Generate a signed UEFI capsule from the final coreboot ROM image using
EDK2 BaseTools.
When using an EDK2 payload and enabling DRIVERS_EFI_UPDATE_CAPSULES and
DRIVERS_EFI_GENERATE_CAPSULE, the build produces build/coreboot.cap once
the ROM is finalised (after all files were added to CBFS). The capsule
can also be generated explicitly with `make capsule`.
Move the capsule generation and certificate preparation into
payloads/external/edk2/Makefile, including generating the trusted root
certificate PCD include via BinToPcd.
Support capsule flows with an embedded FmpDxe driver by optionally
embedding FmpDxe.efi into generated capsules, and wiring the
embedded-driver Kconfig options through to the EDK2 payload build and
capsule generation.
Always set PersistAcrossReset on the capsule. Make InitiateReset
configurable (default off) because Linux rejects capsules with
InitiateReset when writing via /dev/efi_capsule_loader.
Use CONFIG_DRIVERS_EFI_MAIN_FW_VERSION for GenerateCapsule
--fw-version, but fall back to parsing a leading <major>.<minor> from
CONFIG_LOCALVERSION when it is left at 0. If
CONFIG_DRIVERS_EFI_MAIN_FW_LSV is 0, use the resolved firmware version.
Document capsule generation and embedded driver configuration.
Corresponding edk2 patches can be found at:
https://github.com/tianocore/edk2/pull/12053
Change-Id: I5f56b894d40ddb49f3158bb72f0143d0ebe9c34c
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/90862
Reviewed-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The QEMU sbsa-ref machine has a GICv3 ITS at 0x44081000 that handles
MSI/MSI-X translation for PCI devices. Without describing the ITS in
ACPI tables, Linux cannot set up MSI interrupts, causing warnings like:
WARNING: CPU: 1 PID: 1 at drivers/pci/msi/msi.h:121 pci_msi_setup_msi_irqs+0x40/0x58
xhci_hcd 0000:00:04.0: xHCI Host Controller
Add GIC ITS base address to the address map and implement
platform_get_gic_its() so the common MADT generation code emits
a GIC ITS entry.
Select ACPI_IORT and implement acpi_soc_fill_iort() to generate an
IORT table with an ITS Group node and a Root Complex node that maps
all PCI RIDs 1:1 to ITS device IDs.
Tested with Fedora 41 and a qemu-xhci USB controller.
Change-Id: I9366968aac855dae808f6f0c73f1d3ec644bbeff
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91668
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The QEMU sbsa-ref machine maps PCI I/O port space at 0x7fff0000.
Set io_port_mmio_base so that PCI I/O port accesses are correctly
translated to MMIO on aarch64.
This is needed for PCI device drivers that may use I/O port BARs,
such as the QEMU bochs display driver which already compiles and
links for this target via the existing DRIVERS_EMULATION_QEMU_BOCHS
Kconfig.
Change-Id: I6a06c4c3a48c5d3409009f10b089a3537ccec8a6
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91667
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
The current implementation only supports sink mode on the debug access
port, which is used for charging. To enhance debugging capabilities,
expand the support to include source mode.
Refactor the Kconfig option to HAVE_DEBUG_ACCESS_PORT_SOURCE_SINK and
update the initialization logic to configure both SRC and SNK modes
via the PMIC's SCHG_TYPE_C_DEBUG_ACCESS registers. This allows the
debug port to serve as a power source or sink as required by the
attached debug hardware.
BUG=none
TEST=Verify debug port modes on Google/Quartz.
Change-Id: I3ec45d9cdc0ec6e723d10792f4e347462cecd2ed
Signed-off-by: Kapil Porwal <kapilporwal@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91670
Reviewed-by: Subrata Banik <subratabanik@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jayvik Desai <jayvik@google.com>
The ADSP GSI initialization/loading is needed in both
normal boot and the off-mode/low-battery charging path. This patch
moves it before the conditional mainboard initialization skip, so it
runs in all cases.
TEST=Able to build and boot google/bluey.
Change-Id: I6237154f8701d5f7f9e1e0b20378cb8e8be39fca
Signed-off-by: Hari L <haril@qualcomm.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91637
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
dsi-phy1 and dsi-phy2 are currently controlled using hardware voting,
however there is a low probability of power-off failure during the boot
process. Since dsi-phy1 and dsi-phy2 are not shared with different XPUs,
there is no need to control them using hardware voting. Change the
control method of dsi-phy1 and dsi-phy2 from hardware voting to software
control to fix the power-off failure issue.
BUG=b:477096462
TEST=Build Pass, Bootup OK and Suspend/Resume OK
Change-Id: I33ebbac0dd6d0d0d352697c14de9ecef28ba08cb
Signed-off-by: Guangjie Song <guangjie.song@mediatek.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91659
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yidi Lin <yidilin@google.com>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Provide an optional, coreboot-managed CBMEM scratch buffer for SMM code.
