coreboot-gerrit May 2024

coreboot-gerrit@coreboot.org

1 participants
3266 discussions

[XS] Change in coreboot[main]: util/smmstoretool: explain what happens when no store is found
by Sergii Dmytruk (Code Review) 29 May '24

29 May '24

Attention is currently required from: Maciej Pijanowski. Sergii Dmytruk has posted comments on this change by Maciej Pijanowski. ( https://review.coreboot.org/c/coreboot/+/82692?usp=email ) Change subject: util/smmstoretool: explain what happens when no store is found ...................................................................... Patch Set 3: Code-Review+2 (1 comment) File util/smmstoretool/storage.c: https://review.coreboot.org/c/coreboot/+/82692/comment/9eebc377_a2eb5c04?us… : PS2, Line 53: fprintf(stderr, : "Variable store has not been found in the binary and will " : "be initialized now.\nIt is expected if release binary is " : "used, as variable store normally is initialized on the " : "first boot of the platform.\n"); > I'd format the message differently (also somewhat updated it, e.g. "binary" was too generic): […] Done -- To view, visit https://review.coreboot.org/c/coreboot/+/82692?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: Iaa2678f5ae7c243811484c0567ced97ae0b3fc0a Gerrit-Change-Number: 82692 Gerrit-PatchSet: 3 Gerrit-Owner: Maciej Pijanowski <maciej.pijanowski(a)3mdeb.com> Gerrit-Reviewer: Sergii Dmytruk <sergii.dmytruk(a)3mdeb.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-Attention: Maciej Pijanowski <maciej.pijanowski(a)3mdeb.com> Gerrit-Comment-Date: Wed, 29 May 2024 15:58:49 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Comment-In-Reply-To: Sergii Dmytruk <sergii.dmytruk(a)3mdeb.com>

1 0

[M] Change in coreboot[main]: cpu/x86/mp_init: Add code to restart APs
by Paul Menzel (Code Review) 29 May '24

29 May '24

Attention is currently required from: Filip Lewiński, Jérémy Compostella. Paul Menzel has posted comments on this change by Filip Lewiński. ( https://review.coreboot.org/c/coreboot/+/82696?usp=email ) Change subject: cpu/x86/mp_init: Add code to restart APs ...................................................................... Patch Set 2: (1 comment) File src/include/cpu/x86/mp.h: https://review.coreboot.org/c/coreboot/+/82696/comment/157646f9_aa3dc859?us… : PS2, Line 140: ACM , Please remove the space. -- To view, visit https://review.coreboot.org/c/coreboot/+/82696?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: Ief2a7629d3075de29b363d05330e3a76cef48971 Gerrit-Change-Number: 82696 Gerrit-PatchSet: 2 Gerrit-Owner: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Reviewer: Jérémy Compostella <jeremy.compostella(a)intel.com> Gerrit-CC: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Jérémy Compostella <jeremy.compostella(a)intel.com> Gerrit-Attention: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Comment-Date: Wed, 29 May 2024 14:45:57 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No

1 0

[XS] Change in coreboot[main]: security/intel/txt: Restart APs after successful SCHECK
by Paul Menzel (Code Review) 29 May '24

29 May '24

Attention is currently required from: Filip Lewiński, Michał Żygowski. Paul Menzel has posted comments on this change by Filip Lewiński. ( https://review.coreboot.org/c/coreboot/+/82697?usp=email ) Change subject: security/intel/txt: Restart APs after successful SCHECK ...................................................................... Patch Set 1: (2 comments) Commit Message: https://review.coreboot.org/c/coreboot/+/82697/comment/de737ef1_bf50ca20?us… : PS1, Line 8: How can this be tested? File src/security/intel/txt/ramstage.c: https://review.coreboot.org/c/coreboot/+/82697/comment/6990b6a6_f519fc7f?us… : PS1, Line 184: restart_aps(); Log something, because it’ll take some time? -- To view, visit https://review.coreboot.org/c/coreboot/+/82697?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: I8e013b1a75752e4f01cac7c1eb10d0430d48edf6 Gerrit-Change-Number: 82697 Gerrit-PatchSet: 1 Gerrit-Owner: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Reviewer: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Attention: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Comment-Date: Wed, 29 May 2024 14:45:17 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No

1 0

[M] Change in coreboot[main]: cpu/x86/mp_init: Add code to restart APs
by Paul Menzel (Code Review) 29 May '24

