SPL: Security Patch Level
The data in SPL is used for FW anti-rollback, preventing rollback of
platform level firmware to older version that are deemed vulnerable
from a security point of view.
BUG=b:216096562
Change-Id: I4665f2372ccd599ab835c8784da08cde5558a795
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/61426
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
The value of level defined in table is the default one. We now give an
extra option in config file to change this value so some FWs can be
dropped in a more optimized way.
For the non A/B recovery mode, The value could be L1, L2, Lb or Lx,
which are level 1, leve 2, level both and using default value. If it
is empty or Lx, left the level in table unchanged.
Give a redundant field [12bxBX] in regular exprssion for A/B recovery
which will be done later.
Change-Id: I0847bc3793467a2299f14d1d2d2486f3f858d7f3
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/57612
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
The issue is reported by Coverity. Using strcpy or strcat copying
string without checking length may cause overflow.
BUG=b:188769921
Reported-by: Coverity (CID:1438964)
Change-Id: I609d9ce405d01c57b1847a6310630ea0341e13be
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/54946
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
PSP whitelist bootloader (PSPBTLDR_WL_FILE) should be copied to type
0x73 entry and not type 0x01 (stage1 bootloader). We will also need to
change WHL BL filename (Type0x01->Type0x73) in a separate CL.
BUG=b:181135622
Change-Id: I71539a2065546547edc8a2621474cd1388b6434b
Signed-off-by: Nikolai Vyssotski <nikolai.vyssotski@amd.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/53892
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
Fixes these warnings:
warning: alignment 1 of 'struct _psp_directory_table' is less
than 16 [-Wpacked-not-aligned]
warning: alignment 1 of 'struct _psp_combo_directory' is less
than 16 [-Wpacked-not-aligned]
In function 'find_register_fw_filename_bios_dir':
warning: implicit conversion from 'enum _amd_fw_type' to
'amd_bios_type' {aka 'enum _amd_bios_type'} [-Wenum-conversion]
BUG=None
TEST=Build and verify binaries are identical.
Signed-off-by: Martin Roth <martin@coreboot.org>
Change-Id: I761d9893ac6737b42af96c4b2a57c5a4fc61ab05
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50643
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Add the stdint.h header, and drop the GLIBC section from amdfwtool.h to build this tool on FreeBSD as well as Linux.
Signed-off-by: Idwer Vollering <vidwer@gmail.com>
Change-Id: I295fd308b0f5e2902931f02c9455823a614976de
Reviewed-on: https://review.coreboot.org/c/coreboot/+/48977
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
To verify the consistency, see if timeless builds with and without
this patch result in identical coreboot.rom files.
BUG=b:154032833
TEST=Build & boot on mandolin
Change-Id: Icae73d0730106aab687486e555ba947796e5e757
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42859
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nikolai Vyssotski <nikolai.vyssotski@amd.corp-partner.google.com>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>