Kconfig became stricter on what it accepts, so accomodate before
updating to a new release.
Change-Id: I92a9e9bf0d557a7532ba533cd7776c48f2488f91
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37156
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This fixes issue that became visible after implementing post-CAR stage on
top of `340e4b80904f lib/cbmem_top: Add a common cbmem_top implementation`.
Compilation error was:
Forbidden global variables in romstage:
ffffff00 d top.2205
Signed-off-by: Krystian Hebel <krystian.hebel@3mdeb.com>
Change-Id: I088ac824f9b66387843ae5810fd2c75a8b16d9db
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36976
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
With removal of Torpedo mainboard, this code is no longer
necessary. Will resolve some unique Coverity issues.
Change-Id: I2927245c426566a8f80863a109d015ebf6176803
Signed-off-by: Joe Moore <awokd@danwin1210.me>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36187
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
The MIPS architecture port has been added 5+ years ago in order to
support a Chrome OS project that ended up going nowhere. No other board
has used it since and nobody is still willing or has the expertise and
hardware to maintain it. We have decided that it has become too much of
a mainenance burden and the chance of anyone ever reviving it seems too
slim at this point. This patch eliminates all MIPS code and
MIPS-specific hacks.
Change-Id: I5e49451cd055bbab0a15dcae5f53e0172e6e2ebe
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34919
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The eltan security items ended up in the chipset menu which is not
desired. Now the eltan security option (when enabled in mainboard) shows
up in the security menu.
BUG=N/A
TEST=build
Change-Id: I3b2aa3836e8d9a3242c6d1f3ba7b7821a5cfb9d3
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36851
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
The verified_boot_check_cbfsfile() will now try to allocate a buffer from
bootmem if the item in the list has the VERIFIED_BOOT_COPY_BLOCK attribute
set. For large payloads this speeds up the hash operation.
BUG=N/A
TEST=build
Change-Id: Ifa0c93632c59d05ae6d32f8785009a3c3568abc5
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36822
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Cleanup of the prog_locate_hook routine so the actual coreboot flow is
more clearly reflected in the code.
Remove logging that is not really needed.
BUG=N/A
TEST=tested on fbg1701
Change-Id: Iab6c75beac35d043d296336021c0bce1f828cf34
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36846
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The prepare functionality will be removed from cbfs support and the
eltan verified boot is the only software using it. This is not really
required as we can use the prog_locate_hook() for this functionality.
BUG=N/A
TEST=tested on fbg1701
Change-Id: I189cbad4b24bbbb0840ce6100c89a42a327c5456
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36821
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Some of the verify lists were added to the include file while others are
on vboot_check.c. Also added the ramstage_verify_list.
BUG=N/A
TEST=tested on fbg1701
Change-Id: If4f1d8b2278277d0af78e357ecce0d5bef441179
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36820
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The CBFS master header is a legacy structure that just conveys the same
information we already have from the FMAP these days. We're still
including it to support older CBFS implementations in some payloads, but
there's no need for coreboot itself to follow this indirection anymore.
This patch simplifies the default CBFS locator to just return the CBFS
offset and size from the FMAP directly.
Change-Id: I6b00dd7f276364d62fa1f637efbaee0e80607c49
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36688
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch makes the CBFS default locator .locate() callback externally
available so that code which overrides cbfs_master_header_locator can
reuse or wrap it and doesn't have to copy&paste the whole thing. Use it
for the Eltan vendorcode implementation which previously did this.
Change-Id: I54dad5c8ea64ea0fc472217e275daa815736991e
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36797
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The flags parameter of the tpm2_get_capability_pcrs() is used by
mboot_hash_extend_log().
BUGS=NA
TEST=Build
Change-Id: Ia718d27f21d41a5e16230c74ca402ea6099470b2
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36680
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
We generally let garbage-collection take care of unused functions.
While at it, move some related variable declarations in to the
header file and declare them const like they should be.
Change-Id: I7c6fa15bd45f861f13b6123ccb14c55415e42bc7
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36632
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Align the eltan mboot support with coreboot tpm support to limit the amount of custom code.
We now only support SHA256 pcrs, only single a single digest will be handled in a call.
The pcr invalidation has been changed fixed values are now loaded while the correct algortihm is
selected.
