CL:3825558 changes all vb2_digest and vb2_hash functions to take a new
hwcrypto_allowed argument, to potentially let them try to call the
vb2ex_hwcrypto API for hash calculation. This change will open hardware
crypto acceleration up to all hash calculations in coreboot (most
notably CBFS verification). As part of this change, the
vb2_digest_buffer() function has been removed, so replace existing
instances in coreboot with the newer vb2_hash_calculate() API.
Due to the circular dependency of these changes with vboot, this patch
also needs to update the vboot submodule:
Updating from commit id 18cb85b5:
2load_kernel.c: Expose load kernel as vb2_api
to commit id b827ddb9:
tests: Ensure auxfw sync runs after EC sync
This brings in 15 new commits.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
A new ChromeOS automated test will be introduced to check the cbmem log
of diagnostic boot mode. Because the diagnostic boot does not allow
booting into kernel, the test must perform AP reset and then check the
cbmem log afterwards. However, the memory content might not be written
back to memory (from CPU cache) during AP reset because of the cache
snooping mechanism on x86. Hence, some API to flush cache is needed.
Implement dcache_* to allow flushing cache proactively in x86. To avoid
unnecessary flush, check dma_coherent before calling dcache_* functions,
which will be always true in x86. Therefore, this change won't affect
the original functionality.
BUG=b:190026346
TEST=FW_NAME=primus emerge-brya libpayload
Cq-Depend: chromium:3841252
Signed-off-by: Hsin-Te Yuan <yuanhsinte@google.com>
Change-Id: I622d8b1cc652cbe477954a900885d12e6494d94d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66578
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Whilst UefiPayloadPkg is always built with support for 32-bit
and 64-bit, this is not the case for all edk2 targets. Move this
to the build command so they can be specified on each target.
Also add the `-s` switch, which stands for quiet to suppress edk2
printing War and Peace whilst building.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: If94abd4e28917718c76ad5945966e7be668c8f61
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66364
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The current edk2 makefile will work in a directory that's name is
derived from the repository, such as `mrchromebox` or `starlabsltd`.
Move this under a directory, so that it can be ignored by git and
so that the makefile can be adjusted to use file targets, rather
than phony recipes with wildcards.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: If0c80dbc59130f229b78cab9578115e14172301d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66356
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Logo.bmp is overwritten with a custom one from coreboot. This needs to
be restored before the branch is updated otherwise git will report that
the repository is dirty.
Move this to the update recipe so that will always be done for any
recipe that needs to update the branch.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I85bf753a47d9e70d6555dec9a539e8ed7395bead
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66355
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Move the code that prints the edk2 build options to it's own recipe
so that it can be called for different targets.
This change also fixes the print, as it accounts for recent switches
such as `--pcd` and `-s`.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Ie797ca26cd28eab0f633bd8dee5ec19634fcea99
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66354
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
coreboot uses TianoCore interchangeably with EDK II, and whilst the
meaning is generally clear, it's not the payload it uses. EDK II is
commonly written as edk2.
coreboot builds edk2 directly from the edk2 repository. Whilst it
can build some components from edk2-platforms, the target is still
edk2.
[1] tianocore.org - "Welcome to TianoCore, the community supporting"
[2] tianocore.org - "EDK II is a modern, feature-rich, cross-platform
firmware development environment for the UEFI and UEFI Platform
Initialization (PI) specifications."
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I4de125d92ae38ff8dfd0c4c06806c2d2921945ab
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65820
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
When removing SD card from USB card reader, the USB MSC stack does
not detach the device immediately. Instead, the USB MSC stack calls
usbdisk_remove() and calls usb_msc_destroy() after several pollings.
It results in usbdisk_remove() being called twice.
Since the usbmsc_inst_t instance is freed after first usbdisk_remove()
call, the second call invokes an invalid usbmsc_inst_t instance and
causes exception in CPU.
This patch prevents usbdisk_remove() from being called twice by setting
usbdisk_created to zero.
BUG=b:239492347
TEST=insert an empty SD card into the USB card reader then remove
the SD card. AP firmware does not crash.
