* Introduce a measured boot mode into vboot.
* Add hook for stage measurements in prog_loader and cbfs.
* Implement and hook-up CRTM in vboot and check for suspend.
Change-Id: I339a2f1051e44f36aba9f99828f130592a09355e
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/c/29547
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The option to specify a binary file name was added later for platforms
that do not provide microcode updates in our blobs repository. Alas,
it wasn't visible what platforms these are. And if you specified a file
for a platform that already had one, they were all included together.
Make it visible which platforms don't provide binaries with the new con-
figs MICROCODE_BLOB_NOT_IN_BLOB_REPO, MICROCODE_BLOB_NOT_HOOKED_UP and
MICROCODE_BLOB_UNDISCLOSED. Based on that we can decide if we want to
include binaries by default or explicitly show that no files are inclu-
ded (default to CPU_MICROCODE_CBFS_NONE).
Also split CPU_MICROCODE_CBFS_GENERATE into the more explicit
CPU_MICROCODE_CBFS_DEFAULT_BINS and CPU_MICROCODE_CBFS_EXTERNAL_BINS.
And clean up the visibility of options: Don't show CBFS related options
on platforms that don't support it and don't show external file options
if the platform uses special rules for multiple files (CPU_MICROCODE_
MULTIPLE_FILES).
Change-Id: Ib403402e240d3531640a62ce93b7a93b4ef6ca5e
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/c/29934
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The same file was replicated three times for certain
soc/intel bootblocks, yet there are no indications or need to do
chipset-specific initialisation.
There is no harm in storing the TSC values in MMX registers
even when they would not be used.
Change-Id: Iec6fa0889f5887effca1d99ef830d383fb733648
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30393
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Newer CPUs/SoCs need to configure other features via the
IA32_FEATURE_CONTROL msr, such as SGX, which cannot be done if the
msr is already locked. Create separate functions for setting the
vmx flag and lock bit, and rename existing function to indicate that
the lock bit will be set in addition to vmx flag (per Kconfig).
This will allow Skylake/Kabylake (and others?) to use the common
VMX code without breaking SGX, while ensuring no change in functionality
to existing platforms which current set both together.
Test: build/boot each affected platform, ensure no change in functionality
Change-Id: Iee772fe87306b4729ca012cef8640d3858e2cb06
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30229
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: David Guckian
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
RAM is reserved for Chromeos even when Chrome is not used.
Use CONFIG_CHROMEOS to determine if RAM must be reserved.
BUG=N/A
TEST=Intel CherryHill CRB
Change-Id: I3f55bf96ab2ec66cddbb54de03455a9bfd194682
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/29332
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
The Intel GMA ACPI opregion address needs to be set on S3 resume,
otherwise the Windows display driver fails to re-initialize correctly.
Fix by ensuring the address is set correctly regardless of display
init type used (GOP or VBIOS).
Test: build/boot on google/edgar, ensure internal display functional
following S3 resume under Windows 10.
Change-Id: I471c44e8ba4514e4a2ddf6739109b759145598ed
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/30233
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Instead of ELOG_GSMI_APM_CNT use APM_CNT_ELOG_GSMI and define it in
cpu/x86/smm.h
Change-Id: I3a3e2f823c91b475d1e15b8c20e9cf5f3fd9de83
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/30022
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use acpigen_write_processor_cnot to implement notifications to the CPU.
Change-Id: I93c11e89da34c5432c6ce0415998b47bad339763
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/29889
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Using 0 for PIRQ_PIC_IRQDISABLE might conflict with using IRQ0 as PIRQ.
Change PIRQ_PIC_IRQDISABLE value to 0x80, so value 0 is reserved for IRQ0.
BUG=N/A
TEST=Intel CherryHill CRB
Change-Id: I18706f12e7c2293e948eb10818393f0d1870f514
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/29393
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The sizes of IO_BASE and ILB_BASE areas a incorrect.
Correct IO_BASE_SIZE and ILB_BASE_SIZE values.
