1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
|
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<style type="text/css">
@import url('../css/main.css');
</style>
<title>ThinkPad X200: remove the ME (manageability engine)</title>
</head>
<body>
<h1 id="pagetop">ThinkPad X200: remove the ME (manageability engine)</h1>
<p>
This sections relates to disabling and removing the ME (Intel <b>M</b>anagement <b>E</b>ngine)
on the ThinkPad X200.
</p>
<p>
The ME is a blob that typically must be left inside the flash chip (in the ME region, as outlined
by the default descriptor). On the X200, it is possible to remove it without any ill effects. All
other parts of coreboot on the X200 can be blob-free, so removing the ME was the last obstacle to
get X200 support in libreboot (the machine can also work without the microcode blobs).
</p>
<p>
Or <a href="x200.html">back to main X200 compatibility page (x200.html)</a>.
</p>
<hr/>
<h1 id="ich9deblob">ICH9 deblob utility</h1>
<p>
This is what you will use to generate the deblobbed descriptor+gbe regions for your libreboot ROM image.
</p>
<p>
If you are working with libreboot_src (or git), you can find the source under resources/utilities/ich9deblob/
and will already be compiled if you ran ./builddeps or ./builddeps-ich9deblob from the main directory (./),
otherwise you can build it like so:<br/>
$ <b>./builddeps-ich9deblob</b><br/>
An executable file named <b>ich9deblob</b> will now appear under resources/utilities/ich9deblob/
</p>
<p>
If you are working with libreboot_bin release archive, you can find the utility included, statically compiled
(for i686 and x86_64 on GNU/Linux) under ./ich9deblob/.
</p>
<p>
Place the factory.rom from your X200
(can be obtained using the guide at <a href="../install/x200_external.html">../install/x200_external.html</a>) in
the directory where you have your ich9deblob executable, then run the tool:<br/>
$ <b>./ich9deblob</b>
</p>
<p>
A 12kiB file named <b>deblobbed_descriptor.bin</b> will now appear. <b>Keep this and the factory.rom stored in a safe location!</b>
The first 4KiB contains the descriptor data region for your machine, and the next 8KiB contains the gbe region (config data for your
gigabit NIC). These 2 regions could actually be separate files, but they are joined into 1 file in this case.
</p>
<p>
Assuming that your X200 libreboot image is named <b>libreboot.rom</b>, copy
the <b>deblobbed_descriptor.bin</b> file to where <b>libreboot.rom</b> is located
and then run:<br/>
$ <b>dd if=deblobbed_descriptor.bin of=libreboot.rom bs=1 count=12k conv=notrunc</b>
</p>
<p>
You should now have a <b>libreboot.rom</b> image containing the correct 4K descriptor and 8K gbe regions, which
will then be safe to flash. Refer back to <a href="../install/index.html#flashrom_x200">../install/index.html#flashrom_x200</a>
for how to flash it.
</p>
<hr/>
<p>
The sections below are adapted from (mostly) IRC logs related to early development getting the ME removed on the X200.
They are useful for background information. This could not have been done without sgsit's help.
</p>
<div class="section">
<h2 id="early_notes">Early notes</h2>
<ul>
<li>
<a href="http://www.intel.co.uk/content/dam/doc/datasheet/io-controller-hub-10-family-datasheet.pdf">http://www.intel.co.uk/content/dam/doc/datasheet/io-controller-hub-10-family-datasheet.pdf</a>
page 230 mentions about descriptor and non-descriptor mode (which wipes out gbe and ME/AMT).
</li>
<li>
<s><b>See reference to HDA_SDO (disable descriptor security)</b></s>
strap connected GPIO33 pin is it on ICH9-M (X200). HDA_SDO applies to later chipsets (series 6 or higher).
Disabling descriptor security also disables the ethernet according to sgsit. sgsit's method
involves use of 'soft straps' (see IRC logs below) instead of disabling the descriptor.
</li>
<li>
<b>and the location of GPIO33 on the x200s: (was an external link. Putting it here instead)</b>
<a href="images/x200/gpio33_location.jpg">images/x200/gpio33_location.jpg</a>
- it's above the number 7 on TP37 (which is above the big intel chip at the bottom)
</li>
<li>
The ME datasheet may not be for the mobile chipsets but it doesn't vary that much.
