1 /* 2 * ifdtool - Manage Intel Firmware Descriptor information 3 * 4 * Copyright 2014 Google, Inc 5 * 6 * SPDX-License-Identifier: GPL-2.0 7 * 8 * From Coreboot project, but it got a serious code clean-up 9 * and a few new features 10 */ 11 12 #include <assert.h> 13 #include <fcntl.h> 14 #include <getopt.h> 15 #include <stdlib.h> 16 #include <stdio.h> 17 #include <string.h> 18 #include <unistd.h> 19 #include <sys/types.h> 20 #include <sys/stat.h> 21 #include "ifdtool.h" 22 23 #undef DEBUG 24 25 #ifdef DEBUG 26 #define debug(fmt, args...) printf(fmt, ##args) 27 #else 28 #define debug(fmt, args...) 29 #endif 30 31 #define FD_SIGNATURE 0x0FF0A55A 32 #define FLREG_BASE(reg) ((reg & 0x00000fff) << 12); 33 #define FLREG_LIMIT(reg) (((reg & 0x0fff0000) >> 4) | 0xfff); 34 35 /** 36 * find_fd() - Find the flash description in the ROM image 37 * 38 * @image: Pointer to image 39 * @size: Size of image in bytes 40 * @return pointer to structure, or NULL if not found 41 */ 42 static struct fdbar_t *find_fd(char *image, int size) 43 { 44 uint32_t *ptr, *end; 45 46 /* Scan for FD signature */ 47 for (ptr = (uint32_t *)image, end = ptr + size / 4; ptr < end; ptr++) { 48 if (*ptr == FD_SIGNATURE) 49 break; 50 } 51 52 if (ptr == end) { 53 printf("No Flash Descriptor found in this image\n"); 54 return NULL; 55 } 56 57 debug("Found Flash Descriptor signature at 0x%08x\n", i); 58 59 return (struct fdbar_t *)ptr; 60 } 61 62 /** 63 * get_region() - Get information about the selected region 64 * 65 * @frba: Flash region list 66 * @region_type: Type of region (0..MAX_REGIONS-1) 67 * @region: Region information is written here 68 * @return 0 if OK, else -ve 69 */ 70 static int get_region(struct frba_t *frba, int region_type, 71 struct region_t *region) 72 { 73 if (region_type >= MAX_REGIONS) { 74 fprintf(stderr, "Invalid region type.\n"); 75 return -1; 76 } 77 78 region->base = FLREG_BASE(frba->flreg[region_type]); 79 region->limit = FLREG_LIMIT(frba->flreg[region_type]); 80 region->size = region->limit - region->base + 1; 81 82 return 0; 83 } 84 85 static const char *region_name(int region_type) 86 { 87 static const char *const regions[] = { 88 "Flash Descriptor", 89 "BIOS", 90 "Intel ME", 91 "GbE", 92 "Platform Data" 93 }; 94 95 assert(region_type < MAX_REGIONS); 96 97 return regions[region_type]; 98 } 99 100 static const char *region_filename(int region_type) 101 { 102 static const char *const region_filenames[] = { 103 "flashregion_0_flashdescriptor.bin", 104 "flashregion_1_bios.bin", 105 "flashregion_2_intel_me.bin", 106 "flashregion_3_gbe.bin", 107 "flashregion_4_platform_data.bin" 108 }; 109 110 assert(region_type < MAX_REGIONS); 111 112 return region_filenames[region_type]; 113 } 114 115 static int dump_region(int num, struct frba_t *frba) 116 { 117 struct region_t region; 118 int ret; 119 120 ret = get_region(frba, num, ®ion); 121 if (ret) 122 return ret; 123 124 printf(" Flash Region %d (%s): %08x - %08x %s\n", 125 num, region_name(num), region.base, region.limit, 126 region.size < 1 ? "(unused)" : ""); 127 128 return ret; 129 } 130 131 static void dump_frba(struct frba_t *frba) 132 { 133 int i; 134 135 printf("Found Region Section\n"); 136 for (i = 0; i < MAX_REGIONS; i++) { 137 printf("FLREG%d: 0x%08x\n", i, frba->flreg[i]); 138 dump_region(i, frba); 139 } 140 } 141 142 static void decode_spi_frequency(unsigned int freq) 143 { 144 switch (freq) { 145 case SPI_FREQUENCY_20MHZ: 146 printf("20MHz"); 147 break; 148 case SPI_FREQUENCY_33MHZ: 149 printf("33MHz"); 150 break; 151 case