diff options
Diffstat (limited to 'util')
-rw-r--r-- | util/e6400-flash-unlock/COPYING | 19 | ||||
-rw-r--r-- | util/e6400-flash-unlock/Makefile | 28 | ||||
-rw-r--r-- | util/e6400-flash-unlock/README.md | 71 | ||||
-rw-r--r-- | util/e6400-flash-unlock/e6400_flash_unlock.c | 169 |
4 files changed, 287 insertions, 0 deletions
diff --git a/util/e6400-flash-unlock/COPYING b/util/e6400-flash-unlock/COPYING new file mode 100644 index 00000000..bf82341a --- /dev/null +++ b/util/e6400-flash-unlock/COPYING @@ -0,0 +1,19 @@ +Copyright (c) 2023 Nicholas Chin + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/util/e6400-flash-unlock/Makefile b/util/e6400-flash-unlock/Makefile new file mode 100644 index 00000000..7d350932 --- /dev/null +++ b/util/e6400-flash-unlock/Makefile @@ -0,0 +1,28 @@ +# Copyright (c) 2023 Nicholas Chin +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +CC=cc +CFLAGS=-Wall -Wextra -Werror -O2 -pedantic + +all: e6400_flash_unlock.c + $(CC) $(CFLAGS) e6400_flash_unlock.c -o e6400_flash_unlock + +clean: + rm -f e6400_flash_unlock diff --git a/util/e6400-flash-unlock/README.md b/util/e6400-flash-unlock/README.md new file mode 100644 index 00000000..410a807a --- /dev/null +++ b/util/e6400-flash-unlock/README.md @@ -0,0 +1,71 @@ +# Dell Latitude E6400 Internal Flashing + +This utility allows you to use flashrom's internal programmer to program the +entire BIOS flash chip from software while still running the original Dell +BIOS, which normally restricts software writes to the flash chip. + +## TL;DR +Run `make` to compile the utility, and then run `sudo ./e6400_flash_unlock` and +follow the directions it outputs. + +## How it works +There are several ways the firmware can protect itself from being overwritten. +One way is the Intel Flash Descriptor (IFD) permissions. On Intel systems, the +flash image is divided into several regions such as the IFD itself, Gigabit +Ethernet (GBE) non-volative memory, Management Engine (ME) firmware, Platform +Data (PD), and the BIOS. The IFD contains a section which specifies the +read/write permissions for each SPI controller (such as the host system) and +each region of the flash, which are enforced by the chipset. + +On the Latitude E6400, the host has read-only access to the IFD, no access to +the ME region, and read-write access to the PD, GBE, and BIOS regions. In order +for flashrom to write to the entire flash internally, the host needs full +permissions to all of these regions. Since the IFD is read only, we cannot +change these permissions unless we directly access the chip using an external +programmer, which defeats the purpose of internal flashing. + +However, Intel chipsets have a pin strap that allows the flash descriptor +permissions to be overridden depending on the value of the pin at power on, +granting RW permissions to all regions. On the ICH9M chipset on the E6400, this +pin is HDA\_DOCK\_EN/GPIO33, which will enable the override if it is sampled +low. This pin happens to be connected to a GPIO controlled by the Embedded +Controller (EC), a small microcontroller on the board which handles things like +the keyboard, touchpad, LEDs, and other system level tasks. Software can send a +certain command to the EC, which tells it to pull GPIO33 low on the next boot. + +Although we now have full access according to the IFD permissions, we still +cannot flash the whole chip, due to another protection the firmware uses. +Before software can update the BIOS, it must change the BIOS Write Enable +(BIOSWE) bit in the chipset from 0 to 1. However, if the BIOS Lock Enable (BLE) +bit is also set to 1, then changing the BIOSWE bit triggers a System Management +Interrupt (SMI). This causes the processor to enter System Management Mode +(SMM), a highly privileged x86 execution state which operates transparently to +the operating system. The code that SMM runs is provided by the BIOS, which +checks the BIOSWE bit and sets it back to 0 before returning control to the OS. +This feature is intended to only allow SMM code to update the system firmware. +As the switch to SMM suspends the execution of the OS, it appears to the OS +that the BIOSWE bit was never set to 1. Unfortunately, the BLE bit cannot be +set back to 0 once it is set to 1, so this functionality cannot be disabled +after it is first enabled by the BIOS. + +Older versions of the E6400 BIOS did not set the BLE bit, allowing flashrom to +flash the entire flash chip internally after only setting the descriptor +override. However, more