This bit is hardwired to 1 (Intel High Definition Audio mode).
Change-Id: I3683497c5e2446f1d8319037583890b5d0a8a95c
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51644
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
This allows dropping the SOC_INTEL_COMMON selection. Pull in the options
selected by SOC_INTEL_COMMON into Broadwell Kconfig as they still apply.
Change-Id: I0dd7de5358667240b0b3c1a550ba373a2a5af7d1
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51643
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Lynx Point reference code version 1.9.1 and soc/intel/common/hda_verb.c
perform these steps. Add them to Lynx Point as well. With this change,
Lynx Point and soc/intel/common hda_verb.c files are now identical.
Change-Id: I2fc592f73697a43bd5a3315ac80c77ff9f00da9b
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51642
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
On-board devices should be present in the devicetree, so that
`.on_mainboard` field of `struct device` is `1`.
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Change-Id: I3678514482724377bcdfcbdc7f2c5b312a48b2c6
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51672
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Move (remaining) southbridge ACPI stuff into one file under
sb/intel/i82371eb, that is simply included from the board's \_SB scope.
Change-Id: Ibed49a800dec19534761e5ab22a6cbb1e6bd4a5d
Signed-off-by: Keith Hui <buurin@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41050
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
This patch is trying to address some of the concerns raised in CB:50247
after the patch had landed. The preference for alphabetized headers was
just supposed to discourage leaving headers completely unordered, and
wasn't intended to disallow other intentional include orderings such as
grouping local includes after system ones or specific ordering
constraints that exist for technical reasons. This patch adds a few more
sentences to try to clarify that.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I6825f4a57613fabb88a00ae46679b4774ef7110b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51553
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Do not use the same name as the non-LP GPIO config. This allows checking
at build-time that a mainboard uses the correct GPIO config format.
Without this commit, there are no build-time errors when using the wrong
format of GPIO config, but there would be undefined behavior at runtime.
Tested by trying to build asrock/b85m_pro4 and hp/folio_9480m after
toggling the `INTEL_LYNXPOINT_LP` Kconfig option (and trimming down the
USB config arrays for asrock/b85m_pro4). In both cases, building failed
because the necessary GPIO config global is not defined, as expected.
Change-Id: Ib06507ef8179da22bdb27593daf972e788051f3a
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51661
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
To append SSFC to top 32 bits of fw_config.
BUG=b:177971830
BRANCH=firmware-zork-13434.B
TEST=Build coreboot and get the value of SSFC.
Signed-off-by: Frank Wu <frank_wu@compal.corp-partner.google.com>
Change-Id: Iab1596f1cc8fbbf45e6a9269351bf422a43f3583
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51655
Reviewed-by: EricR Lai <ericr_lai@compal.corp-partner.google.com>
Reviewed-by: Kangheui Won <khwon@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use timer.h helpers instead of open-coding timeout handling in polling
loops. The 25-microsecond delay in `wait_for_valid` looks odd, and may
be removed in subsequent commits. For now, preserve existing behavior.
Change-Id: Id1227c6812618597c37408a7bf53bcbcae97374a
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50789
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add USB Port configuration into devicetree for storo
BUG=b:177389444
BRANCH=dedede
TEST=built firmware and verified USB3.0 function is OK
Change-Id: I1527c7178ffac9b2322eb65aab6e2086d949e47c
Signed-off-by: Zanxi Chen <chenzanxi@huaqin.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51635
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Until now every AML package had to be closed using acpigen_pop_len().
This commit introduces set of package closing functions corresponding
with their opening function names. For example acpigen_write_if()
opens if-statement package, acpigen_write_if_end() closes it.
Now acpigen_write_else() closes previously opened acpigen_write_if(),
so acpigen_pop_len() is not required before it.
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: Icfdc3804cd93bde049cd11dec98758b3a639eafd
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50910
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lance Zhao
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Not all of dalboz variants support the this amp. Thus, move out of baseboard.
BUG=b:182815488
TEST=builds
Signed-off-by: Eric Lai <ericr_lai@compal.corp-partner.google.com>
Change-Id: If708574f5fb18dd3b4f2ef978529a16a40d5dc0c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51511
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-hsuan Hsu <yuhsuan@google.com>
Reviewed-by: Kangheui Won <khwon@chromium.org>
Add I2C initialization in romstage and ramstage.
TEST=To test the I2C connection on Majolica, which doesn't have SPD
connection, call the function below after i2c_soc_init is called.
i2c_read_bytes(2, 0x4d, addr, data, 1);/* Read out 1 byte one time */
It can get the register values of TMP432B.
Or
/* Override EC port in ec.h */
#define EC_DATA 0x662
#define EC_SC 0x666
ec_write(0xA9, 0x40);
i2c_read_bytes(1, 0x10, addr, data, 2);/* Read out 2 bytes one time */
It can get the register values of CM32181A3OP(ALS).
Change-Id: I3a2a1494b44b68e8d8204fba0c90e769e0256e6f
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51029
Reviewed-by: Martin Roth <martinroth@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add macros, settings and callbacks to support I2C for cezanne.
