Age | Commit message (Collapse) | Author |
|
Done with sed and God Lines. Only done for C-like code for now.
Change-Id: I3d872f63d56711d39c8320ace2642cea2a23f545
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40130
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
|
|
Currently, those who want to use measured boot implemented within
vboot should enable verified boot first, along with sections such
as GBB and RW slots defined with manually written fmd files, even
if they do not actually want to verify anything.
As discussed in CB:34977, measured boot should be decoupled from
verified boot and make them two fully independent options. Crypto
routines necessary for measurement could be reused, and TPM and CRTM
init should be done somewhere other than vboot_logic_executed() if
verified boot is not enabled.
In this revision, only TCPA log is initialized during bootblock.
Before TPM gets set up, digests are not measured into tpm immediately,
but cached in TCPA log, and measured into determined PCRs right after
TPM is up.
This change allows those who do not want to use the verified boot
scheme implemented by vboot as well as its requirement of a more
complex partition scheme designed for chromeos to make use of the
measured boot functionality implemented within vboot library to
measure the boot process.
TODO: Measure MRC Cache somewhere, as MRC Cache has never resided in
CBFS any more, so it cannot be covered by tspi_measure_cbfs_hook().
Change-Id: I1fb376b4a8b98baffaee4d574937797bba1f8aee
Signed-off-by: Bill XIE <persmule@hardenedlinux.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35077
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
|
|
They're listed in AUTHORS and often incorrect anyway, for example:
- What's a "Copyright $year-present"?
- Which incarnation of Google (Inc, LLC, ...) is the current
copyright holder?
- People sometimes have their editor auto-add themselves to files even
though they only deleted stuff
- Or they let the editor automatically update the copyright year,
because why not?
- Who is the copyright holder "The coreboot project Authors"?
- Or "Generated Code"?
Sidestep all these issues by simply not putting these notices in
individual files, let's list all copyright holders in AUTHORS instead
and use the git history to deal with the rest.
Change-Id: I4c110f60b764c97fab2a29f6f04680196f156da5
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39610
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
|
|
Now that we have a CONFIG_NO_FMAP_CACHE to completely configure out the
pre-RAM FMAP cache code, there's no point in allowing the region to be
optional anymore. This patch makes the section required by the linker.
If a board doesn't want to provide it, it has to select NO_FMAP_CACHE.
Adding FMAP_CACHE regions to a couple more targets that I think can use
them but I don't know anything about... please yell if one of these is
a bad idea and I should mark them NO_FMAP_CACHE instead.
Change-Id: Ic7d47772ab3abfa7e3a66815c3739d0af071abc2
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37497
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
|
|
This patch uprevs the Arm Trusted Firmware submodule to the new upstream
master (commit 42cdeb930).
Arm Trusted Firmware unified a bunch of stuff related to BL31 handoff
parameters across platforms which involved changing a few names around.
This patch syncs coreboot back up with that. They also made header
changes that now allow us to directly include all the headers we need
(in a safer and cleaner way than before), so we can get rid of some
structure definitions that were duplicated. Since the version of entry
point info parameters we have been using has been deprecated in Trusted
Firmware, this patch switches to the new version 2 parameter format.
NOTE: This may or may not stop Cavium from booting with the current
pinned Trusted Firmware blob. Cavium maintainers are still evaluating
whether to fix that later or drop the platform entirely.
Tested on GOOGLE_KEVIN (rk3399).
Change-Id: I0ed32bce5585ce191736f0ff2e5a94a9d2b2cc28
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34676
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
|
|
The <inttypes.h> header currently does nothing but include the
definitions from <stdint.h>, so let's #include that directly instead.
Change-Id: I9d83ad37d0d7300a093001596ce3f0b3830c5701
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34800
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
|
|
Change-Id: I23bc0191ca8fcd88364e5c08be7c90195019e399
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32012
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: David Guckian
|
|
Also, extra-lines added or removed and local includes moved down.
Change-Id: I5e739233f3742fd68d537f671642bb04886e3009
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32009
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
Until now the TCPA log wasn't working correctly.
* Refactor TCPA log code.
* Add TCPA log dump fucntion.
* Make TCPA log available in bootblock.
* Fix TCPA log formatting.
* Add x86 and Cavium memory for early log.
Change-Id: Ic93133531b84318f48940d34bded48cbae739c44
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/29563
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
|
|
When <symbols.h> was first introduced, it only declared a handful of
regions and we didn't expect that too many architectures and platforms
would need to add their own later. However, our amount of platforms has
greatly expanded since, and with them the need for more special memory
regions. The amount of code duplication is starting to get unsightly,
and platforms keep defining their own <soc/symbols.h> files that need
this as well.
