If CPU 0's stack grows to large, it will overflow into CPU 1's stack.
If CPU 0 is handling the interrupt then CPU 1 should be in an idle loop.
When the stack overflow occurs it will override the return pointer for
CPU 1, so when CPU 0 unlocks the SMI lock, CPU 1 will attempt to return
to a random address.
This method is not foolproof. If code allocates some stack variables
that overlap with the canary, and if the variables are never set, then
the canary will not be overwritten, but it will have been skipped. We
could mitigate this by adding a larger canary value if we wanted.
I chose to use the stack bottom pointer value as the canary value
because:
* It will change per CPU stack.
* Doesn't require hard coding a value that must be shared between the
.S and .c.
* Passing the expected canary value as a parameter felt like overkill.
We can explore adding other methods of signaling that a stack overflow
had occurred in a follow up. I limited die() to debug only because
otherwise it would be very hard to track down.
TEST=built on grunt with a small and large stack size. Then verified
that one causes a stack overflow and the other does not.
Stack overflow message:
canary 0x0 != 0xcdeafc00
SMM Handler caused a stack overflow
Change-Id: I0184de7e3bfb84e0f74e1fa6a307633541f55612
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://review.coreboot.org/27229
Reviewed-by: Martin Roth <martinroth@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
%edx gets clobbered before the c handler is invoked. This is just a
cleanup cl to make the next cl look clean.
BUG=b:80539294
TEST=verified SMI still works on grunt.
Change-Id: I21bf41ed4fdeaaa8737c883f202a39cb57c2b517
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://review.coreboot.org/27228
Reviewed-by: Martin Roth <martinroth@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
When generating a backtrace we need an indicator when we have hit the
beginning of the stack. The i386 ABI states that %ebp points to the next
stack frame. NULL can be used to indicate the end of the stack.
We could add a NULL return pointer at %ebp+4, but I decided to omit it
since a NULL stack pointer can be used as an indicator that there is no
return pointer.
BUG=b:80539294
TEST=built and tested on grunt
Change-Id: I8a48114d31a5c716335d264fa4fe4da41dc5bf11
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://review.coreboot.org/27226
Reviewed-by: Martin Roth <martinroth@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This reduces the cognitive overhead of referencing locals via esp since
it changes with every push.
BUG=b:80539294
TEST=built and booted on grunt.
Change-Id: Ib7eb98ce3483d4fc803696c1b2496d8384317536
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://review.coreboot.org/27225
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
This makes it easier to spot unused RAM.
BUG=b:80539294
TEST=built and tested on grunt. Verified unused memory was set to 0xcdcdcdcd
Change-Id: I335eaf642bd8526f31819eaac95ce80c2df3c300
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://review.coreboot.org/27227
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
An unidentified combination of speculative reads and branch
predictions inside WRPROT-cacheable memory can cause invalidation of
cachelines and loss of stack on models based on NetBurst
microarchitecture.
Therefore disable WRPROT region entirely for all family F models.
As an extreme example, just changing the location of a constant string
passed to printk() has been witnessed to make a the boot fail early on
in romstage.
Change-Id: I1df84ad55e2d8d6d4e8dca10125131b5f525f0d7
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/27133
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
For cases with POSTCAR_STAGE=y this reference pulled
in the implementation of run_ramstage() which we would
not call.
Using _program results with the same region being marked
as WRPROT-cacheble.
Change-Id: Ie1eaf6f5bb8baa13e946112c4fc3d854dbf750a3
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/27232
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Keith Hui <buurin@gmail.com>
In the end it does not look like RCBA register offsets are fully
compatible over southbridges.
This reverts commit d2d2aef6a3.
Is squashed with revert of "sb/intel/common: Fix conflicting OIC
register definition" 8aaa00401b.
Change-Id: Icbf4db8590e60573c8c11385835e0231cf8d63e6
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/27038
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
This moves CAR stack under variable MTRRs and removes
old CAR code that used complex fixed MTRRs and placed
stack in low memory.
Change-Id: I75ec842ae3b6771cc3f7ff652adbe386c03b9a5f
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Signed-off-by: Keith Hui <buurin@gmail.com>
Reviewed-on: https://review.coreboot.org/26586
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
These CAR init files are no longer used.
The _ht variant will be used as basis for P3 CAR
using with variable MTRRs so we only move file.
Change-Id: Iace8762c11e2f282df1850f7be170c841d4881f4
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/27084
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Stoneyridge is running into a stack overflow in the SMM handler.
