Attention is currently required from: Felix Singer, Martin L Roth, Angel Pons, Michael Niewöhner.
Tim Wawrzynczak has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/68869 )
Change subject: lint/checkpatch: consider leading + in the line length limit check
......................................................................
Patch Set 1:
(1 comment)
Commit Message:
https://review.coreboot.org/c/coreboot/+/68869/comment/5cfe9324_dc432228
PS1, Line 12: for the is one character longer
is one character shorter than the content? so it needs to be bumped by 1
--
To view, visit https://review.coreboot.org/c/coreboot/+/68869
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I8da45bb0d5fbe7d0e12c8b181cf01e5685186bf6
Gerrit-Change-Number: 68869
Gerrit-PatchSet: 1
Gerrit-Owner: Michael Niewöhner <foss(a)mniewoehner.de>
Gerrit-Reviewer: Angel Pons <th3fanbus(a)gmail.com>
Gerrit-Reviewer: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Reviewer: Martin L Roth <gaumless(a)gmail.com>
Gerrit-Reviewer: Tim Wawrzynczak <inforichland(a)gmail.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-Attention: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Attention: Martin L Roth <gaumless(a)gmail.com>
Gerrit-Attention: Angel Pons <th3fanbus(a)gmail.com>
Gerrit-Attention: Michael Niewöhner <foss(a)mniewoehner.de>
Gerrit-Comment-Date: Wed, 26 Oct 2022 16:02:38 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment
Raul Rangel has submitted this change. ( https://review.coreboot.org/c/coreboot/+/66944 )
(
12 is the latest approved patch-set.
No files were changed between the latest approved patch-set and the submitted one.
)Change subject: soc/amd/mendocino: Reserve more space for metadata
......................................................................
soc/amd/mendocino: Reserve more space for metadata
With CBFS verification enabled, CBFS file header + file name + metadata
consumes more than 64 bytes. Hence reserve additional space aligned to
the next 64 bytes.
BUG=b:227809919
TEST=Build and boot to OS in Skyrim with CBFS verification enabled.
Change-Id: I2b7346e2150835443425179048415f3b27d89d89
Signed-off-by: Karthikeyan Ramasubramanian <kramasub(a)google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66944
Reviewed-by: Arthur Heymans <arthur(a)aheymans.xyz>
Reviewed-by: Raul Rangel <rrangel(a)chromium.org>
Tested-by: build bot (Jenkins) <no-reply(a)coreboot.org>
---
M src/soc/amd/mendocino/Makefile.inc
1 file changed, 23 insertions(+), 2 deletions(-)
Approvals:
build bot (Jenkins): Verified
Arthur Heymans: Looks good to me, but someone else must approve
Raul Rangel: Looks good to me, approved
diff --git a/src/soc/amd/mendocino/Makefile.inc b/src/soc/amd/mendocino/Makefile.inc
index fe283bd..41aeb20 100644
--- a/src/soc/amd/mendocino/Makefile.inc
+++ b/src/soc/amd/mendocino/Makefile.inc
@@ -73,9 +73,9 @@
$(call int-shift-left, \
0x80000 $(CONFIG_AMD_FWM_POSITION_INDEX))) 0x20000 1)
-# 0x40 accounts for the cbfs_file struct + filename + metadata structs, aligned to 64 bytes
+# 0x80 accounts for the cbfs_file struct + filename + metadata structs, aligned to 64 bytes
# Building the cbfs image will fail if the offset isn't large enough
-AMD_FW_AB_POSITION := 0x40
+AMD_FW_AB_POSITION := 0x80
MENDOCINO_FW_A_POSITION=$(call int-add, \
$(shell awk '$$2 == "FMAP_SECTION_FW_MAIN_A_START" {print $$3}' $(obj)/fmap_config.h) \
--
To view, visit https://review.coreboot.org/c/coreboot/+/66944
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I2b7346e2150835443425179048415f3b27d89d89
Gerrit-Change-Number: 66944
Gerrit-PatchSet: 14
Gerrit-Owner: Karthik Ramasubramanian <kramasub(a)google.com>
Gerrit-Reviewer: Arthur Heymans <arthur(a)aheymans.xyz>
Gerrit-Reviewer: Felix Held <felix-coreboot(a)felixheld.de>
Gerrit-Reviewer: Fred Reitberger <reitbergerfred(a)gmail.com>
Gerrit-Reviewer: Jason Glenesk <jason.glenesk(a)gmail.com>
Gerrit-Reviewer: Marshall Dawson <marshalldawson3rd(a)gmail.com>
Gerrit-Reviewer: Matt DeVillier <matt.devillier(a)amd.corp-partner.google.com>
Gerrit-Reviewer: Raul Rangel <rrangel(a)chromium.org>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-CC: Julius Werner <jwerner(a)chromium.org>
Gerrit-MessageType: merged
Raul Rangel has submitted this change. ( https://review.coreboot.org/c/coreboot/+/68135 )
(
9 is the latest approved patch-set.
No files were changed between the latest approved patch-set and the submitted one.
)Change subject: soc/amd: Add an optional unsigned section in PSP verstage
......................................................................
soc/amd: Add an optional unsigned section in PSP verstage
To enable RO CBFS verification in AMD platforms with PSP verstage,
metadata hash for RO CBFS is kept as part of verstage. This means any
updates to RO CBFS, before WP is enabled, requires updating the
metadata hash in the verstage. Hence keep the metadata hash outside the
signed range of PSP verstage. This means the metadata hash gets loaded
as part of loading PSP verstage while still being excluded from the
verification of PSP verstage.
