* Introduce a measured boot mode into vboot.
* Add hook for stage measurements in prog_loader and cbfs.
* Implement and hook-up CRTM in vboot and check for suspend.
Change-Id: I339a2f1051e44f36aba9f99828f130592a09355e
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/c/29547
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
All platforms using this code have NO_CAR_GLOBAL_MIGRATION.
Change-Id: Idca207b4f05d1844ce6612dbecaad6faeb68725a
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/30513
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Some similar calls to postcar_frame_add_mtrr() were added in the
meantime or were under review while postcar_frame_add_romcache()
was introduced.
Change-Id: Ia8771dc007c02328bd4784e6b50cada94abba198
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/31320
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Some SPI controllers support both READ and WRITE protection
add a variable to the protect API for the callers to specify
the kind of protection they want (Read/Write/Both).
Also, update the callers and protect API implementation.
BUG=None
BRANCH=None
TEST=test that the mrc cache is protected as expected on soraka.
Also tried if the read protection is applied correctly.
Change-Id: I093884c4768b08a378f21242ac82e430ac013d15
Signed-off-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
Reviewed-on: https://review.coreboot.org/c/30559
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Pass timestamps and BIST to romstage using the same signature
as C_ENVIRONMENT_BOOTBLOCK will.
Change-Id: Ic90da6b1b5ac3b56c69b593ba447ed8e05c8a4e2
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30492
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The newest and most useful incarnation was hiding in soc/intel/common/.
We move it into the Mainboard menu and extend it with various flags to
be selected to control the default and which options are visible. Also
add a new `int` config MAINBOARD_POWER_FAILURE_STATE that moves the
boolean to int conversion into Kconfig:
0 - S5
1 - S0
2 - previous state
This patch focuses on the Kconfig code. The C code could be unified as
well, e.g. starting with a common enum and safe wrapper around the
get_option() call.
TEST=Did what-jenkins-does with and without this commit and compared
binaries. Nothing changed for the default configurations.
Change-Id: I61259f864c8a8cfc7099cc2699059f972fa056c0
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/29680
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Currently this needlessly initializes the hardware in the both the
romstage and the bootblock, but it works.
Build option is renamed to USBDEBUG_IN_PRE_RAM to reflect the
use better, related support files can be built to pre-ram stages
regardless of usbdebug being enabled or not.
Tested on Google/peppy (adapted to C_ENVIRONMENT_BOOTBLOCK).
Change-Id: Ib77f2fc7f3d8fa524405601bae15cce9f76ffc6f
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30480
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Cases of *dev = PCI_DEV(b,d,f) are invalid. Not caught
because files only build with __SIMPLE_DEVICE__ defined.
Remove cases of testing __SIMPLE_DEVICE__ in files that
are not build for ramstage.
Change-Id: If10a0efa187c9b1d9a5577008aa46f050f0aa309
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30497
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
The same file was replicated three times for certain
soc/intel bootblocks, yet there are no indications or need to do
chipset-specific initialisation.
There is no harm in storing the TSC values in MMX registers
even when they would not be used.
Change-Id: Iec6fa0889f5887effca1d99ef830d383fb733648
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30393
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Platforms moved to POSTCAR_STAGE so these are no longer used.
Change-Id: I9a7b5a1f29b402d0e996f2c2f8c6db3800cdddf3
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30387
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Newer CPUs/SoCs need to configure other features via the
IA32_FEATURE_CONTROL msr, such as SGX, which cannot be done if the
msr is already locked. Create separate functions for setting the
vmx flag and lock bit, and rename existing function to indicate that
the lock bit will be set in addition to vmx flag (per Kconfig).
This will allow Skylake/Kabylake (and others?) to use the common
VMX code without breaking SGX, while ensuring no change in functionality
to existing platforms which current set both together.
