summaryrefslogtreecommitdiff
path: root/src/vendorcode
AgeCommit message (Collapse)Author
2020-01-13vc/amd/agesa: Fix out of bounds readJoe Moore
ByteLane is used unitialized from prior for statement, creating a potential out-of-bound read of RxOrig[MaxByteLanes]. PassTestRxEnDly[MaxByteLanes] never appears as rvalue; all for loops have ByteLane < MaxByteLanes exit condition. Change-Id: Icd18a146aba6b6120d37518d8c40c7efbc05afa3 Signed-off-by: Joe Moore <awokd@danwin1210.me> Found-by: Coverity CID 1241804 Reviewed-on: https://review.coreboot.org/c/coreboot/+/36192 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Mike Banon <mikebdp2@gmail.com>
2020-01-10vc/amd/agesa: Remove unused assignmentsJoe Moore
'Status' is assigned a value three times before it is checked. Remove the first two assignments. Change-Id: Id7136d62b4dbd6dce877983467960373b3a7ac22 Signed-off-by: Joe Moore <awokd@danwin1210.me> Found-by: Coverity CID 1241809 Reviewed-on: https://review.coreboot.org/c/coreboot/+/36257 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2020-01-10vc/amd/agesa/f16kb/Proc/GNB: Fix out-of-bounds readJoe Moore
Incorrect values read from a different memory region will cause incorrect computations. VceFlags array size should be 4 based on similar code in f15 branch, and because f16kb/Proc/GNB/Modules/GnbInitKB/GnbF1TableKB.c only loads 4 values for VceFlags in DefaultPpF1ArrayKB. Leaving it at 5 results in an out-of-bounds read of PP_FUSE_ARRAY_V2_fld16 in line 901 of f16kb/Proc/GNB/Modules/GnbGfxIntTableV3/GfxPwrPlayTable.c when Index reaches 4. Change-Id: I0242c0634e66616018e6df04ac6f1505b82a630f Signed-off-by: Joe Moore <awokd@danwin1210.me> Found-by: Coverity CID 1241878 Reviewed-on: https://review.coreboot.org/c/coreboot/+/38056 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Mike Banon <mikebdp2@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-01-05vc/amd/pi/00670F00: Fix typo in phony target declarationMarshall Dawson
Correct a copy/paste error for warn_no_agesa. Change-Id: Ife2cca47f1f816f99395b33976d08826c53e3c3e Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38145 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Nico Huber <nico.h@gmx.de>
2019-12-27dram-spd: Remove free()Bora Guvendik
free() is not needed since the memory is not dynamically allocated. Change-Id: I90659722aaca6ced1e1cbc3db4180b0811205e95 Signed-off-by: Bora Guvendik <bora.guvendik@intel.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37940 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-12-27src/include: Remove min/max() from <stdlib.h>Elyes HAOUAS
Change-Id: I9ded44422a267e244343502dd5d6ab355e5a788d Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37378 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-26vendorcode/intel/fsp/fsp2_0/tgl: Add FSP header files for Tiger LakeSubrata Banik
Add header files for FSP for Tiger Lake platform version 2457. Change-Id: I52bb2e164cc89d3535fe67493686d1e8e064e31e Signed-off-by: Subrata Banik <subrata.banik@intel.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37830 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Wonkyu Kim <wonkyu.kim@intel.com>
2019-12-24vendorcode/amd/pi/Kconfig: Add prompt to pre/post pi filesRaul E Rangel
This allows the values to be set in a .config BUG=none TEST=Was able to set the value from a .config and built careena firmware Change-Id: I757e4b9a0b80ff42c1f49143a44f15550366fd0b Signed-off-by: Raul E Rangel <rrangel@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37879 Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com> Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-19Drop ROMCC code and header guardsArthur Heymans
Change-Id: I730f80afd8aad250f26534435aec24bea75a849c Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37334 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
2019-12-19vendorcode/cavium/bdk/libbdk-hal/bdk-qlm.c: Add missing <stdlib.h>Elyes HAOUAS
Change-Id: I70029700bfb297ac06561056da730731a2ca1e8b Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/33682 Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-19vendorcode/cavium/bdk/libbdk-hal/device: Add missing <stdlib.h>Elyes HAOUAS
Change-Id: I64876a2b6cffdabf3e365fc07017adb14f086ecc Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37380 Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-19vendorcode/cavium/bdk/libbdk-hal: Add missing <stdlib.h>Elyes HAOUAS
