This allows the values to be set in a .config
BUG=none
TEST=Was able to set the value from a .config and built careena firmware
Change-Id: I757e4b9a0b80ff42c1f49143a44f15550366fd0b
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37879
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add package and APU selections to mainboards and remove symbols no
longer used in soc//stoneyridge.
Change-Id: I60214b6557bef50358f9ec8f9fcdb7265e04663b
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37225
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
Make a new Kconfig symbol for using soc//stoneyridge. This code also
supports Prairie Falcon is backward-compatible with Carrizo and Merlin
Falcon.
Although Bettong uses Carrizo, it does not currently rely on stoneyridge
source, so it is unaffected by this change.
Change-Id: I786ca54b0444cbcf36dc428a193006797b01fc09
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37224
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
The stoneyridge code inferred that if Merlin Falcon was built but no
Merlin Falcon binaries were present, the intent must be Prairie Falcon.
The two falcons are Embedded variants, and Prairie Falcon falls within
Family 15h Models 70h-7Fh.
Add a Prairie Falcon symbol that can be used explicitely. Drop
HAVE_MERLINFALCON_BINARIES.
Change-Id: I0d3a1bc302760c18c8fe3d57c955e2bb3bd8153a
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37223
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
Set the default location strings to point to the 3rdparty/amd_blobs
files.
Change-Id: I5426b8de2501ba55843efc1cda4b03bc3768f8cb
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37222
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
Make the default binaryPI image strings for all stoneyridge-based
APUs depend on USE_AMD_BLOBS. Ensure the build completes without
names, and without images.
Change-Id: I74a38efa2a4ad2f9f12a1f8e7fb8694d0ab9dd1e
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37228
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
According to the POSIX standard, %p is supposed to print a pointer "as
if by %#x", meaning the "0x" prefix should automatically be prepended.
All other implementations out there (glibc, Linux, even libpayload) do
this, so we should make coreboot match. This patch changes vtxprintf()
accordingly and removes any explicit instances of "0x%p" from existing
format strings.
How to handle zero padding is less clear: the official POSIX definition
above technically says there should be no automatic zero padding, but in
practice most other implementations seem to do it and I assume most
programmers would prefer it. The way chosen here is to always zero-pad
to 32 bits, even on a 64-bit system. The rationale for this is that even
on 64-bit systems, coreboot always avoids using any memory above 4GB for
itself, so in practice all pointers should fit in that range and padding
everything to 64 bits would just hurt readability. Padding it this way
also helps pointers that do exceed 4GB (e.g. prints from MMU config on
some arm64 systems) stand out better from the others.
Change-Id: I0171b52f7288abb40e3fc3c8b874aee14b9bdcd6
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37626
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: David Guckian
Fix regression with commit 5639736
binaryPI: Drop CAR teardown without POSTCAR_STAGE
Occassionally (maybe 1 boot in 10) SMP lapic_cpu_init() fails
with following errors in the logs of pcengines/apu2:
CPU 0x03 would not start!
CPU 0x03 did not initialize!
The CPU number is sometimes 0x02, never seen 0x01. Work-around also
suggests something to do with cache coherency and MTRRs that is really
at fault.
As a work-around return the BSP CAR teardown to use wbinvd instead
of invd. These platforms do not support S3 resume so this is the
easy work-around for the time being.
Change-Id: I3dac8785aaf4af5c7c105ec9dd0b95156b7cca21
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37438
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
The CAR_GLOBAL accessors likely hid a bug where strncmp/cpy was passed
a pointer to a char array instead of the char array.
Change-Id: I68788e47ef27a959d6e048e9385afcfb663cdebc
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37077
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
The StoneyPI package supports Family 15h Models 60h-6Fh and 70h-7Fh
in FT4 and FP4 packages. Add options for the packages. The existing
convention of SOC_AMD_PRODUCTNAME_PKG will be phased out.
Change-Id: I60232ca099b813640742868db08aa66b32265f3b
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37218
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
The remaining (active) binaryPI boards moved away from
BINARYPI_LEGACY_WRAPPER and have POSTCAR_STAGE now.
As the cache_as_ram.S is also used with AGESA, this slightly
reduces the codesize there for romstage and postcar as well.
This commit is actually a revert for the vendorcode parts,
AMD originally shipped the codes using 'invd' for the CAR
teardown, but these were changed for coreboot due the
convoluted teardown that used to happen with non-empty stack.
Change-Id: I693c104c3aab3be537c00695cbd764a48bd603b0
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/18526
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Drop all the sources that were guarded with this.
Change-Id: I6c6fd19875cb57f0caf42a1a94f59efed83bfe0d
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/19275
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
SAGE brought these in outside AGESA specifications and they
had some ill semantics. They were already removed from StoneyRidge.
Change-Id: I59d0c450583b2ff58031c127aae881d1f3799338
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37174
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
The romcc bootblock will be deprecated soon and most platforms use
C_ENVIRONMENT_BOOTBLOCK already. This patch drops the
CONFIG_C_ENVIRONMENT_BOOTBLOCK symbol and adds CONFIG_ROMCC_BOOTBLOCK
where needed.
Change-Id: I773a76aade623303b7cd95ebe9b0411e5a7ecbaf
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37154
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Some guarding is not needed because the linker drops the code,
other guarding is not needed because all platforms using the code now
have C_ENVIRONMENT_BOOTBLOCK.
Change-Id: I3b1a94e709aa291e1156c854874d7bf461981f32
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37157
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Kconfig became stricter on what it accepts, so accomodate before
updating to a new release.
