x86 pre-memory stages do not support the `.data` section and as a
result developers are required to include runtime initialization code
instead of relying on C global variable definition.
To illustrate the impact of this lack of `.data` section support, here
are two limitations I personally ran into:
1. The inclusion of libgfxinit in romstage for Raptor Lake has
required some changes in libgfxinit to ensure data is initialized at
runtime. In addition, we had to manually map some `.data` symbols in
the `_bss` region.
2. CBFS cache is currently not supported in pre-memory stages and
enabling it would require to add an initialization function and
find a generic spot to call it.
Other platforms do not have that limitation. Hence, resolving it would
help to align code and reduce compilation based restriction (cf. the
use of `ENV_HAS_DATA_SECTION` compilation flag in various places of
coreboot code).
We identified three cases to consider:
1. eXecute-In-Place pre-memory stages
- code is in SPINOR
- data is also stored in SPINOR but must be linked in Cache-As-RAM
and copied there at runtime
2. `bootblock` stage is a bit different as it uses Cache-As-Ram but
the memory mapping and its entry code different
3. pre-memory stages loaded in and executed from
Cache-As-RAM (cf. `CONFIG_NO_XIP_EARLY_STAGES`).
eXecute-In-Place pre-memory stages (#1) require the creation of a new
ELF segment as the code segment Virtual Memory Address and Load Memory
Address are identical but the data needs to be linked in
cache-As-RAM (VMA) but to be stored right after the code (LMA).
Here is the output `readelf --segments` on a `romstage.debug` ELF
binary.
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
LOAD 0x000080 0x02000000 0x02000000 0x21960 0x21960 R E 0x20
LOAD 0x0219e0 0xfefb1640 0x02021960 0x00018 0x00018 RW 0x4
Section to Segment mapping:
Segment Sections...
00 .text
01 .data
Segment 0 `VirtAddr` and `PhysAddr` are at the same address while they
are totally different for the Segment 1 holding the `.data`
section. Since we need the data section `VirtAddr` to be in the
Cache-As-Ram and its `PhysAddr` right after the `.text` section, the
use of a new segment is mandatory.
`bootblock` (#2) also uses this new segment to store the data right
after the code and load it to Cache-As-RAM at runtime. However, the
code involved is different.
Not eXecute-In-Place pre-memory stages (#3) do not really need any
special work other than enabling a data section as the code and data
VMA / LMA translation vector is the same.
TEST=#1 and #2 verified on rex and qemu 32 and 64 bits:
- The `bootblock.debug`, `romstage.debug` and
`verstage.debug` all have data stored at the end of the `.text`
section and code to copy the data content to the Cache-As-RAM.
- The CBFS stages included in the final image has not improperly
relocated any of the `.data` section symbol.
- Test purposes global data symbols we added in bootblock,
romstage and verstage are properly accessible at runtime
#3: for "Intel Apollolake DDR3 RVP1" board, we verified that the
generated romstage ELF includes a .data section similarly to a
regular memory enabled stage.
Change-Id: I030407fcc72776e59def476daa5b86ad0495debe
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77289
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
When more ACPI tables are written than space is available in CBMEM, the
buffer overflow corrupts other CBMEM tables and a successful boot is unlikely.
Upgrade the error message to critical and be more precise what to do.
Change-Id: I152842945f552905729265f7d623cd581dd0a8d0
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77714
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Naresh <naresh.solanki.2011@gmail.com>
commit f8ac3dda02 ("soc/intel/common:
Order the CPUs based on their APIC IDs") sort algorithnm walks all the
`cpu_info' entries without discarding empty ones. Since `cpu_info' is
not initialized, the data that is used is undefined and it generally
results in the creation of invalid `Local x2APIC' entries in the
MADT ("APIC") ACPI table.
Depending on the X2APIC ID value the Linux kernel behavior
changes (cf. arch/x86/kernel/acpi/boot.c::acpi_register_lapic()):
1. If (int)ID >= MAX_LOCAL_APIC (32768), the Linux kernel discards the
entry with the "skipped apicid that is too big" INFO level
message.
