When `mode_validate` was added, a second copy of `mode_layout` was
accidentally added to the multiple-mode-argument check instead. This
prevents `-f` from working. Fix the check to reference the correct
variable.
Change-Id: Ibac6f090550ff63ec9158355b0450da204a300a7
Signed-off-by: Samuel Holland <samuel@sholland.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36049
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Add an option to ifdtool which validates that the flash regions defined
in the descriptor match the coresponding areas in the FMAP.
BUG=chromium:992215
TEST=Ran 'ifdtool -t' with a good bios image and verify no issues
run 'ifdtool -t' with a bad bios image and verify expected issues
Signed-off-by: Mathew King <mathewk@chromium.org>
Change-Id: Idebf105dee1b8f829d54bd65c82867af7aa4aded
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34802
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
These functions are only used in ifdtool, so they can be made static.
Change-Id: Ia48bfecb89a7445dbd0f140acb5ac0592da2ebe7
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33860
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
Instead of assuming GbE/PDR/EC regions may exist or not, check if there
is a valid region defined in the descriptor and set the region access
permissions based on that.
The net effect change is to enable the use of the PDR region on the
sarien platform, which also uses the GbE and EC regions.
This results in the following example changes:
mb/google/sarien (GbE, PDR, EC)
. DESC BIOS ME GbE PDR EC
-BIOS r rw rw r
-------------------------------
+BIOS r rw rw rw r
mb/google/eve: (no GbE, no PDR, no EC)
. DESC BIOS ME GbE PDR EC
-BIOS r rw rw r
-ME r rw r
-GbE r rw
-EC r rw
-------------------------------
+BIOS r rw
+ME r rw
+GbE
+EC
BUG=b:134703987
Change-Id: I7aeffc8f8194638c6012340b43aea8f8460d268a
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33273
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
As the previous comment indicated, this null check is
currently superfluous, but adding it in makes Coverity
happy, and future-proofs the code in case someone changes
the internals of 'find_fcba' later and forgets/doesn't know
to update this error check.
Found-by: Coverity Scan #1395066
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Change-Id: I594cd0098f5b36cef5b3efc4c904710d3ba9b815
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32691
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Allow EC region to be readable by BIOS/CPU so that flashrom
can read it.
BUG=b:123199222
TEST=Build coreboot with CONFIG_LOCK_MANAGEMENT_ENGINE set,
run firmware_LockedME test.
Change-Id: I306c74a0893355e57632a22a712b1f4fdaa19306
Signed-off-by: Bora Guvendik <bora.guvendik@intel.com>
Reviewed-on: https://review.coreboot.org/c/31377
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Version 2 IFD will have flmstr5 as EC region access control, consider it
during descriptor lock/unlock process.
BUG=N/A
TEST=Build coreboot with CONFIG_LOCK_MANAGEMENT_ENGINE set, and check
flmstr5 value by hexdump the SPI image at offset FMBA+0x90.
Signed-off-by: Lijian Zhao <lijian.zhao@intel.com>
Change-Id: I970064dcf6114a15f054ab7c44349841deb99dc8
Reviewed-on: https://review.coreboot.org/c/31111
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Cannonlake and Icelake have same read/write region permission settings
with skylake and kabylake, so add it here as well.
BUG=b:123199222
TEST=Turn on CONFIG_LOCK_MANAGEMENT_ENGINE and build image, check the
setting matches 0x0D for read and 0x04 for write.
Signed-off-by: Lijian Zhao <lijian.zhao@intel.com>
Change-Id: I71d8b815c7dff7dcbcff2bf77c85ebf80b8df6d2
Reviewed-on: https://review.coreboot.org/c/31104
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
The old version was unnecessarily complex and allowed one region to
include the other.
Change-Id: Ibf7faf8103c8945b82c3962b5a7b82c3288b871f
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/30673
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Port the newest feature of me_cleaner to ifdtool
(https://github.com/corna/me_cleaner/ , Discussed in
https://github.com/corna/me_cleaner/issues/53 ) to
set AltMeDisable (or HAP for skylake/ME11) bit to the
IFD to disable ME.
In this commit I use (ifd_version >= IFD_VERSION_2) to
judge whether HAP instead AltMeDisable should be set,
since this condition is only fulfilled on skylake
or newer platforms.
