diff options
Diffstat (limited to 'src/soc')
-rw-r--r-- | src/soc/amd/cezanne/Kconfig | 23 | ||||
-rw-r--r-- | src/soc/amd/common/block/psp/Kconfig | 45 | ||||
-rw-r--r-- | src/soc/amd/common/block/psp/Makefile.inc | 2 | ||||
-rw-r--r-- | src/soc/amd/common/block/psp/spl_fuse.c | 2 | ||||
-rw-r--r-- | src/soc/amd/genoa/Kconfig | 23 | ||||
-rw-r--r-- | src/soc/amd/glinda/Kconfig | 34 | ||||
-rw-r--r-- | src/soc/amd/mendocino/Kconfig | 34 | ||||
-rw-r--r-- | src/soc/amd/phoenix/Kconfig | 34 |
8 files changed, 48 insertions, 149 deletions
diff --git a/src/soc/amd/cezanne/Kconfig b/src/soc/amd/cezanne/Kconfig index ca84b33f06..452e3ec354 100644 --- a/src/soc/amd/cezanne/Kconfig +++ b/src/soc/amd/cezanne/Kconfig @@ -58,6 +58,7 @@ config SOC_AMD_CEZANNE select SOC_AMD_COMMON_BLOCK_PM select SOC_AMD_COMMON_BLOCK_PM_CHIPSET_STATE_SAVE select SOC_AMD_COMMON_BLOCK_PSP_GEN2 + select SOC_AMD_COMMON_BLOCK_PSP_SPL select SOC_AMD_COMMON_BLOCK_RESET select SOC_AMD_COMMON_BLOCK_SMBUS select SOC_AMD_COMMON_BLOCK_SMI @@ -376,28 +377,6 @@ config PSP_WHITELIST_FILE depends on HAVE_PSP_WHITELIST_FILE default "3rdparty/amd_blobs/cezanne/PSP/wtl-czn.sbin" -config PERFORM_SPL_FUSING - bool "Send SPL fuse command to PSP" - default n - help - Send the Security Patch Level (SPL) fusing command to the PSP in - order to update the minimum SPL version to be written to the SoC's - fuse bits. This will prevent using any embedded firmware components - with lower SPL version. - - If unsure, answer 'n' - -config SPL_TABLE_FILE - string "SPL table file override" - help - Provide a mainboard-specific Security Patch Level (SPL) table file - override. The SPL file is required to support PSP FW anti-rollback - and needs to be created by AMD. The default SPL file specified in the - SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule - and applies to all boards that use the SoC without verstage on PSP. - In the verstage on PSP case, a different SPL file is specific as an - override via this Kconfig option. - config PSP_SOFTFUSE_BITS string "PSP Soft Fuse bits to enable" default "28 6" diff --git a/src/soc/amd/common/block/psp/Kconfig b/src/soc/amd/common/block/psp/Kconfig index 68d68615ea..d86ad7cd0a 100644 --- a/src/soc/amd/common/block/psp/Kconfig +++ b/src/soc/amd/common/block/psp/Kconfig @@ -29,13 +29,50 @@ config SOC_AMD_PSP_SELECTABLE_SMU_FW fanned set of blobs. Ask your AMD representative whether your APU is considered fanless. -config SOC_AMD_COMMON_BLOCK_PSP_FUSE_SPL +config SOC_AMD_COMMON_BLOCK_PSP_SPL bool + help + Select this option in the SoC's Kconfig to include the Security Patch + Level (SPL) support code. This code will only send the actual SPL + fuse update command to the PSP if the PERFORM_SPL_FUSING option is + also selected. + +config PERFORM_SPL_FUSING + bool "Send SPL fusing command to PSP" default n - depends on SOC_AMD_COMMON_BLOCK_PSP_GEN2 + depends on SOC_AMD_COMMON_BLOCK_PSP_SPL help - Enable sending of set SPL message to PSP. Enable this option if the platform - will require SPL fusing to be performed by PSP. + Send the Security Patch Level (SPL) fusing command to the PSP in + order to update the minimum SPL version to be written to the SoC's + fuse bits. This