Attention is currently required from: Subrata Banik, Andrey Petrov, Patrick Rudolph.
build bot (Jenkins) has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/59638 )
Change subject: [WIP] src/drivers/intel/fsp2_0: Update GUID for FSP_NON_VOLATILE_STORAGE_HOB2 HOB introduced in FSP 2.3
......................................................................
Patch Set 9:
(2 comments)
File src/drivers/intel/fsp2_0/hand_off_block.c:
Robot Comment from checkpatch (run ID jenkins-coreboot-checkpatch-134695):
https://review.coreboot.org/c/coreboot/+/59638/comment/efbc183e_4ac8fdb6
PS9, Line 325: }
code indent should use tabs where possible
Robot Comment from checkpatch (run ID jenkins-coreboot-checkpatch-134695):
https://review.coreboot.org/c/coreboot/+/59638/comment/3fee4c22_05bac945
PS9, Line 325: }
please, no spaces at the start of a line
--
To view, visit https://review.coreboot.org/c/coreboot/+/59638
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I27647e9ac1a4902256b3f1c34b60e1f0b787a06e
Gerrit-Change-Number: 59638
Gerrit-PatchSet: 9
Gerrit-Owner: Anil Kumar K <anil.kumar.k(a)intel.com>
Gerrit-Reviewer: Andrey Petrov <andrey.petrov(a)gmail.com>
Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org>
Gerrit-Reviewer: Subrata Banik <subrata.banik(a)intel.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org>
Gerrit-CC: Tim Wawrzynczak <twawrzynczak(a)chromium.org>
Gerrit-Attention: Subrata Banik <subrata.banik(a)intel.com>
Gerrit-Attention: Andrey Petrov <andrey.petrov(a)gmail.com>
Gerrit-Attention: Patrick Rudolph <siro(a)das-labor.org>
Gerrit-Comment-Date: Tue, 30 Nov 2021 23:27:09 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment
Attention is currently required from: Christian Walter, Werner Zeh, Yu-Ping Wu.
Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/59682 )
Change subject: cbfs: Remove deprecated APIs
......................................................................
Patch Set 2:
(3 comments)
Commit Message:
https://review.coreboot.org/c/coreboot/+/59682/comment/cc6f004c_95120a40
PS2, Line 10: new
> Sorry I was not following this closely. What is the new API? Providing a CL link would be nice.
I just mean the whole CBFS stack rewrite I've been doing (on and off) for the last two years, replacing the commonlib/cbfs.c code with commonlib/bsd/cbfs_private.c, and replacing all the top-level CBFS APIs with cbfs_load()/cbfs_map() and their variations. Added a few CL links here to clarify.
Patchset:
PS2:
> I did one additional comparison. Same code base but now with TPM_MEASURED_BOOT disabled. […]
Thanks for testing Werner! These results are indeed very strange, and I get the feeling that there might be something fundamentally wrong on your platform that is only exacerbated by subtle changes in behavior here. Loading a payload should probably not take over two seconds, unless it is ridiculously huge... how big is the payload you use? And do you happen to know the SPI bus speed for your platform?
The only guess I have what can cause this is that the tpm_measure_region() code would load data in 1KB chunks onto the stack before hashing, while the new flow here runs the hash algorithm directly on the memory-mapped buffer (ironically, I asked Philipp to do that to make it work on Arm platforms back when he added that code, originally he was also just mapping the whole thing and hashing that directly because he was only testing on x86). My (very limited) understanding of the whole x86 flash-mapping thing is that all of this gets magically cached to the point where the access pattern differences shouldn't matter and the memory-mapped regions can basically be treated like (read-only) RAM. I guess that may not be true on your platform. Is it possible that something (e.g. some MTRR thing) is misconfigured to disable this caching?
Anyway, it should be pretty simple to figure out if this is it: I've uploaded a test CL CB:59767 which just loads the whole payload into RAM before doing anything else with it. Can you try that out and see what difference it makes for your boot times? (If that's not it, could you try narrowing down a bit further where exactly all this time is spent for you? E.g. just sprinkle some timestamp_add_now(1234) with increasing ID numbers throughout the code to see where the big delay comes from.)