Change-Id: Id52603c525cce1bead423d188e23f6efd50511a9 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37377 Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-16vendorcode/intel/fsp: Add Jasper Lake FSP headers for FSP v1433Aamir Bohra
The FSP-M/S/T headers added are generated as per FSP v1433. Change-Id: Iacb44204c3f7220a20ab3edc2163c97188014bbf Signed-off-by: Aamir Bohra <aamir.bohra@intel.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37559 Reviewed-by: Maulik V Vaghela <maulik.v.vaghela@intel.com> Reviewed-by: Ronak Kanabar <ronak.kanabar@intel.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-12vc/amd/pi: Fix typoPatrick Georgi
Change-Id: Ic3d1b9f90c6ed3d85ff209f433de9ab939d760a6 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37676 Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-11soc/amd/stoneyridge|mbs: Deprecate SOC_AMD_NAME_PKG and othersMarshall Dawson
Add package and APU selections to mainboards and remove symbols no longer used in soc//stoneyridge. Change-Id: I60214b6557bef50358f9ec8f9fcdb7265e04663b Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37225 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
2019-12-11soc/amd/stoneyridge|mbs: Define SOC_AMD_STONEYRIDGE symbolMarshall Dawson
Make a new Kconfig symbol for using soc//stoneyridge. This code also supports Prairie Falcon is backward-compatible with Carrizo and Merlin Falcon. Although Bettong uses Carrizo, it does not currently rely on stoneyridge source, so it is unaffected by this change. Change-Id: I786ca54b0444cbcf36dc428a193006797b01fc09 Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37224 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
2019-12-11soc/amd/stoneyridge|mb: Add Kconfig symbol for Prairie FalconMarshall Dawson
The stoneyridge code inferred that if Merlin Falcon was built but no Merlin Falcon binaries were present, the intent must be Prairie Falcon. The two falcons are Embedded variants, and Prairie Falcon falls within Family 15h Models 70h-7Fh. Add a Prairie Falcon symbol that can be used explicitely. Drop HAVE_MERLINFALCON_BINARIES. Change-Id: I0d3a1bc302760c18c8fe3d57c955e2bb3bd8153a Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37223 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
2019-12-11soc/amd/stoneyridge|vc: Change default locations for blobsMarshall Dawson
Set the default location strings to point to the 3rdparty/amd_blobs files. Change-Id: I5426b8de2501ba55843efc1cda4b03bc3768f8cb Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37222 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
2019-12-11vc/amd/pi: Allow 00670F00 to build with no binaryPIMarshall Dawson
Make the default binaryPI image strings for all stoneyridge-based APUs depend on USE_AMD_BLOBS. Ensure the build completes without names, and without images. Change-Id: I74a38efa2a4ad2f9f12a1f8e7fb8694d0ab9dd1e Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37228 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
2019-12-11printf: Automatically prefix %p with 0xJulius Werner
According to the POSIX standard, %p is supposed to print a pointer "as if by %#x", meaning the "0x" prefix should automatically be prepended. All other implementations out there (glibc, Linux, even libpayload) do this, so we should make coreboot match. This patch changes vtxprintf() accordingly and removes any explicit instances of "0x%p" from existing format strings. How to handle zero padding is less clear: the official POSIX definition above technically says there should be no automatic zero padding, but in practice most other implementations seem to do it and I assume most programmers would prefer it. The way chosen here is to always zero-pad to 32 bits, even on a 64-bit system. The rationale for this is that even on 64-bit systems, coreboot always avoids using any memory above 4GB for itself, so in practice all pointers should fit in that range and padding everything to 64 bits would just hurt readability. Padding it this way also helps pointers that do exceed 4GB (e.g. prints from MMU config on some arm64 systems) stand out better from the others. Change-Id: I0171b52f7288abb40e3fc3c8b874aee14b9bdcd6 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37626 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: David Guckian
