Commit Graph

2862 Commits

Author SHA1 Message Date
Nico Huber d5829e9bdb buildgcc: Relax GNAT version checks
Compiling the GNAT frontend of GCC seems to have stabilized since GCC
4.9.0. So build it by default if GNAT >= 4.9 is installed.

TEST=Bootstrapped all GCC versions from 4.9.0 to 6.2 and built the
     i386 cross toolchain with each.

Change-Id: I9d1127595dc6b9bcece9c5e5cc7e45f467744ab9
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/18777
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philippe Mathieu-Daudé <philippe.mathieu.daude@gmail.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-03-23 18:41:21 +01:00
Nico Huber cdf79e6a8d buildgcc: Fix check for a .success file
We were looking for the wrong file for some time. With bootstrapping
enabled, this resulted in a spurious message about the host GCC being
already built.

Change-Id: Ieb52c5925ea5615c83311319f22693b72f4987f9
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/18776
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-03-23 18:41:09 +01:00
Patrick Georgi dce629b2f8 util/cbfstool: avoid memleaks and off-by-ones
Change-Id: Iac136a5dfe76f21aa7c0d5ee4e974e50b955403b
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: scan-build 3.8
Reviewed-on: https://review.coreboot.org/18134
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-03-20 20:05:09 +01:00
Arthur Heymans 98e77c77fd util/autoport: Create superiotool logs
Change-Id: I29797ac6078c0488cb75a8e510bfd5ddf49e4b8b
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/18483
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins)
2017-03-14 23:03:29 +01:00
Nico Huber 0ff3b392a9 buildgcc: Search for `xz` too
Change-Id: I05d5f26f7cf9ab41b14aaecfe421b88ef9a2394a
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/18775
Tested-by: build bot (Jenkins)
Reviewed-by: Idwer Vollering <vidwer@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philippe.mathieu.daude@gmail.com>
2017-03-14 16:59:45 +01:00
Arthur Heymans 1b69d73530 board_status/towiki.sh: Fix Socket for Sandy and Ivy Bridge
Change-Id: I4c94209c424f56516033c07c4365401a6b217a37
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/18478
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Martin Roth <martinroth@google.com>
2017-03-14 02:32:36 +01:00
Nicola Corna 4fbd1aab33 util/superiotool: Add support for Fintek F71808A
Default values taken from the datasheet and from the dump of
an uninitialized F71808A on a Sapphire Pure Platinum H61.

Both the control registers and the HWM configuration registers
are added.

Change-Id: Ia6e2a7c13a5086d19ebdb426f2f975b43220a273
Signed-off-by: Nicola Corna <nicola@corna.info>
Reviewed-on: https://review.coreboot.org/18562
Tested-by: build bot (Jenkins)
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
2017-03-13 17:10:02 +01:00
Hannah Williams 589fc3473e ifdtool: Add SPI_FREQUENCY_50MHZ_30MHZ as a valid freq
Without this change, error "Unknown descriptor version: 4" will be
returned if this frequency is selected (seen on GLKRVP)

Change-Id: Ib5bfb996b85c7245d8f9c70988bfd5bbac882d74
Signed-off-by: Hannah Williams <hannah.williams@intel.com>
Reviewed-on: https://review.coreboot.org/18688
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
2017-03-10 11:20:39 +01:00
Idwer Vollering 171d1a5979 toolchain: fix compilation of GMP on FreeBSD
Built on FreeBSD -CURRENT
Obtained from FreeBSD: bbedec80e3

Change-Id: Ic6b6db8e3a9d86a30c50a09d58566846446031ea
Signed-off-by: Idwer Vollering <vidwer@gmail.com>
Reviewed-on: https://review.coreboot.org/18675
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-03-09 12:15:56 +01:00
Martin Roth 010905ed2f uti/lint/checkpatch: Fix __attribute__ struct errors for OPEN_BRACE
The __attribute__((weak)) lines on structs were being read as functions,
causing a warning that the brace should be on the next line.
Add a check to see if it's a struct with an attribute, and ignore it for
the OPEN_BRACE check if it is.