Change-Id: Ic480681d4b7c6fb8591e729090e4faeb5fccf800
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51025
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
The logic behind I2C bus initialization, I2C MMIO base address getter
and setter, I2C bus ACPI name resolution are identical for all the AMD
SoCs. Hence moving all the SoC agnotic parts of the driver into the
common driver and just configure the SoC specific parts into individual
I2C drivers.
BUG=None
TEST=Build Dalboz and Grunt. Boot to OS in Dalboz. Ensure that the I2C
peripherals are detected as earlier in Dalboz. Verify some I2C
peripheral functionality like trackpad and touchscreen.
Change-Id: Ic9c99ec769d7d8ad7e1e566fdf42a5206657183d
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Suggested-by: Kyosti Malkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51509
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
I2C driver is replicated in each generation of AMD SoCs. Introduce a
common I2C driver that can be used across all the AMD SoCs. To begin
with, peripheral reset functionality is moved into this common driver.
SoC specific I2C driver passes the SCL pin configuration in order for
the common driver to reset the peripherals. More functionality can be
moved here in subsequent changes.
Also sb_reset_i2c_slaves() is renamed as sb_reset_i2c_peripherals() as
an effort towards using inclusive language.
BUG=None
TEST=Build Dalboz and Grunt. Boot to OS in Dalboz. Ensure that the I2C
peripherals are detected as earlier in Dalboz.
localhost ~ # i2cdetect -y 0
Warning: Can't use SMBus Quick Write command, will skip some addresses
0 1 2 3 4 5 6 7 8 9 a b c d e f
00:
10:
20:
30: -- -- -- -- -- -- -- --
40:
50: 50 51 -- -- -- -- -- -- 58 59 -- -- -- -- -- --
60:
70:
localhost ~ # i2cdetect -y 1
Warning: Can't use SMBus Quick Write command, will skip some addresses
0 1 2 3 4 5 6 7 8 9 a b c d e f
00:
10:
20:
30: -- -- -- -- -- -- -- --
40:
50: UU -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
60:
70:
Change-Id: I9f735dcfe8375abdc88ff06e8c4f8a6b741bc085
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Suggested-by: Kyosti Malkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51404
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Mathew King <mathewk@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Set the PCU locks as indicated by the BWG.
Lock the following:
P_STATE_LIMITS
PACKAGE_RAPL_LIMIT
SAPMCTL
DRAM_PLANE_POWER_LIMIT
CONFIG_TDP_CONTROL
Change-Id: I5f44d83e2dd8411358a83b5641ddb4c370eb4e84
Signed-off-by: Marc Jones <marcjones@sysproconsulting.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51505
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Jay Talbott <JayTalbott@sysproconsulting.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Move the SMI_LOCK to post SMM setup. Also, use the correct access
method for SMI_LOCK. GEN_PMCON_A is in PCI config space and not
in MMIO space on this PCH.
Change-Id: Ibbb183ef61ca7330198c1243ecfc2d4df51e652b
Signed-off-by: Marc Jones <marcjones@sysproconsulting.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51452
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Jay Talbott <JayTalbott@sysproconsulting.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Set chipset_lockdown in devicetree for recommended security settings.
Change-Id: Ie27450dd32463243b1456932a1d39d40afa81da1
Signed-off-by: Marc Jones <marcjones@sysproconsulting.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51388
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Jay Talbott <JayTalbott@sysproconsulting.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This macro is unused and its value is often wrong. Drop it.
Change-Id: Id3cfaa4d2eef49eddc02833efbe14e0c5c816263
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51662
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: EricR Lai <ericr_lai@compal.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add support for the CometLake-U based Librem 14 laptop.
Change-Id: I24a2a92091cc272638ecaf8ea23a896cab8a7153
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51549
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch adds a new variant called Marzipan that is identical to Lazor
for now.
BUG=b:182181519,b:182018606
BRANCH=master
TEST=make
Change-Id: I92b667c63b0a06255d1e9511d7486293d8b4426a
Signed-off-by: Kevin Chiu <kevin.chiu@quantatw.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51618
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Add support SPI_FLASH_GIGADEVICE for some project.
BUG=b:182246432
BRANCH=trogdor
TEST=emerge-strongbad and test with power on.
Signed-off-by: xuxinxiong <xuxinxiong@huaqin.corp-partner.google.com>
Change-Id: I6ab948909f4e17b4b992be6d699646f7a62bef7d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51424
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
The X200 would undock itself when waking up from S3, requiring a
physical reconnection before the dock would work again.
Similar to 4611ad8, this reintroduces h8_mb_init() for the X200. A hook
function h8_mb_init() will be called at the end of h8_enable(), in place
of the ancient h8_mainboard_init_dock().
This should fix the regression the X201 and T410 also suffered from for
the X200.
