Some stages in bootflow prefer to use 16 bytes UUID instead of
traditional 2 bytes FWID to identify the firmware components they
verify/validate. Hence add version 2 of hash table which identifies
firmware components using UUID. Other than UUID and a reserved field for
alignment reasons, the format of the hash table is very similar to hash
table v1.
BUG=b:277292697
TEST=Build and boot to OS in Myst with PSP Verstage enabled. Ensure that
the hash table v2 is built and installed into BIOS image for the
components that are configured in amdfw.cfg file. Ensure that the
validation by PSP is successful for all the relevant components during
the boot flow.
Change-Id: I2899154086cf8e90c3327178157b07ead034b16e
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76586
Reviewed-by: Matt DeVillier <matt.devillier@amd.corp-partner.google.com>
Reviewed-by: Tim Van Patten <timvp@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Currently this tool generates a hash table to verify signed binaries,
with a 2 byte FWID as the only kind of identifier. Going forward some
binaries are going to adopt 16 byte UUID identifiers and more binaries
will follow in the future SoCs. Hence add support for handling multiple
firmware identifier types. While at this remove the unused fwid from the
PSP FW table.
BUG=b:277292697
TEST=Build BIOS image and boot to OS in Myst & Skyrim.
Change-Id: I5180dc0fe812b174b1d40fea9f00a85d6ef00f2f
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76585
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Hash table containing hashes of all signed PSP binaries is compiled at
build time and installed into the concerned CBFS. During boot, PSP
verstage reads the hash table binary and passes it to PSP bootloader.
PSP bootloader in turn uses the hash table to verify the signed PSP
binaries. Currently the hashes for all the signed PSP binaries are
compiled into one hash table. On upcoming platforms with more number of
signed PSP binaries, PSP bootloader does not have resources to handle
one monolithic hash table. Instead PSP bootloader recommends splitting
them into smaller hash tables (currently limited to 3 hash tables).
Update amdfwtool tool to support splitting hash tables. This is done by
adding an optional hash table id to the entries in the amdfw.cfg file.
By default, one hash table binary is always compiled and it's name is of
the format ${signed_rom}.hash. If an entry has a hash table id defined,
then this utility will compile a separate hash table binary whose name
is of the format ${signed_rom}.${N}.hash where N is the hash table id.
BUG=b:277292697
TEST=Build Skyrim BIOS image and boot to OS. Ensure that the hash table
is identical with and without this change. Perform suspend/resume
cycles, warm/cold reset cycles for 50 iterations each.
TEST=Artificially inject hash table id against some entries in
amdfw.cfg and ensure that the concerned hash table binaries are getting
compiled.
Change-Id: I7ef338d67695a34c33b5c166924832939f381191
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75188
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Passing this option tells amdfwtool to create a text file, containing
the versions of the blobs below:
- PSP bootloader (type 0x01),
- SMU firmware (type 0x08),
- AGESA bootloader 0 (type 0x30),
- PSP bootloader AB (type 0x73).
Created file can be embedded into CBFS which allows to read the version
of blobs at runtime. This way version of blobs used to build the
coreboot image can be verified at runtime and also from the binary file.
Format of manifest file is following:
$ cat build/amdfw_manifest
type: 0x01 ver:00.35.00.13
type: 0x08 ver:00.5a.23.a6
type: 0x30 ver:2a.14.b0.10
type: 0x73 ver:00.35.00.13
BUG=b:224780134
TEST=Tested on Skyrim device
Change-Id: Idaa3a02ace524f44cfa656e34308bd896016dff6
Signed-off-by: Grzegorz Bernacki <bernacki@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/74266
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
Since commit 2f6b7d557d ("amdfwtool: Move the filling of table headers
into functions"), the combo_psp_directory union element in the
embedded_firmware is unused and the new_psp_directory element is used in
all places, so replace the union of new_psp_directory and
combo_psp_directory with just the new_psp_directory struct element.
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Change-Id: I35d339b3084ec8f93210095c233f5e68296d0013
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73834
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Fred Reitberger <reitbergerfred@gmail.com>
If Recovery/Backup APCB is not passed, then AMD_BIOS_APCB_BK entry is
not populated. But PSP expects that bios directory entry to be
populated. Also on mainboards where both APCB and recovery APCB are same
(eg. Skyrim), 2 copies of the same APCB are added to amdfw*.rom. Update
amdfwtool to support not passing recovery/backup APCB. If the recovery
APCB is not passed, then populate AMD_BIOS_APCB_BK entry and make it
point to the same offset as AMD_BIOS_APCB entry.
BUG=b:240696002
TEST=Build and boot to OS in Skyrim. Ensure that the device can enter
recovery mode. Perform multiple suspend/resume cycles.
Change-Id: I031ba817573cd35160f5e219b1b373ddce69aa6b
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73661
Reviewed-by: Fred Reitberger <reitbergerfred@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
It was used for printing the dependencies which is now taken by macro
DEP_FILES in soc/amd/common/Makefile.inc.
TEST=binary identical test on google/guybrush amd/chausie
Change-Id: I1b86df2cb2ed178cf0a263c50ccb3e2254a3852b
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73627
Reviewed-by: Fred Reitberger <reitbergerfred@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
For now, combo index is 0, and only the first entry in config table is
used. The index will grow when there are more combo entries.
Add a command parameter to give fw.cfg for combo index 1. Process the
combo config in the future loop.
Change-Id: I00609d91defc08e17f937ac8339575f84b1bd37c
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73496
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Fred Reitberger <reitbergerfred@gmail.com>
Generate SHA256/SHA384 hash of the signed firmware so that PSP verstage
can pass it to PSP. The PSP will use these hashes to verify the
integrity of those signed firmwares.
