erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coreboot/src/include
History
Sean Rhodes 468f8131ec security/tcg/opal_s3: hook into default SMI/resume paths 
Provide common entry points for the OPAL S3 unlock feature and wire them
into the generic x86 SMM and S3 resume code.

- Add opal_s3_smi_{apmc,sleep,sleep_finalize} helpers.
- Call these helpers from the default weak mainboard SMI hooks when
  CONFIG(TCG_OPAL_S3_UNLOCK) is enabled. This keeps the feature usable
  without forcing boards to implement new SMI handlers.
- Trigger the SMM unlock on S3 resume from arch/x86/acpi_s3.c.

Select SMM_OPAL_S3_STATE_SMRAM so the secret is persisted across SMM
handler reload. Add a delay and retry loop before unlock, and restore
NVMe BAR0 if the device loses PCI config state across S3.

The SMM side continues to whitelist only the OPAL service and unlock
APMC commands and fails closed if any invariant is violated.

TEST=tested with rest of patch train

Change-Id: I86a44760a189219a95914bd3549997880fb0242b
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/91045
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2026-03-27 18:14:05 +00:00
..
acpi include/acpi/acpi_pld.h: Fix order of colour components 2026-03-19 19:35:10 +00:00
arch-generic soc/amd/common/psp_verstage: Remove arch/io.h 2025-04-02 16:03:34 +00:00
boot tests/lib/coreboot_table-test.c: Add lb_string_platform_blob_version 2026-01-23 21:38:33 +00:00
console treewide: Use __printf macro instead of "__attribute__(format(printf" 2026-01-29 14:30:31 +00:00
cpu treewide: Apply nonstring attribute to unterminated strings 2026-03-27 18:09:27 +00:00
device lib/spd_bin: Add support for DDR5 SPD parsing 2026-02-17 20:46:41 +00:00
efi efi: Set EFIAPI to 32-bit ABI for FSP1_1 2024-09-20 23:25:30 +00:00
mipi mipi/panel: Add 'poweroff' field to panel_serializable_data 2026-01-14 09:40:54 +00:00
pc80 drivers/pc80/pc/keyboard.c: Add function to change a command byte bit 2025-01-22 20:45:37 +00:00
security/tcg security/tcg/opal_s3: hook into default SMI/resume paths 2026-03-27 18:14:05 +00:00
smp include/smp/node: Drop unused is_smp_boot 2025-07-01 15:08:52 +00:00
superio
sys include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
adainit.h Add option to use Ada code in romstage 2022-12-17 20:48:06 +00:00
asan.h include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
assert.h assert.h: Remove printk dependency for ENV_TEST 2026-01-27 01:59:50 +00:00
b64_decode.h
base3.h
boardid.h
boot_device.h drivers/spi: Allow SoC to provide the SPI flash CS index 2026-01-17 23:41:39 +00:00
bootblock_common.h
bootmem.h lib/bootmem: Add memory type for Armv9 MTE tag storage 2025-12-13 14:29:29 +00:00
bootmode.h mb/google,samsung: Drop init_bootmode_straps() 2022-04-09 02:50:01 +00:00
bootsplash.h vc/google/chromeos: Add platform hook for emergency battery shutdown 2026-02-25 22:55:57 +00:00
bootstate.h tree: Remove unused <string.h> 2024-05-29 10:34:08 +00:00
cbfs.h CBFS verification: support Top Swap redundancy 2025-12-20 17:39:43 +00:00
cbfs_glue.h vboot: Add VBOOT_CBFS_INTEGRATION support 2022-11-08 23:03:49 +00:00
cbmem.h tree: Use boolean for s3resume 2025-10-23 13:34:15 +00:00
cper.h include/cper.h: Add check information structures 2026-01-14 11:17:54 +00:00
crc_byte.h lib/crc_byte: Parenthesize buffer address in CRC macro 2025-01-23 23:00:53 +00:00
ctype.h include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
delay.h include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
devtree_update.h lib: Rename devtree_update to mb_devtree_update 2026-03-06 20:33:48 +00:00
dimm_info_util.h arch/x86: Refactor the SMBIOS type 17 write function 2021-11-11 09:10:10 +00:00
dp_aux.h google/trogdor: Add backlight support for Parade ps8640 2021-11-02 08:17:21 +00:00
edid.h treewide: Apply nonstring attribute to unterminated strings 2026-03-27 18:09:27 +00:00
elog.h treewide: Remove 'extern' from functions declaration 2023-05-26 13:45:24 +00:00
endian.h Remove <swab.h> and swabXX() functions 2025-12-12 07:09:45 +00:00
espi.h include/espi.h: Switch to types.h 2022-03-27 15:13:31 +00:00
fallback.h include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
fit.h treewide: Move device_tree to commonlib 2024-06-22 04:02:04 +00:00
