Disabling SSL verification is far from optimal, but depending on the
circumstances may be the most practical way, so describe how to do
that instead of leaving users confused.
It's also not _that_ bad because git's hashing scheme should uncover
most attempts to tamper with code, either when checking signed tags
or when people push (and see lots of modified commits).
State the command in a way that isn't conductive to careless
copy & paste.
Change-Id: Idbd52ba5d6e8b0f0e891fca16e4159ccef10771a
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37599
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
It's not selected anywhere anymore. Drop it and set the default for
RELOCATABLE_RAMSTAGE directly.
Change-Id: I580e89525ece39418afeefd6a9d0b89b370ca95f
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37577
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: ron minnich <rminnich@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
These boards currently have no build-testing, so they degrade
fast. Apply some of the build-tested changes we know to be
good from pcengines/apu2 to get them a bit closer to using
POSTCAR_STAGE=y.
Change-Id: Ibc9a15ed5e91c6dd857f2dd02e37d0979dd6ae90
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37373
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
The bayou payload is not attached to the build system in any way, and
has not been for quite a while. Since selecting it in Kconfig does
nothing, remove this payload now that coreboot 4.10 has been released.
Change-Id: Icfb18b88e460a4e4b538b7efe907d4eef6c40638
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34565
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: ron minnich <rminnich@gmail.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
It is an ATX board similar to existing ga-b75* boards. The major
difference is the configuration of pci-e ports on PCH, and on-board
pci-e NIC. (see below)
Tested:
- CPU i5 3570T
- Slotted DIMM 8GiB*4 from Kingston
- usb2 and usb3
- pci and pci-e ports
- sata
- Sound
- S3
- AR8161 NIC connected to 1c.2 with mac address burnt in efuse
- libgfxinit-based graphic init
- NVRAM options for North and South bridges
- tpm 1.2 on lpc (similar to ga-b75m-d3h)
- Linux 4.19.67-2 within Debian GNU/Linux stable, loaded from
SeaBIOS.
Change-Id: I1a969880e4da02abf8ba73aac60ee1296fe0abf2
Signed-off-by: Bill XIE <persmule@hardenedlinux.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36992
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
This commit is adding a dependency check for the FSP_USE_REPO
config option which so far was not able to deal with IceLake
systems.
Change-Id: I29faa8d3acff5680b611951fc193d33f514dc0d3
Signed-off-by: Johanna Schander <coreboot@mimoja.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37561
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The name for the CoffeeLake FSP.fd was changed to Fsp.fd.
Therefore the CoffeLake / WhiskeyLake default path was
changed.
Change-Id: I0f51e378fcaacb25392d8940a342fc968c730157
Signed-off-by: Johanna Schander <coreboot@mimoja.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37564
Reviewed-by: Felix Singer <felixsinger@posteo.net>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit creates a foob variant for Octopus. The initial settings
override the baseboard was copied from variant phaser.
BUG=b:144890301
BRANCH=octopus
TEST=emerge-octopus coreboot
Signed-off-by: Peichao Wang <peichao.wang@bitland.corp-partner.google.com>
Change-Id: Ibcdda4dd0846612f5e98ab454db7144c1caf0507
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37456
Reviewed-by: Henry Sun <henrysun@google.com>
Reviewed-by: Marco Chen <marcochen@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
We are already in documentation so it should be obvious that other
links point to other documentation.
Change-Id: I7a021a09bdb88418ec85dbf433465f26445057d0
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37241
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Some return codes were missed when implementing this initially; the vboot
logic can require the system to command the EC to reboot to its RO, switch
RW slots or it can require a poweroff of the SoC. This patch appropriately
handles these return codes.
BUG=b:145768046
BRANCH=firmware-hatch-12672.B
TEST=ODM verified this patch fixes the issues seen.
Change-Id: I2748cf626d49c255cb0274cb336b072dcdf8cded
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37562
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Change the hex values in the VR configuration tables of the Intel Kaby
Lake RVP boards to the same style that is used in the other mainboards.
Also, correct some numbers in the comment tables that did not match the register values.
The values in the tables haven't changed.
BUG=N/A
TEST=build
Change-Id: I77af544d7d88143e19abedb12a13627779c705c6
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37550
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Set the SMBIOS system type to detachable for nocturne and
soraka variants, to allow the OS to correctly process events.
Change-Id: Ie0ee5ea6666542c0bca2c264b2ed2e6135b78658
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37540
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Because the function is implemented in C, post_code() calls
from cache_as_ram.S and other early assembly entry files may
not currently work for cold boots. Assembly implementation
needs to follow one day.
This effectively removes PORT80 routing from boards with
ROMCC_BOOTBLOCK.
Change-Id: I71aa94b33bd6f65e243724810472a440e98e0750
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37451
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Prepare for an implementation supporting the reset vector in RAM and
not the traditional 0xfffffff0. Add a Kconfig symbol that can be used
in place of hardcoded values.
Change-Id: I6a814f7179ee4251aeeccb2555221616e944e03d
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37485
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The board is booting Linux and has been briefly tested.
SeaBIOS, TianoCore payload and Linux as payload all seem to work fine.
BUG=N/A
TEST=tested on Facebook Monolith
Change-Id: I65a2e03334af65cfb3f825d43fa0daa6e6c75913
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37516
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Add support for the FSP feature to display the logo.
