summaryrefslogtreecommitdiff
path: root/src/vendorcode/google
AgeCommit message (Collapse)Author
2019-03-04vendorcode/google/chromeos: Save VPD region into GNVSDuncan Laurie
Store the memory address of VPD region start and length for the memory mapped RO_VPD and RW_VPD into GNVS so they can be used by ACPI code. BUG=b:123925776 TEST=boot on sarien and verify VPD start/length in GNVS Change-Id: I39073a9d78f5ff60bfe088860c087a5167f05fdf Signed-off-by: Duncan Laurie <dlaurie@google.com> Reviewed-on: https://review.coreboot.org/c/31667 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Lijian Zhao <lijian.zhao@intel.com>
2019-02-22symbols.h: Add macro to define memlayout region symbolsJulius Werner
When <symbols.h> was first introduced, it only declared a handful of regions and we didn't expect that too many architectures and platforms would need to add their own later. However, our amount of platforms has greatly expanded since, and with them the need for more special memory regions. The amount of code duplication is starting to get unsightly, and platforms keep defining their own <soc/symbols.h> files that need this as well. This patch adds another macro to cut down the definition boilerplate. Unfortunately, macros cannot define other macros when they're called, so referring to region sizes as _name_size doesn't work anymore. This patch replaces the scheme with REGION_SIZE(name). Not touching the regions in the x86-specific <arch/symbols.h> yet since they don't follow the standard _region/_eregion naming scheme. They can be converted later if desired. Change-Id: I44727d77d1de75882c72a94f29bd7e2c27741dd8 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/31539 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-02-13coreboot: check Cr50 PM mode on normal bootKeith Short
Under some scenarios the key ladder on the Cr50 can get disabled. If this state is detected, trigger a reboot of the Cr50 to restore full TPM functionality. BUG=b:121463033 BRANCH=none TEST=Built coreboot on sarien and grunt platforms. TEST=Ran 'gsctool -a -m disable' and reboot. Verified coreboot sends VENDOR_CC_IMMEDIATE_RESET command to Cr50 and that the Cr50 resets and then the platform boots normally. TEST=Performed Cr50 rollback to 0.0.22 which does not support the VENDOR_CC_TPM_MODE command, confirmed that platform boots normally and the coreboot log captures the unsupported command. Tested-by: Keith Short <keithshort@chromium.org> Change-Id: I70e012efaf1079d43890e909bc6b5015bef6835a Signed-off-by: Keith Short <keithshort@chromium.org> Reviewed-on: https://review.coreboot.org/c/31260 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-02-01vendorcode/google/chromeos: Use ACPI GPIO pin when possibleDuncan Laurie
Have the generated Chrome OS ACPI GPIO table provide the ACPI GPIO pin number instead of the raw GPIO number when possible. This is necessary if the OS uses a different numbering for GPIOs that are reported in ACPI than the actual underlying GPIO number. For example, if the SOC OS driver declares more pins in an ACPI GPIO bank than there are actual pins in the hardware it will have gaps in the number space. This is a reworked version of 6217e9beff16d805ca833e79a2931bcdb3d02a44 which does not try to convert CROS_GPIO_VIRTUAL. BUG=b:120686247 TEST=pass firmware_WriteProtect test on Sarien Signed-off-by: Duncan Laurie <dlaurie@google.com> Change-Id: I3ad5099b7f2f871c7e516988f60a54eb2a75bef7 Reviewed-on: https://review.coreboot.org/c/31080 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Subrata Banik <subrata.banik@intel.com> Reviewed-by: Nico Huber <nico.h@gmx.de>
2019-01-25vendorcode/google/chromeos: Add mainboard hook before cr50 updateDuncan Laurie
In order to allow the mainboard to configure the system before a cr50 initiated update reset add a weak function that the mainboard can override if necessary. This will allow a board that would otherwise be configured to stay off after an EC reset to instead power up after the reset and not end up in a shut down state after a cr50 update. BUG=b:121380403 TEST=update cr50 firmware on sarien and reboot Change-Id: I11f9e8c9bfe810f69b4eaa2c633252c25004cbd0 Signed-off-by: Duncan Laurie <dlaurie@google.com> Reviewed-on: https://review.coreboot.org/c/31057 Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-12-21chromeos: Provide watchdog support in verstageYou-Cheng Syu