recent versions do set it, so we may have hit a dead +end unless we force downgrade to an older version (though there is a more +convenient method, as we are about to see). + +What if there was a way to sidestep the BIOS Lock entirely? As it turns out, +there is, and it's called the Global SMI Enable (GBL\_SMI\_EN) bit. If it's set +to 1, then the chipset will generate SMIs, such as when we change BIOSWE with +BLE set. If it's 0, then no SMI will be generated, even with the BLE bit set. +On the E6400, GBL\_SMI\_EN is set to 1, and it can be changed back to 0, unlike +the BLE bit. But there still might be one bit in the way, the SMI\_LOCK bit, +which prevents modifications to GBL\_SMI\_EN when SMI\_LOCK is 1. Like the BLE +bit, it cannot be changed back to 0 once it set to 1. But we are in luck, as +the vendor E6400 BIOS leaves SMI\_LOCK unset at 0, allowing us to clear +GBL\_SMI\_EN and disable SMIs, bypassing the BIOS Lock protections. + +There are other possible protection mechanisms that the firmware can utilize, +such as Protected Range Register settings, which apply access permissions to +address ranges of the flash, similar to the IFD. However, the E6400 vendor +firmware does not utilize these, so they will not be discussed. diff --git a/util/e6400-flash-unlock/e6400_flash_unlock.c b/util/e6400-flash-unlock/e6400_flash_unlock.c new file mode 100644 index 00000000..88ba2e98 --- /dev/null +++ b/util/e6400-flash-unlock/e6400_flash_unlock.c @@ -0,0 +1,169 @@ +/* + * Copyright (c) 2023 Nicholas Chin + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ + +#include <sys/io.h> +#include <sys/mman.h> + +#include <err.h> +#include <errno.h> +#include <fcntl.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> + +enum +EC_FDO_CMD { + QUERY = 0, + SET_OVERRIDE = 2, + UNSET_OVERRIDE = 3 +}; + +int get_fdo_status(void); +uint8_t ec_fdo_command(enum EC_FDO_CMD arg); +void write_ec_reg(uint8_t index, uint8_t data); +void send_ec_cmd(uint8_t cmd); +void wait_ec(void); +int get_gbl_smi_en(void); +int set_gbl_smi_en(int enable); +/* uint8_t read_ec_reg(uint8_t index); */ + +#define EC_INDEX 0x910 +#define EC_DATA 0x911 +#define PMBASE 0x1000 +#define SMI_EN_REG (PMBASE + 0x30) + +/* Assume this is the same on all vendor BIOS versions */ +#define RCBA 0xfed18000 + +#define RCBA_MMIO_LEN 0x4000 +#define SPIBAR 0x3800 +#define HSFS_REG 0x04 + +volatile uint8_t *rcba_mmio; + +int +main(int argc, char *argv[]) +{ + int devmemfd; + (void)argc; + (void)argv; + + if ((ioperm(EC_INDEX, 2, 1) == -1) || (ioperm(SMI_EN_REG, 4, 1) == -1)) + err(errno, "Could not access IO ports"); + if ((devmemfd = open("/dev/mem", O_RDONLY)) == -1) + err(errno, "/dev/mem"); + + /* FDO pin-strap status bit is in RCBA mmio space */ + rcba_mmio = mmap(0, RCBA_MMIO_LEN, PROT_READ, MAP_SHARED, devmemfd, + RCBA); + if (rcba_mmio == MAP_FAILED) + err(errno, "Could not map RCBA"); + + if (get_fdo_status() == 1) { + ec_fdo_command(SET_OVERRIDE); + printf("Flash Descriptor Override enabled. Shut down now. The " + "EC will auto-boot the system and set the override.\n" + "Upon boot, re-run this utility to unlock flash.\n"); + } else if (get_gbl_smi_en()){ + set_gbl_smi_en(0); + printf("SMIs disabled. Internal flashing should work now.\n" + "After flashing, re-run this utility to enable SMIs.\n" + "(shutdown is buggy when SMIs are disabled)\n"); + } else { + set_gbl_smi_en(1); + printf("SMIs enabled, you can now shutdown the system.\n"); + } + return errno; +} + +int +get_fdo_status(void) +{ + return (*(uint16_t*)(rcba_mmio + SPIBAR + HSFS_REG) >> 13) & 1; +} + +/* + * arg: + * 0 = Query EC FDO status - TODO + * 2 = Enable FDO for next boot + * 3 = Disable FDO for next boot - TODO + */ +uint8_t +ec_fdo_command(enum EC_FDO_CMD arg) +{ + write_ec_reg(0x12, arg); + send_ec_cmd(0xb8); + return 1; +} + +void +write_ec_reg(uint8_t index, uint8_t data) +{ + outb(index, EC_INDEX); + outb(data, EC_DATA); +} + +void +send_ec_cmd(uint8_t cmd) +{ + outb(0, EC_INDEX); + outb(cmd, EC_DATA); + wait_ec(); +} + +void +wait_ec(void) +{ + uint8_t busy; + do { + outb(0, EC_INDEX); + busy = inb(EC_DATA); + } while (busy); +} + +int +get_gbl_smi_en(void) +{ + return inl(SMI_EN_REG) & 1; +} + +int +set_gbl_smi_en(int enable) +{ + uint32_t smi_en = inl(SMI_EN_REG); + if (enable) { + smi_en |= 1; + } else { + smi_en &= ~1; + } + outl(smi_en, SMI_EN_REG); + return (get_gbl_smi_en() == enable); +} + +/* +uint8_t +read_ec_reg(uint8_t index) +{ + outb(index, EC_INDEX); + return inb(EC_DATA); +} +*/ |