2019-12-04binaryPI: Fix failing AP startupKyösti Mälkki
Fix regression with commit 5639736 binaryPI: Drop CAR teardown without POSTCAR_STAGE Occassionally (maybe 1 boot in 10) SMP lapic_cpu_init() fails with following errors in the logs of pcengines/apu2: CPU 0x03 would not start! CPU 0x03 did not initialize! The CPU number is sometimes 0x02, never seen 0x01. Work-around also suggests something to do with cache coherency and MTRRs that is really at fault. As a work-around return the BSP CAR teardown to use wbinvd instead of invd. These platforms do not support S3 resume so this is the easy work-around for the time being. Change-Id: I3dac8785aaf4af5c7c105ec9dd0b95156b7cca21 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37438 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2019-11-29vendorcode/siemens/hwilib: Fix current file string usageArthur Heymans
The CAR_GLOBAL accessors likely hid a bug where strncmp/cpy was passed a pointer to a char array instead of the char array. Change-Id: I68788e47ef27a959d6e048e9385afcfb663cdebc Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37077 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2019-11-29vendorcode/siemens/hwilib: Drop CAR_GLOBAL_MIGRATIONArthur Heymans
TEST: BUILD_TIMELESS=1 results in identical binaries. TODO: Is this code correct? The strncpy/strncmp current_hwi seems wrong. Change-Id: Icf44fee8f7f538df6c34dfbd98b852954d146896 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37026 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2019-11-27soc/amd/stoneyridge: Add selectable packagesMarshall Dawson
The StoneyPI package supports Family 15h Models 60h-6Fh and 70h-7Fh in FT4 and FP4 packages. Add options for the packages. The existing convention of SOC_AMD_PRODUCTNAME_PKG will be phased out. Change-Id: I60232ca099b813640742868db08aa66b32265f3b Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37218 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Richard Spiegel <richard.spiegel@silverbackltd.com>
2019-11-27binaryPI: Drop CAR teardown without POSTCAR_STAGEKyösti Mälkki
The remaining (active) binaryPI boards moved away from BINARYPI_LEGACY_WRAPPER and have POSTCAR_STAGE now. As the cache_as_ram.S is also used with AGESA, this slightly reduces the codesize there for romstage and postcar as well. This commit is actually a revert for the vendorcode parts, AMD originally shipped the codes using 'invd' for the CAR teardown, but these were changed for coreboot due the convoluted teardown that used to happen with non-empty stack. Change-Id: I693c104c3aab3be537c00695cbd764a48bd603b0 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/18526 Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-27binaryPI: Drop BINARYPI_LEGACY_WRAPPER supportKyösti Mälkki
Drop all the sources that were guarded with this. Change-Id: I6c6fd19875cb57f0caf42a1a94f59efed83bfe0d Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/19275 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
2019-11-25binaryPI: Remove FieldAccessors.[ch]Kyösti Mälkki
SAGE brought these in outside AGESA specifications and they had some ill semantics. They were already removed from StoneyRidge. Change-Id: I59d0c450583b2ff58031c127aae881d1f3799338 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37174 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2019-11-25Kconfig: Drop the C_ENVIRONMENT_BOOTBLOCK symbolArthur Heymans
The romcc bootblock will be deprecated soon and most platforms use C_ENVIRONMENT_BOOTBLOCK already. This patch drops the CONFIG_C_ENVIRONMENT_BOOTBLOCK symbol and adds CONFIG_ROMCC_BOOTBLOCK where needed. Change-Id: I773a76aade623303b7cd95ebe9b0411e5a7ecbaf Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37154 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
2019-11-25Drop superfluous C_ENVIRONMENT_BOOTBLOCK checksArthur Heymans
Some guarding is not needed because the linker drops the code, other guarding is not needed because all platforms using the code now have C_ENVIRONMENT_BOOTBLOCK. Change-Id: I3b1a94e709aa291e1156c854874d7bf461981f32 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37157 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2019-11-23Kconfig: comply to Linux 5.3's Kconfig language rulesPatrick Georgi
