1 /******************************************************************************
2 * Intel Management Engine Interface (Intel MEI) Linux driver
3 * Intel MEI Interface Header
4 *
5 * This file is provided under a dual BSD/GPLv2 license. When using or
6 * redistributing this file, you may do so under either license.
7 *
8 * GPL LICENSE SUMMARY
9 *
10 * Copyright(c) 2012 Intel Corporation. All rights reserved.
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of version 2 of the GNU General Public License as
14 * published by the Free Software Foundation.
15 *
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
24 * USA
25 *
26 * The full GNU General Public License is included in this distribution
27 * in the file called LICENSE.GPL.
28 *
29 * Contact Information:
30 * Intel Corporation.
31 * linux-mei@linux.intel.com
32 * http://www.intel.com
33 *
34 * BSD LICENSE
35 *
36 * Copyright(c) 2003 - 2012 Intel Corporation. All rights reserved.
37 * All rights reserved.
38 *
39 * Redistribution and use in source and binary forms, with or without
40 * modification, are permitted provided that the following conditions
41 * are met:
42 *
43 * * Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * * Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in
47 * the documentation and/or other materials provided with the
48 * distribution.
49 * * Neither the name Intel Corporation nor the names of its
50 * contributors may be used to endorse or promote products derived
51 * from this software without specific prior written permission.
52 *
53 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
54 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
55 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
56 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
57 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
58 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
59 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
60 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
61 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
62 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
63 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
64 *
65 *****************************************************************************/
66
67 #include <stdio.h>
68 #include <stdlib.h>
69 #include <string.h>
70 #include <fcntl.h>
71 #include <sys/ioctl.h>
72 #include <unistd.h>
73 #include <errno.h>
74 #include <stdint.h>
75 #include <stdbool.h>
76 #include <bits/wordsize.h>
77 #include <linux/mei.h>
78
79 /*****************************************************************************
80 * Intel Management Engine Interface
81 *****************************************************************************/
82
83 #define mei_msg(_me, fmt, ARGS...) do { \
84 if (_me->verbose) \
85 fprintf(stderr, fmt, ##ARGS); \
86 } while (0)
87
88 #define mei_err(_me, fmt, ARGS...) do { \
89 fprintf(stderr, "Error: " fmt, ##ARGS); \
90 } while (0)
91
92 struct mei {
93 uuid_le guid;
94 bool initialized;
95 bool verbose;
96 unsigned int buf_size;
97 unsigned char prot_ver;
98 int fd;
99 };
100
mei_deinit(struct mei * cl)101 static void mei_deinit(struct mei *cl)
102 {
103 if (cl->fd != -1)
104 close(cl->fd);
105 cl->fd = -1;
106 cl->buf_size = 0;
107 cl->prot_ver = 0;
108 cl->initialized = false;
109 }
110
mei_init(struct mei * me,const uuid_le * guid,unsigned char req_protocol_version,bool verbose)111 static bool mei_init(struct mei *me, const uuid_le *guid,
112 unsigned char req_protocol_version, bool verbose)
113 {
114 int result;
115 struct mei_client *cl;
116 struct mei_connect_client_data data;
117