This one gives some detail and covers QM67 which is what the X201 uses:
<a href="http://www.intel.co.uk/content/dam/www/public/us/en/documents/datasheets/6-chipset-c200-chipset-datasheet.pdf">http://www.intel.co.uk/content/dam/www/public/us/en/documents/datasheets/6-chipset-c200-chipset-datasheet.pdf</a>
</li>
</ul>
</div>
<hr/>
<div class="section">
<h2 id="flashchips">Flash chips</h2>
<ul>
<li>
Schematics for X200 laptop: <a href="http://pdf.datasheetarchive.com/indexerfiles/Datasheets-USER/DSAUPLD00006075.pdf">http://pdf.datasheetarchive.com/indexerfiles/Datasheets-USER/DSAUPLD00006075.pdf</a>
<b><s>- Page 20 and page 9 refer to SDA_HDO or SDA_HDOUT</s></b> only on series 6 or higher chipsets. ICH9-M (X200) does it with a strap connected to GPIO33 pin (see IRC notes below)<br/>
- According to page 29, the X200 can have any of the following flash chips:
<ul>
<li>ATMEL AT26DF321-SU 72.26321.A01 - this is a 32Mb (4MiB) chip</li>
<li>MXIC (Macronix?) MX25L3205DM2I-12G 72.25325.A01 - another 32Mb (4MiB) chip</li>
<li>MXIC (Macronix?) MX25L6405DMI-12G 41R0820AA - this is a 64Mb (8MiB) chip</li>
<li>Winbond W25X64VSFIG 41R0820BA - another 64Mb (8MiB) chip</li>
</ul>
sgsit says that the X200's with the 64Mb flash chips are (probably) the ones with AMT (alongside the ME), whereas
the 32Mb chips contain only the ME.
</li>
<li>
Schematics for X200s laptop: <a href="http://pdf.datasheetarchive.com/indexerfiles/Datasheets-USER/DSAUPLD00006104.pdf">http://pdf.datasheetarchive.com/indexerfiles/Datasheets-USER/DSAUPLD00006104.pdf</a>.
</li>
</ul>
</div>
<hr/>
<div class="section">
<h2 id="early_development_notes">Early development notes</h2>
<pre>
<i>
Start (hex) End (hex) Length (hex) Area Name
----------- --------- ------------ ---------
00000000 003FFFFF 00400000 Flash Image
00000000 00000FFF 00001000 Descriptor Region
00000004 0000000F 0000000C Descriptor Map
00000010 0000001B 0000000C Component Section
00000040 0000004F 00000010 Region Section
00000060 0000006B 0000000C Master Access Section
00000060 00000063 00000004 CPU/BIOS
00000064 00000067 00000004 Manageability Engine (ME)
00000068 0000006B 00000004 GbE LAN
00000100 00000103 00000004 ICH Strap 0
00000104 00000107 00000004 ICH Strap 1
00000200 00000203 00000004 MCH Strap 0
00000EFC 00000EFF 00000004 Descriptor Map 2
00000ED0 00000EF7 00000028 ME VSCC Table
00000ED0 00000ED7 00000008 Flash device 1
00000ED8 00000EDF 00000008 Flash device 2
00000EE0 00000EE7 00000008 Flash device 3
00000EE8 00000EEF 00000008 Flash device 4
00000EF0 00000EF7 00000008 Flash device 5
00000F00 00000FFF 00000100 OEM Section
00001000 001F5FFF 001F5000 ME Region
001F6000 001F7FFF 00002000 GbE Region
001F8000 001FFFFF 00008000 PDR Region
00200000 003FFFFF 00200000 BIOS Region
Start (hex) End (hex) Length (hex) Area Name
----------- --------- ------------ ---------
00000000 003FFFFF 00400000 Flash Image
00000000 00000FFF 00001000 Descriptor Region
00000004 0000000F 0000000C Descriptor Map
00000010 0000001B 0000000C Component Section
00000040 0000004F 00000010 Region Section
00000060 0000006B 0000000C Master Access Section
00000060 00000063 00000004 CPU/BIOS
00000064 00000067 00000004 Manageability Engine (ME)
00000068 0000006B 00000004 GbE LAN
00000100 00000103 00000004 ICH Strap 0
00000104 00000107 00000004 ICH Strap 1
00000200 00000203 00000004 MCH Strap 0
00000ED0 00000EF7 00000028 ME VSCC Table
00000ED0 00000ED7 00000008 Flash device 1
00000ED8 00000EDF 00000008 Flash device 2
00000EE0 00000EE7 00000008 Flash device 3
00000EE8 00000EEF 00000008 Flash device 4
00000EF0 00000EF7 00000008 Flash device 5
00000EFC 00000EFF 00000004 Descriptor Map 2
00000F00 00000FFF 00000100 OEM Section
00001000 00002FFF 00002000 GbE Region
00003000 00202FFF 00200000 BIOS Region
Build Settings
--------------
Flash Erase Size = 0x1000
</i>
</pre>
<p>
It's a utility called 'Flash Image Tool' for ME 4.x that was used for this. You drag a complete
image into in and the utility decomposes the various components, allowing you to set soft straps.
