t480s port

.circleci/config.yml

@@ -102,7 +102,8 @@ jobs:
       - run:
           name: Download, neuter and deguard xx80 ME (keep generated GBE and extracted IFD in tree)
           command: |
-            ./blobs/xx80/download_clean_deguard_me_pad_tb.sh -m $(readlink -f ./blobs/utils/me_cleaner/me_cleaner.py) ./blobs/xx80/
+            ./blobs/xx80/t480_download_clean_deguard_me_pad_tb.sh -m $(readlink -f ./blobs/utils/me_cleaner/me_cleaner.py) ./blobs/xx80/
+            ./blobs/xx80/t480s_download_clean_deguard_me_pad_tb.sh -m $(readlink -f ./blobs/utils/me_cleaner/me_cleaner.py) ./blobs/xx80/
       - run:
           name: Download and extract t530 vbios roms for dgpu boards
           command: |
@@ -252,7 +253,7 @@ workflows:
           requires:
             - novacustom-nv4x_adl
 
-      # t480 is based on 24.12 coreboot release, not sharing any buildstack from now, depend on muscl-cross cache
+      # t480 is based on 24.12 coreboot release, not sharing any buildstack from now, depend on muslc-cross cache
       - build_and_persist:
           name: EOL_t480-hotp-maximized
           target: EOL_t480-hotp-maximized
@@ -526,14 +527,30 @@ workflows:
           requires:
             - librem_14
 
-      # t480 is based on 24.12 coreboot release, not sharing any buildstack from now, depend on muscl-cross cache
+      # t480 is based on 24.12 coreboot release, not sharing any buildstack from now, depend on muslc-cross cache
       - build:
           name: EOL_t480-maximized
           target: EOL_t480-maximized
           subcommand: ""
           requires:
             - EOL_t480-hotp-maximized
 
+      # t480s is based on 24.12 coreboot release, not sharing any buildstack from now, depend on muslc-cross cache
+      - build:
+          name: EOL_t480s-hotp-maximized
+          target: EOL_t480s-hotp-maximized
+          subcommand: ""
+          requires:
+            - EOL_t480-hotp-maximized
+
+      # t480s is based on 24.12 coreboot release, not sharing any buildstack from now, depend on muslc-cross cache
+      - build:
+          name: EOL_t480s-maximized
+          target: EOL_t480s-maximized
+          subcommand: ""
+          requires:
+            - EOL_t480-hotp-maximized
+
       # dasharo release, share 24.02.01 utils/crossgcc
       - build:
           name: UNTESTED_nitropad-ns50

blobs/xx80/.gitignore

@@ -1,2 +1,6 @@
 me.bin
 tb.bin
+t480_tb.bin
+t480s_tb.bin
+t480_me.bin
+t480s_me.bin

blobs/xx80/hashes.txt

@@ -1,4 +1,10 @@
-d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642  gbe.bin
-f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf  ifd.bin
-1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b  me.bin
-fc9c47ff4b16f036a7f49900f9da1983a5db44ca46156238b7b42e636d317388  tb.bin
+#T480:
+1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b  t480_me.bin
+fc9c47ff4b16f036a7f49900f9da1983a5db44ca46156238b7b42e636d317388  t480_tb.bin
+d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642  t480_gbe.bin
+f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf  t480_ifd.bin
+#T480s:
+7bc47ed1ead1d72a135e7adff207ae8ddddc56d81128d9d6a8061ad04685c73b  t480s_me.bin
+b53e4670327e076ef879b2abef0efd9aade20da88d0c0976921b9f32378c0119  t480s_tb.bin
+caf6393cd5c4ff305b677f50c258658710c42439080868c1fb8ea7584cffb204  t480s_ifd.bin
+36be39ecd0d06fa3f7893ca2746f702271c46b75de52bc599467a058bab8e271  t480s_gbe.bin

blobs/xx80/download_clean_deguard_me_pad_tb.sh → blobs/xx80/t480_download_clean_deguard_me_pad_tb.sh

@@ -168,8 +168,8 @@ function parse_params() {
 		usage_err "No valid output dir found"
 	fi
 	me_cleaned="${output_dir}/me_cleaned.bin"
-	me_deguarded="${output_dir}/me.bin"
-	tb_flashable="${output_dir}/tb.bin"
+	me_deguarded="${output_dir}/t480_me.bin"
+	tb_flashable="${output_dir}/t480_tb.bin"
 	echo "Writing cleaned and deguarded ME to ${me_deguarded}"
 	echo "Writing flashable TB to ${tb_flashable}"
 }