This feature needs to guess ich revision, which needs
guess_ich_chipset() from flashrom to be ported here.
Routines to dump those bits are also added.
Change-Id: I9a2ecc60cfbb9ee9d96f15be3d53226cb428729a
Signed-off-by: Bill XIE <persmule@gmail.com>
Reviewed-on: https://review.coreboot.org/21437
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The Upper Map section in the descriptor contains a database of flash
chips (VSCC Table). Its offset is located at a fixed offset from
the beginning of the image. ifdtool falsely calculates the offset
from the descriptor signature which has moved by 16 bytes with
step b of the Ibex Peak (5 series) chipset. This produces bogus
output for all chipsets older than that.
This patch corrects the behavior by calculating the offset of
flumap by adding 4096 - 256 - 4 to the start of the image.
Change-Id: I14f029fe702c129dfd8069a58fbd41113700f7ef
Signed-off-by: Stefan Tauner <stefan.tauner@gmx.at>
Reviewed-on: https://review.coreboot.org/27858
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
ifdtool has relied on one of the fields within FCBA(read_freq) to
determine whether a platform supports IFD_VERSION_1 or
IFD_VERSION_2. However, newer platforms like GLK and CNL do not have
read_freq field in FCBA and so the value of these bits cannot be used
as an indicator to distinguish IFD versions. In the long run, we need
to re-write ifdtool to have a better mapping of SoC to IFD fields. But
until that is done, this change adds a list of platforms that we know
do not support read_freq field but still use IFD_VERSION_2. This
change also updates GLK and CNL to pass in platform parameter to
ifdtool.
BUG=b:79109029, b:69270831
Change-Id: I36c49f4dcb480ad53b0538ad12292fb94b0e3934
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/26023
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
The default values used by ifdtool for setting region access control
do not match the expected values for SKL/KBL as per the SPI
programming guide. This change adds platform "sklkbl" that sets region
access control bits differently for SKL/KBL images.
BUG=b:76098647
BRANCH=poppy
TEST=Verified that the access control bits on KBL images is set
correctly.
Change-Id: I1328d8006c25be282b3223268d8f1fd0a64e2ed3
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/25306
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Using ifdtool to change layout on a 'ifd v2' file causes an error
about region type 5 not being valid.
The limit to check against is dynamic depending on ifd version, not
static.
Change-Id: Id4cdce4eac18fb0d171d1bdfa2044340bf93056a
Signed-off-by: Youness Alaoui <youness.alaoui@puri.sm>
Reviewed-on: https://review.coreboot.org/21962
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
Add find_fcba(), find_frba(), find_fmba(), find_fpsba()
and find_fmsba() to replace those copy-pasted addressings.
This commit is one separated from the original I6d05418c.
Change-Id: I98965711e4cb9792e5cc86cc4c1035559e0274f5
Signed-off-by: Bill XIE <persmule@gmail.com>
Reviewed-on: https://review.coreboot.org/21511
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Redesign some array-like structures as true arrays,
and rewrite functions to dump them as loops.
This commit is one separated from the original I6d05418c.
Change-Id: I161c9a2ae83d26e658d67d0804e943fff95fe076
Signed-off-by: Bill XIE <persmule@gmail.com>
Reviewed-on: https://review.coreboot.org/21510
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
There is no reason to keep a separate region_filenames array,
so I merge it into region_name(s).
This commit is one separated from the original I6d05418c.
Change-Id: I38489c6d3b3c161e9b0281188e6cdd0b62e38335
Signed-off-by: Bill XIE <persmule@gmail.com>
Reviewed-on: https://review.coreboot.org/21509
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Const-correct some functions which do not write back,
and use pointers to access existing region_t variables.
The last changeset is dismantled this time.
This commit is only focused on const-correctness.
Change-Id: I6d05418c8b32fa31dcd038a3e56f9aefe13fa9c4
Signed-off-by: Bill XIE <persmule@gmail.com>
Reviewed-on: https://review.coreboot.org/21288
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
In get_region, ifdtool assigns a not-known-to-be-aligned
pointer to a uint32_t *. Now you know and I know that it is
almost certainly aligned, but clang on OSX doesn't like this,
and it's a dicey thing to do in any event, just waiting
to hit someone hard at some future date.
Assign the pointer to a void * and use memmove to copy
the value to a uint32_t.
