Variable length arrays are dangerous, so let's make sure they don't
sneak back into coreboot or any of the payloads.
Change-Id: Idf2488cf0efab51c9569a3789ae953368b61880c
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33846
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
We need to ensure uma_memory_size and uma_memory_base stay within a
32-bit address range. Both of these variables are 64 bits wide, so it is
simplest to use 64 bit math when doing the bit shifts and then check if
they are in range after.
Change-Id: Idd180f31e8cff797a6499b12bc685daa993aae05
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1229665, 1229666
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32291
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
coreboot would clear CMOS by request via IPMI command, for example
BMC can issue "bios-util server --boot_order enable --clear_CMOS"
to set the request and reboot the system, then coreboot would clear CMOS
on the next boot.
Tested on Mono Lake
Change-Id: I21d44557896680cfac3c3b6d83e07b755b242cad
Signed-off-by: Johnny Lin <johnny_lin@wiwynn.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34857
Reviewed-by: Johnny Lin
Reviewed-by: Andrey Petrov <andrey.petrov@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Cometlake FSP allows provison to configure SD controller WP pin, As
some of board design might choose not to use the SD WP pin from SD
card controller. This implementation adds a config that allows to
enable/disable SD controller WP pin configuration from FSP.
BUG=b:123907904
Change-Id: Ic1736a2ec4b9370d23a8e3349603eb363e6f59b9
Signed-off-by: Aamir Bohra <aamir.bohra@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34900
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Paul Fagerburg <pfagerburg@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
C strict aliasing rules state that it is undefined behaviour to access
any pointer using another pointer of a different type (with several small
exceptions). Eg.
uint64_t x = 3;
uint16_t y = *((uint16_t *)&x); // undefined behaviour
From an architectural point of view there is often nothing wrong with
pointer aliasing - the problem is that since it is undefined behaviour,
the compiler will often use this as a cop-out to perform unintended or
unsafe optimizations. The "safe" way to perfom the above assignment is
to cast the pointers to a uint8_t * first (which is allowed to alias
anything), and then work on a byte level:
*((uint8_t *)&y) = *((uint8_t *)&x);
*((uint8_t *)&y + 1) = *((uint8_t *)&x + 1);
Horribly ugly, but there you go. Anyway, in an attempt to follow these
strict aliasing rules, the ReadMEM() function in SB800 does the above
operation when reading a uint16_t. While perfectly fine, however, it
doesn't have to - all calls to ReadMEM() that read a uint16_t are passed
a uint16_t pointer, so there are no strict aliasing violations to worry
about (the WriteMEM() function is exactly similar). The problem is that
using this unnecessary workaround generates almost 50 false positive
warnings in Coverity. Rather than manually ignore them one-by-one, let's
just remove the workaround entirely. As a side note, this change makes
ReadMEM() and WriteMEM() now match their definitions in the SB900 code.
Change-Id: Ia7e3a1eff88b855a05b33c7dafba16ed23784e43
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34783
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Port_List is an array of 8 elements, and GCC 9 is warning that there
are no 'others' when all 8 elements are explicitly initialized, which is
causing the build to fail. Remove the 'others => Disabled' clause to
silence this.
Change-Id: Id082e7a76641438f3fb4c4d976dbd254a7053473
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34918
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
add_ivrs_device_entries() is a recursive function, and each recursive
call is passed a pointer to a root_level variable declared outside the
function. In an attempt to make the function self-contained, the initial
call is made with the root_level pointer set to NULL, and then the
function attempts to detect this and allocate a root_level variable for
the rest of the calls. This makes memory management very tricky - for
example, the pi code incorrectly attempts to free the root_level
variable at the end of *each* recursive call, which only avoids being a
double-free because free() in coreboot is currently a no-op. Let's
keep life simple and declare root_level as a local variable outside the
first function call instead.
Change-Id: Ifd63ee368fb89345b9b42ccb86cebcca64f32ac8
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1362811
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34387
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This brings in 4 new commits from the upstream repository.
65a6d94 Free image buffer on read error
9de64c7 Fix various abort(), crashes, and memory errors
7c9db58 Bump to version 1.8
3b3c3cc Use C99 uintXX_t instead of implementation-specific u_intXX_t types
Change-Id: If949309a7481537de6529c205fe745d5509906a9
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34409
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Doing this allows to call console_init() earlier in romstage.
