As mentioned in my GSoC recap, Carl-Daniel and i have sent a letter to Intel to get more information regarding the descriptor section and unlocking the ME flash protection (my official GSoC main project). It was sent about 3 weeks ago (2011-07-29). No reply was received so far. This is the whole message we have sent them:
Dear Intel employee,
I’m sorry to trouble you, especially because this mail is addressed to many people, sorry.
You have been addressed, because you were involved in doing related Linux kernel development or had already direct contact with Carl-Daniel Hailfinger, the main author of flashrom at FOSDEM and may have a good understanding of our situation regarding development and access to information and datasheets from Intel.
I am one of the maintainers of flashrom (http://www.flashrom.org/), a utility for identifying, reading, writing and erasing flash chips via various programmers including a number of Intel’s chipsets. Our tool is used by some computer vendors (e.g. Google, General Electric, Bull, Packard Bell) internally and it is also given to their customers for updating the firmware/BIOS.
1) With the release of the ICH8 (82801H*) a new feature named Soft Straps was introduced. The ICH8 datasheet describes it like this: “Soft Straps are used to configure specific functions within the [chipset] very early in the boot process before BIOS or software intervention.” As part of the SPI chapter the datasheet also lists the meaning of those bits which include switches to disable functional blocks or reroute various pins. In later chipset series they were no longer published publicly, but only in confidential documents (SPI Programming Guides).
I am currently working on dumping these in an open source utility and would like to add parsing and printing human readable interpretations. Therefore i would like to ask for the necessary documentation that lists the meaning of the Soft Straps of all Intel PC chipsets since ICH8.
2) Another thing i am working on is enabling flashrom to update the firmware of modern Intel platforms. This is currently often impossible because there are some protections against unintentional or malicious modifications. This has the drawback that there is no easy and safe way to update Intel based mainboards on operating systems other than DOS(!) and Windows. We know that is possible to tell the ME via HECI/MEI to suspend its write activities and unlock its region to allow the main processor updating it, but we do not know the details of such a communication transaction (neither the MEI address of the “unlocking service” nor the content of the message nor the expected reply). We also do not know how to proceed after that and if the unlocking is reflected in the “protected range” registers. It is also not known to us how to unlock other regions (the descriptor region itself is often configured r/o… which may not be a problem if it should never be updated?). Any information regarding unlocking flash regions would be appreciated.
Sincerely, Stefan Tauner and Carl-Daniel Hailfinger
It is of course easy for small FOSS projects to bash big companies for subjectively experienced injustices, but Intel—although always emphasizing there open source engagement—really is not as open as it would be needed to have good flashrom support on their platforms. This is not only a problem for long-haired free software enthusiasts (like myself), but also for businesses. Just yesterday we have received another mail from an employee of a multinational major corporation (over 250k employees) that asked for our help, because they would prefer to use flashrom instead of Intel’s DOS/Windows tool to develop their Cougar Point based devices. The secretiveness does harm Intel, us and humanity as a whole. I rest my case. 🙂