2. If (int)ID < MAX_LOCAL_APIC (32768) (including negative) this data
is taken into account and it can lead to undesirable behavior such
as core being disabled as (cf. "native_cpu_up: bad cpu" ERROR
kernel message).
TEST=Verified the MADT does not contain any invalid entries on rex.
Change-Id: I19c7aa51f232bf48201bd6d28f108e9120a21f7e
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/77615
Reviewed-by: Bora Guvendik <bora.guvendik@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Wonkyu Kim <wonkyu.kim@intel.com>
acpi.c contains architectural specific things like IOAPIC, legacy IRQ,
DMAR, HPET, ... all which require the presence of architectural headers.
Instead of littering the code with #if ENV_X86 move the functions to
different compilation units.
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Change-Id: I5083b26c0d4cc6764b4e3cb0ff586797cae7e3af
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76008
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
In VBOOT_STARTS_IN_ROMSTAGE=y case, vboot_run_logic() did not
get called when postcar was loaded from TSEG stage cache on
ACPI S3 resume path. Resume failed as MP init attempts to
access microcode update from unverified FW_MAIN_A/B section.
In a similar fashion, for POSTCAR=n, loading ramstage from
TSEG stage cache would bypass the call to vboot_run_logic().
TEST=samsung/lumpy with VBOOT_STARTS_IN_ROMSTAGE=y is able
to complete S3 resume.
Change-Id: I77fe86d5fd89d22b5ef6f43e65a85a4ccd3259d9
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76209
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Julius Werner <jwerner@chromium.org>
The prefix POSTCODE makes it clear that the macro is a post code.
Hence, replace related macros starting with POST to POSTCODE and
also replace every instance the macros are invoked with the new
name.
The files was changed by running the following bash script from the
top level directory.
sed -i'' '30,${s/#define POST/#define POSTCODE/g;}' \
src/commonlib/include/commonlib/console/post_codes.h;
myArray=`grep -e "^#define POSTCODE_" \
src/commonlib/include/commonlib/console/post_codes.h | \
grep -v "POST_CODES_H" | tr '\t' ' ' | cut -d ' ' -f 2`;
for str in ${myArray[@]}; do
splitstr=`echo $str | cut -d '_' -f2-`
grep -r POST_$splitstr src | \
cut -d ':' -f 1 | xargs sed -i'' -e "s/POST_$splitstr/$str/g";
grep -r "POST_$splitstr" util/cbfstool | \
cut -d ':' -f 1 | xargs sed -i'' -e "s/POST_$splitstr/$str/g";
done
Change-Id: I25db79fa15f032c08678f66d86c10c928b7de9b8
Signed-off-by: lilacious <yuchenhe126@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76043
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
DDR5 spd is not supported read by coreboot. But FSP can read it,
so print the memory information from smbios type17 dimm information.
TEST=check the coreboot log.
memory Channel-0-DIMM-0 type is DDR5
memory part number is MTC8C1084S1SC56BG1
memory max speed is 5600 MT/s
memory speed is 5200 MT/s
memory size is 16384 MiB
Signed-off-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Change-Id: I2b5ca1f4a59598531a6cba500672c2717f2a7b00
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75756
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Even though coreboot does not allow floating point operations some
compilers like clang generate code using hw floating point registers,
e.g. SSE %XMMx registers on 64bit code by default. Floating point
operations need to be enabled in hardware for this to work (CR4). Also
in SMM we explicitly need to save and restore floating point registers
for this reason. If we instruct the compiler to not generate code with
FPU ops, this simplifies our code as we can skip that step.
With clang this reduces the binary size a bit. For instance ramstage for
qemu/Q35 drops from 216600 bytes decompressed to 212768.
TEST: See that with x86_64 bit and clang coreboot reaches the payload
without setting the CR4_OSFXSR bit in CR4. Without this change it would
bootloop very early in the bootblock on Qemu Q35.
