Integer handling issues:
Potentially overflowing expression "1 << size_msb" with type "int"
(32 bits, signed) is evaluated using 32-bit arithmetic, and then
used in a context that expects an expression of type "uint64_t"
(64 bits, unsigned).
Fixes: CID 1435825 and 1435826
Signed-off-by: Jonathan Zhang <jonzhang@fb.com>
Change-Id: If859521b44d9ec3ea744c751501b75d24e3b69e8
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46711
Reviewed-by: Marc Jones <marc@marcjonesconsulting.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Rework the code moved to common code in CB:46274. This involves
simplification by using appropriate helpers for MSR and CPUID, using
macros instead of plain values for MSRs and cpu features and adding
documentation to the header.
Change-Id: I7615fc26625c44931577216ea42f0a733b99e131
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46588
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Move a whole bunch of copy-pasta code from soc/intel/{bdw,skl,cnl,icl,
tgl,ehl,jsl,adl} and cpu/intel/{hsw,model_*} to cpu/intel/common.
This change just moves the code. Rework is done in CB:46588.
Change-Id: Ib0cc834de8492d59c423317598e1c11847a0b1ab
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46274
Reviewed-by: Felix Singer <felixsinger@posteo.net>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
On DeltaLake server, there are following entry in MTRR address space:
0x0000201000000000 - 0x0000201000400000 size 0x00400000 type 0
In this case, the base address (with 4k granularity) cannot be held in
uint32_t. This results incorrect MTRR register setup. As the consequence
UEFI forum FWTS reports following critical error:
Memory range 0x100000000 to 0x183fffffff (System RAM) has incorrect attribute Uncached.
Change appropriate variables' data type from uint32_t to uint64_t.
Add fls64() to find least significant bit set in a 64-bit word.
Add fms64() to find most significant bit set in a 64-bit word.
Signed-off-by: Jonathan Zhang <jonzhang@fb.com>
Signed-off-by: Marc Jones <marcjones@sysproconsulting.com>
Change-Id: I41bc5befcc1374c838c91b9f7c5279ea76dd67c7
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46435
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
MSR_FEATURE_CONFIG, which is used for locking AES-NI, is core-scoped,
not package-scoped. Thus, move locking from SMM to core init, where the
code gets executed once per core.
Change-Id: I3a6f7fc95ce226ce4246b65070726087eb9d689c
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46535
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Copy the AES-NI locking function to common cpu code to be able to reuse
it.
This change only copies the code and adds the MSR header file. Any
further rework and later deduplication on the platforms code is done in
the follow-up changes.
Change-Id: I81ad5c0d4797b139435c57d3af0a95db94a5c15e
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46272
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
msr_set_bit can only set single bits in MSRs and causes mixing of bit
positions and bitmasks in the MSR header files. Thus, replace the helper
by versions which can unset and set whole MSR bitmasks, just like the
"and-or"-helper, but in the way commit 64a6b6c was done (inversion done
in the helper). This helps keeping the MSR macros unified in bitmask
style.
In sum, the three helpers msr_set, msr_unset and msr_unset_and_set get
added.
The few uses of msr_set_bit have been replaced by the new version, while
the used macros have been converted accordingly.
Change-Id: Idfe9b66e7cfe78ec295a44a2a193f530349f7689
Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46354
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The shld instruction does an arithmetic shift left on 64bit operants,
but it's not the instruction we want, because what it actually does is
shifting by cl, and storing the result in address 32.
This wasn't noticed with QEMU as the DRAM is up and address 32 is valid.
On real hardware when CAR is running this instruction causes a crash.
Replace the instruction with the correct 64bit arithmetic left shift.
Change-Id: Iedad9f4b693b1ea05898456eac2050a9389f6f19
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/45820
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Added new config BOOT_DEVICE_SPI_FLASH_NO_EARLY_WRITES to accomodate
older x86 platforms that don't allow writing to SPI flash when early
stages are running XIP from flash. If
BOOT_DEVICE_SPI_FLASH_NO_EARLY_WRITES is not selected,
BOOT_DEVICE_SPI_FLASH_RW_NOMMAP_EARLY will get auto-selected if
BOOT_DEVICE_SPI_FLASH_RW_NOMMAP=y. This allows for current platforms
that write to flash in the earlier stages, assuming that they have
that capability.
BUG=b:150502246
BRANCH=None
TEST=diff the coreboot.rom files resulting from running
./util/abuild/abuild -p none -t GOOGLE_NAMI -x -a --timeless
with and without this change to make sure that there was no
difference. Also did this for GOOGLE_CANDY board, which is
baytrail based (and has BOOT_DEVICE_SPI_FLASH_NO_EARLY_WRITES
enabled).
Change-Id: I3aef8be702f55873233610b8e20d0662aa951ca7
Signed-off-by: Shelley Chen <shchen@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/45740
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This fixes non-emulation platforms as those are using 32bit code
after the bootblock_crt0 entry, like setting up CAR and updating
microcode, which isn't yet converted to support long mode.
This is a noop for the only supported x86_64 platform and all
x86_32 platforms.
Change-Id: I45e56ed8db9a44c00cd61e962bb82f27926eb23f
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37370
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Current implementation uses CPUID 0Bh function that returns the number
of logical cores of requested level. The problem with this approach is
that this value doesn't change when HyperThreading is disabled (it's in
the Intel docs), so it breaks generate_cpu_entries().
- Use MSR 0x35 instead, which returns the correct number of logical
processors with and without HT.
- Rename the function to get_logical_cores_per_package, which is more
accurate.
Tested on ThinkPad X220 with and without HT.
Related to CB:29669.