SPI_FREQUENCY_50MHZ: 152 printf("50MHz"); 153 break; 154 default: 155 printf("unknown<%x>MHz", freq); 156 } 157 } 158 159 static void decode_component_density(unsigned int density) 160 { 161 switch (density) { 162 case COMPONENT_DENSITY_512KB: 163 printf("512KiB"); 164 break; 165 case COMPONENT_DENSITY_1MB: 166 printf("1MiB"); 167 break; 168 case COMPONENT_DENSITY_2MB: 169 printf("2MiB"); 170 break; 171 case COMPONENT_DENSITY_4MB: 172 printf("4MiB"); 173 break; 174 case COMPONENT_DENSITY_8MB: 175 printf("8MiB"); 176 break; 177 case COMPONENT_DENSITY_16MB: 178 printf("16MiB"); 179 break; 180 default: 181 printf("unknown<%x>MiB", density); 182 } 183 } 184 185 static void dump_fcba(struct fcba_t *fcba) 186 { 187 printf("\nFound Component Section\n"); 188 printf("FLCOMP 0x%08x\n", fcba->flcomp); 189 printf(" Dual Output Fast Read Support: %ssupported\n", 190 (fcba->flcomp & (1 << 30)) ? "" : "not "); 191 printf(" Read ID/Read Status Clock Frequency: "); 192 decode_spi_frequency((fcba->flcomp >> 27) & 7); 193 printf("\n Write/Erase Clock Frequency: "); 194 decode_spi_frequency((fcba->flcomp >> 24) & 7); 195 printf("\n Fast Read Clock Frequency: "); 196 decode_spi_frequency((fcba->flcomp >> 21) & 7); 197 printf("\n Fast Read Support: %ssupported", 198 (fcba->flcomp & (1 << 20)) ? "" : "not "); 199 printf("\n Read Clock Frequency: "); 200 decode_spi_frequency((fcba->flcomp >> 17) & 7); 201 printf("\n Component 2 Density: "); 202 decode_component_density((fcba->flcomp >> 3) & 7); 203 printf("\n Component 1 Density: "); 204 decode_component_density(fcba->flcomp & 7); 205 printf("\n"); 206 printf("FLILL 0x%08x\n", fcba->flill); 207 printf(" Invalid Instruction 3: 0x%02x\n", 208 (fcba->flill >> 24) & 0xff); 209 printf(" Invalid Instruction 2: 0x%02x\n", 210 (fcba->flill >> 16) & 0xff); 211 printf(" Invalid Instruction 1: 0x%02x\n", 212 (fcba->flill >> 8) & 0xff); 213 printf(" Invalid Instruction 0: 0x%02x\n", 214 fcba->flill & 0xff); 215 printf("FLPB 0x%08x\n", fcba->flpb); 216 printf(" Flash Partition Boundary Address: 0x%06x\n\n", 217 (fcba->flpb & 0xfff) << 12); 218 } 219 220 static void dump_fpsba(struct fpsba_t *fpsba) 221 { 222 int i; 223 224 printf("Found PCH Strap Section\n"); 225 for (i = 0; i < MAX_STRAPS; i++) 226 printf("PCHSTRP%-2d: 0x%08x\n", i, fpsba->pchstrp[i]); 227 } 228 229 static const char *get_enabled(int flag) 230 { 231 return flag ? "enabled" : "disabled"; 232 } 233 234 static void decode_flmstr(uint32_t flmstr) 235 { 236 printf(" Platform Data Region Write Access: %s\n", 237 get_enabled(flmstr & (1 << 28))); 238 printf(" GbE Region Write Access: %s\n", 239 get_enabled(flmstr & (1 << 27))); 240 printf(" Intel ME Region Write Access: %s\n", 241 get_enabled(flmstr & (1 << 26))); 242 printf(" Host CPU/BIOS Region Write Access: %s\n", 243 get_enabled(flmstr & (1 << 25))); 244 printf(" Flash Descriptor Write Access: %s\n", 245 get_enabled(flmstr & (1 << 24))); 246 247 printf(" Platform Data Region Read Access: %s\n", 248 get_enabled(flmstr & (1 << 20))); 249 printf(" GbE Region Read Access: %s\n", 250 get_enabled(flmstr & (1 << 19))); 251 printf(" Intel ME Region Read Access: %s\n", 252 get_enabled(flmstr & (1 << 18))); 253 printf(" Host CPU/BIOS Region Read Access: %s\n", 254 get_enabled(flmstr & (1 << 17))); 255 printf(" Flash Descriptor Read Access: %s\n", 256 get_enabled(flmstr & (1 << 16))); 257 258 printf(" Requester ID: 0x%04x\n\n", 259 flmstr & 0xffff); 260 } 261 262 static void dump_fmba(struct fmba_t *fmba) 263 { 264 printf("Found Master Section\n"); 