BUG=N/A
TEST=Intel CherryHill CRB
Change-Id: I23c3fd608598c5ec2271d393168ac4bf406772b4
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/29392
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The resources of the local APIC are not reserved.
Use mmio_resource() to add local APIC resources.
BUG=N/A
TEST=Intel CherryHill CRB
Change-Id: Ieb9de45098d507d59f1974eddb7a94cb18ef7903
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/29375
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
ACPI and GPIO base are used by LPC controller, but not reserved.
Both bases are added to the LPC device resources.
BUG=N/A
TEST=Intel CherryHill CRB
Change-Id: I5248694b497c4965d79dd7c25ec97592dc0dddbc
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/29288
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
The GPIO and ACPI base sizes have defines, but they are not used.
Use GPIO_BASE_SIZE and ACPI_BASE_SIZE.
BUG=N/A
TEST=Intel CherryHill CRB
Change-Id: I348eda57ab9dc0bd45f8dc9ab0e7c47c462102fe
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/29788
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The timer interrupts don't appear when HPET is enabled. This
result in Linux reporting 'MP-BIOS bug: 8254 timer not connected
to IO-APIC'
Enabling CONFIG_DISABLE_HPET disables OS use of HPET.
Intel issue 4800413 (doc #5965535) reports Windows7/Ubuntu Installation
Hang or Slow Boot Issue.
BUG=Intel #4800413
TEST=Portwell PQ7-M107
Change-Id: Ie9a78dcc736eb057c040a0a303c812adb1f76f3c
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/29655
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Braswell allready supported vmx, but offered no mechanism to unset it, nor
to set the lock bit required for Windows to recognize virtualization.
Enable this functionality by adding CPU_INTEL_COMMON config.
Test: build/boot Windows 10 on Braswell ChromeOS device, verify Windows shows
virtualization as enabled.
Change-Id: I0d39abaeb9eebcceb37dc791df6b06e521fe1992
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/29570
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
soc_rtc_init() is executed in ramstage
The soc_rtc_init() needs to be executeed before FSP is called. Move the RTC
init from ramstage to romstage.
BUG=N/A
TEST=Intel CherryHill CRB
Change-Id: Ic19c768bf9d9aef7505fb9327e4eedf7212b0057
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/29397
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
- should not check VBOOT_STARTS_IN_BOOTBLOCK to set context flag
- implement vboot_platform_is_resuming on platforms missing it
- add ACPI_INTEL_HARDWARE_SLEEP_VALUES to two intel southbridges
[ originally https://review.coreboot.org/c/coreboot/+/28750 ]
BUG=b:114018226
TEST=compile coreboot
Change-Id: I1ef0bcdfd01746198f8140f49698b58065d820b9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/29060
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Make use of the common CF9 reset in SOC_INTEL_COMMON_RESET. Also
implement board_reset() as a "full reset" (aka. cold reset) as that
is what was used here for hard_reset().
Drop soc_reset_prepare() thereby, as it was only used for APL. Also,
move the global-reset logic.
We leave some comments to remind us that a system_reset() should
be enough, where a full_reset() is called now (to retain current
behaviour) and looks suspicious.
Note, as no global_reset() is implemented for Denverton-NS, we halt
there now instead of issuing a non-global reset. This seems safer;
a non-global reset might result in a reset loop.
Change-Id: I5e7025c3c9ea6ded18e72037412b60a1df31bd53
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/29169
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Its spreading copies got out of sync. And as it is not a standard header
but used in commonlib code, it belongs into commonlib. While we are at
it, always include it via GCC's `-include` switch.
Some Windows and BSD quirk handling went into the util copies. We always
guard from redefinitions now to prevent further issues.
Change-Id: I850414e6db1d799dce71ff2dc044e6a000ad2552
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/28927
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
No support for SoC D-1 stepping is available.
According to Intel doc #332095-015 stepping C-0 has revision
id 0x21 and D-1 revision ID 0x35.
Also correct the RID_C_STEPPING_START value for C-0.
BUG=none
TEST=Built, Intel Cherry Hill Rev F.
