patch the autoport thing..., remove metool-bg.patch

author: Iru Cai 2018-12-01 21:38:32 +0800
committer: Iru Cai 2018-12-01 21:38:32 +0800
commit: 4acfbe8d0933305829f34eb592937f146f080df7 (patch)
tree: cb59162799c5c8dade48c8d82859e2638ebf4660
parent: b30ba26a9fb307f8ecdcd61807d09e5d8be71c9c (diff)
download: aur-4acfbe8d0933305829f34eb592937f146f080df7.tar.gz
2 files changed, 2 insertions, 442 deletions
diff --git a/PKGBUILD b/PKGBUILD
index 4e0a1d3e2c47..08dd7b4e0e0b 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -37,6 +37,8 @@ prepare() {
   git config -f .gitmodules 'submodule.vboot.url' "$srcdir/vboot"
   git submodule sync -- 3rdparty/vboot
   git submodule update -- 3rdparty/vboot
+
+  patch -p1 -i "$srcdir/autoport-tool-paths.patch"
 }
 
 build() {
diff --git a/metool-bg.patch b/metool-bg.patch
deleted file mode 100644
index ef6acfa7bdba..000000000000
--- a/metool-bg.patch
+++ /dev/null
@@ -1,442 +0,0 @@
-commit 125f14a2622e2086de2a1b96660605dd50f1ce85
-Author: Philipp Deppenwiese <zaolin@das-labor.org>
-Date:   Fri Aug 26 02:10:51 2016 +0200
-
-    util/intelmetool: Add bootguard information dump support
-    
-    With this implementation it's possible to detect the state
-    of bootguard in intel based systems. Currently it's WIP and
-    in a testphase. Handle it with care!
-    
-    Change-Id: Ifeec8e20fa8efc35d7db4c6a84be1f118dccfc4a
-    Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
-
-diff --git a/util/intelmetool/Makefile b/util/intelmetool/Makefile
-index 8857d954cd..8ae774d86d 100644
---- a/util/intelmetool/Makefile
-+++ b/util/intelmetool/Makefile
-@@ -20,7 +20,7 @@ PREFIX  ?= /usr/local
- CFLAGS  ?= -O0 -g -Wall -W -Wno-unused-parameter -Wno-sign-compare -Wno-unused-function
- LDFLAGS += -lpci -lz
- 
--OBJS = intelmetool.o me.o me_status.o mmap.o
-+OBJS = intelmetool.o me.o me_status.o mmap.o msr.o
- 
- OS_ARCH	= $(shell uname)
- ifeq ($(OS_ARCH), Darwin)
-diff --git a/util/intelmetool/intelmetool.c b/util/intelmetool/intelmetool.c
-index 2acfec223e..3d3f8e9981 100644
---- a/util/intelmetool/intelmetool.c
-+++ b/util/intelmetool/intelmetool.c
-@@ -16,6 +16,8 @@
- #include <stdlib.h>
- #include <getopt.h>
- #include <unistd.h>
-+#include <string.h>
-+#include <cpuid.h>
- 
- #ifdef __NetBSD__
- #include <machine/sysarch.h>
-@@ -23,6 +25,7 @@
- 
- #include "me.h"
- #include "mmap.h"
-+#include "msr.h"
- #include "intelmetool.h"
- 
- #define FD2 0x3428
-@@ -34,6 +37,7 @@ int debug = 0;
- static uint32_t fd2 = 0;
- static const int size = 0x4000;
- static volatile uint8_t *rcba;
-+static char cpu_id[CPU_ID_SIZE] = { 0 };
- 
- static void dumpmem(uint8_t *phys, uint32_t size)
- {
-@@ -73,6 +77,17 @@ static void rehide_me(void)
- 	}
- }
- 
-+static void get_cpu_id(char *id)
-+{
-+	regs_t regs;
-+	unsigned int level = 0;
-+	unsigned int eax = 0;
-+
-+	__get_cpuid(level, &eax, &regs.ebx, &regs.ecx, &regs.edx);
-+
-+	memcpy(id, (char *)&regs, CPU_ID_SIZE);
-+}
-+
- /* You need >4GB total ram, in kernel cmdline, use 'mem=1000m'
-  * then this code will clone to absolute memory address 0xe0000000
-  * which can be read using a mmap tool at that offset.
