They always require special care so that line breaks and variable names
are escaped properly. One loop can be removed entirely because install
accepts multiple files to install in a target directories, the other
loops were filled by find which can just call the commands on its own.
Change-Id: I9f9dddfe3f3ceceb6a0510d6dd862351e4b10210
Signed-off-by: Patrick Georgi <patrick@coreboot.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79523
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This updates all warnings currently being printed under the files_added
and build_complete targets to the show_notices target.
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: Ia14d790dd377f2892f047059b6d24e5b5c5ea823
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79423
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
If a framebuffer is already configured by coreboot, we need to ensure
that the framebuffer size is a multiple of GRANULE_SIZE before passing
to `mmu_add_memrange`. Otherwise, we would fail to allocate memory
region due to `sanity_check`.
Change-Id: Ia6a6400733ca10a61220087e87022f68c28e4789
Signed-off-by: Yidi Lin <yidilin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79451
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
We should make sure _stack/_estack and the other labels are consistent.
And _data & _edata is also useful to clean up the sensitive data on the
data section.
BUG=b:248610274
TEST=emerge-cherry libpayload
BRANCH=none
Cq-Depend: chromium:5052462
Change-Id: I589040f4db60b35813ea9f4ba9503244bd7def00
Signed-off-by: Yi Chou <yich@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79144
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
This fixes commit 12ae850dfc which used the wrong symbol, and previous
versions of Kconfig didn't notice.
Change-Id: I7145fd81a30a1455a6dd2c7f24564956a116d180
Signed-off-by: Patrick Georgi <patrick@coreboot.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79263
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
When cleaning the sensitive data in the memory, we will want to prevent
zero out the content of tbb_buffer. Move the ttb_buffer to a standalone
section will simplify the problem.
BUG=b:248610274
TEST=emerge-cherry libpayload
BRANCH=none
Change-Id: I610276cbe30552263d791860c15e5ad9a201c744
Signed-off-by: Yi Chou <yich@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79078
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Some sensitive data may remain DMA buffer, we will want to zero out
everything on the DMA buffer before we jump into the kernel to
prevent leaking sensitive data into the kernel.
To accomplish that, we will need this function to get the range of
memory that can be allocated by the dma allocator.
BUG=b:248610274
TEST=emerge-cherry libpayload
BRANCH=none
Signed-off-by: Yi Chou <yich@google.com>
Change-Id: I8f3058dfd861ed44f716623967201b8cabe8d166
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78407
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Guard multiple options depending on another with an if-block. It's not
needed to repeat the condition for every option.
This also cleans up the ordering of the options and groups all options
related to iPXE.
Change-Id: I9e74ab567f619a2d5c20c6c0282b37193d9ac01b
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78925
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Since #c4fdec0a83d69bd0399b1b4351fa9c3af3c6fd65, edk2/master will
work with coreboot without modification.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I8350f5114445d2608861ef6e807f958e598dfe07
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78636
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
The value from raw_read_cntfrq_el0() could be large enough to cause
overflow when multiplied by USECS_PER_SEC. To prevent this, both
USECS_PER_SEC and hz can be reduced by dividing them by their GCD.
This patch also modifies the return type of `timer_hz()` from
`uint64_t` to `uint32_t`, assuming that in practice the timestamp
counter should never be that fast.
BUG=b:307790895
TEST=boot to kernel and check the timestamps from `cbmem`
Change-Id: Ia55532490651fcf47128b83a8554751f050bcc89
Signed-off-by: Yidi Lin <yidilin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78888
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Instead of redirecting the output of sed into a temporary file and
copying it to its target then, just tell sed to do the replacements
in-place and don't let it create a backup of the original file. The
overhead is not needed.
Change-Id: I442616cd78098b653af5bd49bc7a4f021c99e081
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78924
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
This patch introduces a new coreboot table entry named
"has_external_display" to understand if external display is attached.
This information is useful to prevent graceful shutdown by payload
when the LID is closed but an external display is present.
This piece of the information will be gathered by coreboot and passed
into the payload using this new entry aka external_display because
payload (i.e., deptcharge) doesn't have any other way to determine
if external display is available.
