Add parameters to support adding the location and size of
the PSP NVRAM area to the PSP directory table.
Verified this change on PCO based Bilby platform.
Change-Id: I1664893db6f6dcdc588aeaf9448c2d81390af5fa
Signed-off-by: Ritul Guru <ritul.bits@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67137
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The help text and label for legacy_8254_timer is inverted, so update
this so that it is correct.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I866a15886d1cfd2b77094742787dee7a36a54e85
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65348
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add RPM spec to allow building RPMs, for both coreboot-configurator
and nvramtool, for Fedora.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I80a77d0f2246409c06e22abb229d63c4611a9fb5
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65346
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Change the control file to allow either libyaml-cpp0.6 or
libyaml-cpp0.7.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I754d3e2018ab78fcb657d313c8662313738b190a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65345
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
This patch introduces new target: junit.xml-unit-tests, which builds and
runs unit-tests. It also creates build log containing build logs. This
feature allows for one to see build failures in Jenkins dashboard.
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I94184379dcc2ac10f1a47f4a9d205cacbeb640fe
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67372
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Test build for QEMU x86 i440fx/piix4.
Change-Id: I3144a83fcbd92eec51d70e9be33ff2fcb2821731
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67416
Reviewed-by: Patrick Georgi <patrick@coreboot.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The lbtable contains the memory entries that have fields unnaturally
aligned in memory. Therefore, we need to perform an aligned_memcpy() to
fix the issues with platforms that don't allow unaligned accesses.
BUG=b:246887035
TEST=cbmem -l; cbmem -r ${CBMEM ID}
Change-Id: Id94e3d65118083a081fc060a6938836f6176ab54
Signed-off-by: Yidi Lin <yidilin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67672
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
gcc12+ will require riscv architecture selection to come not only with
featurei suffixd charactersa, it also comes with feature_ful suffix_ed
words_mith. Much creative, very appreciate.
To accommodate for this madness, enable the already existing (but off by
default) support for that in our gcc11 build, support using by detecting
the compiler's behavior in xcompile and pass that knowledge along to our
build system.
Then cross our fingers and hope for the best!
Change-Id: I5dfeed766626e78d4f8378d9d857b7a4d61510fd
Signed-off-by: Patrick Georgi <patrick@coreboot.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67457
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Currently we only have runtime mechanisms to assign device operations to
a node in our devicetree (with one exception: the root device). The most
common method is to map PCI IDs to the device operations with a `struct
pci_driver`. Another accustomed way is to let a chip driver assign them.
For very common drivers, e.g. those in soc/intel/common/blocks/, the PCI
ID lists grew very large and are incredibly error-prone. Often, IDs are
missing and sometimes IDs are added almost mechanically without checking
the code for compatibility. Maintaining these lists in a central place
also reduces flexibility.
Now, for onboard devices it is actually unnecessary to assign the device
operations at runtime. We already know exactly what operations should be
assigned. And since we are using chipset devicetrees, we have a perfect
place to put that information.
This patch adds a simple mechanism to `sconfig`. It allows us to speci-
fy operations per device, e.g.
device pci 00.0 alias system_agent on
ops system_agent_ops
end
The operations are given as a C identifier. In this example, we simply
assume that a global `struct device_operations system_agent_ops` exists.
Change-Id: I2833d2f2450fde3206c33393f58b86fd4280b566
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66483
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
parse_microcode_blob() returns success when it reaches max_fit_entries
microcode. It makes the FIT table size verification in
fit_add_microcode_file() useless. This patch makes
parse_microcode_blob() error out if max_fit_entries is reached.
Note that this size verification is critical as a FIT table only
partially listing the microcode patches can lead to boot failures as
recently observed on Raptor Lake-P.
BRANCH=firmware-brya-14505.B
BUG=b:245380705
TEST=compilation errors out when trying to stitch more than
CONFIG_CPU_INTEL_NUM_FIT_ENTRIES microcode patches.
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Change-Id: Id9c5fb6c1e264f3f5137d29201b9021c72d78fde
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67454
Reviewed-by: Selma Bensaid <selma.bensaid@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Zhixing Ma <zhixing.ma@intel.com>
As of commit 2cf52d80a6 ("mb/*/{device,override}tree: Set touchpads to
use detect (vs probed) flag") all touchpads in the tree have been
switched from using the 'probed' flag to 'detect.' Add a lint check to
ensure no touchpads are added with the probed flag.
TEST=manually change one touchpad to use 'probed' flag and ensure lint
check catches it.