This also fixes IO UART in bootblock, although it appears there
is currently no board that was affected.
Change-Id: Iec363a8c651cc1b05b24229db09d686938118f3a
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34969
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Variable length arrays were a feature added in C99 that allows the
length of an array to be determined at runtime. Eg.
int sum(size_t n) {
int arr[n];
...
}
This adds a small amount of runtime overhead, but is also very
dangerous, since it allows use of an unlimited amount of stack memory,
potentially leading to stack overflow. This is only worsened in
coreboot, which often has very little stack space to begin with. Citing
concerns like this, all instances of VLA's were recently removed from the
Linux kernel. In the immortal words of Linus Torvalds [0],
AND USING VLA'S IS ACTIVELY STUPID! It generates much more code, and
much _slower_ code (and more fragile code), than just using a fixed
key size would have done. [...] Anyway, some of these are definitely
easy to just fix, and using VLA's is actively bad not just for
security worries, but simply because VLA's are a really horribly bad
idea in general in the kernel.
This patch follows suit and zaps all VLA's in coreboot. Some of the
existing VLA's are accidental ones, and all but one can be replaced with
small fixed-size buffers. The single tricky exception is in the SPI
controller interface, which will require a rewrite of old drivers
to remove [1].
[0] https://lkml.org/lkml/2018/3/7/621
[1] https://ticket.coreboot.org/issues/217
Change-Id: I7d9d1ddadbf1cee5f695165bbe3f0effb7bd32b9
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33821
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
This variable is overwritten on one branch of the next if statement, and
the other branch returns, so this assignment does nothing.
Change-Id: I63737929d47c882bbcf637182bc8bf73c19daa9f
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: scan-build 8.0.0
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34644
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Print an error message and die if the PCI device cannot be found.
Change-Id: I10c58502658ebf12d1a8fe826ee7d47a618fd1c8
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1403000
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34353
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
DqByteMapCh0 and DqByteMapCh1 are declared adjacently in the
FSP_M_CONFIG struct, so it is tempting to begin memcpy at the address of
the first array and overwrite both of them at once. However, FSP_M_CONFIG
is not declared with the packed attribute, so this is not guaranteed to
work and is undefined behaviour to boot. It is cleaner and less tricky
to copy them independently. The same is true for DqsMapCpu2DramCh0 and
DqsMapCpu2DramCh1, so we change those as well.
Change-Id: Ic6bb2bd5773af24329575926dbc70e0211f29051
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 136538{8,9}, 140134{1,4}
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33135
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
DqByteMapCh0 and DqByteMapCh1 are declared adjacently in the
FSP_M_CONFIG struct, so it is tempting to begin memcpy at the address of
the first array and overwrite both of them at once. However, FSP_M_CONFIG
is not declared with the packed attribute, so this is not guaranteed to
work and is undefined behaviour to boot. It is cleaner and less tricky
to copy them independently. The same is true for DqsMapCpu2DramCh0 and
DqsMapCpu2DramCh1, so we change those as well.
Change-Id: If394f14c4a39d6787ae31868241229646c26be7a
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1365730, 14013{38,39,40,42,43}
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33066
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
It probably doesn't make sense to continue if the CK804 isn't found, and
doing so would perform uninitialized reads of the busn and io_base
arrays anyway, so let's return early.
Change-Id: I13c663314496caf51a57da7f27f9ea24e3d7fcbd
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1370586
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34573
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
For files built in ramstage and smm -classes, testing
for !__PRE_RAM__ is redundant.
All chip_operations are exluded with use of DEVTREE_EARLY
in static devicetree, so garbage collection will take care
of the !__SMM__ cases.
Change-Id: Id7219848d6f5c41c4a9724a72204fa5ef9458e43
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34940
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Some files under src/ec are built for both ramstage
and SMM. This change provides declarations of the
required struct to have __SMM__ guards removed from
those files.
Change-Id: Ic0c01a11f29381153f19378d5bc4559db8126e00
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34943
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
In addition to zero IccMax specified by mainboard with socketed CPU, allow
a zero LoadLine default.
The SoC code will fill in the default AC/DC LoadLine values are per
datasheets:
* "7th Generation Intel® Processor Families for H Platforms, Vol 1"
Document Number: 335190-003
* "7th Generation Intel® Processor Families for S Platforms and
Intel ®Core™ X-Series Processor Family, Vol 1"
Document Number: 335195-003
The AC/DC LoadLine is CPU and board specific.