Test: build/boot each affected platform, ensure no change in functionality
Change-Id: Iee772fe87306b4729ca012cef8640d3858e2cb06
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30229
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: David Guckian
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch introduces 3 helper function for cpuid(1) :
1. cpu_get_cpuid() -> to get processor id (from cpuid.eax)
2. cpu_get_feature_flags_ecx -> to get processor feature flag (from cpuid.ecx)
3. cpu_get_feature_flags_edx -> to get processor feature flag (from cpuid.edx)
Above 3 helper functions are targeted to replace majority of cpuid(1)
references.
Change-Id: Ib96a7c79dadb1feff0b8d58aa408b355fbb3bc50
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/30123
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
This does the following:
- Reuse the cpu/intel/car/non-evict CAR setup and exit.
- Use postcar_frame functions to set up the postcar frame
Change-Id: I428832a2d7e46ce61a7f9bd498b609feb4518eb0
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/29927
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Instead of ELOG_GSMI_APM_CNT use APM_CNT_ELOG_GSMI and define it in
cpu/x86/smm.h
Change-Id: I3a3e2f823c91b475d1e15b8c20e9cf5f3fd9de83
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/30022
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use acpigen_write_processor_cnot to implement notifications to the CPU.
Automatically generate \PPKG in SSDT.
Change-Id: I79d2eed9b89b420554ce10d1fc0f151b1872afe2
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/29890
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
RAM is reserved for Chromeos even when Chrome is not used.
Use CONFIG_CHROMEOS to determine is RAM must be reserved.
BUG=N/A
TEST=Intel BayTrail CRB
Change-Id: Ic1f5089227f802e2b2f62dc02fa0d1648c1855b5
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/29856
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
- should not check VBOOT_STARTS_IN_BOOTBLOCK to set context flag
- implement vboot_platform_is_resuming on platforms missing it
- add ACPI_INTEL_HARDWARE_SLEEP_VALUES to two intel southbridges
[ originally https://review.coreboot.org/c/coreboot/+/28750 ]
BUG=b:114018226
TEST=compile coreboot
Change-Id: I1ef0bcdfd01746198f8140f49698b58065d820b9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/29060
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Add SOUTHBRIDGE_INTEL_COMMON_RESET for all Intel platforms that used to
perform a "system reset" in their hard_reset() implementation. Replace
all duplicate CF9 reset implementations for these platforms.
Change-Id: I8e359b0c4d5a1060edd0940d24c2f78dfed8a590
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/28862
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Its spreading copies got out of sync. And as it is not a standard header
but used in commonlib code, it belongs into commonlib. While we are at
it, always include it via GCC's `-include` switch.
Some Windows and BSD quirk handling went into the util copies. We always
guard from redefinitions now to prevent further issues.
Change-Id: I850414e6db1d799dce71ff2dc044e6a000ad2552
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/28927
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Add definition for PCH_GPIO_PIRQ_INVERT, which is needed
for google/buddy, a to-be-merged variant of google/auron.
Taken from Chromium commit 70ee99b [buddy: change trigger type of gpio53]
Change-Id: I21448160cee791710df51d06efa32cdfecf38c0f
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/28611
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
HAVE_INTEL_FIRMWARE is used to enable certain options that rely on a valid
Inter Flash Descriptor to exist. It does *not* identify platforms or boards
that are capable of running in descriptor mode if it's valid.
Refine the help text to make this clear.
Introduce a new option INTEL_DESCRIPTOR_MODE_CAPABLE that does simply
declare that IFD is supported by the platform. Select this value everywhere
instead of the HAVE_INTEL_FIRMWARE and default HAVE_INTEL_FIRMWARE to
y if INTEL_DESCRIPTOR_MODE_CAPABLE is selected.
Move the QEMU Q35 special case (deselection of HAVE_INTEL_FIRMWARE) to
the mainboard directory.