118 me->verbose = verbose;
119
120 me->fd = open("/dev/mei0", O_RDWR);
121 if (me->fd == -1) {
122 mei_err(me, "Cannot establish a handle to the Intel MEI driver\n");
123 goto err;
124 }
125 memcpy(&me->guid, guid, sizeof(*guid));
126 memset(&data, 0, sizeof(data));
127 me->initialized = true;
128
129 memcpy(&data.in_client_uuid, &me->guid, sizeof(me->guid));
130 result = ioctl(me->fd, IOCTL_MEI_CONNECT_CLIENT, &data);
131 if (result) {
132 mei_err(me, "IOCTL_MEI_CONNECT_CLIENT receive message. err=%d\n", result);
133 goto err;
134 }
135 cl = &data.out_client_properties;
136 mei_msg(me, "max_message_length %d\n", cl->max_msg_length);
137 mei_msg(me, "protocol_version %d\n", cl->protocol_version);
138
139 if ((req_protocol_version > 0) &&
140 (cl->protocol_version != req_protocol_version)) {
141 mei_err(me, "Intel MEI protocol version not supported\n");
142 goto err;
143 }
144
145 me->buf_size = cl->max_msg_length;
146 me->prot_ver = cl->protocol_version;
147
148 return true;
149 err:
150 mei_deinit(me);
151 return false;
152 }
153
mei_recv_msg(struct mei * me,unsigned char * buffer,ssize_t len,unsigned long timeout)154 static ssize_t mei_recv_msg(struct mei *me, unsigned char *buffer,
155 ssize_t len, unsigned long timeout)
156 {
157 ssize_t rc;
158
159 mei_msg(me, "call read length = %zd\n", len);
160
161 rc = read(me->fd, buffer, len);
162 if (rc < 0) {
163 mei_err(me, "read failed with status %zd %s\n",
164 rc, strerror(errno));
165 mei_deinit(me);
166 } else {
167 mei_msg(me, "read succeeded with result %zd\n", rc);
168 }
169 return rc;
170 }
171
mei_send_msg(struct mei * me,const unsigned char * buffer,ssize_t len,unsigned long timeout)172 static ssize_t mei_send_msg(struct mei *me, const unsigned char *buffer,
173 ssize_t len, unsigned long timeout)
174 {
175 struct timeval tv;
176 ssize_t written;
177 ssize_t rc;
178 fd_set set;
179
180 tv.tv_sec = timeout / 1000;
181 tv.tv_usec = (timeout % 1000) * 1000000;
182
183 mei_msg(me, "call write length = %zd\n", len);
184
185 written = write(me->fd, buffer, len);
186 if (written < 0) {
187 rc = -errno;
188 mei_err(me, "write failed with status %zd %s\n",
189 written, strerror(errno));
190 goto out;
191 }
192
193 FD_ZERO(&set);
194 FD_SET(me->fd, &set);
195 rc = select(me->fd + 1 , &set, NULL, NULL, &tv);
196 if (rc > 0 && FD_ISSET(me->fd, &set)) {
197 mei_msg(me, "write success\n");
198 } else if (rc == 0) {
199 mei_err(me, "write failed on timeout with status\n");
200 goto out;
201 } else { /* rc < 0 */
202 mei_err(me, "write failed on select with status %zd\n", rc);
203 goto out;
204 }
205
206 rc = written;
207 out:
208 if (rc < 0)
209 mei_deinit(me);
210
211 return rc;
212 }
213
214 /***************************************************************************
215 * Intel Advanced Management Technology ME Client
216 ***************************************************************************/
217
218 #define AMT_MAJOR_VERSION 1
219 #define AMT_MINOR_VERSION 1
220
221 #define AMT_STATUS_SUCCESS 0x0
222 #define AMT_STATUS_INTERNAL_ERROR 0x1
223 #define AMT_STATUS_NOT_READY 0x2
224 #define AMT_STATUS_INVALID_AMT_MODE 0x3
225 #define AMT_STATUS_INVALID_MESSAGE_LENGTH 0x4
226
227 #define AMT_STATUS_HOST_IF_EMPTY_RESPONSE 0x4000
228 #define AMT_STATUS_SDK_RESOURCES 0x1004
229
230
231 #define AMT_BIOS_VERSION_LEN 65
232 #define AMT_VERSIONS_NUMBER 50
233 #define AMT_UNICODE_STRING_LEN 20
234
235 struct amt_unicode_string {
236 uint16_t length;
237 char string[AMT_UNICODE_STRING_LEN];
238 } __attribute__((packed));
239
240 struct amt_version_type {
241 struct amt_unicode_string description;
242 struct amt_unicode_string version;
