diff options
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/soc/intel/cse_fw_update/Layout_after.svg | 150 | ||||
-rw-r--r-- | Documentation/soc/intel/cse_fw_update/Layout_before.svg | 95 | ||||
-rw-r--r-- | Documentation/soc/intel/cse_fw_update/cse_fw_update.md | 127 | ||||
-rw-r--r-- | Documentation/soc/intel/index.md | 1 |
4 files changed, 373 insertions, 0 deletions
diff --git a/Documentation/soc/intel/cse_fw_update/Layout_after.svg b/Documentation/soc/intel/cse_fw_update/Layout_after.svg new file mode 100644 index 0000000000..95720db6b5 --- /dev/null +++ b/Documentation/soc/intel/cse_fw_update/Layout_after.svg @@ -0,0 +1,150 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> +<!-- Generated by Microsoft Visio, SVG Export Layout_after.svg Page-1 --> +<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ev="http://www.w3.org/2001/xml-events" + width="2.39231in" height="2.05998in" viewBox="0 0 172.246 148.318" xml:space="preserve" color-interpolation-filters="sRGB" + class="st12"> + <style type="text/css"> + <![CDATA[ + .st1 {fill:#ffffff;stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.24} + .st2 {fill:#000000;font-family:Calibri;font-size:0.333344em} + .st3 {fill:#ffc000;stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.24} + .st4 {fill:#000000;font-family:Calibri;font-size:0.499992em} + .st5 {fill:#a5a5a5;stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.24} + .st6 {fill:#a5a5a5;stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:1} + .st7 {fill:none;stroke:none;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.75} + .st8 {stroke:#4bacc6;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.75} + .st9 {font-size:1em} + .st10 {marker-end:url(#mrkr4-59);stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.75} + .st11 {fill:#000000;fill-opacity:1;stroke:#000000;stroke-opacity:1;stroke-width:0.22935779816514} + .st12 {fill:none;fill-rule:evenodd;font-size:12px;overflow:visible;stroke-linecap:square;stroke-miterlimit:3} + ]]> + </style> + + <defs id="Markers"> + <g id="lend4"> + <path d="M 2 1 L 0 0 L 2 -1 L 2 1 " style="stroke:none"/> + </g> + <marker id="mrkr4-59" class="st11" refX="-8.72" orient="auto" markerUnits="strokeWidth" overflow="visible"> + <use xlink:href="#lend4" transform="scale(-4.36,-4.36) "/> + </marker> + </defs> + <g> + <title>Page-1</title> + <g id="shape116-1" transform="translate(38.7567,-139.932)"> + <title>Rectangle.116</title> + <desc>DESC</desc> + <rect x="0" y="143.783" width="79.3701" height="4.53543" class="st1"/> + <text x="35.49" y="147.25" class="st2">DESC</text> </g> + <g id="shape117-4" transform="translate(38.7567,-130.935)"> + <title>Rectangle.117</title> + <desc>CSE - RO</desc> + <rect x="0" y="139.605" width="79.3701" height="8.71293" class="st3"/> + <text x="29.35" y="145.76" class="st4">CSE - RO</text> </g> + <g id="shape118-7" transform="translate(38.5344,-4.54823)"> + <title>Rectangle.118</title> + <rect x="0" y="29.8973" width="79.5923" height="118.421" class="st1"/> + </g> + <g id="shape119-9" transform="translate(41.225,-5.80807)"> + <title>Rectangle.119</title> + <desc>COREBOOT_RO</desc> + <rect x="0" y="119.972" width="74.3581" height="28.3465" class="st5"/> + <text x="18.32" y="135.95" class="st4">COREBOOT_RO</text> </g> + <g id="shape120-12" transform="translate(41.225,-34.1545)"> + <title>Rectangle.120</title> + <desc>RW_MISC</desc> + <rect x="0" y="143.907" width="74.3581" height="4.41113" class="st5"/> + <text x="29.12" y="147.31" class="st2">RW_MISC</text> </g> + <g id="shape121-15" transform="translate(41.225,-38.7215)"> + <title>Rectangle.121</title> + <desc>FW_MAIN_B</desc> + <rect x="0" y="119.972" width="74.3581" height="28.3465" class="st6"/> + <text x="21.52" y="129.37" class="st4">FW_MAIN_B</text> </g> + <g id="shape122-18" transform="translate(41.225,-67.0679)"> + <title>Rectangle.122</title> + <desc>FW_MAIN_A</desc> + <rect