TODO: Find out how to get the LoadLine from vendor firmware and find out
how to map those to different CPU LoadLines.
Change-Id: I849845ced094697e8700470b4af95ad0afb98e3e
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34938
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Maxim Polyakov <max.senia.poliak@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Datasheets used:
* "7th Generation Intel® Processor Families for H Platforms, Vol 1"
Document Number: 335190-003
* "7th Generation Intel® Processor Families for S Platforms and
Intel ®Core™ X-Series Processor Family, Vol 1"
Document Number: 335195-003
This allows mainboards to specify a zero IccMax, which all mainboards with
socketed CPU should do.
Change-Id: I303c5dc8ed03e9a98a834a2acfb400022dfc2fde
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34937
Reviewed-by: Maxim Polyakov <max.senia.poliak@gmail.com>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use a switch case to find the correct VR config.
The following commit will add more entries for which a lookup table
isn't the best solution.
Change-Id: Ib11c3d6e1eb339a0c7358c312a32731d835e7c73
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34936
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Maxim Polyakov <max.senia.poliak@gmail.com>
Get rid of defines and hardcode values directly.
Just a cosmetic cleanup to make it more readable.
Change-Id: I3eec44b38af356c3d87235740c65e2c2f6fc5876
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34935
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Maxim Polyakov <max.senia.poliak@gmail.com>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Level trigger is recommended setting for touchscreen interrupt of
kohaku, so we would change it as the recommedation.
BUG=b:139179200
BRANCH=none
TEST=Verified touchscreen works on kohaku
Change-Id: Ibbcdbe3ab555d014048f66ff527e539c5b566187
Signed-off-by: Seunghwan Kim <sh_.kim@samsung.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34898
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
region_is_subregion() checks whether the size of the inner region is
larger than the size of the outer region... which isn't really necessary
because we're already checking the starts and ends of both regions.
Maybe this was added to ensure the inner region doesn't overflow? But
it's not guaranteed to catch that in all cases. Replace it with a proper
overflow check.
Change-Id: I9e442053584a479a323c1fa1c0591934ff83eb10
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34892
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
When entry to romstage is via cpu/intel/car/romstage.c
BIST has not been passed down the path for sometime.
Change-Id: I345975c53014902269cee21fc393331d33a84dce
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34908
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
The original name DCACHE_BSP_STACK_SIZE will be exclusively
used to define the fixed size of BSP stack when it is located
near the beginning of CAR region. This implementation has the
stack located at the very end of CAR region.
Remove other fam10-15 exclusive configs from global space.
Change-Id: I8b92891be2ed62944a9eddde39ed20a12f4875c0
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34880
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
This is needed for the AST2500 to work, because it uses 4E/4F.
Change-Id: Ie47474e9bf1edfe98555a148469c41283e9a4ea6
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34862
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
This change ports some previous work for Skylake:
cb58683ef5 soc/intel/skylake: Add support for mode-aware DPTF
...to common DPTF code so that we can support mode-aware DPTF for other
Intel platforms.
BUG=b:138702459
BRANCH=none
TEST=Manually test on hatch:
(1)Add DPTF_TSR0_TABLET_PASSIVE and DPTF_TSR1_TABLET_PASSIVE
to hatch baseboard dptf.asl
(2)Flash custom EC FW code which updates DPTF profile number when
entering/exiting tablet mode
(3)On DUT, see /sys/class/thermal/thermal_zone2/trip_point_{1,2}_temp
updated when device mode is switched (tablet/clamshell)
Signed-off-by: Philip Chen <philipchen@google.com>
Change-Id: I5e7b97d23b8567c96a7d60f7a434e98dd9c69544
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34785
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Paul Fagerburg <pfagerburg@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This is based on the hatch variant
BUG=b:138879565
TEST=FW_NAME="akemi" emerge-hatch coreboot depthcharge intel-cmlfsp
chromeos-bootimage look for image-akemi.*.bin generated under the
/build/hatch/firmware/
Change-Id: I1a868839e2c598f8052d37c99713bc58b21e887c
Signed-off-by: Peichao Wang <peichao.wang@bitland.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33824
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Use a name consistent with the more recent soc/intel.
Change-Id: I4d67a7c3107758c81a67e1668875767beccfcdb0
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34879
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Jacob Garber