265 printf("FLMSTR1: 0x%08x (Host CPU/BIOS)\n", fmba->flmstr1); 266 decode_flmstr(fmba->flmstr1); 267 printf("FLMSTR2: 0x%08x (Intel ME)\n", fmba->flmstr2); 268 decode_flmstr(fmba->flmstr2); 269 printf("FLMSTR3: 0x%08x (GbE)\n", fmba->flmstr3); 270 decode_flmstr(fmba->flmstr3); 271 } 272 273 static void dump_fmsba(struct fmsba_t *fmsba) 274 { 275 int i; 276 277 printf("Found Processor Strap Section\n"); 278 for (i = 0; i < 4; i++) 279 printf("????: 0x%08x\n", fmsba->data[0]); 280 } 281 282 static void dump_jid(uint32_t jid) 283 { 284 printf(" SPI Component Device ID 1: 0x%02x\n", 285 (jid >> 16) & 0xff); 286 printf(" SPI Component Device ID 0: 0x%02x\n", 287 (jid >> 8) & 0xff); 288 printf(" SPI Component Vendor ID: 0x%02x\n", 289 jid & 0xff); 290 } 291 292 static void dump_vscc(uint32_t vscc) 293 { 294 printf(" Lower Erase Opcode: 0x%02x\n", 295 vscc >> 24); 296 printf(" Lower Write Enable on Write Status: 0x%02x\n", 297 vscc & (1 << 20) ? 0x06 : 0x50); 298 printf(" Lower Write Status Required: %s\n", 299 vscc & (1 << 19) ? "Yes" : "No"); 300 printf(" Lower Write Granularity: %d bytes\n", 301 vscc & (1 << 18) ? 64 : 1); 302 printf(" Lower Block / Sector Erase Size: "); 303 switch ((vscc >> 16) & 0x3) { 304 case 0: 305 printf("256 Byte\n"); 306 break; 307 case 1: 308 printf("4KB\n"); 309 break; 310 case 2: 311 printf("8KB\n"); 312 break; 313 case 3: 314 printf("64KB\n"); 315 break; 316 } 317 318 printf(" Upper Erase Opcode: 0x%02x\n", 319 (vscc >> 8) & 0xff); 320 printf(" Upper Write Enable on Write Status: 0x%02x\n", 321 vscc & (1 << 4) ? 0x06 : 0x50); 322 printf(" Upper Write Status Required: %s\n", 323 vscc & (1 << 3) ? "Yes" : "No"); 324 printf(" Upper Write Granularity: %d bytes\n", 325 vscc & (1 << 2) ? 64 : 1); 326 printf(" Upper Block / Sector Erase Size: "); 327 switch (vscc & 0x3) { 328 case 0: 329 printf("256 Byte\n"); 330 break; 331 case 1: 332 printf("4KB\n"); 333 break; 334 case 2: 335 printf("8KB\n"); 336 break; 337 case 3: 338 printf("64KB\n"); 339 break; 340 } 341 } 342 343 static void dump_vtba(struct vtba_t *vtba, int vtl) 344 { 345 int i; 346 int num = (vtl >> 1) < 8 ? (vtl >> 1) : 8; 347 348 printf("ME VSCC table:\n"); 349 for (i = 0; i < num; i++) { 350 printf(" JID%d: 0x%08x\n", i, vtba->entry[i].jid); 351 dump_jid(vtba->entry[i].jid); 352 printf(" VSCC%d: 0x%08x\n", i, vtba->entry[i].vscc); 353 dump_vscc(vtba->entry[i].vscc); 354 } 355 printf("\n"); 356 } 357 358 static void dump_oem(uint8_t *oem) 359 { 360 int i, j; 361 printf("OEM Section:\n"); 362 for (i = 0; i < 4; i++) { 363 printf("%02x:", i << 4); 364 for (j = 0; j < 16; j++) 365 printf(" %02x", oem[(i<<4)+j]); 366 printf("\n"); 367 } 368 printf("\n"); 369 } 370 371 /** 372 * dump_fd() - Display a dump of the full flash description 373 * 374 * @image: Pointer to image 375 * @size: Size of image in bytes 376 * @return 0 if OK, -1 on error 377 */ 378 static int dump_fd(char *image, int size) 379 { 380 struct fdbar_t *fdb = find_fd(image, size); 381 382 if (!fdb) 383 return -1; 384 385 printf("FLMAP0: 0x%08x\n", fdb->flmap0); 386 printf(" NR: %d\n", (fdb->flmap0 >> 24) & 7); 387 printf(" FRBA: 0x%x\n", ((fdb->flmap0 >> 16) & 0xff) << 4); 388 printf(" NC: %d\n", ((fdb->flmap0 >> 8) & 3) + 1); 389 printf(" FCBA: 0x%x\n", ((fdb->flmap0) & 0xff) << 4); 390 391 printf("FLMAP1: 0x%08x\n", fdb->flmap1); 392 printf(" ISL: 0x%02x\n", (fdb->flmap1 >> 24) & 0xff); 393 printf(" FPSBA: 0x%x\n", ((fdb->flmap1 >> 16) & 0xff) << 4); 394 printf(" NM: %d\n", (fdb->flmap1 >> 8) & 3); 395 printf(" FMBA: 