29 May '24

Attention is currently required from: Filip Lewiński, Jérémy Compostella. Paul Menzel has posted comments on this change by Filip Lewiński. ( https://review.coreboot.org/c/coreboot/+/82696?usp=email ) Change subject: cpu/x86/mp_init: Add code to restart APs ...................................................................... Patch Set 1: (3 comments) Commit Message: https://review.coreboot.org/c/coreboot/+/82696/comment/41e6374f_ea91979c?us… : PS1, Line 8: Please elaborate, why this is needed. File src/cpu/x86/mp_init.c: https://review.coreboot.org/c/coreboot/+/82696/comment/98b0d0c0_80a9a3bf?us… : PS1, Line 1209: /* Make sure SIPI data hits RAM so the APs that come up will see : * the startup code even if the caches are disabled. */ Please use the recommended multi-line commenting styles [1]. [1]: https://doc.coreboot.org/contributing/coding_style.html#commenting https://review.coreboot.org/c/coreboot/+/82696/comment/5fae32c8_8d43e4ed?us… : PS1, Line 1214: mdelay(1000); That’s quite a long delay. Please add a comment, what demands that. -- To view, visit https://review.coreboot.org/c/coreboot/+/82696?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: Ief2a7629d3075de29b363d05330e3a76cef48971 Gerrit-Change-Number: 82696 Gerrit-PatchSet: 1 Gerrit-Owner: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Reviewer: Jérémy Compostella <jeremy.compostella(a)intel.com> Gerrit-CC: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Jérémy Compostella <jeremy.compostella(a)intel.com> Gerrit-Attention: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Comment-Date: Wed, 29 May 2024 14:44:30 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No

1 0

[XS] Change in coreboot[main]: security/intel/txt: Restart APs after successful SCHECK
by Filip Lewiński (Code Review) 29 May '24

29 May '24

1 0

[M] Change in coreboot[main]: cpu/x86/mp_init: Add code to restart APs
by Filip Lewiński (Code Review) 29 May '24

29 May '24

Attention is currently required from: Michał Żygowski. Hello Michał Żygowski, I'd like you to do a code review. Please visit https://review.coreboot.org/c/coreboot/+/82696?usp=email to review the following change. Change subject: cpu/x86/mp_init: Add code to restart APs ...................................................................... cpu/x86/mp_init: Add code to restart APs Change-Id: Ief2a7629d3075de29b363d05330e3a76cef48971 Signed-off-by: Michał Żygowski <michal.zygowski(a)3mdeb.com> --- M src/cpu/x86/mp_init.c M src/include/cpu/x86/mp.h 2 files changed, 50 insertions(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/96/82696/1 diff --git a/src/cpu/x86/mp_init.c b/src/cpu/x86/mp_init.c index bb51697..750a669 100644 --- a/src/cpu/x86/mp_init.c +++ b/src/cpu/x86/mp_init.c @@ -1177,3 +1177,46 @@ return ret; } + + +/* AP restart code */ + +static struct mp_flight_record ap_restart_steps[] = { + /* Wait for APs to finish then optionally start looking for work. */ + MP_FR_BLOCK_APS(ap_wait_for_instruction, NULL), +}; + +enum cb_err restart_aps(void) +{ + struct mp_params mp_params; + atomic_t *ap_count; + + if (!CONFIG(PARALLEL_MP_AP_WORK)) + return CB_ERR_NOT_IMPLEMENTED; + + mp_params.num_cpus = mp_state.cpu_count; + mp_params.num_records = ARRAY_SIZE(ap_restart_steps); + mp_params.flight_plan = &ap_restart_steps[0]; + + mp_info.num_records = ARRAY_SIZE(ap_restart_steps); + mp_info.records = &ap_restart_steps[0]; + + /* Load the SIPI vector. */ + ap_count = load_sipi_vector(&mp_params); + if (ap_count == NULL) + return CB_ERR; + + /* Make sure SIPI data hits RAM so the APs that come up will see + * the startup code even if the caches are disabled. */ + wbinvd(); + + if (start_aps(NULL, global_num_aps, ap_count) != CB_SUCCESS) { + mdelay(1000); + printk(BIOS_DEBUG, "%d/%d eventually checked in?\n", + atomic_read(ap_count), global_num_aps); + return CB_ERR; + } + + /* Walk the flight plan for the BSP. */ + return bsp_do_flight_plan(&mp_params); +} diff --git a/src/include/cpu/x86/mp.h b/src/include/cpu/x86/mp.h index dd86dce..f80d309 100644 --- a/src/include/cpu/x86/mp.h +++ b/src/include/cpu/x86/mp.h @@ -136,6 +136,13 @@ enum cb_err mp_park_aps(void); /* + * Restart APs after they have been parked. Used by Intel TXT, which requires + * parking APs before running ACM , to restart APs and let coreboot program + * MTRRs on APs. For use only after mp_init. + */ +enum cb_err restart_aps(void); + +/* * SMM helpers to use with initializing CPUs. */ -- To view, visit https://review.coreboot.org/c/coreboot/+/82696?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: newchange Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: Ief2a7629d3075de29b363d05330e3a76cef48971 Gerrit-Change-Number: 82696 Gerrit-PatchSet: 1 Gerrit-Owner: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Reviewer: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Attention: Michał Żygowski <michal.zygowski(a)3mdeb.com>

