GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Documentation: Indent code blocks instead of using ``` 

Both versions are correct, but especially for one liners indenting them
with four spaces instead of using ``` blocks helps readability of the
source file.

Change-Id: Ie2543c8c4cccefd74e966f784e651ed7dc3a9252
Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38720
Reviewed-by: Peter Lemenkov <lemenkov@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
Paul Menzel 2020-02-05 16:36:49 +01:00 committed by Patrick Georgi
parent f9bb675690
commit cedd4525f2
1 changed files with 166 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

343
Documentation/mainboard/lenovo/ivb_internal_flashing.md
View File

@ -63,55 +63,51 @@ directly. Therefore you need to modify the bootable CD image you just
downloaded. downloaded.
Extract an El Torito image: Extract an El Torito image:
```
geteltorito -o ./bios.img g1uj41us.iso geteltorito -o ./bios.img g1uj41us.iso
```
Mount the partition in that image: Mount the partition in that image:
```
sudo mount -t vfat ./bios.img /mnt -o loop,offset=16384 sudo mount -t vfat ./bios.img /mnt -o loop,offset=16384
```
List files, find the `AUTOEXEC.BAT` file and the `FLASH` directory: List files, find the `AUTOEXEC.BAT` file and the `FLASH` directory:
```
ls /mnt ls /mnt
ls /mnt/FLASH ls /mnt/FLASH
```
Inside the `FLASH` directory, there should be a directory called Inside the `FLASH` directory, there should be a directory called
`G1ET93WW` or similar (exact name depends on your ThinkPad model and `G1ET93WW` or similar (exact name depends on your ThinkPad model and
BIOS version). See what's inside: BIOS version). See what's inside:
```
ls /mnt/FLASH/G1ET93WW ls /mnt/FLASH/G1ET93WW
```
There must be a file with `.FL1` extension called `$01D2000.FL1` or There must be a file with `.FL1` extension called `$01D2000.FL1` or
something similar. something similar.
Now open the `AUTOEXEC.BAT` file: Now open the `AUTOEXEC.BAT` file:
```
sudo vim /mnt/AUTOEXEC.BAT sudo vim /mnt/AUTOEXEC.BAT
```
You will see a list of commands: You will see a list of commands:
```
@ECHO OFF @ECHO OFF
PROMPT $p$g PROMPT $p$g
cd c:\flash cd c:\flash
command.com command.com
```
Replace the last line (`command.com`) with this (change path to the Replace the last line (`command.com`) with this (change path to the
`.FL1` file according to yours): `.FL1` file according to yours):
```
dosflash.exe /sd /file G1ET93WW\$01D2000.FL1 dosflash.exe /sd /file G1ET93WW\$01D2000.FL1
```
Save the file, then unmount the partition: Save the file, then unmount the partition:
```
sudo unmount /mnt sudo unmount /mnt
```
Write this image to a USB drive (replace `/dev/sdX` with your USB drive Write this image to a USB drive (replace `/dev/sdX` with your USB drive
device name): device name):
```
sudo dd if=./bios.img of=/dev/sdX bs=1M sudo dd if=./bios.img of=/dev/sdX bs=1M
```
Now reboot and press F1 to enter BIOS settings. Open the **Startup** tab Now reboot and press F1 to enter BIOS settings. Open the **Startup** tab
and set the startup mode to **Legacy** (or **Both**/**Legacy First**): and set the startup mode to **Legacy** (or **Both**/**Legacy First**):
@ -167,69 +163,66 @@ To be able to flash, we need SMM_BWP=0, BIOSWE=1, BLE=0, FLOCKDN=0 or
SPI protected ranges (PRx) to have a WP bit set to 0. SPI protected ranges (PRx) to have a WP bit set to 0.