CBMEM is reserved from the OS via the memory map and persists across S3,
so it is suitable for firmware-owned DMA buffers used during resume.
SMRAM is not device DMA-accessible, so this scratch buffer must live
outside SMRAM.
Pass the base/size to SMM via smm_runtime so SMM code can validate
placement and avoid relying on untrusted pointers.
The CBMEM region size is configurable via SMM_OPAL_S3_SCRATCH_SIZE,
defaulting to 16 KiB as a safe value.
TEST=tested with rest of patch train
Change-Id: I79ae5327f27e574b151b7cf456761fa0d7038f2f
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91042
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
As directory was copied from genoa_poc, we need to adjust headers to
correspond to phoenix_poc repository.
Change-Id: Id3aeaf6ecf138ea94282ae2a308a45c77ff73b02
Signed-off-by: Alicja Michalska <alicja.michalska@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91481
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Based on genoa_poc, this patch adds directory structure for Phoenix
OpenSIL as well as git submodule needed to build it.
Subsequent patches will begin adjusting this directory to Phoenix (Zen4)
silicon.
Change-Id: I04de276c1567c20d1e852efe220efa8131f53843
Signed-off-by: Alicja Michalska <alicja.michalska@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91480
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The Sunrise Point-LP PCH built into the Google Pixelbook Eve suffers
from an erratum where the "CLKREQ# asserted to clock active timing" may
exceed the maximum specification, resulting in exit instability from
ASPM L1 state.
This is documented in erratum 47 of the "Intel 100 Series and C230
Series Chipset Family Platform Controller Hub Specification Update"
(Revision 015, December 2018):
https://www.intel.de/content/dam/www/public/us/en/documents/specification-updates/100-series-chipset-spec-update.pdf
The Specification Update constrains applicability of the erratum to
Endpoints which do not support LTR or advertise an LTR value of less
than 1 usec. The reason is that the PCH needs about 1 usec for the
clock to become active after CLKREQ# asserted. For devices without LTR
support, the maximum is 400 nsec (T_CRLon, PCIe CEM r6.0.1 sec 2.11.2).
The Pixelbook Eve has an Intel 7265 Stone Peak wifi card attached to
Root Port 1. It seems this wifi card triggers the erratum: There are
several reports that the wifi card is no longer usable since commit
torvalds/linux@4d4c10f763 ("PCI: Explicitly put devices into D0 when
initializing").
Briefly, coreboot enables all ASPM features on boot, the kernel used to
disable certain ASPM features prior to the commit, now no longer does
and the erratum is thus exposed. (The commit changed the cached power
state of the wifi card from PCI_UNKNOWN to PCI_D0, which now causes
pcie_config_aspm_link() to no longer disable L1 PCI PM.)
Apply the recommended workaround, which is to disable the associated PCH
CLKREQ# signal to keep the PCIe clock active during L1.
BUG=https://github.com/MrChromebox/firmware/issues/786
TEST=https://bugzilla.kernel.org/show_bug.cgi?id=220705#c31
Change-Id: I00c6555c2b93f46971ea8e4344f8990f86b03a3d
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91651
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com>
On Skylake mainboards, enablement of the Source Clock of a PCIe Root
Port is currently dependent on enablement of CLKREQ# in the devicetree.
However it may be desirable to disable CLKREQ# but still keep the Source
Clock enabled. Specifically, that's the recommended workaround for
erratum 47 of Sunrise Point-LP PCHs, which concerns exit instability from
ASPM L1 state:
"disable the associated PCH SRCCLKREQ# signal to keep the PCIe clock
active during L1"
https://www.intel.de/content/dam/www/public/us/en/documents/specification-updates/100-series-chipset-spec-update.pdf
Therefore, key Source Clock enablement off of Root Port enablement in
the devicetree, rather than CLKREQ# enablement. A subsequent commit
takes advantage of this to implement the workaround on Google Pixelbook
Eve mainboards.
Change-Id: I9b69357c59bad3392da85e0629a9d368524daffd
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91650
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Configure "cpu_ratio_override" to 0x20 (32) for the Fatcat baseboard.
This ensures the Panther Lake SoC initializes with the correct
base frequency ratio to meet the performance and thermal targets
defined for this hardware revision.
BUG=none
BRANCH=none
TEST=Build and boot Fatcat; verify CPU base frequency has updated.
Change-Id: I7ea6c7dccaf731bab1256b3297d83518ceea532c
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91648
Reviewed-by: Pranava Y N <pranavayn@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Additionally, guard USB camera GPIO enablement using dedicated
Kconfig option.
This reverts commit bbbc655b15.