1 0

[XS] Change in coreboot[main]: security/intel/txt: Handle TPM properly when vboot enabled
by Filip Lewiński (Code Review) 29 May '24

29 May '24

Attention is currently required from: Michał Żygowski. Hello Michał Żygowski, I'd like you to do a code review. Please visit https://review.coreboot.org/c/coreboot/+/82695?usp=email to review the following change. Change subject: security/intel/txt: Handle TPM properly when vboot enabled ...................................................................... security/intel/txt: Handle TPM properly when vboot enabled Change-Id: I19dc3d910c23fcfd8732465c488f47dd86a96781 Signed-off-by: Michał Żygowski <michal.zygowski(a)3mdeb.com> --- M src/security/intel/txt/Kconfig M src/security/tpm/Kconfig 2 files changed, 2 insertions(+), 1 deletion(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/95/82695/1 diff --git a/src/security/intel/txt/Kconfig b/src/security/intel/txt/Kconfig index 637a6a7..69ba95a 100644 --- a/src/security/intel/txt/Kconfig +++ b/src/security/intel/txt/Kconfig @@ -16,6 +16,7 @@ select ENABLE_VMX if CPU_INTEL_COMMON select AP_IN_SIPI_WAIT select TPM_MEASURED_BOOT_INIT_BOOTBLOCK if TPM_MEASURED_BOOT + select TPM_STARTUP_IGNORE_POSTINIT depends on TPM depends on PLATFORM_HAS_DRAM_CLEAR depends on (SOC_INTEL_COMMON_BLOCK_SA || HAVE_CF9_RESET) diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig index ea13fa4..22e37ff 100644 --- a/src/security/tpm/Kconfig +++ b/src/security/tpm/Kconfig @@ -131,7 +131,7 @@ config TPM_MEASURED_BOOT_INIT_BOOTBLOCK bool - depends on TPM_MEASURED_BOOT && !VBOOT + depends on TPM_MEASURED_BOOT help Initialize TPM inside the bootblock instead of ramstage. This is useful with some form of hardware assisted root of trust -- To view, visit https://review.coreboot.org/c/coreboot/+/82695?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: newchange Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: I19dc3d910c23fcfd8732465c488f47dd86a96781 Gerrit-Change-Number: 82695 Gerrit-PatchSet: 1 Gerrit-Owner: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Reviewer: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Attention: Michał Żygowski <michal.zygowski(a)3mdeb.com>

1 0

[S] Change in coreboot[main]: src/security/intel/txt/romstage.c: make romstage init work on SOC_INT...
by Filip Lewiński (Code Review) 29 May '24

29 May '24

Attention is currently required from: Michał Kopeć, Michał Żygowski. Hello Michał Żygowski, Michał Kopeć, I'd like you to do a code review. Please visit https://review.coreboot.org/c/coreboot/+/82694?usp=email to review the following change. Change subject: src/security/intel/txt/romstage.c: make romstage init work on SOC_INTEL platforms ...................................................................... src/security/intel/txt/romstage.c: make romstage init work on SOC_INTEL platforms Change-Id: I892c9eff16d51adc94b75c9ef9f0f1be4f50bada Signed-off-by: Michał Żygowski <michal.zygowski(a)3mdeb.com> Signed-off-by: Michał Kopeć <michal.kopec(a)3mdeb.com> --- M src/security/intel/txt/romstage.c 1 file changed, 14 insertions(+), 2 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/94/82694/1 diff --git a/src/security/intel/txt/romstage.c b/src/security/intel/txt/romstage.c index 643e7a9..c128198 100644 --- a/src/security/intel/txt/romstage.c +++ b/src/security/intel/txt/romstage.c @@ -1,11 +1,19 @@ /* SPDX-License-Identifier: GPL-2.0-only */ +#include <acpi/acpi.h> #include <arch/cpu.h> #include <console/console.h> #include <cpu/intel/common/common.h> #include <cpu/x86/cr.h> #include <device/mmio.h> +#include <cpu/x86/msr.h> +#if CONFIG(SOC_INTEL_COMMON_BLOCK_PMC) +#include <intelblocks/pmclib.h> +#endif +#if CONFIG(SOUTHBRIDGE_INTEL_COMMON_PMBASE) #include <southbridge/intel/common/pmbase.h> +#endif +#include <timer.h> #include <types.h> #include "txt.h" @@ -82,8 +90,12 @@ } /* FIXME: Clear SLP_TYP# */ - write_pmbase32(4, read_pmbase32(4) & ~(0x7 << 10)); - +#if CONFIG(SOC_INTEL_COMMON_BLOCK_PMC) + pmc_disable_pm1_control(SLP_TYP); +#endif +#if CONFIG(SOUTHBRIDGE_INTEL_COMMON_PMBASE) + write_pmbase32(PM1_CNT, read_pmbase32(PM1_CNT) & ~SLP_TYP); +#endif intel_txt_run_sclean(); /* If running the BIOS ACM is impossible, manual intervention is required */ -- To view, visit https://review.coreboot.org/c/coreboot/+/82694?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: newchange Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: I892c9eff16d51adc94b75c9ef9f0f1be4f50bada Gerrit-Change-Number: 82694 Gerrit-PatchSet: 1 Gerrit-Owner: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Reviewer: Michał Kopeć <michal.kopec(a)3mdeb.com> Gerrit-Reviewer: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Attention: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Attention: Michał Kopeć <michal.kopec(a)3mdeb.com>