This usage is more portable to all little-endian architectures,
now, but is still not endian-safe. I doubt we'll ever care.
Change-Id: Ifb2f260c3363ab0f5b4a59e5a4e0b5ecf049fa96
Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Reviewed-on: https://review.coreboot.org/19921
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Without this change, error "Unknown descriptor version: 4" will be
returned if this frequency is selected (seen on GLKRVP)
Change-Id: Ib5bfb996b85c7245d8f9c70988bfd5bbac882d74
Signed-off-by: Hannah Williams <hannah.williams@intel.com>
Reviewed-on: https://review.coreboot.org/18688
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
With coreboot 4.4 switched to "Descriptor mode" for Lenovo T500
it automatically unlocks all flash regions. For Gbe region
the "Requester ID" was hardcoded resulting in *dead* Gbe.
Keep board specific "Requester ID" while unlocking Gbe region.
Allows Lenovo T500 to boot with IFD "Descriptor mode" with unlocked
flash regions.
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Change-Id: Ia4b5d1928e84bee42182fc83020e3a13fadc93c4
Reviewed-on: https://review.coreboot.org/18055
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Apollo Lake uses yet another descriptor format where only two masters
are used: CPU/BIOS and CSE/TXE. CSE stores data in a region number 5
that has not been used previously and CPU must not write it. Add quirk
(-p aplk) that locks descriptor according to recommended values.
BUG=chrome-os-partner:58974
TEST=ifdtool -p aplk -l bios.bin; ifdtool -d bios.bin.new. Make sure
FLMSTR1 and FLMSTR2 are set correctly. unlock with -l and make sure
FLMSTRs are restored.
Change-Id: I3f33372bef3ff75d0e34030694c79cd07d5540de
Signed-off-by: Andrey Petrov <andrey.petrov@intel.com>
Reviewed-on: https://review.coreboot.org/17202
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
flashrom treats them as invalid because start > end.
Change-Id: I1c8b4563094823ebd9b1193b91e7b4a748955228
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Reviewed-on: https://review.coreboot.org/16936
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
max_regions is set to the maximal regions based on the ifd version
Change-Id: I9fa5a4565f4dbd67b5c6df97756311560e2a18bc
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Reviewed-on: https://review.coreboot.org/16934
Tested-by: build bot (Jenkins)
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Adds -D / --density option to change the chip density. This is only
implemented for IFD version 1 as I do not have an IFD version 2 to
test this. Density of both chips is changed by default, but a chip
can be selected using -C / --chip.
Change-Id: Iba7affbf6cbefa3147b7b0e019298d905e694716
Signed-off-by: Jan Tatje <jan@jnt.io>
Reviewed-on: https://review.coreboot.org/14032
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
The license text that we decided to remove was removed from the headers
of these files, but was still left in the help text. Remove it from
those locations as well.
Change-Id: I0e1b3b79f1afa35e632c4a4dd09a8bf2b02eaa6d
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/12913
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
It encourages users from writing to the FSF without giving an address.
Linux also prefers to drop that and their checkpatch.pl (that we
imported) looks out for that.
This is the result of util/scripts/no-fsf-addresses.sh with no further
editing.
Change-Id: Ie96faea295fe001911d77dbc51e9a6789558fbd6
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/11888
Tested-by: build bot (Jenkins)
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
flmstr register bits have slightly different meaning for IFD v2.
BUG=chrome-os-partner:45091, chrome-os-partner:43461
TEST=Run `ifdtool -d image.bin` on IFD v1 locked squawks image:
Found Master Section
FLMSTR1: 0x0a0b0000 (Host CPU/BIOS)
Platform Data Region Write Access: disabled
GbE Region Write Access: enabled
Intel ME Region Write Access: disabled
Host CPU/BIOS Region Write Access: enabled
Flash Descriptor Write Access: disabled
Platform Data Region Read Access: disabled
GbE Region Read Access: enabled
Intel ME Region Read Access: disabled
Host CPU/BIOS Region Read Access: enabled
Flash Descriptor Read Access: enabled
Requester ID: 0x0000
FLMSTR2: 0x0c0d0000 (Intel ME)
Platform Data Region Write Access: disabled
GbE Region Write Access: enabled
Intel ME Region Write Access: enabled
Host CPU/BIOS Region Write Access: disabled
Flash Descriptor Write Access: disabled
Platform Data Region Read Access: disabled
GbE Region Read Access: enabled
Intel ME Region Read Access: enabled
Host CPU/BIOS Region Read Access: disabled
Flash Descriptor Read Access: enabled
Requester ID: 0x0000
FLMSTR3: 0x08080118 (GbE)
Platform Data Region Write Access: disabled
GbE Region Write Access: enabled
Intel ME Region Write Access: disabled
Host CPU/BIOS Region Write Access: disabled
Flash Descriptor Write Access: disabled
Platform Data Region Read Access: disabled
GbE Region Read Access: enabled
Intel ME Region Read Access: disabled
Host CPU/BIOS Region Read Access: disabled
Flash Descriptor Read Access: disabled
Requester ID: 0x0118
Then, run `ifdtool -l image.bin` and verify newly locked image is identical.