Change-Id: Ieb0c96027e8df842f60ca7c9de7aac941eed1dc2
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/18570
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Lee Leahy <leroy.p.leahy@intel.com>
2017-03-09 04:37:43 +01:00
Martin Roth a3cac87ea8 uti/lint/checkpatch: add --exclude to ignore specific directories
checkpatch: add option for excluding directories
when importing code from external sources

Using --exclude <dir> we should be able to exclude a list of well
defined locations in the tree that carry sources from other projects
with other styles.

This comes from the 01org/zephyr project in github:
Original-Change-Id: I7d321e85eed6bc37d5c6879ae88e21d20028a433
Original-Signed-off-by: Anas Nashif <anas.nashif@intel.com>

Change-Id: Icc9e841e7d84026d6ab857ff90b0f093515ccaad
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/18568
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Philippe Mathieu-Daudé <philippe.mathieu.daude@gmail.com>
2017-03-09 04:37:11 +01:00
Huan Truong 8c247a2a79 util/intelmetool: Add support for Wildcat Point LP
This adds support for the Wildcat Point LP for intelmetool.

When the tool detected a Wildcat Point LP,
then the ME will be reported as  difficult-to-remove.

Change-Id: I35423db11cdc1e21e7f02ce90dace7fb4d236c45
Signed-off-by: Huan Truong <htruong@tnhh.net>
Reviewed-on: https://review.coreboot.org/18575
Tested-by: build bot (Jenkins)
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2017-03-08 04:36:04 +01:00
Huan Truong 2a1ae05316 util/intelmetool: Fix segfault on edge cases
The intel ME checker tool would segfault if it reaches the end of
the loop without having the dev pointer set. This happens when
it gets to the end of the previous loop without knowing what to do
with any of the devices it sees.

This patch makes sure the pointer is not NULL before accessing it.

Change-Id: Ia13191799d7e00185947f9df5188cb2666c43e2a
Signed-off-by: Huan Truong <htruong@tnhh.net>
Reviewed-on: https://review.coreboot.org/18573
Tested-by: build bot (Jenkins)
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2017-03-08 04:34:34 +01:00
Martin Roth 93757f8543 util/scripts/get_maintainer.pl: Remove linux tree check
This was removed from the previous version, but we'd like it in
a separate patch, so it's obvious and can easily be applied to the
next version.

Change-Id: I9396009e82e762aa0cc037dbe9e7133962af6354
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/18577
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-03-07 15:03:45 +01:00
Martin Roth ae34e97ad7 util/scripts: Update get_maintainer.pl to latest from linux kernel
This is version 03aed21 from linux/scripts, updated on Dec 12, 2016.

The version needs to be updated because Perl version 5.20 deprecated the
/C regex expression.  Perl version 5.24 removed it completely, so the
old version fails to run on the coreboot builders.

Change-Id: Ib97997237ca64c65d7f91d568ae4bec000804331
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/18571
Tested-by: build bot (Jenkins)
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-03-07 15:03:29 +01:00
Martin Roth 561f368a2f util/docker: Update dockerfiles & build method
All files:
- Previously, various things were hardcoded into the docker containers
that made it necessary to update the Dockerfile files for each new
version of the sdk.  Turn those into 'Variables" that are updated during
the build step.  Because the makefile is piping the dockerfile through
the sed command and back into the docker build command, the normal
docker "COPY" keyword doesn't work.

coreboot-jenkins-node changes:
- Run ssh-keygen -A to explicitly generate the ssh keys.  This fixes an
error:  Could not load host key: /etc/ssh/ssh_host_dsa_key

coreboot-sdk changes:
- Remove apt-get upgrade command - The Dockerfile guide recommends
not to run this.
- Change libssl-dev to libssl1.0-dev. libssl-dev's header files won't
build the Chrome-EC codebase.
- Add libisl-dev, needed to build the riscv toolchain.
- Build the toolchain using the -b option
- Add environment variables containing the version and commit that the
coreboot-sdk was built from.