</p>
<p>
This tool is proprietary, for Windows only, but was used to deblob the X200. End justified means, and
the utility is no longer needed since the ich9deblob utility (documented on this page) can now be
used to create deblobbed descriptors.
</p>
</div>
<hr/>
<div class="section">
<h2 id="gbe_region">
GBE (gigabit ethernet) region in SPI flash
</h2>
<p>
Of the 8K, about 95% is 0xFF.
The data is the gbe region is fully documented in this public datasheet:
<a href="http://www.intel.co.uk/content/dam/doc/application-note/i-o-controller-hub-9m-82567lf-lm-v-nvm-map-appl-note.pdf">http://www.intel.co.uk/content/dam/doc/application-note/i-o-controller-hub-9m-82567lf-lm-v-nvm-map-appl-note.pdf</a>
</p>
<p>
The only actual content found was:
</p>
<pre>
<i>
00 1F 1F 1F 1F 1F 00 08 FF FF 83 10 FF FF FF FF
08 10 FF FF C3 10 EE 20 AA 17 F5 10 86 80 00 00
01 0D 00 00 00 00 05 06 20 30 00 0A 00 00 8B 8D
02 06 40 2B 43 00 00 00 F5 10 AD BA F5 10 BF 10
AD BA CB 10 AD BA AD BA 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 01 00 40 28 12 07 40 FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF D9 F0
20 60 1F 00 02 00 13 00 00 80 1D 00 FF 00 16 00
DD CC 18 00 11 20 17 00 DD DD 18 00 12 20 17 00
00 80 1D 00 00 00 1F
</i>
</pre>
<p>
The first part is the MAC address set to all 0x1F. It's repeated haly way through
the 8K area, and the rest is all 0xFF. This is all documented in the datasheet.
</p>
<p>
The GBe region starts at 0x20A000 bytes from the *end* of a factory image and is 0x2000 bytes long.
In libreboot (deblobbed) the descriptor is set to put gbe directly after the initial 4K flash descriptor.
So the first 4K of the ROM is the descriptor, and then the next 8K is the gbe region.
</p>
<h3 id="gbe_region_changemacaddress">GBE region: change MAC address</h3>
<p>
According to the datasheet, it's supposed to add up to 0xBABA but can actually be 0x3ABA.
Either the checksum doesn't matter or the most significant bit of the checksum isn't checked.
<a href="https://communities.intel.com/community/wired/blog/2010/10/14/how-to-basic-eeprom-checksums">https://communities.intel.com/community/wired/blog/2010/10/14/how-to-basic-eeprom-checksums</a>
</p>
<p>
<i>"One of those engineers loves classic rock music, so he selected 0xBABA"</i>
</p>
<p>
0xBABA and 0x3ABA only differ by the most significant bit. The checksum of the GBe region from an X200S
was found to be 0x34BA; again, it should be 0xBABA. 34BA is actually BABA in L33T speak (look it up).
</p>
<p>In honour of the song <i>Baba O'Reilly</i> by <i>The Who</i> apparently. We're not making this stuff up...</p>
<p>
Look at resources/utilities/ich9deblob/ich9deblob.c.