Some boards may want to initialize watchdog in verstage instead of bootblock or ramstage, so we need to add watchdog support in verstage. BRANCH=none BUG=b:120588396 TEST=build successfully Change-Id: I13ab84f54d576a0e8c723070b5d9aadd9d63f87c Signed-off-by: You-Cheng Syu <youcheng@google.com> Reviewed-on: https://review.coreboot.org/c/30329 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Hung-Te Lin <hungte@chromium.org>
2018-12-17Revert "vendorcode/google/chromeos: Get ACPI pin from GPIO library"Duncan Laurie
This reverts commit 6217e9beff16d805ca833e79a2931bcdb3d02a44. Reason for revert: boards with CROS_GPIO_VIRTUAL selected in absence of dedicated recovery GPIO pin is die-ing now at gpio.c file line. 127 Signed-off-by: Duncan Laurie <dlaurie@google.com> Change-Id: Ief20681b2a7ed4d15fd2d637ae034d54a96b2d6f Reviewed-on: https://review.coreboot.org/c/30278 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Subrata Banik <subrata.banik@intel.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-12-17vendorcode/google: support multiple SAR filenamesJustin TerAvest
Using a fixed filename only allows for one SAR configuration to be checked into CBFS. However, we have devices with shared firmware that would desire separate SAR configurations. This change allows boards to define a function to select one of multiple files stored in CBFS to be used. BUG=b:120958726 BRANCH=octopus TEST=build Signed-off-by: Justin TerAvest <teravest@chromium.org> Change-Id: Ib852aaaff39f1e9149fa43bf8dc25b2400737ea5 Reviewed-on: https://review.coreboot.org/c/30222 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-12-14vendorcode/google/chromeos: Get ACPI pin from GPIO libraryDuncan Laurie
If the generic GPIO library is enabled the code that generates the GPIO table in ACPI should attempt to get the GPIO pin value from the gpio_acpi_pin() function. BUG=b:120686247 TEST=Tested on Sarien board to ensure that GPIO pin exported by Chrome OS for the Write Protect signal is correct. Change-Id: I267694b576009f79bacac6eda5f32bbf51742d78 Signed-off-by: Duncan Laurie <dlaurie@google.com> Reviewed-on: https://review.coreboot.org/c/30132 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-11-08security/vboot: Add selection for firmware slots used by VBOOTPhilipp Deppenwiese
Make the firmware slot configuration in VBOOT selectable. The following three modes are available: -RO only -RO + RW_A -RO + RW_A + RW_B The mode "RO only" is the lowest mode with no safety during update. You can select either RW_A or RW_AB via Kconfig which will add the selected parttions to the final image. Change-Id: I278fc060522b13048b00090b8e5261c14496f56e Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/27714 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2018-11-01sb/intel/lynxpoint: Include <stdint.h> to fix compilation errorsTristan Corrick
If the file `southbridge/intel/lynxpoint/nvs.h` is included in a file that does not already include <stdint.h>, compilation errors result. Adding the necessary <stdint.h> inclusions fixes compilation for an ASRock H81M-HDS. Change-Id: Id0d14705282cc959146e00dd47754ee8a2e8e825 Signed-off-by: Tristan Corrick <tristan@corrick.kiwi> Reviewed-on: https://review.coreboot.org/29389 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Nico Huber <nico.h@gmx.de>
2018-10-22reset: Provide new single-function reset APINico Huber
board_reset() replaces the existing common reset API. There is no common distinction between reset types across platforms, hence, common code could never decide which one to call. Currently only hard_reset() is used by common code. We replace these calls and provide a fall-back to the current hard_reset() implemen- tation. The fall-back will be removed along with hard_reset() after the transition of all boards. Change-Id: I274a8cee9cb38226b5a0bdff6a847c74ef0b3128 Signed-off-by: Nico Huber <nico.h@gmx.de> Reviewed-on: https://review.coreboot.org/29047 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-10-15vc/google/chromeos/ec: remove EC hibernate in cr50 update pathAaron Durbin