Makefile:
- Update targets to use the version and commit variables

Change-Id: I2c1376fe4b791da2a62fca11bc92c4774cbef1c8
Signed-off-by: Martin Roth <gaumless@gmail.com>
Reviewed-on: https://review.coreboot.org/18001
Tested-by: build bot (Jenkins)
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2017-03-06 00:30:35 +01:00
Iru Cai 03353de80b buildgcc: Update GCC, Binutils, GMP, MPFR, GDB, IASL and LLVM
- GCC gets updated from 5.2.0 to 6.3.0:
gcc-6.3.0_riscv.patch is a diff between 5fcb8c4 and 173684b in
riscv-gcc, and it needs gcc-6.3.0_memmodel.patch.

- Binutils goes from 2.26.1 to 2.28:
There is a build error for MIPS gold so I add patch for it.

- GMP gets a bump from 6.1.0 to 6.1.2
- MPFR is updated from 3.1.4 to 3.1.5
- GDB is upgraded from 6.1.1 to 6.1.2
- IASL is changed from 20160831 to 20161222
- LLVM is changed from 3.8.0 to 3.9.1

Change-Id: I20fea838d798c430d8c4d2cc6b07614d967c60c5
Signed-off-by: Iru Cai <mytbk920423@gmail.com>
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/17189
Tested-by: build bot (Jenkins)
2017-03-05 18:35:18 +01:00
Nicola Corna e38f85915f util/me_cleaner: Pull the latest changes from upstream
Relevant changes (commit 250b2ec):
 * Fix a bug for ME6 Ignition images.
 * Fix signature checking for ME11 and later.
 * Add command line arguments.
 * Add an option to relocate the FTPR partition to the top of the
    ME region, recovering most of the ME region space.
 * Print the image minimum size.
 * Add write boundary checks, to prevent writes on other regions
    in case of bugs.

The new changes have been tested on multiple platforms by the
me_cleaner users. They have been tested also on the author's
X220T with coreboot, where the ME region has been shrinked up to
84 kB without any issue.

Change-Id: I3bd6b4cba9f5eebc3cd4892dd9f188744a06c42b
Signed-off-by: Nicola Corna <nicola@corna.info>
Reviewed-on: https://review.coreboot.org/18473
Tested-by: build bot (Jenkins)
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2017-03-02 22:04:08 +01:00
Iru Cai bc5112029b autoport: add "-d" option to ectool to dump registers
Change-Id: I7de37a026a0899c2d07ea17c9377c8d2283450ab
Signed-off-by: Iru Cai <mytbk920423@gmail.com>
Reviewed-on: https://review.coreboot.org/18481
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
2017-03-02 21:59:27 +01:00
Denis 'GNUtoo' Carikli efd9dee646 board-status: Add README
It explains the prerequisites to run the script, some
background on how to setup the computer running the script,
and the board it gathers the information from.

That information is too long to fit inside the script's
help.

Change-Id: Iecba7310ff1583149c02728e955716775bcbbdc4
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
Reviewed-on: https://review.coreboot.org/6660
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
2017-02-20 04:43:39 +01:00
Denis 'GNUtoo' Carikli 418e808fa6 boardstatus: wiki: Update XiVO's coreboot fork source address
This company doesn't do custom hardware anymore and doesn't
host the sources anymore. We therefore point to the archived
sources instead.

Change-Id: I5ce4f6a468b852fc1d0947fe2b28a5297f14c437
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
Reviewed-on: https://review.coreboot.org/11889
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Tested-by: build bot (Jenkins)
2017-02-18 23:40:51 +01:00
Furquan Shaikh e67002968b sconfig: Add a new "SPI" device type
Update sconfig lex and yacc files to add support for a new "SPI" device
type in the devicetree. SPI device takes only parameter i.e. chip select
number for the device on the SPI bus.

Re-generate the shipped files for sconfig using flex 2.6.0 and bison
3.0.4 (make CONFIG_SCONFIG_GENPARSER=1). Clean up local paths that leak
into generated files.

BUG=chrome-os-partner:59832
BRANCH=None
TEST=Compiles successfully.