blobs/xx80/t480s_download_clean_deguard_me_pad_tb.sh

@@ -0,0 +1,200 @@
+#!/usr/bin/env bash
+
+# These variables are all for the deguard tool.
+# They would need to be changed if using the tool for other devices like the T480s or with a different ME version...
+ME_delta="thinkpad_t480s"
+ME_version="11.6.0.1126"
+ME_sku="2M"
+ME_pch="LP"
+
+# Thunderbolt firmware offset in bytes to pad to 1M
+TBFW_SIZE=1048575
+
+# Integrity checks for the vendor provided ME blob...
+ME_DOWNLOAD_HASH="ddfbc51430699e0dfcb24a60bcb5b6e5481b325ebecf1ac177e069013189e4b0"
+# ...and the cleaned and deguarded version from that blob.
+DEGUARDED_ME_BIN_HASH="7bc47ed1ead1d72a135e7adff207ae8ddddc56d81128d9d6a8061ad04685c73b"
+# Integrity checks for the vendor provided Thunderbolt blob...
+TB_DOWNLOAD_HASH="090d0085af4a20bcdfba8a75f1bce735ff80afbfea968bbe276a80a0c4c18706"
+# ...and the padded and flashable version from that blob.
+TB_BIN_HASH="b53e4670327e076ef879b2abef0efd9aade20da88d0c0976921b9f32378c0119"
+
+
+function usage() {
+	echo -n \
+		"Usage: $(basename "$0") -m <me_cleaner>(optional) path_to_output_directory
+Download Intel ME firmware from Dell, neutralize and shrink keeping the MFS.
+Download Thunderbolt firmware from Lenovo and pad it for flashing externally.
+"
+}
+
+function chk_sha256sum() {
+	sha256_hash="$1"
+	filename="$2"
+	echo "$sha256_hash" "$filename" "$(pwd)"
+	sha256sum "$filename"
+	if ! echo "${sha256_hash} ${filename}" | sha256sum --check; then
+		echo "ERROR: SHA256 checksum for ${filename} doesn't match."
+		exit 1
+	fi
+}
+
+function chk_exists_and_matches() {
+	if [[ -f "$1" ]]; then
+		if echo "${2} ${1}" | sha256sum --check; then
+			echo "SKIPPING: SHA256 checksum for $1 matches."
+			[[ "$3" = ME ]] && me_exists="y"
+			[[ "$3" = TB ]] && tb_exists="y"
+		fi
+		echo "$1 exists but checksum doesn't match. Continuing..."
+	fi
+}
+
+function download_and_clean() {
+	me_cleaner="$(realpath "${1}")"
+	me_output="$(realpath "${2}")"
+
+	# Download and unpack the Dell installer into a temporary directory and
+	# extract the deguardable Intel ME blob.
+	pushd "$(mktemp -d)" || exit
+
+	# Download the installer that contains the ME blob
+	me_installer_filename="Inspiron_5468_1.3.0.exe"
+	user_agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"
+	curl -A "$user_agent" -s -O "https://dl.dell.com/FOLDER04573471M/1/${me_installer_filename}"
+	chk_sha256sum "$ME_DOWNLOAD_HASH" "$me_installer_filename"
+
+	# Download the tool to unpack Dell's installer and unpack the ME blob.
+	git clone https://github.com/platomav/BIOSUtilities
+	git -C BIOSUtilities checkout ef50b75ae115ae8162fa8b0a7b8c42b1d2db894b
+
+	python "BIOSUtilities/Dell_PFS_Extract.py" "${me_installer_filename}" -e || exit
+
+	extracted_me_filename="1 Inspiron_5468_1.3.0 -- 3 Intel Management Engine (Non-VPro) Update v${ME_version}.bin"
+
+	# Neutralize and shrink Intel ME. Note that this doesn't include
+	# --soft-disable to set the "ME Disable" or "ME Disable B" (e.g.,
+	# High Assurance Program) bits, as they are defined within the Flash
+	# Descriptor.
+	# However, the HAP bit must be enabled to make the deguarded ME work. We only clean the ME in this function.
+	# https://github.com/corna/me_cleaner/wiki/External-flashing#neutralize-and-shrink-intel-me-useful-only-for-coreboot
+