File src/security/vboot/Kconfig:
https://review.coreboot.org/c/coreboot/+/59682/comment/93ced10c_3c77abe7
PS2, Line 254: CBFS will look for a file in the RO
: (COREBOOT) region
> This reads a little bit weird to me, as the filesystem doesn't do it by itself. How about […]
Changed to "the CBFS code".
--
To view, visit https://review.coreboot.org/c/coreboot/+/59682
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I1cec0ca2d9d311626a087318d1d78163243bfc3c
Gerrit-Change-Number: 59682
Gerrit-PatchSet: 2
Gerrit-Owner: Julius Werner <jwerner(a)chromium.org>
Gerrit-Reviewer: Christian Walter <christian.walter(a)9elements.com>
Gerrit-Reviewer: Jakub Czapiga <jacz(a)semihalf.com>
Gerrit-Reviewer: Yu-Ping Wu <yupingso(a)google.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org>
Gerrit-CC: Werner Zeh <werner.zeh(a)siemens.com>
Gerrit-Attention: Christian Walter <christian.walter(a)9elements.com>
Gerrit-Attention: Werner Zeh <werner.zeh(a)siemens.com>
Gerrit-Attention: Yu-Ping Wu <yupingso(a)google.com>
Gerrit-Comment-Date: Tue, 30 Nov 2021 23:26:35 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Werner Zeh <werner.zeh(a)siemens.com>
Comment-In-Reply-To: Yu-Ping Wu <yupingso(a)google.com>
Gerrit-MessageType: comment
Attention is currently required from: Christian Walter.
Hello build bot (Jenkins), Jakub Czapiga, Christian Walter, Yu-Ping Wu,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/59682
to look at the new patch set (#3).
Change subject: cbfs: Remove deprecated APIs
......................................................................
cbfs: Remove deprecated APIs
This patch removes all remaining pieces of the old CBFS API, now that
the last straggling use cases of it have been ported to the new one
(meaning cbfs_map()/cbfs_load()/etc... see CB:39304 and CB:38421).
Signed-off-by: Julius Werner <jwerner(a)chromium.org>
Change-Id: I1cec0ca2d9d311626a087318d1d78163243bfc3c
---
M src/commonlib/Makefile.inc
D src/commonlib/cbfs.c
D src/commonlib/include/commonlib/cbfs.h
M src/include/cbfs.h
M src/lib/cbfs.c
M src/security/tpm/tspi/crtm.h
M src/security/vboot/Kconfig
7 files changed, 3 insertions(+), 483 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/82/59682/3
--
To view, visit https://review.coreboot.org/c/coreboot/+/59682
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I1cec0ca2d9d311626a087318d1d78163243bfc3c
Gerrit-Change-Number: 59682
Gerrit-PatchSet: 3
Gerrit-Owner: Julius Werner <jwerner(a)chromium.org>
Gerrit-Reviewer: Christian Walter <christian.walter(a)9elements.com>
Gerrit-Reviewer: Jakub Czapiga <jacz(a)semihalf.com>
Gerrit-Reviewer: Yu-Ping Wu <yupingso(a)google.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org>
Gerrit-CC: Werner Zeh <werner.zeh(a)siemens.com>
Gerrit-Attention: Christian Walter <christian.walter(a)9elements.com>
Gerrit-MessageType: newpatchset
Attention is currently required from: Jakub Czapiga, Christian Walter, Julius Werner, Arthur Heymans, Werner Zeh.
Hello build bot (Jenkins), Raul Rangel, Jakub Czapiga, Christian Walter, Arthur Heymans, Werner Zeh,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/59681
to look at the new patch set (#3).
Change subject: cbfs | tspi: Join hash calculation for verification and measurement
......................................................................
cbfs | tspi: Join hash calculation for verification and measurement
This patch moves the CBFS file measurement when CONFIG_TPM_MEASURED_BOOT
is enabled from the lookup step into the code where a file is actually
loaded or mapped from flash. This has the advantage that CBFS routines
which just look up a file to inspect its metadata (e.g. cbfs_get_size())
do not cause the file to be measured twice. It also removes the existing
inefficiency that files are loaded twice when measurement is enabled
(once to measure and then again when they are used). When CBFS
verification is enabled and uses the same hash algorithm as the TPM, we
are even able to only hash the file a single time and use the result for
both purposes.