Change-Id: Ie0aee2e3778fc56c6c21c97995738a147a1fa0d4
Signed-off-by: Matt DeVillier <matt.devillier@amd.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67486
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Looks like somewhere after the original implementation it was renamed to
--enable-multilib without the s.
'enable-multilibs' is not a valid option for binutils.
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Change-Id: I105cc9fa489aed24905dedb785c70bc69ed18970
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65608
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Felix Singer <felixsinger@posteo.net>
Add go.mod containing the full name of the project according to the
docs [1]: review.coreboot.org/coreboot.git/util/intelp2m, and also,
based on this, rename the internal packages to point to the absolute
path. This will allow Go Managing Dependencies System to integrate
packages from intelp2m to third-party Go written on the Go language [1].
This also requires fixing the Golang compiler version in go.mod: use
go1.18 [2], the latest up-to-date version.
[1] https://web.archive.org/web/20220910100342/https://go.dev/doc/modules/managing-dependencies
[2] https://web.archive.org/web/20220910100206/https://tip.golang.org/doc/go1.18
[ TEST ]
1) Import the coreboot project into some go project:
$cd path/to/go-project
$go get review.coreboot.org/coreboot.git
go: downloading review.coreboot.org/coreboot.git v0.0.0-20220903004133
-39914a50ae16
go: added review.coreboot.org/coreboot.git v0.0.0-20220903004133
-39914a50ae16
Thus, 'go get' correctly downloaded the contents of the repository.
2) Import intelp2m:
$cd path/to/go-project
$go get review.coreboot.org/coreboot.git/util/intelp2m
review.coreboot.org/coreboot.git/util/intelp2m imports
./config: "./config" is relative, but relative import paths are
not supported in module mode
review.coreboot.org/coreboot.git/util/intelp2m imports
./parser: "./parser" is relative, but relative import paths are
not supported in module mode
Thus, the problem is in the package names, but after this patch, the
import should be without errors.
3) Import a repository with an incorrect url:
$cd path/to/go-project
$go get review.coreboot.org/coreboot/test
go: unrecognized import path "review.coreboot.org/coreboot/test":
reading https://review.coreboot.org/coreboot/test?go-get=1:
404 Not Found
This has not happened in previous cases.
Change-Id: I12efae31227129b8c884af10fb233f398c4094e7
Signed-off-by: Maxim Polyakov <max.senia.poliak@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64724
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
Some microcode patches are padded with zeros, which make
parse_microcode_blob() read beyond the end of the buffer.
BRANCH=firmware-brya-14505.B
BUG=b:245380705
TEST=No segmentation fault with a padded microcode patch
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Change-Id: Id9c5fb6c1e264f3f5137d29201b9021c72d78fdd
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67460
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Cliff Huang <cliff.huang@intel.com>
Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
To test the linters, we want to invert the results so that any test that
passes shows up as a failure. This will allow us to verify that all of
the linters are working correctly.
This will be tested nightly as well as on changes to the lint tools.
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: Ia8024c6ab0c91fd9f630f37dc802ed3bc6b4608c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67193
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
This updates the SPD utility and generated SPDs for LP5X to use memory
type code 0x15 (LPDDR5X) instead of 0x13 (LPDDR5). This is done based on
Intel Tech Advisory Doc ID #616599 dated May 2022, page 15.
SPDs were regenerated with:
"util/spd_tools/bin/spd_gen spd/lp5/memory_parts.json lp5"
This only affects the SPDs for 2 memory parts for Intel SoCs and the
only board referencing these is rex.
BUG=b:242765117
TEST=inspected SPD hex dump
Change-Id: Iadb4688f1cb4265dab1dc7c242f0c301d5498b83
Signed-off-by: Caveh Jalali <caveh@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67265
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Reka Norman <rekanorman@chromium.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
This reduce the difference with linux v6.0-rc3.
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Change-Id: I15e1a935665c38b8a2109d412b1d16f935cbb402
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67337
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Add a test to make sure that the linter fails correctly.
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I971951d4248dd10abe4c622025fdaf86e014c6cc
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67351
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
The rules.h & compiler.h includes were removed in previous commits, so
add the checks to keep them out to the linter.
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: If4964ff26f5e83abbbdd26c2b1cd9a2eab5a0a0d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67350
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
git submodules should be ignored when parsing the coreboot tree for
lint errors. Those should be handled in their own commit checks.
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I62b58f0c536312fe4677855bca8f44bc7d3ebc85
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67327
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
index I/O argument to getopt_long is not the index to argv. Instead it
is an index into the optlong array corresponding to the parsed option.
Also getopt() uses a global variable optind to track the index of the
next argument to be processed. Use the optindex variable as an index to
extract the filename from argv.