-@@ -296,10 +311,62 @@ static void dump_me_info(void)
- 	munmap((void*)rcba, size);
- }
- 
-+static void dump_bootguard_info(void)
-+{
-+	struct pci_dev *dev;
-+	uint32_t stat = 0;
-+	char namebuf[1024];
-+	const char *name;
-+	uint64_t bootguard = 0;
-+
-+	if (msr_bootguard(&bootguard, debug) < 0)
-+		return;
-+
-+	pci_platform_scan();
-+	dev = pci_me_interface_scan(&name, namebuf, sizeof(namebuf));
-+	activate_me();
-+
-+	if (dev)
-+		stat = pci_read_long(dev, 0x40);
-+
-+	if (debug) {
-+		printf("BootGuard MSR Output: 0x%" PRIx64 "\n", bootguard);
-+		bootguard &= ~0xff;
-+	}
-+
-+	if (BOOTGUARD_CAPABILITY(bootguard)) {
-+		print_cap("BootGuard                                 ", 1);
-+		if (dev && (stat & 0x10)) {
-+			printf(CYEL "Your southbridge configuration is insecure!! BootGuard keys can be overwritten or wiped or you are in developer mode.\n" RESET);
-+		}
-+		switch (bootguard) {
-+		case BOOTGUARD_DISABLED:
-+			printf("ME Capability: BootGuard Mode                             : " CGRN "Disabled\n" RESET);
-+			printf(CGRN "\nYour system is bootguard ready but your vendor disabled it. You can flash other firmware!\n" RESET);
-+			break;
-+		case BOOTGUARD_ENABLED_COMBI_MODE:
-+			printf("ME Capability: BootGuard Mode                             : " CRED "Verified & Measured Boot\n" RESET);
-+			printf(CRED "\nYou can't flash other firmware. Verified boot is enabled!\n" RESET);
-+			break;
-+		case BOOTGUARD_ENABLED_MEASUREMENT_MODE:
-+			printf("ME Capability: BootGuard Mode                             : " CGRN "Measured Boot\n" RESET);
-+			printf(CGRN "\nYour system is bootguard ready but only running the measured boot mode. You can flash other firmware!\n" RESET);
-+			break;
-+		case BOOTGUARD_ENABLED_VERIFIED_MODE:
-+			printf("ME Capability: BootGuard Mode                             : " CRED "Verified Boot\n" RESET);
-+			printf(CRED "\nYou can't flash other firmware. Verified boot is enabled!\n" RESET);
-+			break;
-+		}
-+	} else {
-+		print_cap("BootGuard                                 ", 0);
-+		printf(CGRN "\nYour system isn't bootguard ready. You can flash other firmware!\n" RESET);
-+	}
-+}
-+
- static void print_version(void)
- {
- 	printf("intelmetool v%s -- ", INTELMETOOL_VERSION);
--	printf("Copyright (C) 2015 Damien Zammit\n\n");
-+	printf("Copyright (C) 2016 Damien Zammit, Philipp Deppenwiese\n\n");
- 	printf(
- 		"This program is free software: you can redistribute it and/or modify\n"
- 		"it under the terms of the GNU General Public License as published by\n"
-@@ -312,13 +379,14 @@ static void print_version(void)
- 
- static void print_usage(const char *name)
- {
--	printf("usage: %s [-vh?sd]\n", name);
-+	printf("usage: %s [-vh?mdb]\n", name);
- 	printf("\n"
--			 "   -v | --version:                   print the version\n"
--			 "   -h | --help:                      print this help\n\n"
--			 "   -s | --show:                      dump all me information on console\n"
--			 "   -d | --debug:                     enable debug output\n"
--			 "\n");
-+	       "   -v | --version                    print the version\n"
-+	       "   -h | --help                       print this help\n\n"
-+	       "   -m | --me                         dump all me related information on console\n"
-+	       "   -b | --bootguard                  dump bootguard state of the platform\n"
-+	       "   -d | --debug                      enable debug output\n"
-+	       "\n");
- 	exit(1);
- }
- 
-@@ -330,21 +398,25 @@ int main(int argc, char *argv[])
- 	static struct option long_options[] = {
- 		{"version", 0, 0, 'v'},
- 		{"help", 0, 0, 'h'},
--		{"show", 0, 0, 's'},
-+		{"me", 0, 0, 'm'},
-+		{"bootguard", 0, 0, 'b'},
- 		{"debug", 0, 0, 'd'},
- 		{0, 0, 0, 0}
- 	};
- 
