This patch implements `soc_is_ish_partition_enabled()` override to
uniquely identify the SKU type between ISH and non-ISH to conclude
if ISH partition is enabled and need to retrieve the ISH version from
CSE FPT by sending a HECI command.
BUG=b:285405031
TEST=Able to uniquely identify the ISH SKUs while booting
to google/rex_ec_ish to dump the ISH version.
Change-Id: I48358ad9e2e582e8b2274cbf4655de01f8792e6c
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77177
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Reviewed-by: Dinesh Gehlot <digehlot@google.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch uses the CSE firmware specific data to store Intel
ISH firmware related information. Sending an ISH partition version
information command on every boot cycle would impact the overall boot
performance.
This information is used by the auto-test framework to ensure the ISH
firmware update is proper for in-field devices.
BUG=b:285405031
TEST=Able to build and boot google/rex. Verified ISH FW version is
getting displayed across warm resets without impacting the boot time.
Change-Id: I0242c26dd90d834815799f54740d8147ff9d45b7
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77176
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This patch selects SOC_INTEL_STORE_CSE_FW_VERSION config by default
for CSE LITE SKU. It helps to dump the CSE RW firmware version which
further consumed by auto-test infrastructure to ensure CSE RW firmware
update is successful.
BUG=b:285405031
TEST=Able to build and boot google/rex.
Verified CSE RW FW version (for LITE SKU) is getting displayed without
impacting the boot time.
Change-Id: Iba5903c73c0a45b01e6473714e0d5f759c061825
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77175
Reviewed-by: Dinesh Gehlot <digehlot@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
This patch introduces a CSE firmware specific data in order
to store Intel CSE and associated firmware related information which
requires a sync between Pre-RAM and Post-RAM phase.
This information will be used further to retrieve currently running
CSE RW firmware instead of fetching the version information by sending
a HECI cmd (which consumes 7ms-15ms depending upon the CSE operational
state).
Current implementation attempts to simply the CSE RW FW version store
and retrieval operations as below
* CSE sync in romstage (aka Pre-RAM) - Relying on .bss segment to store
the CSE info data in absence of real physical memory and sync back into
the CBMEM once available (after FSP-M exits).
* CSE sync in ramstage (aka Post-RAM) - Directly stored the CSE RW
version into the CBMEM (as CBMEM is online).
BUG=b:285405031
TEST=Able to build and boot google/rex. Verified CSE RW FW version
(for LITE SKU) is getting displayed without impacting the boot time.
w/o this patch:
10:start of ramstage 722,257 (43)
17:starting LZ4 decompress (ignore for x86) 723,777 (1,520)
w/ this patch:
10:start of ramstage 722,257 (43)
17:starting LZ4 decompress (ignore for x86) 723,777 (1,520)
Change-Id: Ia873af512851a682cf1fac0e128d842562a316ab
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77174
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
This UPD does exist for Alder Lake, so set it there also.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: If2f405804ab675aaf6dbf8b12d149566055b9eef
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77125
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
This patch adds the ability to show a pre-boot splash screen on
Meteor Lake systems using FSP-S.
The patch calls into `fsp_convert_bmp_to_gop_blt()` when the
`BMP_LOGO` config is enabled. This function converts a BMP
file to a BLT buffer, which is then used by FSP-S to render the splash
screen.
Additionally, increase the heap size (malloc'able size) upto 512KB
(when BMP_LOGO config is enabled) to accommodate high
resolution logo file.
BUG=b:284799726
TEST=Able to see splash screen while booting google/marasov
with BMP_LOGO config enable.
Signed-off-by: Subrata Banik <subratabanik@google.com>
Change-Id: I9f4d1bc0aa991e784624ca19ba96a259ab8ddfa6
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77233
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
This patch selects LZ4 decompression for logo CBFS file. Able to save
2ms of the boot time when HAVE_FSP_LOGO_SUPPORT config is enabled.
However, the compressed BMP logo size is increased by ~2KB.
Raw BMP Image size is ~97KB.