x="0" y="119.972" width="74.3581" height="28.3465" class="st6"/> + <text x="21.41" y="129.37" class="st4">FW_MAIN_A</text> </g> + <g id="shape123-21" transform="translate(3.88308,-0.375)"> + <title>Sheet.123</title> + <desc>0x1FFFFFF</desc> + <rect x="0" y="137.688" width="41.4007" height="10.6299" class="st7"/> + <text x="8.09" y="144.8" class="st4">0x1FFFFFF</text> </g> + <g id="shape124-24" transform="translate(21.7488,-138.564)"> + <title>Sheet.124</title> + <desc>0x0</desc> + <rect x="0" y="138.939" width="21.2598" height="9.37934" class="st7"/> + <text x="6.29" y="145.43" class="st4">0x0</text> </g> + <g id="shape125-27" transform="translate(41.2627,-96.0443)"> + <title>Rectangle.125</title> + <desc>RW_LEGACY</desc> + <rect x="0" y="122.448" width="74.3581" height="25.8706" class="st5"/> + <text x="27.04" y="136.58" class="st2">RW_LEGACY</text> </g> + <g id="shape126-30" transform="translate(119.253,-6.75295)"> + <title>Right Brace.126</title> + <path d="M-0 148.32 A9.42279 2.96575 -180 0 0 5.11 146.6 L5.11 135.46 L10.21 135.46 L5.11 135.46 L5.11 124.32 A9.42279 + 2.96575 -180 0 0 0 122.6" class="st8"/> + </g> + <g id="shape127-33" transform="translate(120.961,-10.2963)"> + <title>Sheet.127</title> + <desc>HW WP</desc> + <rect x="0" y="137.688" width="31.1811" height="10.6299" class="st7"/> + <text x="6.16" y="144.8" class="st4">HW WP</text> </g> + <g id="shape128-36" transform="translate(119.43,-123.061)"> + <title>Right Brace.128</title> + <path d="M-0 148.32 a10.4615 0.900102 -180 0 0 5.66929 -0.520272 L5.67 144.42 L11.34 144.42 L5.67 144.42 L5.67 141.03 + a10.4615 0.900102 -180 0 0 -5.66929 -0.520272" class="st8"/> + </g> + <g id="shape129-39" transform="translate(126.517,-119.597)"> + <title>Sheet.129</title> + <desc>SPI Controller WP via descriptor</desc> + <rect x="0" y="138.043" width="45.3543" height="10.2756" class="st7"/> + <text x="5.53" y="141.98" class="st2">SPI Controller WP via <tspan x="14.37" dy="1.2em" class="st9">descriptor</tspan></text> </g> + <g id="group130-43" transform="translate(42.8947,-77.0772)"> + <title>Sheet.130</title> + <g id="shape131-44"> + <title>Rectangle.423</title> + <desc>CSE-RW</desc> + <rect x="0" y="141.232" width="70.8661" height="7.08661" class="st3"/> + <text x="25.77" y="146.58" class="st4">CSE-RW</text> </g> + </g> + <g id="group132-47" transform="translate(42.8947,-48.7307)"> + <title>Sheet.132</title> + <g id="shape133-48"> + <title>Rectangle.423</title> + <desc>CSE-RW</desc> + <rect x="0" y="141.232" width="70.8661" height="7.08661" class="st3"/> + <text x="25.77" y="146.58" class="st4">CSE-RW</text> </g> + </g> + <g id="shape134-51" transform="translate(38.6427,-123.114)"> + <title>Rectangle.134</title> + <desc>CSE-RW</desc> + <rect x="0" y="140.497" width="79.3701" height="7.82103" class="st3"/> + <text x="30.03" y="146.21" class="st4">CSE-RW</text> </g> + <g id="shape135-54" transform="translate(41.225,-52.8947)"> + <title>Universal connector.473</title> + <path d="M0 148.32 L-8.38 148.32 A8.37776 8.37776 0 0 1 -16.76 139.94 L-16.76 111.25 L-16.76 81.27 A7.08661 7.08661 0 + 0 1 -9.67 74.19 L-9.12 74.19" class="st10"/> + </g> + <g id="shape136-60" transform="translate(41.225,-81.2411)"> + <title>Universal connector.136</title> + <path d="M0 148.32 L-8.38 148.32 A8.37776 8.37776 0 0 1 -16.76 139.94 L-16.76 125.43 L-16.76 109.62 A7.08661 7.08661 + 0 0 1 -9.67 102.53 L-9.12 102.53" class="st10"/> + </g> + <g id="shape138-65" transform="translate(-124.557,86.8317) rotate(-90)"> + <title>Sheet.138</title> + <desc>CSE RW copied during an update</desc> + <rect x="0" y="124.932" width="58.1102" height="23.3858" class="st7"/> + <text x="10.77" y="134.83" class="st4">CSE RW copied <tspan x="8.15" dy="1.2em" class="st9">during an update</tspan></text> </g> + <g id="shape139-69" transform="translate(119.43,-133.052)"> + <title>Right Brace.139</title> + <path