BUG=None
TEST=Build and use amdfwread to read the Soft-fuse bits from Guybrush
BIOS image. Observed no changes before and after the changes.
Change-Id: I33c74a0c8e12c5af76954524cf7294b7541d286b
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66553
Reviewed-by: Robert Zieba <robertzieba@google.com>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This adds source file dependencies to utilities so that they are rebuilt
when the source is changed. Previously, binaries were only built if they
did not already exist and never rebuilt to reflect source file changes.
BUG=none
TEST=verified binaries are rebuilt when source files are touched.
Change-Id: I4775fe0e00e0f5d4f8b4b47331d836aba53c0e69
Signed-off-by: Caveh Jalali <caveh@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67266
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Robert Zieba <robertzieba@google.com>
Reviewed-by: Reka Norman <rekanorman@chromium.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
The lint script just did very basic argument parsing and required the
sub-command and --junit argument to be in specific locations. I'm
adding additional commands, so the first step is to add true command
line parsing.
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I7118c29e6c5d785b35a7ae12cf5984c43ebc3ab9
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67191
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
CL:3825558 changes all vb2_digest and vb2_hash functions to take a new
hwcrypto_allowed argument, to potentially let them try to call the
vb2ex_hwcrypto API for hash calculation. This change will open hardware
crypto acceleration up to all hash calculations in coreboot (most
notably CBFS verification). As part of this change, the
vb2_digest_buffer() function has been removed, so replace existing
instances in coreboot with the newer vb2_hash_calculate() API.
Due to the circular dependency of these changes with vboot, this patch
also needs to update the vboot submodule:
Updating from commit id 18cb85b5:
2load_kernel.c: Expose load kernel as vb2_api
to commit id b827ddb9:
tests: Ensure auxfw sync runs after EC sync
This brings in 15 new commits.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
flashrom uses cmocka for unit testing. Install it so that the CI can
use it.
Change-Id: I5c168e480d6f4cbfbbd175ecb035c88bfcbac00b
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67272
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch adds support for MDN platform to the spd_tools.
This change replaces SBR with MDN.
BUG=b:243337816
TEST=Able to generate SPD for LP5 DRAM part.
Signed-off-by: EricKY Cheng <ericky_cheng@compal.corp-partner.google.com>
Change-Id: If099af36de8a64e96fbfde32eaf15990f4b330c8
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67105
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jon Murphy <jpmurphy@google.com>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Amanda Hwang <amanda_hwang@compal.corp-partner.google.com>
Building futility with OpenSSL 3.0 (default in latest Debian sid)
results in a number of warnings that various declarations have been
deprecated. Since we (and futility) have warnings as errors enabled,
this causes the building of futility to fail, killing the entire
coreboot build.
To work around this until futility is updated, turn off the warnings
about deprecated declarations.
Bug 243994708 has been filed to get futility updated. This workaround
can be removed when futility builds cleanly with the latest libsssl-dev.
BUG=b:243994708
TEST=Futility build doesn't fail with libssl-dev > 3.0
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I54e27e09b0d50530709864672afe35c59c76f06e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67124
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <felixsinger@posteo.net>
Reviewed-by: Tom Hiller <thrilleratplay@gmail.com>
For some reason GNAT 11 is not able to build GNAT 12, since there are
some Ada errors during the compilation. However, it works with GNAT 12.
So use GNAT 12 for the host toolchain instead.
Change-Id: If00a05a0c8564e624809268a12fae28261e380a2
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66924
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
The qemu package doesn't exist anymore or it was renamed. Instead of
installing QEMU for all available architectures, install only the
packages which ship architectures that are supported by coreboot.
* qemu-system-arm
* qemu-system-misc (for RISC-V)
* qemu-system-ppc
* qemu-system-x86
Change-Id: Ifc46a8c9fcb1ab3c38dc8cbbc906882e93a719d7
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66923
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tom Hiller <thrilleratplay@gmail.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Doxygen was removed at the project level. Remove the doxygen Debian
package and make target.
Change-Id: Ib82ba7890e7f53357eeca318b5f844164747aecd
Signed-off-by: Tom Hiller <thrilleratplay@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67039
Reviewed-by: Felix Singer <felixsinger@posteo.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
changes to reserve space for AMD_BIOS_SIG when
BIOS image is signed with RTMSignature.