BUG=b:284799726
TEST=Able to see pre-boot splash screen while booting google/rex
with 32MB (W25Q256JWEIM) SPI-Flash.
w/o this patch:
sudo cbfstool image-screebo4es.bin print -r FW_MAIN_A
FMAP REGION: FW_MAIN_A
Name Offset Type Size Comp
...
...
logo.bmp 0x167480 raw 6172 LZMA (97078 decompressed)
...
15:starting LZMA decompress (ignore for x86) 849,090 (1,022)
16:finished LZMA decompress (ignore for x86) 851,207 (2,116)
w/ this patch:
sudo cbfstool image-screebo4es.bin print -r FW_MAIN_A
FMAP REGION: FW_MAIN_A
Name Offset Type Size Comp
...
...
logo.bmp 0x167480 raw 8568 LZ4 (97078 decompressed)
...
17:starting LZ4 decompress (ignore for x86) 849,419 (1,279)
18:finished LZ4 decompress (ignore for x86) 849,559 (140)
Change-Id: I856c39146a5ec0faf44c1cd37fa7c0d7296bf673
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76930
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Intel has rebranded ESE as ISSE (Intel Silicon Security Engine),so all
references to ESE is updated to ISSE in the current coreboot code.
BUG=None
TEST=Build all the variants based on Intel Meteor Lake SoC
Signed-off-by: Usha P <usha.p@intel.com>
Change-Id: I1f8785704706d56a35e94a0f3386bc551cd1f263
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77241
Reviewed-by: Subrata Banik <subratabanik@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Early Chromebook generations stored the information about
USB port power control for S3/S5 sleepstates in GNVS, although
the configuration is static.
Reduce code duplication and react to ACPI S4 as if it was ACPI
S5 request.
Change-Id: I7e6f37a023b0e9317dcf0355dfa70e28d51cdad9
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74524
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Intel Platform Service Record (PSR) provides on-platform persistent and
tamper resistant ledgers and counters.
Key events captured within the Intel PSR Event Ledger, e.g., Chassis
Intrusion Detection, can be observed over the life cycle of the platform
to help assess confidence.
Counters for platform S0 operational use and power state transitions can
be assessed to aid in the determination of general wear or correlations
of other platform events when determining platform decommission plans
(repurpose, resell, recycle).
PSR data is created and stored in CSE data partition. In platforms that
employ CSE Lite SKU firmware, a firmware downgrade involves clearing of
CSE data partition which results in PSR data being lost.
CSE Lite SKU firmware supports a command to backup PSR data before
initiating a firmware downgrade. Add a config to support this PSR data
backup flow.
BRANCH=None
BUG=b:273207144
Change-Id: Iad1ce2906177081c103ef4d4bcef78fa2c95026f
Signed-off-by: Krishna Prasad Bhat <krishna.p.bhat.d@intel.com>
Signed-off-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77068
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Neither Windows nor mainline Linux make use of IOSF on the Braswell
platform, so adjust the ACPI status return value based on
CONFIG(CHROMEOS) to prevent an unknown device being listed in Windows
device manager.
TEST=build/boot Win11, Linux 6.2 on google/edgar
Change-Id: Ic51624ffd816d48c007c13d510601cf8cbf1edc4
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77142
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Neither Windows nor mainline Linux make use of IOSF on the Baytrail
platform, so adjust the ACPI status return value based on
CONFIG(CHROMEOS) to prevent an unknown device being listed in Windows
device manager.
TEST=build/boot Win11, Linux 6.2 on google/swanky
Change-Id: I249028c57cc704955cf5a11e2088780ef58e16cf
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77141
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch adds the ability to show a pre-boot splash screen on
Meteor Lake systems using FSP-S.
The patch calls into `fsp_convert_bmp_to_gop_blt()` when the
`BMP_LOGO` config is enabled. This function converts a BMP
file to a BLT buffer, which is then used by FSP-S to render the splash
screen.
Additionally, increase the heap size (malloc'able size) upto 512KB
(when BMP_LOGO config is enabled) to accommodate high
resolution logo file.