Change-Id: I92a9e9bf0d557a7532ba533cd7776c48f2488f91
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37156
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This fixes issue that became visible after implementing post-CAR stage on
top of `340e4b80904f lib/cbmem_top: Add a common cbmem_top implementation`.
Compilation error was:
Forbidden global variables in romstage:
ffffff00 d top.2205
Signed-off-by: Krystian Hebel <krystian.hebel@3mdeb.com>
Change-Id: I088ac824f9b66387843ae5810fd2c75a8b16d9db
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36976
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
With removal of Torpedo mainboard, this code is no longer
necessary. Will resolve some unique Coverity issues.
Change-Id: I2927245c426566a8f80863a109d015ebf6176803
Signed-off-by: Joe Moore <awokd@danwin1210.me>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36187
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
The MIPS architecture port has been added 5+ years ago in order to
support a Chrome OS project that ended up going nowhere. No other board
has used it since and nobody is still willing or has the expertise and
hardware to maintain it. We have decided that it has become too much of
a mainenance burden and the chance of anyone ever reviving it seems too
slim at this point. This patch eliminates all MIPS code and
MIPS-specific hacks.
Change-Id: I5e49451cd055bbab0a15dcae5f53e0172e6e2ebe
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34919
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The eltan security items ended up in the chipset menu which is not
desired. Now the eltan security option (when enabled in mainboard) shows
up in the security menu.
BUG=N/A
TEST=build
Change-Id: I3b2aa3836e8d9a3242c6d1f3ba7b7821a5cfb9d3
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36851
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
The verified_boot_check_cbfsfile() will now try to allocate a buffer from
bootmem if the item in the list has the VERIFIED_BOOT_COPY_BLOCK attribute
set. For large payloads this speeds up the hash operation.
BUG=N/A
TEST=build
Change-Id: Ifa0c93632c59d05ae6d32f8785009a3c3568abc5
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36822
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Cleanup of the prog_locate_hook routine so the actual coreboot flow is
more clearly reflected in the code.
Remove logging that is not really needed.
BUG=N/A
TEST=tested on fbg1701
Change-Id: Iab6c75beac35d043d296336021c0bce1f828cf34
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36846
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The prepare functionality will be removed from cbfs support and the
eltan verified boot is the only software using it. This is not really
required as we can use the prog_locate_hook() for this functionality.
BUG=N/A
TEST=tested on fbg1701
Change-Id: I189cbad4b24bbbb0840ce6100c89a42a327c5456
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36821
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Some of the verify lists were added to the include file while others are
on vboot_check.c. Also added the ramstage_verify_list.
BUG=N/A
TEST=tested on fbg1701
Change-Id: If4f1d8b2278277d0af78e357ecce0d5bef441179
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36820
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The CBFS master header is a legacy structure that just conveys the same
information we already have from the FMAP these days. We're still
including it to support older CBFS implementations in some payloads, but
there's no need for coreboot itself to follow this indirection anymore.
This patch simplifies the default CBFS locator to just return the CBFS
offset and size from the FMAP directly.
Change-Id: I6b00dd7f276364d62fa1f637efbaee0e80607c49
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36688
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch makes the CBFS default locator .locate() callback externally
available so that code which overrides cbfs_master_header_locator can
reuse or wrap it and doesn't have to copy&paste the whole thing. Use it
for the Eltan vendorcode implementation which previously did this.
Change-Id: I54dad5c8ea64ea0fc472217e275daa815736991e
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36797
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The flags parameter of the tpm2_get_capability_pcrs() is used by
mboot_hash_extend_log().
BUGS=NA
TEST=Build
Change-Id: Ia718d27f21d41a5e16230c74ca402ea6099470b2
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36680
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
We generally let garbage-collection take care of unused functions.
While at it, move some related variable declarations in to the
header file and declare them const like they should be.
Change-Id: I7c6fa15bd45f861f13b6123ccb14c55415e42bc7
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36632
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Align the eltan mboot support with coreboot tpm support to limit the amount of custom code.
We now only support SHA256 pcrs, only single a single digest will be handled in a call.
The pcr invalidation has been changed fixed values are now loaded while the correct algortihm is
selected.
BUG=N/A
TEST=tested on fbg1701
Change-Id: Id11389ca90c1e6121293353402a2dd464a2e6727
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36483
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Only use the custom hash routine when we need little endian.
Rename the function as well as it is little endian only now.
BUG=N/A
TEST=tested on fbg1701 board.
Change-Id: I037fa38c5961dab7a81e752c1685da2dc6b33d12
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36482
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
The vendorcode/eltan and vendorcode/eltan/security directories
were both adding the mboot and verified_boot Kconfigs.
BUG=N/A
TEST=build
Change-Id: I6b5f19b4660d60345391b7320ce42466fd2cc769
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36479
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The public key was not verified during the verified boot operation.
This is now added. The items in the manifest are now fixed at 12 as
we always have the postcar stage.
BUG=N/A
TEST=tested on facebook fbg1701
Change-Id: I85fd391294db0ea796001720c2509f797be5aedf
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36504
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Start using the vb2 public key format and process the signature
verification using the vb2 routines. This allows us to use the
futility to prepare the keys and eliminates the need for custom
tools.
BUG=N/A
TEST=tested on fbg1701 board
Change-Id: Id5d28595bbfb1f5ca5bca0fcfb06134bb1143f25
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36480
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