</p>
<ul>
<li>Add the first 0x3F 16bit numbers (unsigned) of the GBe descriptor together (this includes the checksum value)
and that has to add up to 0xBABA. In other words, the checksum is 0xBABA minus the total of the first
0x3E 16bit numbers (unsigned), ignoring any overflow.</li>
</ul>
</div>
<hr/>
<div class="section">
<h2 id="flash_descriptor_region">Flash descriptor region</h2>
<p>
<a href="http://www.intel.co.uk/content/dam/doc/datasheet/io-controller-hub-9-datasheet.pdf">http://www.intel.co.uk/content/dam/doc/datasheet/io-controller-hub-9-datasheet.pdf</a>
from page 850 onwards. This explains everything that is in the flash descriptor, which can be used to understand what libreboot
is doing about modifying it.
</p>
<p>
How to deblob:
</p>
<ul>
<li>patch the number of regions present in the descriptor from 5 - 3</li>
<li>originally descriptor + bios + me + gbe + platform</li>
<li>modified = descriptor + bios + gbe</li>
<li>the next stage is to patch the part of the descriptor which defines the start and end point of each section</li>
<li>then cut out the gbe region and insert it just after the region</li>
<li>all this can be substantiated with public docs (ICH9 datasheet)</li>
<li>the final part is flipping 2 bits. Halting the ME via 1 MCH soft strap and 1 ICH soft strap</li>
<li>the part of the descriptor described there gives the base address and length of each region (bits 12:24 of each address)</li>
<li>to disable a region, you set the base address to 0xFFF and the length to 0</li>
<li>and you change the number of regions from 4 (zero based) to 2</li>
</ul>
<p>
There's an interesting parameter called 'ME Alternate disable', which allows the ME to only handle hardware errata in the southbridge,
but disables any other functionality. This is similar to the 'ignition' in the 5 series and higher but using the standard firmware
instead of a small 128K version. Useless for libreboot, though.
</p>
<p>
To deblob the x200, you chop out the platform and ME regions and correct the addresses in flReg1-4.
Then you set meDisable to 1 in ICHSTRAP0 and MCHSTRAP0.
</p>
<p>How to patch the descriptor from the factory.rom dump</p>
<ul>
<li>map the first 4k into the struct (minus the gbe region)</li>
<li>set NR in FLMAP0 to 2 (from 4)</li>
<li>adjust BASE and LIMIT in flReg1,2,3,4 to reflect the new location of each region (or remove them in the case of Platform and ME)</li>
<li>set meDisable to 1/true in ICHSTRAP0 and MCHSTRAP0</li>
<li>extract the 8k GBe region and append that to the end of the 4k descriptor</li>
<li>output the 12k concatenated chunk</li>
<li>Then it can be dd'd into the first 12K part of a coreboot image.</li>
<li>the GBe region always starts 0x20A000 bytes from the end of the ROM</li>
</ul>
<p>
This means that libreboot's descriptor region will simply define the following regions:
</p>
<ul>
<li>descriptor (4K)</li>
<li>gbe (8K)</li>
<li>bios (rest of flash chip. CBFS also set to occupy this whole size)</li>
</ul>
<p>
The data in the descriptor region is little endian, and it represents bits 24:12 of the address
(bits 12-24, written this way since bit 24 is nearer to left than bit 12 in the binary representation).
</p>
<p>
So, <i>x << 12 = address</i>
</p>
<p>
If it's in descriptor mode, then the first 4 bytes will be 5A A5 F0 0F.
</p>
</div>
<hr/>
<div class="section">
<h2 id="platform_data_region">platform data partition in boot flash (factory.rom / lenovo bios)</h2>
<p>
Basically useless for libreboot, since it appears to be a blob.
Removing it didn't cause any issues in libreboot.
</p>
<p>
This is a 32K region from the factory image. It could be data
(non-functional) that the original Lenovo BIOS used, but we don't know.
</p>
<p>
It has only a 448 byte fragment different from 0x00 or 0xFF.
</p>
</div>
<hr/>
<p>
Copyright © 2014 Francis Rowe <info@gluglug.org.uk><br/>
This document is released under the Creative Commons Attribution-ShareAlike 4.0 International Public License and all future versions.
A copy of the license can be found at <a href="../license.txt">../license.txt</a>.
</p>
<p>
This document is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See <a href="../license.txt">../../license.txt</a> for more information.
</p>
</body>
</html>
|