Reason for revert: FW should enable the GPIO_USB_CAM_ENABLE (206).
Change-Id: I7966240939c51a4be7027debb0a66d3e11cb75cc
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91660
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Replace checked-in .spd.hex blobs with .spd.json attribute descriptions
and generate the .spd.hex at build time via spd_gen.
Change-Id: I777b12df911576c684ee8146f5ec69e61b0cc772
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91292
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Replace checked-in .spd.hex blobs with .spd.json attribute descriptions
and generate the .spd.hex at build time via spd_gen.
Change-Id: Ibfe5672ba9c4ffb3dcd328d9bf7df81395a3d93f
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91291
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Replace checked-in mt62f2g64d8 .spd.hex blobs with .spd.json attribute
descriptions and generate the .spd.hex at build time via spd_gen.
Change-Id: I383b044f87c7ff9eaa57da580cd39a67c36c7b32
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91252
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Allow mainboards to provide SPD sources as .spd.json alongside existing
.spd.hex files. When a JSON source is used, spd_gen is invoked at build
time to generate the corresponding .spd.hex in the build directory.
Change-Id: Ie1f2b81bcc15af65f1402b31f5c1f0553217fdda
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91251
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Add options that simplify integrating spd_gen into build systems:
- Allow choosing an output directory via -out/--out.
- Allow writing a single SPD hex file from a single-part JSON input.
- Accept either {name, attribs/attributes} or a single-part
memory_parts.json.
- Strip // and /* */ comments from JSON inputs.
- Allow selecting the SPD set number for single-file output via
-set/--set (default: 0).
The set number selects which set-N attributes are used when generating a
single output .hex file.
Change-Id: Iebbdcdaea7dc69e37b048ad2113007fae5471bad
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/89799
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
screebo/kanix use rt1019 speaker, rt5682 headphone. karis uses rt5650
speaker and rt5650_hp headphone. All of them use 2ch-pdm0 for dmic.
This configuration is used for CoolStar's Windows audio drivers on
these devices.
TEST=build/boot Win11 on screebo, verify built-in audio functional with
coolstar's drivers.
Change-Id: Ie0be2b2d7cc41548bbe3e5b47a8e0f6039c4b2d9
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91571
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub "Kuba" Czapiga <czapiga@google.com>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Use the new API to pass the microcode update pointer to the OpenSIL
so that OpenSIL can update microcode on all cores/threads during CCX
initialization.
TEST=See microcode is updated on BSP in OpenSIL on Gigabyte MZ33-AR1.
Change-Id: Ic35784583a1494ea162dc4a0d2fea8c9c3e1ef5f
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/89109
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Expose API to return the microcode update block address. It will be
used to provide a pointer to microcode update to the OpenSIL.
Change-Id: I1a5a89a5ff2ed29621e856cf274434803005aff8
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/89108
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Linux complains about these missing.
Tested with fedora 43 and CrabEFI payload.
Change-Id: I4c65760e64d8dc9b953f6a5b7f1bdcde0ce946a0
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91649
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The FSP for Arrow Lake supports Meteor Lake, so re-point coreboot
at that, as it's, simply, newer and better.
Change-Id: I524dc7c0632c9f38b178ad95563128b56f94f983
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/89639
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Add two functions for disabling/enabling PCIe clocks to devices
connected to root ports. These functions are used during device power
sequencing at boot to ensure clocks are not driven to devices when
their power is off. This prevents potential issues with PCIe link
training and ensures proper power-on sequencing for connected devices.
BUG=none
TEST=Build and boot Panther Lake platform. Verify PCIe devices enumerate
correctly and clock management functions properly during power sequences
Signed-off-by: Cliff Huang <cliff.huang@intel.com>
Change-Id: I63f8e331b6ab18172fa32ff5c1539c71823aa247
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91550
Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Since USB-A was removed from the mica hardware design, the Kconfig has
been configured to skip the relevant initialization.
BUG=b:488906616
TEST=emerge-bluey coreboot
Change-Id: I69cc994c83d78da87ddb95cbf471726a492512ef
Signed-off-by: KangMin Wang <kangmin.wang@luxshare.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91635
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Derek Huang <derekhuang@google.com>
Generate RAM ID for BWMYAX32P8A-32G
DRAM Part Name ID to assign
BWMYAX32P8A-32G 4 (0100)
BUG=b:488993502
BRANCH=firmware-nissa-15217.B
TEST=emerge-nissa coreboot
Change-Id: I496292fa20884262c32d339b8448490f09c7b12b
Signed-off-by: Qinghong Zeng <zengqinghong@huaqin.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91508
Reviewed-by: Eric Lai <ericllai@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kun Liu <liukun11@huaqin.corp-partner.google.com>
Add LGD touchscreen for kaladin
BUG=b:484114852
TEST=build and flash on kaladin,verify touch function works normally
Change-Id: I1f204569767e7eab17bc44dcd060d606ba87a38e
Signed-off-by: Eren Peng <peng.eren@inventec.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91647
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Eric Lai <ericllai@google.com>
A local patch providing basic 2x scaling in edk2 means that the
fixed resolution VBTs are no longer needed so always use the
native-resolution VBT by default,
Remove the CFR option to pick which VBT to use, so only the native
resolution VBTs are used and included.
