Change in coreboot[master]: util/intelmetool: Fix some platforms - coreboot-gerrit

25 Nov 2017

Patrick Rudolph has uploaded this change for review. ( https://review.coreboot.org/22598
Change subject: util/intelmetool: Fix some platforms
......................................................................
util/intelmetool: Fix some platforms
Bootguard:
* Fix Mac support (ME_version can't be detected)
* Skip MSR read on older platforms (as it would fail anyway)
* Refactor MSR error handling
* Print Bootguard state "Unknown" on MSR read error
Change-Id: Iafe3f5c22c6caeedc556933405b9f6d83ec876a1
Signed-off-by: Patrick Rudolph siro@das-labor.org
---
M util/intelmetool/intelmetool.c
M util/intelmetool/msr.c
2 files changed, 17 insertions(+), 16 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/98/22598/1

diff --git a/util/intelmetool/intelmetool.c b/util/intelmetool/intelmetool.c
index 2e22899..0b0e509 100644
--- a/util/intelmetool/intelmetool.c
+++ b/util/intelmetool/intelmetool.c
@@ -308,9 +308,6 @@
    const char *name;
    uint64_t bootguard = 0;
-	if (msr_bootguard(&bootguard, debug) < 0)
-		return;
-
    if (pci_platform_scan())
    	exit(1);
@@ -328,9 +325,11 @@
    	bootguard &= ~0xff;
    }
-	if (ME_major_ver < 9 ||
-	    (ME_major_ver == 9 && ME_minor_ver < 5) ||
-	    !BOOTGUARD_CAPABILITY(bootguard)) {
+	/* ME_major_ver is zero on some platforms (Mac) */
+	if (ME_major_ver &&
+	    (ME_major_ver < 9 ||
+	     (ME_major_ver == 9 && ME_minor_ver < 5) ||
+	     !BOOTGUARD_CAPABILITY(bootguard))) {
    	print_cap("BootGuard                                 ", 0);
    	printf(CGRN "\nYour system isn't bootguard ready. You can "
    	       "flash other firmware!\n" RESET);
@@ -338,6 +337,12 @@
    	return;
    }
+	if (msr_bootguard(&bootguard, debug) < 0) {
+		printf("ME Capability: %-43s: " CCYN "%s\n" RESET,
+		       "BootGuard Mode", "Unknown");
+		return;
+	}
+
    print_cap("BootGuard                                 ", 1);
    if (pci_read_long(dev, 0x40) & 0x10)
    	printf(CYEL "Your southbridge configuration is insecure!! "
diff --git a/util/intelmetool/msr.c b/util/intelmetool/msr.c
index 1010c0e..d1e510f 100644
--- a/util/intelmetool/msr.c
+++ b/util/intelmetool/msr.c
@@ -26,28 +26,23 @@
 #ifndef __DARWIN__
 static int fd_msr = 0;
-static uint64_t rdmsr(int addr)
+static int rdmsr(int addr, uint64_t *msr)
 {
-	uint32_t buf[2];
-	uint64_t msr = 0;
-
    if (lseek(fd_msr, (off_t) addr, SEEK_SET) == -1) {
    	perror("Could not lseek() to MSR");
    	close(fd_msr);
    	return -1;
    }
-	if (read(fd_msr, buf, 8) == 8) {
-		msr = buf[1];
-		msr <<= 32;
-		msr |= buf[0];
+	if (read(fd_msr, msr, 8) == 8) {
    	close(fd_msr);
-		return msr;
+		return 0;
    }
if (errno == EIO) {
    	perror("IO error couldn't read MSR.");
    	close(fd_msr);
+		/* On older platforms the MSR might not exists */
    	return -2;
    }
@@ -68,7 +63,8 @@
    	return -1;
    }
-	*msr = rdmsr(MSR_BOOTGUARD);
+	if (rdmsr(MSR_BOOTGUARD, msr) < 0)
+		return -1;
 #endif
if (!debug)
-- 
To view, visit https://review.coreboot.org/22598
To unsubscribe, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: Iafe3f5c22c6caeedc556933405b9f6d83ec876a1
Gerrit-Change-Number: 22598
Gerrit-PatchSet: 1
Gerrit-Owner: Patrick Rudolph siro@das-labor.org



    