There is no posibility to prevent loading images from cbfs at this stage
For security features prog_locate_hook() is added. This hook can be used
to prevent loading the image.
BUG=N/A
TEST=Created verified binary and verify logging on Facebook FBG-1701
Change-Id: I12207fc8f2e9ca45d048cf8c8d9c057f53e5c2c7
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/30811
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Using docker to build to documentation eases the process of building
the documentation. Given that some versions of sphinx are
incompatible, the option to use docker is presented first.
Change-Id: I6c18f81a829364ada1859c04ba2dc4f886934bcc
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36105
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This change removes an inversion of GPP_D17 that caused the
device to get stuck in a reboot loop because the kernel was crashing
within the first couple seconds of kernel boot.
BUG=b:142515200
BRANCH=none
TEST=Flash and boot nocturne, verify boot is stable and that device
doesn't reboot after jumping into kernel, and that it passes the
'tast -verbose run <ip> hardware.SensorRing' test.
Change-Id: Ia1408ef6ea92f6b31a9f3eee8720954af3a7c382
Signed-off-by: Nick Vaccaro <nvaccaro@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35967
Reviewed-by: Yicheng Li <yichengli@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The board does not have any graphics port connected to the SoC. Hence,
use the new Kconfig to hide GOP initialization.
Change-Id: Ia88e062bea243369da27b94608f89f0808257688
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36349
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
There are mainboards that do not have any graphics ports connected to
the SoC. It would be senseless to initialize the iGD, thus add a new
mainboard Kconfig to hide the GOP option.
Change-Id: Ica3b3a7a0c8120c95412369a24d8d669fb59fded
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36348
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Also, including <types.h>, is supposed to provide stdint and stddef.
Change-Id: I99918a5a77e759bc7d4192d2c3fd6ad493c70248
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33681
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
cbmem_top() should simply not be called before memory is initialed,
in order for the implementation to return something meaningful.
Change-Id: I8fe32844af290626a0f91279143fda4d3442680f
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36334
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Michael Niewöhner
So, this is odd in multiple ways. First of all, we fix something:
We work around a weirdness in `make oldconfig` that adds spurious
entries into the `auto.conf` for choices that were given a symbol
name.
When introducing the Ada config package, it seemed reasonable to
use `auto.conf` as source, but it turned out that we didn't use it
as input, only `config.h` and the original `.config` were used. As
the syntax for `.config` is the same as for `auto.conf` we use the
former now as input for Ada, too. One question remains: If `.config`
already contains all required information, what is this `auto.conf`
and what does it want?
Alternatively, we could try to fix `oldconfig` or add a linter to
forbid named choices. I thought, our build test would reject the
latter already. But the `oldconfig` behaviour is too subtle.
We keep a dependency on the `oldconfig` step, to make sure it runs
first.
Change-Id: If3fe6bc782251cdbd696395d3069a1c0bb0ae802
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36320
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
New changes in the latest binutils 2.32 lead to assembler errors causes
ipxe build failure. IPXE uses the divide test which requires /dev/null as
input as well as the output file name.
This patch facilitates the /dev/null as an exception to the current
changes in binutils package while building crossgcc for coreboot leads to
successful build of ipxe and further tests to pass based on /dev/null and
applies automatically during the crossgcc rebuild.
Also, this can be reverted once binutils/ipxe provides an updated release
in this respect.
Fixes: https://ticket.coreboot.org/issues/204
Change-Id: I9f664829b8c42420c0b2ab1f2316150f86ac0b1a
Signed-off-by: Himanshu Sahdev <himanshusah@hcl.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35098
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Since there are no calls where we wouldn't die(), move die() calls into
the fsp_find_* functions.
Change-Id: I750a225999688137421bbc560d9d1f5fdf68fd01
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36314
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michael Niewöhner
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Remove the calculation of the Reserved Intel MMIO Memory size from
systemagent and memmap, since it is not needed.
The size is used in SA to calculate the space between cbmem_top and TSEG
without DPR and Chipset Reserved Memory. Since this will always be equal
to 0, the reservation will be skipped and TSEG, DPR and Chipset Reserved
Memory will get reserved alltogether.
By reading the code and pratical testing we figured out that:
- TSEG - DPR - reserved - top_of_memory == 0
- TSEG - DPR - reserved == top_of_memory
This means the whole block will never reserve anything because it is
always 0. Hence the code can be removed for simplification.
Tested successfully on X11SSM-F
Change-Id: I0cc730551eb3a79c78a971b40056de8d029f4b82
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36216
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michael Niewöhner
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Follow-up commit where only files are moved and paths adapted to make
review of the previous commit easier.