Change-Id: I4791fce03982bf0443bf0b8e26d9f4f06c6f2060
Signed-off-by: Stefan Tauner <stefan.tauner@gmx.at>
Reviewed-on: https://review.coreboot.org/28371
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
- Remove unused acpi_get_chromeos_acpi_info (see CB:28190)
- Make function naming in gnvs.h consistent (start with "chromeos_")
BUG=b:112288216
TEST=compile and run on eve
Change-Id: I5b0066bc311b0ea995fa30bca1cd9235dc9b7d1b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/28406
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Use get_acpi_table_revision(HPET) to keep all table versions in sync.
Change-Id: Idb5e8ccd49ec27f87a290f33c62df3c177645669
Signed-off-by: Marc Jones <marcj303@gmail.com>
Reviewed-on: https://review.coreboot.org/28278
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-by: Martin Roth <martinroth@google.com>
Since we can derive chromeos_acpi's location from that of
ACPI GNVS, remove chromeos_acpi entry from cbtable and
instead use acpi_gnvs + GVNS_CHROMEOS_ACPI_OFFSET.
BUG=b:112288216
TEST=None
CQ-DEPEND=CL:1179725
Change-Id: I74d8a9965a0ed7874ff03884e7a921fd725eace9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/28190
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Since we can retrieve the address of ACPI GNVS directly
from CBMEM_ID_ACPI_GNVS, there is no need to store and
update a pointer separately.
TEST=Compile and run on Eve
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I59f3d0547a4a724e66617c791ad82c9f504cadea
Reviewed-on: https://review.coreboot.org/28189
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
All broadwell board set HAVE_IFD_BIN to default n, overloading the option in
soc, therefore just use the defaults in sb/intel/common/firmware.
Change-Id: I250dbbc9d61ecedc1a1eb48751ad966732604349
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/28011
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Tristan Corrick <tristan@corrick.kiwi>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Logic: If vboot is not used and the tpm is not initialized in the
romstage makes use of the ramstage driver to initialize the TPM
globally without having setup calls in lower SoC level implementations.
* Add TPM driver in ramstage chip init which calls the tpm_setup
function.
* Purge all occurrences of TPM init code and headers.
* Only compile TIS drivers into ramstage except for vboot usage.
* Remove Google Urara/Rotor TPM support because of missing i2c driver
in ramstage.
Change-Id: I7536c9734732aeaa85ccc7916c12eecb9ca26b2e
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/24905
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This is how these MSR's are referenced in Intel® 64 and IA-32 Architectures
Software Developer’s Manual.
The purpose is to differentiate with MSR_SMRR_PHYSx.
Change-Id: I54875f3a6d98a28004d5bd3197923862af8f7377
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/27584
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Add DMAR RMRR table entry and helper functions, using the existing
DRHD functions as a model. As the DRHD device scope (DS) functions
aren't DRHD-specific, genericize them to be used with RMRR tables as
well. Correct DRHD bar size to match table entry in creator function,
as noted in comments from patchset below.
Adapted from/supersedes https://review.coreboot.org/25445
Change-Id: I912b1d7244ca4dd911bb6629533d453b1b4a06be
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/27269
Reviewed-by: Youness Alaoui <snifikino@gmail.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Jay Talbott <JayTalbott@sysproconsulting.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
For cases with POSTCAR_STAGE=y this reference pulled
in the implementation of run_ramstage() which we would
not call.
Using _program results with the same region being marked
as WRPROT-cacheble.
Change-Id: Ie1eaf6f5bb8baa13e946112c4fc3d854dbf750a3
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/27232
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Keith Hui <buurin@gmail.com>
Use of device_t is deprecated.
Change-Id: I6adc0429ae9ecc8f726d6167a6458d9333dc515f
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/27036
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
No need to provide an option to try disable this.
Also remove explicit ´select RELOCATABLE_MODULES'
lines from platform Kconfigs.
Change-Id: I5fb169f90331ce37b4113378405323ec856d6fee
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/26815
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Use of device_t has been abandoned in ramstage.
Change-Id: I043f4169ad080f9a449c8780500332c9512b62ff
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/26583
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Recent changes to field lengths in include/memory_info.h resulted in
a mismatch between the memory_info struct the MRC blob writes to and
the struct used by coreboot to parse out data for the SMBIOS tables.