Change-Id: Ib7f4c546a01ebfba963b7591af9d5e24c0611206
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91618
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Updating from commit id 3f94e2c7ed58:
2024-12-18 - Makefile: Allow cross-compilation for RISC-V
to commit id 5c360ef458b0:
2026-03-10 - lib20: Add vb2api_verify_kernel_data back
This brings in 182 new commits listed below. Build tests for AMD AGESA
boards that I am maintaining with restore_agesa.sh - are successful.
5c360ef458b0 lib20: Add vb2api_verify_kernel_data back
24655cd2309e cbfstool: fix const-discarding warning in extract_config_value
b9ea1075a7d2 firmware/2lib: Remove unused vb2_sha256_extend function
7934c1c9c991 firmware/2lib: Remove dead kernel verification function references
25083888d265 Add .editorconfig
3109519e8841 tests: Remove unused sha_tests.c
850cf0fbe5b5 tests/tpm_lite: Remove unused files
42f5313871c6 firmware: Do not allow for dev mode with oem_lock enabled
c16e6afaced4 firmware: host: Add OEM Lock flag to nvstorage dev field
ed6cb4054134 tests: add test cases for booting OTA recovery partition
606ca738a7d3 vboot: Implement Network Based Recovery (NBR) using OTA recovery partition
7529e2837c55 2lib: rename functions & variables related to MiniOS
6aba77a84c2b vboot: Add GPT_DISK_UUID_RECOVERY marker
ec74b34cd6ce vboot: Add declaration of vb2ex_slice_disk() callback
e388d1f93c95 futility: Print programmer in logs
a1f54de5001c Skip ec.config if there is no space
5040bde7243f futility: Prioritize identity.csv over Android property ro.product.name
a5f6ef5e327e sign_uefi: Use the v2 crdyshim key for signing crdyboot
fa13af3ccc36 futility: Support model detection by Android property ro.product.name
cca9e4a676f3 vb2_sha: Use uint64_t for total size in SHA-2
0ee734db27fe test: fix problem with load android test cases
5a45a5f32dcf Android.bp: allow libvboot_host to be built as a shared library
89b720193a09 tests: initialize cmdline for AVB verify data
c851dfa1e384 tests: add vboot avb test cases
86e3d6b720cb tests: add test cases to boot android kernel
461398242604 Fix OpenSSL memory leaks and incorrect free() usage
7b8a96024b7c crossystem: Use libflashrom instead of flashrom CLI for USE_FLASHROM=1
dd0bab314680 futility/updater: Check FMAP compatibility
4f3a73dd50f0 tests/futility/test_update: Make FROM_IMAGE and TO_IMAGE same board
93711fc01e5a 2lib: Implement rollback protection for Android
ad3b7b64283b sign_uefi: Update handling for presigned crdyboot builds
6e8977429f53 avb: adjust Makefile for changes in AVB repo
f963a5069755 host/flashrom_drv: refactor flashrom initialization
1de7d46170ea tests/futility/test_update: Dynamically calculate image size
ac9e57cffd22 tests/futility/run_test_scripts: Filter tests via FUTIL_TEST_SCRIPT
b3780bbaaced crossystem: Fix crossystem lock file unlocking
6b8337fb608b Add 'runfutiltestscripts' make target
5d6a647a1f29 tests/vb2_avb_tests.c: add key validation tests
d3f2d712c205 avb: Fix format specifier for debug messages
67fb9d2b799a futility: Add missing gscvd.c file to futility_srcs for Soong
4ce2c1a44c95 futility: add check-fwid flag to update command
3c47ec0a951b firmware/2lib: Move base DTB image into dtbo partition
0413878d374c futility: Support RO_GSCVD region for 'futility show'
ffab62e169e8 futility: Add futil_valid_gscvd_header()
6c242361a867 sign_uefi: Skip crdyboot signing if already signed
7a2ba18765eb 2lib: remove partition_number variable
5f958f17f4b6 2lib: use correct structure for guid
a11ad5ccdeae lib20: remove unused code
f290e75b7441 futility: Utilize identity.csv for remote device
24e62a619e81 futility: Add --frid and --sku-id arguments
f80af2766ecb firmware: GBB flag to ignore rollback applies to kernel too
34431212e1e9 futility: Update --model help text
a086faa63858 vboot: Rename vb2ex_get_android_bootmode to vb2ex_handle_android_misc_partition
f90a1c7ab168 tests/vb2_host_flashrom_tests: Fix missing '\0' for strncpy call
ed024e5cc5a7 Makefile: fix runtests fails when USE_FLASHROM=0
9cce699aa655 host/lib/flashrom_drv: Change the return type from int to vb2_error_t
14cee0b25665 make_dev_ssd: Add crash_kexec_post_notifiers with kdump