Change-Id: Iff1acbd286c2ba8e6613e866d4e2f893562e8973
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35868
Reviewed-by: Michael Niewöhner
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Remove orphaned functionality from the FSP1.1 driver that only has been
used by skylake, which is now FSP2.0-only.
Change-Id: I732f2d6846788d5c03647c6fb620e45b3b66de5f
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36266
Reviewed-by: Michael Niewöhner
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This drops support for FSP 1.1 in soc/intel/skylake, after all boards
have been migrated to FSP 2.0, which is backwards compatible.
Any moving of files happens in a follow-up commit to make review easier.
Change-Id: I0dd2eab0edfda0545ff94c3908b8574d5ad830bd
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35813
Reviewed-by: Michael Niewöhner
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch is part of the patch series to drop support for FSP 1.1 in
soc/intel/skylake.
The following modifications have been done to migrate the board(s) from
FSP 1.1 to FSP 2.0:
- remove deprecated devicetree VR_RING domain (only 4 domains in FSP 2.0)
TODO:
- testing
Change-Id: I7481f3413de6780df01d9b769bd4f16d439f087c
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35923
Reviewed-by: Michael Niewöhner
Reviewed-by: Wim Vervoorn
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Change-Id: Ic2f0944b92dcad7048a0c38720d2ef3c855ef007
Signed-off-by: T Michael Turney <mturney@codeaurora.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35495
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
- This port should be Reclaim Your Freedom compliant
(not certified yet).
- Untested on boards with external Radeon graphics adapter.
- Some columns on the left-most side of display are completely
black on 1400x1050 IPS display[1]. Display works fine on Linux.
I don't know why it appears like that. So far it has been observed
only with native graphics initialization.
- Only GRUB2 and SeaBIOS payloads tested for now.
- 2504 docking station USB doesn't work under Linux.
Can detect pendrive in GRUB2 payload.
- Sometimes it takes 20s of "pretending it's powered off" to run
coreboot code. Issue is payload agnostic.
Probably caused by missing one capacitor on my unit.
[1] https://imgur.com/a/0wpMGsm
Change-Id: Ibd9208a5eafd228f8eedbc8fb4f4eb9ed1932a14
Signed-off-by: Maciej Matuszczyk <maccraft123mc@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35864
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
ACPI Version 6.3 Section 6.1: "A device object must contain either an _HID
object or an _ADR object, but should not contain both."
Change-Id: I09fce1298794f30c1db699438204ac32ee9cb27d
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36296
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
ACPI Version 6.3 Section 6.1: "A device object must contain either an _HID
object or an _ADR object, but should not contain both."
Change-Id: I50cafce0aaf465ee95562ccff6c8f63fb22096c0
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36294
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
ACPI Version 6.3 Section 6.1: "A device object must contain either an _HID
object or an _ADR object, but should not contain both."
Change-Id: If3ee38f3eaa8e6d1c1b0393d0ba289f708e0ae5e
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36293
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
An io_trap_handler on this board is unused in SMM.
Change-Id: Ie922f8f1a10495ae887221735c96807261508041
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36252
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
These mainboard_io_trap_handler functions do nothing compared to a weak
mainboard_io_trap_handler in src/cpu/x86/smm/.
Change-Id: I73ebcc6c3f604a075a946503d51881ccc6820dac
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36245
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Remove SMM reinitialization since it's already done in src/ec/lenovo/h8.
Untested on a real hardware.
See also commit 8953d4a1 with Change-Id
I33fd829a7e34aefa8f76ca6020cc8e802f7aab17 ("mb/lenovo/*/smihandler: Get
rid of mainboard_io_trap_handler").
Change-Id: Icc582527db15f3a31cdee8948bc5a190240fdc84
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36235
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
I does nothing on these boards. It's just a call a local noop function
which only prints a debug-level message.
Change-Id: Id3fb2e9074db72d9025b95f7d4918417dd488b9e
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36236
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Convert names to all capital in enum acpi_apic_types. Use of these names in
corresponding type assign for I/O APIC Structure.
Change-Id: Iab2f6d8f645677734df753f8bf59fde4205ce714
Signed-off-by: Himanshu Sahdev <himanshusah@hcl.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36197
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
mainboard_silicon_init_params() is supposed to be used for only
overriding any FSP params as per mainboard configuration. GPIOs should
be configured by mainboard as part of its chip init(). This ensures
proper ordering w.r.t. any common operations that the SoC code might
want to perform e.g. snapshot ITSS polarities.
This change moves the configuration of GPIOs from
mainboard_silicon_init_params() to mainboard chip->init().
Change-Id: I5d10c01c5b9d5f8ed02274d51dcf9c2a17269685
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36270
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>