BUG=b:203597980
TEST=Build Skyrim BIOS image.
Change-Id: I50d278536ba1eac754eb8a39c4c2e428a2371c44
Signed-off-by: Kangheui Won <khwon@chromium.org>
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/60290
Reviewed-by: Jon Murphy <jpmurphy@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Add support for separating signed firmwares into another CBFS. If
sig_opt flag in AMD/PSPFW file header is 1, it means that the firmware
is signed against AMD chain of trust and will be verified by PSP. If
those firmware binaries are put outside FW_MAIN_[AB], vboot can skip
redundant verification, improving overall verification time.
BUG=b:206909680
TEST=Build amdfwtool. Build Skyrim BIOS image and boot to OS.
Change-Id: I9f3610a7002b2a9c70946b083b0b3be6934200b0
Signed-off-by: Kangheui Won <khwon@chromium.org>
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59866
Reviewed-by: Jon Murphy <jpmurphy@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Checkpatch script recommends to use __packed instead of
__attribute__((packed)). Currently the build rule for amdfwtool does not
include the required header file with __packed definition. Update the
compiler flag to include the required header file.
BUG=None
TEST=Build amdfwtool.
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Change-Id: I448cbad533608dd5c2bd4f2d827fcc5db5dee5cb
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67384
Reviewed-by: Jon Murphy <jpmurphy@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Amdfwtool creates AMD firmware images however there is currently no way
to get information from an existing image. This commit adds amdfwread to
support that functionality. At the moment only reading PSP soft fuse
flags is supported. Example usage: `amdfwread --soft-fuse bios.bin`,
example output: `Soft-fuse:0x400000030000041`.
BUG=b:202397678
TEST=Ran amdfwread and verified that it correctly reads the soft fuse
bits, verified that built AMD FW still boots on DUT
Signed-off-by: Robert Zieba <robertzieba@google.com>
Change-Id: I15fa07c9cad8e4640e9c40e5539b0dab44424850
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62795
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Rob Barnes <robbarnes@google.com>
AMDFWtool maintains 2 copies of PSP Level2 entries - one in primary slot
A (Type 0x48) and another in backup slot B (Type 0x4A). On boards which
use VBOOT with 2 RW firmware slots, maintaining 2 copies of PSP Level2
entries in each FW slot is redundant and space-consuming. Introduce
option to maintain only one copy of PSP Level2 entries and point to it
from both slots A & B.
BUG=None
TEST=Build and boot to OS in Skyrim. Ensure that only one copy is added
to each FW slot. This achieved a space saving of 1.5 MB in each FW slot.
Before:
apu/amdfw 0x415fc0 raw 3043328 none
After:
apu/amdfw 0x415fc0 raw 1556480 none
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Change-Id: I06eef8e14b9c14db1d02b621c2f7207188d86326
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63509
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Image Slot Header (ISH) is a new feature.
The rom layout for A/B recovery with ISH:
EFS -> PSP L1 0x48 -> ISH A -> PSP L2 A -> BIOS L2 A
0x4A -> ISH B -> PSP L2 B -> BIOS L2 B
The newer 55758 will updated about the boot priority and update retry
in ISH header.
Change-Id: Ib0690cde1dce949514c7aacebe13096b7814ceff
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/57747
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
The rom layout for A/B recovery:
EFS -> PSP L1 0x48 -> PSP L2 A -> BIOS L2 A
0x4A -> PSP L2 B -> BIOS L2 B
The coreboot doesn't implement the AMD's A/B recovery. This is only
for the ROM layout. To save some flash space, the entire B section can
be eliminated.
To enable A/B recovery in PSP layout, add "--recovery-ab" to
amdfwtool.
TEST=Majolica(Cezanne)
Change-Id: I27f5d3476f648fcecafb8d258ccb6cfad4f50036
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/56773
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
SPL: Security Patch Level
The data in SPL is used for FW anti-rollback, preventing rollback of
platform level firmware to older version that are deemed vulnerable
from a security point of view.
BUG=b:216096562
Change-Id: I4665f2372ccd599ab835c8784da08cde5558a795
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/61426
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Address Mode 0: Physical Address, bit 63~56: 0x00
Address Mode 1: Relative Address to entire BIOS image, bit 63~56: 0x40
Address Mode 2: Relative Address to PSP/BIOS directory, bit 63~56: 0x80
Address Mode 3: Relative Address to slot N, bit 63~56: 0xC0
It is the expanding mode for simple relative address mode, for which
address_mode equals 1.
Only mode 2 is added. We need to record current table base address and
calculate the offset. The ctx.current_table is zero outside the
table. When it goes into the function to integrate the table, it
should backup the old value and get current table base. Before it goes
out the function, it should restore the value.
If the table address mode is 2, the address in each entry should be
also add address mode information. If not, the address mode in entry
is meanless.
The old mode 0,1 should be back compatible.
Change-Id: I29a03f4381cd0507e2b2e3b359111e3375a73de1
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59308
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
The element at offset 0x14 in the embedded_firmware struct is the
pointer to the combo PSP directory header, so rename it from comboable
to combo_psp_directory to clarify that this is not a flag, but a pointer
to a data structure. Also rename psp_entry to psp_directory since it
points to the PSP directory table.
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Change-Id: Ic6149c17ae813f4dcea71c308054849a1a2e4394
Reviewed-on: https://review.coreboot.org/c/coreboot/+/58419
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Kangheui Won <khwon@chromium.org>
