coreboot-gerrit June 2023

coreboot-gerrit@coreboot.org

1 participants
5387 discussions

[XS] Change in coreboot[master]: soc/intel/common: Make get_ramtop_addr non static
by Pratikkumar V Prajapati (Code Review) 06 Jun '23

06 Jun '23

Pratikkumar V Prajapati has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/75624?usp=email ) Change subject: soc/intel/common: Make get_ramtop_addr non static ...................................................................... soc/intel/common: Make get_ramtop_addr non static Make get_ramtop_addr not static to allow other code to use it. Bug=b:276120526 TEST=Able to build rex Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati(a)intel.com> Change-Id: I8ef8a65b93645f25ca5e887342b18679d65e74b4 --- M src/soc/intel/common/basecode/include/intelbasecode/ramtop.h M src/soc/intel/common/basecode/ramtop/ramtop.c 2 files changed, 4 insertions(+), 1 deletion(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/24/75624/1 diff --git a/src/soc/intel/common/basecode/include/intelbasecode/ramtop.h b/src/soc/intel/common/basecode/include/intelbasecode/ramtop.h index 067dd6b..fa3c8b1 100644 --- a/src/soc/intel/common/basecode/include/intelbasecode/ramtop.h +++ b/src/soc/intel/common/basecode/include/intelbasecode/ramtop.h @@ -11,4 +11,7 @@ /* Update the RAMTOP if required based on the input top_of_ram address */ void update_ramtop(uint32_t addr); +/* Get RAMTOP */ +uint32_t get_ramtop_addr(void); + #endif diff --git a/src/soc/intel/common/basecode/ramtop/ramtop.c b/src/soc/intel/common/basecode/ramtop/ramtop.c index 83af44d..90717e0 100644 --- a/src/soc/intel/common/basecode/ramtop/ramtop.c +++ b/src/soc/intel/common/basecode/ramtop/ramtop.c @@ -104,7 +104,7 @@ printk(BIOS_DEBUG, "Updated the RAMTOP address into CMOS 0x%x\n", ramtop.addr); } -static uint32_t get_ramtop_addr(void) +uint32_t get_ramtop_addr(void) { struct ramtop_table ramtop; -- To view, visit https://review.coreboot.org/c/coreboot/+/75624?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I8ef8a65b93645f25ca5e887342b18679d65e74b4 Gerrit-Change-Number: 75624 Gerrit-PatchSet: 1 Gerrit-Owner: Pratikkumar V Prajapati <pratikkumar.v.prajapati(a)intel.com> Gerrit-MessageType: newchange

1 0

[S] Change in coreboot[master]: vboot: Drop argument to select slot from `vb2ex_ec_protect()`
by Subrata Banik (Code Review) 06 Jun '23

06 Jun '23

Subrata Banik has submitted this change. ( https://review.coreboot.org/c/coreboot/+/75521?usp=email ) Change subject: vboot: Drop argument to select slot from `vb2ex_ec_protect()` ...................................................................... vboot: Drop argument to select slot from `vb2ex_ec_protect()` vboot code changes have eliminated the redundant call to WP the EC-RO region as protecting RW flash implies protecting both RO and RW flash, so the call to protect RO is redundant. google/rex currently takes about 17 ms to lock down the EC. Along with vboot changes, this patch drops argument to choose between RO and RW slot to protect while calling into `vb2ex_ec_protect()`. It ensures vb2ex_ec_protect() is explicitly meant for protecting RW regions. w/o this patch: 517:waiting for EC to allow higher power draw 846,196 (17,297) w/ this patch: 517:waiting for EC to allow higher power draw 838,258 (9,719) Additionally, update vboot submodule to upstream main to avoid the compilation error. Updating from commit id 35f50c3154e5: Fix build error when compiling without -DNDEBUG to commit id 034907b279c9db: vboot_reference: eliminate redundant call to write protect EC-RO Change-Id: I2974f0cb43ba800c2aaeac4876ebaa052b5ee793 Signed-off-by: Subrata Banik <subratabanik(a)google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/75521 Tested-by: build bot (Jenkins) <no-reply(a)coreboot.org> Reviewed-by: Himanshu Sahdev <himanshu.sahdev(a)intel.com> Reviewed-by: Harsha B R <harsha.b.r(a)intel.com> Reviewed-by: Julius Werner <jwerner(a)chromium.org> --- M 3rdparty/vboot M src/security/vboot/ec_sync.c 2 files changed, 5 insertions(+), 8 deletions(-) Approvals: Harsha B R: Looks good to me, approved Himanshu Sahdev: Looks good to me, but someone else must approve Julius Werner: Looks good to me, approved build bot (Jenkins): Verified diff --git a/3rdparty/vboot b/3rdparty/vboot index 35f50c3..034907b 160000 --- a/3rdparty/vboot +++ b/3rdparty/vboot @@ -1 +1 @@ -Subproject commit 35f50c3154e58821cc027bf13be2b949bc4c90f3 +Subproject commit 034907b279c9db1faa7dd5633fa1140436433768 diff --git a/src/security/vboot/ec_sync.c b/src/security/vboot/ec_sync.c index 47a6dbd..ac65dbd 100644 --- a/src/security/vboot/ec_sync.c +++ b/src/security/vboot/ec_sync.c @@ -186,15 +186,12 @@ /* * Asks the EC to protect or unprotect the specified flash region. */ -static vb2_error_t ec_protect_flash(enum vb2_firmware_selection select, int enable) +static vb2_error_t ec_protect_flash(int enable) { struct ec_response_flash_protect resp; uint32_t protected_region = EC_FLASH_PROTECT_ALL_NOW; const uint32_t mask = EC_FLASH_PROTECT_ALL_NOW | EC_FLASH_PROTECT_ALL_AT_BOOT; - if (select == VB_SELECT_FIRMWARE_READONLY) - protected_region = EC_FLASH_PROTECT_RO_NOW; - if (google_chromeec_flash_protect(mask, enable ? mask : 0, &resp) != 0) return VB2_ERROR_UNKNOWN; @@ -331,7 +328,7 @@ size_t image_size; /* Un-protect the flash region */ - rv = ec_protect_flash(select, 0); + rv = ec_protect_flash(0); if (rv != VB2_SUCCESS) return rv; @@ -490,9 +487,9 @@ /* * Vboot callback for EC flash protection. */ -vb2_error_t vb2ex_ec_protect(enum vb2_firmware_selection select) +vb2_error_t vb2ex_ec_protect(void) { - return ec_protect_flash(select, 1); + return ec_protect_flash(1); } /* -- To view, visit https://review.coreboot.org/c/coreboot/+/75521?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I2974f0cb43ba800c2aaeac4876ebaa052b5ee793 Gerrit-Change-Number: 75521 Gerrit-PatchSet: 7 Gerrit-Owner: Subrata Banik <subratabanik(a)google.com> Gerrit-Reviewer: Harsha B R <harsha.b.r(a)intel.com> Gerrit-Reviewer: Himanshu Sahdev <himanshu.sahdev(a)intel.com> Gerrit-Reviewer: Julius Werner <jwerner(a)chromium.org> Gerrit-Reviewer: Subrata Banik <subratabanik(a)google.com> Gerrit-Reviewer: Yu-Ping Wu <yupingso(a)google.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-MessageType: merged

