diff options
author | Kapil Porwal <kapilporwal@google.com> | 2024-06-17 11:32:58 +0000 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2024-06-21 15:17:12 +0000 |
commit | 53e5d1f553645bdd929f3dfa9d4b02800b46f2df (patch) | |
tree | 750820461c654276921c5cf066d5d85776eaa255 | |
parent | 2a84b8334970fb22b4b32ff0d638092fc81fbc12 (diff) |
soc/intel/cmn/block/cse: Create CBMEM entries for payload to fill with CSE info
Currently, the payload cannot create new CBMEM entries as there is
no such infrastructure available. The Intel CSE driver in the payload
needs below CBMEM entries -
1. CBMEM_ID_CSE_INFO to -
a. Avoid reading ISH firmware version on consecutive boots.
b. Track state of PSR data during CSE downgrade operation.
2. CBMEM_ID_CSE_BP_INFO to avoid reading CSE boot partition
information on consecutive boots.
The idea here is to create required CBMEM entries in coreboot so
that later they can be consumed by the payload.
BUG=b:305898363
TEST=Store CSE version info in CBMEM area in depthcharge on Screebo
Signed-off-by: Kapil Porwal <kapilporwal@google.com>
Change-Id: I9561884f7b9f24d9533d2c433b4f6d062c9b1585
Reviewed-on: https://review.coreboot.org/c/coreboot/+/83103
Reviewed-by: Subrata Banik <subratabanik@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
-rw-r--r-- | src/soc/intel/common/block/cse/cse_lite.c | 153 | ||||
-rw-r--r-- | src/soc/intel/common/block/include/intelblocks/cse_layout.h | 11 | ||||
-rw-r--r-- | src/soc/intel/common/block/include/intelblocks/cse_lite.h | 117 |
3 files changed, 166 insertions, 115 deletions
diff --git a/src/soc/intel/common/block/cse/cse_lite.c b/src/soc/intel/common/block/cse/cse_lite.c index 6e5b451c12..4e3a44661d 100644 --- a/src/soc/intel/common/block/cse/cse_lite.c +++ b/src/soc/intel/common/block/cse/cse_lite.c @@ -12,6 +12,7 @@ #include <intelbasecode/debug_feature.h> #include <intelblocks/cse.h> #include <intelblocks/cse_layout.h> +#include <intelblocks/cse_lite.h> #include <intelblocks/spi.h> #include <security/vboot/misc.h> #include <security/vboot/vboot_common.h> @@ -20,121 +21,6 @@ #include "cse_lite_cmos.h" -#define BPDT_HEADER_SZ sizeof(struct bpdt_header) -#define BPDT_ENTRY_SZ sizeof(struct bpdt_entry) -#define SUBPART_HEADER_SZ sizeof(struct subpart_hdr) -#define SUBPART_ENTRY_SZ sizeof(struct subpart_entry) -#define SUBPART_MANIFEST_HDR_SZ sizeof(struct subpart_entry_manifest_header) - -/* Converts bp index to boot partition string */ -#define GET_BP_STR(bp_index) (bp_index ? "RW" : "RO") - -/* CSE RW boot partition signature */ -#define CSE_RW_SIGNATURE 0x000055aa - -/* CSE RW boot partition signature size */ -#define CSE_RW_SIGN_SIZE sizeof(uint32_t) - -/* - * CSE Firmware supports 3 boot partitions. For CSE Lite SKU, only 2 boot partitions are - * used and 3rd boot partition is set to BP_STATUS_PARTITION_NOT_PRESENT. - * CSE Lite SKU Image Layout: - * +------------+ +----+------+----+ +-----+------+-----+ - * | CSE REGION | => | RO | DATA | RW | => | BP1 | DATA | BP2 | - * +------------+ +----+------+----+ +-----+------+-----+ - */ -#define CSE_MAX_BOOT_PARTITIONS 3 - -/* CSE Lite SKU's valid bootable partition identifiers */ -enum boot_partition_id { - /* RO(BP1) contains recovery/minimal boot firmware */ - RO = 0, - - /* RW(BP2) contains fully functional CSE firmware */ - RW = 1 -}; - -/* - * Boot partition status. - * The status is returned in response to MKHI_BUP_COMMON_GET_BOOT_PARTITION_INFO cmd. - */ -enum bp_status { - /* This value is returned when a partition has no errors */ - BP_STATUS_SUCCESS = 0, - - /* - * This value is returned when a partition should be present based on layout, but it is - * not valid. - */ - BP_STATUS_GENERAL_FAILURE = 1, - - /* This value is returned when a partition is not present per initial image layout */ - BP_STATUS_PARTITION_NOT_PRESENT = 2, - - /* - * This value is returned when unexpected issues are detected in CSE Data area - * and CSE TCB-SVN downgrade scenario. - */ - BP_STATUS_DATA_FAILURE = 3, -}; - -/* - * Boot Partition Info