Next, run `ifdtool -l image.bin` on unlocked glados image. Verify that locked
and unlocked regions are identical to above.
Finally, burn glados image, run `flashrom -V`, and verify ME regions is
locked and descriptor region is RO.
BRANCH=None
Change-Id: I8a65bdc5edd0d888138b88c1189f8badd1404b64
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 11c434835a66a50ab2c0c01a084edc96cbe052da
Original-Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Original-Change-Id: I875dfce6f5cf57831714702872bfe636f8f953f4
Original-Reviewed-on: https://chromium-review.googlesource.com/298968
Original-Commit-Ready: Shawn N <shawnn@chromium.org>
Original-Tested-by: Shawn N <shawnn@chromium.org>
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/11658
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The get_region() function was using fixed masks for
the base and limit. However, newer descriptors (on
skylake, e.g.) use a 15-bit mask -- not a 12-bit one.
Choose the right mask based on ifd_version.
BUG=chrome-os-partner:43461
BRANCH=None
TEST=Built glados bootimage.
Original-Change-Id: Ibcbfd649a561d36b17ea2cc8fbeb30ffdbbb2c96
Original-Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/293250
Original-Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Change-Id: I7f2ef9fb8e5b6c7114225fecc2798668d6507ac3
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/11229
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
The descriptor format has changed with Skylake and some fields have
moved or been expanded.
This includes new SPI frequencies and chip densities, though unfortunately
30MHz in the new format conflicts with 50MHz in the old format...
There are also new regions with a few reserved regions inserted before
a new embedded controller region.
Unfortunately there does not seem to be a documented version field
so there does not seem to be an official way to determine if a
specific descriptor is new or old. To work around this ifdtool
checks the hardcoded "SPI Read Frequency" to see if it set for
20MHz (old descriptor) or 17MHz (new descriptor).
BUG=chrome-os-partner:40635
BUG=chrome-os-partner:43461
BRANCH=none
TEST=run ifdtool on skylake and broadwell images
Original-Change-Id: I0561b3c65fcb3e77c0a24be58b01db9b3a36e5a9
Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/281001
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Original-Commit-Queue: Aaron Durbin <adurbin@chromium.org>
Change-Id: I9a08c26432e13c4000afc50de9d8473e6f911805
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/293240
Reviewed-on: http://review.coreboot.org/11228
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
As per discussion with lawyers[tm], it's not a good idea to
shorten the license header too much - not for legal reasons
but because there are tools that look for them, and giving
them a standard pattern simplifies things.
However, we got confirmation that we don't have to update
every file ever added to coreboot whenever the FSF gets a
new lease, but can drop the address instead.
util/kconfig is excluded because that's imported code that
we may want to synchronize every now and then.
$ find * -type f -exec sed -i "s:Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *MA[, ]*02110-1301[, ]*USA:Foundation, Inc.:" {} +
$ find * -type f -exec sed -i "s:Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA:Foundation, Inc.:" {} +
$ find * -type f -exec sed -i "s:Foundation, Inc., 59 Temple Place[-, ]*Suite 330, Boston, MA *02111-1307[, ]*USA:Foundation, Inc.:" {} +
$ find * -type f -exec sed -i "s:Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.:Foundation, Inc.:" {} +
$ find * -type f
-a \! -name \*.patch \
-a \! -name \*_shipped \
-a \! -name LICENSE_GPL \
-a \! -name LGPL.txt \
-a \! -name COPYING \
-a \! -name DISCLAIMER \
-exec sed -i "/Foundation, Inc./ N;s:Foundation, Inc.* USA\.* *:Foundation, Inc. :;s:Foundation, Inc. $:Foundation, Inc.:" {} +
Change-Id: Icc968a5a5f3a5df8d32b940f9cdb35350654bef9
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/9233
Tested-by: build bot (Jenkins)
Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com>
Windows requires O_BINARY when opening a binary file. Otherwise
\n characters get expanded to \r\n and <ctrl>z is treated as
end of file. For compatibility with non-Windows hosts, the patch
defines O_BINARY if it is not already defined.