BUG=N/A
TEST=tested on fbg1701
Change-Id: Id11389ca90c1e6121293353402a2dd464a2e6727
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36483
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Only use the custom hash routine when we need little endian.
Rename the function as well as it is little endian only now.
BUG=N/A
TEST=tested on fbg1701 board.
Change-Id: I037fa38c5961dab7a81e752c1685da2dc6b33d12
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36482
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
The vendorcode/eltan and vendorcode/eltan/security directories
were both adding the mboot and verified_boot Kconfigs.
BUG=N/A
TEST=build
Change-Id: I6b5f19b4660d60345391b7320ce42466fd2cc769
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36479
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The public key was not verified during the verified boot operation.
This is now added. The items in the manifest are now fixed at 12 as
we always have the postcar stage.
BUG=N/A
TEST=tested on facebook fbg1701
Change-Id: I85fd391294db0ea796001720c2509f797be5aedf
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36504
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Start using the vb2 public key format and process the signature
verification using the vb2 routines. This allows us to use the
futility to prepare the keys and eliminates the need for custom
tools.
BUG=N/A
TEST=tested on fbg1701 board
Change-Id: Id5d28595bbfb1f5ca5bca0fcfb06134bb1143f25
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36480
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
On ChromeOS, there will be VPD values for dynamic speaker management (DSM)
calibration data. They are resistor calibration values and temperature
during calibration.
These VPD fields use "dsm_calib_" prefix.
Known keys are:
"dsm_calib_r0_0"
"dsm_calib_r0_1"
"dsm_calib_r0_2"
"dsm_calib_r0_3"
"dsm_calib_temp_0"
For now these values are unsigned decimal numbers greater than 0.
This library will be used for RT1011 device driver in the patch series.
Note that in the future we may encode more values into this VPD field if
needed. We retain the flexibility for coreboot device driver or codec
driver to decode/parse the VPD values based on the needed use case
per-board.
BUG=b:140397934
BRANCH=none
TEST=On Helios, with patch series, check realtek,r0_calib and
realtek,temperature_calib are available to rt1011 codec driver.
Signed-off-by: Cheng-Yi Chiang <cychiang@chromium.org>
Change-Id: Ib9579a5cc055f8f438cb30a8acaf250a343db19e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36028
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Fagerburg <pfagerburg@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Evaluated using 32-bit arithmetic, then used in a context that
expects an expression of type UINT64. Cast to UINT64 instead.
Change-Id: I4f0aa26e116b47505633897c790ca8e86ea5dc4e
Signed-off-by: Joe Moore <awokd@danwin1210.me>
Found-by: Coverity CID 1241847
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36081
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Code sets `Status = TRUE` in section of code that can only be
reached if `Status == TRUE`.
Change-Id: Id9a49476d17a5ca141994b0d5dfc5e5c62a00f0e
Signed-off-by: Joe Moore <awokd@danwin1210.me>
Found-by: Coverity CID 1241801
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36189
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
The vendorcode/eltan mboot and verified boot options only build if a
few other Kconfig options are defined.
Change-Id: Ie333d2fbf294e23ec01df06ee551e2d09541c744
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35954
Reviewed-by: Wim Vervoorn
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
There is only one subdir in vendorcode/siemens and it does not feature
a Kconfig file.
Change-Id: I136743344465cea9c769234aa84d9ebe874ef0d2
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35953
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Create verified boot support, which includes verifiication of bootblock.
This feature use the vendorcode/eltan/security/lib.
cbfs_locator is used to init the verified boot support.
vendor_secure_prepare() and vendor_secure_locate() are used to preform the
required action in each stage.
The next lists will be used for verification:
* bootblock_verify_list
* postcar_verify_list
* romstage_verify_list
* ramstage_verify_list
BUG=N/A
TEST=Created binary and verify logging on Facebook FBG-1701
Change-Id: If6c1423b0b4a309cefb7fe7a29d5100ba289e0b4
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/30835
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lance Zhao <lance.zhao@gmail.com>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Create measured boot.
This feature uses the vendorcode/eltan/security/lib.
Measure boot can work with and without Verified boot enabled.
The function mb_measure() is starting point for the support. This
function will be called by the common Verified boot code.