More platforms are not able to hibernate under certain circumstances, such as when AC is plugged. This original path was conservatively put in to prevent potential damage when cr50-update-caused asynchronous resets occur. Julius' compelling argument that async resets from recovery mode requests should have enough coverage of the design over the course of project development. Remove the hibernate path and assume all is well going forward. Change-Id: I37121e75ff4e6abcb41d8534a1eccf0788ce2ea2 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/29076 Reviewed-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Jett Rink <jettrink@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-10-08Move compiler.h to commonlibNico Huber
Its spreading copies got out of sync. And as it is not a standard header but used in commonlib code, it belongs into commonlib. While we are at it, always include it via GCC's `-include` switch. Some Windows and BSD quirk handling went into the util copies. We always guard from redefinitions now to prevent further issues. Change-Id: I850414e6db1d799dce71ff2dc044e6a000ad2552 Signed-off-by: Nico Huber <nico.h@gmx.de> Reviewed-on: https://review.coreboot.org/28927 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-09-09drivers/vpd: Add VPD supportPatrick Rudolph
VPD reference: https://chromium.googlesource.com/chromiumos/platform/vpd/+/master/README.md Copy ChromeOS VPD driver to add support for VPD without CROMEOS. Possible use case: * Storing calibration data * Storing MAC address * Storing serial * Storing boot options + Now it's possible to define the VPD space by choosing one of the following enums: VPD_ANY, VPD_RW, VPD_RO. + CHROMEOS selects now VPD as part of it. + VPD is implemented as driver. Change-Id: Id9263bd39bf25d024e93daa57053fefcb1adc53a Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com> Reviewed-on: https://review.coreboot.org/25046 Reviewed-by: David Hendricks <david.hendricks@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-09-06acpi/gnvs: delay setting chromeos_apci_t.vdat until depthchargeJoel Kitching
Standardize on using vboot_handoff data structure for transferring data between coreboot and depthcharge. chromeos_acpi_t.vdat is undefined until set in depthcharge. BUG=b:112288216 TEST=compile and run on eve CQ-DEPEND=CL:1198814 Change-Id: Iccc021334d3c6f0145dffd5ca05beb9e430378a9 Signed-off-by: Joel Kitching <kitching@gmail.com> Reviewed-on: https://review.coreboot.org/28407 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2018-09-06chromeos/gnvs: remove function and naming cleanupJoel Kitching
- Remove unused acpi_get_chromeos_acpi_info (see CB:28190) - Make function naming in gnvs.h consistent (start with "chromeos_") BUG=b:112288216 TEST=compile and run on eve Change-Id: I5b0066bc311b0ea995fa30bca1cd9235dc9b7d1b Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/28406 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Furquan Shaikh <furquan@google.com>
2018-08-28acpi: Hide Chrome and coreboot specific devicesDavid Wu
Some ACPI interfaces introduced by Chrome or coreboot do not need drivers outside ChromeOS, for example Chrome EC or coreboot table; or will be probed by direct ACPI calls (instead of trying to find drivers by device IDs). These interfaces should be set to hidden so non-ChromeOS systems, for example Windows, won't have problem finding driver. Interfaces changed: - coreboot (BOOT0000), only used by Chrome OS / Linux kernel. - Chrome OS EC - Chrome OS EC PD - Chrome OS TBMC - Chrome OS RAMoops BUG=b:72200466 BRANCH=eve TEST=Boot into non-ChromeOS systems (for example Windows) and checked ACPI devices on UI. Change-Id: I9786cf9ee07b2c3f11509850604f2bfb3f3e710a Signed-off-by: David Wu <David_Wu@quanta.corp-partner.google.com> Reviewed-on: https://chromium-review.googlesource.com/1078211 Reviewed-by: Hung-Te Lin <hungte@chromium.org> Commit-Queue: Hung-Te Lin <hungte@chromium.org> Tested-by: Hung-Te Lin <hungte@chromium.org> Trybot-Ready: Hung-Te Lin <hungte@chromium.org> Reviewed-on: https://review.coreboot.org/28333 Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-08-22cbtable: remove chromeos_acpi from cbtableJoel Kitching