Change-Id: I04cd609b644b1edbe9104153b43b9996811ffd38
Signed-off-by: Scott Duplichan <scott@notabs.org>
Reviewed-on: http://review.coreboot.org/7789
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
While the result will not be pretty (ie. ifdtool will
mis-parse string components longer than 255 characters),
at least it doesn't overflow stack variables anymore.
Change-Id: I263c5cf823a2d8a863dcece7c4ee0b26475f9fc4
Found-by: Coverity Scan
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/6562
Reviewed-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
Tested-by: build bot (Jenkins)
Check if the new file could in fact be opened before
writing to it.
Change-Id: I6b2d31bf5c18f657fca4dc14fee2f2d5a2e33080
Found-by: Coverity Scan
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/6477
Tested-by: build bot (Jenkins)
Reviewed-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Filenames of 4091 bytes or more lead to a buffer overflow.
Change-Id: I1b4b3932af096f0fcbfb783ab708ed273d3a844e
Found-by: Coverity Scan
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/6476
Tested-by: build bot (Jenkins)
Reviewed-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
There are five firmware regions that are (currently) defined. This
was assumed throughout the ifdtool code with many literal 4s and
5s. This patch changes them to refer to a new #define NUM_REGIONS.
Change-Id: I523d3763942f875025ebc4b9ba8b2ccf1db5b2f5
Signed-off-by: Christopher Douglass <cdouglass.orion@gmail.com>
Reviewed-on: http://review.coreboot.org/5313
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
The new option "--newlayout <file>" will read <file> in flashrom's
layout format and copy flash regions from the current flash image
file to a new flash image file.
If a region grows, the padding is added at the beginning of the target
region in the new file so that the data is "right-aligned" to the
end of the region.
If a region shrinks, a warning is given and the tail end of existing
data is copied to the target region in the new file.
Regions of zero or negative size are ignored. (In the example below
00fff000:00000fff regions are an artifact of the address encoding
in the register fields.)
Example Usage:
Given a flash image for a board with a Sandy Bridge processor and
Intel 6-Series chipset in the file vpx7654.bin
ifdtool --layout layout.txt vpx7564.bin
will yield the file layout.txt:
00000000:00000fff fd
00180000:003fffff bios
00001000:0017ffff me
00fff000:00000fff gbe
00fff000:00000fff pd
Notice that the "bios" portion extends to the end of the 4MB flash.
It may be edited to extend the bios portion to consume to the extent
of an 8MB flash. like layout2.txt:
00000000:00000fff fd
00180000:007fffff bios
00001000:0017ffff me
00fff000:00000fff gbe
00fff000:00000fff pd
ifdtool --newlayout layout.txt vpx7654.bin
will create a file vpx7654.bin.new that is 8MB.
Change-Id: I0e0925a725c40fa44d8c4b6e86552028779d0523
Signed-off-by: Christopher Douglass <cdouglass.orion@gmail.com>
Reviewed-on: http://review.coreboot.org/5312
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Dump the Intel Flash Descriptor map in the format expected
by flashrom's "layout" option.
Example usage:
Given a 4MB flash image vpx7654.bin that was generated by Intel's
FITC tool for a 6-Series chipset...