0x%x\n", ((fdb->flmap1) & 0xff) << 4); 396 397 printf("FLMAP2: 0x%08x\n", fdb->flmap2); 398 printf(" PSL: 0x%04x\n", (fdb->flmap2 >> 8) & 0xffff); 399 printf(" FMSBA: 0x%x\n", ((fdb->flmap2) & 0xff) << 4); 400 401 printf("FLUMAP1: 0x%08x\n", fdb->flumap1); 402 printf(" Intel ME VSCC Table Length (VTL): %d\n", 403 (fdb->flumap1 >> 8) & 0xff); 404 printf(" Intel ME VSCC Table Base Address (VTBA): 0x%06x\n\n", 405 (fdb->flumap1 & 0xff) << 4); 406 dump_vtba((struct vtba_t *) 407 (image + ((fdb->flumap1 & 0xff) << 4)), 408 (fdb->flumap1 >> 8) & 0xff); 409 dump_oem((uint8_t *)image + 0xf00); 410 dump_frba((struct frba_t *)(image + (((fdb->flmap0 >> 16) & 0xff) 411 << 4))); 412 dump_fcba((struct fcba_t *)(image + (((fdb->flmap0) & 0xff) << 4))); 413 dump_fpsba((struct fpsba_t *) 414 (image + (((fdb->flmap1 >> 16) & 0xff) << 4))); 415 dump_fmba((struct fmba_t *)(image + (((fdb->flmap1) & 0xff) << 4))); 416 dump_fmsba((struct fmsba_t *)(image + (((fdb->flmap2) & 0xff) << 4))); 417 418 return 0; 419 } 420 421 /** 422 * write_regions() - Write each region from an image to its own file 423 * 424 * The filename to use in each case is fixed - see region_filename() 425 * 426 * @image: Pointer to image 427 * @size: Size of image in bytes 428 * @return 0 if OK, -ve on error 429 */ 430 static int write_regions(char *image, int size) 431 { 432 struct fdbar_t *fdb; 433 struct frba_t *frba; 434 int ret = 0; 435 int i; 436 437 fdb = find_fd(image, size); 438 if (!fdb) 439 return -1; 440 441 frba = (struct frba_t *)(image + (((fdb->flmap0 >> 16) & 0xff) << 4)); 442 443 for (i = 0; i < MAX_REGIONS; i++) { 444 struct region_t region; 445 int region_fd; 446 447 ret = get_region(frba, i, ®ion); 448 if (ret) 449 return ret; 450 dump_region(i, frba); 451 if (region.size == 0) 452 continue; 453 region_fd = open(region_filename(i), 454 O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | 455 S_IWUSR | S_IRGRP | S_IROTH); 456 if (write(region_fd, image + region.base, region.size) != 457 region.size) { 458 perror("Error while writing"); 459 ret = -1; 460 } 461 close(region_fd); 462 } 463 464 return ret; 465 } 466 467 /** 468 * write_image() - Write the image to a file 469 * 470 * @filename: Filename to use for the image 471 * @image: Pointer to image 472 * @size: Size of image in bytes 473 * @return 0 if OK, -ve on error 474 */ 475 static int write_image(char *filename, char *image, int size) 476 { 477 int new_fd; 478 479 debug("Writing new image to %s\n", filename); 480 481 new_fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | 482 S_IWUSR | S_IRGRP | S_IROTH); 483 if (write(new_fd, image, size) != size) { 484 perror("Error while writing"); 485 return -1; 486 } 487 close(new_fd); 488 489 return 0; 490 } 491 492 /** 493 * set_spi_frequency() - Set the SPI frequency to use when booting 494 * 495 * Several frequencies are supported, some of which work with fast devices. 496 * For SPI emulators, the slowest (SPI_FREQUENCY_20MHZ) is often used. The 497 * Intel boot system uses this information somehow on boot. 498 * 499 * The image is updated with the supplied value 500 * 501 * @image: Pointer to image 502 * @size: Size of image in bytes 503 * @freq: SPI frequency to use 504 */ 505 static void set_spi_frequency(char *image, int size, enum spi_frequency freq) 506 { 507 struct fdbar_t *fdb = find_fd(image, size); 508 struct fcba_t *fcba; 509 510 fcba = (struct fcba_t *)(image + (((fdb->flmap0) & 0xff) << 4)); 511 512 /* clear bits 21-29 */ 513 fcba->flcomp &= ~0x3fe00000; 514 /* Read ID and Read