Since we can derive chromeos_acpi's location from that of ACPI GNVS, remove chromeos_acpi entry from cbtable and instead use acpi_gnvs + GVNS_CHROMEOS_ACPI_OFFSET. BUG=b:112288216 TEST=None CQ-DEPEND=CL:1179725 Change-Id: I74d8a9965a0ed7874ff03884e7a921fd725eace9 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/28190 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-08-17cr50: Allow boards to disable powering off EC on cr50 updateDaisuke Nojiri
This patch allows boards to disable turning off EC on cr50 update. If CR50 resets the whole system, an EC reset is not required. BUG=b:112604277 BRANCH=none TEST=gsctool -a -u /media/removable/cr50.bin && reboot Verify EC reboots. AP prints 'Waiting for CR50 reset to pick up update' then reboots. Change-Id: I60a7aa50a549e7a5a1a114245fbf7b9646d813bb Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/28110 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-08-14cbmem: rename vdat to chromeos_acpiJoel Kitching
There is a confusingly named section in cbmem called vdat. This section holds a data structure called chromeos_acpi_t, which exposes some system information to the Chrome OS userland utility crossystem. Within the chromeos_acpi_t structure, there is a member called vdat. This (currently) holds a VbSharedDataHeader. Rename the outer vdat to chromeos_acpi to make its purpose clear, and prevent the bizarreness of being able to access vdat->vdat. Additionally, disallow external references to the chromeos_acpi data structure in gnvs.c. BUG=b:112288216 TEST=emerge-eve coreboot, run on eve CQ-DEPEND=CL:1164722 Change-Id: Ia74e58cde21678f24b0bb6c1ca15048677116b2e Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/27888 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-07-13intel/wifi: Add WGDS ACPI method for Geo Aware SARPratik Prajapati
To comply with all relevant bodies throughout the world, SAR settings take into account the lowest common denominator Tx power settings. This setup may lead to non-optimal performance when the user location is in a country that may allow higher power setting. The purpose of Wireless Geo Delta Settings (WGDS) is to provide offset settings for FCC, Europe, Japan and Rest of the world. These offsets would be added (by Intel wifi driver) to the base SAR Tx Power as defined in WRDS and EWRD BUG=b:65155728 BRANCH=none TEST=WGDS ACPI table gets created as expected. Change-Id: I4f602e3f95ff3545db6cc6e428beb9a36abd9296 Signed-off-by: Pratik Prajapati <pratikkumar.v.prajapati@intel.com> Reviewed-on: https://review.coreboot.org/21098 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-06-04security/tpm: Unify the coreboot TPM software stackPhilipp Deppenwiese
* Remove 2nd software stack in pc80 drivers directory. * Create TSPI interface for common usage. * Refactor TSS / TIS code base. * Add vendor tss (Cr50) directory. * Change kconfig options for TPM to TPM1. * Add user / board configuration with: * MAINBOARD_HAS_*_TPM # * BUS driver * MAINBOARD_HAS_TPM1 or MAINBOARD_HAS_TPM2 * Add kconfig TPM user selection (e.g. pluggable TPMs) * Fix existing headers and function calls. * Fix vboot for interface usage and antirollback mode. Change-Id: I7ec277e82a3c20c62a0548a1a2b013e6ce8f5b3f Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/24903 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-01-18security/tpm: Change TPM naming for different layers.Philipp Deppenwiese
* Rename tlcl* to tss* as tpm software stack layer. * Fix inconsistent naming. Change-Id: I206dd6a32dbd303a6d4d987e424407ebf5c518fa Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22104 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2018-01-18security/tpm: Move tpm TSS and TSPI layer to security sectionPhilipp Deppenwiese
