Change in coreboot[master]: configs: Add TXT-enabled config for Asrock B85M Pro4

List overview All Threads
Download

newer

older

Change in coreboot[master]:...

Change in coreboot[master]: Revert...

Angel Pons (Code Review)

16 Oct 2020 16 Oct '20

9:16 p.m.

Angel Pons has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

configs: Add TXT-enabled config for Asrock B85M Pro4

This config selects the necessary options to enable Intel TXT on the Asrock B85M Pro4, and allows the code to be build-tested. Note that the current TXT code will not work, as it was written for Broadwell-DE. Subsequent commits will adapt the code as necessary to work on Haswell.

Compatible BIOS and SINIT ACMs can be retrieved from a firmware update for the Supermicro X10SLH. As they are not in the blobs repository, use the STM binary as a placeholder so as to allow build-testing the code.

Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Signed-off-by: Angel Pons th3fanbus@gmail.com --- A configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms 1 file changed, 10 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/89/46489/1

diff --git a/configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms b/configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms new file mode 100644 index 0000000..856701f --- /dev/null +++ b/configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms @@ -0,0 +1,10 @@ +# Known-working configuration to boot with TXT enabled. Since BIOS +# and SINIT ACM blobs are missing, use something else as placeholder. +# Used ACMs were extracted from a Supermicro X10SLH firmware update. +CONFIG_VENDOR_ASROCK=y +CONFIG_BOARD_ASROCK_B85M_PRO4=y +CONFIG_USER_TPM2=y +CONFIG_INTEL_TXT=y +CONFIG_INTEL_TXT_BIOSACM_FILE="3rdparty/blobs/cpu/intel/stm/stm.bin" +CONFIG_INTEL_TXT_SINITACM_FILE="3rdparty/blobs/cpu/intel/stm/stm.bin" +CONFIG_INTEL_TXT_LOGGING=y

Attachments:

attachment.htm (text/html — 3.5 KB)

Show replies by date

Arthur Heymans (Code Review)

16 Oct 16 Oct

9:23 p.m.

Arthur Heymans has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

Patch Set 1:

(1 comment)

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... File configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms:

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... PS1, Line 8: CONFIG_INTEL_TXT_BIOSACM_FILE="3rdparty/blobs/cpu/intel/stm/stm.bin" I suppose this hangs when calling $(IFITTOOL) at the end? Maybe the build should not fail there to allow buildtesting in gerrit without providing the actual binaries?

Angel Pons (Code Review)

11:58 p.m.

Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

Patch Set 1:

(1 comment)

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... File configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms:

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... PS1, Line 8: CONFIG_INTEL_TXT_BIOSACM_FILE="3rdparty/blobs/cpu/intel/stm/stm.bin"

...

I suppose this hangs when calling $(IFITTOOL) at the end? Maybe the build should not fail there to a […]

It doesn't seem to; at least Jenkins is happy about it: https://qa.coreboot.org/job/coreboot-gerrit/146160/testReport/(root)/board/A...

I guess it took longer than other builds because of a cold ccache. There's a "Librem 15 v4 with TXT" config which only took 20 seconds (17 seconds for the default board config).

-- To view, visit https://review.coreboot.org/c/coreboot/+/46489 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Gerrit-Change-Number: 46489 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Comment-Date: Fri, 16 Oct 2020 12:58:31 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Arthur Heymans arthur@aheymans.xyz Gerrit-MessageType: comment

Patrick Rudolph (Code Review)

17 Oct 17 Oct

1:02 a.m.

Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

Patch Set 1:

(1 comment)

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... File configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms:

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... PS1, Line 8: CONFIG_INTEL_TXT_BIOSACM_FILE="3rdparty/blobs/cpu/intel/stm/stm.bin"

...

It doesn't seem to; at least Jenkins is happy about it: https://qa.coreboot. […]

Can we add a fake ACM? Something that has the correct header but no payload?

-- To view, visit https://review.coreboot.org/c/coreboot/+/46489 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Gerrit-Change-Number: 46489 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Patrick Rudolph siro@das-labor.org Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Comment-Date: Fri, 16 Oct 2020 14:02:11 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Angel Pons th3fanbus@gmail.com Comment-In-Reply-To: Arthur Heymans arthur@aheymans.xyz Gerrit-MessageType: comment

Paul Menzel (Code Review)

1:19 a.m.