Status Clock Frequency */ 515 fcba->flcomp |= freq << 27; 516 /* Write and Erase Clock Frequency */ 517 fcba->flcomp |= freq << 24; 518 /* Fast Read Clock Frequency */ 519 fcba->flcomp |= freq << 21; 520 } 521 522 /** 523 * set_em100_mode() - Set a SPI frequency that will work with Dediprog EM100 524 * 525 * @image: Pointer to image 526 * @size: Size of image in bytes 527 */ 528 static void set_em100_mode(char *image, int size) 529 { 530 struct fdbar_t *fdb = find_fd(image, size); 531 struct fcba_t *fcba; 532 533 fcba = (struct fcba_t *)(image + (((fdb->flmap0) & 0xff) << 4)); 534 fcba->flcomp &= ~(1 << 30); 535 set_spi_frequency(image, size, SPI_FREQUENCY_20MHZ); 536 } 537 538 /** 539 * lock_descriptor() - Lock the NE descriptor so it cannot be updated 540 * 541 * @image: Pointer to image 542 * @size: Size of image in bytes 543 */ 544 static void lock_descriptor(char *image, int size) 545 { 546 struct fdbar_t *fdb = find_fd(image, size); 547 struct fmba_t *fmba; 548 549 /* 550 * TODO: Dynamically take Platform Data Region and GbE Region into 551 * account. 552 */ 553 fmba = (struct fmba_t *)(image + (((fdb->flmap1) & 0xff) << 4)); 554 fmba->flmstr1 = 0x0a0b0000; 555 fmba->flmstr2 = 0x0c0d0000; 556 fmba->flmstr3 = 0x08080118; 557 } 558 559 /** 560 * unlock_descriptor() - Lock the NE descriptor so it can be updated 561 * 562 * @image: Pointer to image 563 * @size: Size of image in bytes 564 */ 565 static void unlock_descriptor(char *image, int size) 566 { 567 struct fdbar_t *fdb = find_fd(image, size); 568 struct fmba_t *fmba; 569 570 fmba = (struct fmba_t *)(image + (((fdb->flmap1) & 0xff) << 4)); 571 fmba->flmstr1 = 0xffff0000; 572 fmba->flmstr2 = 0xffff0000; 573 fmba->flmstr3 = 0x08080118; 574 } 575 576 /** 577 * open_for_read() - Open a file for reading 578 * 579 * @fname: Filename to open 580 * @sizep: Returns file size in bytes 581 * @return 0 if OK, -1 on error 582 */ 583 int open_for_read(const char *fname, int *sizep) 584 { 585 int fd = open(fname, O_RDONLY); 586 struct stat buf; 587 588 if (fd == -1) { 589 perror("Could not open file"); 590 return -1; 591 } 592 if (fstat(fd, &buf) == -1) { 593 perror("Could not stat file"); 594 return -1; 595 } 596 *sizep = buf.st_size; 597 debug("File %s is %d bytes\n", fname, *sizep); 598 599 return fd; 600 } 601 602 /** 603 * inject_region() - Add a file to an image region 604 * 605 * This puts a file into a particular region of the flash. Several pre-defined 606 * regions are used. 607 * 608 * @image: Pointer to image 609 * @size: Size of image in bytes 610 * @region_type: Region where the file should be added 611 * @region_fname: Filename to add to the image 612 * @return 0 if OK, -ve on error 613 */ 614 int inject_region(char *image, int size, int region_type, char *region_fname) 615 { 616 struct fdbar_t *fdb = find_fd(image, size); 617 struct region_t region; 618 struct frba_t *frba; 619 int region_size; 620 int offset = 0; 621 int region_fd; 622 int ret; 623 624 if (!fdb) 625 exit(EXIT_FAILURE); 626 frba = (struct frba_t *)(image + (((fdb->flmap0 >> 16) & 0xff) << 4)); 627 628 ret = get_region(frba, region_type, ®ion); 629 if (ret) 630 return -1; 631 if (region.size <= 0xfff) { 632 fprintf(stderr, "Region %s is disabled in target. Not injecting.\n", 633 region_name(region_type)); 634 return -1; 635 } 636 637 region_fd = open_for_read(region_fname, ®ion_size); 638 if (region_fd < 0) 639 return region_fd; 640 641 if ((region_size > region.size) || 642 ((region_type != 1) && (region_size > region.size))) { 643 fprintf(stderr, "Region %s is %d(0x%x) bytes. File is %d(0x%x) bytes. Not injecting.