* Move code from src/lib and src/include into src/security/tpm * Split TPM TSS 1.2 and 2.0 * Fix header includes * Add a new directory structure with kconfig and makefile includes Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22103 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-12-08cr50: Make EC clear AP_OFF before hibnernateDaisuke Nojiri
This patch makes AP send EC_REBOOT_HIBERNATE_CLEAR_AP_OFF, which makes EC clear AP_OFF flag then hibernate. This is needed to make Chromebox boot when cr50 toggles the EC's reset line after TURN_UPDATE_ON command. BUG=b:69721737 BRANCH=none CQ-DEPEND=CL:802632 TEST=Verify Fizz reboot after cr50 update. Change-Id: I5f590286393ac21382cab64afdccae92d3fc14ba Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/22657 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-12-04security/vboot: Guard google_chromeec_reboot by if clauseDaisuke Nojiri
794d222886 "cr50_enable_update: Add printk before EC hibernate" inserted printk and kicked out google_chromeec_reboot from the if-clause. This patch fixes it. BUG=none BRANCH=none TEST=none Change-Id: I058e929e2acd883d2265b2ab019743e3849cb3af Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/22668 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-10-22security/vboot: Move vboot2 to security kconfig sectionPhilipp Deppenwiese
This commit just moves the vboot sources into the security directory and fixes kconfig/makefile paths. Fix vboot2 headers Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22074 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2017-10-20cr50_enable_update: Add printk before EC hibernateShelley Chen
Add printout before EC hibernates during a cr50 update to clarify that failure is due to EC rather than cr50. Ran into a situation where DUT shut down during cr50 update and the EC was the culprit. BUG=None BRANCH=None TEST=None Change-Id: I54813fec123de69604d1da4dfc65eaeb77d1662e Signed-off-by: Shelley Chen <shchen@chromium.org> Reviewed-on: https://review.coreboot.org/22120 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-07-13Rename __attribute__((packed)) --> __packedStefan Reinauer
Also unify __attribute__ ((..)) to __attribute__((..)) and handle ((__packed__)) like ((packed)) Change-Id: Ie60a51c3fa92b5009724a5b7c2932e361bf3490c Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-on: https://review.coreboot.org/15921 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-07-08src/vendorcode: add IS_ENABLED() around Kconfig symbol referencesMartin Roth
Change-Id: I891cb4f799aaafcf4a0dd91b5533d2f8db7f3d61 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/20357 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-05-05cr50: check if the new image needs to be enabled and act on itVadim Bendebury
The AP sends the Cr50 a request to enable the new firmware image. If the new Cr50 image was found and enabled, the AP expects the Cr50 to reset the device in 1 second. While waiting for the Cr50 to reset, the AP logs a newly defined event and optionally shuts down the system. By default the x86 systems power off as shutting those systems down is not board specific. BRANCH=gru,reef BUG=b:35580805 TEST=built a reef image, observed that in case cr50 image is updated, after the next reboot the AP stops booting before loading depthcharge, reports upcoming reset and waits for it. Once the system is booted after that, the new event can be found in the log: localhost ~ # mosys eventlog list ... 7 | 2017-03-23 18:42:12 | Chrome OS Developer Mode 8 | 2017-03-23 18:42:13 | Unknown | 0xac 9 | 2017-03-23 18:42:21 | System boot | 46 ... Change-Id: I45fd6058c03f32ff8edccd56ca2aa5359d9b21b1 Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/18946 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-04-24Kconfig: provide MAINBOARD_HAS_TPM_CR50 optionAaron Durbin
The CR50 TPM can do both SPI and I2C communication. However, there's situations where policy needs to be applied for CR50 generically regardless of the I/O transport. Therefore add MAINBOARD_HAS_TPM_CR50 to encompass that. Additionally, once the mainboard has selected CR50 TPM automatically select MAINBOARD_HAS_TPM2 since CR50 TPM is TPM 2.0. Change-Id: I878f9b9dc99cfb0252d6fef7fc020fa3d391fcec Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/19370 Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins)
