ "pxe31_ibootagentmode_8" = 0, ++ "pxe31_contretrydis_11" = 0, ++ "pxe31_reserved_12" = 0, ++ "pxe31_signature_14" = 10, ++ ++ # Boot Agent Configuration Customization Options (Word 0x32) ++ # prefix: "pxe32_" ++ "pxe32_buildnum_0" = 0x28, ++ "pxe32_minorversion_8" = 0x2, ++ "pxe32_majorversion_12" = 0x1, ++ ++ # IBA Capabilities (Word 0x33) ++ # prefix: "pxe33_" ++ "pxe33_basecodepresent_0" = 1, ++ "pxe33_undipresent_1" = 1, ++ "pxe33_reserved_2" = 1, ++ "pxe33_efiundipresent_3" = 0, ++ "pxe33_iscsi_4" = 0, ++ "pxe33_reserved_5" = 0, ++ "pxe33_signature_14" = 10, ++ ++ "pxe_padding"[11] = 0xffff, ++ ++ # Checksum is generated by bincfg ++ # "checksum_gbe" = xxx, ++ ++ # G3 -> S5 PHY Configuration ++ "g3_s5_phy_conf"[0x16] = 0, ++ ++ # Padding 0xf80 bytes ++ "padding"[0xf6a] = 0xff ++} + +diff --git a/util/bincfg/gbe-82579LM.spec b/util/bincfg/gbe-82579LM.spec +new file mode 100644 +index 0000000..0367aff +--- /dev/null ++++ b/util/bincfg/gbe-82579LM.spec + +@@ -0,0 +1,147 @@ ++# SPDX-License-Identifier: GPL-3.0-or-later ++# ++# Datasheets: ++# ++# https://cdrdv2.intel.com/v1/dl/getContent/613456 ++ ++# The datasheet says that this spec covers the following pci ids: ++# 8086:1502 - Intel 82579LM gigabit ethernet controller ++# 8086:1503 - Intel 82579V gigabit ethernet controller ++ ++# GbE SPEC for 82579LM/82579V ++{ ++ "mac_address_"[6] : 8, ++ "reserved_x03" : 16, ++ "reserved_x04" : 16, ++ "imageversioninfo_x05" : 16, ++ "reserved_x06" : 16, ++ "reserved_x07" : 16, ++ "pba_low_x08" : 16, ++ "pba_high_x09" : 16, ++ "pci_loaddeviceid_0" : 1, ++ "pci_loadsubsystemid_1" : 1, ++ "pci_reserved_2" : 1, ++ "pci_reserved_3" : 3, ++ "pci_pmenable_6" : 1, ++ "pci_auxpwr_7" : 1, ++ "pci_reserved_8" : 8, ++ "subsystemid_x0B" : 16, ++ "subsystemvendorid_x0C" : 16, ++ "deviceid_x0D" : 16, ++ "reserved_x0E" : 16, ++ "reserved_x0F" : 16, ++ "lanpwr_d3pwr_0" : 5, ++ "lanpwr_reserved_5" : 3, ++ "lanpwr_d0pwr_8" : 8, ++ "reserved_x11" : 16, ++ "reserved_x12" : 16, ++ "sicw_dynamicclock_0" : 1, ++ "sicw_clkcnt_1" : 1, ++ "sicw_reserved_2" : 1, ++ "sicw_fullduplex_3" : 1, ++ "sicw_forcespeed_4" : 1, ++ "sicw_reserved_5" : 1, ++ "sicw_phydeviceype_6" : 2, ++ "sicw_reserved_8" : 1, ++ "sicw_phy_enpwrdown_9" : 1, ++ "sicw_reserved_10" : 3, ++ "sicw_macsecdisable_13" : 1, ++ "sicw_sign_14" : 2, ++ "ecw1_extcfgptr_0" : 12, ++ "ecw1_oemload_12" : 1, ++ "ecw1_phyload_13" : 1, ++ "ecw1_reserved_14" : 2, ++ "ecw2_reserved_0" : 8, ++ "ecw2_extphylen_8" : 8, ++ "ecw3_extcfg1_0" : 16, ++ "oem_reserved_0" : 9, ++ "oem_lpluenind0a_9" : 1, ++ "oem_lplueninnond0a_10" : 1, ++ "oem_gbedisinnond0a_11" : 1, ++ "oem_reserved_12" : 2, ++ "oem_gbedis_14" : 1, ++ "oem_reserved_15" : 1, ++ "l02_led0mode_0" : 3, ++ "l02_led0invert_3" : 1, ++ "l02_led0blink_4" : 1, ++ "l02_led1mode_5" : 3, ++ "l02_led1invert_8" : 1, ++ "l02_led1blink_9" : 1, ++ "l02_led2mode_10" : 3, ++ "l02_led2invert_13" : 1, ++ "l02_led2blink_14" : 1, ++ "l02_blinkrate_15" : 1, ++ "reserved_x19" : 16, ++ "amp_enable_0" : 1, ++ "amp_reserved_1" : 15, ++ "reserved_x1B" : 16, ++ "reserved_x1C" : 16, ++ "reserved_x1D" : 16, ++ "reserved_x1E" : 16, ++ "reserved_x1F" : 16, ++ "reserved_x20" : 16, ++ "reserved_x21" : 16, ++ "reserved_x22" : 16, ++ "reserved_x23" : 16, ++ "reserved_x24_0" : 14, ++ "reserved_x24_14" : 1, ++ "reserved_x24_15" : 1, ++ "reserved_x25_0" : 4, ++ "reserved_x25_4" : 1, ++ "reserved_x25_5" : 2, ++ "reserved_x25_7" : 1, ++ "reserved_x25_8" : 7, ++ "reserved_x25_15" : 1, ++ "reserved_x26_0" : 9, ++ "reserved_x26_9" : 1, ++ "reserved_x26_10" : 1, ++ "reserved_x26_11" : 1, ++ "reserved_x26_12" : 2, ++ "reserved_x26_14" : 1, ++ "reserved_x26_15" : 1, ++ "reserved_x27" : 16, ++ "offset_x28" : 16, ++ "offset_x29" : 16, ++ "offset_x2A" : 16, ++ "offset_x2B" : 16, ++ "offset_x2C" : 16, ++ "offset_x2D" : 16, ++ "offset_x2E" : 16, ++ "offset_x2F" : 16, ++ "pxe30_protocolsel_0" : 2, ++ "pxe30_reserved_2" : 1, ++ "pxe30_defbootsel_3" : 2, ++ "pxe30_reserved_5" : 1, ++ "pxe30_prompttime_6" : 2, ++ "pxe30_dispsetup_8" : 1, ++ "pxe30_reserved_9" : 1, ++ "pxe30_forcespeed_10" : 2, ++ "pxe30_forcefullduplex_12" : 1, ++ "pxe30_reserved_13" : 1, ++ "pxe30_reserved_14" : 2, ++ "pxe31_disablemenu_0" : 1, ++ "pxe31_disabletitle_1" : 1, ++ "pxe31_disableprotsel_2" : 1, ++ "pxe31_disbootorder_3" : 1, ++ "pxe31_dislegacywak_4" : 1, ++ "pxe31_disableflasicwpro_5" : 1, ++ "pxe31_reserved_6" : 2, ++ "pxe31_ibootagentmode_8" : 3, ++ "pxe31_contretrydis_11" : 1, ++ "pxe31_reserved_12" : 2, ++ "pxe31_signature_14" : 2, ++ "pxe32_buildnum_0" : 8, ++ "pxe32_minorversion_8" : 4, ++ "pxe32_majorversion_12" : 4, ++ "pxe33_basecodepresent_0" : 1, ++ "pxe33_undipresent_1" : 1, ++ "pxe33_reserved_2" : 1, ++ "pxe33_efiundipresent_3" : 1, ++ "pxe33_iscsi_4" : 1, ++ "pxe33_reserved_5" : 9, ++ "pxe33_signature_14" : 2, ++ "pxe_padding"[11] : 16, ++ "checksum_gbe" : 16, ++ "g3_s5_phy_conf"[0x16] : 8, ++ "padding"[0xf6a] : 8 ++} + From 0a21c5fbfec114379f2dd6795bb9574d3a9fe09c Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Fri, 27 Nov 2020 22:51:26 -0500 Subject: [PATCH 09/11] circleci: add xx20 builds --- .circleci/config.yml | 52 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 50 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 92bc07469..52926d20b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -8,7 +8,7 @@ jobs: name: Install dependencies command: | apt update - apt install -y build-essential zlib1g-dev uuid-dev libdigest-sha-perl libelf-dev bc bzip2 bison flex git gnupg iasl m4 nasm patch python wget gnat cpio ccache pkg-config cmake libusb-1.0-0-dev autoconf texinfo ncurses-dev doxygen graphviz udev libudev1 libudev-dev automake libtool rsync + apt install -y build-essential zlib1g-dev uuid-dev libdigest-sha-perl libelf-dev bc bzip2 bison flex git gnupg iasl m4 nasm patch python2 python3 wget gnat cpio ccache pkg-config cmake libusb-1.0-0-dev autoconf texinfo ncurses-dev doxygen graphviz udev libudev1 libudev-dev automake libtool rsync innoextract - checkout - run: @@ -65,7 +65,7 @@ jobs: rm -rf build/librem_l1um/* build/log/* && make CPUS=4 V=1 BOARD=librem_l1um || touch /tmp/failed_build no_output_timeout: 3h - run: - name: Output build failing logs + name: Output build failing logs command: | if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi \ - run: @@ -240,6 +240,54 @@ jobs: - store-artifacts: path: build/x230-nkstorecli + - run: + name: Download and neuter xx20 ME (keep generated GBE and extracted IFD in tree) + command: | + ./blobs/xx20/download_parse_me.sh + - run: + name: x220-external-flash + command: | + rm -rf build/x220-external-flash/* build/log/* && make