\n", 644 region_name(region_type), region.size, 645 region.size, region_size, region_size); 646 return -1; 647 } 648 649 if ((region_type == 1) && (region_size < region.size)) { 650 fprintf(stderr, "Region %s is %d(0x%x) bytes. File is %d(0x%x) bytes. Padding before injecting.\n", 651 region_name(region_type), region.size, 652 region.size, region_size, region_size); 653 offset = region.size - region_size; 654 memset(image + region.base, 0xff, offset); 655 } 656 657 if (size < region.base + offset + region_size) { 658 fprintf(stderr, "Output file is too small. (%d < %d)\n", 659 size, region.base + offset + region_size); 660 return -1; 661 } 662 663 if (read(region_fd, image + region.base + offset, region_size) 664 != region_size) { 665 perror("Could not read file"); 666 return -1; 667 } 668 669 close(region_fd); 670 671 debug("Adding %s as the %s section\n", region_fname, 672 region_name(region_type)); 673 674 return 0; 675 } 676 677 /** 678 * write_data() - Write some raw data into a region 679 * 680 * This puts a file into a particular place in the flash, ignoring the 681 * regions. Be careful not to overwrite something important. 682 * 683 * @image: Pointer to image 684 * @size: Size of image in bytes 685 * @addr: x86 ROM address to put file. The ROM ends at 686 * 0xffffffff so use an address relative to that. For an 687 * 8MB ROM the start address is 0xfff80000. 688 * @write_fname: Filename to add to the image 689 * @return 0 if OK, -ve on error 690 */ 691 static int write_data(char *image, int size, unsigned int addr, 692 const char *write_fname) 693 { 694 int write_fd, write_size; 695 int offset; 696 697 write_fd = open_for_read(write_fname, &write_size); 698 if (write_fd < 0) 699 return write_fd; 700 701 offset = addr + size; 702 debug("Writing %s to offset %#x\n", write_fname, offset); 703 704 if (offset < 0 || offset + write_size > size) { 705 fprintf(stderr, "Output file is too small. (%d < %d)\n", 706 size, offset + write_size); 707 return -1; 708 } 709 710 if (read(write_fd, image + offset, write_size) != write_size) { 711 perror("Could not read file"); 712 return -1; 713 } 714 715 close(write_fd); 716 717 return 0; 718 } 719 720 static void print_version(void) 721 { 722 printf("ifdtool v%s -- ", IFDTOOL_VERSION); 723 printf("Copyright (C) 2014 Google Inc.\n\n"); 724 printf("SPDX-License-Identifier: GPL-2.0+\n"); 725 } 726 727 static void print_usage(const char *name) 728 { 729 printf("usage: %s [-vhdix?] <filename> [<outfile>]\n", name); 730 printf("\n" 731 " -d | --dump: dump intel firmware descriptor\n" 732 " -x | --extract: extract intel fd modules\n" 733 " -i | --inject <region>:<module> inject file <module> into region <region>\n" 734 " -w | --write <addr>:<file> write file to appear at memory address <addr>\n" 735 " -s | --spifreq <20|33|50> set the SPI frequency\n" 736 " -e | --em100 set SPI frequency to 20MHz and disable\n" 737 " Dual Output Fast Read Support\n" 738 " -l | --lock Lock firmware descriptor and ME region\n" 739 " -u | --unlock Unlock firmware descriptor and ME region\n" 740 " -r | --romsize Specify ROM size\n" 741 " -D | --write-descriptor <file> Write descriptor at base\n" 742 " -c | --create Create a new empty image\n" 743 " -v | --version: print the version\n" 744 " -h | --help: print this help\n\n" 745 "<region> is one of Descriptor, BIOS, ME, GbE, Platform\n" 746 "\n"); 747 } 748 749 /** 750 * get_two_words() - Convert a string into two words separated by : 751 * 752 * The supplied string is split at ':', two substrings are allocated and 753 * returned. 