2017-03-28vboot: Move remaining features out of vendorcode/google/chromeosJulius Werner
This patch attempts to finish the separation between CONFIG_VBOOT and CONFIG_CHROMEOS by moving the remaining options and code (including image generation code for things like FWID and GBB flags, which are intrinsic to vboot itself) from src/vendorcode/google/chromeos to src/vboot. Also taking this opportunity to namespace all VBOOT Kconfig options, and clean up menuconfig visibility for them (i.e. some options were visible even though they were tied to the hardware while others were invisible even though it might make sense to change them). CQ-DEPEND=CL:459088 Change-Id: I3e2e31150ebf5a96b6fe507ebeb53a41ecf88122 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/18984 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-03-28chromeos / broadwell / jecht: Make save_chromeos_gpios() jecht-specificJulius Werner
This callback was only required for a single mainboard, and it can easily be moved to mainboard-specific code. This patch removes it from the global namespace and isolates it to the Jecht board. (This makes it easier to separate vboot and chromeos code in a later patch.) Change-Id: I9cf67a75a052d1c86eda0393b6a9fbbe255fedf8 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/18981 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2017-03-28vboot: Assume EC_SOFTWARE_SYNC and VIRTUAL_DEV_SWITCH by defaultJulius Werner
The virtualized developer switch was invented five years ago and has been used on every vboot system ever since. We shouldn't need to specify it again and again for every new board. This patch flips the Kconfig logic around and replaces CONFIG_VIRTUAL_DEV_SWITCH with CONFIG_PHYSICAL_DEV_SWITCH, so that only a few ancient boards need to set it and it fits better with CONFIG_PHYSICAL_REC_SWITCH. (Also set the latter for Lumpy which seems to have been omitted incorrectly, and hide it from menuconfig since it's a hardware parameter that shouldn't be configurable.) Since almost all our developer switches are virtual, it doesn't make sense for every board to pass a non-existent or non-functional developer mode switch in the coreboot tables, so let's get rid of that. It's also dangerously confusing for many boards to define a get_developer_mode() function that reads an actual pin (often from a debug header) which will not be honored by coreboot because CONFIG_PHYSICAL_DEV_SWITCH isn't set. Therefore, this patch removes all those non-functional instances of that function. In the future, either the board has a physical dev switch and must define it, or it doesn't and must not. In a similar sense (and since I'm touching so many board configs anyway), it's annoying that we have to keep selecting EC_SOFTWARE_SYNC. Instead, it should just be assumed by default whenever a Chrome EC is present in the system. This way, it can also still be overridden by menuconfig. CQ-DEPEND=CL:459701 Change-Id: If9cbaa7df530580a97f00ef238e3d9a8a86a4a7f Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/18980 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-03-28chromeos: Remove old MOCK_TPM referencesJulius Werner
The correct way to mock out vboot TPM accesses these days is the CONFIG_VBOOT_MOCK_SECDATA Kconfig option. There are some remnants of older TPM-mocking infrastructure in our codebase that are as far as I can tell inert. Remove them. Change-Id: I3e00c94b71d53676e6c796e0bec0f3db67c78e34 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/18977 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2017-03-09vboot/tpm2: enable nvmem commits on cr50 when writing firmware secdataAaron Durbin