Change-Id: Icb6dd145e56b90e0e04133810c5e9ac7b641ad68
Signed-off-by: Kevin Keijzer <kevin@quietlife.nl>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51123
Reviewed-by: Alexander Couzens <lynxis@fe80.eu>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Commit c4aa24fc12 (doc/mb/lenovo/montevina: Clarify use of bincfg)
renamed a section, and the link referencing it by its old title no
longer works. Update the link, and remove the `a completely new one`
part from it as well, for consistency with the aforementioned commit.
Change-Id: I22e8b3237dafb3397bc901804a57e905f806839d
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51482
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
This will not enable M.2 SATA drive if the ME config was lost
(For instance after flashing a full flash factory image)
This is required so that the system can boot without FIA MUX error
during flash update procedure.
Change-Id: I55a8bcdc30bc67af2d3e9ccb8844eac599727108
Signed-off-by: Julien Viard de Galbert <jviarddegalbert@online.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/25443
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
This includes the bg-prov tool.
Change-Id: Iba8efe3bcb67694da76ef78abaa0562d47f7850b
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50408
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Make sure the bytes in RTC cmos used by CBNT don't collide with the
option table. This depends on what is set up in the BPM, Boot Policy
Manifest. When the BPM is provided as a binary the Kconfig needs to be
adapted accordingly. A later patch will use this when generating the
BPM.
Change-Id: I246ada8a64ad5f831705a4293d87ab7adc5ef3aa
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51538
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Global variables are located in .bss and not on the CPU stack.
Overwriting them a per CPU case is bound to cause race conditions. In
this case it is even just plainly wrong.
Note: This variable is set up in the get_smm_info() function.
Change-Id: Iaef26fa996f7e30b6e4c4941683026b8a29a5fd1
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51184
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
The argument provided to the function was always the same as the one
computed inside the function so drop the argument.
Change-Id: I14abf400dce1bd9b03e401b6619a0500a650fa0e
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51527
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
The permanent handler module argument 'save_state_size' now holds the
meaning of the real save state size which is then substracted from the
CPUs save state 'top' to get the save state base.
TESTED with qemu Q35 on x86_64 where the stub size exceeds the AMD64
save state size.
Change-Id: I55d7611a17b6d0a39aee1c56318539232a9bb781
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50770
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Remove variables that are either constants or are just assigned but
not used.
Change-Id: I5d291a3464f30fc5d9f4b7233bde575010275973
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50784
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
With the smm_module_loaderv2 the save state map is not linear so copy
a map from ramstage into the smihandler.
TESTED on QEMU q35: Both SMMLOADER V1 and V2 handle save states properly.
Change-Id: I31c57b59559ad4ee98500d83969424e5345881ee
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50769
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Move out smm_create_map as this was not run if concurrent_save_states
is 1. The cpus struct array is used in the smm_get_cpu_smbase()
callback so it is necessary to create this.
TEST: run qemu/q35 with -smp 1 (or no -smp argument)
Change-Id: I07a98bbc9ff6dce548171ee6cd0c303db94087aa
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50783
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The parameters that the permanent handler requires are pushed directly
to the permanent handlers relocatable module params.
The paremeters that the relocation handler requires are not passed on
via arguments but are copied inside the ramstage. This is ok as the
relocation handler calls into ramstage.
Change-Id: Ice311d05e2eb0e95122312511d83683d7f0dee58
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50767
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
struct smm_loader_params is a struct that is passed around in the
ramstage code to set up either the relocation handler or the permanent
handler. At the moment no parameters in the stub 'smm_runtime' are
referenced so it can be dropped. The purpose is to drop the
smm_runtime struct from the stub as it is already located in the
permanent handler.
Change-Id: I09c1b649b5991f55b5ccf57f22e4a3ad4c9e4f03
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50766
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Keep a copy of start32_offset into ramstage to avoid needing to pass
arguments, calling from assembly. Doing this in C code is better than
assembly.
Change-Id: Iac04358e377026f45293bbee03e30d792df407fd
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50765
Reviewed-by: Eugene Myers <cedarhouse1@comcast.net>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Instead of passing on parameters from the stub to the permanent
handler, add them directly to the permanent handler.
The parameters in the stub will be removed in a later patch.
Change-Id: Ib3bde78dd9e0c02dd1d86e03665fa9c65e3d07eb
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50764
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
No need to do this assembly anymore.
Change-Id: I69b42c31e495530fe96030a5a25209775f9d4dca
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51533
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
With CBnT a digest needs to be made of the IBB, Initial BootBlock, in
this case the bootblock. After that a pointer to the BPM, Boot Policy
Manifest, containing the IBB digest needs to be added to the FIT
table.
If the fit table is inside the IBB, updating it with a pointer to the
BPM, would make the digest invalid.
The proper solution is to move the FIT table out of the bootblock.
The FIT table itself does not need to be covered by the digest as it
just contains pointers to structures that can by verified by the
hardware itself, such as microcode and ACMs (Authenticated Code
Modules).
Change-Id: I352e11d5f7717147a877be16a87e9ae35ae14856
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50926
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>