Flags - * The flags are returned in response to MKHI_BUP_COMMON_GET_BOOT_PARTITION_INFO cmd. - */ -enum bp_info_flags { - /* Redundancy Enabled: It indicates CSE supports RO(BP1) and RW(BP2) regions */ - BP_INFO_REDUNDANCY_EN = 1 << 0, - - /* It indicates RO(BP1) supports Minimal Recovery Mode */ - BP_INFO_MIN_RECOV_MODE_EN = 1 << 1, - - /* - * Read-only Config Enabled: It indicates HW protection to CSE RO region is enabled. - * The option is relevant only if the BP_INFO_MIN_RECOV_MODE_EN flag is enabled. - */ - BP_INFO_READ_ONLY_CFG = 1 << 2, -}; - -/* CSE boot partition entry info */ -struct cse_bp_entry { - /* Boot partition version */ - struct fw_version fw_ver; - - /* Boot partition status */ - uint32_t status; - - /* Starting offset of the partition within CSE region */ - uint32_t start_offset; - - /* Ending offset of the partition within CSE region */ - uint32_t end_offset; - uint8_t reserved[12]; -} __packed; - -/* CSE boot partition info */ -struct cse_bp_info { - /* Number of boot partitions */ - uint8_t total_number_of_bp; - - /* Current boot partition */ - uint8_t current_bp; - - /* Next boot partition */ - uint8_t next_bp; - - /* Boot Partition Info Flags */ - uint8_t flags; - - /* Boot Partition Entry Info */ - struct cse_bp_entry bp_entries[CSE_MAX_BOOT_PARTITIONS]; -} __packed; - -struct get_bp_info_rsp { - struct mkhi_hdr hdr; - struct cse_bp_info bp_info; -} __packed; - static struct get_bp_info_rsp cse_bp_info_rsp; enum cse_fw_state { @@ -331,6 +217,9 @@ static void cse_store_rw_fw_version(void) /* Function to copy PRERAM CSE specific info to pertinent CBMEM. */ static void preram_cse_info_sync_to_cbmem(int is_recovery) { + if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD)) + return; + if (vboot_recovery_mode_enabled() || !CONFIG(SOC_INTEL_STORE_CSE_FW_VERSION)) return; @@ -517,6 +406,9 @@ static enum cb_err cse_get_bp_info(void) void cse_fill_bp_info(void) { + if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD)) + return; + if (vboot_recovery_mode_enabled()) return; @@ -527,6 +419,9 @@ void cse_fill_bp_info(void) /* Function to copy PRERAM CSE BP info to pertinent CBMEM. */ static void preram_cse_bp_info_sync_to_cbmem(int is_recovery) { + if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD)) + return; + if (vboot_recovery_mode_enabled()) return; @@ -1585,6 +1480,9 @@ static bool is_ish_version_valid(struct cse_fw_ish_version_info *version) */ static void store_ish_version(void) { + if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD)) + return; + if (!ENV_RAMSTAGE) return; @@ -1644,6 +1542,31 @@ static void store_ish_version(void) } } +static void preram_create_cbmem_cse_info(int is_recovery) +{ + if (!CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD)) + return; + + /* + * CBMEM_ID_CSE_INFO will be used by the payload to - + * 1. Avoid reading ISH firmware version on consecutive boots. + * 2. Track state of PSR data during CSE downgrade operation. + */ + void *temp = cbmem_add(CBMEM_ID_CSE_INFO, sizeof(struct cse_specific_info)); + if (!temp) + printk(BIOS_ERR, "cse_lite: Couldn't create CBMEM_ID_CSE_INFO\n"); + + /* + * CBMEM_ID_CSE_BP_INFO will be used by the payload to avoid reading CSE + * boot partition information on consecutive boots. + */ + temp = cbmem_add(CBMEM_ID_CSE_BP_INFO, sizeof(struct get_bp_info_rsp)); + if (!temp) + printk(BIOS_ERR, "cse_lite: Couldn't create CBMEM_ID_CSE_BP_INFO\n"); +} + +CBMEM_CREATION_HOOK(preram_create_cbmem_cse_info); + static void ramstage_cse_misc_ops(void *unused) { if (acpi_get_sleep_type() == ACPI_S3) diff --git a/src/soc/intel/common/block/include/intelblocks/cse_layout.h b/src/soc/intel/common/block/include/intelblocks/cse_layout.h index 4c88cc52d3..f5ff632d6d 100644 --- a/src/soc/intel/common/block/include/intelblocks/cse_layout.h +++ b/src/soc/intel/common/block/include/intelblocks/cse_layout.h @@ -1,6 +1,9 @@ /* BPDT version 1.7 support */ /* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SOC_INTEL_COMMON_CSE_LAYOUT_H +#define SOC_INTEL_COMMON_CSE_LAYOUT_H + #include <sys/types.h> enum bpdt_entry_type { @@ -103,3 +106,11 @@ struct subpart_entry_manifest_header { uint16_t hotfix; } binary_version; } __packed; + +#define BPDT_HEADER_SZ sizeof(struct bpdt_header) +#define BPDT_ENTRY_SZ sizeof(struct bpdt_entry) +#define SUBPART_HEADER_SZ sizeof(struct subpart_hdr) +#define SUBPART_ENTRY_SZ sizeof(struct subpart_entry) +#define SUBPART_MANIFEST_HDR_SZ sizeof(struct subpart_entry_manifest_header) + +#endif // SOC_INTEL_COMMON_CSE_LAYOUT_H diff --git a/src/soc/intel/common/block/include/intelblocks/cse_lite.h b/src/soc/intel/common/block/include/intelblocks/cse_lite.h new file mode 100644 index 0000000000..46666b6d55 --- /dev/null +++ b/src/soc/intel/common/block/include/intelblocks/cse_lite.h @@ -0,0 +1,117 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#ifndef SOC_INTEL_COMMON_CSE_LITE_H +#define SOC_INTEL_COMMON_CSE_LITE_H + +#include <sys/types.h> + +/* Converts bp index to boot partition string */ +#define GET_BP_STR(bp_index) (bp_index ? "RW" : "RO") + +/* CSE RW boot partition signature */ +#define CSE_RW_SIGNATURE 0x000055aa + +/* CSE RW boot partition signature size */ +#define CSE_RW_SIGN_SIZE sizeof(uint32_t) + +/* + * CSE Firmware supports 3 boot partitions. For CSE Lite SKU, only 2 boot partitions are + * used and 3rd boot partition is set to BP_STATUS_PARTITION_NOT_PRESENT. + * CSE Lite SKU Image Layout: + * +------------+ +----+------+----+ +-----+------+-----+ + * | CSE REGION | => | RO | DATA | RW | => | BP1 | DATA | BP2 | + * +------------+ +----+------+----+ +-----+------+-----+ + */ +#define CSE_MAX_BOOT_PARTITIONS 3 + +/* CSE Lite SKU's valid bootable partition identifiers */ +enum boot_partition_id { + /* RO(BP1) contains recovery/minimal boot firmware */ + RO = 0, + + /* RW(BP2) contains fully functional CSE firmware */ + RW = 1 +}; + +/* + * Boot partition status. + * The status is returned in response to MKHI_BUP_COMMON_GET_BOOT_PARTITION_INFO cmd. + */ +enum bp_status { + /* This value is returned when a partition has no errors */ + BP_STATUS_SUCCESS = 0, + + /* + * This value is returned when a partition should be present based on layout, but it is + * not valid. + */ + BP_STATUS_GENERAL_FAILURE = 1, + + /* This value is returned when a partition is not present per initial image layout */ + BP_STATUS_PARTITION_NOT_PRESENT = 2, + + /* + * This value is returned when unexpected issues are detected in CSE Data area + * and CSE TCB-SVN downgrade scenario. + */ + BP_STATUS_DATA_FAILURE = 3, +}; + +/* + * Boot Partition Info Flags + * The flags are returned in response to MKHI_BUP_COMMON_GET_BOOT_PARTITION_INFO cmd. + */ +enum bp_info_flags { + /* Redundancy Enabled: It indicates CSE supports RO(BP1) and RW(BP2) regions */ + BP_INFO_REDUNDANCY_EN = 1 << 0, + + /* It indicates RO(BP1) supports Minimal Recovery Mode */ + BP_INFO_MIN_RECOV_MODE_EN = 1 << 1, + + /* + * Read-only Config Enabled: It indicates HW protection to CSE RO region is enabled. + * The option is relevant only if the BP_INFO_MIN_RECOV_MODE_EN flag is enabled. + */ + BP_INFO_READ_ONLY_CFG = 1 << 2, +}; + +/* CSE boot partition entry info */ +struct cse_bp_entry { + /* Boot partition version */ + struct fw_version fw_ver; + + /* Boot partition status */ + uint32_t status; + + /* Starting offset of the partition within CSE region */ + uint32_t start_offset; + + /* Ending offset of the partition within CSE region */ + uint32_t end_offset; + uint8_t reserved[12]; +} __packed; + +/* CSE boot partition info */ +struct cse_bp_info { + /* Number of boot partitions */ + uint8_t total_number_of_bp; + + /* Current boot partition */ + uint8_t current_bp; + + /* Next boot partition */ + uint8_t next_bp; + + /* Boot Partition Info Flags */ + uint8_t flags; + + /* Boot Partition Entry Info */ + struct cse_bp_entry bp_entries[CSE_MAX_BOOT_PARTITIONS]; +} __packed; + +struct get_bp_info_rsp { + struct mkhi_hdr hdr; + struct cse_bp_info bp_info; +} __packed; + +#endif // SOC_INTEL_COMMON_CSE_LITE_H |