Generate a signed UEFI capsule from the final coreboot ROM image using
EDK2 BaseTools.
When using an EDK2 payload and enabling DRIVERS_EFI_UPDATE_CAPSULES and
DRIVERS_EFI_GENERATE_CAPSULE, the build produces build/coreboot.cap once
the ROM is finalised (after all files were added to CBFS). The capsule
can also be generated explicitly with `make capsule`.
Move the capsule generation and certificate preparation into
payloads/external/edk2/Makefile, including generating the trusted root
certificate PCD include via BinToPcd.
Support capsule flows with an embedded FmpDxe driver by optionally
embedding FmpDxe.efi into generated capsules, and wiring the
embedded-driver Kconfig options through to the EDK2 payload build and
capsule generation.
Always set PersistAcrossReset on the capsule. Make InitiateReset
configurable (default off) because Linux rejects capsules with
InitiateReset when writing via /dev/efi_capsule_loader.
Use CONFIG_DRIVERS_EFI_MAIN_FW_VERSION for GenerateCapsule
--fw-version, but fall back to parsing a leading <major>.<minor> from
CONFIG_LOCALVERSION when it is left at 0. If
CONFIG_DRIVERS_EFI_MAIN_FW_LSV is 0, use the resolved firmware version.
Document capsule generation and embedded driver configuration.
Corresponding edk2 patches can be found at:
https://github.com/tianocore/edk2/pull/12053
Change-Id: I5f56b894d40ddb49f3158bb72f0143d0ebe9c34c
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/90862
Reviewed-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
coreboot produces SMBIOS tables with version 3.0.0. The UEFI payload
may overwrite this value based on PCDs and cause a mismatch of the
SMBIOS tables version produced by coreboot and version visible to OS.
To ensure proper parsing of SMBIOS tables in OS, set the same version
of SMBIOS for UEFI payload using the PCDs.
TEST=Run dmidecode on Gigabyte MZ33-AR1 and see that the tool reports
SMBIOS 3.0.0 present.
Change-Id: Ie3cdcca65dbcdddc74cb352ef5c4d3e83bdc87f5
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/89481
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Add support for building iPXE as an EFI target and including it in
the EDK2 payload as a boot option. This allows network booting
directly from the UEFI boot menu without requiring a separate iPXE
ROM file, as it is integrated into the payload.
As the required payload-side changes are not yet upstream, guard
the option on !EDK2_REPO_OFFICIAL.
Adjust PXE Kconfig defaults so that PXE is built from source as
ipxe.efi when EDK2_ENABLE_IPXE is selected.
TEST=build/boot iPXE from edk2 boot menu on google/fizz.
Change-Id: Ied61c7b8aa7a34261d6c6f7fd089b1affdc7d3f6
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/82721
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-by: Walter Sonius <walterav1984@gmail.com>
Replace positive dependency on EDK2_REPO_MRCHROMEBOX with negative
dependency on EDK2_REPO_OFFICIAL for downstream-specific features.
This makes the logic more generic and allows other downstream repos
to use these features. Options which were selected by default when
EDK2_REPO_MRCHROMEBOX is used remain unchanged.
Change-Id: Ia31e48c5a04d8db8b0f5250a6302123361cc3660
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/90057
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
PcdFirstTimeWakeUpAPsBySipi controls the sequence of IPIs sent to APs
during AP wakeup in UefiCpuPkg. Since coreboot leaves APs parked in
halt loop, SIPI is not enough to wake them up. They need to go through
regular INIT-SIPI-SIPI sequence. Set PcdFirstTimeWakeUpAPsBySipi to
FALSE to cause the MP code in UEFI Payload to send INIT-SIPI-SIPI
sequence, otherwise the APs are not detected in UEFI Payload.
Additionally, after rebasing to the latest UefiCpuPkg, CpuDxe now calls
MpInitLibStartupAllCPUs() while setting up per-CPU exception stacks.
If we leave `PcdFirstTimeWakeUpAPsBySipi` at its default (TRUE), only a
SIPI is issued on the first wake attempt. The APs that coreboot parks in
an HLT loop never acknowledge that SIPI, the DXE driver trips
`ASSERT_EFI_ERROR()` and the UEFI payload reboots straight back into
coreboot. Explicitly set the PCD to FALSE so the INIT-SIPI-SIPI flow is
used and all cores report in.
before:
MpInitLib: Find 1 processors in system.
after:
MpInitLib: Find 4 processors in system.