will prevent using any embedded firmware components + with lower SPL version. + + If unsure, answer 'n' + +config SPL_TABLE_FILE + string "SPL table file override" + depends on SOC_AMD_COMMON_BLOCK_PSP_SPL + help + Provide a mainboard-specific Security Patch Level (SPL) table file + override. The SPL file is required to support PSP FW anti-rollback + and needs to be created by AMD. The default SPL file specified in the + SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule + and applies to all boards that use the SoC without verstage on PSP. + In the verstage on PSP case, a different SPL file is specific as an + override via this Kconfig option. + +config HAVE_SPL_RW_AB_FILE + bool "Have a separate mainboard-specific SPL file in RW A/B partitions" + default n + depends on SOC_AMD_COMMON_BLOCK_PSP_SPL + depends on VBOOT_SLOTS_RW_AB + help + Have separate mainboard-specific Security Patch Level (SPL) table + file for the RW A/B FMAP partitions. + +config SPL_RW_AB_TABLE_FILE + string "Separate SPL table file override for RW A/B partitions" + depends on HAVE_SPL_RW_AB_FILE config PSP_PLATFORM_SECURE_BOOT bool "Platform secure boot enable" diff --git a/src/soc/amd/common/block/psp/Makefile.inc b/src/soc/amd/common/block/psp/Makefile.inc index a89d4e97f7..d0fbcbe452 100644 --- a/src/soc/amd/common/block/psp/Makefile.inc +++ b/src/soc/amd/common/block/psp/Makefile.inc @@ -29,6 +29,6 @@ ramstage-$(CONFIG_SOC_AMD_COMMON_BLOCK_I2C3_TPM_SHARED_WITH_PSP) += tpm.c smm-y += psp_gen2.c smm-y += psp_smm_gen2.c -ramstage-$(CONFIG_PERFORM_SPL_FUSING) += spl_fuse.c +ramstage-$(CONFIG_SOC_AMD_COMMON_BLOCK_PSP_SPL) += spl_fuse.c endif # CONFIG_SOC_AMD_COMMON_BLOCK_PSP_GEN2 diff --git a/src/soc/amd/common/block/psp/spl_fuse.c b/src/soc/amd/common/block/psp/spl_fuse.c index d1313fb271..cb1fab0bc0 100644 --- a/src/soc/amd/common/block/psp/spl_fuse.c +++ b/src/soc/amd/common/block/psp/spl_fuse.c @@ -38,7 +38,7 @@ static void psp_set_spl_fuse(void *unused) return; } - if (!CONFIG(SOC_AMD_COMMON_BLOCK_PSP_FUSE_SPL)) + if (!CONFIG(PERFORM_SPL_FUSING)) return; printk(BIOS_DEBUG, "PSP: SPL Fusing Update Requested.\n"); diff --git a/src/soc/amd/genoa/Kconfig b/src/soc/amd/genoa/Kconfig index 8bfae4f561..cfb878c2ea 100644 --- a/src/soc/amd/genoa/Kconfig +++ b/src/soc/amd/genoa/Kconfig @@ -18,6 +18,7 @@ config SOC_SPECIFIC_OPTIONS select SOC_AMD_COMMON_BLOCK_LPC select SOC_AMD_COMMON_BLOCK_NONCAR select SOC_AMD_COMMON_BLOCK_PCI_MMCONF + select SOC_AMD_COMMON_BLOCK_PSP_SPL select SOC_AMD_COMMON_BLOCK_SMI select SOC_AMD_COMMON_BLOCK_SMU select SOC_AMD_COMMON_BLOCK_SMU_SX_ENTRY @@ -131,28 +132,6 @@ config PSP_WHITELIST_FILE string "Debug whitelist file path" depends on HAVE_PSP_WHITELIST_FILE -config PERFORM_SPL_FUSING - bool "Send SPL fuse command to PSP" - default n - help - Send the Security Patch Level (SPL) fusing command to the PSP in - order to update the minimum SPL version to be written to the SoC's - fuse bits. This will prevent using any embedded firmware components - with lower SPL version. - - If unsure, answer 'n' - -config SPL_TABLE_FILE - string "SPL table file override" - help - Provide a mainboard-specific Security Patch Level (SPL) table file - override. The SPL