util/intelmetool: Fix some platforms
Bootguard: * Fix Mac support (ME_version can't be detected) * Skip MSR read on older platforms (as it would fail anyway) * Refactor MSR error handling * Print Bootguard state "Unknown" on MSR read error Change-Id: Iafe3f5c22c6caeedc556933405b9f6d83ec876a1 Signed-off-by: Patrick Rudolph <siro@das-labor.org> Reviewed-on: https://review.coreboot.org/22598 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
This commit is contained in:
parent
214dde058c
commit
3df9dbe886
|
@ -308,9 +308,6 @@ static void dump_bootguard_info(void)
|
||||||
const char *name;
|
const char *name;
|
||||||
uint64_t bootguard = 0;
|
uint64_t bootguard = 0;
|
||||||
|
|
||||||
if (msr_bootguard(&bootguard, debug) < 0)
|
|
||||||
return;
|
|
||||||
|
|
||||||
if (pci_platform_scan())
|
if (pci_platform_scan())
|
||||||
exit(1);
|
exit(1);
|
||||||
|
|
||||||
|
@ -328,9 +325,11 @@ static void dump_bootguard_info(void)
|
||||||
bootguard &= ~0xff;
|
bootguard &= ~0xff;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ME_major_ver < 9 ||
|
/* ME_major_ver is zero on some platforms (Mac) */
|
||||||
|
if (ME_major_ver &&
|
||||||
|
(ME_major_ver < 9 ||
|
||||||
(ME_major_ver == 9 && ME_minor_ver < 5) ||
|
(ME_major_ver == 9 && ME_minor_ver < 5) ||
|
||||||
!BOOTGUARD_CAPABILITY(bootguard)) {
|
!BOOTGUARD_CAPABILITY(bootguard))) {
|
||||||
print_cap("BootGuard ", 0);
|
print_cap("BootGuard ", 0);
|
||||||
printf(CGRN "\nYour system isn't bootguard ready. You can "
|
printf(CGRN "\nYour system isn't bootguard ready. You can "
|
||||||
"flash other firmware!\n" RESET);
|
"flash other firmware!\n" RESET);
|
||||||
|
@ -338,6 +337,12 @@ static void dump_bootguard_info(void)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (msr_bootguard(&bootguard, debug) < 0) {
|
||||||
|
printf("ME Capability: %-43s: " CCYN "%s\n" RESET,
|
||||||
|
"BootGuard Mode", "Unknown");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
print_cap("BootGuard ", 1);
|
print_cap("BootGuard ", 1);
|
||||||
if (pci_read_long(dev, 0x40) & 0x10)
|
if (pci_read_long(dev, 0x40) & 0x10)
|
||||||
printf(CYEL "Your southbridge configuration is insecure!! "
|
printf(CYEL "Your southbridge configuration is insecure!! "
|
||||||
|
|
|
@ -26,28 +26,23 @@
|
||||||
#ifndef __DARWIN__
|
#ifndef __DARWIN__
|
||||||
static int fd_msr = 0;
|
static int fd_msr = 0;
|
||||||
|
|
||||||
static uint64_t rdmsr(int addr)
|
static int rdmsr(int addr, uint64_t *msr)
|
||||||
{
|
{
|
||||||
uint32_t buf[2];
|
|
||||||
uint64_t msr = 0;
|
|
||||||
|
|
||||||
if (lseek(fd_msr, (off_t) addr, SEEK_SET) == -1) {
|
if (lseek(fd_msr, (off_t) addr, SEEK_SET) == -1) {
|
||||||
perror("Could not lseek() to MSR");
|
perror("Could not lseek() to MSR");
|
||||||
close(fd_msr);
|
close(fd_msr);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (read(fd_msr, buf, 8) == 8) {
|
if (read(fd_msr, msr, 8) == 8) {
|
||||||
msr = buf[1];
|
|
||||||
msr <<= 32;
|
|
||||||
msr |= buf[0];
|
|
||||||
close(fd_msr);
|
close(fd_msr);
|
||||||
return msr;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (errno == EIO) {
|
if (errno == EIO) {
|
||||||
perror("IO error couldn't read MSR.");
|
perror("IO error couldn't read MSR.");
|
||||||
close(fd_msr);
|
close(fd_msr);
|
||||||
|
/* On older platforms the MSR might not exists */
|
||||||
return -2;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -68,7 +63,8 @@ int msr_bootguard(uint64_t *msr, int debug)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
*msr = rdmsr(MSR_BOOTGUARD);
|
if (rdmsr(MSR_BOOTGUARD, msr) < 0)
|
||||||
|
return -1;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (!debug)
|
if (!debug)
|
||||||
|
|
Loading…
Reference in New Issue