This is done to ensure the CSE will not execute any pre-boot commands
after it receives this command. Verified EOP and error recovery sequence
from Intel doc#627331.
TEST=on brya, autotest firmware_CheckEOPState confirms ME is in
post-boot state
Change-Id: Iee8c29f81d5d04852ae3f16dc8a9ff0fa59f056a
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55596
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
This patch adds functionality to attempt to allow booting in a secure
configuration (albeit with potentially reduced functionality) when the
CSE EOP message fails in any way. These steps come from the CSME BWG
(13.5, 15.0, 16.), and tell the CSE to disable the MEI bus, which
disables further communication from the host. This is followed by
requesting the PMC to disable the MEI devices. If these steps are
successful, then the boot firmware can continue to boot to the
OS. Otherwise, die() is called, prefering not to boot over leaving the
insecure MEI bus available.
BUG=b:191362590
TEST=Set FSP UPD to disable sending EOP; called this function from a
BS_PAYLOAD_LOAD, ON_ENTRY entry; observed that with just
cse_mei_bus_disable() called, Linux can no longer communicate over MEI:
[ 16.198759] mei_me 0000:00:16.0: wait hw ready failed
[ 16.204488] mei_me 0000:00:16.0: hw_start failed ret = -62
[ 16.210804] mei_me 0000:00:16.0: H_RST is set = 0x80000031
[ 18.245909] mei_me 0000:00:16.0: wait hw ready failed
[ 18.251601] mei_me 0000:00:16.0: hw_start failed ret = -62
[ 18.257785] mei_me 0000:00:16.0: reset: reached maximal consecutive..
[ 18.267622] mei_me 0000:00:16.0: reset failed ret = -19
[ 18.273580] mei_me 0000:00:16.0: link layer initialization failed.
[ 18.280521] mei_me 0000:00:16.0: init hw failure.
[ 18.285880] mei_me 0000:00:16.0: initialization failed.
Calling both error recovery functions causes all of the slot 16 devices
to fail to enumerate in the OS
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Change-Id: I06abf36a9d9d8a5f2afba6002dd5695dd2107db1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55675
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Enable PCH GBE with following changes:
1. Configure PCH GBE related FSP UPD flags
2. Use EHL own GBE ACPI instead of common code version due to
different B:D.F from the usual GBE
3. Add kconfig PMC_EPOC to use the PMC XTAL read function
Due to EHL GBE comes with time sensitive networking (TSN)
capability integrated, EHL FSP is using 'PchTsn' instead of the
usual 'PchLan' naming convention across the board.
Signed-off-by: Lean Sheng Tan <lean.sheng.tan@intel.com>
Change-Id: I6b0108e892064e804693a34e360034ae7dbee68f
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55355
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
1. Remove 'PCH_EPOC_XTAL_FREQ(__epoc)' macro since it only be used
in 1 place.
2. Transform macro into more readable C code.
3. Add additional case check to make sure the returned value is
defined in the 'pch_pmc_xtal' enum.
Signed-off-by: Lean Sheng Tan <lean.sheng.tan@intel.com>
Change-Id: If57a99bf8e837a6eb8f225297399b1f5363cfa85
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55587
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Move PMC EPOC related code to intel/common/block because it is
generic for most Intel platforms and ADL, TGL & EHL use it.
Add a kconfig 'PMC_EPOC' to guard this common EPOC code.
The PMC EPOC register indicates which external crystal oscillator is
connected to the PCH. This frequency is important for determining the
IP clock of internal PCH devices.
Signed-off-by: Lean Sheng Tan <lean.sheng.tan@intel.com>
Change-Id: Ib5fd3c4a648964678ee40ed0f60ca10fe7953f56
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55565
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
To generalise the choice of 32-bit or 64-bit coreboot on x86 hardware,
have platforms select `ARCH_X86` directly instead of through per-stage
Kconfig options, effectively reversing the dependency order.
Change-Id: If15436817ba664398055e9efc6c7c656de3bf3e4
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55758
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
The IRQ for a single device may be required elsewhere, therefore provide
get_pci_devfn_irq.
BUG=b:130217151, b:171580862, b:176858827
Change-Id: Ibebd821767a2698c9e60b09eeeff3bb596359728
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55826
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The results of the PCI IRQ assignments are used in several places, so
it makes for a nicer API to cache the results and provide simpler
functions for the SoCs to call.