1 0

[L] Change in coreboot[master]: drivers/smm_payload_interface: Add initial support for SMM payload
by Benjamin Doron (Code Review) 06 Jun '23

06 Jun '23

Attention is currently required from: Arthur Heymans, Martin L Roth, Michał Żygowski, Patrick Rudolph, Paul Menzel. Benjamin Doron has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/70378?usp=email ) Change subject: drivers/smm_payload_interface: Add initial support for SMM payload ...................................................................... Patch Set 12: (11 comments) Patchset: PS11: > So much of SMM setup is SoC specific and this code is very EDK2 specific that you might even want to […] I've put some work into making the coreboot code a little more hardware-agnostic - at least ramstage.c for now. I'm experimenting with standalone MM, which we may be able to make do what we want, but I don't think it'll be simpler. It will be less SoC-specific, though lockdown must be performed: maybe the "FINALIZE" SMI works here. One issue is that they have different designs: coreboot reinstalls SMM on S3 resume, EDK2 preserves SMRAM and just relocates CPU SMBASE again. File Documentation/drivers/s3_save_restore.md: https://review.coreboot.org/c/coreboot/+/70378/comment/b0957e5c_31675ee5 : PS8, Line 10: Payload does not know SPI layout : > Is this needed? coreboot tables already expose FMAP so it's just a matter of parsing that for the co […] Right, thanks. Done, though new payload updates not pushed yet, and I may need to update the documentation again... File src/drivers/smm_payload_interface/cbtable.c: https://review.coreboot.org/c/coreboot/+/70378/comment/a8e3681d_8a38d03c : PS11, Line 27: static int lookup_store(struct region_device *rstore) : { : struct region_device read_rdev, write_rdev; : struct incoherent_rdev store_irdev; : struct region fmap_smmstore; : const struct region_device *rdev; : : /* TODO: Don't `struct region` from FMAP's RW `struct region_device`? */ : if (fmap_locate_area("SMMSTORE", &fmap_smmstore) != 0) : return -1; : : if (boot_device_ro_subregion(&fmap_smmstore, &read_rdev) < 0) : return -1; : : if (boot_device_rw_subregion(&fmap_smmstore, &write_rdev) < 0) : return -1; : : rdev = incoherent_rdev_init(&store_irdev, &fmap_smmstore, &read_rdev, &write_rdev); : : if (rdev == NULL) : return -1; : : return rdev_chain(rstore, rdev, 0, region_device_sz(rdev)); : } > This already exists somewhere else? Can you reuse it? Gone, payload parses FMAP (not pushed yet) https://review.coreboot.org/c/coreboot/+/70378/comment/96606b57_f9f52d40 : PS11, Line 114: // FIXME: Consider individual open/close/lock fields : smm_reg->registers[5].register_id = REGISTER_ID_SMRAMC; : smm_reg->registers[5].address_space_id = PLD_EFI_ACPI_3_0_PCI_CONFIGURATION_SPACE; : smm_reg->registers[5].register_bit_width = 8; : smm_reg->registers[5].register_bit_offset = 0; : smm_reg->registers[5].address = PCI_BDF(SA_DEV_ROOT) + SMRAM; > SoC specific. On xeon_sp there is no such thing, let alone on AMD. I do use `#ifdef` for this reason. Though AMD is a bigger question https://review.coreboot.org/c/coreboot/+/70378/comment/455ed6c8_5d293904 : PS11, Line 164: spi_info->spi_address.address_space_id = PLD_EFI_ACPI_3_0_PCI_CONFIGURATION_SPACE; : spi_info->spi_address.register_bit_width = 32; : spi_info->spi_address.register_bit_offset = 0; : spi_info->spi_address.address = CONFIG_ECAM_MMCONF_BASE_ADDRESS | PCI_BDF(PCH_DEV_SPI); > Do you need this? I'd expect the payload to have PCI drivers based VID/DID. […] It does not, it has one set of libraries that consume this data (SPI). Seems that Intel thinks of all this as different IPs, with known register definition differences. File src/drivers/smm_payload_interface/util_common.c: https://review.coreboot.org/c/coreboot/+/70378/comment/0240d896_843a64e9 : PS11, Line 30: smrr_base > smrr is Intel specific. Gone, using a `platform_get_smm_info()` call-out rather than overriding the function File src/include/smm_payload_interface.h: https://review.coreboot.org/c/coreboot/+/70378/comment/27b0699d_0fdd4487 : PS11, Line 14: __packed > Why? Copied from FSP driver code. Seems naturally aligned, will confirm https://review.coreboot.org/c/coreboot/+/70378/comment/9afd096c_e01d54e1 : PS11, Line 27: #pragma > why? Copied from EDK2 header, they usually packs structs. Seems naturally aligned, will confirm https://review.coreboot.org/c/coreboot/+/70378/comment/c2b5989e_11e43ec1 : PS11, Line 55: static __always_inline void write_cr2(CRx_TYPE data) : { : __asm__ __volatile__ ( : "mov %0, %%cr2" : : : : CRx_IN(data) : : COMPILER_BARRIER : ); : } > move to cr. […] Gone https://review.coreboot.org/c/coreboot/+/70378/comment/d8bcb8bf_9a319bcf : PS11, Line 69: bool pld_guid_compare > guid_compare already exists That's in commonlib/fsp_relocate.c, and it's static. Or fsp_guid_compare, in the FSP driver. File src/security/lockdown/Kconfig: https://review.coreboot.org/c/coreboot/+/70378/comment/7ce5c6f0_95bb4328 : PS11, Line 87: BOOTMEDIA_SMM_BWP > How can the payload install something in SMM when it's readonly? […] I'm not sure I understand. Do you mean "install something in SPI when SPI's readonly?" In the standard case, this Kconfig determines performing lockdown (SPI not write-enabled, writes to SPI bios control register trigger SMI), and relocking (write-protect SPI again) inside the SMI handler. In this case, we should still perform lockdown, and make the payload handle relocking SPI. Although: currently, UefiPayload only uses its flag to unlock/lock SPI when it wants to use SPI. It **must. actually. install an SMI handler** to perform relocking on other attempts. -- To view, visit https://review.coreboot.org/c/coreboot/+/70378?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I3dd505a154175b6da8929b1157723de1645ca8fa Gerrit-Change-Number: 70378 Gerrit-PatchSet: 12 Gerrit-Owner: Benjamin Doron <benjamin.doron00(a)gmail.com> Gerrit-Reviewer: Angel Pons <angel.pons(a)9elements.com> Gerrit-Reviewer: Lean Sheng Tan <sheng.tan(a)9elements.com> Gerrit-Reviewer: Martin L Roth <gaumless(a)gmail.com> Gerrit-Reviewer: Patrick Rudolph <patrick.rudolph(a)9elements.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Arthur Heymans <arthur(a)aheymans.xyz> Gerrit-CC: Julius Werner <jwerner(a)chromium.org> Gerrit-CC: Maciej Pijanowski <maciej.pijanowski(a)3mdeb.com> Gerrit-CC: Maximilian Brune <maximilian.brune(a)9elements.com> Gerrit-CC: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-CC: Nico Huber <nico.h(a)gmx.de> Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Attention: Martin L Roth <gaumless(a)gmail.com> Gerrit-Attention: Patrick Rudolph <patrick.rudolph(a)9elements.com> Gerrit-Attention: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Arthur Heymans <arthur(a)aheymans.xyz> Gerrit-Comment-Date: Tue, 06 Jun 2023 01:05:15 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Patrick Rudolph <patrick.rudolph(a)9elements.com> Comment-In-Reply-To: Arthur Heymans <arthur(a)aheymans.xyz> Gerrit-MessageType: comment

1 0

[L] Change in coreboot[master]: soc/intel/meteorlake: Add support for crashlog
by Pratikkumar V Prajapati (Code Review) 06 Jun '23