This mismatch caused type 17 SMBIOS tables to be filled incorrectly.
The solution used here is to define the memory_info struct as expected
by MRC in the pei_data header, and manually copy the data field by field
into the coreboot memory_info struct, observing the more restrictive
lengths for the two structs.
Test: build/boot google/lulu, verify SMBIOS type 17 tables correctly
populated.
Change-Id: I932b7b41ae1e3fd364d056a8c91f7ed5d25dbafc
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/26598
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
The Advanced Error Reporting capability was hardcoded in the PCIe
extended capability list, but it might not always be possible.
The Librem 13v1 does not seem to have working AER and this option
was needed and tested on the Librem 13v1. Without it, the linux
console gets spammed with AER errrors.
Change-Id: If2e0ec42c93f1fee927eacdf0099004cf9302fbe
Signed-off-by: Youness Alaoui <youness.alaoui@puri.sm>
Reviewed-on: https://review.coreboot.org/25326
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
I finally found out why disabling the L1 sub state option did not
prevent some NVMe drives from locking up in L1 substate. I expect
that the disabled L1 substate initialization that coreboot does
is negated because Linux might itself configure it if it finds the
capability enabled on the PCIe root port.
Removing the capability from the PCIe root port when L1 sub states
are disabled in the configuration should fix the problem.
This was not tested because it's a difficult issue to reproduce and
I do not have the problematic hardware that caused it anymore.
Change-Id: I293a650db307e77cee024a43fbfc81e1d8c86265
Signed-off-by: Youness Alaoui <youness.alaoui@puri.sm>
Reviewed-on: https://review.coreboot.org/25325
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Julius brought up confusion about the current spi api in [1]. In order
alleviate the confusion stemming from supporting x86 spi flash
controllers:
- Remove spi_xfer_two_vectors() which was fusing transactions to
accomodate the limitations of the spi controllers themselves.
- Add spi_flash_vector_helper() for the x86 spi flash controllers to
utilize in validating driver/controller current assumptions.
- Remove the xfer() callback in the x86 spi flash drivers which
will trigger an error as these controllers can't support the api.
[1] https://mail.coreboot.org/pipermail/coreboot/2018-April/086561.html
Change-Id: Id88adc6ad5234c29a739d43521c5f344bb7d3217
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/25745
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Move inline function where they belong to. Fixes compilation
on non x86 platforms.
Change-Id: Ia05391c43b8d501bd68df5654bcfb587f8786f71
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25720
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The term MTRR has been misspelled in a few places.
Change-Id: I3e3c11f80de331fa45ae89779f2b8a74a0097c74
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-on: https://review.coreboot.org/25568
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Add global/ACPI nvs variables required for IGD OpRegion.
Add functions necessary to generate ACPI OpRegion, save the
table address in ASLB, and restore table address upon S3 resume.
Implementation largely based on existing Haswell/Lynxpoint code.
Test: boot Windows 10 on google/lulu with Tianocore payload and
GOP display init, observe display driver loaded and functional,
display not black screen when resuming from S3 suspend.
Change-Id: I024f4f0784df3cbbb9977692e9ef0ff9c3552725
Signed-off-by: CoolStar <coolstarorganization@gmail.com>
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/25094
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
If the SoC is VT-d capable, write an ACPI DMAR table. The entry for the
GFXVTBAR is only generated if the IGD is enabled.
Change-Id: Id7c899954f1bae9d2b48532ca5ee271944f0c5f6
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/23821
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Youness Alaoui <snifikino@gmail.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
We use the usual static addresses 0xfed90000/0xfed91000 for the GFX
IOMMU and the general IOMMU respectively. These addresses have to be
configured in MCHBAR registers and reserved from the OS.
