Mitigate issues presented in "Digging Into The Core of Boot" found by
"Yuriy Bulygin" and "Oleksandr Bazhaniuk" at RECON-MTL-2017.
Validate user-provided pointers using the newly-added functions.
This protects SMM from ring0 attacks.
Change-Id: I8a347ccdd20816924bf1bceb3b24bf7b22309312
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41086
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
The wake source macro for GPE events was using 'GPIO'. However,
current usage is really all GPEs. Therefore, provide clarity
in the naming in order to allow for proper GPIO wake events
that are separate from the ACPI GPE block.
BUG=b:159947207
Change-Id: I27d0ab439c58b1658ed39158eddb1213c24d328f
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44527
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
This code has been commented out for a long time. Drop it.
Change-Id: Iddc635dc5bbc7a8b42e97f4e2f6d579a839d874b
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43264
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
These now fit in 96 characters.
Tested with BUILD_TIMELESS=1, Facebook fbg1701 remains identical.
Change-Id: I4275c81d22c03c461c184f26367db80b828033a9
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43932
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
We have definitions for the bits in the PCI COMMAND register. Use them.
Also add spaces around bitwise operators, to comply with the code style.
Change-Id: Icc9c06597b340fc63fa583dd935e42e61ad9fbe5
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43839
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
There's no reason to return the result of a void function.
Tested with BUILD_TIMELESS=1, Google Ninja remains identical.
Change-Id: I677dec1622768874a51effd6d73f0b2329f27aed
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43193
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
According to the ACPI specification, version 6.3:
Accesses to the PM1 status registers are done through byte or word
accesses.
The same is said about the PM1 Enable registers. Therefore, reporting
dword-sized access is wrong and means nothing anyway. Since some other
platforms use word-sized access, use word everywhere for consistency.
Tested on Asus P8Z77-V LX2 with Linux 5.7.6 and Windows 10 at the end of
the patch train, both operating systems are able to boot successfully.
Change-Id: I6f85c9a4126f37ab2a193c3ab50a6c8e62cf6515
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43432
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
All supported x86 chips select HAVE_CF9_RESET, and also use 0xcf9 as
reset register in FADT. How unsurprising. We might as well use that
information to automatically fill in the FADT accordingly. So, do it.
To avoid having x86-specific code under arch-agnostic `acpi/`, create a
new optional `arch_fill_fadt` function, and override it for x86 systems.
Tested on Asus P8Z77-V LX2 with Linux 5.7.6 and Windows 10 at the end of
the patch train, both operating systems are able to boot successfully.
Change-Id: Ib436b04aafd66c3ddfa205b870c1e95afb3e846d
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43389
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
They are ignored if the ACPI_FADT_WBINVD flag is set, which is required
on current ACPI versions and only maintained for ACPI 1.0 compatibility.
Tested on Asus P8Z77-V LX2 with Linux 5.7.6 and Windows 10 at the end of
the patch train, both operating systems are able to boot successfully.
Change-Id: Ief1219542ba71d18153b64180e0ff60bd1e7687b
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43390
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Instead, just flip the desired bits using bitwise operations. As this is
initially zero, the resulting value is the same. This allows flags to be
set from anywhere regardless of execution order.
Tested on Asus P8Z77-V LX2 with Linux 5.7.6 and Windows 10 at the end of
the patch train, both operating systems are able to boot successfully.
Change-Id: Icfd580a20524936cd0adac574331b09fb2aea925
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43387
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
None of the currently-supported chips has PM1b_EVT nor PM1b_CNT event
register blocks. According to the ACPI specification, version 6.3,
sections 4.8.1.1 and 4.8.1.2 (PM1 Event/Control Registers):
If the PM1b_EVT_BLK is not supported, its pointer contains a value of
zero in the FADT.
If the PM1b_CNT_BLK is not supported, its pointer contains a value of
zero in the FADT.
