Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Z690 Wifi - Msi ms7d25 ddr5 tpm2 #1489

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

[WIP] Z690 Wifi - Msi ms7d25 ddr5 tpm2 #1489

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d627c4d
Z690 wip
ThePlexus Sep 1, 2023
2d6d9a7
Z690 msi_ms7d25_ddr5-tpm2
ThePlexus Sep 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 76 additions & 0 deletions blobs/msi_ms7d25_ddr5/download_BIOS_clean.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
#!/bin/bash
# Z690-Wifi DDR5
# Todo: lan rom?
function printusage {
echo "Usage: $0 -c <COREBOOT_DIR>"
}

BLOB_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

if [ "$#" -eq 0 ]; then printusage; fi

while getopts ":m:c:" opt; do
case $opt in
m)
if [ -x "$OPTARG" ]; then
MECLEAN="$OPTARG"
fi
;;
c)
if [ -x "$OPTARG" ]; then
COREBOOT_DIR="$OPTARG"
fi
;;
esac

done

ZIP_SHA256SUM="eb804a1f443701dd9fe9c786640054b7de9c10345236546758b9591ac078c7dd 7D25vA0.zip"
ROM_SHA256SUM="e85479b99b5b48bcc9f3485ca2f9d0a0b5769044dae141d389017fea5233c69d 7D25vA0/E7D25IMS.A00"
FINAL_IFD_SHA256SUM="235459f72c6a9b88df1e1afb288680731131f603a9d659edc27ef956418d1d12 ifd.bin"
FINAL_ME_SHA256SUM="b2e3a27d222392afd35145a23ff547d486b99a8479968bb8398cbeeecb2ec1d5 me.bin"
ZIPURL="https://download.msi.com/bos_exe/mb/7D25vA0.zip"
ROMFILENAME="7D25vA0/E7D25IMS.A00"
ZIPFILENAME=`echo $ZIPURL | sed 's/.*\///'`

extractdir=$(mktemp -d)
echo "### Creating temp dir $extractdir "
cd "$extractdir"

echo "### Downloading $ZIPURL"
wget $ZIPURL || { echo "ERROR: wget failed $ZIPURL" && exit 1; }
echo "### Verifying expected hash of $ZIPFILENAME"
echo "$ZIP_SHA256SUM" | sha256sum --check || { echo "Failed sha256sum verification on downloaded binary..." && exit 1; }

echo "### Extracting Archives"
unzip $ZIPFILENAME || { echo "Failed unzipping $ZIPFILENAME - Tool installed on host?" && exit 1;}

echo "### Verifying expected hash of $ROMFILENAME"
echo "$ROM_SHA256SUM" | sha256sum --check || { echo "Failed sha256sum verification on extracted binary..." && exit 1; }

echo "### extracing IFD"
dd bs=4096 count=1 if=$ROMFILENAME of=ifd.bin || { echo "Failed extracting ifd.bin ..." && exit 1; }

echo "### extracting ME"
dd bs=4096 count=984 skip=1 if=$ROMFILENAME of=me.bin || { echo "Failed extracting me.bin ..." && exit 1; }
echo "### Enabling HAP bit to soft disable ME"
printf '\x11' | dd of=ifd.bin bs=1 seek=478 count=1 conv=notrunc || { echo "Failed setting HAP bit / ME soft disable ..." && exit 1; }

if [[ "${CONFIG_ZERO_IFD_VSCC}" =~ ^(Y|y)$ ]]; then
FINAL_IFD_SHA256SUM="250fb40081b98d4a4a034ffa0d78bb6a8c6f930cfd30ebc34fc9df21153bac1a $BLOB_DIR/ifd.bin"
echo "### Overwriting existant VSCC table"
printf '\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF' | dd of=ifd.bin bs=1 seek=3568 count=8 conv=notrunc || { echo "Failed overwriting VSCC table ..." && exit 1; }
echo "### Modifying VSCC length to zero"
printf '\x00' | dd of=ifd.bin bs=1 seek=3837 count=1 conv=notrunc || { echo "Failed setting VSCC location lenght to 0x00 ..." && exit 1; }
else
echo "### Disabled by config - VSCC table mod"
fi

echo "### Verifying expected hashes"
echo "$FINAL_IFD_SHA256SUM" | sha256sum --check || { echo "Failed sha256sum verification on generated IFD bin..." && exit 1; }
mv ifd.bin $BLOB_DIR/ifd.bin
echo "$FINAL_ME_SHA256SUM" | sha256sum --check || { echo "Failed sha256sum verification on generated ME binary..." && exit 1; }
mv me.bin $BLOB_DIR/me.bin
echo "###Cleaning up..."
cd -
rm -r "$extractdir"
77 changes: 77 additions & 0 deletions boards/UNTESTED_msi_ms7d25_ddr5-tpm2/UNTESTED_msi_ms7d25_ddr5-tpm2.config
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
#Confuig for MSI Z690A DDR5

#This will proboably require its own kernel but for now we test using 5.10.5 as per the librem
CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config
CONFIG_COREBOOT_CONFIG=config/coreboot-msi_ms7d25_ddr5-tpm2.config

export CONFIG_COREBOOT=y
export CONFIG_COREBOOT_VERSION=4.20.1
export CONFIG_LINUX_VERSION=5.19.17