cr50 by default delays nvmem commits internally from the point of reset to accumulate change state. However, the factory process can put a board into dev mode through the recovery screen. This state is stored in the TPM's nvmem space. When the factory process is complete a disable_dev_request and battery_cutoff_request is performed. This leads to disabling the dev mode in TPM, but the battery is subsequently cut off so the nvmem contents never stick. Therefore, whenever antirollback_write_space_firmware() is called we know there was a change in secdata so request cr50 to immediately enable nvmem commits going forward. This allows state changes to happen immediately. The fallout from this is that when secdata is changed that current boot will take longer because every transaction that writes to TPM nvmem space will perform a write synchronously. All subsequent boots do not have that effect. It should also be noted that this approach to the implementation is a pretty severe layering violation. However, the current TPM APIs don't lend themselves well to extending commands or re-using code outside of the current routines which inherently assume all knowledge of every command (in conflict with vendor commands since those are vendor-specific by definition). BUG=b:35775104 BRANCH=reef TEST=Confirmed disablement of dev mode sticks in the presence of: crossystem disable_dev_request=1; crossystem battery_cutoff_request=1; reboot; Change-Id: I3395db9cbdfea45da1f5cb994c6570978593b944 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/18681 Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Tested-by: build bot (Jenkins)
2017-03-08chromeos/elog: Filter developer mode entry on S3 resumeDuncan Laurie
The event log entry indicating developer mode is useful for the boot path, but is not really useful on the resume path and removing it makes the event log easier to read when developer mode is enabled. To make this work I have to use #ifdef around the ACPI code since this is shared with ARM which does not have acpi.h. BUG=b:36042662 BRANCH=none TEST=perform suspend/resume on Eve and check that the event log does not have an entry for Chrome OS Developer Mode. Change-Id: I1a9d775d18e794b41c3d701e5211c238a888501a Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/18665 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2017-01-24Revert "chromeos: Fill in the firmware id (RO, RW A, RW B) FMAP sections"Patrick Georgi
This reverts commit 580db7fd9036134b1da4fe7340e306fee4681659. There's a (parallel) mechanism more closely aligned with how the values are filled in (fixed device part + version string) that landed from Chrome OS downstream (see commit 4399b85fdd). Change-Id: I5ccd06eadabb396452cc9d1d4dff780ea0720523 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: https://review.coreboot.org/18205 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-12google/chromeos: disable platform hierarchy on resume for TPM2Aaron Durbin
On Chrome OS devices that use TPM2 parts the platform hierarchy is disabled by the boot loader, depthcharge. Since the bootloader isn't involved in resuming a suspended machine there's no equivalent action in coreboot to disable the platform hierarchy. Therefore, to ensure consistent state in resume the platform hierarchy in the TPM2 needs to be disabled as well. For systems that resume using the firmware the platform hierarchy is disabled when utilizing TPM2 devices. BUG=chrome-os-partner:61097 BRANCH=reef TEST=Suspend and resume. Confirmed 'stop trunksd; tpmc getvf; start trunksd' shows that phEnable is 0. Change-Id: I060252f338c8fd68389273224ee58caa99881de8 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/18096 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2017-01-11chromeos: fix build issues within sar.cRobbie Zhang
Build issues were somehow overlooked in commit ed840023a84915ece4bc63edffef979926107d55: 1. hexstrtobin is not defined (needs the lib.h); 2. coreboot default compiler doesn't like variable initialization within for loop. BUG=chrome-os-partner:60821 TEST=Build and boot lars and reef Change-Id: Ie52c1f93eee7d739b8aaf59604875f179dff60d0 Signed-off-by: Robbie Zhang <robbie.zhang@intel.com> Reviewed-on: https://review.coreboot.org/18076 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-01-09chromeos: Implement locating and decoding wifi sar data from VPDRobbie Zhang