This patch adds another macro to cut down the definition boilerplate.
Unfortunately, macros cannot define other macros when they're called, so
referring to region sizes as _name_size doesn't work anymore. This patch
replaces the scheme with REGION_SIZE(name).
Not touching the regions in the x86-specific <arch/symbols.h> yet since
they don't follow the standard _region/_eregion naming scheme. They can
be converted later if desired.
Change-Id: I44727d77d1de75882c72a94f29bd7e2c27741dd8
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/31539
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
After CL:31122, we can finally define a memory type specific for BL31,
to make sure BL31 is not loaded on other reserved area.
Change-Id: Idbd9a7fe4b12af23de1519892936d8d88a000e2c
Signed-off-by: Ting Shen <phoenixshen@google.com>
Reviewed-on: https://review.coreboot.org/c/31123
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
Change-Id: I8213835ac18a31f1c10d80ba07b50d33f8abcbd9
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/30620
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Tristan Corrick <tristan@corrick.kiwi>
|
|
Change-Id: Idf10a09745756887a517da4c26db7a90a1bf9543
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/29403
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
|
|
Change-Id: I85f357739220f16497f65df1bb317d9d6eb54d9f
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/29046
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
|
|
Change-Id: I07c95b9ea14d47da0497470487fa3f162f8012c8
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/28789
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
|
|
* Add VERSTAGE and VBOOT_WORK to memlayout.
* Add hard and soft reset.
* Add missing makefile and kconfig includes.
Change-Id: I0d7e3c220f5c2c50c4ffe59ac929cb865bfac0ad
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/28022
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
|
|
Use precompiled BL31 from blobs repo.
There's no check for USE_BLOBS here as the included file is "free":
The BL31 is Open-Source and licensed under BSD.
Change-Id: I7e9eb429d11150d43aa070d1bd6a11ea71951ce3
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25751
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
|
|
Depends on Change-Id: I0f27b92a5e074966f893399eb401eb97d784850d
Apply additional devicetree fixes:
* Update SCLK from boot fuses
* Updated REFCLKUAA from UART ref clock divider settings
* Remove disabled PEM entries
* Remove phandle to disabled PEM entries
Fixes:
* Linux console wrong baud rate once the PL011 driver is started.
* thunderx-pem kernel module crash on disable PCIe ports.
Tested on Cavium SoC.
Change-Id: I7e8eefd913915a879dad28dfb7801a2018ed2985
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25382
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
|
|
* Add support for secure/unsecure split
* Use MMCONF to access devices in domain0
* Program MSIX vectors to fix a crash in GNU/Linux
Tested on Cavium CN81XX_EVB.
All PCI devices are visible.
Change-Id: I881f38a26a165e6bd965fcd73547473b5e32d4b0
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25750
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
Change-Id: I07428161615bcd3d03a3eea0df2dd813e08c8f66
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25752
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
|
|
Set cntfrq_el0 to provide correct timer frequency.
Change-Id: I4b6d0b0cf646a066fc5a51552a1891eccbd91e5e
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25450
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
* Configure and enable MMU.
* Cover the whole I/O space.
* A minimum of 512KB TTB space is required.
* Use secure mem attribute as firmware is running in ARM TZ region.
Tested on Cavium SoC.
Change-Id: I969446da62b4cc7adf9393fab69ff84ebf49220d
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/25371
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
|
|
This adds Cavium CN81xx SoC and SFF EVB files.
Code is based off of Cavium's Octeon-TX SDK:
https://github.com/Cavium-Open-Source-Distributions/OCTEON-TX-SDK
BDK coreboot differences:
bootblock:
- Get rid of BDK header
- Add Kconfig for link address
- Move CAR setup code into assembly
- Move unaligned memory access enable into assembly
- Implement custom bootblock entry function
- Add CLIB and CSIB blobs
romstage:
- Use minimal DRAM init only
devicetree:
- Convert FTD to static C file containing key value pairs
Tested on CN81xx:
- Boots to payload
- Tested with GNU/Linux 4.16.3
- All hardware is usable (after applying additional commits)
Implemented in future commits:
- Vboot integration
- MMU suuport
- L2 Cache handling
- ATF from external repo
- Devicetree patching
- Extended DRAM testing
- UART init
Not working:
- Booting a payload
- Booting upstream ATF
TODO:
- Configuration straps
Change-Id: I47b4412d29203b45aee49bfa026c1d86ef7ce688
Signed-off-by: David Hendricks <dhendricks@fb.com>
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/23037
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: David Hendricks <david.hendricks@gmail.com>
|