#Enable DEBUG output
export CONFIG_DEBUG_OUTPUT=y
#export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y
#export CONFIG_TPM2_CAPCTURE_PCAP=y

#stuff
ifeq "$(CONFIG_UROOT)" "y"
CONFIG_BUSYBOX=n
else
CONFIG_KEXEC=y
CONFIG_QRENCODE=y
CONFIG_TPMTOTP=y
CONFIG_POPT=y
CONFIG_FLASHTOOLS=y
CONFIG_FLASHROM=y
CONFIG_PCIUTILS=y
CONFIG_UTIL_LINUX=y
CONFIG_CRYPTSETUP2=y
CONFIG_GPG2=y
CONFIG_LVM2=y
CONFIG_MBEDTLS=y
CONFIG_DROPBEAR=y
CONFIG_MSRTOOLS=y
CONFIG_HOTPKEY=n

# Dependencies for a graphical menu. Enable CONFIG_SLANG and CONFIG_NEWT instead
# for a console-based menu.
CONFIG_CAIRO=y
CONFIG_FBWHIPTAIL=y
#
#text-based init (generic-init and gui-init)
#CONFIG_NEWT=y
#CONFIG_SLANG=y

endif

#TPM2 requirements
export CONFIG_TPM2_TOOLS=y
export CONFIG_PRIMARY_KEY_TYPE=ecc
CONFIG_TPM2_TSS=y
CONFIG_OPENSSL=y
#Set this option to zero out the VSCC table https://github.com/osresearch/heads/pull/1358#discussion_r1153251399
export CONFIG_ZERO_IFD_VSCC=y

CONFIG_LINUX_USB=y

export CONFIG_TPM=y
export CONFIG_BOOTSCRIPT=/bin/generic-init
export CONFIG_BOOT_REQ_HASH=n
export CONFIG_BOOT_REQ_ROLLBACK=n
export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off debug console=tty0"
export CONFIG_BOOT_KERNEL_REMOVE="quiet"
export CONFIG_BOOT_DEV="/dev/sda1"
export CONFIG_BOARD_NAME="MSI Z690(ms7d25) DDR5"
export CONFIG_FLASHROM_OPTIONS="-p internal"

# Make the Coreboot build depend on the following 3rd party blobs:
$(build)/coreboot-$(CONFIG_COREBOOT_VERSION)/$(BOARD)/.build: \
$(pwd)/blobs/msi_ms7d25_ddr5/me.bin $(pwd)/blobs/msi_ms7d25_ddr5/ifd.bin

$(pwd)/blobs/msi_ms7d25_ddr5/me.bin:
COREBOOT_DIR="$(build)/$(coreboot_base_dir)" \
$(pwd)/blobs/msi_ms7d25_ddr5/download_BIOS_clean.sh

$(pwd)/blobs/msi_ms7d25_ddr5/ifd.bin:
COREBOOT_DIR="$(build)/$(coreboot_base_dir)" \
$(pwd)/blobs/msi_ms7d25_ddr5/download_BIOS_clean.sh
20 changes: 20 additions & 0 deletions config/coreboot-msi_ms7d25_ddr5-tpm2.config
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
CONFIG_USE_BLOBS=y
CONFIG_VENDOR_MSI=y
CONFIG_BOARD_MSI_Z690_A_PRO_WIFI_DDR5=y
CONFIG_CBFS_SIZE=0x1000000
CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x20000
CONFIG_HAVE_IFD_BIN=y
CONFIG_HAVE_ME_BIN=y
CONFIG_IFD_BIN_PATH="@BLOB_DIR@/msi_ms7d25_ddr5/ifd.bin"
CONFIG_ME_BIN_PATH="@BLOB_DIR@/msi_ms7d25_ddr5/me.bin"
CONFIG_NO_GFX_INIT=y
CONFIG_HAVE_FSP_GOP=y
CONFIG_RUN_FSP_GOP=y
CONFIG_TPM_MEASURED_BOOT=y
CONFIG_TPM2=y
CONFIG_DRIVERS_PS2_KEYBOARD=y
CONFIG_DEFAULT_CONSOLE_LOGLEVEL_8=y
CONFIG_PAYLOAD_LINUX=y
CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage"
CONFIG_LINUX_INITRD="@BOARD_BUILD_DIR@/initrd.cpio.xz"
CONFIG_LINUX_COMMAND_LINE="intel_iommu=on intel_iommu=igfx_off debug console=ttyS0,115200 earlyprintk=ttyS0,115200 console=tty0"
3 changes: 3 additions & 0 deletions modules/linux
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,9 @@ linux_hash := a6fbd4ee903c128367892c2393ee0d9657b6ed3ea90016d4dc6f1f6da20b2330
else ifeq "$(CONFIG_LINUX_VERSION)" "5.10.5"
linux_version := 5.10.5
linux_hash := 3991a9e16a187d78d5f414d89236ae5d7f404a69e60c4c42a9d262ee19612ef4
else ifeq "$(CONFIG_LINUX_VERSION)" "5.19.17"
linux_version := 5.19.17
linux_hash := c93bb384a97ad1f0a4f18e442ce0291242722f78023eca658b22344541f09489
else ifeq "$(CONFIG_LINUX_VERSION)" "6.1.8"
linux_version := 6.1.8
linux_hash := b60bb53ab8ba370a270454b11e93d41af29126fc72bd6ede517673e2e57b816d
Expand Down