Since the FADT struct defaults to zero in coreboot, we don't need to do
anything with PM1b for now. So, drop unneeded writes to PM1b fields.
Tested on Asus P8Z77-V LX2 with Linux 5.7.6 and Windows 10 at the end of
the patch train, both operating systems are able to boot successfully.
Change-Id: Iff788b2ff17ba190a8dd9b0b540f1ef059a1a0ea
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43380
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
None of the currently-supported chips has a GPE1 block. The ACPI spec,
version 6.3, section 4.8.1.6 (General-Purpose Event Registers) says:
If a generic register block is not supported then its respective
block pointer and block length values in the FADT table contain zeros.
Since the FADT struct defaults to zero in coreboot, we don't need to do
anything with GPE1 for now. So, drop the unneeded writes to GPE1 fields.
Tested on Asus P8Z77-V LX2 with Linux 5.7.6 and Windows 10 at the end of
the patch train, both operating systems are able to boot successfully.
Change-Id: Iefc4bbc6e16fac12e0a9324d5a50b20aad59a6cd
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43379
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Michael Niewöhner
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Intel southbridges do this. Also make `acpi_sci_irq` non-static as it is
needed outside acpi.c with this change.
Change-Id: I2fd2ec5a3029dc1bd1fa65dc3d1af5505f1f1dad
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43377
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Maxim Polyakov <max.senia.poliak@gmail.com>
This reduces the differences between Bay Trail and Braswell.
Change-Id: I60e4db72eed17cdeebd30b010f351e1ffc4187e3
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43182
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
The PCI COMMAND register is 16 bits wide, so do not use 32-bit ops.
Change-Id: I1baba632bda4a50d5279ca3659047d1dd1e8da34
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43181
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
In some cases, the SoC did not even select `REG_SCRIPT` in Kconfig.
Change-Id: I617f332b80c534997e06a91247d1be90a85573be
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43138
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Bring all GNVS related initialisation function to global
scope to force identical signatures. Followup work is
likely to remove some as duplicates.
Change-Id: Id4299c41d79c228f3d35bc7cb9bf427ce1e82ba1
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42489
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Except for whitespace and varying casts the codes were
the same when implemented.
Platforms that did not implement this are tagged with
ACPI_NO_SMI_GNVS.
Change-Id: I31ec85ebce03d0d472403806969f863e4ca03b6b
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42362
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Kconfig 4.17 started using the $(..) syntax for environment variable
expansion while we want to keep expansion to the build system.
Older Kconfig versions (like ours) simply drop the escapes, not
changing the behavior.
While we could let Kconfig expand some of the variables, that only
splits the handling in two places, making debugging harder and
potentially messing with reproducible builds (e.g. when paths end up
in configs), so escape them all.
Change-Id: Ibc4087fdd76089352bd8dd0edb1351ec79ea4faa
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42481
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
For baytrail and braswell, explicitly initialise
it to ACTIVE_ECFW_RO without ChromeEC.
For broadwell and skylake, fix it to report actual
google_ec_running_ro() status.
Change-Id: I30236c41c9261fd9f8565e1c5fdbfe6f46114e28
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42389
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Some of the boards do not select SYSTEM_TYPE_LAPTOP or _CONVERTIBLE
so their FADT preffered_pm_profile would change from PM_MOBILE without
the added overrides here.
Change-Id: I04b602b2c23fbd163fcd110a44ad25c6be07ab66
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41920
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Advertising SMI triggers in FADT is only valid if we exit with
SMI installed. There has been some experiments to delay SMM
installation to OS, yet there are new platforms that allow some
configuration access only to be done inside SMM.
Splitting static HAVE_SMI_HANDLER variable helps to manage cases
where SMM might be both installed and cleared prior to entering
payload.
Change-Id: Iad92c4a180524e15199633693446a087787ad3a2
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41910
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
When no SMI is installed, FADT should not advertise a trigger
mechanism that does not respond.