1 0

[M] Change in coreboot[main]: security/intel/txt: Add missing information and improve logging
by Filip Lewiński (Code Review) 29 May '24

29 May '24

Attention is currently required from: Filip Lewiński. Filip Lewiński has posted comments on this change by Filip Lewiński. ( https://review.coreboot.org/c/coreboot/+/82416?usp=email ) Change subject: security/intel/txt: Add missing information and improve logging ...................................................................... Set Ready For Review -- To view, visit https://review.coreboot.org/c/coreboot/+/82416?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: Ie23db94789751535a6148bd3ed557d1ea868f003 Gerrit-Change-Number: 82416 Gerrit-PatchSet: 2 Gerrit-Owner: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-CC: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Comment-Date: Wed, 29 May 2024 14:04:27 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No

1 0

[S] Change in coreboot[main]: payloads/iPXE: Hook up TRUST_CMD switch
by Filip Lewiński (Code Review) 29 May '24

29 May '24

Attention is currently required from: Felix Singer, Filip Lewiński, Krystian Hebel, Maciej Pijanowski, Martin L Roth, Michał Kopeć, Michał Żygowski, Paul Menzel, Stefan Reinauer. Filip Lewiński has uploaded a new patch set (#12) to the change originally created by Maciej Pijanowski. ( https://review.coreboot.org/c/coreboot/+/79684?usp=email ) The following approvals got outdated and were removed: Verified-1 by build bot (Jenkins) Change subject: payloads/iPXE: Hook up TRUST_CMD switch ...................................................................... payloads/iPXE: Hook up TRUST_CMD switch Change-Id: Ia4f5d4140eeb8625c5ee41e38f048658db28a199 Signed-off-by: Maciej Pijanowski <maciej.pijanowski(a)3mdeb.com> --- M payloads/external/Makefile.mk M payloads/external/iPXE/Kconfig M payloads/external/iPXE/Makefile 3 files changed, 13 insertions(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/84/79684/12 -- To view, visit https://review.coreboot.org/c/coreboot/+/79684?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: newpatchset Gerrit-Project: coreboot Gerrit-Branch: main Gerrit-Change-Id: Ia4f5d4140eeb8625c5ee41e38f048658db28a199 Gerrit-Change-Number: 79684 Gerrit-PatchSet: 12 Gerrit-Owner: Maciej Pijanowski <maciej.pijanowski(a)3mdeb.com> Gerrit-Reviewer: Krystian Hebel <krystian.hebel(a)3mdeb.com> Gerrit-Reviewer: Martin L Roth <gaumless(a)gmail.com> Gerrit-Reviewer: Michał Kopeć <michal.kopec(a)3mdeb.com> Gerrit-Reviewer: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Reviewer: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Reviewer: Stefan Reinauer <stefan.reinauer(a)coreboot.org> Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org> Gerrit-CC: Felix Singer <service+coreboot-gerrit(a)felixsinger.de> Gerrit-CC: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Attention: Felix Singer <service+coreboot-gerrit(a)felixsinger.de> Gerrit-Attention: Maciej Pijanowski <maciej.pijanowski(a)3mdeb.com> Gerrit-Attention: Michał Żygowski <michal.zygowski(a)3mdeb.com> Gerrit-Attention: Martin L Roth <gaumless(a)gmail.com> Gerrit-Attention: Filip Lewiński <filip.lewinski(a)3mdeb.com> Gerrit-Attention: Paul Menzel <paulepanter(a)mailbox.org> Gerrit-Attention: Michał Kopeć <michal.kopec(a)3mdeb.com> Gerrit-Attention: Stefan Reinauer <stefan.reinauer(a)coreboot.org> Gerrit-Attention: Krystian Hebel <krystian.hebel(a)3mdeb.com>

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

coreboot-gerrit May 2024