BUG=b:130217151, b:171580862, b:176858827
Change-Id: Id79eae3f2360cd64f66e7f53e1d78a23cfe5e9df
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55825
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Because the FSP interface for PCI IRQs only includes the PCH devices,
this function is the complement to that, taking the list of irq entries,
and programming the PCI_INTERRUPT_LINE registers.
BUG=b:130217151, b:171580862, b:176858827
TEST=boot brya with patch train, verify with `lspci -vvv` that for all
the north PCI devices, their IRQ was either the one programmed by this
function, or an MSI was used.
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Change-Id: I81cf7b25f115e41deb25767669b5466b5712b177
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55817
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add a new function to fill out the data structures necessary to generate
a _PRT table.
BUG=b:130217151, b:171580862, b:176858827
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Change-Id: I21a4835890ca03bff83ed0e8791441b3af54cb62
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51159
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The Intel FSP provides a default set of IO-APIC IRQs for PCI devices, if
the DevIntConfigPtr UPD is not filled in. However, the FSP has a list of
rules that the input IRQ table must conform to:
1) One entry per slot/function
2) Functions using PIRQs must use IOxAPIC IRQs 16-23
3) Single-function devices must use INTA
4) Each slot must have consistent INTx<->PIRQy mappings
5) Some functions have special interrupt pin requirements
6) PCI Express RPs must be assigned in a special way (FIXED_INT_PIN)
7) Some functions require a unique IRQ number
8) PCI functions must avoid sharing an IRQ with a GPIO pad which routes
its IRQ through IO-APIC.
Since the FSP has no visibility into the actual GPIOs used on the board
when GpioOverride is selected, IRQ conflicts can occur between PCI
devices and GPIOs. This patch gives SoC code the ability to generate a
table of PCI IRQs that will meet the BWG/FSP rules and also not conflict
with GPIO IRQs.
BUG=b:130217151, b:171580862, b:176858827
TEST=Boot with patch series on volteer, verify IO-APIC IRQs in
`/proc/interrupts` match what is expected. No `GSI INT` or
`could not derive routing` messages seen in `dmesg` output.
Verified TPM, touchpad, touchscreen IRQs all function as expected.
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Change-Id: I0c22a08ce589fa80d0bb1e637422304a3af2045c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/49408
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This makes structs that contain an `enum pirq` field that is
default-initialized have the value PIRQ_INVALID
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Change-Id: Idb4c7d79de13de0e4b187a42e8bdb27e25e61cc1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55281
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The `soc_read_pmc_base()` function returns an `uintptr_t`, which is then
casted to a pointer type for use with `read32()` and/or `write32()`. But
since commit b324df6a54 (arch/x86: Provide
readXp/writeXp helpers in arch/mmio.h), the `read32p()` and `write32p()`
functions live in `arch/mmio.h`. These functions use the `uintptr_t type
for the address parameter instead of a pointer type, and using them with
the `soc_read_pmc_base()` function allows dropping the casts to pointer.
Change-Id: Iaf16e6f23d139e6f79360d9a29576406b7b15b07
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55840
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
This is needed for ifdtool -p to detect CPX and SKX Lewisburg PCH as IFDv2.
Change-Id: I21df9f700aedf131a38a776e76722bf918e6af84
Signed-off-by: Johnny Lin <johnny_lin@wiwynn.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55746
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Select DISPLAY_FSP_VERSION_INFO_2 for Jasper Lake soc.
BUG=b:153038236
BRANCH=None
TEST=Verify JSLRVP build with all the patch in relation chain
and verify the version output prints no junk data observed.
couple of lines from logs are as below.
Display FSP Version Info HOB
Reference Code - CPU = 8.7.16.10
uCode Version = 0.0.0.1
Change-Id: If68b704c4304357b0046a510545fc213d7ed5887
Signed-off-by: Ronak Kanabar <ronak.kanabar@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/45907
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
It looks like the 'clear_car' code does not properly fill the required
cachelines so add code to fill cachelines explicitly.
Change-Id: Id5d77295f6d24f9d2bc23f39f8772fd172ac8910
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55791
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Christopher Meis <christopher.meis@9elements.com>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
The `xdci_can_enable()` function is called earlier to configure FSP-S
UPDs. If it returned false, then the xDCI device will be disabled and
the second `xdci_can_enable()` call will never be evaluated.
