The QEMU XHCI driver does not implement the Port Change Detect bit
in the USBSTS register. As a result no devices are attached without
looking at each port individually.
Detect this as a quirk based on the QEMU XHCI controller PCI ID,
and apply it to the root hub quirk list so it can get used by the
generic hub driver to skip this check.
With this change an attached USB mass storage device is detected and
able to boot when supplied to qemu:
-drive if=none,id=usbmsc,format=raw,file=/tmp/disk.img
-device qemu-xhci,id-xhci
-device usb-storage,bus=xhci.0,drive=usbmsc
Change-Id: I6689cb1dbb24c93d45f5c5ef040b713925d07588
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39839
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
memcpy() is meant to be used on normal memory and often implemented with
architecture-specific optimizations to make that as performant as
possible. MMIO registers often have special access restrictions that may
be incompatible with whatever memcpy() does. For example, on arm64 it
uses the LDP (load pair) to load 16 bytes at a time, which makes 4-byte
MMIO registers unhappy.
This patch removes the caching of the XHCI capreg registers and changes
it back to a pointer. The CAP_GET() macro is still accessing a full
(non-bitfield) uint32_t at the end so this should still generate a
4-byte access (which was the goal of the original change in CB:39838).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Id058c8813087a8e8cb85f570399e07fb8a597108
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40895
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Allow a custom boot splash to be used with UefiPayloadPkg:
- remove Kconfig guards restricting to CorebootPayloadPkg
- set destination path for logo file based on bootloader selected
Test: build/boot qemu with UefiPayloadPkg with custom boot logo
Change-Id: Ia0a10d1528f516f6b9d3645b83be0fb4e85bc348
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40591
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Recent changes to upstream edk2 necessitate ensuring
that Tianocore's submodules exist and are up to date,
otherwise building UefiPayloadPkg will fail.
Change method used to detect a dirty tree so that initialized
submodules do not taint the result.
Test: build qemu with Tianocore UefiPayloadPkg option successfully.
Change-Id: Ie2541f048966ec0666d8196508ccdb6c5f089de6
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40590
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
`lib_sysinfo->serial` is a virtual pointer into coreboot tables.
It's not valid across relocation. Accessing the wrong value during
relocation of FILO resulted in a hang with DEBUG_SEGMENT and UART
console enabled. Work around that by caching the whole table entry
locally.
An alternative would be to revise `sysinfo`, to contain no virtual
pointers to anything outside the payload.
Change-Id: I03adaf57b83a177316d7778f7e06df8eb6f9158e
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37513
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Reto Buerki <reet@codelabs.ch>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
The QEMU XHCI controller does not support byte/word reads from the
capability register and it expects dword reads only.
In order to make this work move the access of the capability
register fields to use macros instead of a packed struct bitfield.
This issue was filed upstream:
https://bugs.launchpad.net/qemu/+bug/1693050
The original fix attempt in 2012 was not effective:
6ee021d410
With this change the controller is detected properly by the libpayload
USB drivers.
Change-Id: I048ed14921a4c9c0620c10b315b42476b6e5c512
Signed-off-by: Duncan Laurie <dlaurie@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39838
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Our realloc() works (somewhat suboptimally) by free()ing the existing
allocation and then reallocating it wherever it fits. If there was free
space before the old location, this means the new allocation may be
before the old one, and if the free space block is smaller than the old
allocation it may overlap. Thus, we should be moving memmove() instead
of memcpy() to move the block over.
This is not a problem in practice since all our existing memcpy()s are
simple iterate and copy front to back implementations which are safe for
overlaps when the destination is in front of the source. but it's still
the more correct thing to do (in case we ever change our memcpy()s to do
something more advanced or whatever).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I35f77a94b7a72c01364ee7eecb5c3ff5ecde57f6
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40028
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
This adds the path to chrome EC headers to the depthcharge
build. Depthcharge currently includes a manually maintained copy of
the EC headers which are perpetually out of sync with the real
interface definitions. By adding the include path, we can build
depthcharge with the actual EC interface definitions and eliminate the
manual maintenance of copies of EC headers. Once the include path is
in place, we can remove the copies of the EC headers from depthcharge.