Change-Id: If0831e25b3e4ed87827ad92356d7bf47b6387884
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/18339
Tested-by: build bot (Jenkins)
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2017-02-16 08:41:15 +01:00
Martin Roth 03e9d6aa13 util/lint: Don't check license text for files with under 5 lines
Change-Id: I7c1e3cf558d447838819b4d6a63d93d48d5f13e0
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/18316
Tested-by: build bot (Jenkins)
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2017-02-14 18:37:40 +01:00
Patrick Georgi ded1e05d11 util/romcc: Don't reference a variable after checking it for NULL
Change-Id: Ic8e850bdf75d38fc061fb3a8c55d38bcf09c305a
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1129146
Reviewed-on: https://review.coreboot.org/17886
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-02-10 18:01:52 +01:00
Damien Zammit 0685322f4a util/blobtool: Add new tool for compiling/decompiling data blobs
Given a specification of bitfields defined e.g. as follows:

	specfile:
		{
			"field1" : 8,
			"field2" : 4,
			"field3" : 4
		}
and a set of values for setting defaults:
	setterfile:
		{
			"field1" = 0xff,
			"field2" = 0xf,
			"field3" = 0xf
		}

You can generate a binary packed blob as follows:
	./blobtool specfile setterfile binaryoutput
	binaryoutput:	ff ff

The reverse is also possible, i.e. you can regenerate the setter:
	./blobtool -d specfile binaryoutput setterorig
	setterorig:
		# AUTOGENERATED SETTER BY BLOBTOOL
		{
			"field1" = 0xff,
			"field2" = 0xf,
			"field3" = 0xf
		}

This tool comes with spec/set files for X200 flash descriptor
and ICH9M GbE region, and can be extended or used to decompile
other data blobs with known specs.

Change-Id: I744d6b421003feb4fc460133603af7e6bd80b1d6
Signed-off-by: Damien Zammit <damien@zamaudio.com>
Reviewed-on: https://review.coreboot.org/17445
Tested-by: build bot (Jenkins)
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Martin Roth <martinroth@google.com>
2017-02-04 23:18:35 +01:00
Patrick Rudolph 8a06cc7ec8 util/ifdtool: Fix ICH Gbe unlock
With coreboot 4.4 switched to "Descriptor mode" for Lenovo T500
it automatically unlocks all flash regions. For Gbe region
the "Requester ID" was hardcoded resulting in *dead* Gbe.

Keep board specific "Requester ID" while unlocking Gbe region.

Allows Lenovo T500 to boot with IFD "Descriptor mode" with unlocked
flash regions.

Signed-off-by: Patrick Rudolph <siro@das-labor.org>

Change-Id: Ia4b5d1928e84bee42182fc83020e3a13fadc93c4
Reviewed-on: https://review.coreboot.org/18055
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2017-02-04 17:36:21 +01:00
Steven Dee 3236f7be09 ectool: Support OpenBSD
Adds checks for OpenBSD in all the places that were already checking for
NetBSD. This fixes e.g.:

    ec.c:21:20: error: sys/io.h: No such file or directory

which was caused by defaulting to Linux.

Also, OpenBSD calls its amd64 iopl amd64_iopl instead of x86_64_iopl.
This change just defines iopl appropriately depending on the
OS and architecture.

TEST=Build on OpenBSD 6.0 or -current from 2017-01-25.

Change-Id: If6d92a9850c15cd9f8e287cc4f963d3ff881f72c
Signed-off-by: Steven Dee <i@wholezero.org>
Reviewed-on: https://review.coreboot.org/18260
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2017-02-02 15:29:10 +01:00
Patrick Georgi be182ad380 util/xcompile: parallelize compiler checks
Speed up the execution of this script from ~6 seconds to ~1 on my
system.

There are some changes to its output, but they're actually _more_
correct: so far, architectures without compiler support kept compiler
options for architectures that ran successfully earlier.

Change-Id: I0532ea2178fbedb114a75cfd5ba39301e534e742
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/18262
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-31 18:51:47 +01:00
Iru Cai 8bf53a9f4e autoport: add missing parameter for pc_keyboard_init()
This fixes the build for the generated code for boards with PS/2
keyboard, since commit 448e386309 updated the pc_keyboard_init()
function.

