Update the security document to reflect the current state of the
coreboot implementation.
Add more detail and document the change to the public vboot API.
BUG=N/A
TEST=build
Change-Id: I228d0faae0efde70039680a981fea9a436d2384f
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38591
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The Intel docs also call it "Scalable Bus Speed", so the typo is on us.
Found by: util/lint/checkpatch.pl --types TYPO_SPELLING --fix-inplace
--strict --terse -f util/msrtool/*.c
Change-Id: I84bdba687060e695d29420b9dd8eeb5f4ec44610
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38634
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
commit 1191c09201b43aab55333a70d056d0c355abe329 at
https://salsa.debian.org/agx/lintian/tree/master/data/spelling provides
a much more comprehensive collection of misspellings, so merge it in.
While at it, also sort the file for future easier merging which is the
main reason that some lines appear to be removed: they're merely moved.
For sorting, I adapted their make rule:
make -f - sort-spelling.txt <<'EOF'
.RECIPEPREFIX=%
sort-%: %
%csplit --prefix $<- $< '/^$$/'
%LC_ALL=en_US sort -u $<-01 | cat $<-00 - > $<
%rm -f $<-0[01]
EOF
Change-Id: I939e3a8820c88d0e639bd29b46a86b72bce1a098
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38632
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The authors from the header of the files are added in a previous commit.
Change-Id: Iafeaafb9689c65bd2f5de3960097ec0d4c1009e7
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38544
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Turns out when going into S0ix we want the kernel to toggle de-assert to 0 for
the ISOLATE# pin on the NIC for S0ix not to be woken by PCIe traffic on PCH.
Upon resume the ISOLATE# pin on the NIC is then re-asserted for it to become
lively again.
BUG=b:147026979
BRANCH=none
TEST=Boot puff and do 1500 cycles of S0ix.
Change-Id: I3470e1edd93b461b66fc6444541a64339bcdcce3
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38523
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Turns out when going into S0ix we want the kernel to toggle de-assert to 0 for
the ISOLATE# pin on the NIC for S0ix not to be woken by PCIe traffic on PCH.
Upon resume the ISOLATE# pin on the NIC is then re-asserted for it to become
lively again.
V.2: Ensure reset_gpio && enable_gpio are optional.
BUG=b:147026979
BRANCH=none
TEST=Boot puff and do 100 cycles of S0ix.
Change-Id: I3ae8dc30f45f55eec23f45e7b5fbc67a4542f87d
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38494
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Allow for making both reset_gpio && enable_gpio as optional in
the params by fixing a potential NULL deref and defaulting to
zero values.
BUG=b:147026979
BRANCH=none
TEST=builds
Change-Id: I8053d7a080dfed898400c0994bcea492c826fe3d
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38522
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Update to reflect the beta status of the code.
BUG=N/A
TEST=build
Change-Id: I9d1c42d24578c9420569da7e294d5c723da3c772
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38607
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
This patch adds CMP-H LPC IDs.
TEST=Build an image and boot with discrete TPM chip.
Enable measured boot and kernel could get the measured
data from TPM chip.
Change-Id: I7eac8b0514f79b47a05973210e2472dd1dc3d0ed
Signed-off-by: Gaggery Tsai <gaggery.tsai@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38251
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The fwts method test reports errors on the methods implementing
processor throttling control. The T states are not supported in coreboot
at this moment.
Remove the methods required by processor throttling control. They can be
restored when the required support has been added to the SoC
implementation.
BUG=https://ticket.coreboot.org/issues/252
TEST=tested using fwts on facebook monolith.
Found-by: fwts 19.12.00
Change-Id: Ib50607f60cdb2ad03e613d18b40f56a4c4a4c714
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38132
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Add description of the procedure to create the flash components for this
system.
BUG=N/A
TEST=N/A
Change-Id: I2690dfbe715fa120f840d98c57fdc3fd7e8b45b1
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38588
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
TGL FSP does just pin mux for image clock pins by UPD and image clocks
are controlled by ACPI(camera_clock_ctl.asl) under tigerlake SOC folder.
Disable image clocks by UPD for bypassing FSP pin mux and do pin mux
in gpio.c according to board design.