--	while ((opt = getopt_long(argc, argv, "vh?sd",
--				long_options, &option_index)) != EOF) {
-+	while ((opt = getopt_long(argc, argv, "vh?mdb",
-+				  long_options, &option_index)) != EOF) {
- 		switch (opt) {
- 		case 'v':
- 			print_version();
- 			exit(0);
- 			break;
--		case 's':
-+		case 'm':
- 			cmd_exec = 1;
- 			break;
-+		case 'b':
-+			cmd_exec = 2;
-+			break;
- 		case 'd':
- 			debug = 1;
- 			break;
-@@ -358,37 +430,48 @@ int main(int argc, char *argv[])
- 	}
- 
- 	#if defined(__FreeBSD__)
--		if (open("/dev/io", O_RDWR) < 0) {
--			perror("/dev/io");
-+	if (open("/dev/io", O_RDWR) < 0) {
-+		perror("/dev/io");
- 	#elif defined(__NetBSD__)
- 	# ifdef __i386__
--		if (i386_iopl(3)) {
--			perror("iopl");
-+	if (i386_iopl(3)) {
-+		perror("iopl");
- 	# else
--		if (x86_64_iopl(3)) {
--			perror("iopl");
-+	if (x86_64_iopl(3)) {
-+		perror("iopl");
- 	# endif
- 	#else
--		if (iopl(3)) {
--			perror("iopl");
-+	if (iopl(3)) {
-+		perror("iopl");
- 	#endif
--			printf("You need to be root.\n");
--			exit(1);
--		}
-+		printf("You need to be root.\n");
-+		exit(1);
-+	}
- 
- 	#ifndef __DARWIN__
--		if ((fd_mem = open("/dev/mem", O_RDWR)) < 0) {
--			perror("Can not open /dev/mem");
--			exit(1);
--		}
-+	fd_mem = open("/dev/mem", O_RDWR);
-+	if (fd_mem < 0) {
-+		perror("Can not open /dev/mem");
-+		exit(1);
-+	}
-+
-+	get_cpu_id(cpu_id);
-+	if (strncmp(cpu_id, "GenuineIntel", CPU_ID_SIZE-1)) {
-+		perror("Error CPU is not from Intel.");
-+		exit(1);
-+	}
- 	#endif
- 
- 	switch(cmd_exec) {
- 	case 1:
- 		dump_me_info();
- 		break;
-+	case 2:
-+		dump_bootguard_info();
-+		break;
- 	default:
--		print_usage(argv[0]);
-+		dump_me_info();
-+		dump_bootguard_info();
- 		break;
- 	}
- 
-diff --git a/util/intelmetool/intelmetool.h b/util/intelmetool/intelmetool.h
-index b5fe35ae1a..384c0b4fd3 100644
---- a/util/intelmetool/intelmetool.h
-+++ b/util/intelmetool/intelmetool.h
-@@ -22,7 +22,7 @@
- #define ME_PRESENT_CAN_DISABLE 4
- #define ME_PRESENT_CANNOT_DISABLE 5
- 
--#define INTELMETOOL_VERSION "1.0"
-+#define INTELMETOOL_VERSION "1.1"
- 
- #if defined(__GLIBC__)
- #include <sys/io.h>
-@@ -48,7 +48,13 @@
- #define CWHT  "\x1B[37m"
- #define RESET "\033[0m"
- 
-+#define CPU_ID_SIZE 13
-+#define FD2 0x3428
-+#define ME_COMMAND_DELAY 10000
-+#define ME_MESSAGE_LEN 256
-+
- extern int debug;
-+extern void print_cap(const char *name, int state);
- 
- #define PCI_VENDOR_ID_INTEL 0x8086
- 
-diff --git a/util/intelmetool/me.c b/util/intelmetool/me.c
-index ff73aee2d6..1ee5b4121d 100644
---- a/util/intelmetool/me.c
-+++ b/util/intelmetool/me.c
-@@ -423,7 +423,7 @@ int mkhi_get_fw_version(void)
- 	return 0;
- }
- 
--static inline void print_cap(const char *name, int state)
-+void print_cap(const char *name, int state)
- {
- 	printf("ME Capability: %-30s : %s\n",
- 	       name, state ? CRED "ON" RESET : CGRN "OFF" RESET);
-diff --git a/util/intelmetool/me.h b/util/intelmetool/me.h
-index 76ee245753..d0f425264c 100644
---- a/util/intelmetool/me.h
-+++ b/util/intelmetool/me.h
-@@ -20,6 +20,8 @@
- #include <inttypes.h>
- #include <pci/pci.h>
- 
-+#include "intelmetool.h"
-+
- #define ME_RETRY                100000  /* 1 second */
- #define ME_DELAY                10      /* 10 us */
- 
-diff --git a/util/intelmetool/msr.c b/util/intelmetool/msr.c
-new file mode 100644
-index 0000000000..82181da4ea
---- /dev/null
-+++ b/util/intelmetool/msr.c
-@@ -0,0 +1,80 @@
-+/* intelmetool
-+ *
-+ * Copyright (C) 2013-2016 Philipp Deppenwiese <zaolin@das-labor.org>,
-+ * Copyright (C) 2013-2016 Alexander Couzens <lynxis@fe80.eu>
-+ *
-+ * This program is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU General Public License as
-+ * published by the Free Software Foundation; either version 2 of
-+ * the License, or any later version.