5659718d037e avb: Use hardware-accelerated SHA256
a549dc16e50a 2lib: Rename vboot_cmdline related buffers
5ffc2321290d Makefile: include vb2_host_nvdata_flashrom_tests in run2tests target
59cb8b6e6dbf Makefile: include vb2_host_flashrom_tests in run2tests target
60c75230ab6f Makefile: include vb2_recovery_reasons_tests in run2tests target
f344c1f022fe make_dev_ssd: Add --minios_key
9daff4f9319e avb/vboot_avb_ops: Refactor reserve_buffers to reduce code duplication
b97b60477b60 2api: Add support to load DTB/DTBO images from GPT partitions
90e322680f66 Reland "firmware/lib/cgptlib: Add GPT partition name for DTB/DTBO partitions"
2aae1741d8b8 avb/vboot_avb_ops: Continue without buffer for optional partitions
136e1229054c futility: Add unit tests for misc
47fa4d7227de treewide: Remove the space before labels
dd3c8066cda7 2load_android_kernel: Fix VB2_GBB_FLAG_FORCE_UNLOCK_FASTBOOT usage
3f578eceb517 Revert "2api: Add support to load DTB/DTBO images from GPT partitions"
a3e0e039a9a4 Revert "firmware/lib/cgptlib: Add GPT partition name for DTB/DTBO partitions"
0ed3061c8343 futility: Extract unit test utils into separate header
9fbd15cce715 2api: Add support to load DTB/DTBO images from GPT partitions
2f200d714993 firmware/lib/cgptlib: Add GPT partition name for DTB/DTBO partitions
db4e4c16938c gpt: Cleanup GPT constants
e4e2a4648678 host: Add error messages to NV read/write
d3bdaba00d45 futility: Add unit tests for updater utils
e0cef21436af crossystem/GetAcpiSysfsPath: Add stat check for current_path
05353d26e826 cgptlib: Expose GptModified as external API
63ebdf94d2ef futility/updater: Utilize identity.csv or crosid for --detect-model-only
b10850ad6e19 futility/updater: Support model identification with identity.csv
30e5f1a11302 Update kernel command line with `cros_part_hash` for specific partitions
c37d42900911 Delete `resign_kernel_partition.sh`
8f7b522a4b72 Remove deprecated stateful partition vblock update
015c6eedb91e Fix array iteration in `ensure_no_nonrelease_files.sh`
b20dfa89a76b Always mount ESP as read-write
485bf8061f51 futility: remove unused variable
9510c7f8eeb0 Reorder recovery kernel hash updates after MiniOS resigning
42a6ca910398 Remove engeg@ from scripts/OWNERS
26130316a50b futility/archive: Add libziparchive support on Android
87401a655f5c futility: Extract archive implementations to separate files
9b362962860c cgptlib: Make IsBootableEntry available for depthcharge
ac6cc721c1ef 2lib: Get Android boot mode
9863e6ea9410 2lib: Introduce FORCE_UNLOCK_FASTBOOT GBB flag
6cf177721568 cgptlib: Move cgptlib.h to firmware/include dir
4ab8d0085e8d futility/updater: Add load_system_frid() and get_model_from_frid()
f5e37de5b6b8 host/lib/flashrom: Free image data on flashrom_read_* failure
85ace4b96d6a futility/updater_dut: Introduce DUT_PROP_SKU_ID
6b93d66ec4a6 futility/updater_dut: Extend property type from int to int64_t
de036f432202 common: make optional arg actually optional
e8e6493e1f92 2lib: Modify logic of setting secdata kernel version
3d5855fa8da3 2lib: Move kernel secdata update to vb2api_load_kernel()
d89559b1f1fa gpt_misc: Validate pointer before usage
ee209148a4ff host/crossystem: Introduce VbGetSystemSkuId()
e3f41133afcb host/arch/arm/crossystem: Fix return type of ReadFdtInt
c8facc216cec host/arch/stub/crossystem: Fix "const char* name"
10316632b505 host: crossystem: gpio: Use correct GPIO controller offset
dcf300d273f2 OWNERS: Add bernacki
f1619fa67e15 futility/cmd_gbb_utility: add --verbose
92c264a42bed gpio_uapi: remove unused variable
68ec7968e66e Android.bp: Fix vb2_sha256_x86_tests target config
88ac12115cb1 crossystem: Remove wpsw_cur fallback to VDAT_INT_HW_WPSW_BOOT
f1f6b42aa4e0 crossystem: x86: Remove deprecated GPIO SYSFS code
d35aee8d15fc crossystem: host: Add support for reading GPIO from /dev/gpiochipX
2e1ed1f914ed dts: Add cc_test for x86 sha tests
8bf055106225 dts: add filegroup for devkeys
42e098dc402c avb: Implement unaligned read in load_partition
cb9f18bcfbca futility/updater: Add warning for full firmware update without WP
357561a2a82e futility/update: Assume WP is off for all remote operations
50bb82087123 avb: Add pvmfw verification and loading to memory.
