Go to file
Christian Walter 0bd84ed250 security/vboot: Add Support for Intel PTT
Add support for Intel PTT. For supporting Intel PTT we need to disable
read and write access to the TPM NVRAM during the bootblock. TPM NVRAM
will only be available once the DRAM is initialized. To circumvent this,
we mock secdata if HAVE_INTEL_PTT is set. The underlying problem is,
that the iTPM only supports a stripped down instruction set while the
Intel ME is not fully booted up. Details can be found in Intel document
number 571993 - Paragraph 2.10.

Change-Id: I08c9a839f53f96506be5fb68f7c1ed5bf6692505
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34510
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-08-06 12:07:49 +00:00
3rdparty 3rdparty/libgfxinit: Update submodule pointer 2019-08-05 08:24:01 +00:00
Documentation Documentation: Advertise support for OpenSBI 2019-08-06 12:04:01 +00:00
configs configs: Build test OpenSBI 2019-08-06 12:04:09 +00:00
payloads libpayload/serial/qcs405: Mark uart console as such 2019-07-26 08:41:38 +00:00
src security/vboot: Add Support for Intel PTT 2019-08-06 12:07:49 +00:00
util util/arm_boot_tools/mksunxiboot: Remove tool 2019-08-05 08:27:40 +00:00
.checkpatch.conf
.clang-format lint/clang-format: set to 96 chars per line 2019-06-13 20:14:00 +00:00
.gitignore util/bucts: Add tool to manipulate BUC.TS bit on Intel targets 2018-11-19 08:19:16 +00:00
.gitmodules Add intel-microcode submodule repository 2019-06-18 10:42:17 +00:00
.gitreview
AUTHORS AUTHORS: Move src/acpi copyrights into AUTHORS file 2019-07-30 11:04:14 +00:00
COPYING
MAINTAINERS MAINTAINERS: Step down as RISC-V maintainer 2019-08-05 22:43:36 +00:00
Makefile Makefile: Don't create build directory for additional targets 2019-07-29 06:03:09 +00:00
Makefile.inc Makefile.inc: Enable -Wimplicit-fallthrough 2019-07-19 09:58:05 +00:00
README.md README: Convert to Markdown 2018-09-16 13:01:58 +00:00
gnat.adc
toolchain.inc Move -Wlogical-op into xcompile 2019-06-21 08:44:49 +00:00

README.md

coreboot README

coreboot is a Free Software project aimed at replacing the proprietary BIOS (firmware) found in most computers. coreboot performs a little bit of hardware initialization and then executes additional boot logic, called a payload.

With the separation of hardware initialization and later boot logic, coreboot can scale from specialized applications that run directly firmware, run operating systems in flash, load custom bootloaders, or implement firmware standards, like PC BIOS services or UEFI. This allows for systems to only include the features necessary in the target application, reducing the amount of code and flash space required.

coreboot was formerly known as LinuxBIOS.

Payloads

After the basic initialization of the hardware has been performed, any desired "payload" can be started by coreboot.

See https://www.coreboot.org/Payloads for a list of supported payloads.

Supported Hardware

coreboot supports a wide range of chipsets, devices, and mainboards.

For details please consult:

Build Requirements

  • make
  • gcc / g++ Because Linux distribution compilers tend to use lots of patches. coreboot does lots of "unusual" things in its build system, some of which break due to those patches, sometimes by gcc aborting, sometimes - and that's worse - by generating broken object code. Two options: use our toolchain (eg. make crosstools-i386) or enable the ANY_TOOLCHAIN Kconfig option if you're feeling lucky (no support in this case).
  • iasl (for targets with ACPI support)
  • pkg-config
  • libssl-dev (openssl)

Optional:

  • doxygen (for generating/viewing documentation)
  • gdb (for better debugging facilities on some targets)
  • ncurses (for make menuconfig and make nconfig)
  • flex and bison (for regenerating parsers)

Building coreboot

Please consult https://www.coreboot.org/Build_HOWTO for details.

Testing coreboot Without Modifying Your Hardware

If you want to test coreboot without any risks before you really decide to use it on your hardware, you can use the QEMU system emulator to run coreboot virtually in QEMU.

Please see https://www.coreboot.org/QEMU for details.

Website and Mailing List

Further details on the project, a FAQ, many HOWTOs, news, development guidelines and more can be found on the coreboot website:

https://www.coreboot.org

You can contact us directly on the coreboot mailing list:

https://www.coreboot.org/Mailinglist

The copyright on coreboot is owned by quite a large number of individual developers and companies. Please check the individual source files for details.

coreboot is licensed under the terms of the GNU General Public License (GPL). Some files are licensed under the "GPL (version 2, or any later version)", and some files are licensed under the "GPL, version 2". For some parts, which were derived from other projects, other (GPL-compatible) licenses may apply. Please check the individual source files for details.

This makes the resulting coreboot images licensed under the GPL, version 2.