Philipp Deppenwiese has submitted this change and it was merged. ( https://review.coreboot.org/c/coreboot/+/29840 ) Change subject: security/vboot: Fix remaining measured boot issues ...................................................................... security/vboot: Fix remaining measured boot issues Makes vboot measured boot mode available for all boards. * Increase Tegra210 and Rockchip3228 SRAM for romstage/verstage. * Add missing files for Intel apollolake and AMD stoneyridge as TPM driver target. Change-Id: I35a85b8f137f28cd9960f2c5ce95f8fa31185b82 Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-on: https://review.coreboot.org/c/29840 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Julius Werner <jwerner@chromium.org> --- M src/soc/amd/stoneyridge/Makefile.inc M src/soc/intel/apollolake/Makefile.inc M src/soc/nvidia/tegra210/include/soc/memlayout.ld M src/soc/rockchip/rk3288/include/soc/memlayout.ld 4 files changed, 14 insertions(+), 12 deletions(-) Approvals: build bot (Jenkins): Verified Werner Zeh: Looks good to me, approved Julius Werner: Looks good to me, approved diff --git a/src/soc/amd/stoneyridge/Makefile.inc b/src/soc/amd/stoneyridge/Makefile.inc index c54b652..a53984e 100644 --- a/src/soc/amd/stoneyridge/Makefile.inc +++ b/src/soc/amd/stoneyridge/Makefile.inc @@ -87,6 +87,7 @@ postcar-y += ramtop.c postcar-y += sb_util.c postcar-y += nb_util.c +postcar-$(CONFIG_VBOOT_MEASURED_BOOT) += i2c.c ramstage-y += BiosCallOuts.c ramstage-y += i2c.c diff --git a/src/soc/intel/apollolake/Makefile.inc b/src/soc/intel/apollolake/Makefile.inc index 6168f86..19ebe7c 100644 --- a/src/soc/intel/apollolake/Makefile.inc +++ b/src/soc/intel/apollolake/Makefile.inc @@ -75,6 +75,7 @@ postcar-$(CONFIG_RESET_ON_INVALID_RAMSTAGE_CACHE) += heci.c postcar-$(CONFIG_RESET_ON_INVALID_RAMSTAGE_CACHE) += reset.c postcar-$(CONFIG_UART_DEBUG) += uart.c +postcar-$(CONFIG_VBOOT_MEASURED_BOOT) += gspi.c verstage-y += car.c verstage-y += i2c.c diff --git a/src/soc/nvidia/tegra210/include/soc/memlayout.ld b/src/soc/nvidia/tegra210/include/soc/memlayout.ld index c1c581b..d807c06 100644 --- a/src/soc/nvidia/tegra210/include/soc/memlayout.ld +++ b/src/soc/nvidia/tegra210/include/soc/memlayout.ld @@ -28,18 +28,18 @@ SECTIONS { SRAM_START(0x40000000) - PRERAM_CBMEM_CONSOLE(0x40000000, 8K) - PRERAM_CBFS_CACHE(0x40002000, 36K) - VBOOT2_WORK(0x4000B000, 12K) + PRERAM_CBMEM_CONSOLE(0x40000000, 4K) + PRERAM_CBFS_CACHE(0x40001000, 36K) + VBOOT2_WORK(0x4000A000, 12K) #if ENV_ARM64 - STACK(0x4000E000, 3K) + STACK(0x4000D000, 3K) #else /* AVP gets a separate stack to avoid any chance of handoff races. */ - STACK(0x4000EC00, 3K) + STACK(0x4000DC00, 3K) #endif - TIMESTAMP(0x4000F800, 2K) - BOOTBLOCK(0x40010000, 28K) - VERSTAGE(0x40017000, 64K) - ROMSTAGE(0x40027000, 100K) + TIMESTAMP(0x4000E800, 2K) + BOOTBLOCK(0x4000F000, 28K) + VERSTAGE(0x40016000, 64K) + ROMSTAGE(0x40026000, 104K) SRAM_END(0x40040000) DRAM_START(0x80000000) diff --git a/src/soc/rockchip/rk3288/include/soc/memlayout.ld b/src/soc/rockchip/rk3288/include/soc/memlayout.ld index fc3758b..6320fad 100644 --- a/src/soc/rockchip/rk3288/include/soc/memlayout.ld +++ b/src/soc/rockchip/rk3288/include/soc/memlayout.ld @@ -31,9 +31,9 @@ SRAM_START(0xFF700000) TTB(0xFF700000, 16K) BOOTBLOCK(0xFF704004, 20K - 4) - PRERAM_CBMEM_CONSOLE(0xFF709000, 3K) - VBOOT2_WORK(0xFF709C00, 12K) - OVERLAP_VERSTAGE_ROMSTAGE(0xFF70CC00, 41K) + PRERAM_CBMEM_CONSOLE(0xFF709000, 2K) + VBOOT2_WORK(0xFF709800, 12K) + OVERLAP_VERSTAGE_ROMSTAGE(0xFF70C800, 42K) PRERAM_CBFS_CACHE(0xFF717000, 1K) TIMESTAMP(0xFF717400, 0x180) STACK(0xFF717580, 3K - 0x180) -- To view, visit https://review.coreboot.org/c/coreboot/+/29840 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I35a85b8f137f28cd9960f2c5ce95f8fa31185b82 Gerrit-Change-Number: 29840 Gerrit-PatchSet: 18 Gerrit-Owner: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Gerrit-Reviewer: Julius Werner <jwerner@chromium.org> Gerrit-Reviewer: Martin Roth <martinroth@google.com> Gerrit-Reviewer: Patrick Georgi <pgeorgi@google.com> Gerrit-Reviewer: Patrick Rudolph <siro@das-labor.org> Gerrit-Reviewer: Paul Menzel <paulepanter@users.sourceforge.net> Gerrit-Reviewer: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Gerrit-Reviewer: Werner Zeh <werner.zeh@siemens.com> Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org> Gerrit-CC: Aaron Durbin <adurbin@chromium.org> Gerrit-MessageType: merged