BUG=b:299137940
TEST=Able to build and boot google/rex.
w/o this patch:
LID closed and external display attached (HDMI) in developer mode
(GBB 0x39):
> System is powered off by depthcharge
w/ this patch:
LID closed and external display attached (HDMI) in developer mode
(GBB 0x39):
> Booted to OS and device is alive/usable
Change-Id: I0fa7eee4c5a50371a7a66c6ca1ac2c7d046d010b
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77796
Reviewed-by: Eric Lai <ericllai@google.com>
Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Update the default branch used for MrChromebox's edk2 fork from 2023-06
to 2023-09. This updated branch has been rebased on the latest upstream
stable tag (edk2-stable202308), and fixes some USB detection issues, as
well the coreboot Kconfig for prefering internal or external boot
devices.
TEST=build/boot google boards link, panther, lulu,reef, ampton, akemi,
banshee, zork, frostflow with edk2 payload selected.
Change-Id: I7c5f9ae1ca4edd8211f55f4ecf2b3b495f473a43
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78136
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Disabling TPM support in edk2 can actually cause problems booting from
USB on some Intel-based boards with a CR50 TPM when using the edk2
GOP driver option, so rather than disable the TPM for all CR50 boards,
restrict the default to only AMD boards, where the boot hang with
TPM enabled was originally observed.
TEST=build/boot Win11, Linux from usb on google/fizz when built
with edk2 payload and edk2 GOP driver option selected.
Change-Id: I01509fea2dd42b741c00abcf9fb8b936e895b932
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78031
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Don't skip checking out the specified edk2 branch if the repo contains
untracked files, which may be the case if the EDK2_GOP_DRIVER option
is selected. Also ensure the submodule pointers are correct when
checking out.
TEST=build google/panther with GOP driver option and edk2 payload 2x,
switching branches between builds and ensure the correct branch is
used each time and submodules are synced with branch.
Change-Id: If7040bd5c49209b37a4b308485bf59352197d3b6
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78030
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Several of the build commands passed by the Makefile only exist
in MrChromebox's fork of edk2. Guard these, and the corresponding
Kconfig options, against the selection of the MrChromebox repository.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I41d8d54e5b91990dd9fb88967fcd549a86cf6fe9
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78036
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
If LP_VBOOT_CBFS_INTEGRATION is enabled, then libcbfs will reboot with
vboot failure in non-recovery mode on CBFS file hash mismatch.
BUg=b:197114807
TEST=Build with VBOOT_CBFS_INTEGRATION enabled and boot on
google/ovis4es device
Change-Id: Ic0f62212b7217b384e8c4cbd9535fe4243301f8c
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77726
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Patch adds:
- vboot_fail_and_reboot() for vboot failures handling.
- reboot() weak implementation for payloads to implement, used
by vboot_fail_and_reboot().
- vboot_recovery_mode_enabled() to check if recovery mode flag is set in
vboot context. Implemented for future libcbfs implementation
of VBOOT_CBFS_INTEGRATION in libpayload.
BUG=b:197114807
TEST=none
Change-Id: I53d1955573d54bc56d05f7780c18dcc8ac1fd399
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77725
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
To fully and easily implement fallback/recovery in libcbfs with vboot
support the codebase requires access to vboot context. Moving context
management to libpayload allows to avoid unnecessary overhead and code
complication and still allows payloads to access it in a way it was
designed. Access to this codebase will also allow implementation of e.g.
vboot_fail_and_reboot() and other helpful utilities used by coreboot and
depthcharge.
BUG=b:197114807
TEST=make unit-tests
TEST=Build and boot on google/ovis4es with CL:4839296 and
VBOOT_CBFS_INTEGRATION enabled
Change-Id: Id719be7c4f07251201424b7dc6c1125c6b5756d8
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77635
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
initramfs is built always, ignoring CONFIG_LINUXBOOT_BUILD_INITRAMFS
Built initramfs only is CONFIG_LINUXBOOT_BUILD_INITRAMFS is set
BUG = N/A
TEST = Built and boot facebook monolith
Change-Id: I0d575ff7528fceb06b5394642527713bb071c8b3
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77607
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Clang does not recognize comments to indicate falltrough is intended
behavior.
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Change-Id: Idcf7a24fc763b80863902702172b4ea950e132b8
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77431
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Update the U-Boot version to the latest release. Also switch to github
since it is typically much faster to download than the existing URL.
Drop the 'experimental' tag since this payload is pretty stable. It is
also tested regularly in U-Boot's CI.
Change-Id: I082130539c3474593a82e4b21cb995380f4db168
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77149
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77463
Reviewed-by: Patrick Georgi <patrick@coreboot.org>
Tested-by: Patrick Georgi <patrick@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Fix regression introduced in I25e757108e0dd473969fe5a192ad0733f1fe6286
"payloads/external/LinuxBoot: Clean up".