d="M0 148.32 a10.4615 0.736641 -180 0 0 5.66929 -0.425789 L5.67 145.12 L11.34 145.12 L5.67 145.12 L5.67 142.36 + a10.4615 0.736641 -180 0 0 -5.66929 -0.425789" class="st8"/> + </g> + <g id="shape140-72" transform="translate(127.934,-133.061)"> + <title>Sheet.140</title> + <desc>GRP0 Protected</desc> + <rect x="0" y="140.523" width="35.4331" height="7.79528" class="st7"/> + <text x="4.86" y="145.62" class="st2">GRP0 Protected</text> </g> + </g> +</svg> diff --git a/Documentation/soc/intel/cse_fw_update/Layout_before.svg b/Documentation/soc/intel/cse_fw_update/Layout_before.svg new file mode 100644 index 0000000000..d03754880e --- /dev/null +++ b/Documentation/soc/intel/cse_fw_update/Layout_before.svg @@ -0,0 +1,95 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> +<!-- Generated by Microsoft Visio, SVG Export Layout_before.svg Page-1 --> +<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ev="http://www.w3.org/2001/xml-events" + width="2.3058in" height="2.05998in" viewBox="0 0 166.017 148.318" xml:space="preserve" color-interpolation-filters="sRGB" + class="st11"> + <style type="text/css"> + <![CDATA[ + .st1 {fill:#ffffff;stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.24} + .st2 {fill:#000000;font-family:Calibri;font-size:0.333344em} + .st3 {fill:#ffc000;stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.24} + .st4 {fill:#000000;font-family:Calibri;font-size:0.499992em} + .st5 {fill:#a5a5a5;stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.24} + .st6 {fill:#a5a5a5;stroke:#000000;stroke-linecap:round;stroke-linejoin:round;stroke-width:1} + .st7 {fill:none;stroke:none;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.75} + .st8 {stroke:#4bacc6;stroke-linecap:round;stroke-linejoin:round;stroke-width:0.75} + .st9 {fill:#000000;font-family:Calibri;font-size:0.416656em} + .st10 {font-size:1em} + .st11 {fill:none;fill-rule:evenodd;font-size:12px;overflow:visible;stroke-linecap:square;stroke-miterlimit:3} + ]]> + </style> + + <g> + <title>Page-1</title> + <g id="shape87-1" transform="translate(35.2486,-139.932)"> + <title>Rectangle.178</title> + <desc>DESC</desc> + <rect x="0" y="143.783" width="79.3701" height="4.53543" class="st1"/> + <text x="35.49" y="147.25" class="st2">DESC</text> </g> + <g id="shape88-4" transform="translate(35.2486,-122.945)"> + <title>Rectangle.179</title> + <desc>CSME/PMC</desc> + <rect x="0" y="131.615" width="79.3701" height="16.7031" class="st3"/> + <text x="25.8" y="141.02" class="st4">CSME/PMC</text> </g> + <g id="shape89-7" transform="translate(35.0263,-4.54823)"> + <title>Rectangle.180</title> + <rect x="0" y="29.8973" width="79.5923" height="118.421" class="st1"/> + </g> + <g id="shape90-9" transform="translate(37.7169,-5.80807)"> + <title>Rectangle.181</title> + <desc>COREBOOT_RO</desc> + <rect x="0" y="119.972" width="74.3581" height="28.3465" class="st5"/> + <text x="18.32" y="135.95" class="st4">COREBOOT_RO</text> </g> + <g id="shape91-12" transform="translate(37.7169,-34.1545)"> + <title>Rectangle.182</title> + <desc>RW_MISC</desc> + <rect x="0" y="143.907" width="74.3581" height="4.41113" class="st5"/> + <text x="29.12" y="147.31" class="st2">RW_MISC</text> </g> + <g id="shape92-15" transform="translate(37.7169,-38.7215)"> + <title>Rectangle.183</title> + <desc>FW_MAIN_B</desc> + <rect x="0" y="119.972" width="74.3581" height="28.3465" class="st6"/> + <text x="21.52" y="129.37" class="st4">FW_MAIN_B</text> </g> + <g id="shape93-18" transform="translate(37.7169,-67.0679)"> + <title>Rectangle.184</title> + <desc>FW_MAIN_A</desc> + <rect x="0" y="119.972" width="74.3581" height="28.3465" class="st6"/> + <text x="21.41" y="129.37" class="st4">FW_MAIN_A</text> </g> + <g id="shape94-21" transform="translate(0.375,-0.375)"> + <title>Sheet.94</title> + <desc>0x1FFFFFF</desc> + <rect x="0" y="137.688" width="41.4007" height="10.6299" class="st7"/> + <text