file is required to support PSP FW anti-rollback - and needs to be created by AMD. The default SPL file specified in the - SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule - and applies to all boards that use the SoC without verstage on PSP. - In the verstage on PSP case, a different SPL file is specific as an - override via this Kconfig option. - config PSP_SOFTFUSE_BITS string "PSP Soft Fuse bits to enable" default "" diff --git a/src/soc/amd/glinda/Kconfig b/src/soc/amd/glinda/Kconfig index 9f5d537076..a3b0ea6ec0 100644 --- a/src/soc/amd/glinda/Kconfig +++ b/src/soc/amd/glinda/Kconfig @@ -61,6 +61,7 @@ config SOC_AMD_GLINDA select SOC_AMD_COMMON_BLOCK_PM # TODO: Check if this is still correct select SOC_AMD_COMMON_BLOCK_PM_CHIPSET_STATE_SAVE # TODO: Check if this is still correct select SOC_AMD_COMMON_BLOCK_PSP_GEN2 # TODO: Check if this is still correct + select SOC_AMD_COMMON_BLOCK_PSP_SPL select SOC_AMD_COMMON_BLOCK_RESET select SOC_AMD_COMMON_BLOCK_SMBUS # TODO: Check if this is still correct select SOC_AMD_COMMON_BLOCK_SMI # TODO: Check if this is still correct @@ -349,39 +350,6 @@ config PSP_WHITELIST_FILE depends on HAVE_PSP_WHITELIST_FILE default "site-local/3rdparty/amd_blobs/glinda/PSP/wtl-mrg.sbin" -config PERFORM_SPL_FUSING - bool "Send SPL fuse command to PSP" - default n - help - Send the Security Patch Level (SPL) fusing command to the PSP in - order to update the minimum SPL version to be written to the SoC's - fuse bits. This will prevent using any embedded firmware components - with lower SPL version. - - If unsure, answer 'n' - -config SPL_TABLE_FILE - string "SPL table file override" - help - Provide a mainboard-specific Security Patch Level (SPL) table file - override. The SPL file is required to support PSP FW anti-rollback - and needs to be created by AMD. The default SPL file specified in the - SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule - and applies to all boards that use the SoC without verstage on PSP. - In the verstage on PSP case, a different SPL file is specific as an - override via this Kconfig option. - -config HAVE_SPL_RW_AB_FILE - bool "Have a separate mainboard-specific SPL file in RW A/B partitions" - default n - depends on VBOOT_SLOTS_RW_AB - help - Have separate mainboard-specific Security Patch Level (SPL) table - file for the RW A/B FMAP partitions. - -config SPL_RW_AB_TABLE_FILE - string "Separate SPL table file override for RW A/B partitions" - config PSP_SOFTFUSE_BITS string "PSP Soft Fuse bits to enable" default "34 28 6" diff --git a/src/soc/amd/mendocino/Kconfig b/src/soc/amd/mendocino/Kconfig index ba204818fa..2fcd508862 100644 --- a/src/soc/amd/mendocino/Kconfig +++ b/src/soc/amd/mendocino/Kconfig @@ -64,6 +64,7 @@ config SOC_AMD_REMBRANDT_BASE select SOC_AMD_COMMON_BLOCK_PM select SOC_AMD_COMMON_BLOCK_PM_CHIPSET_STATE_SAVE select SOC_AMD_COMMON_BLOCK_PSP_GEN2 + select SOC_AMD_COMMON_BLOCK_PSP_SPL select SOC_AMD_COMMON_BLOCK_RESET select SOC_AMD_COMMON_BLOCK_SMBUS select SOC_AMD_COMMON_BLOCK_SMI @@ -406,39 +407,6 @@ config PSP_WHITELIST_FILE depends on HAVE_PSP_WHITELIST_FILE default "site-local/3rdparty/amd_blobs/mendocino/PSP/wtl-mdn.sbin" -config PERFORM_SPL_FUSING - bool "Send