BUG=b:152373049
Change-Id: I1ce0ad9dc99ea52f177d4fb034fd23efd95a7864
Signed-off-by: Caveh Jalali <caveh@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39947
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
These macros serve no purpose anymore, let's do the substitution
manually once and for all. Also update the comment on the macros
and fix whitespace on the touched lines.
TEST=Checked that there are no changes in compiled code.
Change-Id: Ib60f9ab157e2e7d44b551dd4f695a6c25ebeb405
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39379
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
On Lenovo T500 the RTC readings where wrong, as RTC has
different encodings, depending on the statusB register.
Support BCD vs binary RTC format and AM/PM vs 24h RTC format.
Fixes wrong date and time on Lenovo 500.
Change-Id: Id773c33e228973e190a7e14c3d11979678b1a619
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/18498
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
For a very long time, SeaBIOS sometimes failed to build when using
multiple threads. This known problem has been haunting everyone for a
very long time. Until now.
Unlike most other payloads, building SeaBIOS results in two files: the
SeaBIOS payload itself and SeaVGABIOS. Each file has its own target, and
there's a third target called "seabios", which has the same recipe as
the SeaBIOS file, which calls `payloads/external/SeaBIOS/Makefile` with
a bunch of arguments. In addition, SeaVGABIOS depends on "seabios".
When executing serially, if the file of either SeaBIOS or SeaVGABIOS is
needed, the SeaBIOS Makefile will be run. This will generate both files,
so it is not necessary to run the Makefile more than once.
However, when using multiple threads, it can happen that one thread
wants to make the SeaBIOS file, while another one wants to make the
SeaVGABIOS file, which depends on "seabios". This implies that both
threads will execute the SeaBIOS Makefile at about the same time, only
to collide when performing git operations. Since git uses a lock file
when updating the index, one of the threads will fail to acquire the
lock with an error, which will ultimately cause the build to fail.
Whenever this happened, manually aborting with Ctrl-C made the build
process fail again because of the same error. The only way to get past
this problem, other than using one thread, was to let the unfinished
jobs complete. The thread that acquired the lock on the SeaBIOS git
repository would finish building SeaBIOS, so that target would not need
to be remade. When restarting the build, only the target that failed is
rebuilt, so it does not collide with any other thread.
To address this issue, make the SeaVGABIOS file target depend directly
on the SeaBIOS file instead, and remove the duplicate "seabios" target.
Change-Id: I251190d3bb27052ff474f3cd1a45022dab6fac31
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39188
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Fix two out-of-bounds reads in lz4 decompression:
1) LZ4_decompress_generic could read one byte past the input buffer when
decoding variable length literals due to a missing bounds check. This
issue was resolved in libpayload, commonlib and cbfstool
2) ulz4fn could read up to 4 bytes past the input buffer when reading a
lz4_block_header due to a missing bounds check. This issue was resolved
in libpayload and commonlib.
Change-Id: I5afdf7e1d43ecdb06c7b288be46813c1017569fc
Signed-off-by: Alex Rebert <alexandre.rebert@gmail.com>
Found-by: Mayhem
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39174
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
cbfs_get_handle() and cbfs_get_attr() are both looping over elements to
find a particular one. Each element header contains the element's
length, which is used to compute the next element's offset. Invalid or
corrupted CBFS files could lead to infinite loops where the offset would
remain constant across iterations, due to 0-length elements or integer
overflows in the computation of the next offset.
This patch makes both functions more robust by adding a check that
ensure offsets are strictly monotonic. Instead of infinite looping, the
functions are now printing an ERROR and returning a NULL value.
Change-Id: I440e82fa969b8c2aacc5800e7e26450c3b97c74a
Signed-off-by: Alex Rebert <alexandre.rebert@gmail.com>
Found-by: Mayhem
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39177
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The `chars` pointer references the heap which is part of the payload
and relocated along with it. So calling phys_to_virt() on it was
always wrong; and the virt_to_phys() at its initialization was a
no-op anyway, when the console was brought up before relocation.
While we are at it, add a null-pointer check.
Change-Id: Ic03150f0bcd14a6ec6bf514dffe2b9153d5a6d2a
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38536
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This patch makes libpayload enable the instruction cache as the very
first thing, which is similar to how we treat it in coreboot. It also
prevents the icache from being disabled again during mmu_disable() as
part of the two-stage page table setup in post_sysinfo_scan_mmu_setup().