Change-Id: Ib32c2d40408cfa42ca43ab42ed661c168e579ada
Signed-off-by: Evgeny Zinoviev <me@ch1p.io>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42413
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
With MAX_CPUS==1, this has the effect of removing spinlock
implementation. But since is_smp_boot() evaluates false and
SMM uses separate smi_semaphore, there is no concurrency to
protect against with a spinlock.
Change-Id: I7c2ac221af78055879e7359bd03907f2416a9919
Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43865
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Nearly every x86 platform uses the same arch for all stages. The only
exception is Picasso. So, factor out redundant symbols from the rest.
Alder Lake is not yet complete, so it has been skipped for now.
Change-Id: I7cff9efbc44546807d9af089292c69fb0acc7bad
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/45731
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
This is required for Super I/Os to be able to read the CPU temperature
through PECI.
On 45nm Core 2 CPUs (Wolfdale, Yorkfield) it is not enabled by default.
This is probably related to erratum AW67 "Enabling PECI via the PECI_CTL
MSR incorrectly writes CPUID_FEATURE_MASK1 MSR". The suggested
workaround is "Do not initialize PECI before processor update is
loaded". Since coreboot performs microcode updates before running this
code it should not cause any trouble. It was tested on a Core 2 Duo
E8400, stepping E0.
PECI is already enabled by default on older (65nm) CPUs. Tested: Pentium
Dual-Core E2160.
See commit edac28ce65 for the same change
on cpu/intel/model_6fx.
Signed-off-by: Michael Büchler <michael.buechler@posteo.net>
Change-Id: I5a3ec033bd816665af4ecc82f7b167857cd7c1b6
Reviewed-on: https://review.coreboot.org/c/coreboot/+/45184
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
This is a security lock and is required for TXT, among other things.
Tested on Asrock B85M Pro4, still boots.
Change-Id: I7b2e8a60ce92cbf523c520be0b365f28413b9624
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44884
Reviewed-by: Michael Niewöhner
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Fix an issue the assembler didn't warn about to fix a crash on real
hardware. qemu didn't catch this issue either.
The linker uses the same address for variables in BSS if they aren't
initialized in the code. This results in %edx being set to the value
of %eax, which causes an exception restoring IA32_EFER on real
hardware.
Tested on qemu with KVM enabled.
Change-Id: Ie36a88a2a11a6d755f06eff9b119e5b9398c6dec
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44780
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
* Enable optional x86_64 romstage, postcar and ramstage
* Add Kconfig for x86_64 compilation
* Add documentation for x86 qemu mainboards
* Increase CAR stack as x86_64 uses more than 0x4000 bytes
Working:
* Boots to Linux
* Boots to SeaBIOS
* Drops to protected mode at end of ramstage
* Enumerates PCI devices
* Relocateable ramstage
* SMM
Change-Id: If2f02a95b2f91ab51043d4e81054354f4a6eb5d5
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/29667
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The AM335X is a SoC, so should be in the soc tree.
This moves all the existing am335x code to soc/ and updates any
references. It also adds a soc.c file as required for the ramstage.
Change-Id: Ic1ccb0e9b9c24a8b211b723b5f4cc26cdd0eaaab
Signed-off-by: Sam Lewis <sam.vr.lewis@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/44378
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Enable long mode in SMM handler.
x86_32 isn't affected by this change.
* Enter long mode
* Add 64bit entry to GDT
* Use x86_64 SysV ABI calling conventions for C code entry
* Change smm_module_params' cpu to size_t as 'push' is native integer
* Drop to protected mode after c handler
NOTE: This commit does NOT introduce a new security model. It uses the
same page tables as the remaining firmware does.
This can be a security risk if someone is able to manipulate the
page tables stored in ROM at runtime. USE FOR TESTING ONLY!
Tested on Lenovo T410 with additional x86_64 patches.
Change-Id: I26300492e4be62ddd5d80525022c758a019d63a1
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37392
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Eugene Myers <cedarhouse1@comcast.net>
Xeon-SP Skylake Scalable Processor can have 36 CPU threads (18 cores).
Current coreboot SMM is unable to handle more than ~32 CPU threads.
This patch introduces a version 2 of the SMM module loader which
addresses this problem. Having two versions of the SMM module loader
prevents any issues to current projects. Future Xeon-SP products will
be using this version of the SMM loader. Subsequent patches will
enable board specific functionality for Xeon-SP.
The reason for moving to version 2 is the state save area begins to
encroach upon the SMI handling code when more than 32 CPU threads are
in the system. This can cause system hangs, reboots, etc. The second
change is related to staggered entry points with simple near jumps. In
the current loader, near jumps will not work because the CPU is jumping
within the same code segment. In version 2, "far" address jumps are
necessary therefore protected mode must be enabled first. The SMM
layout and how the CPUs are staggered are documented in the code.
By making the modifications above, this allows the smm module loader to
expand easily as more CPU threads are added.
TEST=build for Tiogapass platform under OCP mainboard. Enable the
following in Kconfig.
select CPU_INTEL_COMMON_SMM
select SOC_INTEL_COMMON_BLOCK_SMM
select SMM_TSEG
select HAVE_SMI_HANDLER
select ACPI_INTEL_HARDWARE_SLEEP_VALUES
Debug console will show all 36 cores relocated. Further tested by
generating SMI's to port 0xb2 using XDP/ITP HW debugger and ensured all
cores entering and exiting SMM properly. In addition, booted to Linux
5.4 kernel and observed no issues during mp init.
Change-Id: I00a23a5f2a46110536c344254868390dbb71854c
Signed-off-by: Rocky Phagura <rphagura@fb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43684
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