754 * 755 * @str: String to split 756 * @firstp: Returns first string 757 * @secondp: Returns second string 758 * @return 0 if OK, -ve if @str does not have a : 759 */ 760 static int get_two_words(const char *str, char **firstp, char **secondp) 761 { 762 const char *p; 763 764 p = strchr(str, ':'); 765 if (!p) 766 return -1; 767 *firstp = strdup(str); 768 (*firstp)[p - str] = '\0'; 769 *secondp = strdup(p + 1); 770 771 return 0; 772 } 773 774 int main(int argc, char *argv[]) 775 { 776 int opt, option_index = 0; 777 int mode_dump = 0, mode_extract = 0, mode_inject = 0; 778 int mode_spifreq = 0, mode_em100 = 0, mode_locked = 0; 779 int mode_unlocked = 0, mode_write = 0, mode_write_descriptor = 0; 780 int create = 0; 781 char *region_type_string = NULL, *src_fname = NULL; 782 char *addr_str = NULL; 783 int region_type = -1, inputfreq = 0; 784 enum spi_frequency spifreq = SPI_FREQUENCY_20MHZ; 785 unsigned int addr = 0; 786 int rom_size = -1; 787 bool write_it; 788 char *filename; 789 char *outfile = NULL; 790 struct stat buf; 791 int size = 0; 792 int bios_fd; 793 char *image; 794 int ret; 795 static struct option long_options[] = { 796 {"create", 0, NULL, 'c'}, 797 {"dump", 0, NULL, 'd'}, 798 {"descriptor", 1, NULL, 'D'}, 799 {"em100", 0, NULL, 'e'}, 800 {"extract", 0, NULL, 'x'}, 801 {"inject", 1, NULL, 'i'}, 802 {"lock", 0, NULL, 'l'}, 803 {"romsize", 1, NULL, 'r'}, 804 {"spifreq", 1, NULL, 's'}, 805 {"unlock", 0, NULL, 'u'}, 806 {"write", 1, NULL, 'w'}, 807 {"version", 0, NULL, 'v'}, 808 {"help", 0, NULL, 'h'}, 809 {0, 0, 0, 0} 810 }; 811 812 while ((opt = getopt_long(argc, argv, "cdD:ehi:lr:s:uvw:x?", 813 long_options, &option_index)) != EOF) { 814 switch (opt) { 815 case 'c': 816 create = 1; 817 break; 818 case 'd': 819 mode_dump = 1; 820 break; 821 case 'D': 822 mode_write_descriptor = 1; 823 src_fname = optarg; 824 break; 825 case 'e': 826 mode_em100 = 1; 827 break; 828 case 'i': 829 if (get_two_words(optarg, ®ion_type_string, 830 &src_fname)) { 831 print_usage(argv[0]); 832 exit(EXIT_FAILURE); 833 } 834 if (!strcasecmp("Descriptor", region_type_string)) 835 region_type = 0; 836 else if (!strcasecmp("BIOS", region_type_string)) 837 region_type = 1; 838 else if (!strcasecmp("ME", region_type_string)) 839 region_type = 2; 840 else if (!strcasecmp("GbE", region_type_string)) 841 region_type = 3; 842 else if (!strcasecmp("Platform", region_type_string)) 843 region_type = 4; 844 if (region_type == -1) { 845 fprintf(stderr, "No such region type: '%s'\n\n", 846 region_type_string); 847 print_usage(argv[0]); 848 exit(EXIT_FAILURE); 849 } 850 mode_inject = 1; 851 break; 852 case 'l': 853 mode_locked = 1; 854 break; 855 case 'r': 856 rom_size = strtol(optarg, NULL, 0); 857 debug("ROM size %d\n", rom_size); 858 break; 859 case 's': 860 /* Parse the requested SPI frequency */ 861 inputfreq = strtol(optarg, NULL, 0); 862 switch (inputfreq) { 863 case 20: 864 spifreq = SPI_FREQUENCY_20MHZ; 865 break; 866 case 33: 867 spifreq = SPI_FREQUENCY_33MHZ; 868 break; 869 case 50: 870 spifreq = SPI_FREQUENCY_50MHZ; 871 break; 872 default: 873 fprintf(stderr, "Invalid SPI Frequency: %d\n", 874 inputfreq); 875 print_usage(argv[0]); 876 exit(EXIT_FAILURE); 877 } 878 mode_spifreq = 1; 879 break; 880 case 'u': 881 mode_unlocked = 1; 882 break; 883 case 'v': 884 print_version(); 885 exit(EXIT_SUCCESS); 886 break; 887 case 'w': 888 mode_write = 1; 889 if (get_two_words(optarg, &addr_str, &src_fname)) { 