Hello Patrick Rudolph, Aaron Durbin, dhaval v sharma, Subrata Banik, Patrick Rudolph, Paul Menzel, Duncan Laurie, build bot (Jenkins), Patrick Georgi, Martin Roth, Furquan Shaikh,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/27369
to look at the new patch set (#39).
Change subject: soc/intel/basecode: Add support for updating ucode loaded via FIT ......................................................................
soc/intel/basecode: Add support for updating ucode loaded via FIT
Intel’s FIT (Firmware Interface Table) based MCU (microcode/pcode patch) loading mechanism patches the microcode before CPU reset. In the current Chromebooks field updatable FW has to be first verified by vboot. Since the MCU is loaded before reset vboot cannot verify the same and hence we end up restricting FIT based MCU update only from RO.
This patch implements a scheme which will allow chromebooks to update MCU in the field.
Create 2 bootblocks (use INTEL_ADD_TOP_SWAP_BOOTBLOCK) each containing their own FIT table. First bootblock FIT has pointers to MCUs (in microcode_blob.bin) which resides in RO section. This is will be used in the recovery scenario. Second bootblock (Normal mode) is identical to the first one except the FIT. Insert an additional pointer to a MCU that will reside in a staging area. Use the CONFIG_INTEL_TOP_SWAP_FIT_ENTRY_FMAP_REG config to insert the address of the staging area into FIT.
Top swap control bit in RTC BUC register (0x3414) is used to switch between the two bootblocks.
Reserve a region in the FMAP which is equal to or greater than the MCU size specified in the BWG for a particular SoC (e.g., for Skylake/Kaby Lake it is 192K). This is a RW region just like the RW_MRC_CACHE. MCU from RW-A/RW-B will be copied to this region during boot. Protect this staging area with a FPR.
Basic update flow: In non-recovery mode, Once a slot has been selected and loaded, check if the current slot MCU and RW staging MCU are same. If so, update the staging area with the MCU found in the current slot and reset the system.
Also, make sure that the top is enabled in normal/developer mode and disabled in recovery mode.
In order to enable the update feature: * The mainboard chromeos.fmd should include a new region for staging MCU e.g, RW_UCODE_STAGED. * Select config TOP_SWAP_BASED_VBOOT_UCODE_UPDATE. * Implement a call to check_and_update_ucode() and handle the failure appropriately.
TEST=Create an FW image for soraka and flash, create a chromeos-firmwareupdate shellball with a newer MCU and perform an update. Make sue that the currently loaded microcode version matches the one in firmwareupdate.
Change-Id: Iab6ba36a2eb587f331fe522c778e2c430c8eb655 Signed-off-by: Rizwan Qureshi rizwan.qureshi@intel.com Signed-off-by: dhaval v sharma dhaval.v.sharma@intel.com --- A src/soc/intel/common/basecode/fw_update/Kconfig A src/soc/intel/common/basecode/fw_update/Makefile.inc A src/soc/intel/common/basecode/fw_update/ucode_update.c A src/soc/intel/common/basecode/include/intelbasecode/ucode_update.h 4 files changed, 257 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/69/27369/39