06 Jun '23

Attention is currently required from: Kane Chen, Kapil Porwal, Paul Menzel, Subrata Banik, Tarun Tuli. Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/74769?usp=email ) Change subject: soc/intel/meteorlake: Add support for crashlog ...................................................................... Patch Set 22: (4 comments) File src/soc/intel/meteorlake/crashlog.c: https://review.coreboot.org/c/coreboot/+/74769/comment/004789f4_29feff6b : PS21, Line 61: /* Program BAR 0 and enable command register memory space decoding */ > before programming the BAR the best practice says, try to disable the MMIO and IO space and then wri […] Done https://review.coreboot.org/c/coreboot/+/74769/comment/f19e6d26_3cec2d04 : PS21, Line 75: BIOS_DEBUG > should be BIOS_ERROR? Done https://review.coreboot.org/c/coreboot/+/74769/comment/2e5b0dce_504c4da0 : PS21, Line 80: BIOS_DEBUG > same? Done https://review.coreboot.org/c/coreboot/+/74769/comment/1f76a62e_8abd656d : PS21, Line 85: BIOS_DEBUG > same? Done -- To view, visit https://review.coreboot.org/c/coreboot/+/74769?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ib0abd697fba35edf1c03d2a3a325b7785b985cd5 Gerrit-Change-Number: 74769 Gerrit-PatchSet: 22 Gerrit-Owner: Pratikkumar V Prajapati <pratikkumar.v.prajapati(a)intel.com> Gerrit-Reviewer: Kane Chen <kane.chen(a)intel.com> Gerrit-Reviewer: Kapil Porwal <kapilporwal(a)google.com> Gerrit-Reviewer: Subrata Banik <subratabanik(a)google.com> Gerrit-Reviewer: Tarun Tuli <taruntuli(a)google.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Kane Chen <kane.chen(a)intel.corp-partner.google.com> Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Tarun Tuli <taruntuli(a)google.com> Gerrit-Attention: Subrata Banik <subratabanik(a)google.com> Gerrit-Attention: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Kapil Porwal <kapilporwal(a)google.com> Gerrit-Attention: Kane Chen <kane.chen(a)intel.com> Gerrit-Comment-Date: Tue, 06 Jun 2023 01:04:30 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Subrata Banik <subratabanik(a)google.com> Gerrit-MessageType: comment

1 0

[L] Change in coreboot[master]: soc/intel/meteorlake: Add support for crashlog
by Pratikkumar V Prajapati (Code Review) 06 Jun '23

06 Jun '23

Attention is currently required from: Kane Chen, Kapil Porwal, Paul Menzel, Pratikkumar V Prajapati, Tarun Tuli. Hello Kane Chen, Kapil Porwal, Subrata Banik, Tarun Tuli, build bot (Jenkins), I'd like you to reexamine a change. Please visit https://review.coreboot.org/c/coreboot/+/74769?usp=email to look at the new patch set (#22). The following approvals got outdated and were removed: Verified+1 by build bot (Jenkins) Change subject: soc/intel/meteorlake: Add support for crashlog ...................................................................... soc/intel/meteorlake: Add support for crashlog Capture crashlog records from CPU PUNIT SRAM, SOC PMC SRAM and, IOE SRAM. Crashlog records for IOE SRAM is discovered by parsing SOC PMC SRAM records. Bug=b:262501347 TEST=Able to trigger Crashlog, BERT table gets generated and decodes as expected. Change-Id: Ib0abd697fba35edf1c03d2a3a325b7785b985cd5 Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati(a)intel.com> --- M src/soc/intel/meteorlake/Makefile.inc A src/soc/intel/meteorlake/crashlog.c A src/soc/intel/meteorlake/include/soc/crashlog.h M src/soc/intel/meteorlake/include/soc/pci_devs.h 4 files changed, 528 insertions(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/69/74769/22 -- To view, visit https://review.coreboot.org/c/coreboot/+/74769?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ib0abd697fba35edf1c03d2a3a325b7785b985cd5 Gerrit-Change-Number: 74769 Gerrit-PatchSet: 22 Gerrit-Owner: Pratikkumar V Prajapati <pratikkumar.v.prajapati(a)intel.com> Gerrit-Reviewer: Kane Chen <kane.chen(a)intel.com> Gerrit-Reviewer: Kapil Porwal <kapilporwal(a)google.com> Gerrit-Reviewer: Subrata Banik <subratabanik(a)google.com> Gerrit-Reviewer: Tarun Tuli <taruntuli(a)google.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Kane Chen <kane.chen(a)intel.corp-partner.google.com> Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Tarun Tuli <taruntuli(a)google.com> Gerrit-Attention: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Kapil Porwal <kapilporwal(a)google.com> Gerrit-Attention: Kane Chen <kane.chen(a)intel.com> Gerrit-Attention: Pratikkumar V Prajapati <pratikkumar.v.prajapati(a)intel.com> Gerrit-MessageType: newpatchset

1 0

[S] Change in coreboot[master]: mb/google/nissa/var/joxer: add lp5x SPDs for Joxer
by Felix Held (Code Review) 06 Jun '23