Let's see what we have. Examine HSFS register: Let's see what we have. Examine HSFS register:
```
sudo chipsec_main -m chipsec.modules.common.spi_lock sudo chipsec_main -m chipsec.modules.common.spi_lock
```
You should see that FLOCKDN=1: You should see that FLOCKDN=1:
```
[x][ ======================================================================= [x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Locks [x][ Module: SPI Flash Controller Configuration Locks
[x][ ======================================================================= [x][ =======================================================================
[*] HSFS = 0xE009 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4) [*] HSFS = 0xE009 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 1 << Flash Cycle Done [00] FDONE = 1 << Flash Cycle Done
[01] FCERR = 0 << Flash Cycle Error [01] FCERR = 0 << Flash Cycle Error
[02] AEL = 0 << Access Error Log [02] AEL = 0 << Access Error Log
[03] BERASE = 1 << Block/Sector Erase Size [03] BERASE = 1 << Block/Sector Erase Size
[05] SCIP = 0 << SPI cycle in progress [05] SCIP = 0 << SPI cycle in progress
[13] FDOPSS = 1 << Flash Descriptor Override Pin-Strap Status [13] FDOPSS = 1 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 1 << Flash Descriptor Valid [14] FDV = 1 << Flash Descriptor Valid
[15] FLOCKDN = 1 << Flash Configuration Lock-Down [15] FLOCKDN = 1 << Flash Configuration Lock-Down
```
Then check BIOS_CNTL and PR0-PR4: Then check BIOS_CNTL and PR0-PR4:
```
sudo chipsec_main -m common.bios_wp sudo chipsec_main -m common.bios_wp
```
Good news: on old BIOS versions, SMM_BWP=0 and BLE=0. Good news: on old BIOS versions, SMM_BWP=0 and BLE=0.
Bad news: there are 4 write protected SPI ranges: Bad news: there are 4 write protected SPI ranges:
``` [x][ =======================================================================
[x][ ======================================================================= [x][ Module: BIOS Region Write Protection
[x][ Module: BIOS Region Write Protection [x][ =======================================================================
[x][ ======================================================================= [*] BC = 0x 8 << BIOS Control (b:d.f 00:31.0 + 0xDC)
[*] BC = 0x 8 << BIOS Control (b:d.f 00:31.0 + 0xDC) [00] BIOSWE = 0 << BIOS Write Enable
[00] BIOSWE = 0 << BIOS Write Enable [01] BLE = 0 << BIOS Lock Enable
[01] BLE = 0 << BIOS Lock Enable [02] SRC = 2 << SPI Read Configuration
[02] SRC = 2 << SPI Read Configuration [04] TSS = 0 << Top Swap Status
[04] TSS = 0 << Top Swap Status [05] SMM_BWP = 0 << SMM BIOS Write Protection
[05] SMM_BWP = 0 << SMM BIOS Write Protection [-] BIOS region write protection is disabled!
[-] BIOS region write protection is disabled!
[*] BIOS Region: Base = 0x00500000, Limit = 0x00BFFFFF [*] BIOS Region: Base = 0x00500000, Limit = 0x00BFFFFF
SPI Protected Ranges SPI Protected Ranges
------------------------------------------------------------ ------------------------------------------------------------
PRx (offset) | Value | Base | Limit | WP? | RP? PRx (offset) | Value | Base | Limit | WP? | RP?
------------------------------------------------------------ ------------------------------------------------------------
PR0 (74) | 00000000 | 00000000 | 00000000 | 0 | 0 PR0 (74) | 00000000 | 00000000 | 00000000 | 0 | 0
PR1 (78) | 8BFF0B40 | 00B40000 | 00BFFFFF | 1 | 0 PR1 (78) | 8BFF0B40 | 00B40000 | 00BFFFFF | 1 | 0
PR2 (7C) | 8B100B10 | 00B10000 | 00B10FFF | 1 | 0 PR2 (7C) | 8B100B10 | 00B10000 | 00B10FFF | 1 | 0
PR3 (80) | 8ADE0AD0 | 00AD0000 | 00ADEFFF | 1 | 0 PR3 (80) | 8ADE0AD0 | 00AD0000 | 00ADEFFF | 1 | 0
PR4 (84) | 8AAF0800 | 00800000 | 00AAFFFF | 1 | 0 PR4 (84) | 8AAF0800 | 00800000 | 00AAFFFF | 1 | 0
```
Other way to examine SPI configuration registers is to just dump SPIBAR: Other way to examine SPI configuration registers is to just dump SPIBAR:
```
sudo chipsec_util mmio dump SPIBAR sudo chipsec_util mmio dump SPIBAR
```
You will see SPIBAR address (0xFED1F800) and registers (for example, You will see SPIBAR address (0xFED1F800) and registers (for example,
00000004 is HSFS): 00000004 is HSFS):
```
[mmio] MMIO register range [0x00000000FED1F800:0x00000000FED1F800+00000200]: [mmio] MMIO register range [0x00000000FED1F800:0x00000000FED1F800+00000200]:
+00000000: 0BFF0500 +00000000: 0BFF0500
+00000004: 0004E009 +00000004: 0004E009
... ...
```
As you can see, the only thing we need is to unset WP bit on PR0-PR4. As you can see, the only thing we need is to unset WP bit on PR0-PR4.
But that cannot be done once FLOCKDN is set to 1. But that cannot be done once FLOCKDN is set to 1.
@ -239,23 +232,23 @@ FLOCKDN may only be cleared by a hardware reset, which includes S3
state. On S3 resume boot path, the chipset configuration has to be state. On S3 resume boot path, the chipset configuration has to be
restored and it's done by executing so-called S3 Boot Scripts. You can restored and it's done by executing so-called S3 Boot Scripts. You can
dump these scripts by executing: dump these scripts by executing:
```
sudo chipsec_util uefi s3bootscript sudo chipsec_util uefi s3bootscript
```
There are many entries. Along them, you can find instructions to write There are many entries. Along them, you can find instructions to write
to HSFS (remember, we know that SPIBAR is 0xFED1F800): to HSFS (remember, we know that SPIBAR is 0xFED1F800):
```
Entry at offset 0x2B8F (len = 0x17, header len = 0x0): Entry at offset 0x2B8F (len = 0x17, header len = 0x0):
Data: Data:
02 00 17 02 00 00 00 01 00 00 00 04 f8 d1 fe 00 | 02 00 17 02 00 00 00 01 00 00 00 04 f8 d1 fe 00 |
00 00 00 09 e0 04 00 | 00 00 00 09 e0 04 00 |
Decoded: Decoded:
Opcode : S3_BOOTSCRIPT_MEM_WRITE (0x0002) Opcode : S3_BOOTSCRIPT_MEM_WRITE (0x0002)
Width : 0x02 (4 bytes) Width : 0x02 (4 bytes)
Address: 0xFED1F804 Address: 0xFED1F804
Count : 0x1 Count : 0x1
Values : 0x0004E009 Values : 0x0004E009
```
These scripts are stored in memory. The vulnerability is that we can These scripts are stored in memory. The vulnerability is that we can
overwrite this memory, change these instructions and they will be overwrite this memory, change these instructions and they will be
executed on S3 resume. Once we patch that instruction to not set FLOCKDN executed on S3 resume. Once we patch that instruction to not set FLOCKDN
@ -268,14 +261,13 @@ in case something goes wrong, you'll be able to flash it back externally.
The `me` region is locked, so an attempt to create a full dump will fail. The `me` region is locked, so an attempt to create a full dump will fail.