This change keeps the metadata hash outside the PSP footer data. This
will help to keep it outside the signed range of PSP verstage & aligned
to 64 bytes.
BUG=b:227809919
TEST=Build and boot to OS in Skyrim with CBFS verification enabled with
both x86 and PSP verstage.
Change-Id: I308223be8fbca1c0bec8c2e1c86ed65d9f91b966
Signed-off-by: Karthikeyan Ramasubramanian <kramasub(a)google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68135
Reviewed-by: Julius Werner <jwerner(a)chromium.org>
Reviewed-by: Raul Rangel <rrangel(a)chromium.org>
Tested-by: build bot (Jenkins) <no-reply(a)coreboot.org>
---
M src/soc/amd/common/block/cpu/noncar/memlayout_psp_verstage.ld
1 file changed, 38 insertions(+), 2 deletions(-)
Approvals:
build bot (Jenkins): Verified
Julius Werner: Looks good to me, approved
Raul Rangel: Looks good to me, approved
diff --git a/src/soc/amd/common/block/cpu/noncar/memlayout_psp_verstage.ld b/src/soc/amd/common/block/cpu/noncar/memlayout_psp_verstage.ld
index f386823..e0278ab 100644
--- a/src/soc/amd/common/block/cpu/noncar/memlayout_psp_verstage.ld
+++ b/src/soc/amd/common/block/cpu/noncar/memlayout_psp_verstage.ld
@@ -17,8 +17,14 @@
.text : { *(.text*) }
.rodata : { *(.rodata*) }
- .data : { *(.data*) }
- .data : { *(PSP_FOOTER_DATA) }
+ .data : {
+ *(.data*);
+ *(PSP_FOOTER_DATA);
+#if CONFIG(CBFS_VERIFICATION)
+ *(.metadata_hash_anchor);
+ . = ALIGN(64);
+#endif
+ }
_bss_start = .;
.bss : { *(.bss*) }
--
To view, visit https://review.coreboot.org/c/coreboot/+/68135
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I308223be8fbca1c0bec8c2e1c86ed65d9f91b966
Gerrit-Change-Number: 68135
Gerrit-PatchSet: 11
Gerrit-Owner: Karthik Ramasubramanian <kramasub(a)google.com>
Gerrit-Reviewer: Felix Held <felix-coreboot(a)felixheld.de>
Gerrit-Reviewer: Fred Reitberger <reitbergerfred(a)gmail.com>
Gerrit-Reviewer: Jason Glenesk <jason.glenesk(a)gmail.com>
Gerrit-Reviewer: Julius Werner <jwerner(a)chromium.org>
Gerrit-Reviewer: Matt DeVillier <matt.devillier(a)amd.corp-partner.google.com>
Gerrit-Reviewer: Raul Rangel <rrangel(a)chromium.org>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-MessageType: merged
Raul Rangel has submitted this change. ( https://review.coreboot.org/c/coreboot/+/68134 )
(
8 is the latest approved patch-set.
No files were changed between the latest approved patch-set and the submitted one.
)Change subject: lib/metadata_hash: Include metadata_hash in verstage
......................................................................
lib/metadata_hash: Include metadata_hash in verstage
On boards where vboot starts before bootblock, build metadata_hash in
verstage. This will allow to enable CBFS verification for such
platforms.
BUG=b:227809919
TEST=Build and boot to OS in Skyrim with CBFS verification enabled using
x86 verstage and PSP verstage.
Change-Id: I4269069b66ed66c7b1a47fdef2fd0a8054b2e6a1
Signed-off-by: Karthikeyan Ramasubramanian <kramasub(a)google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68134
Reviewed-by: Julius Werner <jwerner(a)chromium.org>
Reviewed-by: Raul Rangel <rrangel(a)chromium.org>
Tested-by: build bot (Jenkins) <no-reply(a)coreboot.org>
---
M src/lib/Makefile.inc
1 file changed, 26 insertions(+), 0 deletions(-)
Approvals:
build bot (Jenkins): Verified
Julius Werner: Looks good to me, approved
Raul Rangel: Looks good to me, approved
diff --git a/src/lib/Makefile.inc b/src/lib/Makefile.inc
index 8cd01ad..1c7bc22 100644
--- a/src/lib/Makefile.inc
+++ b/src/lib/Makefile.inc
@@ -50,7 +50,11 @@
bootblock-y += cbfs.c
bootblock-$(CONFIG_GENERIC_GPIO_LIB) += gpio.c
bootblock-y += libgcc.c
+ifneq ($(CONFIG_VBOOT_STARTS_BEFORE_BOOTBLOCK),y)
bootblock-$(CONFIG_CBFS_VERIFICATION) += metadata_hash.c
+else # ($(CONFIG_VBOOT_STARTS_BEFORE_BOOTBLOCK),y)
+verstage-$(CONFIG_CBFS_VERIFICATION) += metadata_hash.c
+endif # ($(CONFIG_VBOOT_STARTS_BEFORE_BOOTBLOCK),y)
bootblock-$(CONFIG_GENERIC_UDELAY) += timer.c
bootblock-$(CONFIG_COLLECT_TIMESTAMPS) += timestamp.c
--
To view, visit https://review.coreboot.org/c/coreboot/+/68134
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I4269069b66ed66c7b1a47fdef2fd0a8054b2e6a1
Gerrit-Change-Number: 68134
Gerrit-PatchSet: 11
Gerrit-Owner: Karthik Ramasubramanian <kramasub(a)google.com>
Gerrit-Reviewer: Julius Werner <jwerner(a)chromium.org>
Gerrit-Reviewer: Raul Rangel <rrangel(a)chromium.org>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-MessageType: merged