a0a2affafcc0 2api: Expand vb2_kernel_params for pvmfw loading
b5fb33f01c34 tlcl: Increase TPM buffer size
dbdf50adc5e6 2load_android_kernel: Set VB2_SD_FLAG_KERNEL_SIGNED on verify success
9080ef62a9c9 uefi: add --keyform engine for pkcs11
c67404f06dfb swap_ec_rw: Support legacy EC image
9bd1a6dab45e Revert "Handle both RW_FW and EC_RW sections"
fcbc0a884ddd Update crdyshim keygen script to use ECDSA
af71ac87e4a4 host: Fix compilation error with GCC
c5ac68e4d273 futility: updater: Allow --quirks=preserve_me=2 to force preserving ME
ec4d7436be0c vb21: load private key before signing
39f6104b29e1 swap_ec_rw: Support giving a raw EC RW image
b7adaa2b97fe 2lib: Add androidboot parameters
b3b414cc307f 2lib: Drop unused ramdisk fragments based on BCB command
093e3608a529 2lib: Load Android kernel
a682da7d92db 2lib: Rearrange buffers with android partitions
076d4d38f9f6 2lib: Load and verify android partitions
f1df391e6d05 avb: Get preloaded partitions
45176543c260 avb: Add callback for public key verification
6dc845b9b4c9 avb: Add avb_ops for IO operations
911e5a6e4603 avb: Implement basic AVB callbacks
1fe2d7b5e555 futility: Fix load_firmware_image() for empty file name
44dc81ca128b 2lib: Make need_valid_keyblock() function global
35ea5c842733 2lib: Rename kernel type macros
c51cbc4ace85 tests: fix build errors with USE_FLASHROM=0
3f36817a50e3 cgptlib: Allow to boot from Android vbmeta
34cb9f619615 cgptlib: Add helper functions for partition loading
0130a541cb06 android: Port image headers definition
af0a2547170e vboot.rc: Fix TMPFS mounting and unmounting
ea4986b060ad cgpt: Add Gpt prefix to StrToGuid() function
015ee35a494c cgpt: Move GuidToStr to firmware code
2df1fe56f588 cgpt: Reformat code using clang-format
e9d7bd044a43 sign_gsc_firmware.sh: sing ECDSA only image for NT
8c2235b52196 crossystem: Add support for additional GPIO communities
2955db3c48bd futility: dump_fmap: Fix gap calculation
4134ab60ea70 tests/futility/test_dump_fmap: Allow easier expected output updates
1655f1a9f9a2 swap_ec_rw: Extract ecrw version to correct file
1c7a767b3353 Handle both RW_FW and EC_RW sections
8786d36c388c sign_gsc_firmware: extend to support signing NT images
4a9586937f19 swap_ec_rw: Support swap from AP image
44db1807c246 gsc: fix typo in calling out to script
06d58e2132d3 swap_ec_rw: Check ecrw.version/config exist before removal
a57167e79e4b pkcs11: add ID field
d6e67ecf0824 gsc: add env var support
8eea96333f62 2secdata_kernel: Improve log about incomplete secdata_kernel
bf4b21294a1c Include ec.config when swapping
9038039fbb32 futility: updater: Cap try count to 15
ae6ceb20d5e2 Android.bp: Make crossystem default to /vendor partition
2dde4ce9badc cgpt: repair: handle drive size expansion
993e0bf7bdbc cgpt: create: calculate Last Usable LBA in DriveLastUsableLBA()
3a37ae87f637 firmware/2lib: Refactor ec_sync_phase1 for clarity
6caf4cd6225f firmware/2lib: Remove redundant EC sync check in recovery
1f8153d95a93 scripts/image_signing/swap_ec_rw: Print the versions of the AP image
6f63b28162cd Makefile: Optimize dirname invocation
177c0582ad4f Makefile: Remove $(shell) invocations from CFLAGS
621899d6e89f vboot: modify GptNextKernelEntry function
993ef3126919 uefi: only check for key existence in local key mode
7fdca50ac14f Introduce new entry type for vbmeta
2e00eae8f9a0 firmware/2lib: Add a log for try_count used up
7e5bda8a8210 futility: updater: Increase try count from 13 to 17
3498c54d26a9 signing: add condition for flexor
c3f20ccfcf30 Makefile: Export swap_ec_rw script to OS image
Change-Id: Iad381e717ccf3db6cb5f0a3d408e0033fdba0538
Signed-off-by: Mike Banon <mikebdp2@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91640
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Erik van den Bogaert <ebogaert@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
The panel uses TPS65130RGER as the bias IC, with supply set to ±5.9V.