But you can back up the `bios`: But you can back up the `bios`:
```
sudo flashrom -p internal -r bios_backup.rom --ifd -i bios sudo flashrom -p internal -r bios_backup.rom --ifd -i bios
```
If you will ever need to flash it back, use `--ifd -i bios` as well: If you will ever need to flash it back, use `--ifd -i bios` as well:
```
sudo flashrom -p <YOUR_PROGRAMMER> -w bios_backup.rom --ifd -i bios sudo flashrom -p <YOUR_PROGRAMMER> -w bios_backup.rom --ifd -i bios
```
**Caution:** if you will omit `--ifd -i bios` for flashing, you will **Caution:** if you will omit `--ifd -i bios` for flashing, you will
brick your machine, because your backup has `FF`s in place of `fd` and brick your machine, because your backup has `FF`s in place of `fd` and
`me` regions. Flash only `bios` region! `me` regions. Flash only `bios` region!
@ -284,83 +276,80 @@ brick your machine, because your backup has `FF`s in place of `fd` and
The original boot script writes 0xE009 to HSFS. FLOCKDN is 15th bit, so The original boot script writes 0xE009 to HSFS. FLOCKDN is 15th bit, so
let's write 0x6009 instead: let's write 0x6009 instead:
```
sudo chipsec_main -m tools.uefi.s3script_modify -a replace_op,mmio_wr,0xFED1F804,0x6009,0x2 sudo chipsec_main -m tools.uefi.s3script_modify -a replace_op,mmio_wr,0xFED1F804,0x6009,0x2
```
You will get a lot of output and in the end you should see something You will get a lot of output and in the end you should see something
like this: like this:
```
[*] Modifying S3 boot script entry at address 0x00000000DAF49B8F..
[mem] 0x00000000DAF49B8F
[*] Original entry:
2 0 17 2 0 0 0 1 0 0 0 4 f8 d1 fe 0 |
0 0 0 9 e0 4 0 |
[mem] buffer len = 0x17 to PA = 0x00000000DAF49B8F
2 0 17 2 0 0 0 1 0 0 0 4 f8 d1 fe 0 |
0 0 0 9 60 0 0 | `
[mem] 0x00000000DAF49B8F
[*] Modified entry:
2 0 17 2 0 0 0 1 0 0 0 4 f8 d1 fe 0 |
0 0 0 9 60 0 0 | `
[*] After sleep/resume, check the value of register 0xFED1F804 is 0x6009
[+] PASSED: The script has been modified. Go to sleep..
```
Now go to S3, then resume and check FLOCKDN. It should be 0:
```
sudo chipsec_main -m chipsec.modules.common.spi_lock
```
```
...
[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Locks
[x][ =======================================================================
[*] HSFS = 0x6008 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 0 << Flash Cycle Done
[01] FCERR = 0 << Flash Cycle Error
[02] AEL = 0 << Access Error Log
[03] BERASE = 1 << Block/Sector Erase Size
[05] SCIP = 0 << SPI cycle in progress
[13] FDOPSS = 1 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 1 << Flash Descriptor Valid
[15] FLOCKDN = 0 << Flash Configuration Lock-Down
[-] SPI Flash Controller configuration is not locked
[-] FAILED: SPI Flash Controller not locked correctly.
...
```
Remove WP from protected ranges:
```
sudo chipsec_util mmio write SPIBAR 0x74 0x4 0xAAF0800
sudo chipsec_util mmio write SPIBAR 0x78 0x4 0xADE0AD0
sudo chipsec_util mmio write SPIBAR 0x7C 0x4 0xB100B10
sudo chipsec_util mmio write SPIBAR 0x80 0x4 0xBFF0B40
```
Verify that it worked:
```
sudo chipsec_main -m common.bios_wp
```
```
[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================
[*] BC = 0x 9 << BIOS Control (b:d.f 00:31.0 + 0xDC)
[00] BIOSWE = 1 << BIOS Write Enable
[01] BLE = 0 << BIOS Lock Enable
[02] SRC = 2 << SPI Read Configuration
[04] TSS = 0 << Top Swap Status
[05] SMM_BWP = 0 << SMM BIOS Write Protection
[-] BIOS region write protection is disabled!