Change-Id: I7afcce0da028a160174db2cf6b4b6735bcd59165
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/23820
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Youness Alaoui <snifikino@gmail.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
* Move code from src/lib and src/include into src/security/tpm
* Split TPM TSS 1.2 and 2.0
* Fix header includes
* Add a new directory structure with kconfig and makefile includes
Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/22103
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
There's nothing intel-specific about the current mrc_cache support.
It's logic manages saving non-volatile areas into the boot media.
Therefore, expose it to the rest of the system for any and all to
use.
BUG=b:69614064
Change-Id: I3b331c82a102f88912a3e10507a70207fb20aecc
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/22901
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
The CPU_SPECIFIC_OPTIONS already auto-selects the option. There's
no point in having a selectable option that is already selected.
There's already an option to select it within intel/common.
BUG=b:69614064
Change-Id: I0c7ce7d3f344668587a75ec683343559a4caea99
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/22906
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Implement the spi controller flash_protect() callback. No need to
have a global spi_flash_protect() once implemented.
BUG=b:69614064
Change-Id: I83f4310d8f78ba64727ba75eb75708d0cbaa7d53
Signed-off-by: Aaron Durbn <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/22882
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
There is currently no case where a struct cpu_device_id instance needs
to be modified. Thus, declare all instances as const.
Change-Id: I5ec7460b56d75d255b3451d76a46df76a51d6365
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-on: https://review.coreboot.org/22526
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Enable the ACPI DBG2 table generation for Intel boards. This is
a Microsoft defined ACPI extension that allows an OS to know what
the debug port is on a system when it is not enabled by the
firmware, so it does not show up in the coreboot tables and
cannot be easily found by a payload.
broadwell: Use byte access device, set up only when enabled since
it relies on the port being put in byte access mode and using
this serial port for debug was not standard in this generation.
skylake: Enable for the configured debug port. Skylake uses
intelblocks for UART but not ACPI.
common: Enable for the configured debug port. This affects
apollolake and cannonlake.
Tested by compiling for apollolake/broadwell, tested by reading
the DBG2 ACPI table on kabylake board and using IASL to dump:
[000h 0000 4] Signature : "DBG2"
[004h 0004 4] Table Length : 00000061
[008h 0008 1] Revision : 00
[009h 0009 1] Checksum : 3B
[00Ah 0010 6] Oem ID : "CORE "
[010h 0016 8] Oem Table ID : "COREBOOT"
[018h 0024 4] Oem Revision : 00000000
[01Ch 0028 4] Asl Compiler ID : "CORE"
[020h 0032 4] Asl Compiler Revision : 00000000
[024h 0036 4] Info Offset : 0000002C
[028h 0040 4] Info Count : 00000001
[02Ch 0044 1] Revision : 00
[02Dh 0045 2] Length : 0035
[02Fh 0047 1] Register Count : 01
[030h 0048 2] Namepath Length : 000F
[032h 0050 2] Namepath Offset : 0026
[034h 0052 2] OEM Data Length : 0000
[036h 0054 2] OEM Data Offset : 0000
[038h 0056 2] Port Type : 8000
[03Ah 0058 2] Port Subtype : 0000
[03Ch 0060 2] Reserved : 0000
[03Eh 0062 2] Base Address Offset : 0016
[040h 0064 2] Address Size Offset : 0022
[042h 0066 12] Base Address Register : [Generic Address Structure]
[042h 0066 1] Space ID : 00 [SystemMemory]
[043h 0067 1] Bit Width : 00
[044h 0068 1] Bit Offset : 00
[045h 0069 1] Encoded Access Width : 03 [DWord Access:32]
[046h 0070 8] Address : 00000000FE034000
[04Eh 0078 4] Address Size : 00001000
[052h 0082 15] Namepath : "\_SB.PCI0.UAR2"
Change-Id: If34a3d2252896e0b0f762136760ab981afc12a2f
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://review.coreboot.org/22453
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
The padding has recently been broken in commit 90ebf96df5
("soc/intel/skylake: Add GNVS variables and include SGX ASL") and fixed
again in commit af88398887 ("soc/intel/skylake: Fix broken GNVS offset
for chromeos"). Avoid this bug in the future.