Change-Id: I776b49b847985296eaca4af6d6e49ab5d6abbafe
Signed-off-by: Iru Cai <mytbk920423@gmail.com>
Reviewed-on: https://review.coreboot.org/18242
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-01-29 00:36:24 +01:00
Arthur Heymans 017b56558f board_status/towiki.sh: Add socket LGA775
Intel Core 2 is not further specified since not all chipsets support
quad cores, which could confuse users.

Change-Id: I86c0a41743fe784f432347fa639d3c26604e058e
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/18235
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2017-01-27 19:42:36 +01:00
Martin Roth 9ee70ce587 util/docker: Update makefile target names
- Use dashes instead of underscores for consistency and to match other
coreboot targets
- Fix a couple of places where old target names were referenced
- Remove double 'help' target from .PHONEY target list

Change-Id: I3b464ebf74653a8cc880e982316fd883757ec728
Signed-off-by: Martin Roth <gaumless@gmail.com>
Reviewed-on: https://review.coreboot.org/18000
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-01-27 19:41:05 +01:00
Martin Roth af25fd78e8 util/docker: Update makefile with command to kill docker images
Kill running docker containers before trying to remove images or
containers.

Change-Id: Id2de90edbe5d0dc6ecb906be7101ad9744dbd11e
Signed-off-by: Martin Roth <gaumless@gmail.com>
Reviewed-on: https://review.coreboot.org/17999
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-01-27 19:40:41 +01:00
Martin Roth 27f3ce6337 board_status/to-wiki: Update bucketize script
- Fix TODO: restrict $1 to allowed values.
- Specifically exclude 'oem' board status directories.
- Exclude any directory that doesn't follow the date format to keep
the script from breaking again in the future if something it doesn't
recognize is pushed.  Just ignore it for the wiki.
- Fix shellcheck warnings.

Change-Id: I2864f09f5f1b1f5ec626d06e4849830400ef5814
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/18225
Tested-by: build bot (Jenkins)
Reviewed-by: Timothy Pearson <tpearson@raptorengineering.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2017-01-27 04:37:33 +01:00
Nicola Corna 9bcc002f1e util: Add me_cleaner
me_cleaner is a tool to strip down Intel ME/TXE images by removing all
the non-fundamental code, while keeping the ME/TXE image valid and
suitable for booting the system. The remaining code (ROMP and BUP
modules) is the one responsible for the very basic initialization of
the ME/TXE subsystem and can't be removed.

This tool exploits the fact that:
 * Each ME/TXE partition is signed individually and it is possible to
    remove both the partition and the signature.
 * The ME/TXE modules are not signed directly, instead they are hashed
    and the list of their hashes is hashed again and signed: this
    means that modifying a module doesn't invalidate the signature,
    but only the hash of that single module.
 * The modules hashes are checked only when the corresponding module
    needs to be executed.
 * The system can boot after the execution of the first module (BUP,
    inside the FTPR partition), even if the subsequent stages fail.

Currently me_cleaner works on every Intel platform with Intel ME or
Intel TXE with the following limitations:
 * Doesn't work when Intel Boot Guard is set in Verified Boot mode.
 * Doesn't fully work on Nehalem yet.
 * On Skylake and later generations, since the partitions' internal
    structure has changed, me_cleaner leaves intact the FTPR
    partition, removing all the the other partitions.

This tool has been tested on multiple platforms and architectures by
different users, and seems to be stable. The reports are available
here:
https://github.com/corna/me_cleaner/issues/3

A more in-depth description of me_cleaner is available here:
https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F

Change-Id: I9013799e9adea0dea0775b9afe718de5fc4ca748
Signed-off-by: Nicola Corna <nicola@corna.info>
Reviewed-on: https://review.coreboot.org/18203
Tested-by: build bot (Jenkins)
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-01-25 18:19:58 +01:00
Patrick Georgi b46c4ecaba cbfs-compression-tool: catch compression failures
If compression failed, just store the uncompressed data, which is what
cbfstool does as well.