[*] BIOS Region: Base = 0x00500000, Limit = 0x00BFFFFF [*] Modifying S3 boot script entry at address 0x00000000DAF49B8F..
SPI Protected Ranges [mem] 0x00000000DAF49B8F
------------------------------------------------------------ [*] Original entry:
PRx (offset) | Value | Base | Limit | WP? | RP? 2 0 17 2 0 0 0 1 0 0 0 4 f8 d1 fe 0 |
------------------------------------------------------------ 0 0 0 9 e0 4 0 |
PR0 (74) | 0AAF0800 | 00800000 | 00AAF000 | 0 | 0 [mem] buffer len = 0x17 to PA = 0x00000000DAF49B8F
PR1 (78) | 0ADE0AD0 | 00AD0000 | 00ADE000 | 0 | 0 2 0 17 2 0 0 0 1 0 0 0 4 f8 d1 fe 0 |
PR2 (7C) | 0B100B10 | 00B10000 | 00B10000 | 0 | 0 0 0 0 9 60 0 0 | `
PR3 (80) | 0BFF0B40 | 00B40000 | 00BFF000 | 0 | 0 [mem] 0x00000000DAF49B8F
PR4 (84) | 00000000 | 00000000 | 00000000 | 0 | 0 [*] Modified entry:
``` 2 0 17 2 0 0 0 1 0 0 0 4 f8 d1 fe 0 |
0 0 0 9 60 0 0 | `
[*] After sleep/resume, check the value of register 0xFED1F804 is 0x6009
[+] PASSED: The script has been modified. Go to sleep..
Now go to S3, then resume and check FLOCKDN. It should be 0:
sudo chipsec_main -m chipsec.modules.common.spi_lock
...
[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Locks
[x][ =======================================================================
[*] HSFS = 0x6008 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 0 << Flash Cycle Done
[01] FCERR = 0 << Flash Cycle Error
[02] AEL = 0 << Access Error Log
[03] BERASE = 1 << Block/Sector Erase Size
[05] SCIP = 0 << SPI cycle in progress
[13] FDOPSS = 1 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 1 << Flash Descriptor Valid
[15] FLOCKDN = 0 << Flash Configuration Lock-Down
[-] SPI Flash Controller configuration is not locked
[-] FAILED: SPI Flash Controller not locked correctly.
...
Remove WP from protected ranges:
sudo chipsec_util mmio write SPIBAR 0x74 0x4 0xAAF0800
sudo chipsec_util mmio write SPIBAR 0x78 0x4 0xADE0AD0
sudo chipsec_util mmio write SPIBAR 0x7C 0x4 0xB100B10
sudo chipsec_util mmio write SPIBAR 0x80 0x4 0xBFF0B40
Verify that it worked:
sudo chipsec_main -m common.bios_wp
[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================
[*] BC = 0x 9 << BIOS Control (b:d.f 00:31.0 + 0xDC)
[00] BIOSWE = 1 << BIOS Write Enable
[01] BLE = 0 << BIOS Lock Enable
[02] SRC = 2 << SPI Read Configuration
[04] TSS = 0 << Top Swap Status
[05] SMM_BWP = 0 << SMM BIOS Write Protection
[-] BIOS region write protection is disabled!
[*] BIOS Region: Base = 0x00500000, Limit = 0x00BFFFFF
SPI Protected Ranges
------------------------------------------------------------
PRx (offset) | Value | Base | Limit | WP? | RP?
------------------------------------------------------------
PR0 (74) | 0AAF0800 | 00800000 | 00AAF000 | 0 | 0
PR1 (78) | 0ADE0AD0 | 00AD0000 | 00ADE000 | 0 | 0
PR2 (7C) | 0B100B10 | 00B10000 | 00B10000 | 0 | 0
PR3 (80) | 0BFF0B40 | 00B40000 | 00BFF000 | 0 | 0
PR4 (84) | 00000000 | 00000000 | 00000000 | 0 | 0
Bingo! Bingo!