BUG=none
BRANCH=none
TEST=Build and boot to OS
Signed-off-by: Wonkyu Kim <wonkyu.kim@intel.com>
Change-Id: I5aba5b2fb6deee231e3ec34c8dbc9972b01041f2
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38562
Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
pin mux for IMGCLKOUT_0 and IMGCLKOUT_1
BUG=none
BRANCH=none
TEST=Build and boot to OS and check pinctl driver to check pin mux for
Image clocks pins(GPP_D4, GPP_H20)
Signed-off-by: Wonkyu Kim <wonkyu.kim@intel.com>
Change-Id: Ifb0c2b17dd481ef6c19bdf9ee84f47ef08d7b9a1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38563
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
This makes diff between boards even smaller in some cases.
Change-Id: I42ecaf5de657275708ddaf2c926fe31fe16a7220
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38515
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
TGLRVP uses DdiPort1Hpd and DdiPort1Ddc. So only enable them.
BUG=none
BRANCH=none
TEST=Build and boot tigerlake rvp board and check FSP log or DP port pin mux
from pinctl driver.
Signed-off-by: Wonkyu Kim <wonkyu.kim@intel.com>
Change-Id: Ief6376ba59c77340e272923958b6b5f0a1456d9b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38529
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
With UART3 and 4 enabled, the serial console in LinuxBoot crashes. This
is a short-term solution until we found and fixed the original bug.
Change-Id: I75cb387ef12944232b51f6d8d41810bb27754b05
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38404
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michael Niewöhner
Add helper functions to get board's sku_id and fw_config. Enable
EC_GOOGLE_CHROMEEC_BOARDID to get board_id. Add board's SKU ID and
OEM name into SMBIOS table.
BUG=b:144768001
TEST=Build Test.
Change-Id: Id1729e245accf5acc29307a22721362fb1ce0878
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38551
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The names of each spi flash cause quite a bit of bloat in the text
size of each stage/program. Remove the name entirely from spi flash
in order to reduce overhead. In order to pack space as closely as
possible the previous 32-bit id and mask were split into 2 16-bit
ids and masks.
On Chrome OS build of Aleena there's a savings of >2.21KiB in each
of verstage, romstage, and ramstage.
Change-Id: Ie98f7e1c7d116c5d7b4bf78605f62fee89dee0a5
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38380
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This patch creates a new commonlib/bsd subdirectory with a similar
purpose to the existing commonlib, with the difference that all files
under this subdirectory shall be licensed under the BSD-3-Clause license
(or compatible permissive license). The goal is to allow more code to be
shared with libpayload in the future.
Initially, I'm going to move a few files there that have already been
BSD-licensed in the existing commonlib. I am also exracting most
contents of the often-needed <commonlib/helpers.h> as long as they have
either been written by me (and are hereby relicensed) or have an
existing equivalent in BSD-licensed libpayload code. I am also
relicensing <commonlib/compression.h> (written by me) and
<commonlib/compiler.h> (same stuff exists in libpayload).
Finally, I am extracting the cb_err error code definitions from
<types.h> into a new BSD-licensed header so that future commonlib/bsd
code can build upon a common set of error values. I am making the
assumption here that the enum constants and the half-sentence fragments
of documentation next to them by themselves do not meet the threshold of
copyrightability.
Change-Id: I316cea70930f131e8e93d4218542ddb5ae4b63a2
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38420
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Types from stdint.h are used in that header file without stdint.h being
included.
Change-Id: I71449dd26162dc8420c206285896ac9a8e4e04d4
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38580
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
The two defines are identical, so deduplicate this.
Timeless build for lenovo/x230 results in identical binary.
Change-Id: I32e0eee88d72eb6f8dc71b0324d62f46079120a9
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38579
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
The GLK bootblock seems(?) to be hard limited to 32KB and some Octopus
variants are so close to that that they only have 0.5KB left. This is
blocking development of new core features, so let's disable the
bootblock console to gain a couple of KB back (like we already did on
RK3288).
There are probably other opporunities for code size reduction here (e.g.
it seems that almost half(!) of that whole bootblock size is taken up by
devicetree.cb structures), but I'm not familiar enough with the platform
to dig into them.
Change-Id: I05b4ecf5abef7307e3d0a81db04a745ff3da0c42
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38521
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
All variants of ga-b75m-d3h lack ACPI definitions for legacy PCI
slots, which causes IRQ issue if it gets legacy PCI card installed.
The missing definitions (mainly Interrupt Routing Table) are added to
fix that.
NOTE: The added definitions are actually for ga-b75-d3v, but since
they form superset of definitions needed by ga-b75m-d3{h,v}, they can
be applied to all three existing variants with suitable preprocessor
instructions.