BUG=N/A
TEST=tested on facebook monolith
Change-Id: Iaaffd2be567861371bbe908c1ef9d7dde483a945
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37515
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
On embedded boards the cpu mounted on the board is known. So it is not
required to include microcode for all possible Sky Lake and Kaby Lake
cpus. This patch provides the possibility to only support the versions
required.
By default all microcode updates will be included and the versions not
required can be removed using Kconfig.
BUG=N/A
TEST=build
Change-Id: Iaa36c2846b2279a2eb2b61e6c97d6c89d0736f55
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37514
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
The code in cpu/x86/lapic/apic_timer.c for timer_monotonic_get()
is not SMP safe as LAPIC timers do not run as synchronised as TSCs.
The times reported for console for boot_states does not accumulate
from APs now. Also remove console time tracking from ENV_SMM.
Change-Id: I1ea2c1e7172f8ab3692b42dee3f669c5942d864a
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37398
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
TEST=Set MAX_CPUS=2 and run qemu with -smp 2
Signed-off-by: Philipp Hug <philipp@hug.cx>
Change-Id: I94fb25fad103e3cb5db676eb4caead11d54ae0ae
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35246
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Xiang Wang <merle@hardenedlinux.org>
gcc seems to have some stupid problem with deciding when to inline byte
swapping functions (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92716).
Using the compiler builtin instead seems to solve the problem.
(This doesn't yet solve the issue for the read_be32()-family of
functions, which we should maybe just get rid of at some point?)
Change-Id: Ia2a6d8ea98987266ccc32ffaa0a7f78965fca1cd
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37343
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
factory_initialize_tpm() calls secdata_xxx_create() (for both firmware
and kernel space) and then immediately writes those spaces out to the
TPM. The create() functions make vboot think it just changed the secdata
(because it reinitialized the byte arrays in the context), so we also
need to clear the VB2_CONTEXT_SECDATA_xxx_CHANGED flags again, otherwise
vboot thinks it still needs to flush the spaces out to the TPM even
though we already did that.
Also clean up some minor related stuff (VB2_CONTEXT_SECDATA_CHANGED
notation is deprecated, and secdata space intialization should use the
same write-and-readback function we use for updates).
Change-Id: I231fadcf7b35a1aec3b39254e7e41c3d456d4911
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37471
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Going forwards, vb2ex_commit_data will be used to flush both
nvdata and secdata.
The patch that is circularly dependent on this lies between a patch that
makes vboot no longer build and the patch that fixes that, so we have to
pull the whole thing in at once to sort out the mess.
Updating from commit id 1c4dbaa0:
2019-11-18 Julius Werner Makefile: Fix typo for MOCK_TPM
to commit id 695c56dc:
2019-12-04 Julius Werner Makefile: Make loop unrolling fully
controllable by the caller
BUG=b:124141368, chromium:1006689
TEST=make clean && make test-abuild
BRANCH=none
Change-Id: Ia2612da0df101cd3c46151dbce728633a39fada1
Signed-off-by: Joel Kitching <kitching@google.com>
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37315
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
1. No gpio control in bootblock
2. Disable power and assert reset in ramstage gpio
3. Power on and then deassert reset at the end of ramstage gpio
4. Disable power and assert reset when entering S5
On "reboot", the amount of time the power is disabled for is
equivalent to the amount of time between triggering #4 and wrapping
around to #3, which is about 400ms on Kohaku.
Since #2 forces power off for FPMCU, S3 resume will still
not work properly.
Additionally, we must ensure that GPP_A12 is reconfigured as an output
before going to any sleep state, since user space could have configured
it to use its native3 function.
See https://review.coreboot.org/c/coreboot/+/32111 for more detail.
The control signals have been validated on a Kohaku in
the following scenarios:
1. Cold startup
2. Issuing a "reboot" command
3. Issuing a "halt -p" and powering back on within 10 seconds
4. Issuing a "halt -p" and powering back on after 10 seconds
5. Entering and leaving S3 (does not work properly)
6. Entering and leaving S0iX
BRANCH=hatch
BUG=b/142751685
TEST=Verify all signals as mentioned above
TEST=reboot
flash_fp_mcu /opt/google/biod/fw/dartmonkey_v2.0.2417-af88cc91a.bin
TEST=halt -p
# power back on within 10 seconds
flash_fp_mcu /opt/google/biod/fw/dartmonkey_v2.0.2417-af88cc91a.bin
TEST=halt -p
# power back on after 10 seconds
flash_fp_mcu /opt/google/biod/fw/dartmonkey_v2.0.2417-af88cc91a.bin
Change-Id: I2e3ff42715611d519677a4256bdd172ec98687f9
Signed-off-by: Craig Hesling <hesling@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37459
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
This patch moves the common devicetree settings into baseboard and
creates overridetree.cb for each variant. For PCIe root port settings,
SATA, eMMC, I2Cs and GBe, they are in overridetree.
TEST=build an image for each variant
Change-Id: I067bdb3fcf1218b93e52801f6db093e24d7d2b62
Signed-off-by: Gaggery Tsai <gaggery.tsai@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36794
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Definitions were moved so that now device/mmio.h needs to be included
instead of arch/mmio.h. Also, don't use le32 conversion.
This follows the activities of commit 55009af42 (Change all
clrsetbits_leXX() to clrsetbitsXX()) and commit 1c37157218 (mmio: Add
clrsetbitsXX() API in place of updateX()).
Change-Id: Ie3af0d4f0b3331fe5572fc56915952547b512db7
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37534
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>