243 } __attribute__((packed));
244
245 struct amt_version {
246 uint8_t major;
247 uint8_t minor;
248 } __attribute__((packed));
249
250 struct amt_code_versions {
251 uint8_t bios[AMT_BIOS_VERSION_LEN];
252 uint32_t count;
253 struct amt_version_type versions[AMT_VERSIONS_NUMBER];
254 } __attribute__((packed));
255
256 /***************************************************************************
257 * Intel Advanced Management Technology Host Interface
258 ***************************************************************************/
259
260 struct amt_host_if_msg_header {
261 struct amt_version version;
262 uint16_t _reserved;
263 uint32_t command;
264 uint32_t length;
265 } __attribute__((packed));
266
267 struct amt_host_if_resp_header {
268 struct amt_host_if_msg_header header;
269 uint32_t status;
270 unsigned char data[0];
271 } __attribute__((packed));
272
273 const uuid_le MEI_IAMTHIF = UUID_LE(0x12f80028, 0xb4b7, 0x4b2d, \
274 0xac, 0xa8, 0x46, 0xe0, 0xff, 0x65, 0x81, 0x4c);
275
276 #define AMT_HOST_IF_CODE_VERSIONS_REQUEST 0x0400001A
277 #define AMT_HOST_IF_CODE_VERSIONS_RESPONSE 0x0480001A
278
279 const struct amt_host_if_msg_header CODE_VERSION_REQ = {
280 .version = {AMT_MAJOR_VERSION, AMT_MINOR_VERSION},
281 ._reserved = 0,
282 .command = AMT_HOST_IF_CODE_VERSIONS_REQUEST,
283 .length = 0
284 };
285
286
287 struct amt_host_if {
288 struct mei mei_cl;
289 unsigned long send_timeout;
290 bool initialized;
291 };
292
293
amt_host_if_init(struct amt_host_if * acmd,unsigned long send_timeout,bool verbose)294 static bool amt_host_if_init(struct amt_host_if *acmd,
295 unsigned long send_timeout, bool verbose)
296 {
297 acmd->send_timeout = (send_timeout) ? send_timeout : 20000;
298 acmd->initialized = mei_init(&acmd->mei_cl, &MEI_IAMTHIF, 0, verbose);
299 return acmd->initialized;
300 }
301
amt_host_if_deinit(struct amt_host_if * acmd)302 static void amt_host_if_deinit(struct amt_host_if *acmd)
303 {
304 mei_deinit(&acmd->mei_cl);
305 acmd->initialized = false;
306 }
307
amt_verify_code_versions(const struct amt_host_if_resp_header * resp)308 static uint32_t amt_verify_code_versions(const struct amt_host_if_resp_header *resp)
309 {
310 uint32_t status = AMT_STATUS_SUCCESS;
311 struct amt_code_versions *code_ver;
312 size_t code_ver_len;
313 uint32_t ver_type_cnt;
314 uint32_t len;
315 uint32_t i;
316
317 code_ver = (struct amt_code_versions *)resp->data;
318 /* length - sizeof(status) */
319 code_ver_len = resp->header.length - sizeof(uint32_t);
320 ver_type_cnt = code_ver_len -
321 sizeof(code_ver->bios) -
322 sizeof(code_ver->count);
323 if (code_ver->count != ver_type_cnt / sizeof(struct amt_version_type)) {
324 status = AMT_STATUS_INTERNAL_ERROR;
325 goto out;
326 }
327
328 for (i = 0; i < code_ver->count; i++) {
329 len = code_ver->versions[i].description.length;
330
331 if (len > AMT_UNICODE_STRING_LEN) {
332 status = AMT_STATUS_INTERNAL_ERROR;
333 goto out;
334 }
335
336 len = code_ver->versions[i].version.length;
337 if (code_ver->versions[i].version.string[len] != '\0' ||
338 len != strlen(code_ver->versions[i].version.string)) {
339 status = AMT_STATUS_INTERNAL_ERROR;
340 goto out;
341 }
342 }
343 out:
344 return status;
345 }
346
amt_verify_response_header(uint32_t command,const struct amt_host_if_msg_header * resp_hdr,uint32_t response_size)347 static uint32_t amt_verify_response_header(uint32_t command,
348 const struct amt_host_if_msg_header *resp_hdr,
349 uint32_t response_size)
350 {
351 if (response_size < sizeof(struct amt_host_if_resp_header)) {
352 return AMT_STATUS_INTERNAL_ERROR;
353 } else if (response_size != (resp_hdr->length +
