WiP - W530: flash board config to externally flash single 8mb exposed spi flash chip (then flash whole 12mb internally) #1558
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…) to permit under palmrest single 8mb flashing in the goal of permitting to flash whole combined 12mb internally with maximized images. blobs/xx30/ifd_w530_under_palmrest.bin: plainly extracted from ifd blobs/xx30/ifd_w530_under_palmrest_adjusted.bin adjusted by me_cleaner boards/x230-legacy-flash/x230-legacy-flash.config config/coreboot-w530-maximized_flash_under_palmrest.config: currently 8mb BIOS. initrd/etc/layout_maximized_ivy.txt: shared layout of ivy maximized boards Error on flashrom read: read_flash: dailed to read (0x001000..0xbffff) Signed-off-by: Thierry Laurion <[email protected]>
tlaurion
changed the title
- Here we add blobs/xx30/ifd_w530_under_palmrest_adjusted.bin.new - We point config/coreboot-w530-maximized_flash_under_palmrest.config to it Created by: build/x86/coreboot-4.19/util/ifdtool/ifdtool -u blobs/xx30/ifd_w530_under_palmrest_adjusted.bin diff -u <(build/x86/coreboot-4.19/util/ifdtool/ifdtool -d blobs/xx30/ifd_w530_under_palmrest_adjusted.bin) <(build/x86/coreboot-4.19/util/ifdtool/ifdtool -d blobs/xx30/ifd_w530_under_palmrest_adjusted.bin.new) --- /dev/fd/63 2023-12-19 16:24:49.884000000 -0500 +++ /dev/fd/62 2023-12-19 16:24:49.886000000 -0500 @@ -1,4 +1,4 @@ -File blobs/xx30/ifd_w530_under_palmrest_adjusted.bin is 4096 bytes +File blobs/xx30/ifd_w530_under_palmrest_adjusted.bin.new is 4096 bytes PCH Revision: 6 series Cougar Point FLMAP0: 0x03040103 NR: 3 @@ -197,30 +197,30 @@ AltMeDisable bit is set Found Master Section -FLMSTR1: 0x0a0b0000 (Host CPU/BIOS) - Platform Data Region Write Access: disabled +FLMSTR1: 0xffff0000 (Host CPU/BIOS) + Platform Data Region Write Access: enabled GbE Region Write Access: enabled - Intel ME Region Write Access: disabled + Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled - Flash Descriptor Write Access: disabled - Platform Data Region Read Access: disabled + Flash Descriptor Write Access: enabled + Platform Data Region Read Access: enabled GbE Region Read Access: enabled - Intel ME Region Read Access: disabled + Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled Requester ID: 0x0000 -FLMSTR2: 0x04040000 (Intel ME) - Platform Data Region Write Access: disabled - GbE Region Write Access: disabled +FLMSTR2: 0xffff0000 (Intel ME) + Platform Data Region Write Access: enabled + GbE Region Write Access: enabled Intel ME Region Write Access: enabled - Host CPU/BIOS Region Write Access: disabled - Flash Descriptor Write Access: disabled - Platform Data Region Read Access: disabled - GbE Region Read Access: disabled + Host CPU/BIOS Region Write Access: enabled + Flash Descriptor Write Access: enabled + Platform Data Region Read Access: enabled + GbE Region Read Access: enabled Intel ME Region Read Access: enabled - Host CPU/BIOS Region Read Access: disabled - Flash Descriptor Read Access: disabled + Host CPU/BIOS Region Read Access: enabled + Flash Descriptor Read Access: enabled Requester ID: 0x0000 FLMSTR3: 0x08080118 (GbE)
Signed-off-by: Thierry Laurion <[email protected]>
As of now for testing laptop, alternatives are: - Will try to solder on cn100 pad/create 3dprinted gadget/something existing that could easily be plugged there to do first flash/unbrick - Figure out the coreboot doc's "easy trick" that I don't find easy at all at https://doc.coreboot.org/mainboard/lenovo/w530.html - Connect cs pin to 4mb chip to be able to talk to 4mb chip instead of the 8mb one? Would be nice but don't know how to create gadget reproducibly without soldering Current output of flashrom: flashrom on Linux 5.10.5-Heads (x86_64) flashrom is free software, get the source code at https://flashrom.org Calibrating delay loop... OK. coreboot table found at 0x7feef000. Found chipset "Intel QM77". Enabling flash write... FREG0: Flash Descriptor region (0x00000000-0x00000fff) is read-write. FREG1: BIOS region (0x0001b000-0x007fffff) is read-write. FREG2: Management Engine region (0x00003000-0x0001afff) is read-write. FREG3: Gigabit Ethernet region (0x00001000-0x00002fff) is read-write. Enabling hardware sequencing due to multiple flash chips detected. OK. Multiple flash components detected, skipping flash identification. Found Programmer flash chip "Opaque flash chip" (12288 kB, Programmer-specific) on internal. Reading old flash chip contents... Transaction error between offset 0x00800000 and 0x0080003f (= 0x00800000 + 63)! read_flash: failed to read (0x001000..0xbfffff). FAILED. Explanation: even if original firmware is not having bios protection on, even if OPTION_TABLE is disregarded by coreboot, eve if IFD is unlocked... Flashrom is incapable of touching the 4mb chip in reading or writing. internal:laptop:force_Iwant_a_brick and all the other trics fail. Bios lock is in action and seems to require exploit chain to be able to flash internally. Signed-off-by: Thierry Laurion <[email protected]>
|
This can't be done. The only way forward here is to
Reasoning is that there is no way a 8mb defined ifd can actually seek out of the 8mb flash to span over 4mb flash in opaque combined spi flash from internal programmer; therefore impossible to flash 12mb image internally from a 8mb defined boundary rom flashed over 8mb chip only. Would have been nice but simply technically impossible. Todo for courageous:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add flasher board config, coreboot config, ifd(s: to be modified) to permit under palmrest single 8mb flashing in the goal of permitting to flash whole combined 12mb internally with maximized images without need of total laptop disassembly to reach 4mb spi flash under reinforced case metal+plastic reinforcement (common thing for w530/t530 as reported under issue #1189)
Removal of plamrest and keyboard:
Content:
Current status when internally flashing:
Text output
When successful, will fix