Change-Id: Ia832fe83a3e29279c029fefc934c3ef4d335e2ea
Signed-off-by: Ritul Guru <ritul.bits@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66259
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
This commit adds support for LP5X SPDs. The SPD format is identical to
LP5 except that the memory type is set to 0x15 instead of 0x13. Since
they are essentially the same, LP5/5X parts share the same parts JSON
file and SPD directory. LP5X parts are distinguished by the optional
`lp5x` attribute. This commit also updates two existing LP5X memory
parts with the correct attribute.
BUG=b:242765117
TEST=Generated SPDs, verified that SPDs generated from LP5X parts match
their LP5 counterparts except for memory type byte.
Signed-off-by: Robert Zieba <robertzieba@google.com>
Change-Id: I67df22bc3fd8ea45fe4dad16b8579351eb4d0d8b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66839
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Reviewed-by: Caveh Jalali <caveh@chromium.org>
Commit 6dac0c54cd makes the linter checking for license headers on all
files from the src directory. Since this TAGS file doesn't have one,
it's causing a linter error and it makes the QA system complain.
However, the TAGS file doesn't need a license header and thus add it to
the exception list.
Usually the build tests detect such issues, but commit 1d7a9debf2,
which introduced that file, was merged independently from the other
commit, which modifies the linter. Also, the patch that is introducing
this file was based on an older commit at which the patch modifying the
linter wasn't merged yet and so this issue was hidden.
Change-Id: I78da3fa70c39b709478a384da8769fc058ca18ce
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66938
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
coreboot doesn't support the MIPS architecture anymore. So remove the
MIPS patch.
Change-Id: I62a2bca141b42ac33b628c48c84422570f4dda10
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66921
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Firmware is typically delivered as one large binary image that gets
flashed. Since this final image consists of binaries and data from
a vast number of different people and companies, it's hard to
determine what all the small parts included in it are. The goal of
the software bill of materials (SBOM) is to take a firmware image
and make it easy to find out what it consists of and where those
pieces came from. Basically, this answers the question, who supplied
the code that's running on my system right now? For example, buyers
of a system can use an SBOM to perform an automated vulnerability
check or license analysis, both of which can be used to evaluate
risk in a product. Furthermore, one can quickly check to see if the
firmware is subject to a new vulnerability included in one of the
software parts (with the specified version) of the firmware.
Further reference:
https://web.archive.org/web/20220310104905/https://blogs.gnome.org/hughsie/2022/03/10/firmware-software-bill-of-materials/
- Add Makefile.inc to generate and build coswid tags
- Add templates for most payloads, coreboot, intel-microcode,
amd-microcode. intel FSP-S/M/T, EC, BIOS_ACM, SINIT_ACM,
intel ME and compiler (gcc,clang,other)
- Add Kconfig entries to optionally supply a path to CoSWID tags
instead of using the default CoSWID tags
- Add CBFS entry called SBOM to each build via Makefile.inc
- Add goswid utility tool to generate SBOM data
Signed-off-by: Maximilian Brune <maximilian.brune@9elements.com>
Change-Id: Icb7481d4903f95d200eddbfed7728fbec51819d0
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63639
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
This wasn't done previously because not all files in the
src directory had the correct headers. Doing this earlier
would have broken the build.
Signed-off-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
Change-Id: Ia6d7a7a17116e4c8e55354783085355fd45ff87a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66505
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
This is the version of genrelnotes that was used to help with the
4.16 release.
- Fix shellcheck issues.
- Send messages for the user to STDERR.
- Add recent platforms
- Handle symbolic links to the git repo.
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I2204793a5d1cc5792d0720d2bbfb172bb6020dd4
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62440
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <patrick@coreboot.org>
Reviewed-by: Jason Glenesk <jason.glenesk@gmail.com>
coreboot uses TianoCore interchangeably with EDK II, and whilst the
meaning is generally clear, it's not the payload it uses. EDK II is
commonly written as edk2.
coreboot builds edk2 directly from the edk2 repository. Whilst it
can build some components from edk2-platforms, the target is still
edk2.
[1] tianocore.org - "Welcome to TianoCore, the community supporting"
[2] tianocore.org - "EDK II is a modern, feature-rich, cross-platform
firmware development environment for the UEFI and UEFI Platform
Initialization (PI) specifications."
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I4de125d92ae38ff8dfd0c4c06806c2d2921945ab
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65820
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Consolidate MAX_BIOS_ENTRIES and MAX_PSP_ENTRIES definitions into one
file
Signed-off-by: Altamshali Hirani <al.hirani@amd.corp-partner.google.com>
Change-Id: Ie3c64a1875010e7fb368967283df6baf1cc7ba8d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62911
Reviewed-by: ritul guru <ritul.bits@gmail.com>
Reviewed-by: Bao Zheng <fishbaozi@gmail.com>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>