CPUS=4 V=1 BOARD=x220-external-flash || touch /tmp/failed_build + no_output_timeout: 3h + - run: + name: Output build failing logs + command: | + if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi + - run: + name: Output x220-external-flash hashes + command: | + cat build/x220-external-flash/hashes.txt \ + - run: + name: Archiving build logs for x220-external-flash + command: | + tar zcvf build/x220-external-flash/logs.tar.gz ./build/log/* + - store-artifacts: + path: build/x220-external-flash + + - run: + name: Download and neuter xx20 ME (keep generated GBE and extracted IFD in tree) + command: | + ./blobs/xx20/download_parse_me.sh + - run: + name: t420-external-flash + command: | + rm -rf build/t420-external-flash/* build/log/* && make CPUS=4 V=1 BOARD=t420-external-flash || touch /tmp/failed_build + no_output_timeout: 3h + - run: + name: Output build failing logs + command: | + if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi + - run: + name: Output t420-external-flash hashes + command: | + cat build/t420-external-flash/hashes.txt \ + - run: + name: Archiving build logs for t420-external-flash + command: | + tar zcvf build/t420-external-flash/logs.tar.gz ./build/log/* + - store-artifacts: + path: build/t420-external-flash + - run: name: qemu-coreboot command: | From d7d9fa2fbbdd11ca08446d624fa3f469e7ffdff0 Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Sat, 28 Nov 2020 00:49:54 -0500 Subject: [PATCH 10/11] boards: rename external-flash to maximized --- .circleci/config.yml | 30 +++++++++---------- .../t420-maximized.config} | 0 .../x220-maximized.config} | 0 3 files changed, 15 insertions(+), 15 deletions(-) rename boards/{t420-external-flash/t420.config => t420-maximized/t420-maximized.config} (100%) rename boards/{x220-external-flash/x220.config => x220-maximized/x220-maximized.config} (100%) diff --git a/.circleci/config.yml b/.circleci/config.yml index 52926d20b..1e8598cde 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -245,48 +245,48 @@ jobs: command: | ./blobs/xx20/download_parse_me.sh - run: - name: x220-external-flash + name: x220-maximized command: | - rm -rf build/x220-external-flash/* build/log/* && make CPUS=4 V=1 BOARD=x220-external-flash || touch /tmp/failed_build + rm -rf build/x220-maximized/* build/log/* && make CPUS=4 V=1 BOARD=x220-maximized || touch /tmp/failed_build no_output_timeout: 3h - run: name: Output build failing logs command: | - if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi + if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi \ - run: - name: Output x220-external-flash hashes + name: Output x220-maximized hashes command: | - cat build/x220-external-flash/hashes.txt \ + cat build/x220-maximized/hashes.txt \ - run: - name: Archiving build logs for x220-external-flash + name: Archiving build logs for x220-maximized command: | - tar zcvf build/x220-external-flash/logs.tar.gz ./build/log/* + tar zcvf build/x220-maximized/logs.tar.gz ./build/log/* - store-artifacts: - path: build/x220-external-flash + path: build/x220-maximized - run: name: Download and neuter xx20 ME (keep generated GBE and extracted IFD in tree) command: | ./blobs/xx20/download_parse_me.sh - run: - name: t420-external-flash + name: t420-maximized command: | - rm -rf