BUG=b:284799726
TEST=Able to see pre-boot splash screen while booting google/rex.
Signed-off-by: Subrata Banik <subratabanik@google.com>
Change-Id: I3608bfacc21574e12cde0e2012a16e6388ce54df
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76922
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
Intel requires that all enabled PCIe PCH ports have a CLK_REQ signal
connected. The CLK_REQ is used to wake the silicon when link entered
L1 link-state. L1 link-state is also entered on PCI-PM D3, even with
ASPM L1 disabled. When no CLK_REQ signal is used, for example when
it's using a free running clock the silicon will never wake from L1
link state. This will trigger a MCE.
Starting with FSP MR4 the UPD 'PchPcieClockGating' allows to work
around this issue by disabling ClockGating. Disabling ClockGating
should be avoided as the silicon draws more power when it is idle.
TEST: Verified on two boards, one with missing CLK_REQ on a PCH
root port, that the code does the right decision to disable
UPD PchPcieClockGating and PchPciePowerGating when necessary.
Change-Id: I673bbdbadc9afbed6a7bd5ce9f35dc70716d875b
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76687
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Add configs for USB 3.1 Gen2 electrical validation (EV) settings
so that people can set the EV settings per board in device tree.
BUG=b:285811345
TEST=build coreboot and fsp with enabled fw_debug.
Flashed to taranza and checked the log.
All usb configs were set correctly.
Change-Id: Iecd12d3db76b63ad99887dee5991d94d47f138fd
Signed-off-by: Chia-Ling Hou <chia-ling.hou@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76246
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Reka Norman <rekanorman@chromium.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
This reverts commit 5dfec71829.
Reason for revert: This change made it impossible to disable ASPM by
FSP parameter. ASPM_DISABLE would result in the FSP parameter not
being programmed, causing it to be the FSP default value instead.
This additionally fixes MTL to match ADL.
Change-Id: I60c0ea08513fcb0035449ea3fef1681de528c545
Signed-off-by: Jeremy Soller <jeremy@system76.com>
Signed-off-by: Tim Crawford <tcrawford@system76.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75280
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
To deduplicate mainboard mainboard_config_iio since there are a few
SPR-SP mainboards now.
The flow would be soc function initialize_iio_upd initializes the table
with the default values which are mostly zero, then mainboard can
overwrite it by soc_config_iio.
Change-Id: I72d74241fcad4c85a95f6d14587418f544caadd9
Signed-off-by: Johnny Lin <johnny_lin@wiwynn.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76185
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Once platform code has filled in the (legacy) ACPI PM register
map, added function will fill in the extended entries in FADT.
TEST=samsung/lumpy and amd/mandolin FADT stays unchanged.
Change-Id: I90925fce35458cf5480bfefc7cdddebd41b42058
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74913
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
To help identify the licenses of the various files contained in the
coreboot source, we've added SPDX headers to the top of all of the
.c and .h files. This extends that practice to Makefiles.
Any file in the coreboot project without a specific license is bound
to the license of the overall coreboot project, GPL Version 2.
This patch adds the GPL V2 license identifier to the top of all
makefiles in the device and soc directories that don't already have an
SPDX license line at the top.
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I89c05c7c1c39424de2e3547c10661c7e3f58b8f7
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76951
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Reviewed-by: Tim Crawford <tcrawford@system76.com>
Inspect all type-C USB ports, check if there is a USB device attached,
and if so, send the connection request to the PMC. This allows for any
attached USB2/USB3 devices to be used for booting by the payload.
Since this functionality is only needed by ChromeOS devices with TCSS
running upstream coreboot, introduce a new Kconfig to guard its use.
Boards needing it will select it in subsequent commits.
TEST=tested with rest of patch train
Change-Id: I69522dbcc8cae6bbf41659ae653107d0e031c812
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/72909
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Variable 'i' is unsigned, so use %zu vs %zd.
Change-Id: I5f5b28796b30285e81a94c37e686a9e763cab204
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76943
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The prefix POSTCODE makes it clear that the macro is a post code.