Signed-off-by: Julius Werner <jwerner(a)chromium.org>
Change-Id: I70d7066c6768195077f083c7ffdfa30d9182b2b7
---
M src/lib/cbfs.c
M src/security/tpm/tspi.h
M src/security/tpm/tspi/crtm.c
M src/security/tpm/tspi/crtm.h
M src/security/tpm/tspi/tspi.c
5 files changed, 59 insertions(+), 97 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/81/59681/3
--
To view, visit https://review.coreboot.org/c/coreboot/+/59681
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I70d7066c6768195077f083c7ffdfa30d9182b2b7
Gerrit-Change-Number: 59681
Gerrit-PatchSet: 3
Gerrit-Owner: Julius Werner <jwerner(a)chromium.org>
Gerrit-Reviewer: Arthur Heymans <arthur(a)aheymans.xyz>
Gerrit-Reviewer: Christian Walter <christian.walter(a)9elements.com>
Gerrit-Reviewer: Jakub Czapiga <jacz(a)semihalf.com>
Gerrit-Reviewer: Raul Rangel <rrangel(a)chromium.org>
Gerrit-Reviewer: Werner Zeh <werner.zeh(a)siemens.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org>
Gerrit-Attention: Jakub Czapiga <jacz(a)semihalf.com>
Gerrit-Attention: Christian Walter <christian.walter(a)9elements.com>
Gerrit-Attention: Julius Werner <jwerner(a)chromium.org>
Gerrit-Attention: Arthur Heymans <arthur(a)aheymans.xyz>
Gerrit-Attention: Werner Zeh <werner.zeh(a)siemens.com>
Gerrit-MessageType: newpatchset
Attention is currently required from: Maulik V Vaghela, Sugnan Prabhu S, Subrata Banik, Patrick Rudolph.
Tim Wawrzynczak has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/59665 )
Change subject: drivers/intel/usb4/retimer: Add function to correct EC port mapping
......................................................................
Patch Set 6:
(2 comments)
File src/drivers/intel/usb4/retimer/retimer.h:
https://review.coreboot.org/c/coreboot/+/59665/comment/f1a2c2c9_aa75a14b
PS5, Line 42: map_physical_port_to_ec_port
I think keeping `retimer` in the name here is probably a good idea, just for context. I know it's already long... but WDYT about `retimer_get_index_for_type_c(uint8_t typec_port)`;
https://review.coreboot.org/c/coreboot/+/59665/comment/e624124d_a8aea3e5
PS5, Line 42: usb_port
since this really represents the Type-C ports, would naming this `typec_port` be more descriptive?
--
To view, visit https://review.coreboot.org/c/coreboot/+/59665
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ia7a5e63838e6529196bd211516e4d665b084f79e
Gerrit-Change-Number: 59665
Gerrit-PatchSet: 6
Gerrit-Owner: Maulik V Vaghela <maulik.v.vaghela(a)intel.com>
Gerrit-Reviewer: Patrick Rudolph <siro(a)das-labor.org>
Gerrit-Reviewer: Subrata Banik <subrata.banik(a)intel.com>
Gerrit-Reviewer: Sugnan Prabhu S <sugnan.prabhu.s(a)intel.com>
Gerrit-Reviewer: Tim Wawrzynczak <twawrzynczak(a)chromium.org>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-Attention: Maulik V Vaghela <maulik.v.vaghela(a)intel.com>
Gerrit-Attention: Sugnan Prabhu S <sugnan.prabhu.s(a)intel.com>
Gerrit-Attention: Subrata Banik <subrata.banik(a)intel.com>
Gerrit-Attention: Patrick Rudolph <siro(a)das-labor.org>
Gerrit-Comment-Date: Tue, 30 Nov 2021 23:21:44 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment