diff options
author | Felix Held <felix-coreboot@felixheld.de> | 2023-10-04 21:10:36 +0200 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2023-10-25 18:00:52 +0000 |
commit | 51d1f30d0eed4d594d351cc3c1d92f48f45bfb27 (patch) | |
tree | 4a1e645dc8789b09c907ea160b52a310b39a2206 /src/soc/amd/genoa | |
parent | 2aa30051beeabf495af054f782e9a834e6bc9ad0 (diff) |
soc/amd/*/Kconfig: rework SPL options
Move all security patch level (SPL) related Kconfig options to the
common AMD PSP Kconfig file. Commit 4ab1db82bb30 ("soc/amd: rework SPL
file override and SPL fusing handling") already reworked the SPL
handling, but missed that another Kconfig option
SOC_AMD_COMMON_BLOCK_PSP_FUSE_SPL controlled if the PSP mailbox command
to update the SPL fuses was sent by the code that got added to the build
when PERFORM_SPL_FUSING was selected.
To make things less unexpected, rename PERFORM_SPL_FUSING to
SOC_AMD_COMMON_BLOCK_PSP_SPL since it actually controls if the SPL
support code is added to the build and also rename
SOC_AMD_COMMON_BLOCK_PSP_FUSE_SPL to PERFORM_SPL_FUSING. This changes
what PERFORM_SPL_FUSING will do from including the code that could do
the fusing if another option is set to being the option that controls if
the fusing mailbox command will be set. All SoCs that support SPL now
select SOC_AMD_COMMON_BLOCK_PSP_SPL in their Kconfig, which won't burn
any SPL fuses.
The logic in the Skyrim mainboard Kconfig file is reworked to select
PERFORM_SPL_FUSING for all boards on which the SPL fuses should be
updated; on Guybrush PERFORM_SPL_FUSING default is changed to y for all
variants. The option to include the code that checks the SPL fusing
conditions and allows sending the command to update the SPL fuses if the
corresponding Kconfig is set doesn't need to be added on the mainboard
level, since it's already selected at the SoC level.
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Change-Id: I12fd8775db66f16fe632674cd67c6af483e8d4e2
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78309
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@amd.corp-partner.google.com>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
Diffstat (limited to 'src/soc/amd/genoa')
-rw-r--r-- | src/soc/amd/genoa/Kconfig | 23 |
1 files changed, 1 insertions, 22 deletions
diff --git a/src/soc/amd/genoa/Kconfig b/src/soc/amd/genoa/Kconfig index 8bfae4f561..cfb878c2ea 100644 --- a/src/soc/amd/genoa/Kconfig +++ b/src/soc/amd/genoa/Kconfig @@ -18,6 +18,7 @@ config SOC_SPECIFIC_OPTIONS select SOC_AMD_COMMON_BLOCK_LPC select SOC_AMD_COMMON_BLOCK_NONCAR select SOC_AMD_COMMON_BLOCK_PCI_MMCONF + select SOC_AMD_COMMON_BLOCK_PSP_SPL select SOC_AMD_COMMON_BLOCK_SMI select SOC_AMD_COMMON_BLOCK_SMU select SOC_AMD_COMMON_BLOCK_SMU_SX_ENTRY @@ -131,28 +132,6 @@ config PSP_WHITELIST_FILE string "Debug whitelist file path" depends on HAVE_PSP_WHITELIST_FILE -config PERFORM_SPL_FUSING - bool "Send SPL fuse command to PSP" - default n - help - Send the Security Patch Level (SPL) fusing command to the PSP in - order to update the minimum SPL version to be written to the SoC's - fuse bits. This will prevent using any embedded firmware components - with lower SPL version. - - If unsure, answer 'n' - -config SPL_TABLE_FILE - string "SPL table file override" - help - Provide a mainboard-specific Security Patch Level (SPL) table file - override. The SPL file is required to support PSP FW anti-rollback - and needs to be created by AMD. The default SPL file specified in the - SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule - and applies to all boards that use the SoC without verstage on PSP. - In the verstage on PSP case, a different SPL file is specific as an - override via this Kconfig option. - config PSP_SOFTFUSE_BITS string "PSP Soft Fuse bits to enable" default "" |