06 Jun '23

Felix Held has submitted this change. ( https://review.coreboot.org/c/coreboot/+/75610?usp=email ) Change subject: mb/google/nissa/var/joxer: add lp5x SPDs for Joxer ...................................................................... mb/google/nissa/var/joxer: add lp5x SPDs for Joxer Add Makefile.inc to include four LPDDR5x SPDs for the following parts for Joxer: DRAM Part Name ID to assign K3KL6L60GM-MGCT 3 (0011) H58G56BK7BX068 4 (0100) MT62F1G32D2DS-026 WT:B 4 (0100) K3KL8L80CM-MGCT 4 (0100) BUG=b:236576115 TEST=USE="project_joxer emerge-nissa coreboot" Signed-off-by: Mark Hsieh <mark_hsieh(a)wistron.corp-partner.google.com> Change-Id: Ibdc89c882581cfe4e5978faf4c6f70d653e0813d Reviewed-on: https://review.coreboot.org/c/coreboot/+/75610 Reviewed-by: Reka Norman <rekanorman(a)chromium.org> Tested-by: build bot (Jenkins) <no-reply(a)coreboot.org> Reviewed-by: Eric Lai <eric_lai(a)quanta.corp-partner.google.com> --- M src/mainboard/google/brya/variants/joxer/memory/Makefile.inc M src/mainboard/google/brya/variants/joxer/memory/dram_id.generated.txt M src/mainboard/google/brya/variants/joxer/memory/mem_parts_used.txt 3 files changed, 10 insertions(+), 0 deletions(-) Approvals: build bot (Jenkins): Verified Eric Lai: Looks good to me, approved Reka Norman: Looks good to me, approved diff --git a/src/mainboard/google/brya/variants/joxer/memory/Makefile.inc b/src/mainboard/google/brya/variants/joxer/memory/Makefile.inc index c077fc1..e0bd4b8 100644 --- a/src/mainboard/google/brya/variants/joxer/memory/Makefile.inc +++ b/src/mainboard/google/brya/variants/joxer/memory/Makefile.inc @@ -7,3 +7,5 @@ SPD_SOURCES += spd/lp5/set-0/spd-1.hex # ID = 0(0b0000) Parts = MT62F512M32D2DR-031 WT:B, H9JCNNNBK3MLYR-N6E SPD_SOURCES += spd/lp5/set-0/spd-2.hex # ID = 1(0b0001) Parts = MT62F1G32D4DR-031 WT:B SPD_SOURCES += spd/lp5/set-0/spd-3.hex # ID = 2(0b0010) Parts = H58G56AK6BX069, K3LKBKB0BM-MGCP +SPD_SOURCES += spd/lp5/set-0/spd-9.hex # ID = 3(0b0011) Parts = K3KL6L60GM-MGCT +SPD_SOURCES += spd/lp5/set-0/spd-7.hex # ID = 4(0b0100) Parts = H58G56BK7BX068, MT62F1G32D2DS-026 WT:B, K3KL8L80CM-MGCT diff --git a/src/mainboard/google/brya/variants/joxer/memory/dram_id.generated.txt b/src/mainboard/google/brya/variants/joxer/memory/dram_id.generated.txt index 46c72cb..2814eed 100644 --- a/src/mainboard/google/brya/variants/joxer/memory/dram_id.generated.txt +++ b/src/mainboard/google/brya/variants/joxer/memory/dram_id.generated.txt @@ -9,3 +9,7 @@ H9JCNNNBK3MLYR-N6E 0 (0000) H58G56AK6BX069 2 (0010) K3LKBKB0BM-MGCP 2 (0010) +K3KL6L60GM-MGCT 3 (0011) +H58G56BK7BX068 4 (0100) +MT62F1G32D2DS-026 WT:B 4 (0100) +K3KL8L80CM-MGCT 4 (0100) diff --git a/src/mainboard/google/brya/variants/joxer/memory/mem_parts_used.txt b/src/mainboard/google/brya/variants/joxer/memory/mem_parts_used.txt index 2951876..340a298 100644 --- a/src/mainboard/google/brya/variants/joxer/memory/mem_parts_used.txt +++ b/src/mainboard/google/brya/variants/joxer/memory/mem_parts_used.txt @@ -14,3 +14,7 @@ H9JCNNNBK3MLYR-N6E H58G56AK6BX069 K3LKBKB0BM-MGCP +K3KL6L60GM-MGCT +H58G56BK7BX068 +MT62F1G32D2DS-026 WT:B +K3KL8L80CM-MGCT -- To view, visit https://review.coreboot.org/c/coreboot/+/75610?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ibdc89c882581cfe4e5978faf4c6f70d653e0813d Gerrit-Change-Number: 75610 Gerrit-PatchSet: 2 Gerrit-Owner: Mark Hsieh <mark_hsieh(a)wistron.corp-partner.google.com> Gerrit-Reviewer: Eric Lai <eric_lai(a)quanta.corp-partner.google.com> Gerrit-Reviewer: Felix Held <felix-coreboot(a)felixheld.de> Gerrit-Reviewer: Henry Sun <henrysun(a)google.com> Gerrit-Reviewer: Nick Vaccaro <nvaccaro(a)google.com> Gerrit-Reviewer: Reka Norman <rekanorman(a)chromium.org> Gerrit-Reviewer: Shou-Chieh Hsu <shouchieh(a)google.com> Gerrit-Reviewer: Tarun Tuli <taruntuli(a)google.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Anfernee Chen <anfernee_chen(a)wistron.corp-partner.google.com> Gerrit-CC: Casper Chang <casper_chang(a)wistron.corp-partner.google.com> Gerrit-CC: Malik Hsu <malik_hsu(a)wistron.corp-partner.google.com> Gerrit-CC: Scott Chao <scott_chao(a)wistron.corp-partner.google.com> Gerrit-CC: Terry Chen <terry_chen(a)wistron.corp-partner.google.com> Gerrit-CC: Will Tsai <will_tsai(a)wistron.corp-partner.google.com> Gerrit-CC: Zoey Wu <zoey_wu(a)wistron.corp-partner.google.com> Gerrit-MessageType: merged