BUG=b:80539294
TEST=built on grunt
Change-Id: I94e385497bd93c3638c69fb08d9b843c3bbb55ce
Signed-off-by: Raul E Rangel <rrangel@chromium.org>
Reviewed-on: https://review.coreboot.org/27034
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
No need to provide an option to try disable this.
Also remove explicit ´select RELOCATABLE_MODULES'
lines from platform Kconfigs.
Change-Id: I5fb169f90331ce37b4113378405323ec856d6fee
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/26815
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Remove the last bits of building romstage with romcc.
Change-Id: I70bb1ed23a5aeb87bf7641e0b0bd604a4e622e61
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/26807
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Prepare a common cache as ram for CPU's featuring a Non eviction mode
MSR.
Change-Id: I7fa3853498856050855b3b97546f4d31f66d12f7
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/26789
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This changes the following:
- compute amount variable MTRR's during runtime
- Wait for all CPU's to be in Wait for SIPI state after sending init
INIT IPI to all AP's
- compute the PHYSMASK high during runtime and preload it to the
MTRR_PHYS_MASK msr's
Change-Id: I8d8672f8b577c2e7cef6e80978c4464a771f430c
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/26784
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Split of the model_6ex cache as ram to support POSTCAR_STAGE, which is
also needed for future C_ENVIRONMENT_BOOTBLOCK.
When using POSTCAR_STAGE the p4-netburst/exit_car.S is using since it
is identical.
Change-Id: Ibe9f065fdf1d702b73333ea7bb32daca15ba1293
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/26783
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Name the CPU device structure as per processor brand string.
Before logs use to look like:
APIC: 01 (unknown)
Now logs looks like(depending on CPU on which it is tested):
APIC: 01 (Intel(R) Core(TM) m3-7Y30 CPU @ 1.00GHz)
BUG=None
BRANCH=None
TEST= Build & boot Soraka.
Change-Id: I6af0e29bbbdb59406baeae32f7874ff9036a9c81
Signed-off-by: Naresh G Solanki <naresh.solanki@intel.com>
Reviewed-on: https://review.coreboot.org/26740
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The file cache_as_ram_ht.inc is used across a variety
of CPUs and northbridges. We need to split it anyway
for future C_ENVIRONMENT_BOOTBLOCK and verstage work.
Split and rename the files, remove code that is globally
implemented in POSTCAR_STAGE framework already.
Change-Id: I2ba67772328fce3d5d1ae34c36aea8dcdcc56b87
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/26747
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
With implementation of LATE_CBMEM_INIT, top-of-low-memory
TOLM was adjusted late in ramstage. We do not allow that with
EARLY_CBMEM_INIT so the previous maximum of 1024 MiB of MMIO
space is now used with statically set TOLM.
Also remove support code for the obsolete LATE_CBMEM_INIT
this northbridge used.
Change-Id: Ib3094903d7614d2212fbe1870248962fbc92e412
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/26585
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
This patch ensures that user can select a specific AP to run
a function.
BUG=b:74436746
BRANCH=none
TEST=Able to run functions over APs with argument.
Change-Id: Iff2f34900ce2a96ef6ff0779b651f25ebfc739ad
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/26034
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch ensures that user can pass a function with given argument
list to execute over APs.
BUG=b:74436746
BRANCH=none
TEST=Able to run functions over APs with argument.
Change-Id: I668b36752f6b21cb99cd1416c385d53e96117213
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/25725
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
In order to extend the MP callback infrastructure prepare for
easier changes by making the AP callback get signalled by a
single pointer to a local variable on the signaller's stack.
When the APs see the callback they will copy the structure
to a local variable and then set the acknowledgement by
clearing out the slot.
The reading and writing to the slots were implemented using inline
assembly which forces a memory access and a compiler barrier.
BUG=b:74436746
Change-Id: Ia46133a49c03ce3ce0e73ae3d30547316c7ec43c
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/26043
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use of device_t has been abandoned in ramstage.
Change-Id: I6cb8f36dea4a22fdf05c57bb3e3dcaeb2da8020f
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/26066
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Now that __aligned is around, take advantage of it.
Change-Id: I93cdbe108d752088f34d3f5722dce5d9b90bcdc3
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/26022
Reviewed-by: Justin TerAvest <teravest@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
barrier_wait_timeout() was not used anywhere in the code. The
remaining two functions, barrier_wait() and release_barrier(), are
not used anywhere but the mp code.
Change-Id: If09991f95306becc68b6008ae6448695fb4a2dca
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/26021
Reviewed-by: Justin TerAvest <teravest@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Raul E Rangel