Configure TPS65130RGER initialization and power-on sequence according
to the tps65130.pdf.
The tps65132s driver is no longer used on this platform and remove it
from the build.
[INFO ] mtk_display_init: 'BOE NS130069' 3504x2190@120Hz bpp 4
BUG=b:463911061
TEST=Check display initialization log and display are normal
BRANCH=none
Change-Id: Idfc19597c4357adb818ca008f93bac2e7ebe3edb
Signed-off-by: Wentao Qin <qinwentao@huaqin.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91424
Reviewed-by: Yidi Lin <yidilin@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
For amdfwtool, the Strix Halo SoC is similar to the Glinda SoC. Main
difference is the ISH PSP ID which was taken from the ISH table from the
UEFI reference implementation.
Change-Id: I6262dc8d72144ccdcd814586ef72684c15d3561d
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91638
Reviewed-by: Ritul Guru <rguru@amd.com>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This patch enables dtt and ish in devicetree for ojal and updates
FW config for GPIO's config according to schematics revision 0.9.
RDC kit no:840138
BUG=b:437459757
TEST=Build ojal board and check dmesg for errors.
Change-Id: If2ece13575ebad661cc7de78e77e3bf2f30e69e1
Signed-off-by: Varun Upadhyay <varun.upadhyay@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91334
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aralguppe, Sowmya <sowmya.aralguppe@intel.com>
Reviewed-by: Bhat D, Krishna P <krishna.p.bhat.d@intel.com>
Add HAVE_SHARED_PS2_PORT Kconfig, associated cmos.[layout,default]
and CFR entries to p8z77-m[_pro], p8z77-v[_le_plus], p8h77-v,
where their owners manual indicate a single shared PS/2 port, to enable
control of this one port's role. Adds an "auto" option if PS/2 keyboard
init is enabled in Kconfig, to enable switching role automatically if
a device (ie. mouse) is detected on auxiliary channel.
TEST=Logitech M-S48 PS/2 mouse and various PS/2 keyboards all work with
correctly set port role and "auto" on asus/p8z77-m under a Linux
Mint 22.2 live environment.
Change-Id: I21b73da99168e751b1a23485d4b1695963f9eef5
Signed-off-by: Keith Hui <buurin@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/81885
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Three more recent nvram options were not covered by checksum.
Change-Id: I69dcd3f0b57464e284965e31153e2ee0a1a80631
Signed-off-by: Keith Hui <buurin@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91578
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
This reverts commit d912ae91b0.
Reason for revert: These GPIOs will be managed by the OS.
BUG=b:481123667
Change-Id: Ieab7a9eba09c6a1128fe4709603f3b9d64e72e93
Signed-off-by: Kapil Porwal <kapilporwal@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91639
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
fwupd shows the ESRT (UEFI System Resource Table) version as 0 when
DRIVERS_EFI_MAIN_FW_VERSION is left at the default. That makes it easy
to ship firmware with no meaningful ESRT version and forces maintainers
to duplicate versioning in multiple places.
If DRIVERS_EFI_MAIN_FW_VERSION is 0, parse a leading "<major>.<minor>"
from LOCALVERSION (ignoring non-digits before/after) and encode it as
(major << 16) | minor (e.g. "v26.01-rc1" -> 0x001A0001).
If DRIVERS_EFI_MAIN_FW_LSV is 0, default it to the effective firmware
version. This provides a sane, more secure default (prevents accidental
rollback to older versions) while still allowing platforms to override
LSV explicitly when rollback is desired.
Test=boot adl/horizon and check `fwupdmgr get-devices` shows a
version:
├─System Firmware:
│ Device ID: f48f261c7fc0724729b817bfd4e8340e3195a6bc
│ Current version: 26.3
Change-Id: I3f47ee7a38e79312532f4ed5d4516c57911f727e
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/90861
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
`register "cnvi_bt_core"` was missed in the upstream patch, so re-add
it.
Change-Id: I2be5303563f22a642c03719a16b1c88cd8d196a7
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91613
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Refactor the TTB memory region definition to support stage-specific
usage. Certain boot modes require separate TTB regions for early stages
(such as bootblock or romstage) and for later ramstage usage. On Bluey,
the off-mode/low-battery charging path requires this separation because
the boot IMEM, where the early-stage TTB resides, becomes unavailable
once the ADSP comes out of reset.
