Boards using VBOOT_VBNV_EC (nyan, daisy, veyron, peach_pit) are all
ChromeOS devices and they've reached the end of life since Feb 2022.
Therefore, remove VBOOT_VBNV_EC for them, each with different
replacement.
- nyan (nyan, nyan_big, nyan_blaze): Add RW_NVRAM to their FMAP (by
reducing the size of RW_VPD), and replace VBOOT_VBNV_EC with
VBOOT_VBNV_FLASH.
- veyron: Add RW_NVRAM to their FMAP (by reducing the size of
SHARED_DATA), and replace VBOOT_VBNV_EC with VBOOT_VBNV_FLASH. Also
enlarge the OVERLAP_VERSTAGE_ROMSTAGE section for rk3288 (by reducing
the size of PRERAM_CBMEM_CONSOLE), so that verstage won't exceed its
allotted size.
- daisy: Because BOOT_DEVICE_SPI_FLASH is not set, which is required for
VBOOT_VBNV_FLASH, disable MAINBOARD_HAS_CHROMEOS and VBOOT configs.
- peach_pit: As VBOOT is not set, simply remove the unused VBOOT_VBNV_EC
option.
Remove the VBOOT_VBNV_EC Kconfig option as well as related code, leaving
VBOOT_VBNV_FLASH and VBOOT_VBNV_CMOS as the only two backend options for
vboot nvdata (VBNV).
Also add a check in read_vbnv() and save_vbnv() for VBNV options.
BUG=b:178689388
TEST=util/abuild/abuild -t GOOGLE_NYAN -x -a
TEST=util/abuild/abuild -t GOOGLE_VEYRON_JAQ -x -a
TEST=util/abuild/abuild -t GOOGLE_DAISY -a
TEST=util/abuild/abuild -t GOOGLE_PEACH_PIT -a
BRANCH=none
Change-Id: Ic67d69e694cff3176dbee12d4c6311bc85295863
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65012
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
The X11SSH-LN4F and X11SSH-F are very similiar. They both use the same
PCB and use the same Supermicro BIOS ID. The X11SSH-LN4F has 4 NICs in
difference to the X11SSH-F which only has 2 NICs. The two additional
NICs aren't populated on the X11SSH-F. Enable the PCIe root ports
connected to the two additional Intel NICs.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Change-Id: Id4e66be47ceef75905ba760b8d5a14284e130f63
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51330
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
With this change cbfs_boot_locate will check the RO (COREBOOT) region if
a file can not be found in the active RW region. By doing so it is not
required to duplicate static files that are not intended to be updated
to the RW regions.
The coreboot image can still be updated by adding the file to the RW
region.
This change is intended to support VBOOT on systems with a small flash
device.
BUG=N/A
TEST=tested on facebook fbg1701
Change-Id: I81ceaf927280cef9a3f09621c796c451e9115211
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36545
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
* Add Kconfig to enable TXT
* Add possibility to add BIOS and SINIT ACMs
* Set default BIOS ACM alignment
* Increase FIT space if TXT is enabled
The following commits depend on the basic Kconfig infrastructure.
Intel TXT isn't supported until all following commits are merged.
Change-Id: I5f0f956d2b7ba43d4e7e0062803c6d8ba569a052
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34585
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
To clear all DRAM on x86_32, add a new method that uses PAE to access
more than 32bit of address space.
Add Documentation as well.
Required for clearing all system memory as part of security API.
Tested on wedge100s:
Takes less than 2 seconds to clear 8GiB of DRAM.
Tested on P8H61M-Pro:
Takes less than 1 second to clear 4GiB of DRAM.
Change-Id: I00f7ecf87b5c9227a9d58a0b61eecc38007e1a57
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31549
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add files to introduce a memory clearing framework.
Introduce Kconfig PLATFORM_HAS_DRAM_CLEAR that is to be selected by
platforms, that are able to clear all DRAM.
Introduce Kconfig SECURITY_CLEAR_DRAM_ON_REGULAR_BOOT that is user
selectable to always clear DRAM on non S3 boot.
The function security_clear_dram_request tells the calling platform when
to wipe all DRAM. Will be extended by TEE frameworks.
Add Documentation for the new security API.
Change-Id: Ifba25bfdd1057049f5cbae8968501bd9be487110
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31548
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Until now the TCPA log wasn't working correctly.
* Refactor TCPA log code.
* Add TCPA log dump fucntion.
* Make TCPA log available in bootblock.
* Fix TCPA log formatting.
* Add x86 and Cavium memory for early log.
Change-Id: Ic93133531b84318f48940d34bded48cbae739c44
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/29563
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
* Introduce a measured boot mode into vboot.
* Add hook for stage measurements in prog_loader and cbfs.
* Implement and hook-up CRTM in vboot and check for suspend.
Change-Id: I339a2f1051e44f36aba9f99828f130592a09355e
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/c/29547
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