SPL fuse command to PSP" - default n - help - Send the Security Patch Level (SPL) fusing command to the PSP in - order to update the minimum SPL version to be written to the SoC's - fuse bits. This will prevent using any embedded firmware components - with lower SPL version. - - If unsure, answer 'n' - -config SPL_TABLE_FILE - string "SPL table file override" - help - Provide a mainboard-specific Security Patch Level (SPL) table file - override. The SPL file is required to support PSP FW anti-rollback - and needs to be created by AMD. The default SPL file specified in the - SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule - and applies to all boards that use the SoC without verstage on PSP. - In the verstage on PSP case, a different SPL file is specific as an - override via this Kconfig option. - -config HAVE_SPL_RW_AB_FILE - bool "Have a separate mainboard-specific SPL file in RW A/B partitions" - default n - depends on VBOOT_SLOTS_RW_AB - help - Have separate mainboard-specific Security Patch Level (SPL) table - file for the RW A/B FMAP partitions. - -config SPL_RW_AB_TABLE_FILE - string "Separate SPL table file override for RW A/B partitions" - config PSP_SOFTFUSE_BITS string "PSP Soft Fuse bits to enable" default "34 28 6" diff --git a/src/soc/amd/phoenix/Kconfig b/src/soc/amd/phoenix/Kconfig index c9aa32c770..9137bc5ce7 100644 --- a/src/soc/amd/phoenix/Kconfig +++ b/src/soc/amd/phoenix/Kconfig @@ -64,6 +64,7 @@ config SOC_AMD_PHOENIX select SOC_AMD_COMMON_BLOCK_PM select SOC_AMD_COMMON_BLOCK_PM_CHIPSET_STATE_SAVE select SOC_AMD_COMMON_BLOCK_PSP_GEN2 # TODO: Check if this is still correct + select SOC_AMD_COMMON_BLOCK_PSP_SPL select SOC_AMD_COMMON_BLOCK_RESET select SOC_AMD_COMMON_BLOCK_SMBUS select SOC_AMD_COMMON_BLOCK_SMI @@ -362,39 +363,6 @@ config PSP_WHITELIST_FILE depends on HAVE_PSP_WHITELIST_FILE default "site-local/3rdparty/amd_blobs/phoenix/PSP/wtl-phx.sbin" -config PERFORM_SPL_FUSING - bool "Send SPL fuse command to PSP" - default n - help - Send the Security Patch Level (SPL) fusing command to the PSP in - order to update the minimum SPL version to be written to the SoC's - fuse bits. This will prevent using any embedded firmware components - with lower SPL version. - - If unsure, answer 'n' - -config SPL_TABLE_FILE - string "SPL table file override" - help - Provide a mainboard-specific Security Patch Level (SPL) table file - override. The SPL file is required to support PSP FW anti-rollback - and needs to be created by AMD. The default SPL file specified in the - SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule - and applies to all boards that use the SoC without verstage on PSP. - In the verstage on PSP case, a different SPL file is specific as an - override via this Kconfig option. - -config HAVE_SPL_RW_AB_FILE - bool "Have a separate mainboard-specific SPL file in RW A/B partitions" - default n - depends on VBOOT_SLOTS_RW_AB - help - Have separate mainboard-specific Security Patch Level (SPL) table - file for the RW A/B FMAP partitions. - -config SPL_RW_AB_TABLE_FILE - string "Separate SPL table file override for RW A/B partitions" - config PSP_SOFTFUSE_BITS string "PSP Soft Fuse bits to enable" default "36 28 6" |