-+ *
-+ * This program is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ * GNU General Public License for more details.
-+ */
-+
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <errno.h>
-+
-+#include "msr.h"
-+
-+#ifndef __DARWIN__
-+static int fd_msr = 0;
-+
-+static uint64_t rdmsr(int addr)
-+{
-+	uint32_t buf[2];
-+	uint64_t msr = 0;
-+
-+	if (lseek(fd_msr, (off_t)addr, SEEK_SET) == -1) {
-+		perror("Could not lseek() to MSR");
-+		close(fd_msr);
-+		return -1;
-+	}
-+
-+	if (read(fd_msr, buf, 8) == 8) {
-+		msr = buf[1];
-+		msr <<= 32;
-+		msr |= buf[0];
-+		close(fd_msr);
-+		return msr;
-+	}
-+
-+	if (errno == EIO) {
-+		perror("IO error couldn't read MSR.");
-+		close(fd_msr);
-+		return -2;
-+	} else {
-+		perror("Couldn't read() MSR");
-+		close(fd_msr);
-+		return -1;
-+	}
-+
-+	return msr;
-+}
-+#endif
-+
-+int msr_bootguard(uint64_t *msr, int debug)
-+{
-+
-+#ifndef __DARWIN__
-+	fd_msr = open("/dev/cpu/0/msr", O_RDONLY);
-+	if (fd_msr < 0) {
-+		perror("Error while opening /dev/cpu/0/msr");
-+		printf("Did you run 'modprobe msr'?\n");
-+		return -1;
-+	}
-+
-+	*msr = rdmsr(MSR_BOOTGUARD);
-+#endif
-+
-+	if (!debug)
-+		*msr &= ~0xff;
-+
-+	return 0;
-+}
-diff --git a/util/intelmetool/msr.h b/util/intelmetool/msr.h
-new file mode 100644
-index 0000000000..2958ff6b40
---- /dev/null
-+++ b/util/intelmetool/msr.h
-@@ -0,0 +1,44 @@
-+/* intelmetool
-+ *
-+ * Copyright (C) 2013-2016 Philipp Deppenwiese <zaolin@das-labor.org>
-+ * Copyright (C) 2013-2016 Alexander Couzens <lynxis@fe80.eu>
-+ *
-+ * This program is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU General Public License as
-+ * published by the Free Software Foundation; either version 2 of
-+ * the License, or any later version.
-+ *
-+ * This program is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ * GNU General Public License for more details.
-+ */
-+
-+#include <inttypes.h>
-+#include <stdlib.h>
-+#include <fcntl.h>
-+#include <sys/mman.h>
-+#include <stdio.h>
-+
-+#define MSR_BOOTGUARD 0x13A
-+
-+#define BOOTGUARD_DISABLED 0x400000000
-+#define BOOTGUARD_ENABLED_VERIFIED_MODE 0x100000000
-+#define BOOTGUARD_ENABLED_MEASUREMENT_MODE 0x200000000
-+#define BOOTGUARD_ENABLED_COMBI_MODE 0x300000000
-+#define BOOTGUARD_CAPABILITY(x)                                                \
-+	(((x) == BOOTGUARD_DISABLED) ||                                        \
-+	 ((x) == BOOTGUARD_ENABLED_VERIFIED_MODE) ||                           \
-+	 ((x) == BOOTGUARD_ENABLED_MEASUREMENT_MODE) ||                        \
-+	 ((x) == BOOTGUARD_ENABLED_COMBI_MODE))
-+
-+#ifndef __DARWIN__
-+
-+typedef struct {
-+	unsigned int ebx;
-+	unsigned int edx;
-+	unsigned int ecx;
-+} regs_t;
-+
-+extern int msr_bootguard(uint64_t *msr, int debug);
-+#endif
author	Iru Cai	2018-12-01 21:38:32 +0800
committer	Iru Cai	2018-12-01 21:38:32 +0800
commit	4acfbe8d0933305829f34eb592937f146f080df7 (patch)
tree	cb59162799c5c8dade48c8d82859e2638ebf4660
parent	b30ba26a9fb307f8ecdcd61807d09e5d8be71c9c (diff)
download	aur-4acfbe8d0933305829f34eb592937f146f080df7.tar.gz