Change-Id: Ifb4f99c11a72e75ec20b9faaf62aed5546de91fa
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41909
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
It never was in GNVS, it never belonged among the ACPI tables. Having
it in CBMEM, makes it easy to look the location up on resume, and saves
us additional boilerplate.
TEST=Booted Linux on Lenovo/X201s, confirmed ASLS is set and
intel_backlight + acpi_video synchronize, both before and
after suspend.
Change-Id: I5fdd6634e4a671a85b1df8bc9815296ff42edf29
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40724
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
After removal of CAR_MIGRATION there are no more reasons
to carry around ENV_STAGE_HAS_BSS_SECTION=n case.
Replace 'MAYBE_STATIC_BSS' with 'static' and remove explicit
zero-initializers.
Change-Id: I14dd9f52da5b06f0116bd97496cf794e5e71bc37
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40535
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
pci_domain_set_resources is duplicated in all the SOCs. This change
promotes the duplicated function.
Picasso was adding it again in the northbridge patch. I decided to
promote the function instead of duplicating it.
BUG=b:147042464
TEST=Build and boot trembyle.
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Change-Id: Iba9661ac2c3a1803783d5aa32404143c9144aea5
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41041
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Stefan thinks they don't add value.
Command used:
sed -i -e '/file is part of /d' $(git grep "file is part of " |egrep ":( */\*.*\*/\$|#|;#|-- | *\* )" | cut -d: -f1 |grep -v crossgcc |grep -v gcov | grep -v /elf.h |grep -v nvramtool)
The exceptions are for:
- crossgcc (patch file)
- gcov (imported from gcc)
- elf.h (imported from GNU's libc)
- nvramtool (more complicated header)
The removed lines are:
- fmt.Fprintln(f, "/* This file is part of the coreboot project. */")
-# This file is part of a set of unofficial pre-commit hooks available
-/* This file is part of coreboot */
-# This file is part of msrtool.
-/* This file is part of msrtool. */
- * This file is part of ncurses, designed to be appended after curses.h.in
-/* This file is part of pgtblgen. */
- * This file is part of the coreboot project.
- /* This file is part of the coreboot project. */
-# This file is part of the coreboot project.
-# This file is part of the coreboot project.
-## This file is part of the coreboot project.
--- This file is part of the coreboot project.
-/* This file is part of the coreboot project */
-/* This file is part of the coreboot project. */
-;## This file is part of the coreboot project.
-# This file is part of the coreboot project. It originated in the
- * This file is part of the coreinfo project.
-## This file is part of the coreinfo project.
- * This file is part of the depthcharge project.
-/* This file is part of the depthcharge project. */
-/* This file is part of the ectool project. */
- * This file is part of the GNU C Library.
- * This file is part of the libpayload project.
-## This file is part of the libpayload project.
-/* This file is part of the Linux kernel. */
-## This file is part of the superiotool project.
-/* This file is part of the superiotool project */
-/* This file is part of uio_usbdebug */
Change-Id: I82d872b3b337388c93d5f5bf704e9ee9e53ab3a9
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41194
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This change moves all ACPI table support in coreboot currently living
under arch/x86 into common code to make it architecture
independent. ACPI table generation is not really tied to any
architecture and hence it makes sense to move this to its own
directory.
In order to make it easier to review, this change is being split into
multiple CLs. This is change 3/5 which basically is generated by
running the following command:
$ git grep -iIl "arch/acpi" | xargs sed -i 's/arch\/acpi/acpi\/acpi/g'
BUG=b:155428745
Change-Id: I16b1c45d954d6440fb9db1d3710063a47b582eae
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40938
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
.acpi_inject_dsdt() does not need to modify the device
structure. Hence, this change makes the struct device * parameter to
acpi_inject_dsdt as const.
Change-Id: I3b096d9a5a9d649193e32ea686d5de9f78124997
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40711
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