fmap.h include/fmap.h: Require FMAP_FLASH_SIZE == CONFIG_ROM_SIZE 2026-01-23 18:54:11 +00:00
framebuffer_info.h lib/edid_fill_fb: Add dual pipe flag to lb_framebuffer_flags 2025-11-18 07:37:20 +00:00
fw_config.h lib/fw_config: Add mainboard hook for selective probe override 2026-03-19 17:17:56 +00:00
gpio.h soc/intel/common/gpio: Add function to read GPIO TX value 2023-01-25 14:33:06 +00:00
halt.h treewide: Move stdlib.h to commonlib 2024-03-15 10:09:43 +00:00
identity.h lib/version: Move board identification strings 2023-04-22 16:20:49 +00:00
imd.h
imd_private.h include/imd_private.h: Use C99 flexible arrays 2023-07-30 09:58:12 +00:00
input-event-codes.h include/input-event-codes.h: Update to latest HID tree 2024-06-21 16:46:04 +00:00
inttypes.h
kconfig.h
lib.h lib: Add __fls() (Find Last Set) 2021-12-13 02:57:07 +00:00
limits.h include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
main_decl.h include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
memlayout.h memlayout: Introduce PRERAM and POSTRAM DMA coherent regions 2025-11-22 17:23:55 +00:00
memory_info.h include: commonlib: Move memory_info and dimm_info to commonlib 2025-11-22 18:54:55 +00:00
memrange.h include/memrange.h: Remove trailing semicolon 2022-09-28 16:12:04 +00:00
metadata_hash.h
mrc_cache.h drivers/intel/fsp2_0: Introduce MRC cache store after FSP-M/S APIs 2023-09-05 09:36:17 +00:00
mtcl.h drivers/wifi: Add MTCL function to ACPI SSDT 2024-02-06 03:37:19 +00:00
nhlt.h drivers/ipmi to lib: Fix misspellings & capitalization issues 2023-12-13 10:42:30 +00:00
option.h include/option: Add verstage stub for UEFI variable store backend 2025-12-02 15:17:33 +00:00
post.h
program_loading.h lib/program_loaders.c: Mark run_ramstage with __noreturn 2022-07-14 23:10:17 +00:00
ramdetect.h
random.h arch/x86: Use 'enum cb_err' 2022-12-25 15:09:16 +00:00
reg_script.h tree: Drop duplicated <device/{path,resource}.h> 2024-04-12 04:24:20 +00:00
region_file.h
reset.h lib: Introduce early power off support Kconfig option 2025-02-15 18:59:11 +00:00
rmodule.h tree: Remove unused <string.h> 2024-05-29 10:34:08 +00:00
romstage_common.h arch/x86: Add a common romstage entry 2022-06-07 12:54:39 +00:00
romstage_handoff.h tree: Use boolean for s3resume 2025-10-23 13:34:15 +00:00
rtc.h
rules.h rules.h: Add ENV_RAMSTAGE_LOADER 2025-12-20 17:35:52 +00:00
sar.h drivers/wifi: Update Drive Strength BRI Rsp Table revision 2024-12-17 17:27:54 +00:00
sdram_mode.h
smbios.h smbios: Add smbios_cache_speed() implementation 2026-03-24 14:48:23 +00:00
smmstore.h drivers/smmstore: Support 64-bit MMIO addresses 2025-05-08 22:28:16 +00:00
spd.h include/spd.h: Add SPD_MEMORY_TYPE_LPDDR3_INTEL into spd_memory_type 2024-05-09 11:24:40 +00:00
spd_bin.h soc/common/smbus: Support reading SPD5 hubs for DDR5 2025-08-02 01:47:44 +00:00
spd_cache.h
spi-generic.h drivers/spi: add Numonyx and Micron names to STMicro case 2024-10-09 18:09:42 +00:00
spi_bitbang.h
spi_flash.h drivers/spi: add RPMC support 2024-12-03 17:40:39 +00:00
spi_sdcard.h
stage_cache.h tree: Use boolean for s3resume 2025-10-23 13:34:15 +00:00
stdarg.h tree: Remove unused <stdarg.h> 2024-05-28 03:22:34 +00:00
stdbool.h include/stdbool: Don't unconditionally typedef bool 2024-09-25 01:05:32 +00:00
stddef.h stddef.h: Introduce nullptr constant 2024-10-03 02:05:44 +00:00
stdint.h
stdio.h tree: Use <stdio.h> for snprintf 2024-05-29 10:33:54 +00:00
stdlib.h treewide: Move stdlib.h to commonlib 2024-03-15 10:09:43 +00:00
string.h commonlib/bsd: Add strlen() and strnlen() functions 2024-08-14 03:09:03 +00:00
symbols.h memlayout: Introduce PRERAM and POSTRAM TTB regions 2026-03-10 12:23:07 +00:00
thread.h rules.h: Use more consistent naming 2022-05-16 21:52:22 +00:00
timer.h timer: Change timer util functions to 64-bit 2022-09-14 11:55:39 +00:00
timestamp.h include: Add 'IWYU pragma: export' comment 2024-04-15 05:30:24 +00:00
types.h src/include: Introduce a new BIT_FLAG_32(x) macro 2024-09-04 18:31:25 +00:00
uuid.h
ux_locales.h lib: Add low battery UX locale message 2025-02-15 18:58:48 +00:00
vbe.h include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
version.h lib/version: Move board identification strings 2023-04-22 16:20:49 +00:00
watchdog.h include: Add SPDX-License-Identifiers to files missing them 2022-08-01 13:59:11 +00:00
wrdd.h