Change-Id: I29268f797f68aa4e3b6203e098485e0bd4a44fc4
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/27471
Reviewed-by: Wim Vervoorn
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
HAVE_INTEL_FIRMWARE is used to enable certain options that rely on a valid
Inter Flash Descriptor to exist. It does *not* identify platforms or boards
that are capable of running in descriptor mode if it's valid.
Refine the help text to make this clear.
Introduce a new option INTEL_DESCRIPTOR_MODE_CAPABLE that does simply
declare that IFD is supported by the platform. Select this value everywhere
instead of the HAVE_INTEL_FIRMWARE and default HAVE_INTEL_FIRMWARE to
y if INTEL_DESCRIPTOR_MODE_CAPABLE is selected.
Move the QEMU Q35 special case (deselection of HAVE_INTEL_FIRMWARE) to
the mainboard directory.
Change-Id: I4791fce03982bf0443bf0b8e26d9f4f06c6f2060
Signed-off-by: Stefan Tauner <stefan.tauner@gmx.at>
Reviewed-on: https://review.coreboot.org/28371
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
- Remove unused acpi_get_chromeos_acpi_info (see CB:28190)
- Make function naming in gnvs.h consistent (start with "chromeos_")
BUG=b:112288216
TEST=compile and run on eve
Change-Id: I5b0066bc311b0ea995fa30bca1cd9235dc9b7d1b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/28406
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Since we can derive chromeos_acpi's location from that of
ACPI GNVS, remove chromeos_acpi entry from cbtable and
instead use acpi_gnvs + GVNS_CHROMEOS_ACPI_OFFSET.
BUG=b:112288216
TEST=None
CQ-DEPEND=CL:1179725
Change-Id: I74d8a9965a0ed7874ff03884e7a921fd725eace9
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/28190
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Since we can retrieve the address of ACPI GNVS directly
from CBMEM_ID_ACPI_GNVS, there is no need to store and
update a pointer separately.
TEST=Compile and run on Eve
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I59f3d0547a4a724e66617c791ad82c9f504cadea
Reviewed-on: https://review.coreboot.org/28189
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
There is no need to redefine option present in
southbridge/intel/common/firmware/Kconfig.
FAKE_IFD depends on out tree flashrom patches for which there are better
alternatives available now, so don't build with FAKE_IFD by default.
Change-Id: Icd41137a1bbfe519c89a71cc0c7c3755558bd834
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/28010
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Tristan Corrick <tristan@corrick.kiwi>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Adapted from chromium commit 126d352
[Strago: switch Touchpad and Touchscreen interrupts to be level-triggered]
The Elan and other touch controllers found in this device work much
more reliably if used with level-triggered interrupts rather than
edge-triggered.
TEST=Boot several cyan boards, verify that touchpad and touchscreen
work.
Original-Change-Id: I59d05d9dfa9c41e5472d756ef51f0817a503c889
Original-Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/894689
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Change-Id: Ia4f8cf83351dae0d78995ce0b0ed902d1e4ac3e8
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/27759
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Logic: If vboot is not used and the tpm is not initialized in the
romstage makes use of the ramstage driver to initialize the TPM
globally without having setup calls in lower SoC level implementations.
* Add TPM driver in ramstage chip init which calls the tpm_setup
function.
* Purge all occurrences of TPM init code and headers.
* Only compile TIS drivers into ramstage except for vboot usage.
* Remove Google Urara/Rotor TPM support because of missing i2c driver
in ramstage.
Change-Id: I7536c9734732aeaa85ccc7916c12eecb9ca26b2e
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/24905
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This is how these MSR's are referenced in Intel® 64 and IA-32 Architectures
Software Developer’s Manual.
The purpose is to differentiate with MSR_SMRR_PHYSx.
Change-Id: I54875f3a6d98a28004d5bd3197923862af8f7377
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/27584
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Currently thermal event support can not be disabled at board level.
Define and dependent code are placed in same file.
Move define of HAVE_THERM_EVENT_HANDLER to mainboard file.
Change-Id: Icb532e5bc7fd171ee2921f9a4b9b2150ba9f05c5
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/27415
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