Hence, replace related macros starting with POST to POSTCODE and
also replace every instance the macros are invoked with the new
name.
The files was changed by running the following bash script from the
top level directory.
header="src/soc/amd/common/block/include/amdblocks/post_codes.h \
src/include/cpu/intel/post_codes.h \
src/soc/intel/common/block/include/intelblocks/post_codes.h"
array=`grep -r "#define POST_" $header | \
tr '\t' ' ' | cut -d ":" -f 2 | cut -d " " -f 2`
for str in $array; do
splitstr=`echo $str | cut -d '_' -f2-`
grep -r $str src | cut -d ':' -f 1 | \
xargs sed -i'' -e "s/$str/POSTCODE_$splitstr/g"
done
Change-Id: Id2ca654126fc5b96e6b40d222bb636bbf39ab7ad
Signed-off-by: Yuchen He <yuchenhe126@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76044
Reviewed-by: Matt DeVillier <matt.devillier@amd.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
FSP has a parameter to enable/disable c1-state autodemotion feature.
Boards/Baseboard can choose to use this feature as per requirement.
This patch hooks up this parameter to devicetree.
BUG=b:286328295
TEST=Check code compiles & boot google/rex, and correct value has been
passed to FSP.
Change-Id: I2cc60bd297271fcb3000c0298af71208e3be60fc
Signed-off-by: Sukumar Ghorai <sukumar.ghorai@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76826
Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sumeet R Pawnikar <sumeet.r.pawnikar@intel.com>
USB DBC is very helpful for SoC debug. TraceHub needs to be enabled in
coreboot if debug consent == 2 or 4. Debug consent == 6 enables USB DBC without TraceHub enabled.
This patch updates the Kconfig help text to meet PlatformDebugOption in
MTL and changes debug consent to 6 in default to provide basic SoC
debug capability.
TEST=Boot to OS on screebo and DBC connection is OK.
Change-Id: Ic12528bdd8b1feda7f1b65045c863341f932d3a2
Signed-off-by: Kane Chen <kane.chen@intel.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76880
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
cse_prep_for_rw_update() should return CB_ERR when
cse_data_clear_request fails. It was modified to CB_SUCCESS in this
commit ad6d3128f8 ("soc/intel/common: Use enum cb_err values")
BRANCH=None
BUG=None
TEST=Verify the system goes to recovery during downgrade when
cse_data_clear_request() fails.
Change-Id: Ibbccb827765afa54e5ab1b386fa46093b803977a
Signed-off-by: Krishna Prasad Bhat <krishna.p.bhat.d@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76918
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sumeet R Pawnikar <sumeet.r.pawnikar@intel.com>
Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Enable config TME_KEY_REGENERATION_ON_WARM_BOOT for Intel Meteor
Lake SOCs. This config allows Intel FSP to programs TME engine to
generate a new key for each warm boot and exclude CBMEM region
from being encrypted by TME.
Bug=b:276120526
TEST= Boot up the system, generate kernel crash using following
commands:
$ echo 1 > /proc/sys/kernel/sysrq
$ echo "c" > /proc/sysrq-trigger
System performs warm boot automatically. Once it is booted,
execute following commands in linux console of the DUT and confirm
ramoops can be read.
$ cat /sys/fs/pstore/console-ramoops-0
S0ix also tested and found working.
Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com>
Change-Id: I3161ab99b83fb7765646be31978942f271ba1f9e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75627
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Set UPD params GenerateNewTmeKey, TmeExcludeBase, and TmeExcludeSize
when TME_KEY_REGENERATION_ON_WARM_BOOT config is enabled. These UPDs
are programmed only when INTEL_TME is enabled.
Bug=b:276120526
TEST=Able to build REX platform.
Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.com>
Change-Id: Ib8d33f470977ce8db2fd137bab9c63e325b4a32d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75626
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Sumeet R Pawnikar <sumeet.r.pawnikar@intel.com>
Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Merge TME_KEY_REGENERATION_ON_WARM_BOOT and
TME_EXCLUDE_CBMEM_ENCRYPTION config options under new config option
named TME_KEY_REGENERATION_ON_WARM_BOOT.