Paul Menzel has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

Patch Set 1: Code-Review+1

-- To view, visit https://review.coreboot.org/c/coreboot/+/46489 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Gerrit-Change-Number: 46489 Gerrit-PatchSet: 1 Gerrit-Owner: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Patrick Rudolph siro@das-labor.org Gerrit-Comment-Date: Fri, 16 Oct 2020 14:19:18 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

Angel Pons (Code Review)

20 Oct 20 Oct

10:27 p.m.

Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

Patch Set 2:

(1 comment)

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... File configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms:

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... PS1, Line 8: CONFIG_INTEL_TXT_BIOSACM_FILE="3rdparty/blobs/cpu/intel/stm/stm.bin"

...

Can we add a fake ACM? Something that has the correct header but no payload?

I'd rather add a proper ACM, but I don't think it's easy because of licenses.

Can we take care of that later on, please? I'd like to get this change in to get the Haswell TXT code build-tested.

-- To view, visit https://review.coreboot.org/c/coreboot/+/46489 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Gerrit-Change-Number: 46489 Gerrit-PatchSet: 2 Gerrit-Owner: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Patrick Rudolph siro@das-labor.org Gerrit-Comment-Date: Tue, 20 Oct 2020 11:27:02 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Angel Pons th3fanbus@gmail.com Comment-In-Reply-To: Arthur Heymans arthur@aheymans.xyz Comment-In-Reply-To: Patrick Rudolph siro@das-labor.org Gerrit-MessageType: comment

Arthur Heymans (Code Review)

21 Oct 21 Oct

11:46 p.m.

Arthur Heymans has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

Patch Set 2: Code-Review+2

-- To view, visit https://review.coreboot.org/c/coreboot/+/46489 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Gerrit-Change-Number: 46489 Gerrit-PatchSet: 2 Gerrit-Owner: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Patrick Rudolph siro@das-labor.org Gerrit-Comment-Date: Wed, 21 Oct 2020 12:46:43 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

Arthur Heymans (Code Review)

11:47 p.m.

Arthur Heymans has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

Patch Set 2:

(1 comment)

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... File configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms:

https://review.coreboot.org/c/coreboot/+/46489/1/configs/config.asrock_b85m_... PS1, Line 8: CONFIG_INTEL_TXT_BIOSACM_FILE="3rdparty/blobs/cpu/intel/stm/stm.bin"

...

I'd rather add a proper ACM, but I don't think it's easy because of licenses.

Can we take care of that later on, please? I'd like to get this change in to get the Haswell TXT code build-tested.

LGTM

-- To view, visit https://review.coreboot.org/c/coreboot/+/46489 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Gerrit-Change-Number: 46489 Gerrit-PatchSet: 2 Gerrit-Owner: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Patrick Rudolph siro@das-labor.org Gerrit-Comment-Date: Wed, 21 Oct 2020 12:47:05 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Angel Pons th3fanbus@gmail.com Comment-In-Reply-To: Arthur Heymans arthur@aheymans.xyz Comment-In-Reply-To: Patrick Rudolph siro@das-labor.org Gerrit-MessageType: comment

Angel Pons (Code Review)

23 Oct 23 Oct

6:59 a.m.

Angel Pons has submitted this change. ( https://review.coreboot.org/c/coreboot/+/46489 )

Change subject: configs: Add TXT-enabled config for Asrock B85M Pro4 ......................................................................

configs: Add TXT-enabled config for Asrock B85M Pro4

Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Signed-off-by: Angel Pons th3fanbus@gmail.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/46489 Reviewed-by: Arthur Heymans arthur@aheymans.xyz Reviewed-by: Paul Menzel paulepanter@users.sourceforge.net Tested-by: build bot (Jenkins) no-reply@coreboot.org --- A configs/config.asrock_b85m_pro4.tpm2_txt_placeholder_acms 1 file changed, 10 insertions(+), 0 deletions(-)

Approvals: build bot (Jenkins): Verified Paul Menzel: Looks good to me, but someone else must approve Arthur Heymans: Looks good to me, approved

-- To view, visit https://review.coreboot.org/c/coreboot/+/46489 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ibf8db5fdfac5b527520023277c6370f6efa71717 Gerrit-Change-Number: 46489 Gerrit-PatchSet: 4 Gerrit-Owner: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Patrick Rudolph siro@das-labor.org Gerrit-MessageType: merged

1447

days inactive

1453

days old

coreboot-gerrit@coreboot.org

8 comments

4 participants

tags (0)

participants (4)

Angel Pons (Code Review)
Arthur Heymans (Code Review)
Patrick Rudolph (Code Review)
Paul Menzel (Code Review)