Mitigate issues presented in "Digging Into The Core of Boot" found by
"Yuriy Bulygin" and "Oleksandr Bazhaniuk" at RECON-MTL-2017.
Validate user-provided pointers using the newly-added functions.
This protects SMM from ring0 attacks.
Change-Id: I8a347ccdd20816924bf1bceb3b24bf7b22309312
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41086
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Not selecting `ME_MBP_CLEAR_LATE` results in a build failure. Since both
traditional and ULT platforms are known to be working, drop the option.
Change-Id: I09ce27f812966800e36f6c0624c93759089faf45
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44547
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
The wake source macro for GPE events was using 'GPIO'. However,
current usage is really all GPEs. Therefore, provide clarity
in the naming in order to allow for proper GPIO wake events
that are separate from the ACPI GPE block.
BUG=b:159947207
Change-Id: I27d0ab439c58b1658ed39158eddb1213c24d328f
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44527
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
This reduces the differences between both ME source code files.
Tested with BUILD_TIMELESS=1, Asus P8Z77-V LX2 does not change.
Change-Id: I08e07ca2691bb854682692476153a98967bf05da
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44340
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michael Niewöhner
Also remove the meaningless `sata_traffic_monitor` devicetree option.
Function parameters will be removed in a reproducible follow-up.
Change-Id: I70cf1e06cc8ace504a22be9f9c4441e3070f9e29
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44336
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
There's no mobile ICH10 variant. This was copied from i82801ix.
Change-Id: I141da407e336f6fbbf84d0e2cee55b0c12931c7b
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44335
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Michael Niewöhner
Tested with BUILD_TIMELESS=1, Roda RK9 does not change.
Change-Id: I9445fac7db0a96b6a28ccf307f5ccedc1f94b8ab
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44334
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Taken directly from i82801jx code.
Tested with BUILD_TIMELESS=1, Roda RK9 does not change.
Change-Id: I0a5dc274e0058144e6e7f734c848b6b5962cba85
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44333
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested with BUILD_TIMELESS=1, Roda RK9 does not change.
Change-Id: I17903dfe7b18a9244d0c102768dd153941f125a2
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44331
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Michael Niewöhner
Tested with BUILD_TIMELESS=1, Roda RK9 does not change.
Change-Id: Icbb6cb45155991f9d4b3bcff37e1e9d99483acdc
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44330
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
These were probably copy-pasted from some ICHx southbridge, and then
some were corrected because native PCH init uses them. Delete the
definitions which are unused and are invalid for this southbridge.
Change-Id: I0be72f76c7fcc63316ae8566891e0732456a8c55
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44329
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
These were probably copy-pasted from some ICHx southbridge. However,
datasheet shows that some of these are located elsewhere, and some
others have disappeared completely. As they aren't in use, drop them.
Change-Id: I2d09547bdbfd5f8f72ce3541347d9fec28630c79
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44328
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Michael Niewöhner
Some cases could not be factored out while keeping reproducibility.
Also mark some potential bugs with a FIXME comment, since fixing them
while also keeping the binary unchanged is pretty much impossible.
Tested with BUILD_TIMELESS=1, Asrock B85M Pro4 does not change.
Change-Id: I27d6aaa59e12a337f80a6d3387cc9c8ae5949384
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42154
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
PCIe RPC (Root Port Configuration) straps will force-disable some root
port functions if some root ports have a width greater than x1. In two
cases, this affects the last function. The PCIe init code will never
finish configuring the root ports if that is the case: it assumes that
the last function will eventually run through the code, but it doesn't.
If PCIe initialization does not complete, pressing the power button will
not power off the board, unless it is held for about five seconds. Also,
Windows 10 will show a BSOD about MACHINE CHECK EXCEPTION, and lock up
instead of rebooting. Depending on the microcode version, the BSOD may
not be visible. This happens even when the root port is not populated.
Use the strap fuse configuration value to know which configuration the
PCH is strapped to. If needed, update the number of ports accordingly.
In addition, print the updated value to ease debugging PCIe init code.
Existing code in coreboot disagrees with public documentation about the
root port width straps. Assume existing code is correct and document
these assumptions in a table, as an explanation for the added code.
Tested on Asrock B85M Pro4, PCIe initialization completes successfully.
Change-Id: Id6da3a1f45467f00002a5ed41df8650f4a74eeba
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44155
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This code is not even being build-tested. Drop it before it grows moss.
Also drop a now-unnecessary #undef directive from one mainboard.
Change-Id: I613e77723d108641f16ec732358849c3bc0e49e0
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43220
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Michael Niewöhner
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This code has been commented out for a long time. Drop it.
Change-Id: Iddc635dc5bbc7a8b42e97f4e2f6d579a839d874b
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43264
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
While we are at it, also reflow a few lines that fit in 96 characters.
Tested with BUILD_TIMELESS=1, Getac P470 does not change.
Change-Id: I2cc3e71723e9b6898e6ec29f0f38b1b3b7446f09
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42191
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
I would like to make assertions evaluate at compile time where possible,
but sometimes people used a literal assert(0) to force an assertion in a
certain code path. We already have BUG() for that so let's just replace
those instances with that.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I674e5f8ec7f5fe8b92b1c7c95d9f9202d422ce32
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44047
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Jenkins complains about `const char *` and says it should instead be
changed to `const char *const`. So, change it so that Jenkins is happy.
Tested with BUILD_TIMELESS=1, Asrock B85M Pro4 does not change.
Change-Id: Iecd5fecdefdc2effd0114706648747460d0a4a72
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42630
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Looks like no one really knows what this bit would be useful for, nor
when it would need to be set. Especially if coreboot is setting it even
on PCI *Express* bridges. Digging through git history, nearly all
instances of setting it on PCIe bridges comes from i82801gx, for which
no reason was given as to why this would be needed. The other instances
in Intel code seem to have been, unsurprisingly, copy-pasted.
Drop all uses of this definition and rename it to avoid confusion. The
negation in the name could trick people into setting this bit again.
Tested on Asrock B85M Pro4, no visible difference.
Change-Id: Ifaff29561769c111fb7897e95dbea842faec5df4
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43775
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
All boards disable PIRQs. They aren't used on modern OSes anyway.
Change-Id: I1351fd4a3910e8cf2e9afe51dc2e82c7464de403
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43863
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
The outb() call is replaced with the post_code()
The post_codes.h is replaced with console.h since console.h
includes both the post_code definition and post_codes.h
Change-Id: I21345260e86de30614c416e2f509bd77b9e00cb7
Signed-off-by: Sindhoor Tilak <sindhoor@sin9yt.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43596
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
We have definitions for the bits in the PCI COMMAND register. Use them.
Also add spaces around bitwise operators, to comply with the code style.
Change-Id: Icc9c06597b340fc63fa583dd935e42e61ad9fbe5
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43839
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
These will be put to use in a follow-up.
Change-Id: Id13dde5ce2239064b9b18de7ca516525158ae268
Signed-off-by: Keith Hui <buurin@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41638
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Remove EIO define. It is unused and means something else,
elsewhere in the tree.
Move PMIOSE bit definition next to PMREGMISC, where it actually
belongs.
Correct a number of bit defines with glaring errors.
Clarify in comments which PM register defines are in PCI config
space are which are in I/O space.
Change-Id: Ic7f2267d013403c0a519c2ee1786bd3c7f5a9708
Signed-off-by: Keith Hui <buurin@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41637
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Both files are identical, so we only need one copy in the tree.
Change-Id: I07d7429caca7f6211a186b770c3608f642d4f269
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43159
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