890 print_usage(argv[0]); 891 exit(EXIT_FAILURE); 892 } 893 addr = strtol(optarg, NULL, 0); 894 break; 895 case 'x': 896 mode_extract = 1; 897 break; 898 case 'h': 899 case '?': 900 default: 901 print_usage(argv[0]); 902 exit(EXIT_SUCCESS); 903 break; 904 } 905 } 906 907 if (mode_locked == 1 && mode_unlocked == 1) { 908 fprintf(stderr, "Locking/Unlocking FD and ME are mutually exclusive\n"); 909 exit(EXIT_FAILURE); 910 } 911 912 if (mode_inject == 1 && mode_write == 1) { 913 fprintf(stderr, "Inject/Write are mutually exclusive\n"); 914 exit(EXIT_FAILURE); 915 } 916 917 if ((mode_dump + mode_extract + mode_inject + 918 (mode_spifreq | mode_em100 | mode_unlocked | 919 mode_locked)) > 1) { 920 fprintf(stderr, "You may not specify more than one mode.\n\n"); 921 print_usage(argv[0]); 922 exit(EXIT_FAILURE); 923 } 924 925 if ((mode_dump + mode_extract + mode_inject + mode_spifreq + 926 mode_em100 + mode_locked + mode_unlocked + mode_write + 927 mode_write_descriptor) == 0 && !create) { 928 fprintf(stderr, "You need to specify a mode.\n\n"); 929 print_usage(argv[0]); 930 exit(EXIT_FAILURE); 931 } 932 933 if (create && rom_size == -1) { 934 fprintf(stderr, "You need to specify a rom size when creating.\n\n"); 935 exit(EXIT_FAILURE); 936 } 937 938 if (optind + 1 != argc) { 939 fprintf(stderr, "You need to specify a file.\n\n"); 940 print_usage(argv[0]); 941 exit(EXIT_FAILURE); 942 } 943 944 filename = argv[optind]; 945 if (optind + 2 != argc) 946 outfile = argv[optind + 1]; 947 948 if (create) 949 bios_fd = open(filename, O_WRONLY | O_CREAT, 0666); 950 else 951 bios_fd = open(filename, outfile ? O_RDONLY : O_RDWR); 952 953 if (bios_fd == -1) { 954 perror("Could not open file"); 955 exit(EXIT_FAILURE); 956 } 957 958 if (!create) { 959 if (fstat(bios_fd, &buf) == -1) { 960 perror("Could not stat file"); 961 exit(EXIT_FAILURE); 962 } 963 size = buf.st_size; 964 } 965 966 debug("File %s is %d bytes\n", filename, size); 967 968 if (rom_size == -1) 969 rom_size = size; 970 971 image = malloc(rom_size); 972 if (!image) { 973 printf("Out of memory.\n"); 974 exit(EXIT_FAILURE); 975 } 976 977 memset(image, '\xff', rom_size); 978 if (!create && read(bios_fd, image, size) != size) { 979 perror("Could not read file"); 980 exit(EXIT_FAILURE); 981 } 982 if (size != rom_size) { 983 debug("ROM size changed to %d bytes\n", rom_size); 984 size = rom_size; 985 } 986 987 write_it = true; 988 ret = 0; 989 if (mode_dump) { 990 ret = dump_fd(image, size); 991 write_it = false; 992 } 993 994 if (mode_extract) { 995 ret = write_regions(image, size); 996 write_it = false; 997 } 998 999 if (mode_write_descriptor) 1000 ret = write_data(image, size, -size, src_fname); 1001 1002 if (mode_inject) 1003 ret = inject_region(image, size, region_type, src_fname); 1004 1005 if (mode_write) 1006 ret = write_data(image, size, addr, src_fname); 1007 1008 if (mode_spifreq) 1009 set_spi_frequency(image, size, spifreq); 1010 1011 if (mode_em100) 1012 set_em100_mode(image, size); 1013 1014 if (mode_locked) 1015 lock_descriptor(image, size); 1016 1017 if (mode_unlocked) 1018 unlock_descriptor(image, size); 1019 1020 if (write_it) { 1021 if (outfile) { 1022 ret = write_image(outfile, image, size); 1023 } else { 1024 if (lseek(bios_fd, 0, SEEK_SET)) { 1025 perror("Error while seeking"); 1026 ret = -1; 1027 } 1028 if (write(bios_fd, image, size) != size) { 1029 perror("Error while writing"); 1030 ret = -1; 1031 } 1032 } 1033 } 1034 1035 free(image); 1036 close(bios_fd); 1037 1038 return ret ? 1 : 0; 1039 } 1040