1 0

[S] Change in coreboot[master]: Docs: Update the 4.19 release notes to match the server version
by Felix Held (Code Review) 06 Jun '23

06 Jun '23

Felix Held has submitted this change. ( https://review.coreboot.org/c/coreboot/+/75639?usp=email ) Change subject: Docs: Update the 4.19 release notes to match the server version ...................................................................... Docs: Update the 4.19 release notes to match the server version The version of the 4.19 release notes on the server was updated with signatures and a note explaining the new tarballs vs the original, corrupted tarballs. That data didn't make it back to the version of the release notes in the documentation. Likewise, the updates in the documentation didn't get pushed to the release directory on the website. The website now has this version of the release notes that combines the two. This patch does the same for the documentation folder. Signed-off-by: Martin Roth <gaumless(a)gmail.com> Change-Id: Ib2563e7fa4b8d82ad4fbb3fd3880ee62a24a8aca Reviewed-on: https://review.coreboot.org/c/coreboot/+/75639 Tested-by: build bot (Jenkins) <no-reply(a)coreboot.org> Reviewed-by: Eric Lai <eric_lai(a)quanta.corp-partner.google.com> Reviewed-by: Felix Singer <service+coreboot-gerrit(a)felixsinger.de> --- M Documentation/releases/coreboot-4.19-relnotes.md 1 file changed, 21 insertions(+), 0 deletions(-) Approvals: build bot (Jenkins): Verified Eric Lai: Looks good to me, approved Felix Singer: Looks good to me, approved diff --git a/Documentation/releases/coreboot-4.19-relnotes.md b/Documentation/releases/coreboot-4.19-relnotes.md index 0925464..f0ef10d 100644 --- a/Documentation/releases/coreboot-4.19-relnotes.md +++ b/Documentation/releases/coreboot-4.19-relnotes.md @@ -15,6 +15,10 @@ codebase. Thank you very much to everyone who has contributed, both in this release and in previous times. +Note that the first set of tarballs posted for the 4.19 release had +bad timestamps. This has been fixed. Hashes for all tarballs are at +the bottom of this document. + The 4.20 release is planned for the 20th of April, 2023. @@ -244,3 +248,20 @@ | 327 | OperationRegion (OPRG, SystemMemory, ASLS, 0x2000) causes BSOD | +-----+-----------------------------------------------------------------+ ``` + +Hashes for tarballs & signatures +-------------------------------- + +Old tarballs: + +- a1f9ec1252a3cc19f0b4ba1a2b9d66ea9327499cbeecebd85377db7d5c68555d coreboot-4.19.tar.xz +- 6ceaa39429a2094d75e4c8a94615ae60664ddad7b4115570b65b9bb516cbd96d coreboot-4.19.tar.xz.sig +- 881a3477221d1b77e161759344df14eccda115086af3ef54e66485ae0eb2e5d9 coreboot-blobs-4.19.tar.xz +- 16f4f1f7acc6203ce915ffea64edce8512bd9eb9e94e65db22a0cb5282a6e157 coreboot-blobs-4.19.tar.xz.sig + +New tarballs: + +- 65ccb2f46535b996e0066a1b76f81c8cf1ff3e27df84b3f97d8ad7b3e7cf0a43 coreboot-4.19.tar.xz +- d3c52a209b8ccb49049960318f04f158dd47db52ebe6019d6a3dffe3196d9cbe coreboot-4.19.tar.xz.sig +- 30214caed07b25f11e47bec022ff6234841376e36689eb674de2330a3e980cbc coreboot-blobs-4.19.tar.xz +- 023d511d074703beab98c237c3e964dc7c598af86d5a0e2091195c68980b6c5d coreboot-blobs-4.19.tar.xz.sig -- To view, visit https://review.coreboot.org/c/coreboot/+/75639?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ib2563e7fa4b8d82ad4fbb3fd3880ee62a24a8aca Gerrit-Change-Number: 75639 Gerrit-PatchSet: 2 Gerrit-Owner: Martin L Roth <gaumless(a)gmail.com> Gerrit-Reviewer: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Eric Lai <eric_lai(a)quanta.corp-partner.google.com> Gerrit-Reviewer: Felix Held <felix-coreboot(a)felixheld.de> Gerrit-Reviewer: Felix Singer <service+coreboot-gerrit(a)felixsinger.de> Gerrit-Reviewer: Jason Glenesk <jason.glenesk(a)gmail.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-MessageType: merged

1 0

[M] Change in coreboot[master]: cpu/x86: Support SMBASE relocation-only use-case
by Benjamin Doron (Code Review) 06 Jun '23