Change-Id: I0675e9fde3e770d63dd0047928356a204245ef18
Signed-off-by: Yidi Lin <yidilin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66449
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Recent changes to both coreboot and edk2 means that UefiPayloadPkg
seems to work on all hardware. It has been tested on:
* Intel Core 2nd, 3rd, 4th, 5th, 6th, 8th, 8th, 9th, 10th,
11th and 12th generation processors
* Intel Small Core BYT, BSW, APL, GLK and GLK-R processors
* AMD Stoney Ridge and Picasso
This includes the problematic Lenovo X230s. The most likely fixes are:
* Configuring the PCI Base and Length in edk2
* Fixes to the HostBridgeLib in edk2
* Adjustment to the SD/eMMC initialisation timeout
This means we can now remove the already deprecated option for
CorebootPayloadPkg and the legacy 8254 timer build option.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Ice7b7576eb3d32ea46e5138266b7df3fbcdcf7ea
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65721
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
the missing `; \` at the end of the line meant subsequent lines
were no longer run from $project_dir, so Logo.bmp was silently
failing to restore. This led to the working dir being dirty,
and on subsequent runs, any change to a different branch in the
same repo would fail.
Change-Id: I17a323bc2dda19b69d809e398b273f24e14b43af
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66321
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add 'pci_map_bus' function and PCIE_QCOM config for Qualcomm platform.
BUG=b:182963902,b:216686574,b:181098581
TEST=Verified on Qualcomm sc7280 development board with NVMe endpoint
(Koixa NVMe, Model-KBG40ZPZ256G with FW AEGA0102). Confirmed NVMe is
getting detected in response to 'storage init' command in depthcharge
CLI prompt.
Output logs:
->dpch: storage init
Initializing NVMe controller 1e0f:0001
Identified NVMe model KBG40ZPZ256G TOSHIBA MEMORY
Added NVMe drive "NVMe Namespace 1" lbasize:512, count:0x1dcf32b0
* 0: NVMe Namespace 1
1 devices total
Also verified NVMe boot path that is depthcharge is able to load the
kernel image from NVMe storage.
Change-Id: I7d1217502cbd7d4d0cdd298919ae82435630d61c
Signed-off-by: Prasad Malisetty <quic_pmaliset@quicinc.com>
Signed-off-by: Veerabhadrarao Badiganti <quic_vbadigan@quicinc.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/57615
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
SMMSTORE support in edk2 was not allowed in upstream edk2
as it was bootloader specific.
Shortly, it will be built from edk2-platforms and then,
it will be retired.
For now, the patches exist in the MrChromeBox fork (TIANOCORE_UEFIPAYLOAD), so enable
these by default when SMMSTORE_v2 is enabled.
Change-Id: I1861bf739c2e25f661b4f06a303348f0537dc8b3
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65867
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
commit 108e537928
("payloads/tianocore: Add a proper target for the Boot Splash")
introduced 2 bugs in bootsplash handling:
- the "logo" make target added a spurious "/edk2" to the project dir
- the "logo" make target failed to account for the case where no user-
defined logo file is used (the upstream Tianocore one will be used
in this case)
Fix both these issues.
Test: build/boot qemu w/Tianocore w/o user-defined bootsplash file.
Change-Id: Ieebc547670213459823f58956ae87c6bf94b74ef
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66142
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Firstly, change the unit of `μs` to `ms` so it's easier to read.
This patch changes the default amount of time allowed to initialise
SD Card Readers and eMMC drives from 1ms to 10ms. Having a timeout
too short will stop certain devices from booting, which was seen on
google/akemi; it throws an exception when attempting to boot from
the internal eMMC drive.
This new value is still lower than upstream edk2's value of 1s.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Id1f66d5d50f889f07a34836ab2932b28ef7fb245
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65813
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Hook up edk2 build options PCIE_BASE_ADDRESS and PCIE_BASE_LENGTH to
CONFIG_ECAM_MMCONF_BASE_ADDRESS and CONFIG_ECAM_MMCONF_LENGTH.
This patch has been reviewed upstream but not yet merged (2022/07/08).
It won't cause any problems for any existing branches or forks that do
not have this build option hooked up.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Ie5d50cc4619354d3c98adf6cde12c192be759869
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65644
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
ConSplitterDxe uses the intersection of all outputs, which includes
serial, for the list of supported text modes. When serial output is
supported, this slows down performance and limits the size of
FrontPage.
Only enable edk2's serial support when it's a debug build as
it's the only case where there will be debug output.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: Ic3633767dabb3543e865aa65c4101840a7b69cc1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65643
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
After commit 63e54275f6 (libpayload: Implement new CBFS access API),
libpayload includes headers from commonlib/bsd, which in turn include
vb2_sha.h from vboot after commit 0655f78041 (commonlib/bsd: Add new
CBFS core implementation). Usually submodules are initialized by the top
level Makefile.inc, but since this file is never read when building
libpayload based payloads outside the main coreboot build, the header
cannot be found unless the vboot submodule had previously been
initialized. This is especially evident when following Tutorial 1 in the
documentation, where the coreboot repo is cloned without recursing into
submodules and coreinfo is built separately from the coreboot build
using `make -C payloads/coreinfo`.