354 sizeof(struct amt_host_if_msg_header))) {
355 return AMT_STATUS_INTERNAL_ERROR;
356 } else if (resp_hdr->command != command) {
357 return AMT_STATUS_INTERNAL_ERROR;
358 } else if (resp_hdr->_reserved != 0) {
359 return AMT_STATUS_INTERNAL_ERROR;
360 } else if (resp_hdr->version.major != AMT_MAJOR_VERSION ||
361 resp_hdr->version.minor < AMT_MINOR_VERSION) {
362 return AMT_STATUS_INTERNAL_ERROR;
363 }
364 return AMT_STATUS_SUCCESS;
365 }
366
amt_host_if_call(struct amt_host_if * acmd,const unsigned char * command,ssize_t command_sz,uint8_t ** read_buf,uint32_t rcmd,unsigned int expected_sz)367 static uint32_t amt_host_if_call(struct amt_host_if *acmd,
368 const unsigned char *command, ssize_t command_sz,
369 uint8_t **read_buf, uint32_t rcmd,
370 unsigned int expected_sz)
371 {
372 uint32_t in_buf_sz;
373 ssize_t out_buf_sz;
374 ssize_t written;
375 uint32_t status;
376 struct amt_host_if_resp_header *msg_hdr;
377
378 in_buf_sz = acmd->mei_cl.buf_size;
379 *read_buf = (uint8_t *)malloc(sizeof(uint8_t) * in_buf_sz);
380 if (*read_buf == NULL)
381 return AMT_STATUS_SDK_RESOURCES;
382 memset(*read_buf, 0, in_buf_sz);
383 msg_hdr = (struct amt_host_if_resp_header *)*read_buf;
384
385 written = mei_send_msg(&acmd->mei_cl,
386 command, command_sz, acmd->send_timeout);
387 if (written != command_sz)
388 return AMT_STATUS_INTERNAL_ERROR;
389
390 out_buf_sz = mei_recv_msg(&acmd->mei_cl, *read_buf, in_buf_sz, 2000);
391 if (out_buf_sz <= 0)
392 return AMT_STATUS_HOST_IF_EMPTY_RESPONSE;
393
394 status = msg_hdr->status;
395 if (status != AMT_STATUS_SUCCESS)
396 return status;
397
398 status = amt_verify_response_header(rcmd,
399 &msg_hdr->header, out_buf_sz);
400 if (status != AMT_STATUS_SUCCESS)
401 return status;
402
403 if (expected_sz && expected_sz != out_buf_sz)
404 return AMT_STATUS_INTERNAL_ERROR;
405
406 return AMT_STATUS_SUCCESS;
407 }
408
409
amt_get_code_versions(struct amt_host_if * cmd,struct amt_code_versions * versions)410 static uint32_t amt_get_code_versions(struct amt_host_if *cmd,
411 struct amt_code_versions *versions)
412 {
413 struct amt_host_if_resp_header *response = NULL;
414 uint32_t status;
415
416 status = amt_host_if_call(cmd,
417 (const unsigned char *)&CODE_VERSION_REQ,
418 sizeof(CODE_VERSION_REQ),
419 (uint8_t **)&response,
420 AMT_HOST_IF_CODE_VERSIONS_RESPONSE, 0);
421
422 if (status != AMT_STATUS_SUCCESS)
423 goto out;
424
425 status = amt_verify_code_versions(response);
426 if (status != AMT_STATUS_SUCCESS)
427 goto out;
428
429 memcpy(versions, response->data, sizeof(struct amt_code_versions));
430 out:
431 if (response != NULL)
432 free(response);
433
434 return status;
435 }
436
437 /************************** end of amt_host_if_command ***********************/
main(int argc,char ** argv)438 int main(int argc, char **argv)
439 {
440 struct amt_code_versions ver;
441 struct amt_host_if acmd;
442 unsigned int i;
443 uint32_t status;
444 int ret;
445 bool verbose;
446
447 verbose = (argc > 1 && strcmp(argv[1], "-v") == 0);
448
449 if (!amt_host_if_init(&acmd, 5000, verbose)) {
450 ret = 1;
451 goto out;
452 }
453
454 status = amt_get_code_versions(&acmd, &ver);
455
456 amt_host_if_deinit(&acmd);
457
458 switch (status) {
459 case AMT_STATUS_HOST_IF_EMPTY_RESPONSE:
460 printf("Intel AMT: DISABLED\n");
461 ret = 0;
462 break;
463 case AMT_STATUS_SUCCESS:
464 printf("Intel AMT: ENABLED\n");
465 for (i = 0; i < ver.count; i++) {
466 printf("%s:\t%s\n", ver.versions[i].description.string,
467 ver.versions[i].version.string);
468 }
469 ret = 0;
470 break;
471 default:
472 printf("An error has occurred\n");
473 ret = 1;
474 break;
475 }
476
477 out:
478 return ret;
479 }
480