sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

util/intelmetool: Fix some platforms

Browse Source 
Bootguard:
* Fix Mac support (ME_version can't be detected)
* Skip MSR read on older platforms (as it would fail anyway)
* Refactor MSR error handling
* Print Bootguard state "Unknown" on MSR read error

Change-Id: Iafe3f5c22c6caeedc556933405b9f6d83ec876a1
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/22598
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
This commit is contained in:
Patrick Rudolph
2017-11-25 14:43:06 +01:00
committed by Stefan Reinauer
parent 214dde058c
commit 3df9dbe886
2 changed files with 17 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
util/intelmetool/intelmetool.c
View File

@@ -308,9 +308,6 @@ static void dump_bootguard_info(void)
const char *name; const char *name;
uint64_t bootguard = 0; uint64_t bootguard = 0;
if (msr_bootguard(&bootguard, debug) < 0)
return;
if (pci_platform_scan()) if (pci_platform_scan())
exit(1); exit(1);
@@ -328,9 +325,11 @@ static void dump_bootguard_info(void)
bootguard &= ~0xff; bootguard &= ~0xff;
} }
if (ME_major_ver < 9 || /* ME_major_ver is zero on some platforms (Mac) */
if (ME_major_ver &&
(ME_major_ver < 9 ||
(ME_major_ver == 9 && ME_minor_ver < 5) || (ME_major_ver == 9 && ME_minor_ver < 5) ||
!BOOTGUARD_CAPABILITY(bootguard)) { !BOOTGUARD_CAPABILITY(bootguard))) {
print_cap("BootGuard ", 0); print_cap("BootGuard ", 0);
printf(CGRN "\nYour system isn't bootguard ready. You can " printf(CGRN "\nYour system isn't bootguard ready. You can "
"flash other firmware!\n" RESET); "flash other firmware!\n" RESET);
@@ -338,6 +337,12 @@ static void dump_bootguard_info(void)
return; return;
} }
if (msr_bootguard(&bootguard, debug) < 0) {
printf("ME Capability: %-43s: " CCYN "%s\n" RESET,
"BootGuard Mode", "Unknown");
return;
}
print_cap("BootGuard ", 1); print_cap("BootGuard ", 1);
if (pci_read_long(dev, 0x40) & 0x10) if (pci_read_long(dev, 0x40) & 0x10)
printf(CYEL "Your southbridge configuration is insecure!! " printf(CYEL "Your southbridge configuration is insecure!! "

16
util/intelmetool/msr.c
View File

@@ -26,28 +26,23 @@
#ifndef __DARWIN__ #ifndef __DARWIN__
static int fd_msr = 0; static int fd_msr = 0;
static uint64_t rdmsr(int addr) static int rdmsr(int addr, uint64_t *msr)
{ {
uint32_t buf[2];
uint64_t msr = 0;
if (lseek(fd_msr, (off_t) addr, SEEK_SET) == -1) { if (lseek(fd_msr, (off_t) addr, SEEK_SET) == -1) {
perror("Could not lseek() to MSR"); perror("Could not lseek() to MSR");
close(fd_msr); close(fd_msr);
return -1; return -1;
} }
if (read(fd_msr, buf, 8) == 8) { if (read(fd_msr, msr, 8) == 8) {
msr = buf[1];
msr <<= 32;
msr |= buf[0];
close(fd_msr); close(fd_msr);
return msr; return 0;
} }
if (errno == EIO) { if (errno == EIO) {
perror("IO error couldn't read MSR."); perror("IO error couldn't read MSR.");
close(fd_msr); close(fd_msr);
/* On older platforms the MSR might not exists */
return -2; return -2;
} }
@@ -68,7 +63,8 @@ int msr_bootguard(uint64_t *msr, int debug)
return -1; return -1;
} }
*msr = rdmsr(MSR_BOOTGUARD); if (rdmsr(MSR_BOOTGUARD, msr) < 0)
return -1;
#endif #endif
if (!debug) if (!debug)