Change-Id: I1bf3027bba239c8747ad26a3130a7e047d3b8c94
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-on: https://review.coreboot.org/22229
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
This commit just moves the vboot sources into
the security directory and fixes kconfig/makefile paths.
Fix vboot2 headers
Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/22074
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
This patch removes checks that ensure EC to be in RO for recovery
boot. We do not need these checks because when recovery is requested
automatically (as opposed to manually), we show 'broken' screen where
users can only reboot the device or request recovery manually.
If recovery is requested, Depthcharge will check whether EC is in RO
or not and recovery switch was pressed or not. If it's a legitimate
manual recovery, EC should be in RO. Thus, we can trust the recovery
button state it reports.
This patch removes all calls to google_chromeec_check_ec_image,
which is called to avoid duplicate memory training when recovery
is requested but EC is in RW.
BUG=b:66516882
BRANCH=none
CQ-DEPEND=CL:693008
TEST=Boot Fizz.
Change-Id: I45a874b73c46ea88cb831485757d194faa9f4c99
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/21711
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
There's an occasional issue on machines which use CMOS for their
vbnv storage. The machine that just powers up from complete G3
would have had their RTC rail not held up. The contents of vbnv
in CMOS could pass the crc8 though the values could be bad. In
order to fix this introduce two functions:
1. vbnv_init_cmos()
2. vbnv_cmos_failed()
At the start of vboot the CMOS is queried for failure. If there
is a failure indicated then the vbnv data is restored from flash
backup or reset to known values when there is no flash backup.
BUG=b:63054105
Change-Id: I8bd6f28f64a116b84a08ce4779cd4dc73c0f2f3d
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/21560
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
In order to prepare for checking RTC failure in the early boot
paths move the rtc failure calculation to pmutil.c and add a helper
function to determine if failure occurred.
BUG=b:63054105
Change-Id: Ia0a38f00d2a5c7270e24bdd35ecab7fbba1016d4
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/21552
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Instead of having each potential caller deal with the differences
of cmos_init() and init_vbnv_cmos() when VBOOT is enabled put the
correct logic within the callee, cmos_init(), for handling the
vbnv in CMOS. The internal __cmos_init() routine returns when the
CMOS area was cleared.
BUG=b:63054105
Change-Id: Ia124bcd61d3ac03e899a4ecf3645fc4b7a558f03
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/21549
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The original purpose of adjust_cpu_apic_entry() was to set
up an APIC map. That map was effectively only used for mapping
*default* APIC id to CPU number in the SMM handler. The normal
AP startup path didn't need this mapping because it was whoever
won the race got the next cpu number. Instead of statically
calculating (and wrong) just initialize the default APIC id
map when the APs come online. Once the APs are online the SMM
handler is loaded and the mapping is utilized.
Change-Id: Idff3b8cfc17aef0729d3193b4499116a013b7930
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/21452
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Always sanity check for EHCI class device and move
PCI function power enablement up.
Change-Id: I1eebe813fbb420738af2d572178213fc660f392a
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/20826
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
There is assumption of static EHCI_BAR_INDEX, try to
clean it up by bringing BAR programming at one spot.
Change-Id: Ie16090536ac5470c24720a54813015250ae2d0dd
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/20825
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
We've just decided to remove the only known use of the VBSD_SW_WP flag
in vboot (https://chromium-review.googlesource.com/c/575389), since it
was unused and never reliable on all platforms anyway. Therefore, we can
now also remove the coreboot infrastructure that supported it. It
doesn't really hurt anyone, but removing it saves a small bit of effort
for future platforms.