Kconfig became stricter on what it accepts, so accomodate before updating to a new release. Change-Id: I92a9e9bf0d557a7532ba533cd7776c48f2488f91 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37156 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2019-11-23vendorcode/amd/pi/Makefile.inc: remove -fno-zero-initialized-in-bssKrystian Hebel
This fixes issue that became visible after implementing post-CAR stage on top of `340e4b80904f lib/cbmem_top: Add a common cbmem_top implementation`. Compilation error was: Forbidden global variables in romstage: ffffff00 d top.2205 Signed-off-by: Krystian Hebel <krystian.hebel@3mdeb.com> Change-Id: I088ac824f9b66387843ae5810fd2c75a8b16d9db Reviewed-on: https://review.coreboot.org/c/coreboot/+/36976 Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-21soc/intel/fsp_baytrail: Drop supportArthur Heymans
Relocatable ramstage, postcar stage and C_ENVIRONMENT_BOOTBLOCK are now mandatory features, which this platform lacks. Change-Id: I0b0344f1ebed12207a77c985f27893a1353c0925 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36982 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: David Hendricks <david.hendricks@gmail.com>
2019-11-21nb/sb/cpu: Drop Intel Rangeley supportArthur Heymans
Relocatable ramstage, postcar stage and C_ENVIRONMENT_BOOTBLOCK are now mandatory features, which this platform lacks. Change-Id: I41589118579988617677cf48af5401bc35b23e05 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36980 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: David Hendricks <david.hendricks@gmail.com>
2019-11-20vc/amd/agesa: Remove fam12Joe Moore
With removal of Torpedo mainboard, this code is no longer necessary. Will resolve some unique Coverity issues. Change-Id: I2927245c426566a8f80863a109d015ebf6176803 Signed-off-by: Joe Moore <awokd@danwin1210.me> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36187 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
2019-11-20Remove MIPS architectureJulius Werner
The MIPS architecture port has been added 5+ years ago in order to support a Chrome OS project that ended up going nowhere. No other board has used it since and nobody is still willing or has the expertise and hardware to maintain it. We have decided that it has become too much of a mainenance burden and the chance of anyone ever reviving it seems too slim at this point. This patch eliminates all MIPS code and MIPS-specific hacks. Change-Id: I5e49451cd055bbab0a15dcae5f53e0172e6e2ebe Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/34919 Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-by: Hung-Te Lin <hungte@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-16vendorcode/eltan/security: Move eltan security from chipset to security menuWim Vervoorn
The eltan security items ended up in the chipset menu which is not desired. Now the eltan security option (when enabled in mainboard) shows up in the security menu. BUG=N/A TEST=build Change-Id: I3b2aa3836e8d9a3242c6d1f3ba7b7821a5cfb9d3 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36851 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-16vendorcode/security/eltan: Allocate memory from bootmem to speed up hashingWim Vervoorn
The verified_boot_check_cbfsfile() will now try to allocate a buffer from bootmem if the item in the list has the VERIFIED_BOOT_COPY_BLOCK attribute set. For large payloads this speeds up the hash operation. BUG=N/A TEST=build Change-Id: Ifa0c93632c59d05ae6d32f8785009a3c3568abc5 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36822 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-15vendorcode/eltan/security: Cleanup prog_locate_hookWim Vervoorn
Cleanup of the prog_locate_hook routine so the actual coreboot flow is more clearly reflected in the code. Remove logging that is not really needed. BUG=N/A TEST=tested on fbg1701 Change-Id: Iab6c75beac35d043d296336021c0bce1f828cf34 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36846 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-15vendorcode/eltan/security: Remove cbfs prepare and locateWim Vervoorn
The prepare functionality will be removed from cbfs support and the eltan verified boot is the only software using it. This is not really required as we can use the prog_locate_hook() for this functionality. BUG=N/A TEST=tested on fbg1701 Change-Id: I189cbad4b24bbbb0840ce6100c89a42a327c5456 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36821 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-15vendorcode/eltan/security: Add all verify_lists to include fileWim Vervoorn