x="8.09" y="144.8" class="st4">0x1FFFFFF</text> </g> + <g id="shape95-24" transform="translate(18.2407,-138.564)"> + <title>Sheet.95</title> + <desc>0x0</desc> + <rect x="0" y="138.939" width="21.2598" height="9.37934" class="st7"/> + <text x="6.29" y="145.43" class="st4">0x0</text> </g> + <g id="shape106-27" transform="translate(37.7546,-96.0443)"> + <title>Rectangle.106</title> + <desc>RW_LEGACY</desc> + <rect x="0" y="122.448" width="74.3581" height="25.8706" class="st5"/> + <text x="27.04" y="136.58" class="st2">RW_LEGACY</text> </g> + <g id="shape113-30" transform="translate(115.744,-6.75295)"> + <title>Right Brace.398</title> + <path d="M-0 148.32 A9.42279 2.96575 -180 0 0 5.11 146.6 L5.11 135.46 L10.21 135.46 L5.11 135.46 L5.11 124.32 A9.42279 + 2.96575 -180 0 0 0 122.6" class="st8"/> + </g> + <g id="shape96-33" transform="translate(117.453,-10.2963)"> + <title>Sheet.96</title> + <desc>HW WP</desc> + <rect x="0" y="137.688" width="31.1811" height="10.6299" class="st7"/> + <text x="6.16" y="144.8" class="st4">HW WP</text> </g> + <g id="shape115-36" transform="translate(116.508,-123.131)"> + <title>Right Brace.115</title> + <path d="M0 148.32 A10.4615 2.27029 -180 0 0 5.67 147.01 L5.67 138.48 L11.34 138.48 L5.67 138.48 L5.67 129.95 A10.4615 + 2.27029 -180 0 0 0 128.63" class="st8"/> + </g> + <g id="shape97-39" transform="translate(120.288,-122.265)"> + <title>Sheet.97</title> + <desc>SPI Controller WP via descriptor</desc> + <rect x="0" y="124.932" width="45.3543" height="23.3858" class="st7"/> + <text x="4.71" y="135.13" class="st9">SPI Controller WP <tspan x="8.83" dy="1.2em" class="st10">via descriptor</tspan></text> </g> + </g> +</svg> diff --git a/Documentation/soc/intel/cse_fw_update/cse_fw_update.md b/Documentation/soc/intel/cse_fw_update/cse_fw_update.md new file mode 100644 index 0000000000..98fe310113 --- /dev/null +++ b/Documentation/soc/intel/cse_fw_update/cse_fw_update.md @@ -0,0 +1,127 @@ +CSE FW update mechanism for devices in field + +## Introduction + +CSE Firmware and PMC Firmware are critical components of Intel SoCs. +CSE and PMC cooperate by providing platform services during boot and other +power transition flows. + +## Problem Statement + +Currently, on Chromium OS Systems, CSE region is not updatable. So, new CSE FW +versions that are released by Intel to address important functional and security +bugs post-product launch will not be available to the end-user. Hence, the proposed +solution allows in-field CSE FW update to propagate those bug fixes +to end user platforms. + +## Design Proposal + +### CSE FW design Proposal: + +Key Elements: + +- CSE FW layout is composed of two bootable partitions (RO Recovery Partition + and RW Normal Partition). + +- Boot partition selection: An API-based mechanism is used to decide from which partition + CSE will boot. + +- The HECI APIs below will be supported in this CSE FW: + + - HMRFPO_ENABLE: This command requests the CSE enter a mode in which writes to + the CSE region from the CSE are disabled. It also grants temporary write access + to the RW partition from the host (RO is still protected by GPR0). + + - GET_PARTITION_INFO: The command retrieves information for each boot partition from CSE + like version, start/end offsets of a partition within CSE region, and boot + partition status. Also, it provides below information: + - The current boot partition which was used during this boot, + - The boot partition that will be used on the next CSE reset + - The number of boot partitions available in the CSE region + + - SET_BOOT_PARTITION_INFO: This command allows the firmware to request the + CSE to boot from either its RO or RW partition at its next reset. + + - DATA_CLEAR: This command requests the CSE to reset its data partition back + to manufacturing defaults + +FW Layout, RW/RO Partitions: + +The CSE RO partition is the first in the CSE