Change-Id: I4bd08e3194ffccc79c8feaf8f34b2bb4077f760a
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55789
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use the `is_devfn_enabled()` function for the sake of brevity.
Change-Id: Ic848767799e165200f26c2d5a58fbd3b72b9c240
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55786
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The CSE expects the boot firmware to send it an End-of-Post message
before loading the OS. This is a security feature, and is done to ensure
that the CSE will no longer perform certain sensitive commands that are
not intended to be exposed to the OS.
If processing the EOP message fails in any way on a ChromeOS build, (and
not already in recovery mode), recovery mode will be triggered,
otherwise the CSME BWG will be followed, which is in the following
commit.
BUG=b:191362590
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Change-Id: I6f667905f759cc2337daca4cc6e09694e68ab7e8
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55631
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Cstate C7 is not supported in ADL, replacing this unsupported state
with C6 in the s0ix cstate table.
BUG=None
TEST=Boot device to OS.
Print supported CStates and latencies.
Signed-off-by: Bernardo Perez Priego <bernardo.perez.priego@intel.com>
Change-Id: I471f71481d337e3fafa4acab7fe8a39677c8710c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55734
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Sukumar Ghorai <sukumar.ghorai@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Intel Apollolake does not support the bootguard MSRs 0x139 MSR_BC_PBEC
and 0x13A MSR_BOOT_GUARD_SACM_INFO.
Change-Id: Ief40028a1c85084e012a83db8080d478e407487b
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55784
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
This patch updates mainboard_memory_init_params() function argument from
FSPM_UPD to FSP_M_CONFIG. Ideally mainboard_memory_init_params()
function don't need to override anything other than FSP_M_CONFIG UPDs
hence passing config block alone rather passing entire FSP-M UPD
structure.
Change-Id: I238870478a1427918abf888d71ba9c9fa80d3427
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55785
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
This patch create separate helper functions to fill-in required
FSP-S UPDs as per IP initialization categories.
This would help to increase the code readability and in future
meaningful addition of FSP-S UPDs is possible rather adding UPDs randomly.
TEST=FSP-S UPD dump shows no change without and with this code change.
Change-Id: Iba51aebc74456449e24e51e2f309f14f951464a0
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55233
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use devfn_disable() for disabling a PCI device rather than
using `dev->enabled = 0`.
Also, use is_devfn_enabled() to get the device current state prior
updating the FSP-S UPD for XDCI.
TEST=FSP-S disabled XDCI when `xdci_can_enable` returns 0 and XDCI
is disabled at PCI enumeration `PCI: 00:14.1: enabled 0`.
Change-Id: I5e10e5d0b80986e1e73573a86a957985840fe0b3
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55727
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use devfn_disable() for disabling a PCI device rather than
using `dev->enabled = 0`.
Also, use is_devfn_enabled() to get the device current state prior
updating the FSP-S UPD for XDCI.
TEST=FSP-S disabled XDCI when `xdci_can_enable` returns 0 and XDCI
is disabled at PCI enumeration `PCI: 00:14.1: enabled 0`.
Change-Id: I64ab77bc49d93aca1da0126d849e69ff75b182a3
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55726
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use devfn_disable() for disabling a PCI device rather than
using `dev->enabled = 0`.
Also, use is_devfn_enabled() to get the device current state prior
updating the FSP-S UPD for XDCI.
TEST=FSP-S disabled XDCI when `xdci_can_enable` returns 0 and XDCI
is disabled at PCI enumeration `PCI: 00:14.1: enabled 0`.
Change-Id: I8ca0813e18da0f95eb9293b6d0bbdf933a1e7039
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55725
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Lean Sheng Tan <lean.sheng.tan@intel.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use devfn_disable() for disabling a PCI device rather than
using `dev->enabled = 0`.
Also, use is_devfn_enabled() to get the device current state prior
updating the FSP-S UPD for XDCI.
TEST=FSP-S disabled XDCI when `xdci_can_enable` returns 0 and XDCI
is disabled at PCI enumeration `PCI: 00:14.1: enabled 0`.
Change-Id: I568cd39792eba1bbace4901e96d708d80f73c60a
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55724
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use devfn_disable() for disabling a PCI device rather than
using `dev->enabled = 0`.