build/t420-external-flash/* build/log/* && make CPUS=4 V=1 BOARD=t420-external-flash || touch /tmp/failed_build + rm -rf build/t420-maximized/* build/log/* && make CPUS=4 V=1 BOARD=t420-maximized || touch /tmp/failed_build no_output_timeout: 3h - run: name: Output build failing logs command: | if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi - run: - name: Output t420-external-flash hashes + name: Output t420-maximized hashes command: | - cat build/t420-external-flash/hashes.txt \ + cat build/t420-maximized/hashes.txt \ - run: - name: Archiving build logs for t420-external-flash + name: Archiving build logs for t420-maximized command: | - tar zcvf build/t420-external-flash/logs.tar.gz ./build/log/* + tar zcvf build/t420-maximized/logs.tar.gz ./build/log/* - store-artifacts: - path: build/t420-external-flash + path: build/t420-maximized - run: name: qemu-coreboot diff --git a/boards/t420-external-flash/t420.config b/boards/t420-maximized/t420-maximized.config similarity index 100% rename from boards/t420-external-flash/t420.config rename to boards/t420-maximized/t420-maximized.config diff --git a/boards/x220-external-flash/x220.config b/boards/x220-maximized/x220-maximized.config similarity index 100% rename from boards/x220-external-flash/x220.config rename to boards/x220-maximized/x220-maximized.config From a733c1f13a13819871d7ec8f12b4dae8aad3665f Mon Sep 17 00:00:00 2001 From: Tom Hiller Date: Fri, 27 Nov 2020 22:54:24 -0500 Subject: [PATCH 11/11] boards: remove depricated x220 and xt420 --- blobs/t420/extract.sh | 64 -------------------------- blobs/t420/layout.txt | 4 -- blobs/t420/readme.md | 29 ------------ blobs/x220/.gitignore | 3 -- blobs/x220/extract.sh | 64 -------------------------- blobs/x220/layout.txt | 4 -- blobs/x220/readme.md | 26 ----------- boards/t420/t420.config | 37 --------------- boards/x220/x220.config | 37 --------------- config/coreboot-t420-deprecated.config | 24 ---------- config/coreboot-x220-deprecated.config | 24 ---------- 11 files changed, 316 deletions(-) delete mode 100755 blobs/t420/extract.sh delete mode 100644 blobs/t420/layout.txt delete mode 100644 blobs/t420/readme.md delete mode 100644 blobs/x220/.gitignore delete mode 100755 blobs/x220/extract.sh delete mode 100644 blobs/x220/layout.txt delete mode 100644 blobs/x220/readme.md delete mode 100644 boards/t420/t420.config delete mode 100644 boards/x220/x220.config delete mode 100644 config/coreboot-t420-deprecated.config delete mode 100644 config/coreboot-x220-deprecated.config diff --git a/blobs/t420/extract.sh b/blobs/t420/extract.sh deleted file mode 100755 index 812d51664..000000000 --- a/blobs/t420/extract.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/bash - -function printusage { - echo "Usage: $0 -f -m (optional) -i (optional)" - exit 0 -} - -BLOBDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" - -if [ "$#" -eq 0 ]; then printusage; fi - -while getopts ":f:m:i:" opt; do - case $opt in - f) - FILE="$OPTARG" - ;; - m) - if [ -x "$OPTARG" ]; then - MECLEAN="$OPTARG" - fi - ;; - i) - if [ -x "$OPTARG" ]; then - IFDTOOL="$OPTARG" - fi - ;; - esac -done - -if [ -z "$MECLEAN" ]; then - MECLEAN=`command -v $BLOBDIR/../../build/coreboot-*/util/me_cleaner/me_cleaner.py 2>&1|head -n1` - if [ -z "$MECLEAN" ]; then - echo "me_cleaner.py required