BUG=N/A
TEST=Created binary and verify logging on Facebook FBG-1701
Change-Id: I7f880a17e240515dd42d57383b5ddddf576985b0
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/30833
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
cb_sha.c depends on C_ENVIRONMENT_BOOTBLOCK.
Include cb_sha.c unconditional since C_ENVIRONMENT_BOOTBLOCK is default for
chipsets.
BUG=N/A
TEST=Boot Linux 4.20 and verify logging on Facebook FBG-1701
Change-Id: If93195596efe7d8f298430e67eb1cf79804b96fc
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34667
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lance Zhao <lance.zhao@gmail.com>
After ChromiumOS CL:1293132 and CL:1295890, Chrome EC can store the flag
telling if the last reboot was triggered by AP watchdog for some boards
(e.g., Kukui).
This CL adds a new function google_chromeec_get_ap_watchdog_flag(),
which reads the AP watchdog flag from Chrome EC, and updates the tables
of reset causes and reset flags.
A new Kconfig option CHROMEOS_USE_EC_WATCHDOG_FLAG is added for
elog_handle_watchdog_tombstone() to determine if watchdog reset was
triggered by the AP watchdog flag from EC instead of the tombstone in
AP.
BUG=b:109900671,b:118654976
BRANCH=none
TEST=test with https://review.coreboot.org/c/coreboot/+/31843
Change-Id: I7a970666a8c6da32ac1c6af8280e808fe7fc106d
Signed-off-by: You-Cheng Syu <youcheng@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31834
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
C strict aliasing rules state that it is undefined behaviour to access
any pointer using another pointer of a different type (with several small
exceptions). Eg.
uint64_t x = 3;
uint16_t y = *((uint16_t *)&x); // undefined behaviour
From an architectural point of view there is often nothing wrong with
pointer aliasing - the problem is that since it is undefined behaviour,
the compiler will often use this as a cop-out to perform unintended or
unsafe optimizations. The "safe" way to perfom the above assignment is
to cast the pointers to a uint8_t * first (which is allowed to alias
anything), and then work on a byte level:
*((uint8_t *)&y) = *((uint8_t *)&x);
*((uint8_t *)&y + 1) = *((uint8_t *)&x + 1);
Horribly ugly, but there you go. Anyway, in an attempt to follow these
strict aliasing rules, the ReadMEM() function in SB800 does the above
operation when reading a uint16_t. While perfectly fine, however, it
doesn't have to - all calls to ReadMEM() that read a uint16_t are passed
a uint16_t pointer, so there are no strict aliasing violations to worry
about (the WriteMEM() function is exactly similar). The problem is that
using this unnecessary workaround generates almost 50 false positive
warnings in Coverity. Rather than manually ignore them one-by-one, let's
just remove the workaround entirely. As a side note, this change makes
ReadMEM() and WriteMEM() now match their definitions in the SB900 code.
Change-Id: Ia7e3a1eff88b855a05b33c7dafba16ed23784e43
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34783
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Variable length arrays were a feature added in C99 that allows the
length of an array to be determined at runtime. Eg.
int sum(size_t n) {
int arr[n];
...
}
This adds a small amount of runtime overhead, but is also very
dangerous, since it allows use of an unlimited amount of stack memory,
potentially leading to stack overflow. This is only worsened in
coreboot, which often has very little stack space to begin with. Citing
concerns like this, all instances of VLA's were recently removed from the
Linux kernel. In the immortal words of Linus Torvalds [0],
AND USING VLA'S IS ACTIVELY STUPID! It generates much more code, and
much _slower_ code (and more fragile code), than just using a fixed
key size would have done. [...] Anyway, some of these are definitely
easy to just fix, and using VLA's is actively bad not just for
security worries, but simply because VLA's are a really horribly bad
idea in general in the kernel.
This patch follows suit and zaps all VLA's in coreboot. Some of the
existing VLA's are accidental ones, and all but one can be replaced with
small fixed-size buffers. The single tricky exception is in the SPI
controller interface, which will require a rewrite of old drivers
to remove [1].
[0] https://lkml.org/lkml/2018/3/7/621
[1] https://ticket.coreboot.org/issues/217
Change-Id: I7d9d1ddadbf1cee5f695165bbe3f0effb7bd32b9
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33821
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Build error on missing vb2ex_printf() in bootblock stage
Add the file vboot_logic.c which contains the missing vb2ex_printf().