Program Intel TME to generate a new key for each warm boot. TME always
generates a new key on each cold boot. With this option enabled TME
generates a new key even in warm boot. Without this option TME reuses
the key for warm boot.
If a new key is generated on warm boot, DRAM contents from previous
warm boot will not get decrypted. This creates issue in accessing
CBMEM region from previous warm boot. To mitigate the issue coreboot
also programs exclusion range. Intel TME does not encrypt physical
memory range set in exclusion range. Current coreboot implementation
programs TME to exclude CBMEM region. When this config option is
enabled, coreboot instructs Intel FSP to program TME to generate
a new key on every warm boot and also exclude CBMEM region from being
encrypted by TME.
BUG=b:276120526
TEST=Able to build rex.
Change-Id: I19d9504229adb1abff2ef394c4ca113c335099c2
Signed-off-by: Pratikkumar Prajapati <pratikkumar.v.prajapati@intel.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76879
Reviewed-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Build issue introduced by patch CB:76418 (commit hash
01025d3ae7) for Google boards.
Patch has not been rebased to latest master and tested before
submission causing the Jenkins jobs to fail.
Change-Id: I95bd2485b98be4ab3a39eaaebb9efb34db93bbe8
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76915
Reviewed-by: Subrata Banik <subratabanik@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Introduce new symbol SOC_INTEL_RAPTORLAKE_PCH_S that can be selected
by board with RPL-S PCH.
For now only the IoT variant of RPL-S FSP is available for use with
700 series chipsets. Boards with 600 series chipsets can still use
RPL CPUs with the ADL-S C.0.75.10, which contains minimal RPL-S CPU
support.
Change-Id: I303fac78dac1ed7ccc9d531a6c3c10262f7273ee
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76322
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Kopeć <michal.kopec@3mdeb.com>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Only the headers on Intel FSP repository have the CnviWifiCore
present. Options guarded for RPL like: DisableDynamicTccoldHandshake
or EnableFastVmode and IccLimit is also supported by all public FSPs
(except ADL-N for the handshake).
Options like LowerBasicMemTestSize and DisableSagvReorder have to be
guarded when FSP_USE_REPO is not selected, as publci FSPs do not have
these options.
Use FSP_USE_REPO instead of/in addition to SOC_INTEL_RAPTORLAKE
as dependency on the guarded UPDs to make them available for FSPs
that support them as well. Also prioritize the headers from FSP repo
over vendorcode headers if FSP_USE_REPO is selected.
Change-Id: Id5a2da463a74f4ac80dcb407a39fc45b0b6a10a8
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76418
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Kopeć <michal.kopec@3mdeb.com>
Use C99 flexible arrays instead of older style of one-element or
zero-length arrays.
It allows the compiler to generate errors when the flexible array does
not occur at the end in the structure.
Change-Id: I2d65e9dbefc8fa5d8288151995a587f76049c65a
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76837
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Use C99 flexible arrays instead of older style of one-element or
zero-length arrays.
It allows the compiler to generate errors when the flexible array does
not occur at the end in the structure.
Change-Id: Id19193b960935eeffca8e8db60073321592368fe
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76836
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
No drivers are needed/available, so hide the device to prevent
an unknown device from showing under Device Manager.
Linux does not use the ACPI _STA so no effect there.
Change-Id: I02efb64a845edc6e4fc559e7e99a7825abf4c2aa
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74892
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: CoolStar <coolstarorganization@gmail.com>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
While FSP programs the VmxEnable UPD per CONFIG_ENABLE_VMX, it doesn't
set the lock bit, which prevents Windows from enabling virtualization
on devices which support it. Call set_vmx_and_lock() to ensure the
lock bit is properly set.
TEST=build/boot Win11 on google/ampton,reef; verify virtualization
enabled.
Change-Id: I54ea0adb0a6d10f2df18f604b1f1e5a7a145dfb3
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76804
Reviewed-by: CoolStar <coolstarorganization@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>