From 438cc1fe58f4b65099d778596b93e8094594cb69 Mon Sep 17 00:00:00 2001 From: Francis Rowe Date: Sun, 03 May 2015 11:48:20 -0400 Subject: demefactory (new utility): create GM45 factory.rom without the ME --- (limited to 'resources/utilities/ich9deblob') diff --git a/resources/utilities/ich9deblob/Makefile b/resources/utilities/ich9deblob/Makefile index be4df85..2db8e84 100644 --- a/resources/utilities/ich9deblob/Makefile +++ b/resources/utilities/ich9deblob/Makefile @@ -22,7 +22,7 @@ FORCEC99=-std=c99 CFLAGS=-I. -Wall -Wextra -g $(FORCEC99) NOLINKER=-c -all: ich9deblob ich9gen +all: ich9deblob ich9gen demefactory ich9deblob: obj/ich9deblob.o obj/common/descriptor_gbe.o \ obj/descriptor/descriptor.o obj/gbe/gbe.o obj/common/x86compatibility.o @@ -40,6 +40,19 @@ ich9gen: obj/ich9gen.o obj/ich9gen/mkdescriptor.o obj/ich9gen/mkgbe.o \ obj/common/x86compatibility.o obj/descriptor/descriptor.o obj/gbe/gbe.o \ -o ich9gen +demefactory: obj/demefactory.o obj/common/descriptor_gbe.o \ + obj/descriptor/descriptor.o obj/gbe/gbe.o obj/common/x86compatibility.o + + $(CC) $(CFLAGS) obj/demefactory.o obj/common/descriptor_gbe.o \ + obj/common/x86compatibility.o obj/descriptor/descriptor.o obj/gbe/gbe.o \ + -o demefactory + +# for demefactory +# ---------------------------------------------------------------------- + +obj/demefactory.o: + $(CC) $(CFLAGS) $(NOLINKER) src/demefactory.c -o obj/demefactory.o + # for ich9deblob # ---------------------------------------------------------------------- @@ -76,4 +89,4 @@ obj/gbe/gbe.o: # make clean # ---------------------------------------------------------------------- clean: - rm -rf ich9deblob ich9gen obj/*.o obj/*/*.o + rm -rf ich9deblob ich9gen demefactory obj/*.o obj/*/*.o diff --git a/resources/utilities/ich9deblob/src/common/descriptor_gbe.c b/resources/utilities/ich9deblob/src/common/descriptor_gbe.c index 6a87452..31cca1b 100644 --- a/resources/utilities/ich9deblob/src/common/descriptor_gbe.c +++ b/resources/utilities/ich9deblob/src/common/descriptor_gbe.c @@ -58,3 +58,33 @@ int notCreatedDescriptorGbeFile(struct DESCRIPTORREGIONRECORD descriptorStruct, return 0; } + +/* + * create 4KiB file with descriptor + */ +int notCreated4kDescriptorFile(struct DESCRIPTORREGIONRECORD descriptorStruct, char* fileName) +{ + FILE* fileStream = NULL; + + /* delete old file before continuing */ + remove(fileName); + + /* open new file for writing the descriptor+gbe */ + fileStream = fopen(fileName, "ab"); + + /* write the descriptor region into the first part */ + if (DESCRIPTORREGIONSIZE != fwrite((uint8_t*)&descriptorStruct, 1, sizeof(descriptorStruct), fileStream)) + { + printf("\nerror: writing descriptor region failed\n"); + return 1; + } + + + fclose(fileStream); + + printf("descriptor successfully written to the file: %s\n", fileName); + printf("Now do: dd if=%s of=yourrom.rom bs=1 count=4k conv=notrunc\n", fileName); + printf("(in other words, add the modified descriptor to your ROM image)\n\n"); + + return 0; +} diff --git a/resources/utilities/ich9deblob/src/common/descriptor_gbe.h b/resources/utilities/ich9deblob/src/common/descriptor_gbe.h index d3e8977..94d4a24 100644 --- a/resources/utilities/ich9deblob/src/common/descriptor_gbe.h +++ b/resources/utilities/ich9deblob/src/common/descriptor_gbe.h @@ -32,5 +32,6 @@ #include "../gbe/gbe.h" /* structs describing what's in the gbe region */ int notCreatedDescriptorGbeFile(struct DESCRIPTORREGIONRECORD descriptorStruct, struct GBEREGIONRECORD_8K gbeStruct8k, char* fileName); +int notCreated4kDescriptorFile(struct DESCRIPTORREGIONRECORD descriptorStruct, char* fileName); #endif diff --git a/resources/utilities/ich9deblob/src/demefactory.c b/resources/utilities/ich9deblob/src/demefactory.c new file mode 100644 index 0000000..1a48360 --- /dev/null +++ b/resources/utilities/ich9deblob/src/demefactory.c @@ -0,0 +1,140 @@ +/* + * demefactory.c + * This file is part of the demefactory utility from the libreboot project + * + * Purpose: disable ME on GM45 factory firmware, but leave region intact + * enable read-write on all regions + * + * Copyright (C) 2015 Francis Rowe + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/* + * demfactory utility - main + */ + +#include "demefactory.h" + +int main() +{ + struct DESCRIPTORREGIONRECORD descriptorStruct; + uint8_t* descriptorBuffer = (uint8_t*)&descriptorStruct; + + struct GBEREGIONRECORD_8K gbeStruct8k; /* not needed, except for compatibility checking */ + + char* romFilename = "factory.rom"; + char* descriptorFilename = "demefactory_4kdescriptor.bin"; + + unsigned int bufferLength; + unsigned int romSize; + + /* + * ------------------------------------------------------------------ + * Compatibility checks. This version of ich9deblob is not yet portable. + * ------------------------------------------------------------------ + */ + + if (systemOrCompilerIncompatible(descriptorStruct, gbeStruct8k)) return 1; + /* If true, fail with error message */ + + /* + * ------------------------------------------------------------------ + * Extract the descriptor and gbe regions from the factory.rom dump + * ------------------------------------------------------------------ + */ + FILE* fp = NULL; + fp = fopen(romFilename, "rb"); /* open factory.rom */ + if (NULL == fp) + { + printf("\nerror: could not open %s\n", romFilename); + fclose(fp); + return 1; + } + printf("\n%s opened successfully\n", romFilename); + + /* + * Get the descriptor region dump from the factory.rom + * (goes in factoryDescriptorBuffer variable) + */ + bufferLength = fread(descriptorBuffer, 1, DESCRIPTORREGIONSIZE, fp); + if (DESCRIPTORREGIONSIZE != bufferLength) // + { + printf("\nerror: could not read descriptor from %s (%i) bytes read\n", romFilename, bufferLength); + fclose(fp); + return 1; + } + printf("\ndescriptor region read successfully\n"); + + /* ------------------------------------------------- */ + + fseek(fp, 0L, SEEK_END); + romSize = ftell(fp); + printf("\n%s size: [%i] bytes\n", romFilename, romSize); + + /* -------------------------------------------------- */ + + fclose(fp); + + /* Debugging (before modification) */ + printDescriptorRegionLocations(descriptorStruct, "Original"); + + /* + * ------------------------------------------------------------------ + * Modify the descriptor region, ready to go in the modified factory.rom + * ------------------------------------------------------------------ + */ + + // Disable the ME/TPM and remove the ME/Platform regions: + descriptorStruct = descriptorMePlatformRegionsRemoved(descriptorStruct); + descriptorStruct = descriptorDisableMeTpm(descriptorStruct); + + /* Host/CPU is allowed to read/write all regions. */ + descriptorStruct = descriptorHostRegionsUnlocked(descriptorStruct); + /* The ME is disallowed read-write access to all regions + * (this is probably redundant, since the ME is already removed from libreboot) */ + descriptorStruct = descriptorMeRegionsForbidden(descriptorStruct); + + /* Debugging (after modifying the descriptor region) */ + printDescriptorRegionLocations(descriptorStruct, "Modified"); + + /* + * ------------------------------------------------------------------ + * Create the file with the modified descriptor and gbe inside + * ------------------------------------------------------------------ + */ + + printf("\n"); + if (notCreated4kDescriptorFile(descriptorStruct, descriptorFilename)) { + return 1; + } + + /* + * ------------------------------------------------------------------ + * Generate ich9gen data (C code that will recreate the deblobbed descriptor+gbe from scratch) + * ------------------------------------------------------------------ + */ + /* Code for generating the Descriptor struct */ + /* mkdescriptor.h */ + if (notCreatedHFileForDescriptorCFile("mkdescriptor.h", "mkdescriptor.c")) { + return 1; + } /* and now mkdescriptor.c */ + if (notCreatedCFileFromDescriptorStruct(descriptorStruct, "mkdescriptor.c", "mkdescriptor.h")) { + return 1; + } + + printf("The modified descriptor region has also been dumped as src files: mkdescriptor.c, mkdescriptor.h\n\n"); + + return 0; +} diff --git a/resources/utilities/ich9deblob/src/demefactory.h b/resources/utilities/ich9deblob/src/demefactory.h new file mode 100644 index 0000000..767c547 --- /dev/null +++ b/resources/utilities/ich9deblob/src/demefactory.h @@ -0,0 +1,34 @@ +/* + * Copyright (C) 2015 Francis Rowe + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/* Header file for demefactory.c */ + +#ifndef DEMEFACTORY_H +#define DEMEFACTORY_H + +#include +#include +#include + +#include "common/descriptor_gbe.h" /* common descriptor/gbe functions used by ich9deblob */ +#include "common/x86compatibility.h" /* system/compiler compatibility checks. This code is not portable. */ +#include "descriptor/descriptor.h" /* structs describing what's in the descriptor region */ +#include "gbe/gbe.h" /* structs describing what's in the gbe region */ + +int main(); + +#endif -- cgit v0.9.1