This change ensures that the correct TTB region is selected for each
stage and prevents early‑stage memory constraints from impacting the
ramstage boot flow.
BUG=b:436391478
TEST=Able to build and boot google/bluey.
Change-Id: I8cedab8c744220599527de1c303a777f9ff8b1da
Signed-off-by: Venkateshwar S <vens@qualcomm.corp-partner.google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91361
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Implement logic to detect and clear ChromeOS EC AC-unplug events and
provide visual feedback via the LEDs before system shutdown.
Key changes:
- Added `detect_ac_unplug_event` and `clear_ac_unplug_event` to
monitor power source changes via EC host events.
- Implemented `indicate_charging_status` to provide a 4-second
notification to the user before the AP powers off.
- Integrated these helpers into `launch_charger_applet` to ensure
the event state is clean upon entry and the user is notified
before the system issues a power-off due to charging timeouts or
state changes.
BUG=none
BRANCH=none
TEST=On Bluey, verify the LED turns on for 4 seconds when
charging fails or AC is removed during the charging applet
before the device powers off.
Change-Id: Ie1ff5ba6f158fe7302e523f984c5e5d5f05d6eae
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91602
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Refactor the low-power/off-mode charging logic into a dedicated
helper function `handle_low_power_charging_boot`.
Additionally, replace the `return` statement with `halt()` after
the charging applet logic. This ensures that if the system is in
a low-power charging state, it cannot accidentally proceed with
the rest of the mainboard initialization, which could lead to
unstable behavior or power-sequencing issues.
Included <halt.h> to provide the necessary definition.
BUG=none
BRANCH=none
TEST=Build and boot on google/quartz. Verify that low-battery boot
correctly enters the charging applet and does not proceed to full init.
Change-Id: I4bf9bb0f89d117fea9b81a5f8369fa23043a1e82
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91599
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
When the charger applet times out waiting for charging to enable, the
previous behavior was to simply return. This caused a boot hang because
the system would attempt to continue mainboard initialization without
properly initialized IPs or sufficient power.
Update the timeout handler to trigger a system power-off via
google_chromeec_ap_poweroff(). This ensures the device enters a clean
G3 state if charging cannot be established, preventing a partial-boot
hang and unnecessary power drain.
BUG=none
BRANCH=none
TEST=Verified on Bluey that a charging timeout results in a clean
power-off instead of a system hang.
Change-Id: Iae00e6df39e9d78cd5d27770b871ff2e8c4c9b7c
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91598
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Select EC_GOOGLE_CHROMEEC_LED_CONTROL for the following Fatcat
variants:
- Lapis
- Moonstone
- Ruby
This enables the firmware to drive system LED behavior via the
ChromeOS EC.
BUG=none
BRANCH=none
TEST=Build and boot on fatcat variants, verify LED functionality.
Change-Id: I506420c8594f5cd183cdd02c8516c053205423e3
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91597
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Reviewed-by: Avi Uday <aviuday@google.com>
Reviewed-by: Jayvik Desai <jayvik@google.com>
Select EC_GOOGLE_CHROMEEC_LED_CONTROL for both BOARD_GOOGLE_MODEL_QUARTZ
and BOARD_GOOGLE_MODEL_MICA. This allows the firmware to communicate
with the EC to manage system LED states.
BUG=none
BRANCH=none
TEST=Build and boot on Bluey baseboard variants.
Change-Id: I53270c6a917c57ba8500f1fae46aac78ba43b351
Signed-off-by: Subrata Banik <subratabanik@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91596
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Configure power state thresholds (PS1, PS2, PS3) according to the
platform design specification. These thresholds define current limits
at which the voltage regulator domains transition between different
power states for optimal power management.
Ref=830097_WCL_PDG_SchChk_Rev1p5
BUG=b:None
TEST=Build ocelot and verify that the system boots with following
VR parameter
[SPEW ] (MAILBOX) PS1Threshold = 80 (1/4 Amp)
[SPEW ] (MAILBOX) PS2Threshold = 20 (1/4 Amp)
[SPEW ] (MAILBOX) PS3Threshold = 4 (1/4 Amp)
Change-Id: I8ecb55741901eb997d78a3f1fd09175c3ce31544
Signed-off-by: Sowmya Aralguppe <sowmya.aralguppe@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91454
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Extend fast voltage mode configuration to IA Domain
Ref=830097_WCL_PDG_SchChk_Rev1p5
BUG=b:None
TEST=Build ocelot and verify that the system boots with following
VR parameter
[SPEW ] IccMaxItrip[0] = 152
Change-Id: Iced5cea1bed8f215602ac1455ded214fa1f72c72
Signed-off-by: Sowmya Aralguppe <sowmya.aralguppe@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91450
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
