util/intelmetool: Fix some platforms

Bootguard:
* Fix Mac support (ME_version can't be detected)
* Skip MSR read on older platforms (as it would fail anyway)
* Refactor MSR error handling
* Print Bootguard state "Unknown" on MSR read error

Change-Id: Iafe3f5c22c6caeedc556933405b9f6d83ec876a1
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/22598
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>

1 files changed, 11 insertions, 6 deletions

diff --git a/util/intelmetool/intelmetool.c b/util/intelmetool/intelmetool.c
index 2e22899335..0b0e509bcc 100644
--- a/util/intelmetool/intelmetool.c
+++ b/util/intelmetool/intelmetool.c
@@ -308,9 +308,6 @@ static void dump_bootguard_info(void)
 	const char *name;
 	uint64_t bootguard = 0;
 
-	if (msr_bootguard(&bootguard, debug) < 0)
-		return;
-
 	if (pci_platform_scan())
 		exit(1);
 
@@ -328,9 +325,11 @@ static void dump_bootguard_info(void)
 		bootguard &= ~0xff;
 	}
 
-	if (ME_major_ver < 9 ||
-	    (ME_major_ver == 9 && ME_minor_ver < 5) ||
-	    !BOOTGUARD_CAPABILITY(bootguard)) {
+	/* ME_major_ver is zero on some platforms (Mac) */
+	if (ME_major_ver &&
+	    (ME_major_ver < 9 ||
+	     (ME_major_ver == 9 && ME_minor_ver < 5) ||
+	     !BOOTGUARD_CAPABILITY(bootguard))) {
 		print_cap("BootGuard                                 ", 0);
 		printf(CGRN "\nYour system isn't bootguard ready. You can "
 		       "flash other firmware!\n" RESET);
@@ -338,6 +337,12 @@ static void dump_bootguard_info(void)
 		return;
 	}
 
+	if (msr_bootguard(&bootguard, debug) < 0) {
+		printf("ME Capability: %-43s: " CCYN "%s\n" RESET,
+		       "BootGuard Mode", "Unknown");
+		return;
+	}
+
 	print_cap("BootGuard                                 ", 1);
 	if (pci_read_long(dev, 0x40) & 0x10)
 		printf(CYEL "Your southbridge configuration is insecure!! "