Some of the verify lists were added to the include file while others are on vboot_check.c. Also added the ramstage_verify_list. BUG=N/A TEST=tested on fbg1701 Change-Id: If4f1d8b2278277d0af78e357ecce0d5bef441179 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36820 Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-15vendor/eltan/security: Removed long lines from vboot_checkWim Vervoorn
Removed long lines from the verified_boot_check_buffer() function. BUG=N/A TEST=build Change-Id: I2ea0ae82bd531355111d6b45c67bdc2b1759b7bc Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36849 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-14vendorcode/amd/agesa: Correct typoWim Vervoorn
Correct typo of 'uninitialized' BUG=N/A TEST=build Change-Id: I43c6eb0287d23546a2abb330c7cc8585a33b27b5 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36776 Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-14cbfs: Stop checking master headerJulius Werner
The CBFS master header is a legacy structure that just conveys the same information we already have from the FMAP these days. We're still including it to support older CBFS implementations in some payloads, but there's no need for coreboot itself to follow this indirection anymore. This patch simplifies the default CBFS locator to just return the CBFS offset and size from the FMAP directly. Change-Id: I6b00dd7f276364d62fa1f637efbaee0e80607c49 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36688 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-14cbfs: Make cbfs_master_header_props() externally availableJulius Werner
This patch makes the CBFS default locator .locate() callback externally available so that code which overrides cbfs_master_header_locator can reuse or wrap it and doesn't have to copy&paste the whole thing. Use it for the Eltan vendorcode implementation which previously did this. Change-Id: I54dad5c8ea64ea0fc472217e275daa815736991e Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36797 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-12vendorcode/intel/Kconfig: Hide UDK_VERSION when unneededElyes HAOUAS
This cleans .config from unused UDK_VERSION's symbol. Change-Id: I2a17db711f615d388dbd964f67ff2cc7875c54fb Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/34536 Reviewed-by: Nico Huber <nico.h@gmx.de> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-11vendorcode/eltan/security/mboot/mboot.c: Correct parameter descriptionFrans Hendriks
The flags parameter of the tpm2_get_capability_pcrs() is used by mboot_hash_extend_log(). BUGS=NA TEST=Build Change-Id: Ia718d27f21d41a5e16230c74ca402ea6099470b2 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36680 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-08eltan/security: Replace __PRE_RAM__ with ENV_ROMSTAGE_OR_BEFOREKyösti Mälkki
Change-Id: Id56a63a67b7eb70dce6687bb9c2734a711f611b3 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36635 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-08eltan/security: Replace __BOOTBLOCK__ with ENV_BOOTBLOCKKyösti Mälkki
Change-Id: I6ec5a33cd6a6342adfe73c050e0c376bbefad96a Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36634 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-08eltan/security: Remove some preprocessor guardsKyösti Mälkki
We generally let garbage-collection take care of unused functions. While at it, move some related variable declarations in to the header file and declare them const like they should be. Change-Id: I7c6fa15bd45f861f13b6123ccb14c55415e42bc7 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36632 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-05vendorcode/eltan/security: Align mboot with coreboot tpmWim Vervoorn
Align the eltan mboot support with coreboot tpm support to limit the amount of custom code. We now only support SHA256 pcrs, only single a single digest will be handled in a call. The pcr invalidation has been changed fixed values are now loaded while the correct algortihm is selected. BUG=N/A TEST=tested on fbg1701 Change-Id: Id11389ca90c1e6121293353402a2dd464a2e6727 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36483 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>