but not found or specified with -m. Aborting." - exit 1; - fi -fi - -if [ -z "$IFDTOOL" ]; then - IFDTOOL=`command -v $BLOBDIR/../../build/coreboot-*/util/ifdtool/ifdtool 2>&1|head -n1` - if [ -z "$IFDTOOL" ]; then - echo "ifdtool required but not found or specified with -m. Aborting." - exit 1; - fi -fi - -echo "FILE: $FILE" -echo "ME: $MECLEAN" -echo "IFD: $IFDTOOL" - -bioscopy=$(mktemp) -extractdir=$(mktemp -d) - -cp "$FILE" $bioscopy - -cd "$extractdir" -$IFDTOOL -x $bioscopy -cp "$extractdir/flashregion_3_gbe.bin" "$BLOBDIR/gbe.bin" -$MECLEAN -r -t -d -O /tmp/unneeded.bin -D "$BLOBDIR/ifd.bin" -M "$BLOBDIR/me.bin" "$extractdir/flashregion_2_intel_me.bin" -$IFDTOOL -n "$BLOBDIR/layout.txt" $bioscopy -$IFDTOOL -x $bioscopy.new - -rm "$bioscopy" -rm "$bioscopy.new" -rm -r "$extractdir" diff --git a/blobs/t420/layout.txt b/blobs/t420/layout.txt deleted file mode 100644 index bbd90962c..000000000 --- a/blobs/t420/layout.txt +++ /dev/null @@ -1,4 +0,0 @@ -00000000:00000fff fd -00018000:007fffff bios -00003000:00017fff me -00001000:00002fff gbe diff --git a/blobs/t420/readme.md b/blobs/t420/readme.md deleted file mode 100644 index 4a40a0528..000000000 --- a/blobs/t420/readme.md +++ /dev/null @@ -1,29 +0,0 @@ -To build for T420, we need to have the following files in this folder: -* `me.bin` - ME binary that has been stripped and truncated with me_cleaner -* `gbe.bin` - Network card blob from the original firmware -* `ifd.bin` - Flash layout file has been provided as text - -To get the binaries, start with a copy of the original Lenovo firmware image. -If you do not have one already, you can read one out from the laptops SPI flash with flashrom - -``` -flashrom -p -r original.bin -``` - -Set `` to the flashrom programmer type that you will use (for example, `linux_spi:dev=/dev/spidev0.0` on a Raspberry Pi). - -Once you have the image, the provided extraction script will extract the files needed. - -``` -./extract.sh -f -``` - -Use the options '-m' and '-i' to provide me_cleaner and ifdtool if they can not be located automatically. - -The flash layout will be automatically adjusted and the ME image cleaned and truncated. - -You can now compile the image with: - -``` -make BOARD=t420 -``` diff --git a/blobs/x220/.gitignore b/blobs/x220/.gitignore deleted file mode 100644 index 62887eff3..000000000 --- a/blobs/x220/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -gbe.bin -me.bin -ifd.bin diff --git a/blobs/x220/extract.sh b/blobs/x220/extract.sh deleted file mode 100755 index 812d51664..000000000 --- a/blobs/x220/extract.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/bash - -function printusage { - echo "Usage: $0 -f -m (optional) -i (optional)" - exit 0 -} - -BLOBDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" - -if [ "$#" -eq 0 ]; then printusage; fi - -while getopts ":f:m:i:" opt; do - case $opt in - f) - FILE="$OPTARG" - ;; - m) - if [ -x "$OPTARG" ]; then - MECLEAN="$OPTARG" - fi - ;; - i) - if [ -x "$OPTARG" ]; then - IFDTOOL="$OPTARG" - fi - ;; - esac -done - -if [ -z "$MECLEAN" ]; then - MECLEAN=`command -v $BLOBDIR/../../build/coreboot-*/util/me_cleaner/me_cleaner.py 2>&1|head -n1` - if [ -z "$MECLEAN" ]; then - echo "me_cleaner.py required but not found or specified with -m. Aborting." - exit 1; - fi -fi - -if [ -z "$IFDTOOL" ]; then - IFDTOOL=`command -v $BLOBDIR/../../build/coreboot-*/util/ifdtool/ifdtool 2>&1|head -n1` - if [ -z "$IFDTOOL" ]; then - echo "ifdtool required but not found or specified with -m. Aborting." - exit 1; - fi -fi - -echo "FILE: $FILE" -echo "ME: $MECLEAN" -echo "IFD: $IFDTOOL" - -bioscopy=$(mktemp) -extractdir=$(mktemp -d) - -cp "$FILE" $bioscopy - -cd "$extractdir" -$IFDTOOL -x $bioscopy -cp "$extractdir/flashregion_3_gbe.bin" "$BLOBDIR/gbe.bin" -$MECLEAN -r -t -d -O /tmp/unneeded.bin -D "$BLOBDIR/ifd.bin" -M "$BLOBDIR/me.bin" "$extractdir/flashregion_2_intel_me.bin" -$IFDTOOL -n "$BLOBDIR/layout.txt" $bioscopy -$IFDTOOL -x $bioscopy.new - -rm "$bioscopy" -rm "$bioscopy.new" -rm -r "$extractdir" diff --git a/blobs/x220/layout.txt b/blobs/x220/layout.txt deleted file mode 100644 index bbd90962c..000000000 --- a/blobs/x220/layout.txt +++ /dev/null @@ -1,4 +0,0 @@ -00000000:00000fff fd -00018000:007fffff bios -00003000:00017fff me -00001000:00002fff gbe diff --git a/blobs/x220/readme.md b/blobs/x220/readme.md deleted file mode 100644 index 2d2ce210e..000000000 --- a/blobs/x220/readme.md +++ /dev/null @@ -1,26 +0,0 @@ -To build for X220 we need to have the following files in this folder: -* `me.bin` - ME binary that has been stripped and truncated with me_cleaner -* `gbe.bin` - Network card blob from the original firmware -* `ifd.bin` - Flash layout file has been provided as text - -To get the binaries, start with a copy of the original Lenovo firmware image. -If you do not have one already, you can read one out from the laptops SPI flash. - -``` -flashrom --programmer internal -r original.bin -``` - -Once you have the image, the provided extraction script will extract the files needed. - -``` -./extract.sh -f -``` - -Use the options '-m' and '-i' to provide me_cleaner and ifdtool if they can not be located -automatically. - -The flash layout will be automatically adjusted and the ME image cleaned and truncated. - -You can now compile the image with: - -make BOARD=x220 diff --git a/boards/t420/t420.config b/boards/t420/t420.config deleted file mode 100644 index e70cc64ff..000000000 --- a/boards/t420/t420.config +++ /dev/null @@ -1,37 +0,0 @@ -# Configuration for a T420 running Qubes and other OS, T420 is identical to X230 on the Linux Side of things. -export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 -export CONFIG_LINUX_VERSION=4.14.62 - -CONFIG_COREBOOT_CONFIG=config/coreboot-t420-deprecated.config -CONFIG_LINUX_CONFIG=config/linux-x230.config - -CONFIG_CRYPTSETUP=y -CONFIG_FLASHROM=y -CONFIG_FLASHTOOLS=y -CONFIG_GPG2=y -CONFIG_KEXEC=y -CONFIG_UTIL_LINUX=y -CONFIG_LVM2=y -CONFIG_MBEDTLS=y -CONFIG_PCIUTILS=y -CONFIG_POPT=y -CONFIG_QRENCODE=y -CONFIG_TPMTOTP=y -CONFIG_DROPBEAR=y - -CONFIG_CAIRO=y -CONFIG_FBWHIPTAIL=y - -CONFIG_LINUX_USB=y -CONFIG_LINUX_E1000E=y - -export CONFIG_TPM=y -export CONFIG_BOOTSCRIPT=/bin/gui-init -export CONFIG_BOOT_REQ_HASH=n -export CONFIG_BOOT_REQ_ROLLBACK=n -export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off" -export CONFIG_BOOT_KERNEL_REMOVE="quiet" -export CONFIG_BOOT_DEV="/dev/sda1" -export CONFIG_BOARD_NAME="ThinkPad T420" -export CONFIG_FLASHROM_OPTIONS="--force --noverify-all -p internal:ich_spi_mode=hwseq --ifd --image bios" diff --git a/boards/x220/x220.config