+	# MFS is needed for deguard so we whitelist it here and also do not relocate the FTPR partition
+	python "$me_cleaner" --whitelist MFS -t -O "$me_output" "${me_installer_filename}_extracted/Firmware/${extracted_me_filename}"
+	rm -rf ./*
+	popd || exit
+}
+
+function deguard() {
+	me_input="$(realpath "${1}")"
+	me_output="$(realpath "${2}")"
+
+	# Download the deguard tool into a temporary directory and apply the patch to the cleaned ME blob.
+	pushd "$(mktemp -d)" || exit
+	git clone https://github.com/coreboot/deguard
+	pushd deguard || exit
+	git checkout 0ed3e4ff824fc42f71ee22907d0594ded38ba7b2
+
+	python ./finalimage.py \
+		--delta "data/delta/$ME_delta" \
+		--version "$ME_version" \
+		--pch "$ME_pch" \
+		--sku "$ME_sku" \
+		--fake-fpfs data/fpfs/zero \
+		--input "$me_input" \
+		--output "$me_output"
+
+	popd || exit
+	#Cleanup
+	rm -rf ./*
+	popd || exit
+}
+
+function download_and_pad_tb() {
+	tb_output="$(realpath "${1}")"
+
+	# Download and unpack the Lenovo installer into a temporary directory and
+	# extract the TB blob.
+	pushd "$(mktemp -d)" || exit
+
+	# Download the installer that contains the T480s TB blob
+	tb_installer_filename=""n22th11w.exe""
+	user_agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"
+	curl -A "$user_agent" -s -O "https://download.lenovo.com/pccbbs/mobiles/${tb_installer_filename}"
+	chk_sha256sum "$TB_DOWNLOAD_HASH" "$tb_installer_filename"
+
+	# https://www.reddit.com/r/thinkpad/comments/9rnimi/ladies_and_gentlemen_i_present_to_you_the/
+	innoextract n22th11w.exe -d .
+	mv ./code\$GetExtractPath\$/TBT.bin tb.bin
+	# pad with zeros
+	dd if=/dev/zero of=tb.bin bs=1 seek="$TBFW_SIZE" count=1
+	mv "tb.bin" "$tb_output"
+
+	rm -rf ./*
+	popd || exit
+}
+
+function usage_err() {
+	echo "$1"
+	usage
+	exit 1
+}
+
+function parse_params() {
+	while getopts ":m:" opt; do
+		case $opt in
+		m)
+			if [[ -x "$OPTARG" ]]; then
+				me_cleaner="$OPTARG"
+			fi
+			;;
+		?)
+			usage_err "Invalid Option: -$OPTARG"
+			;;
+		esac
+	done
+
+	if [[ -z "${me_cleaner}" ]]; then
+		if [[ -z "${COREBOOT_DIR}" ]]; then
+			usage_err "ERROR: me_cleaner.py not found. Set path with -m parameter or define the COREBOOT_DIR variable."
+		else
+			me_cleaner="${COREBOOT_DIR}/util/me_cleaner/me_cleaner.py"
+		fi
+	fi
+	echo "Using me_cleaner from ${me_cleaner}"
+
+	shift $(($OPTIND - 1))
+	output_dir="$(realpath "${1:-./}")"
+	if [[ ! -d "${output_dir}" ]]; then
+		usage_err "No valid output dir found"
+	fi
+	me_cleaned="${output_dir}/me_cleaned.bin"
+	me_deguarded="${output_dir}/t480s_me.bin"
+	tb_flashable="${output_dir}/t480s_tb.bin"
+	echo "Writing cleaned and deguarded ME to ${me_deguarded}"
+	echo "Writing flashable TB to ${tb_flashable}"
+}
+
+if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
+	if [[ "${1:-}" == "--help" ]]; then
+		usage
+		exit 0
+	fi
+
+	parse_params "$@"
+	chk_exists_and_matches "$me_deguarded" "$DEGUARDED_ME_BIN_HASH" ME
+	chk_exists_and_matches "$tb_flashable" "$TB_BIN_HASH" TB
+
+	if [[ -z "$me_exists" ]]; then
+		download_and_clean "$me_cleaner" "$me_cleaned"
+		deguard "$me_cleaned" "$me_deguarded"
+		rm -f "$me_cleaned"
+	fi
+
+	if [[ -z "$tb_exists" ]]; then
+		download_and_pad_tb "$tb_flashable"
+	fi
+
+	chk_sha256sum "$DEGUARDED_ME_BIN_HASH" "$me_deguarded"
+	chk_sha256sum "$TB_BIN_HASH" "$tb_flashable"
+fi