BUG=N/A
TEST=Boot Linux 4.20 and verify logging on Facebook FBG-1701
Change-Id: I3f649f3faf1e812d592e4981bc75698e2cad1cc8
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34666
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lance Zhao <lance.zhao@gmail.com>
The <inttypes.h> header currently does nothing but include the
definitions from <stdint.h>, so let's #include that directly instead.
Change-Id: I9d83ad37d0d7300a093001596ce3f0b3830c5701
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34800
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
To avoid confusion use VENDORCODE_ELTAN_VBOOT and
VENDORCODE_ELTAN_MBOOT config values.
Include verfied_boot and mboot subdirectories as CPPFLAGS when
measured boot or verified boot is enabled. This allows to generate
binary with measured boot enabled only.
BUG=N/A
TEST=Boot Linux 4.20 and verify logging on Facebook FBG-1701
Change-Id: Iaaf3c8cacbc8d2be7387264ca9c973e583871f0a
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33442
Reviewed-by: Lance Zhao <lance.zhao@gmail.com>
Reviewed-by: Martin Roth <martinroth@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This function can capture and allocate its own eye data, so in that case
set need_free to true so it is freed at the end.
Change-Id: I63ca6d743e6610d3e3ab6bd7b0356aabdfa6f784
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1393969
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34591
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
The bdk_phys_to_ptr() function converts a uint64_t address to a void *
pointer. Judging by the comments, the old implementation had a check
that would refuse to convert a null pointer, which required several
workarounds when trying to convert the address 0 to a pointer. This
isn't the case for coreboot though, which implements this function
as a simple (void *) cast, so we can remove the old workarounds.
Change-Id: I6537d1699e6726c1fb155d69a51e14da856232de
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1393962
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34590
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Ensure that best_en_idx is within bounds before accessing the _en array.
Change-Id: Ifa6259e28875a8cf8199896bda7982370ccaa277
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1393971
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34593
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The total number of errors is only needed after a final tuning run at the
end of this function, so we can remove this unneeded store for earlier
runs.
Change-Id: I62adb38ccba98d90bcf8ccd13998762b9b694111
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1393967
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34592
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
volt_str is used to print information about the RAM configuration
in report_common_dimm(), so let's print out "unknown voltage" if the
voltage isn't recognized rather than a garbage value.
Change-Id: I8e85917fd682e166172fbf10597bde4a8a11dfc7
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1393958, 1393982
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34576
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Implicit fall throughs are a perpetual source of bugs and Coverity Scan
issues, so let's squash them once and for all. GCC can flag implicit fall
throughs using the -Wimplicit-fallthrough warning, and this should
ensure no more enter the code base. However, many fall throughs are
intentional, and we can use the following comment style to have GCC
suppress the warning.
switch (x) {
case 1:
y += 1;
/* fall through */
case 2:
y += 2;
/* fall through - but this time with an explanation */
default:
y += 3;
}
This patch adds comments for all remaining intentional fall throughs,
and tweaks some existing fall through comments to fit the syntax that
GCC expects.
Change-Id: I1d75637a434a955a58d166ad203e49620d7395ed
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34297
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Add changes needed to build a project using Merlin Falcon SOC using 00670F00
vendor code, which is backward compatible with Merlin Falcon. Only the AGESA
binary image is different then the one used by 00670F00.
BUG=none.
TEST=Tested later with padmelon board.
Change-Id: Id3341f6a1ef2561a6391d3db8c54f6bdd09b0c0e
Signed-off-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33622
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
digest from vb2_digest_bufer() does not contains the correct endian.
Create cb_sha_endian() which can convert the calculated digest into big endian
or little endian when required.
BUG=N/A
TEST=Created binary and verify logging on Facebok FBG-1701
Change-Id: If828bde54c79e836a5b05ff0447645d7e06e819a
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/30831
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Sometimes coreboot needs to compile external code (e.g.
vboot_reference) using its own set of system header files. When
these headers don't line up with C Standard Library, it causes
problems.
Create ctype.h header file. Relocate ctype.h functions from
string.h into ctype.h. Update source files which call ctype.h
functions accordingly.