Change-Id: Id79c759a5fadb38c2873edc07293cbb14401ac9a
Signed-off-by: Bill XIE <persmule@hardenedlinux.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38557
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
BUG=b:148252157
BRANCH=none
TEST=Put a puff in s0ix, send a WoL magic packet.
Change-Id: I4a08a2f5505d00909c9301315fcf72f687141f91
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38553
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Add new mailbox command support. Set CPU ID and cores to EC.
EC will according to different CPU to set different power table.
BUG=b:148126144
Signed-off-by: Eric Lai <ericr_lai@compal.corp-partner.google.com>
Change-Id: I135d2421d2106934be996a1780786f6bb0bf6b34
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38526
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-by: Mathew King <mathewk@chromium.org>
The System76 Lemur Pro (lemp9) is an upcoming laptop computer. Support
in coreboot is developed by System76 and provided as the default
firmware option. Testing is done on a pre-production model expected to
be identical from a firmware perspective to the production model.
Working:
- Payload
- Tianocore
- CPU
- Intel i7-10510U
- Intel i5-10210U
- EC
- ITE IT5570E running https://github.com/system76/ec
- Backlit Keyboard, with standard PS/2 keycodes and SCI hotkeys
- Battery
- Charger, using AC adapter or USB-C PD
- Suspend/resume
- Touchpad
- GPU
- Intel UHD Graphics 620
- GOP driver is recommended, VBT is provided
- eDP 14-inch 1920x1080 LCD
- HDMI video
- USB-C DisplayPort video
- Memory
- Channel 0: 8-GB on-board DDR4 Samsung K4AAG165WA-BCTD
- Channel 1: 8-GB/16-GB/32-GB DDR4 SO-DIMM
- Networking
- M.2 PCIe/CNVi WiFi/Bluetooth
- Sound
- Realtek ALC293D
- Internal speaker
- Internal microphone
- Combined headphone/microphone 3.5-mm jack
- HDMI audio
- USB-C DisplayPort audio
- Storage
- M.2 PCIe/SATA SSD-1
- M.2 PCIe/SATA SSD-2
- RTS5227S MicroSD card reader
- USB
- 1280x720 CCD camera
- USB 3.1 Gen 2 Type-C (left)
- USB 3.1 Gen 2 Type-A (left)
- USB 3.1 Gen 1 Type-A (right)
Not working:
- TPM2 - SPI bus 0, chip select 2 is used. Chip selects other than 0
are not currently supported by the intel fast_spi driver.
Signed-off-by: Jeremy Soller <jeremy@system76.com>
Change-Id: Ib0a32bbc6f89a662085ab4a254676bc1fad7dc60
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38463
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Under some circumstances grep detects the input of a spd hex file
as binary resulting in an spd source not beeing added to the
resulting spd.bin. This appears to be especially the case with
heavily commented files.
This commit forces grep to read the input as text file.
Example SPD that would else be detected as binary (regardless
of stripped zero blocks).
```hex
\# TotalBytes: 512 ; BytesUsed: 384
23
\# SPD Revision 1.1
11
\# DDR Ramtype: LPDDR4X
11
\# Config Rest
0E 16 21 95 08 00 00 00 00 0A 22 00 00 49 00 04
0F 92 54 05 00 84 00 90 A8 90 C0 08 60 04 00 00
[...]
\# CRC Is: 0x1EB4 Calculated: 0x1EB4 Match!
1E B4
\# ModuleSpecificParameter
[...]
\# HybridMemoryParameter
[...]
\# ExtendedFunctionParameter
[...]
\# ManufactoringInformation
\## Module Manufactoring ID
00 00
\## Module Manufactoring Location and Date
00 00 00
\## Module Manufactoring Serial
00 00 00 00
\## Module Manufactoring Part Number: "K4UBE3D4AA-MGCL"
4B 34 55 42 45 33 44 34 41 41 2D 4D 47 43 4C 00
00 00 00 00
\## Module Manufactoring Revision Code
00
\## Module Manufactor: "Samsung" (0xCE80)
CE 80
\## Module Stepping
00
\## Module Manufactoring Data
[..]
\## Module Reserved
00 00
\# EndUserProgrammable
[...]
```
Thanks to Patrick Georgi for checking that this grep option
is widely available.
Change-Id: I7e5bad069531630b36dc3702c8c4bd94ba0946c1
Signed-off-by: Johanna Schander <coreboot@mimoja.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38426
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
According to the specification the register offset must be 0x71 instead
of 0x70.
Change-Id: Icf69ffc701a42a31a4545ce53c13e2c2554863e1
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38565
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>