TEST=edk2 boots cleanly on Star Labs Lite ADL (Intel N200) and
Gigabyte MZ33-AR1; DXE log shows all processors detected.
Change-Id: I299b74892a56894c3e15507b507a50bdf7e59860
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/89210
Reviewed-by: Benjamin Doron <benjamin.doron00@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
This option existed to enable the MMIO eMMC DXE driver for AMD Picasso
boards with eMMC storage. The driver has been integrated into edk2 and
no longer requires guarding via a build-time option.
Remove the EDK2_PCO_MMIO_EMMC Kconfig symbol definition, associated
build logic, and the board-level select from google/zork.
TEST=build/boot AMD Picasso boards with edk2 payload.
Change-Id: I458a45ad752d88cc9252f2d8fe6b0e8ec054329d
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/89858
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
This option existed because the inclusion of the UFS driver in edk2
needed to be guarded due to some issues on non-UFS equipped devices.
Those issues have been resolved in edk2, so the UFS driver does not
need guarding anymore.
Remove the EDK2_UFS_ENABLE Kconfig symbol definition, associated build
logic, and selection from google/brya baseboard.
TEST=build/boot UFS and non-UFS ChromeOS boards with edk2 payload.
Change-Id: I3f20d503de4a642ee3fbb175c267e1f5f7328c8d
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/89857
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This requires version of EDK2 in use to understand those defines, but
the build isn't affected negatively if they aren't handled.
Upstream EDK2 has CAPSULE_SUPPORT for a while and modifications that
make it enable FMP capsules are already merged to be part of the next
stable release (the one after edk2-stable202508 which should be
edk2-stable202511).
The `sed` part is updated because GUID contains dashes just like option
names, so need to take leading spaces into account to avoid processing
dashes in values. This doesn't cover all possible cases, but should be
good enough.
Change-Id: I1c684cb8929842a5d3c4b06e8a9c0a748470ea41
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/83682
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Benjamin Doron <benjamin.doron00@gmail.com>
When the edk2 full-screen setup option is not used, the default console
size is 80x25, which is far to small to effectively navigate the menus,
especially now with many boards implementing CFR for setup options.
Increase the default size from 80x25 to 128x40, which is a good middle
ground for both low-res laptop displays and large external monitors.
TEST=build/boot edk2 with full-screen setup option disabled on Starlabs
starlite_adl and byte_twl with displays of varying resolution.
Change-Id: I5ddcd06a66989b45f8f6e39a102298dc73b06c6d
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/88594
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Reviewed-by: Benjamin Doron <benjamin.doron00@gmail.com>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
It's no longer maintained here other than to address specific issues,
and it prevents us from benefiting from upstream changes. Already,
switching to the GCC toolchain saves 5-10 KiB.
Use the GCC toolchain over the backwards-compatible GCC5 one, since the
latter is being deprecated, and the former landed a few years ago,
in edk2-stable202305.
Change-Id: I47e47592ea29f5a09790b284378f28385faf29f9
Signed-off-by: Benjamin Doron <benjamin.doron@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/88429
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This allows EDK2 build files to decide whether these modules should be
built.
Change-Id: I12dc346d17ab0f963dedd5560b66b96210a4ec48
Signed-off-by: Benjamin Doron <benjamin.doron@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/88428
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Set the EDK2 PCD to COREv4 so that ACPI tables that are created by EDK2
always use the coreboot OEM ID instead of the default one ("INTEL").
The name is taken from: include/acpi/acpi.h (OEM_ID)
tested:
build and see that BGRT table contains COREv4 instead of INTEL as OEM
ID.
Change-Id: I5e3a7d0f133e5b790f59ea522a71647f72ffc79c
Signed-off-by: Maximilian Brune <maximilian.brune@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/87647
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
On recent AMD platforms the VRT bit in the StatusD register is
read-writeable and set every 1024msec when RTC power is good.