Note that ctype.h still lacks five functions which are not used
in coreboot source:
isalnum, isalpha, iscntrl, isgraph, ispunct
BUG=b:124141368
TEST=make clean && make test-abuild
BRANCH=none
Change-Id: I31b5e8af49956ec024a392a73c3c9024b9a9c194
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33525
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
"if (_pcidata != 0xFFFFFFFF || _pcidata != 0)", is always true.
The right test should be && not ||.
Error found using -Wlogical-op warning option.
Change-Id: I537fa4867499e1e6e5f662086fabc99b91aa0c70
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33392
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
This patch contains the general files for the vendorcode/eltan that has
been uploaded recently:
- Add eltan directory to vendorcode.
- Add documentation about the support in the vendorcode directories.
- Add the Makefile.inc and Kconfig for the vendorcode/eltan and
vendorcode/eltan/security.
BUG=N/A
TEST=Created verified binary and verify logging on Portwell PQ-M107
Change-Id: Ic1d5a21d40b6a31886777e8e9fe7b28c860f1a80
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/30218
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
<types.h> is supposed to provide <stdint.h> and <stddef.h>.
So when <types.h> is included, <stdint.h> and/or <stddef.h> is removed.
Change-Id: I1eb4163fb36a47b584f1fc9dd3c012e2930e9866
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32807
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lijian Zhao <lijian.zhao@intel.com>
The call to timestamp_rescale_table() had to be moved
before TS_AGESA_INIT_{POST/RESUME}_DONE to have that
timestamp appear without rescaling.
Change-Id: I71e09d3bc4c8657979d447b90fb6ac7cae959479
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31515
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Place it within class libagesa to avoid including
AGESA internal header heapManager.h in coreboot
proper build CPPFLAGS.
Change-Id: Iae86d6631d7a6ba6ea2588a53b292b435dfd7861
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31511
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
While not implemented, copying the definitions from
later AGESA/AMD.h to older helps us avoid lots of
preprocessor directives.
Change-Id: I34edc1ca23e9c063c4286273c53249ff0a953798
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31510
Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
AmdCreateStruct() and AmdReleaseStruct() are equally bad
when it comes to lack of correct function declarations
for definitions found in vendorcode binaryPI/AGESA.c.
Replace these with calls that go through the common
module_dispatch() functions.
Change-Id: I611bcbe2a71fb65c8eb759a9dc74cbd9cb74136e
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31486
Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This microcode update for CPU IDs 0x610F01/0x610F31 improves system stability:
in particular, fixes Xen hardware virtualization freezes. Also it attempts to
patch some Spectre-related security vulnerabilities. This new microcode has been
tested by multiple coreboot community members and found working perfectly.
Old version: 0x600110F [2012-01-11]
replaced by
New version: 0x600111F [2018-03-05]
Change-Id: Ied5da0ff85abb63c2db2eeafd051b8e00916d961
Signed-off-by: Mike Banon <mikebdp2@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/28273
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: <awokd@danwin1210.me>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This microcode update for CPU ID 0x700F01 improves system stability:
in particular, fixes Xen hardware virtualization freezes. Also it attempts to
patch some Spectre-related security vulnerabilities. This new microcode has been
tested by multiple coreboot community members and found working perfectly.
Old version: 0x700010B [2013-07-09]
replaced by
New version: 0x7000110 [2018-02-09]
Change-Id: Iebe6e54d922378a8a1feb97f37b08ac50c8234b2
Signed-off-by: Mike Banon <mikebdp2@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/28370
Reviewed-by: Martin Roth <martinroth@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The VPD field name is dock_passthrough, not dock_passthru. Fix it.
(I assume there is no length limit)
BUG=b:132689337
TEST=check that the feature can now be controlled by the associated
enterprise policy
Change-Id: Icc2b070313fde74447279cd6ccaa4e3eb6d119ee
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32839
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The ASL 2.0 syntax for "!X" resolves to "LNot(X)" which will evaluate
the object as an integer and turn into a boolean. This may not do the
right thing if the object is actually a string and it can lead to
unexpected behavior.
Instead be specific about the object type and check for zero or an
empty string depending on what is being returned.
This fixes an issue where some VPD keys were causing the search to
stop and miss subsequent entries.
Change-Id: I1688842964f9c2f81ca31073da9c2d71a8c81767
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32694
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
This patch fixes up all code that would throw a -Wtype-limits warning.