boot order, hence it will be used +out of G3. RO partition contains minimum CSE code capable to boot platform and +execute FW update of RW partition. In addition to CSE code, the RO partition also +contains PMC FW patch and other CSE-loadable platform FW components. + +RW partition contains fully operational CSE FW, PMC FW, other CSE loadable +platform FW components. + +Boot partition selection: + +CSE FW shall support 2 APIs to get boot partition info, and set boot partition +info to notify CSE to select the partition on the next boot. + +### HOST FW Design proposal: + +Key Elements: + +- Build time artifacts: + + CSE RW Version update binary - The FW shall pack CSE RW update blob and + corresponding version binary which contains version of the CSE RW blob. + +- FW Update: + + coreboot will implement the logic to compare the CSE's FW version with CBFS + CSE RW binary's version in the firmware slot (FW_MAIN_A/FW_MAIN_B) and update + the CSE RW region if there is a version mismatch. If there is no version + mismatch, firmware skips CSE FW update. + +- Handling of CSE FW Downgrade: + + coreboot will send DATA_CLEAR HECI command when there is a CSE FW downgrade. + This must be done to avoid data mismatch due to CSE FW downgrade. Further, + CSE will restore the data back to manufacturing defaults after data reset. + + +## Implementation Details + + +To enable CSE FW update flow the following changes are required in coreboot: + +* Descriptor change may be required to accommodate CSE binary. The CSE binary is tied with +a platform. So CSE size may vary from one platform to another. +* FMAP changes may be required to accommodate CSE binary and CSE RW blob in the RW CBFS region. +Please check platform specific CSE kit for CSE binary information. +* CSE Lite SKU binary and CSE RW blob +* Makefile change to pack CSE RW binaries in the CBFS +* Implementation of update flow: + - Get CSE boot partition info using GET_BOOT_PARTITION_INFO HECI command. + - Get the cbfs_me_rw.version from the currently selected RW slot. + - If the version from the above 2 locations don't match, then start CSE FW update. + - If CSE is not booting from RO, then + - Set the CSE's next boot partition to RO using SET_BOOT_PARTITION_INFO + HECI command. + - Send GLOBAL_RESET HECI command to reset the system. + - If RW update is a CSE FW downgrade, then coreboot has to send + DATA_CLEAR command to clear run time data of CSE. + - Enable HMRFPO Mode (Host ME Region Flash Protection Override) by + sending HMRFPO_ENABLE HECI command to CSE. + - Erase and Copy the CBFS CSE RW to CSE RW partition + - Set CSE's next boot partition to RW. + - Trigger Global Reset which resets both CSE and Host. + Then system should boot with the updated CSE. + +* The resulting flash layout is shown below: + +![Flash Layout](./Layout_before.svg) ![FlashLayout](./Layout_after.svg) + + + - Typical boot flow + + - Vboot selects the RW FW (FW_MAIN_A or FW_MAIN_B) to boot. + - coreboot skips CSE FW update flow if boot mode is recovery. + - If CSE RW blob is not locatable in the CBFS, then RW Firmware skips update flow + and sends SET_BOOT_PARTITION_INFO command to switch CSE to boot from RW + and issues Global Reset if CSE is already not booting from RW partition. + - The RW firmware will compare the CSE RW version with CSE RW blob in the slot. + - If there is a mismatch, then firmware will carry out update flow as explained before. diff --git a/Documentation/soc/intel/index.md b/Documentation/soc/intel/index.md index f30ff9a1d6..76b67dc46e 100644 --- a/Documentation/soc/intel/index.md +++ b/Documentation/soc/intel/index.md @@ -10,3 +10,4 @@ This section contains documentation about coreboot on specific Intel SOCs. - [MP Initialization](mp_init/mp_init.md) - [Firmware Interface Table](fit.md) - [Apollolake](apollolake/index.md) +- [CSE FW Update](cse_fw_update/cse_fw_update_model.md) |