This leads to a timeout in RtcWaitToUpdate() waiting for the bit
to be set and the gEfiRealTimeClockArchProtocolGuid won't be installed.
The protocol is critical to boot.
Adjust the code to not clear the VRT bit, as RtcWaitToUpdate() will
return an error, as it assumes the VRT bit is read-only and hardwired
to one as on Intel ICHs. While the timeout could be increased it
would also increase boot time by up to a second.
On platforms where the VRT bit is read-only the introduced code
does the same as before.
Change-Id: I8bc432114c83fa5f5fb35a144e3a35c38ee8a3de
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/87415
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Add a Kconfig to support passing `LOAD_OPTION_ROMS=TRUE` as a build
parameter in order to enable edk2 support for dGPUs.
Change-Id: I05444425d1cb98b023681639389949bf3f3b8e9c
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/87407
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-by: Alicja Michalska <ahplka19@gmail.com>
There is already a check for invalid reference, however `git rev-parse
reference` doesn't fail on unknown commit hash unless `^{object}`
peeling operator is used (`^{commit}` can be used as well).
Change-Id: I7ef39aeee2e902ac2fad6ac41b546c47418e1dec
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/84292
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Official EDK2 repository has VARIABLE_SUPPORT defaulting to EMU in
UefiPayloadPkg, switch it to SMMSTORE if coreboot is built with
SMMSTOREv2.
This removes custom default of EDK2_CUSTOM_BUILD_PARAMS for
EDK2_REPO_MRCHROMEBOX which is unnecessary now.
Change-Id: Ic59f89c0f708f9b144bd35cd18870d0e1c65677d
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/83737
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Maximilian Brune <maximilian.brune@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Without this, when doing a clean build with 'make j$(nproc)`, the build
can fail copying the GOP driver file since the target directory does
not exist yet.
TEST=build/boot google/hatch (akemi) w/edk2 payload and GOP driver init
on a clean git checkout.
Change-Id: Ic510d70041dc099e6bc469528b80d1e271976655
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/83474
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Upstream commit 11ad164bce (UefiPayloadPkg: Make UPL build script arch
agnostic, 2024-02-22) changes the build script's behavior to not assume
the arch. Without defining BUILD_ARCH, the build script will not
function properly and results in the payload failing to build.
Both UefiPayload and Universal Payload can only be built in X64.
Change-Id: Icd942d0c15a99231d09f9cbdc5eb48333b6aa6e5
Signed-off-by: Nicholas Sudsgaard <devel+coreboot@nsudsgaard.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/80883
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Core 2 platforms have issues with HPET. Enable support to use the LAPIC
driver so those machines actually boot and don't hang.
The LAPIC is actually closer to the CPU than the HPET (on the PCH),
which reduces access latency, leading to higher resolution of the timer.
Tested on a Lenovo X200 with a Core 2 Duo.
Change-Id: I33144d6c1c120e7faa47b99e8262b0997c45c9b9
Signed-off-by: Jean Lucas <jean@4ray.co>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/82000
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Add a Kconfig to selectively enable the AMD Picasso eMMC driver
recently added to MrChromebox's edk2 fork. When selected, will enable
booting from AMD Picasso devices with eMMC storage.
TEST=tested with rest of patch train
Change-Id: I6536a6f243f6766b913e295afebcf5b965e4e969
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/81892
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The `PRIORITIZE_INTERNAL` option was somehow duplicated, so remove the
extra copy, leaving the one under the MrChromebox repo specific
settings.
TEST=build qemu w/edk2 payload, check build log that the
'PRIORITIZE_INTERNAL' option is only added once to the build string.
Change-Id: I4c4c433184d93337c926e256e77054afc00a2566
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/81894
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Add a Kconfig to selectively enable the UFS DXE driver recently added
to MrChromebox's edk2 fork. When selected, will enable booting from
devices with UFS storage.
TEST=tested with rest of patch train
Change-Id: I0b54d21dc87abf6938c03948830f92ce5097ef7d
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/81870
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Disabling TPM support in edk2 can actually cause problems booting from
USB on some Intel-based boards with a CR50 TPM when using the edk2
GOP driver option, so rather than disable the TPM for all CR50 boards,
restrict the default to only AMD boards, where the boot hang with
TPM enabled was originally observed.
TEST=build/boot Win11, Linux from usb on google/fizz when built
with edk2 payload and edk2 GOP driver option selected.
Change-Id: I01509fea2dd42b741c00abcf9fb8b936e895b932
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78031
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Don't skip checking out the specified edk2 branch if the repo contains
untracked files, which may be the case if the EDK2_GOP_DRIVER option
is selected. Also ensure the submodule pointers are correct when
checking out.
TEST=build google/panther with GOP driver option and edk2 payload 2x,
switching branches between builds and ensure the correct branch is
used each time and submodules are synced with branch.
Change-Id: If7040bd5c49209b37a4b308485bf59352197d3b6
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78030
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Several of the build commands passed by the Makefile only exist
in MrChromebox's fork of edk2. Guard these, and the corresponding
Kconfig options, against the selection of the MrChromebox repository.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I41d8d54e5b91990dd9fb88967fcd549a86cf6fe9
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78036
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Disable TPM support for CR50 TPM when using MrChromebox repo, since
it's not currently supported in edk2, and causes some boards (eg AMD
Zen-based) to failed to boot.
TEST=build/boot on google/frostflow
Change-Id: I64b5eb09d64eafd2bed400b7a7c97750cc368aed
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77270
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Reviewed-by: Varshit Pandya <pandyavarshit@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add Kconfig for passing a VBT file and GOP driver to edk2, and pass a
build param to use them along with the platform GOP driver. This allows
edk2 to initialize the display and change display modes, instead of
being limited to the single mode set by whatever display init method
coreboot might use (libgfxinit, FSP/GOP, VBIOS, etc).
TEST=build/boot multiple google boards spanning several platforms using
the edk2 GOP driver for display init.
Change-Id: I63a49df2411fe44b06eaee6d0fb9aab42ac8aedb
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77269
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Hook up edk2 build flag PcdPcieResizableBarSupport to coreboot
Kconfig CONFIG_PCIEXP_SUPPORT_RESIZABLE_BARS.
Signed-off-by: Lean Sheng Tan <sheng.tan@9elements.com>
Change-Id: I5cc12d32c5e132b9f99ec650377d7683377c2a9c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74926
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Benjamin Doron <benjamin.doron00@gmail.com>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
SMMSTORE requires 0x8000, compared to the default value of 0x10000.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I10d2a5a0c1d729d83e0b62bb9430863317b883cc
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74176
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
With the coreboot build process, `UniversalPayloadBuild.sh` calls
`UniversalPayloadBuild.py`. That Python script will unconditionally
build DXE as 64-bit, but accepts an argument for the entry point:
parser.add_argument('-a', '--Arch', choices=['IA32', 'X64'],
help='Specify the ARCH for payload entry module. Default build X64
image.', default ='X64')
Currently, ` -a IA32 -a X64` is passed, and the Python script will
use the `X64` argument, resulting in a payload that won't work with
coreboot.
Remove the `-a X64`, so the resulting build is a 32-bit entry point,
and 64-bit DXE, which works with coreboot.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I8a557d6e155a2938b44036d98f9274cc8b38f156
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73668
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Benjamin Doron <benjamin.doron00@gmail.com>
Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de>
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Rather than requiring another Kconfig symbol to be set, reuse the same
`make V=1` command argument. This simplifies rebuilds with a single
point of reference.
Also, this means that coreboot doesn't have to be rebuilt due to Kconfig
changes.
Change-Id: I9eba86b234768641a215095b8657e9d07832b1b5
Signed-off-by: Benjamin Doron <benjamin.doron00@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75185
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Remove the ABOVE_4G_MEMORY option as the option was removed in edk2
in commit dc5f2905ebfdf68ae28ce1081d435af0f8641dd9 (UefiPayloadPkg:
Always build MemoryTypeInformation HOB for DXE GCD
- https://github.com/tianocore/edk2/pull/4231).
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I8d5ee79ef3f7ecfcd1463c612aad2e3d629df22a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74336
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Now that MrChromebox's default edk2 branch supports Secure Boot, add a
Kconfig to enable it, and do so by default when MrChromebox's branch
is used and SMMSTORE_V2 is enabled (which is a prerequisite).