Also, use is_devfn_enabled() to get the device current state prior
updating the FSP-S UPD for XDCI.
TEST=FSP-S disabled XDCI when `xdci_can_enable` returns 0 and XDCI
is disabled at PCI enumeration `PCI: 00:14.1: enabled 0`.
Change-Id: I038e43deead70d598cf26f320dd9993f17591b88
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55723
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use devfn_disable() for disabling a PCI device rather than
using `dev->enabled = 0`.
Also, use is_devfn_enabled() to get the device current state prior
updating the FSP-S UPD for XDCI.
TEST=FSP-S disabled XDCI when `xdci_can_enable` returns 0 and XDCI
is disabled at PCI enumeration `PCI: 00:14.1: enabled 0`.
Change-Id: I0e400ded7ba268a5f289b0ac568598e0dad1899a
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55722
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
1. Replace all pcidev_path_on_root() and is_dev_enabled() functions
combination with is_devfn_enabled().
2. Remove unused local variable of device structure type
(struct device *).
3. Replace pcidev_path_on_root() and dev->enabled check with
is_devfn_enabled() call.
4. Leave SATA, eMMC controller FSP UPDs at default state if
controller is not enabled and FSP UPDs are set to disable.
TEST=Able to build and boot without any regression seen on ICLRVP.
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Change-Id: Id6861af3b5d1ce4f44b6d2109301bd4f5857f324
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55721
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Commit 54b03569c moved a call to cse_trigger_recovery () around, and
commit 09635f418 renamed the function, but was tested before the first
commit was submitted, thus breaking the tree. Fix it.
Change-Id: If21ea0c1ebf9ce85c59ee25ec7f879abde2e3259
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55766
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This function could be applicable in situations other than just for the
CSE Lite SKU, therefore move this from cse_lite.c to cse.c
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Change-Id: Ibc541f2e30ef06856da10f1f1219930dff493afa
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55673
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
One of the reason FSP-T support had to be kept in place was for
Intel Bootguard. This now works with native CAR code, so there is no
reason to keep FSP-T as an option for these platforms.
APL did not even build with FSP_CAR and finding FSP-T using walkcbfs
was only recently fixed using FMAP, so there can be no doubt that this
option was never used with coreboot master.
Change-Id: I0d5844b5a6fd291a13e5f467f4fc682b17eafa63
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55518
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Bootguard sets up CAR/NEM on its own so the only thing needed is to
find free MTRRs for our own CAR region and clear that area to fill in
cache lines.
TESTED on prodrive/hermes with bootguard enabled.
Change-Id: Ifac5267f8f4b820a61519fb4a497e2ce7075cc40
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36682
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Add a macro to clear CAR which is replicated 3 times in this code.
TEST: with BUILD_TIMELESS=1 the resulting binary is identical.
Change-Id: Iec28e3f393c4fe222bfb0d5358f815691ec199ae
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37191
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
This adds a macro to find an available MTRR(s) to set up CAR.
This added complexity is not required on bootpaths without bootguard
but with bootguard MTRR's have already been set up by the ACM so
we need to figure out at runtime which ones are available.
Change-Id: I7d5442c75464cfb2b3611c63a472c8ee521c014d
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37190
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
The patch moves CSE Lite RW status check out of CSE RW update logic as
the RW sanity check has to be done irrespective of CSE RW update logic
is enabled or not. If coreboot detects CSE Lite RW status is not good,
the coreboot triggers recovery.
TEST=Verified boot on Brya
Signed-off-by: Sridahr Siricilla <sridhar.siricilla@intel.com>
Change-Id: I582b6cf24f8894c80ab461ca21f7c6e8caa738bc
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55619
Reviewed-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use devfn_disable() for disabling a PCI device rather than
using `dev->enabled = 0`.
Also, use is_devfn_enabled() to get the device current state prior
updating the FSP-S UPD for XDCI.
TEST=FSP-S disabled XDCI when `xdci_can_enable` returns 0 and XDCI
is disabled at PCI enumeration `PCI: 00:15.1: enabled 0`.
Change-Id: I449beae59d2f578c027d8110c03fa79f516c3fe9
Signed-off-by: Subrata Banik <subrata.banik@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55666
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