TEST=Deinitialize submodules and run `make -C payloads/coreinfo`.
Coreinfo should build without error.
Change-Id: I29b16525999921fbce51c2459d3d534b64e00b3c
Signed-off-by: Nicholas Chin <nic.c3.14@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65222
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
GCC_CFLAGS_<arch> contains only the flags that are GCC specific, iow.
flags that don't work with Clang.
CFLAGS_<arch>, OTOH, contains all flags that should be used and auto-
matically includes GCC_CFLAGS_<arch> if GCC is selected.
Change-Id: I5ec15f169d51c7a32ca86e54a98a2ce0e3b51e6d
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62248
Reviewed-by: Thomas Heijligen <src@posteo.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Payloads often just use one of the defconfigs for libpayload. When
the `Makefile.payload` was introduced, it also added dependencies
to pass a `make oldconfig` or `make defconfig` for the payload on
to libpayload. Turned out, this creates some dependency madness
when, for instance, `make oldconfig` gets called without a libpay-
load `.config` available, or when we try to include the `.config`
in the `Makefile`.
To make things worse, Kconfig's `Makefile` that is imported from
Linux contains some rarely used paths that are generally incompa-
tible to our environment. So let's get rid of the hard-to-control
automatism.
Payloads that don't want to use a libpayload defconfig need to
clear the `$(LIBPAYLOAD_DEFCONFIG)` variable and manually run
the respective config target to generate a `.config`. To fully
support this, the rule to create a `.config` via `defconfig` is
guarded by `$(LIBPAYLOAD_DEFCONFIG)`. Otherwise we'd have a
spurious, broken recipe when the variable is unset.
We keep the option to call libpayload targets with an `lp-` prefix
for convenience. The existing, explicit targets `lp-defconfig` and
`lp-oldconfig` are replaced with a pattern match, so all config
and other targets should work.
Change-Id: Ie3fcce58d98e248c7182cd47f2a797fe066dd18a
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62273
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Thomas Heijligen <src@posteo.de>
In addition to change CB:40316 this commit proposes a change of default
behavior inside of the LinuxBoot toolchain.
Currently the defaults build a LinuxBoot payload which boots into the
u-root shell and waits for input. In fact it does not deliver any
bootloader with it, but the build image is on the other hand rather
small.
This commit changes the defaults in a way that the LinuxBoot
bootloader will actually be able to boot a local or remote system image.
In consequence the build payload size is rather big, but accepted for a
working out-of-the-box startup behavior.
See discussion on that topic in the above mentioned change.
Signed-off-by: Patrik Tesarik <mail@patrik-tesarik.de>
Change-Id: Ieaba7e523aef10c467a8bea29ae323e22324b225
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40527
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The u-root toolkit dropped the original uinit bootloader in the master
branch and respectively the systemboot-option in templates.go. In
consequence the LinuxBoot builds will boot into the u-root shell and
waiting for input. This commit enables the reuse of the -uinitcmd flag
to specify a command, which runs after the u-root init-process.
Systemboot as a bootloader wrapper will mimic a BIOS/UEFI boot device
selection. Other preselections, i.e. stboot and boot2 are implemented as
well. Custom strings or programs can be set as well, but they cannot
contain program flags. E.g. 'fbnetboot -class linuxboot' will not work,
because they aren't symlinkable.
This commit and its respective LinuxBoot builds with systemboot, none
and one custom option have been tested successfully on a UP squared
single board computer with the intended behavior.
Change-Id: I4ac3409040ea77a1836f90f43fba07d2cd05a952
Signed-off-by: Patrik Tesarik <mail@patrik-tesarik.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40316
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
This is a breaking change for now when using latest u-root main, which
is the default behavior in LinuxBoot.
u-root switched to golang modules and therefore `go get` is not the
standard behavior anymore. The workaround for this is to pull the
repository and build directly in the directory for now. Another apporach
would be to use `go install $pkg@latest` to install the binary at that
particular version into the golang binary path.
Currently missing is a control structure to enable the build process for
legacy versions <v0.8.0.
Signed-off-by: Patrik Tesarik <patrik.tesarik@9elements.com>
Change-Id: Ifa03504da6fa321ffc6d2506b27ebd2e3ed9961b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65090
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