Include the initrd into the payload. Allows to actually use LinuxBoot.
Change-Id: I5ab6b1a43a4100e83f4c188b9ea3451ab7b4ffe5
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77412
Reviewed-by: Maximilian Brune <maximilian.brune@9elements.com>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
For libflashrom we need the delay functions but when including the whole
libpayload.h it has conflicting symbols.
Change-Id: I6e4a669b8ba25836fb870d74c200985c1bfdb387
Signed-off-by: Thomas Heijligen <src@posteo.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/70139
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This adds a Kconfig option to select memtest86+ version 6 as a secondary
payload and sets that as the default. The coreboot version 5 code may
still be selected and used if desired.
Compiling for 32 bit requires glibc from multilib installed, if the host
system is running on 64 bit, as header files, e.g. gnu/stubs-32.h, are
required from there. So introduce a new choice menu which allows to
choose between 32 and 64 bit.
By default, the stable 6.20 version is selected instead of the top of
the main branch.
TEST=Build both V5 and V6, boot them in QEMU
Signed-off-by: Martin Roth <gaumless@gmail.com>
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Change-Id: Ie0eedc25fcf37b925b072ca809c019a599a20392
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69277
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Disable TPM support for CR50 TPM when using MrChromebox repo, since
it's not currently supported in edk2, and causes some boards (eg AMD
Zen-based) to failed to boot.
TEST=build/boot on google/frostflow
Change-Id: I64b5eb09d64eafd2bed400b7a7c97750cc368aed
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77270
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Reviewed-by: Varshit Pandya <pandyavarshit@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add Kconfig for passing a VBT file and GOP driver to edk2, and pass a
build param to use them along with the platform GOP driver. This allows
edk2 to initialize the display and change display modes, instead of
being limited to the single mode set by whatever display init method
coreboot might use (libgfxinit, FSP/GOP, VBIOS, etc).
TEST=build/boot multiple google boards spanning several platforms using
the edk2 GOP driver for display init.
Change-Id: I63a49df2411fe44b06eaee6d0fb9aab42ac8aedb
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77269
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
When cbfs_map()/cbfs_ro_map() fails, the caller may still want to know
the decompressed size of the CBFS file, for example, to print an error
message. Move the assignment earlier in the flow. Note that coreboot's
cbfs_map() is already doing the same.
BUG=none
TEST=emerge-geralt libpayload
BRANCH=none
Change-Id: I82c6b7e69c95bf597fa3c7d37dd11252893c01af
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77193
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add the builtin to copy variadic lists/arguments.
Signed-off-by: Maximilian Brune <maximilian.brune@9elements.com>
Change-Id: I4507b901bdce052c5d1701fdf825eb8a96a5b55a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77097
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This adds a missing prerequisite, because otherwise it can happen that
curl tries to put the downloaded kernel in a non existing build
directory
Signed-off-by: Maximilian Brune <maximilian.brune@9elements.com>
Change-Id: I459172f794ab9c1010cebcff5e28f1454e136fba
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76914
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
This upgrades the tint payload to 0.07 version. The sources are
similar enough so that ..._libpayload.patch could be simply git-moved.
Change-Id: I0f6de3d0410e6d838fe49330d98620c877a0d2c7
Signed-off-by: Mike Banon <mikebdp2@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76820
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Restore the tint build system compatibility with the current version
of buildgcc script while preserving the backwards compatibility.
Change-Id: I45d3454b4527ee81c3927a5b3da2e9067c530fb0
Signed-off-by: Mike Banon <mikebdp2@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76819
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use C99 flexible arrays instead of older style of one-element or
zero-length arrays.
It allows the compiler to generate errors when the flexible array does
not occur at the end in the structure.
Change-Id: I17811256b04a17539d3ed77f406892ae77e97515
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76848
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Use C99 flexible arrays instead of older style of one-element or
zero-length arrays.
It allows the compiler to generate errors when the flexible array does
not occur at the end in the structure.
Change-Id: I3fd3f068ff731e1d9fed7c38ba6815e1eed86450
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76849
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Use C99 flexible arrays instead of older style of one-element or
zero-length arrays.
It allows the compiler to generate errors when the flexible array does
not occur at the end in the structure.
Change-Id: Icf3da1b0a0666769ae7b5d5f641b85436b324b4c
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76851
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>