06 Jun '23

Attention is currently required from: Angel Pons, Dinesh Gehlot, Felix Held, Fred Reitberger, Jason Glenesk, Kapil Porwal, Matt DeVillier, Maulik Vaghela, Raul Rangel, Ron Minnich, Subrata Banik, Tarun Tuli. Benjamin Doron has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/70376?usp=email ) Change subject: cpu/x86: Support SMBASE relocation-only use-case ...................................................................... Patch Set 5: (2 comments) Commit Message: https://review.coreboot.org/c/coreboot/+/70376/comment/78435653_efbd62ef : PS4, Line 9: NO_SMM > I think so too. […] Done File src/cpu/x86/smm/smm_module_loader.c: https://review.coreboot.org/c/coreboot/+/70376/comment/f408de47_6c31ccf6 : PS4, Line 138: #if !CONFIG(X86_SMM_CALL_RELOCATION_HANDLER_ONLY) : u32 smm_get_cpu_smbase(unsigned int cpu_num) : { : if (cpu_num < CONFIG_MAX_CPUS) { : if (cpus[cpu_num].active) : return cpus[cpu_num].smbase; : } : return 0; : } : #endif > It would be good to state in a comment that this function would otherwise be defined by platform cod […] Done -- To view, visit https://review.coreboot.org/c/coreboot/+/70376?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Iec96bab19cdcf80622756f02a3dae49b42036c8d Gerrit-Change-Number: 70376 Gerrit-PatchSet: 5 Gerrit-Owner: Benjamin Doron <benjamin.doron00(a)gmail.com> Gerrit-Reviewer: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Reviewer: Dinesh Gehlot <digehlot(a)google.com> Gerrit-Reviewer: Felix Held <felix-coreboot(a)felixheld.de> Gerrit-Reviewer: Fred Reitberger <reitbergerfred(a)gmail.com> Gerrit-Reviewer: Jason Glenesk <jason.glenesk(a)gmail.com> Gerrit-Reviewer: Kapil Porwal <kapilporwal(a)google.com> Gerrit-Reviewer: Matt DeVillier <matt.devillier(a)amd.corp-partner.google.com> Gerrit-Reviewer: Maulik Vaghela <maulikvaghela(a)google.com> Gerrit-Reviewer: Raul Rangel <rrangel(a)chromium.org> Gerrit-Reviewer: Subrata Banik <subratabanik(a)google.com> Gerrit-Reviewer: Tarun Tuli <taruntuli(a)google.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Lean Sheng Tan <sheng.tan(a)9elements.com> Gerrit-CC: Matt DeVillier <matt.devillier(a)gmail.com> Gerrit-CC: Ron Minnich <rminnich(a)gmail.com> Gerrit-Attention: Jason Glenesk <jason.glenesk(a)gmail.com> Gerrit-Attention: Raul Rangel <rrangel(a)chromium.org> Gerrit-Attention: Tarun Tuli <taruntuli(a)google.com> Gerrit-Attention: Subrata Banik <subratabanik(a)google.com> Gerrit-Attention: Matt DeVillier <matt.devillier(a)amd.corp-partner.google.com> Gerrit-Attention: Maulik Vaghela <maulikvaghela(a)google.com> Gerrit-Attention: Dinesh Gehlot <digehlot(a)google.com> Gerrit-Attention: Kapil Porwal <kapilporwal(a)google.com> Gerrit-Attention: Angel Pons <th3fanbus(a)gmail.com> Gerrit-Attention: Fred Reitberger <reitbergerfred(a)gmail.com> Gerrit-Attention: Ron Minnich <rminnich(a)gmail.com> Gerrit-Attention: Felix Held <felix-coreboot(a)felixheld.de> Gerrit-Comment-Date: Tue, 06 Jun 2023 00:22:45 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Benjamin Doron <benjamin.doron00(a)gmail.com> Comment-In-Reply-To: Angel Pons <th3fanbus(a)gmail.com> Gerrit-MessageType: comment

1 0

[XS] Change in coreboot[master]: libpayload/drivers/usb/xhci.c: Check for NULL in xhci_init
by Karthik Ramasubramanian (Code Review) 06 Jun '23

06 Jun '23

Attention is currently required from: Felix Held, Fred Reitberger. Karthik Ramasubramanian has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/75645?usp=email ) Change subject: libpayload/drivers/usb/xhci.c: Check for NULL in xhci_init ...................................................................... Patch Set 1: Code-Review+2 (1 comment) File payloads/libpayload/drivers/usb/xhci.c: https://review.coreboot.org/c/coreboot/+/75645/comment/7cc9b9ce_dcb14f8e : PS1, Line 158: if (!physical_bar) : goto _exit_xhci; > I think the exception happens while trying to initialize the USB ports under XHCI_1 controller which […] That is the case. The concerned XHCI controller is disabled and hence no resources are allocated for it. -- To view, visit https://review.coreboot.org/c/coreboot/+/75645?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I05c32612606793adcba3f4a5724092387a215d41 Gerrit-Change-Number: 75645 Gerrit-PatchSet: 1 Gerrit-Owner: Fred Reitberger <reitbergerfred(a)gmail.com> Gerrit-Reviewer: Felix Held <felix-coreboot(a)felixheld.de> Gerrit-Reviewer: Jon Murphy <jpmurphy(a)google.com> Gerrit-Reviewer: Karthik Ramasubramanian <kramasub(a)google.com> Gerrit-Reviewer: Martin L Roth <gaumless(a)gmail.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-Attention: Fred Reitberger <reitbergerfred(a)gmail.com> Gerrit-Attention: Felix Held <felix-coreboot(a)felixheld.de> Gerrit-Comment-Date: Tue, 06 Jun 2023 00:19:49 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Comment-In-Reply-To: Karthik Ramasubramanian <kramasub(a)google.com> Gerrit-MessageType: comment