./ifdtool --layout l.txt vpx7654.bin
cat l.txt
00000000:00000fff fd
00180000:003fffff bios
00001000:0017ffff me
00fff000:00000fff gbe
00fff000:00000fff pd
Change-Id: Ib740178ed6935b5f6e1dba1be674303f9f980429
Signed-off-by: Christopher Douglass <cdouglass.orion@gmail.com>
Reviewed-on: http://review.coreboot.org/5306
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
ifdtool will now dump access permissions of system comonents to
certain IFD sections:
Found Master Section
FLMSTR1: 0xffff0000 (Host CPU/BIOS)
Platform Data Region Write Access: enabled
GbE Region Write Access: enabled
Intel ME Region Write Access: enabled
Host CPU/BIOS Region Write Access: enabled
Flash Descriptor Write Access: enabled
Platform Data Region Read Access: enabled
GbE Region Read Access: enabled
Intel ME Region Read Access: enabled
Host CPU/BIOS Region Read Access: enabled
Flash Descriptor Read Access: enabled
Requester ID: 0x0000
FLMSTR2: 0x0c0d0000 (Intel ME)
Platform Data Region Write Access: disabled
GbE Region Write Access: enabled
Intel ME Region Write Access: enabled
Host CPU/BIOS Region Write Access: disabled
Flash Descriptor Write Access: disabled
Platform Data Region Read Access: disabled
GbE Region Read Access: enabled
Intel ME Region Read Access: enabled
Host CPU/BIOS Region Read Access: disabled
Flash Descriptor Read Access: enabled
Requester ID: 0x0000
FLMSTR3: 0x08080118 (GbE)
Platform Data Region Write Access: disabled
GbE Region Write Access: enabled
Intel ME Region Write Access: disabled
Host CPU/BIOS Region Write Access: disabled
Flash Descriptor Write Access: disabled
Platform Data Region Read Access: disabled
GbE Region Read Access: enabled
Intel ME Region Read Access: disabled
Host CPU/BIOS Region Read Access: disabled
Flash Descriptor Read Access: disabled
Requester ID: 0x0118
Also, ifdtool -u /path/to/image will unlock the host's
access to the firmware descriptor and ME region.
ifdtool -l /path/to/image will lock down the host's
access to the firmware descriptor and ME region.
Change-Id: I3e081b80a9bcb398772416f143b794bf307b1c36
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Reviewed-on: http://review.coreboot.org/1755
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
Tested-by: build bot (Jenkins)
If a section is bigger than the FD file it is injected into, and the FD
lies about the size of the FD file, ifdtool would crash because reading
in the section writes beyound the FD file in memory.
Change-Id: Idcfac2b1e2b5907fad34799e44a8abfd89190fcc
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Reviewed-on: http://review.coreboot.org/1754
Tested-by: build bot (Jenkins)
Reviewed-by: Anton Kochkov <anton.kochkov@gmail.com>
The "Error while writing." error messages did not output a new line
which made the output look weird. With this patch, it should look like
this:
$ ifdtool -x 3rdparty/mainboard/google/parrot/descriptor.bin
File 3rdparty/mainboard/google/parrot/descriptor.bin is 4096 bytes
Found Flash Descriptor signature at 0x00000010
Flash Region 0 (Flash Descriptor): 00000000 - 00000fff
Flash Region 1 (BIOS): 00200000 - 007fffff
Error while writing: Bad address
Flash Region 2 (Intel ME): 00001000 - 001fffff
Error while writing: Bad address
Flash Region 3 (GbE): 00fff000 - 00000fff (unused)
Flash Region 4 (Platform Data): 00fff000 - 00000fff (unused)
Change-Id: I784ff72d0673f167dbf0bd10921406abd685ce72
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Reviewed-on: http://review.coreboot.org/1299
Reviewed-by: Patrick Georgi <patrick@georgi-clan.de>
Tested-by: build bot (Jenkins)
To avoid having two copies for every firmware descriptor (one for
EM100 use and one for real SPI flash use), add an EM100 mode to
ifdtool that allows to "dumb down" a fast image to the settings
required for the EM100 to work.
Change-Id: I0ed989f0a49316bc63d8627cb5d4bd988ae7a103
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Reviewed-on: http://review.coreboot.org/1039
Tested-by: build bot (Jenkins)
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
idftool was failing to add the ME blobs into the output image in case
the blob size does not exactly match the size allocated for it in the
flashrom structure.
It is difficult to set the field in the structure to exactly match the
size (for some reason Intel flash tool fails to insert the correct
size even when given the exact ME blob). On the other hand there is no
harm in using am ME blob smaller than the allocated size, this change
modifies the tool building the image to allow for smaller components.
Change-Id: I1b04f90051b91157391943c9bad0eb06dd297431
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: http://review.coreboot.org/751
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>