This sometimes involves eliminating unnecessary checks, adding a few odd
but harmless casts or just pragma'ing out the warning for a whole file
-- I tried to find the path of least resistance. I think the overall
benefit of the warning outweighs the occasional weirdness.
Change-Id: Iacd37eb1fad388d9db7267ceccb03e6dcf1ad0d2
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32537
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This change removes all the separate entrypoint dispatch
functions as they all share the same pattern.
Furthermore, none of the function definitions under vendorcode
binaryPI/AGESA.c file have proper declarations, the ones compiler
picks up from AGESA.h are for the internal implementations and
with sanely organized headerfiles would not be exposed outside
the build of AGESA at all.
Change-Id: I0b72badc007565740c93b58743cfd048e8b42775
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31485
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
When coreboot checks the TPM and key-ladder state it issues a reboot of
the Cr50 with a delay parameter. Older Cr50 code doesn't support the
delay parameter and reboots immediately, which prevented coreboot from
running the mainboard specific code needed for the AP to come back up.
This change calls mainboard_prepare_cr50_reset() prior to sending the
VENDOR_CC_IMMEDIATE_RESET command.
This change also fixes a false error message from the coreboot log that
indicated "Unexpected Cr50 TPM mode 3" when the Cr50 key ladder is
disabled.
BUG=b:130830178
BRANCH=none
TEST=build coreboot on sarien and grunt platforms.
TEST=Load Cr50 v3.15, run 'gsctool -a -m disable; reboot'. Verify
corebot send the
VENDOR_CC_IMMEDIATE_RESET command and that the AP boots normally.
Verify event log shows "cr50 Reset Required"
TEST=Force Cr50 automatic update. Verify event log shows "cr50 Update
Reset".
Change-Id: Ib05c9cfde8e87daffd4233114263de5b30822872
Signed-off-by: Keith Short <keithshort@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32365
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Parameter passing is incorrect here, it should pass
complete StdHeader instead of attempting to fill
in HeapStatus that should be treated as a field private
to AGESA, based on where it is defined in the header
files.
Furthermore the while() loop did not evaluate the
return value. Feature can be brought back at a later
date after someone verifies it actually works correctly
across different stages.
Change-Id: Ib243b275f8700ecaeb330772c795d305c61899c5
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31484
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
I just got hit by a double-evaluation bug again, it's time to attempt
to fix this once more. Unfortunately there are several issues that don't
make this easy:
- bitfield variables don't support typeof()
- local macro variables that shadow others trigger -Werror=shadow
- sign warnings with integer literal and unsigned var in typeof-MIN()
- ({ statement expressions }) can not be used outside functions
- romcc doesn't support any of the fancy GCC/clang extensions
This patch tries to address all of them as far as possible with macro
magic. We don't have the technology to solve the bitfield and
non-function context issues yet (__builtin_choose_expr() still throws a
"no statement expression outside a function" error if it's only in the
branch that's not chosen, unfortunately), so we'll have to provide
alternative macros for use in those cases (and we'll avoid making
__ALIGN_MASK() double-evaluation safe for now, since it would be
annoying to do that there and having an alignment mask with side
effects seems very unlikely). romcc can continue using unsafe versions
since we're hopefully not writing a lot of new code for it. Sign
warnings can be avoided in literal/variable comparisons by always using
the type of the variable there. Shadowing is avoided by picking very
explicit local variable names and using a special __COUNTER__ solution
for MIN() and MAX() (the only ones of these you're likely to nest).
Also add DIV_ROUND_UP() to libpayload since it's a generally quite
useful thing to have.
Change-Id: Iea35156c9aa9f6f2c7b8f00991418b746f44315d
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32027
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
As part of chromium:942901, physical dev switch functionality
is being deprecated.
Remove remaining references as well as helper macros.
BUG=chromium:942901
TEST=Build locally
TEST=make clean && make test-abuild
BRANCH=none
Change-Id: Ib4eec083eb76d41b47685701f9394c684ddc6b37
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32064
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
The r8152 kernel driver is expecting the AMAC() method to return
a raw buffer, not a string. To fix this simply remove the
ToString() in the return statement that was converting the buffer
to a string.