TEST=build/boot google boards link, panther, lulu,reef, ampton, akemi,
and banshee, verify Secure Boot options available in payload, Secure
Boot status reported properly by Linux/Windows.
Change-Id: I4be58c3315cabe08729d717c59203fdc6a3e2958
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74869
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add possibility to clone edk2-platforms repository. Some edk2
repositories may use modules from edk2-platforms which contains
various feature packages for Intel platforms, e.g VT-d driver if DMA
protection is enabled.
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Change-Id: Iabd0793dfdcb95260046dc992ff30ef581159db9
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68872
Reviewed-by: Krystian Hebel <krystian.hebel@3mdeb.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The Shimlayer recipe requires OBJCOPY, so declare it at the top of
the Makefile so this recipe works as intended.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I2e04dfe18df6252261836dcdf98f7e8de65287b5
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68744
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
For recent X86 CPUs, the 0x15 CPUID instruction will return Time Stamp
Counter Frequence. For CPUs that do not support this instruction, EDK2
must include a different library which is the reason why this must be
configured at build time.
If this is enabled, and the CPU doesn't support 0x15, it will fail to
boot. If is not enabled, and the CPU does support 0x15, it will still
boot but without support for the leaf. Consequently, disabled it by
default.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I4f0f43ce50c4f6f7eb03063fff34d015468f6daa
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65950
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
The ShimLayer is required to start the Universal Payload. It will build
the required HOBs and pass them accordingly.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I043271994f40813d9059a89420d4311d9d5802b1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64485
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Add a recipe to build UniversalPayload.elf, which uses a wrapper for the
UniversalPayloadBuild.py that is hosted in the edk2 repository.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I2aa318513244f576e07e72713fad3b4f7bd7c22e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68183
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Specifying a build target only applies to UefiPayloadPkg, so guard it
against the relevant Kconfig option.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Ia4597b5ed76616e39cec45f8a69be9f1ccd72d4c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68182
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
The silent switch, `-s`, only works for building UefiPayloadPkg. Guard
it against the relevant Kconfig option so that it doesn't cause
problems with other targets.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I5a5df636e6484a435c849c6d19c7cb61e8e62ee6
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68181
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Whilst UefiPayloadPkg is always built with support for 32-bit
and 64-bit, this is not the case for all edk2 targets. Move this
to the build command so they can be specified on each target.
Also add the `-s` switch, which stands for quiet to suppress edk2
printing War and Peace whilst building.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: If94abd4e28917718c76ad5945966e7be668c8f61
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66364
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Rename the update recipe, which updates the edk2 repository, to
$(EDK2_PATH). There is no functional change here.
This recipe must be phony so it runs every time.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I30fedbee7459b79a85a23678e0075368eda95da0
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66363
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
When cloning edk2, download the submodules at the same time. There is
no functional change here, just a minor speed improvement.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Ieeb481346093588bd8d237857966001dc81460b1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66362
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
First, remove the `-p` flag; as it's a file target it's not needed in
this case.
Second, remove the clone as this is handled in the update recipe.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I3829a3151be2d05a067a160fa770e5eb7ad4aad4
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66361
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Convert UefiPayloadPkg (UEFIPAYLOAD.fd) to a file target.
There is no functional change here, it just avoids it being copied
out of the build dir, into an output directory and then into build.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Iff097f6f1e715c697c33c50c395d7c1b88cc6280
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66360
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Separate the tasks that are required to be completed prior to building
edk2 into a prep recipe. This allows this to be used for building
different targets.
This also ensures that the COREBOOT toolchain is used.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Ic4ae8ac4118a5747f38297d0fbf4cb53aa3b6d6d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66359
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
Separate the Release String from the Build String. This allows
the makefile to locate built files more precisely.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Id98674f0bbf485b2bfdbf5784d325c5ac89ad076
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66358
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The current edk2 makefile will work in a directory that's name is
derived from the repository, such as `mrchromebox` or `starlabsltd`.
Move this under a directory, so that it can be ignored by git and
so that the makefile can be adjusted to use file targets, rather
than phony recipes with wildcards.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: If0c80dbc59130f229b78cab9578115e14172301d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66356
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