Change-Id: I6706eba2761a73482e03f3bf46343cf1d84f154b
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/20628
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
There are many good reasons why we may want to run some sort of generic
callback before we're executing a reset. Unfortunateley, that is really
hard right now: code that wants to reset simply calls the hard_reset()
function (or one of its ill-differentiated cousins) which is directly
implemented by a myriad of different mainboards, northbridges, SoCs,
etc. More recent x86 SoCs have tried to solve the problem in their own
little corner of soc/intel/common, but it's really something that would
benefit all of coreboot.
This patch expands the concept onto all boards: hard_reset() and friends
get implemented in a generic location where they can run hooks before
calling the platform-specific implementation that is now called
do_hard_reset(). The existing Intel reset_prepare() gets generalized as
soc_reset_prepare() (and other hooks for arch, mainboard, etc. can now
easily be added later if necessary). We will also use this central point
to ensure all platforms flush their cache before reset, which is
generally useful for all cases where we're trying to persist information
in RAM across reboots (like the new persistent CBMEM console does).
Also remove cpu_reset() completely since it's not used anywhere and
doesn't seem very useful compared to the others.
Change-Id: I41b89ce4a923102f0748922496e1dd9bce8a610f
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/19789
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
The ASPM options (L1 substates, CLKREQ support, Common Clock and ASPM)
are hardcoded for broadwell chips, but some boards may not support
these ASPM options even if the SoC does support it (non-wired CLKREQ
pin for example).
This is required to disable L1 substates on the Purism/Librem 13 which
seems to have issues with NVMe drives falling into L1.2 state and not
being able to exit that state.
Change-Id: I2c7173af1d482cccdc784e3fa44ecbb5d38ddc34
Signed-off-by: Youness Alaoui <youness.alaoui@puri.sm>
Reviewed-on: https://review.coreboot.org/19899
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
The word 'coreboot' should always be written in lowercase, even at the
start of a sentence.
Change-Id: I7945ddb988262e7483da4e623cedf972380e65a2
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/20029
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philippe Mathieu-Daudé <philippe.mathieu.daude@gmail.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The coreboot sites support HTTPS, and requests over HTTP with SSL are
also redirected. So use the more secure URLs, which also saves a
request most of the times, as nothing needs to be redirected.
Run the command below to replace all occurences.
```
$ git grep -l -E 'http://(www.|review.|)coreboot.org'
| xargs sed -i 's,http://\(.*\)coreboot.org,https://\1coreboot.org,g'
```
Change-Id: If53f8b66f1ac72fb1a38fa392b26eade9963c369
Signed-off-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-on: https://review.coreboot.org/20034
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Add ACPI method GPLD to generate port location data when
passed visiblity info. Will be used by _PLD method in
board-specific USB .asl files.
Change-Id: Id6e6699fe3eaafbe6847479d45c70a1d57bd327a
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/19969
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sumeet R Pawnikar <sumeet.r.pawnikar@intel.com>
Add device/address stubs for XHCI USB ports 7/8, 10-15.
Stub data will be supplemented by board-specific info
added in subsequent commits.
Change-Id: Ice86bd226a70bd5996430e7a68a026cc825ba187
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/19968
Reviewed-by: Martin Roth <martinroth@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This is in preparation to get rid of the strong spi_setup_slave
implemented by different platforms.
BUG=b:38430839
Change-Id: Id3f05a2ea6eb5e31ca607861973d96b507208115
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/19778
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Philippe Mathieu-Daudé <philippe.mathieu.daude@gmail.com>
spi_crop_chunk is a property of the SPI controller since it depends
upon the maximum transfer size that is supported by the
controller. Also, it is possible to implement this within spi-generic
layer by obtaining following parameters from the controller:
1. max_xfer_size: Maximum transfer size supported by the controller
(Size of 0 indicates invalid size, and unlimited transfer size is
indicated by UINT32_MAX.)
2. deduct_cmd_len: Whether cmd_len needs to be deducted from the
max_xfer_size to determine max data size that can be
transferred. (This is used by the amd boards.)
Change-Id: I81c199413f879c664682088e93bfa3f91c6a46e5
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/19386
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Tested-by: coreboot org <coreboot.org@gmail.com>