Change-Id: I67f51982b332d6ec1bea7c9ba179024fc5344743
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18201
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-24 09:35:49 +01:00
Dan Elkouby e8ad3c7b95 util/intelmetool: Try to activate the ME before scanning PCIe for it
When the ME is hidden (most likely because it was disabled), it cannot
be found until activate_me() is called.

Change-Id: Ie1f65f61eb131577d7254af582e2709660f4da27
Signed-off-by: Dan Elkouby <streetwalrus@codewalr.us>
Reviewed-on: https://review.coreboot.org/18149
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-20 17:22:54 +01:00
Nico Huber 607796a4ff cbfstool: Don't use le32toh(), it's non-standard
It's a BSD function, also, we missed to include `endian.h`.

Just including `endian.h` doesn't fix the problem for everyone.
Instead of digging deeper, just use our own endian-conversion from
`commonlib`.

Change-Id: Ia781b2258cafb0bcbe8408752a133cd28a888786
Reported-by: Werner Zeh <werner.zeh@siemens.com>
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/18157
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2017-01-18 17:43:20 +01:00
Patrick Georgi 6f27edd377 util/scripts: extend cross-repo-cherrypick
The script now automatically discovers the original branch (if known)
and configures itself appropriately.
Additionally, commit messages for changes coming _from_ upstream will
be prefixed with "UPSTREAM: ".
With the optional --cros argument, it also adds a BUG/BRANCH/TEST block
at the right place in the commit message (right above the metadata) if
one doesn't already exist.

Change-Id: I81864ddca62fd99a9eb905d7075e5b53f58c4eb5
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18135
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-17 18:01:10 +01:00
Patrick Georgi ecaa570b60 util/cbfstool: Enable adding precompressed files to cbfs
cbfstool ... add ... -c precompression assumes the input file to be
created by cbfs-compression-tool's compress command and uses that to add
the file with correct metadata.

When adding the locale_*.bin files to Chrome OS images, this provides a
nice speedup (since we can parallelize the precompression and avoid
compressing everything twice) while creating a bit-identical file.

Change-Id: Iadd106672c505909528b55e2cd43c914b95b6c6d
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18102
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-01-13 13:50:46 +01:00
Patrick Georgi c88d16baaf util/cbfstool: Add cbfs-compression-tool
cbfs-compression-tool provides a way to benchmark the compression
algorithms as used by cbfstool (and coreboot) and allows to
pre-compress data for later consumption by cbfstool (once it supports
the format).

For an impression, the benchmark's results on my machine:

measuring 'none'
compressing 10485760 bytes to 10485760 took 0 seconds
measuring 'LZMA'
compressing 10485760 bytes to 1736 took 2 seconds
measuring 'LZ4'
compressing 10485760 bytes to 41880 took 0 seconds

And a possible use for external compression, parallel and non-parallel
(60MB in 53 files compressed to 650KB on a machine with 40 threads):

$ time (ls -1 *.* |xargs -n 1 -P $(nproc) -I '{}' cbfs-compression-tool compress '{}' out/'{}' LZMA)

real	0m0.786s
user	0m11.440s
sys	0m0.044s

$ time (ls -1 *.* |xargs -n 1 -P 1 -I '{}' cbfs-compression-tool compress '{}' out/'{}' LZMA)

real	0m10.444s
user	0m10.280s
sys	0m0.064s

Change-Id: I40be087e85d09a895b1ed277270350ab65a4d6d4
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18099
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-12 21:40:25 +01:00
Patrick Georgi 8474e7d7e8 util/cbfstool: compile with -O2 by default
This speeds up the lzma encoder approximately four-fold.

Change-Id: Ibf896098799693ddd0f8a6c74bda2e518ecea869
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18098
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2017-01-12 21:40:00 +01:00
Patrick Georgi df1ff231e4 buildgcc: try curl if wget is not present
There are systems that come with curl but not wget (eg macOS) and they
now have to install one less additional dependency.

Also fix some cosmetic issues in console output and require valid
certificates on https downloads.