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Change-Id: Ib8590c55e7aed1ece2aa23b8ea99463396435e11
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75316
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Fix the error below when running a coreboot image built with
`CONFIG_UBSAN=y`.
PCI: pci_scan_bus for bus 00
shift out of bounds src/arch/x86/include/arch/pci_io_cfg.h:13:20
ubsan: unrecoverable error.
GCC with `-fsanitize=shift` also flags this:
runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
So, make the constant unsigned.
TEST=emulation/qemu-i440fx with `CONFIG_UBSAN=y` stops later with
[ERROR] unaligned access src/lib/rmodule.c:152:27
[EMERG] ubsan: unrecoverable error.
Change-Id: Ib05d225ab9f22078d765009b4ee6ef0c63231eed
Found-by: UBSAN
Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51292
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
For AMD, replace name RTC_ALT_CENTURY with RTC_CLK_ALTCENTURY
that points to same offset. Since the century field inside
RTC falls within the NVRAM space, and could interfere with
OPTION_TABLE, it is now guarded with config USE_PC_CMOS_ALTCENTURY.
There were no reference for the use of offset 0x48 for century.
Change-Id: I965a83dc8daaa02ad0935bdde5ca50110adb014a
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74601
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
walkcbfs_asm is a simple CBFS implementation in assembly to find a file
on a system with memory-mapped SPI flash. It seems to be mostly unused
nowadays and is only still called for early microcode loading on some
old systems (e.g. FSP 1.1 and older).
Using this implementation with CONFIG_CBFS_VERIFICATION is unsafe
because it does not verify the hashes the way the normal CBFS code does.
Therefore, to avoid potential security vulnerabilities from creeping in,
this patch makes sure the code cannot be compiled in when
CBFS_VERIFICATION is active. That means it won't be supported on the old
boards using this for microcode loading.
Ideally CONFIG_CBFS_VERIFICATION should have a `depends on` to make this
dependency more obvious in menuconfig, but the configs actually using
this code are not easy to untangle (e.g. CONFIG_MICROCODE_UPDATE_PRE_RAM
is just set everywhere by default although only very few boards are
really using it, and a lot of different old Intel CPU models are linking
in src/cpu/intel/car/non-evict/cache_as_ram.S without being united under
a single Kconfig so that's not easy to change). To keep things simple,
this patch will just prevent the code from being built and result in a
linker error if a bad combination of Kconfigs is used together. Later
patches can clean up the Kconfigs to better wrap that dependency if the
affected boards are still of enough interest to be worth that effort.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I614a1b05881aa7c1539a7f7f296855ff708db56c
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74243
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
According to ACPI Release 6.5 systems supporting PIC (i8259)
interrupt mechanism need to report IRQ vector for the SCI_INT
field. In PIC mode only IRQ0..15 are allowed hardware vectors.
This change should cover section 5.2.9 to not pass SCI_INT
larger than IRQ15. Section 5.2.15.5 needs follow-up work.
Care should be taken that ioapic_get_sci_pin() is called
after platform code has potentially changed the routing
from the default.
It appears touched all platforms except siemens/mc_aplX
currently program SCI as IRQ9.
Change-Id: I723c207f1dcbba5e6fc0452fe1dbd087fad290ee
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74326
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <inforichland@gmail.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
When cbmem is initialized in romstage and postcar placed in the stage
cache + cbmem where it is run, the assumption is made that these are
all in UC memory such that calling INVD in postcar is OK.
For performance reasons (e.g. postcar decompression) it is desirable
to cache cbmem and the stage cache during romstage.
Another reason is that AGESA sets up MTRR during romstage to cache all
dram, which is currently worked around by using additional MTRR's to
make that UC.
TESTED on asus/p5ql-em, up/squared on both regular and S3 resume
bootpath. Sometimes there are minimal performance improvements
when cbmem is cached (few ms).
Change-Id: I7ff2a57aee620908b71829457ea0f5a0c410ec5b
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37196
Reviewed-by: Lean Sheng Tan <sheng.tan@9elements.com>
Reviewed-by: Kapil Porwal <kapilporwal@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