It replaces the existing mmu_disable() implementation with the assembly
version from coreboot which handles certain edge cases better (see
CB:27238 for details).
The SCTLR flag definitions in libpayload seem to have still been
copy&pasted from arm32, so replace with the actual arm64 defintions from
coreboot.
Change-Id: Ifdbec34f0875ecc69fedcbea5c20e943379a3d2d
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38908
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
We set MPS to speed_to_default_mps(speed) initially
but later compare maxpacketsize with 8 to change mps.
So compare with speed_to_default_mps(speed) to determine
if we need to change settings here.
BUG=b:147783572
BRANCH=none
TEST=works with 12Mbps/8MPS USB device
Signed-off-by: Kangheui Won <khwon@chromium.org>
Change-Id: I32455483fceec56f14af6118b77615c14b3f9f39
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38556
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
A function draw_rounded_box() is added to draw a box with rounded
corners. In addition, this function is different from draw_box() in 2
ways:
- The position and size arguments are relative to the canvas.
- This function supports drawing only the border of a box (linear time
complexity when the thickness is fixed).
BRANCH=none
BUG=b:146105976
TEST=emerge-nami libpayload
Change-Id: Ie480410d2fd8316462d5ff874999ae2317de04f9
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37757
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
To support showing CBMEM logs on recovery screen, add a function
cbmem_console_snapshot() to copy the CBMEM console to an allocated
buffer. Non-printable characters are automatically replaced with '?' to
ensure the returned string is printable.
BRANCH=none
BUG=b:146105976
TEST=emerge-nami libpayload
Change-Id: Ie324055f5fd8276f1d833fc9d04f60a792dbb9f6
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37667
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
SeaBIOS 1.13.0 has been tagged on 20191209. Major changes in this release:
* Support for reading logical CHS drive information from QEMU
* Workaround added for misbehaving optionroms that grab "int19"
* The TPM 2 "PCR bank" option can now be set from the TPM menu
* SeaVGABIOS support for QEMU "atiext" display
* Several bug fixes and code cleanups
see http://seabios.org/Releases
Change-Id: I37c8a72b0819bc4d19da9f7ab8e90f907e3e4dec
Signed-off-by: Martin Kepplinger <martin.kepplinger@puri.sm>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37631
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
According to the POSIX standard, %p is supposed to print a pointer "as
if by %#x", meaning the "0x" prefix should automatically be prepended.
All other implementations out there (glibc, Linux, even libpayload) do
this, so we should make coreboot match. This patch changes vtxprintf()
accordingly and removes any explicit instances of "0x%p" from existing
format strings.
How to handle zero padding is less clear: the official POSIX definition
above technically says there should be no automatic zero padding, but in
practice most other implementations seem to do it and I assume most
programmers would prefer it. The way chosen here is to always zero-pad
to 32 bits, even on a 64-bit system. The rationale for this is that even
on 64-bit systems, coreboot always avoids using any memory above 4GB for
itself, so in practice all pointers should fit in that range and padding
everything to 64 bits would just hurt readability. Padding it this way
also helps pointers that do exceed 4GB (e.g. prints from MMU config on
some arm64 systems) stand out better from the others.
Change-Id: I0171b52f7288abb40e3fc3c8b874aee14b9bdcd6
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37626
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: David Guckian
The bayou payload is not attached to the build system in any way, and
has not been for quite a while. Since selecting it in Kconfig does
nothing, remove this payload now that coreboot 4.10 has been released.
Change-Id: Icfb18b88e460a4e4b538b7efe907d4eef6c40638
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34565
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: ron minnich <rminnich@gmail.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
To avoid trampling over interesting exception artifacts on the real
stack, our arm64 systems switch to a separate exception stack when
entering an exception handler. We don't want that to use up too much
SRAM so we just set it to 512 bytes. I mean it just prints a bunch of
registers, how much stack could it need, right?
Quite a bit it turns out. The whole vtxprintf() call stack goes pretty
deep, and aarch64 generally seems to be very generous with stack space.
Just the varargs handling seems to require 128 bytes for some reason,
and the other stuff adds up too. In the end the current implementation
takes 1008 bytes, so bump the exception stack size to 2K to make sure it
fits.
Change-Id: I910be4c5f6b29fae35eb53929c733a1bd4585377
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37464
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