Change-Id: Idc2ce892fbb6629aebfe1ae2a95dcef4d5d93aca
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18048
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-01-10 14:43:49 +01:00
Martin Roth 047c2f44b0 util/abuild: Print list of failed boards at the end of the abuild
When running abuild outside of jenkins, because all of the builds are
printed intermixed, it's easy to miss when a board has failed the build
by looking at the output.  This saves a list of failed builds and prints
the list at the end of the run.

- Add a command line option to mark when abuild is being called
recursively.
- Add all failed builds to a list.
- Print the list when a non-recursive abuild run exits.

Change-Id: Icb40ed8083a57bbcde49297d2b0814f98dcbb6c8
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/17890
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-01-09 18:26:38 +01:00
Sebastian 'Swift Geek' Grzywna e6bd18f6b5 util/autoport: Fix gfx dump of log_maker
Variable name of inteltoolArgs was fixed.

The way of passing arguments to inteltool was changed from "-a -f"
to "-af" which is better as the string seems to be parsed
as a single argument.

Change-Id: I0c48fb1e912261748ba9e2b91c291bac28b9e856
Signed-off-by: Sebastian 'Swift Geek' Grzywna <swiftgeek@gmail.com>
Reviewed-on: https://review.coreboot.org/18050
Reviewed-by: Stefan Tauner <stefan.tauner@gmx.at>
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-01-09 18:17:45 +01:00
Martin Roth 23ceb7d240 util/lint: Add check for the signed-off-by line
Gerrit will let you push a patch without a signed-off-by line,
although I believe it can't actually be merged.  Instead of catching
it either manually, or when the patch is attempting to be merged,
catch this in the jenkins builder.

Change-Id: I80161befa157266dd4e3209839a06ff398aab6bb
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/17941
Tested-by: build bot (Jenkins)
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2017-01-09 18:14:10 +01:00
Patrick Georgi 766c3fec2d util/romcc: avoid shifting more than the variable's width
That's undefined behavior in C

Change-Id: I671ed8abf02e57a7cc993d1a85354e905f51717d
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1229557
Reviewed-on: https://review.coreboot.org/18014
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-06 18:40:04 +01:00
Martin Roth ab8f7d315e util/crossgcc: update jenkins-build-toolchain
This allows the make jenkins-build-toolchain to use the
BUILDGCC_OPTIONS variable.  Previously, the options were hardcoded.

Change-Id: I5f4c1d3fc8c714ec3640356ae3c86ae157f486d2
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/17766
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-01-04 22:18:55 +01:00
Nico Huber 2c1c02ea6a buildgcc: Remove quotes around a $CC call
If we use ccache we have to interpret spaces in $CC as separation
characters. The downside is that we can't support spaces in the
compiler's path. But, well...

Change-Id: I4e6e6324389354669a755f570083a40ff00b1bbf
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/18018
Reviewed-by: Martin Roth <martinroth@google.com>
Tested-by: build bot (Jenkins)
2017-01-04 22:18:24 +01:00
Manoj Gupta cf84619dd6 util/cbfstool: Fix to build with latest llvm
cbfs-payload-linux.c:255:43: note: add parentheses around left
hand side expression to silence this warning

if ((hdr->protocol_version >= 0x200) && (!hdr->loadflags & 1)) {

[pg: also fix the semantics. Thanks Nico for catching this]

BUG=chromium:665657
TEST=coreboot-utils builds

Change-Id: I025c784330885cce8ae43c44f9d938394af30ed5
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 35c4935f2a89c3d3b45213372bcf0474a60eda43
Original-Change-Id: I8758e7d158ca32e87107797f2a33b9d9a0e4676f
Original-Reviewed-on: https://chromium-review.googlesource.com/411335
Original-Commit-Ready: Manoj Gupta <manojgupta@chromium.org>
Original-Tested-by: Manoj Gupta <manojgupta@chromium.org>
Original-Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-on: https://review.coreboot.org/17568
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
2017-01-04 21:37:39 +01:00
Patrick Georgi 37935573bf util/romcc: remove dead assignments
Change-Id: Iab6fe065faeacfca3b41eb5bae1075dcfb1a2b05
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: scan-build (clang 3.8)
Reviewed-on: https://review.coreboot.org/18021
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-03 22:18:39 +01:00