1 0

[L] Change in coreboot[master]: drivers/smm_payload_interface: Add initial support for SMM payload
by Benjamin Doron (Code Review) 06 Jun '23

06 Jun '23

Attention is currently required from: Benjamin Doron, Martin L Roth, Michał Żygowski, Paul Menzel. Hello Angel Pons, Lean Sheng Tan, Martin L Roth, Patrick Rudolph, build bot (Jenkins), I'd like you to reexamine a change. Please visit https://review.coreboot.org/c/coreboot/+/70378?usp=email to look at the new patch set (#12). The following approvals got outdated and were removed: Verified+1 by build bot (Jenkins) Change subject: drivers/smm_payload_interface: Add initial support for SMM payload ...................................................................... drivers/smm_payload_interface: Add initial support for SMM payload UEFI Secure Boot is a security feature that protects the chain-of-trust. With proper implementation and configuration, it ensures that the user's bootloader and OS start as desired, without malicious modification. The protection of key variables is critical to Secure Boot, so, note that the UEFI variable protocol provides the Variable Policy to restrict write permissions, and variables have an `Attributes` field, enabling protections such as hiding at runtime or "authenticating" write requests. Presently, coreboot's UefiPayload can support the Authenticated Variables required by Secure Boot using SMMSTORE. Simply use this GUID signature on the variable store to advertise support. However, this does not offer the expected guarantees: Usually, when `gRT->SetVariable()` is called, SMM is entered via EDK2 "SMM communication" for VariableSmm to perform verification of the write request, then write SPI flash. However, the SMMSTORE SMI handler can be initiated manually (outside of the `gRT->SetVariable()` -> FaultTolerantWrite protocol -> FirmwareVolumeBlock protocol == SMMSTORE). In this case, the variable driver cannot verify a write request is permitted. In addition, the variable driver - in this case, VariableRuntimeDxe - will be vulnerable to malicious patching. Therefore, a more integrated solution is required for Secure Boot. The solution here is to initialise SMM in EDK2, following UefiPayload work for slimbootloader. This approach has several challenges, to be resolved as below: - coreboot provides register definitions in CBMEM to avoid silicon-dependence in payload. - Payloads are not on the S3 resume path. While TSEG is preserved, coreboot must perform SMM relocate and trigger a payload SMI, which will lock SMM using the SMRRs. These are privileged MSRs. A minimal 4K communication region is shared with the payload, located in SMRAM. CPU-specific SMBASEs are stored here, to be provided to common code for relocation, as well as the payload's SMI number to trigger for final SMM lockdown. TEST= Successful with UefiPayload patches, tested on ADLRVP. - Cold boot: Verify that payload initialises SMM and writes variables. - S3 resume: Verify that SMI succeeds with debug log output. Change-Id: I3dd505a154175b6da8929b1157723de1645ca8fa Signed-off-by: Benjamin Doron <benjamin.doron(a)9elements.com> --- A Documentation/drivers/smm_payload_interface.md M Makefile.inc M src/Kconfig M src/commonlib/include/commonlib/coreboot_tables.h A src/drivers/smm_payload_interface/Kconfig A src/drivers/smm_payload_interface/Makefile.inc A src/drivers/smm_payload_interface/cbtable.c A src/drivers/smm_payload_interface/ramstage.c A src/drivers/smm_payload_interface/util.c A src/drivers/smm_payload_interface/util_common.c A src/drivers/smm_payload_interface/util_hob.c A src/include/smm_payload_interface.h M src/lib/coreboot_table.c M src/security/lockdown/Kconfig 14 files changed, 649 insertions(+), 4 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/78/70378/12 -- To view, visit https://review.coreboot.org/c/coreboot/+/70378?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I3dd505a154175b6da8929b1157723de1645ca8fa Gerrit-Change-Number: 70378 Gerrit-PatchSet: 12 Gerrit-Owner: Benjamin Doron <benjamin.doron00(a)gmail.com> Gerrit-Reviewer: Angel Pons <angel.pons(a)9elements.com> Gerrit-Reviewer: Lean Sheng Tan <sheng.tan(a)9elements.com> Gerrit-Reviewer: Martin L Roth <gaumless(a)gmail.com> Gerrit-Reviewer: Patrick Rudolph <patrick.rudolph(a)9elements.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Arthur Heymans <arthur(a)aheymans.xyz> Gerrit-CC: Julius Werner <jwerner(a)chromium.org> Gerrit-CC: Maciej Pijanowski <maciej.pijanowski(a)3mdeb.com> Gerrit-CC: Maximilian Brune <maximilian.brune(a)9elements.com> Gerrit-CC: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-CC: Nico Huber <nico.h(a)gmx.de> Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Attention: Martin L Roth <gaumless(a)gmail.com> Gerrit-Attention: Benjamin Doron <benjamin.doron00(a)gmail.com> Gerrit-Attention: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-MessageType: newpatchset

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

coreboot-gerrit June 2023