BUG=b:123925776
Change-Id: I7cd4244a1ccc7397d5969b817a52ea48867b4d17
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31807
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch is a raw application of
find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g'
Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
MMIO operations are arch-agnostic so the include
path should not be arch/.
Change-Id: I0fd70f5aeca02e98e96b980c3aca0819f5c44b98
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/31691
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This change adds support for providing a MAC address that can be used
by the OS network drivers to change the MAC address that a NIC uses.
The Realtek r8152 driver in the Linux kernel supports a MAC address
passthru feature which can result in the dock ethernet port using the
same MAC address that is assigned to the internal NIC. This is done
by calling an ACPI method at \_SB.AMAC() which returns a formatted
string containing the MAC address for the dock to use.
The Linux kernel implementation can be found at
drivers/net/usb/r8152.c:vendor_mac_passthru_addr_read()
This is implemented specifically for Chrome OS as it relies on VPD
to determine the MAC address to supply.
The policy which controls where the dock MAC address comes from is
written into RW_VPD property "dock_passthru":
"dock_mac" or empty: Use MAC address from RO_VPD value "dock_mac"
"ethernet_mac0": Use MAC address from RO_VPD value "ethernet_mac0"
"builtin": existing dock MAC address (return nothing)
The MAC address in VPD is the standard format AA:BB:CC:DD:EE:FF and
it must be converted into the string format expected by the OS which
involves some string manipulation which ACPI is not great at handling.
BUG=b:123925776
TEST=this was tested on a sarien board by setting the VPD keys to
their expected values and observing if the AMAC() method returns the
expected string.
Change-Id: I3335e5d924155431e299844e2aaace62168294e0
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://review.coreboot.org/c/31669
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lijian Zhao <lijian.zhao@intel.com>
This ACPI device presents an interface that allows other ACPI devices
or methods to read VPD strings. The VPDF() method is provided the
VPD partition to look in, and the name of the VPD key to find and it
will return the VPD string if it exists.
For example: VPD.VPDF ("RO", "serial_number")
BUG=b:123925776
TEST=this was tested on a sarien platform by adding ACPI code that
searches for a VPD key and returns the value it finds, and then setting
that VPD string from the OS with the Chrome OS 'vpd' utility to ensure
the ACPI method returns the correct value.
Change-Id: I4668f66d7f7f364ac8c3b064d406b24135abb0f6
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://review.coreboot.org/c/31668
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lijian Zhao <lijian.zhao@intel.com>
Store the memory address of VPD region start and length for the memory
mapped RO_VPD and RW_VPD into GNVS so they can be used by ACPI code.
BUG=b:123925776
TEST=boot on sarien and verify VPD start/length in GNVS
Change-Id: I39073a9d78f5ff60bfe088860c087a5167f05fdf
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://review.coreboot.org/c/31667
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Lijian Zhao <lijian.zhao@intel.com>
On every call of hwilib_find_blocks() the CBFS file will be mapped and
the contents are parsed to get the offsets for every single block. This
is not needed if the CBFS file name is the same for the different calls.
This patch adds a storage for the currently opened CBFS file name in
CAR_GLOBAL and checks on each call if the file to open is already open.
If yes, the file will not be mapped again which saves execution time.
Test=Booted mc_tcu3, mc_bdx1 and mc_apl1 and verified that hwinfo.hex
is only mapped once across several following hwilib_find_blocks() calls.
In addition a test was done to ensure that files with different names
get mapped correctly.
Change-Id: Id69e0f6c914c2b8e4551fd8a4fb7d452d176afb3
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/c/31518
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
When <symbols.h> was first introduced, it only declared a handful of
regions and we didn't expect that too many architectures and platforms
would need to add their own later. However, our amount of platforms has
greatly expanded since, and with them the need for more special memory
regions. The amount of code duplication is starting to get unsightly,
and platforms keep defining their own <soc/symbols.h> files that need
this as well.
This patch adds another macro to cut down the definition boilerplate.
Unfortunately, macros cannot define other macros when they're called, so
referring to region sizes as _name_size doesn't work anymore. This patch
replaces the scheme with REGION_SIZE(name).
Not touching the regions in the x86-specific <arch/symbols.h> yet since
they don't follow the standard _region/_eregion naming scheme. They can
be converted later if desired.
Change-Id: I44727d77d1de75882c72a94f29bd7e2c27741dd8
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/31539
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