b/boards/x220/x220.config deleted file mode 100644 index d0b1af495..000000000 --- a/boards/x220/x220.config +++ /dev/null @@ -1,37 +0,0 @@ -# Configuration for a x220 running Qubes and other OS, X220 is identical to X230 on the Linux Side of things. -export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 -export CONFIG_LINUX_VERSION=4.14.62 - -CONFIG_COREBOOT_CONFIG=config/coreboot-x220-deprecated.config -CONFIG_LINUX_CONFIG=config/linux-x230.config - -CONFIG_CRYPTSETUP=y -CONFIG_FLASHROM=y -CONFIG_FLASHTOOLS=y -CONFIG_GPG2=y -CONFIG_KEXEC=y -CONFIG_UTIL_LINUX=y -CONFIG_LVM2=y -CONFIG_MBEDTLS=y -CONFIG_PCIUTILS=y -CONFIG_POPT=y -CONFIG_QRENCODE=y -CONFIG_TPMTOTP=y -CONFIG_DROPBEAR=y - -CONFIG_CAIRO=y -CONFIG_FBWHIPTAIL=y - -CONFIG_LINUX_USB=y -CONFIG_LINUX_E1000E=y - -export CONFIG_TPM=y -export CONFIG_BOOTSCRIPT=/bin/gui-init -export CONFIG_BOOT_REQ_HASH=n -export CONFIG_BOOT_REQ_ROLLBACK=n -export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off" -export CONFIG_BOOT_KERNEL_REMOVE="quiet" -export CONFIG_BOOT_DEV="/dev/sda1" -export CONFIG_BOARD_NAME="ThinkPad X220" -export CONFIG_FLASHROM_OPTIONS="--force --noverify-all -p internal:ich_spi_mode=hwseq --ifd --image bios" diff --git a/config/coreboot-t420-deprecated.config b/config/coreboot-t420-deprecated.config deleted file mode 100644 index 59a91b8b0..000000000 --- a/config/coreboot-t420-deprecated.config +++ /dev/null @@ -1,24 +0,0 @@ -CONFIG_ANY_TOOLCHAIN=y -# CONFIG_INCLUDE_CONFIG_FILE is not set -# CONFIG_COLLECT_TIMESTAMPS is not set -CONFIG_USE_BLOBS=y -CONFIG_MEASURED_BOOT=y -CONFIG_VENDOR_LENOVO=y -CONFIG_CBFS_SIZE=0x750000 -CONFIG_ONBOARD_VGA_IS_PRIMARY=y -CONFIG_HAVE_IFD_BIN=y -CONFIG_HAVE_ME_BIN=y -CONFIG_HAVE_GBE_BIN=y -CONFIG_IFD_BIN_PATH="../../blobs/t420/ifd.bin" -CONFIG_ME_BIN_PATH="../../blobs/t420/me.bin" -CONFIG_BOARD_LENOVO_T420=y -CONFIG_DRIVERS_PS2_KEYBOARD=y -CONFIG_NO_POST=y -CONFIG_GBE_BIN_PATH="../../blobs/t420/gbe.bin" -CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 -CONFIG_DEFAULT_CONSOLE_LOGLEVEL_5=y -CONFIG_PAYLOAD_LINUX=y -CONFIG_PAYLOAD_FILE="../../build/t420/bzImage" -CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet loglevel=3" -CONFIG_LINUX_INITRD="../../build/t420/initrd.cpio.xz" -CONFIG_DEBUG_SMM_RELOCATION=y diff --git a/config/coreboot-x220-deprecated.config b/config/coreboot-x220-deprecated.config deleted file mode 100644 index 88167453a..000000000 --- a/config/coreboot-x220-deprecated.config +++ /dev/null @@ -1,24 +0,0 @@ -CONFIG_ANY_TOOLCHAIN=y -# CONFIG_INCLUDE_CONFIG_FILE is not set -# CONFIG_COLLECT_TIMESTAMPS is not set -CONFIG_USE_BLOBS=y -CONFIG_MEASURED_BOOT=y -CONFIG_VENDOR_LENOVO=y -CONFIG_CBFS_SIZE=0x750000 -CONFIG_ONBOARD_VGA_IS_PRIMARY=y -CONFIG_HAVE_IFD_BIN=y -CONFIG_HAVE_ME_BIN=y -CONFIG_HAVE_GBE_BIN=y -CONFIG_IFD_BIN_PATH="../../blobs/x220/ifd.bin" -CONFIG_ME_BIN_PATH="../../blobs/x220/me.bin" -CONFIG_BOARD_LENOVO_X220=y -CONFIG_DRIVERS_PS2_KEYBOARD=y -CONFIG_NO_POST=y -CONFIG_GBE_BIN_PATH="../../blobs/x220/gbe.bin" -#CONFIG_DEBUG_TPM=y -CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 -CONFIG_PAYLOAD_LINUX=y -CONFIG_PAYLOAD_FILE="../../build/x220/bzImage" -CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet loglevel=3" -CONFIG_LINUX_INITRD="../../build/x220/initrd.cpio.xz" -CONFIG_DEBUG_SMM_RELOCATION=y