Read the correct bits for measured and verified boot, print information
about some other bits.
Signed-off-by: Pablo Stebler <pablo@stebler.xyz>
Change-Id: Ie79d6da33032aee94d716bf0698b5501bbc424fa
Reviewed-on: https://review.coreboot.org/c/coreboot/+/45516
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
We have the git history which is a more reliable librarian.
Change-Id: Idbcc5ceeb33804204e56d62491cb58146f7c9f37
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41175
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: ron minnich <rminnich@gmail.com>
Some of the older chipsets that are known not to have ME at all
were removed for some reason, add them back in.
Also some newer chipsets/ME models were missing, add them in.
Change-Id: Iaed9a342e478a483113bf81d25042a6041fbc4ba
Signed-off-by: Damien Zammit <damien@zamaudio.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31588
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Upstream intelmetool is out of date; I suggest I archive it
instead of trying to merge coreboot's changes into it.
However I would like to preserve the licensing of files in the tool
as GPLv2+ where possible instead of GPLv2-only.
Change-Id: I47b1ff2734f54c65f4214b39244bd868ef44b83c
Signed-off-by: Damien Zammit <damien@zamaudio.com>
Reviewed-on: https://review.coreboot.org/c/31587
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Add more verbose error message for common problems on modern
operating systems, like Secure Boot and CONFIG_STRICT_DEVMEM.
Change-Id: Ie3361910d48271bcc2cd3b4b74937fbc5df0a176
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25401
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Only try to unhide MEI if the PCI device wasn't found and
probe for RCBA before trying to use it.
Allows to run the utility on Skylake and newer hardware that
do not have RCBA any more.
TODO: Use sideband interface to unhide MEI.
Change-Id: I7926aa80b132d5be9fece0724516701d74dd4d3d
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25399
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Don't crash if mapping MEI PCI memory fails.
This can happen if CONFIG_STRICT_DEVMEM is enabled.
Change-Id: I33c75a7cccb4cefaa26f70aed4bdc4bd620cdad0
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25398
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
This allows compiling the program using musl-libc, since otherwise
iopl(2) is undeclared.
Change-Id: Ia27203cf47b9be3f7bf1ad422c8f490caeae8f56
Signed-off-by: Ivan J. <parazyd@dyne.org>
Reviewed-on: https://review.coreboot.org/23834
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
With this implementation it's possible to detect the state
of bootguard in intel based systems. Currently it's WIP and
in a testphase. Handle it with care!
Changes done:
* Add support for reading msr
* Read ME firmware version
* Print bootguard state for ME > 9.1
* Make argument -s legacy
* Add argument -b for bootguard (and ME) dumping
* Add argument -m for ME dumping
* Opt out early if CPU is non Intel
Change-Id: Ifeec8e20fa8efc35d7db4c6a84be1f118dccfc4a
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/16328
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Clean the code to fix all errors and warnings.
No functional change.
Changes:
* Fix lines over 80chars
* Fix typos
* Restructure code to reduce indent level
* Move RCBA handling into own files
* Introduce helper functions for RCBA access
* Move GPL string into header
* Fix whitespace in macros
Change-Id: Ib8e3617ebb34c47959d6619dfbc7189045e6b8f7
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/22521
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Refining some of the code indentations and cosmetics to
build upon and import some in-review changes.
Change-Id: I0038a146bd899f150518c4832258a42792abaabb
Signed-off-by: Maximilian Schander <maxschander@googlemail.com>
Reviewed-on: https://review.coreboot.org/22216
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Use `uintptr_t` instead of `uint32_t`, fixing the error below on 64-bit
systems, where pointers are 64-bit wide.
```
cc -O0 -g -Wall -W -Wno-unused-parameter -Wno-unused-but-set-variable -Wno-sign-compare -Wno-unused-function -c -o intelmetool.o intelmetool.c
intelmetool.c: In function ‘dump_me_memory’:
intelmetool.c:85:45: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
dump = map_physical_exact((off_t)me_clone, (void *)me_clone, 0x2000000);
^
```
BUG=https://ticket.coreboot.org/issues/111
Change-Id: Id8d778e97090668ad9308a82b44c6b2b599fd6c3
Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
Reviewed-on: https://review.coreboot.org/19567
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philippe.mathieu.daude@gmail.com>
Reviewed-by: Paul Wise (Debian) <pabs@debian.org>
This fixes a memory leak in the activate_me() function.
Change-Id: I011b2f96122d8f88aed121352afe3f0d41edef60
Signed-off-by: Paul Wise <pabs3@bonedaddy.net>
Reviewed-on: https://review.coreboot.org/19561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
pci_lookup_name might return NULL from using format_name internally
which could cause a crash when trying to print that value. We
check for NULL and print a more appropriate value in that case.
Change-Id: I499f0b5e1681f3926df0d8a325aab2c666ebd632
Signed-off-by: Youness Alaoui <youness.alaoui@puri.sm>
Reviewed-on: https://review.coreboot.org/19089
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
pci_me_interface_scan was returning (via argument 'name') a pointer
to the interface name which was stored in a stack variable. This
caused part of the name to be printed as garbage stack data in some
situations if stack data was overwritten.
This moves the name buffer to the calling function so it can be accessed
before it gets overwritten.
Change-Id: I947a4c794ee37fe87e035593eaabcaf963b9875e
Signed-off-by: Youness Alaoui <youness.alaoui@puri.sm>
Reviewed-on: https://review.coreboot.org/19066
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
The intel ME checker tool would segfault if it reaches the end of
the loop without having the dev pointer set. This happens when
it gets to the end of the previous loop without knowing what to do
with any of the devices it sees.
This patch makes sure the pointer is not NULL before accessing it.
Change-Id: Ia13191799d7e00185947f9df5188cb2666c43e2a
Signed-off-by: Huan Truong <htruong@tnhh.net>
Reviewed-on: https://review.coreboot.org/18573
Tested-by: build bot (Jenkins)
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
When the ME is hidden (most likely because it was disabled), it cannot
be found until activate_me() is called.
Change-Id: Ie1f65f61eb131577d7254af582e2709660f4da27
Signed-off-by: Dan Elkouby <streetwalrus@codewalr.us>
Reviewed-on: https://review.coreboot.org/18149
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
On a 32-bit system, pointers are 32-bit wide, and not 64-bit, resulting
in the warning below.
```
mmap.c: In function ‘map_physical_exact’:
mmap.c:26:20: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
virt_addr = mmap((void*)mapto, len, PROT_WRITE | PROT_READ,
^
```
Fix this by using compatible types.
Change-Id: I4ede26127efcbd5668b978e6880a0535607e373d
Signed-off-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-on: https://review.coreboot.org/17970
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Martin Roth <martinroth@google.com>
Previously, on systems that are supposed to have ME but
are librebooted, there was no message printed to tell the user
that no MEI was detected. Fixed this bug.
Change-Id: I59681c194ae5e76533dd777374e26d1aea727337
Signed-off-by: Damien Zammit <damien@zamaudio.com>
Reviewed-on: https://review.coreboot.org/14334
Tested-by: build bot (Jenkins)
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
The intelmetool shows information about the Intel
Management Engine for different platforms.
Original source code can be found under following link:
https://github.com/zamaudio/intelmetool.git
Change-Id: I0eb17833a21eb04cf9245a7312289a4102bec1a9
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/14136
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>