boards/EOL_t480-hotp-maximized/EOL_t480-hotp-maximized.config

@@ -97,4 +97,4 @@ export CONFIG_BOARD_NAME="Thinkpad T480-hotp-maximized"
 export CONFIG_FLASH_OPTIONS="flashprog --progress --programmer internal"
 
 #Include bits related to ivybridge ME blob download/neutering down to BUP+ROMP
-BOARD_TARGETS := xx80_me_blobs
+BOARD_TARGETS := t480_me_blobs

boards/EOL_t480-maximized/EOL_t480-maximized.config

@@ -97,4 +97,4 @@ export CONFIG_BOARD_NAME="Thinkpad T480-maximized"
 export CONFIG_FLASH_OPTIONS="flashprog --progress --programmer internal"
 
 #Include bits related to ivybridge ME blob download/neutering down to BUP+ROMP
-BOARD_TARGETS := xx80_me_blobs
+BOARD_TARGETS := t480_me_blobs

boards/EOL_t480s-hotp-maximized/EOL_t480s-hotp-maximized.config

@@ -0,0 +1,100 @@
+# WARNING: This system remains perpetually vulnerable to Spectre v2 (CVE-2017-5715). Mitigations and microcode updates previously applied are now known to be ineffective due to QSB-107 and related CVEs. If Spectre v2 is a concern in your threat model, consider migrating to a platform with ongoing microcode support. Proper OPSEC for Memory Use MUST be followed:https://www.anarsec.guide/posts/qubes/#appendix-opsec-for-memory-use
+# Configuration for a T480 running Qubes 4.2.3 and other Linux Based OSes (through kexec)
+#
+# CAVEATS:
+# This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running.
+# This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash.
+# Also it can be used to extract FDE keys from a TPM.
+# The related coreboot issue contains more information: https://ticket.coreboot.org/issues/576
+# Make sure you understand the implications of the attack for your threat model before using this board.
+#
+# Includes
+# - Deactivated+neutered+deguarded ME and expanded consequent IFD BIOS regions 
+# - Forged GBE MAC address to 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx80/extract.sh)
+#   - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set
+# - Flashable Thunderbolt tb.bin blob extracted from https://download.lenovo.com/pccbbs/mobiles/n24th13w.exe
+#   - It is zero-padded to 1MB and should be flashed to the Thunderbolt SPI chip,
+#     which is not the same as the 16MB chip to which the heads rom is flashed.
+#     External flashing is recommended as the only way to reliably fix a bug in the original Thunderbolt software on the SPI chip.
+#     You can find a guide here: https://osresearch.net/T430-maximized-flashing/
+#
+# - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code)
+
+export CONFIG_COREBOOT=y
+export CONFIG_COREBOOT_VERSION=24.12
+export CONFIG_LINUX_VERSION=6.1.8
+
+CONFIG_COREBOOT_CONFIG=config/coreboot-t480s-maximized.config
+CONFIG_LINUX_CONFIG=config/linux-t480.config
+
+#On-demand hardware support (modules.cpio)
+CONFIG_LINUX_USB=y
+CONFIG_LINUX_E1000E=y
+CONFIG_MOBILE_TETHERING=y
+
+#Modules packed into tools.cpio
+CONFIG_CRYPTSETUP2=y
+CONFIG_FLASHPROG=y
+CONFIG_FLASHTOOLS=y
+CONFIG_GPG2=y
+CONFIG_KEXEC=y
+CONFIG_UTIL_LINUX=y
+CONFIG_LVM2=y
+CONFIG_MBEDTLS=y
+CONFIG_PCIUTILS=y
+
+#platform locking finalization (PR0)
+CONFIG_IO386=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y
+
+
+#Remote attestation support
+# TPM2 requirements
+CONFIG_TPM2_TSS=y
+CONFIG_OPENSSL=y
+#Remote Attestation common tools
+CONFIG_POPT=y
+CONFIG_QRENCODE=y
+CONFIG_TPMTOTP=y
+#HOTP based remote attestation for supported USB Security dongle
+#With/Without TPM support
+CONFIG_HOTPKEY=y
+#Nitrokey Storage admin tool (deprecated)
+#CONFIG_NKSTORECLI=n
+
+#GUI Support
+#Console based Whiptail support(Console based, no FB):
+#CONFIG_SLANG=y
+#CONFIG_NEWT=y
+#FBWhiptail based (Graphical):
+CONFIG_CAIRO=y
+CONFIG_FBWHIPTAIL=y
+
+#Additional tools (tools.cpio):
+#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E)
+CONFIG_DROPBEAR=y
+
+#Runtime configuration
+#Automatically boot if HOTP is valid
+export CONFIG_AUTO_BOOT_TIMEOUT=5
+#TPM2 requirements
+export CONFIG_TPM2_TOOLS=y
+export CONFIG_PRIMARY_KEY_TYPE=ecc
+#TPM1 requirements
+#export CONFIG_TPM=y
+export CONFIG_DEBUG_OUTPUT=n
+export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=n
+#Enable TPM2 pcap output under /tmp
+export CONFIG_TPM2_CAPTURE_PCAP=n
+#Enable quiet mode: technical information logged under /tmp/debug.log
+export CONFIG_QUIET_MODE=y
+export CONFIG_BOOTSCRIPT=/bin/gui-init
+export CONFIG_BOOT_REQ_HASH=n
+export CONFIG_BOOT_REQ_ROLLBACK=n
+export CONFIG_BOOT_KERNEL_ADD=""
+export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off"
+export CONFIG_BOARD_NAME="Thinkpad T480S-hotp-maximized"
+export CONFIG_FLASH_OPTIONS="flashprog --progress --programmer internal"
+
+#Include bits related to ivybridge ME blob download/neutering down to BUP+ROMP
+BOARD_TARGETS := t480s_me_blobs