A VPD entry "wifi_sar" needs to be created which contains a heximal encoded string in length of 40 bytes. get_wifi_sar_limits() function retrieves and decodes the data from the VPD entry, which would later be consumed by platform code. BUG=chrome-os-partner:60821 TEST=Build and boot lars and reef Change-Id: I923b58a63dc1f8a7fdd685cf1c618b2fdf4e7061 Signed-off-by: Robbie Zhang <robbie.zhang@intel.com> Reviewed-on: https://review.coreboot.org/17958 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-12-13vendorcode/google/chromeos: provide acpi phase enforcement pin macrosAaron Durbin
In the factory it's helpful for knowing when a system being built is meant for release with all the security features locked down. Provide support for exporting this type of pin in the acpi tables. BUG=chrome-os-partner:59951 BRANCH=reef Change-Id: Iec70249f19fc36e5c9c3a05b1395f84a3bcda9d0 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/17802 Tested-by: build bot (Jenkins) Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2016-12-13vendorcode/google/chromeos: zero out SHARED_DATA regionPatrick Georgi
BUG=chromium:595715 BRANCH=none TEST=/build/$board/firmware/coreboot.rom has a zeroed out SHARED_DATA region if it exists. Change-Id: Ib1e6fd62bcf987872890c6d155287dcedb0b1f40 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: e8a88bf744f44d034f8606a556014e2bee37eda1 Original-Change-Id: I0b59f1f0e2f8645000f83cb3ca7f49e4da726341 Original-Signed-off-by: Patrick Georgi <pgeorgi@google.com> Original-Reviewed-on: https://chromium-review.googlesource.com/417821 Original-Commit-Ready: Patrick Georgi <pgeorgi@chromium.org> Original-Tested-by: Patrick Georgi <pgeorgi@chromium.org> Original-Reviewed-by: Stefan Reinauer <reinauer@chromium.org> Reviewed-on: https://review.coreboot.org/17789 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-12-13vendorcode/google/chromeos: Fill in firmware ID regionsPatrick Georgi
Chrome OS images have three firmware ID regions, to store version information for the read-only and the two read-write areas. Fill them with a suitable default and allow configuring a different scheme. There's already an override in google/foster and google/rotor to match the naming scheme used so far (in depthcharge). BUG=chromium:595715 BRANCH=none TEST=/build/$board/firmware/coreboot.rom has the expected values in the regions. Change-Id: I5fade5971135fa0347d6e13ec72909db83818959 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: d2e3be81faa8d21f92325294530714a4b18a1b3e Original-Change-Id: I2fa2d51eacd832db6864fb67b6481b4d27889f52 Original-Signed-off-by: Patrick Georgi <pgeorgi@google.com> Original-Reviewed-on: https://chromium-review.googlesource.com/417320 Original-Commit-Ready: Patrick Georgi <pgeorgi@chromium.org> Original-Tested-by: Patrick Georgi <pgeorgi@chromium.org> Original-Reviewed-by: Stefan Reinauer <reinauer@chromium.org> Reviewed-on: https://review.coreboot.org/17788 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-11-18google/chromeec: Add common infrastructure for boot-mode switchesFurquan Shaikh
Instead of defining the same functions for reading/clearing boot-mode switches from EC in every mainboard, add a common infrastructure to enable common functions for handling boot-mode switches if GOOGLE_CHROMEEC is being used. Only boards that were not moved to this new infrastructure are those that do not use GOOGLE_CHROMEEC or which rely on some mainboard specific mechanism for reading boot-mode switches. BUG=None BRANCH=None TEST=abuild compiles all boards successfully with and without ChromeOS option. Change-Id: I267aadea9e616464563df04b51a668b877f0d578 Signed-off-by: Furquan Shaikh <furquan@chromium.org> Reviewed-on: https://review.coreboot.org/17449 Tested-by: build bot (Jenkins) Reviewed-by: Julius Werner <jwerner@chromium.org>
2016-11-14vboot: Add new function for logging recovery mode switchesFurquan Shaikh
BUG=chrome-os-partner:59352 BRANCH=None TEST=Compiles successfully Change-Id: I87cd675ea45a8b05a178cf64119bf5f9d8d218ca Signed-off-by: Furquan Shaikh <furquan@chromium.org> Reviewed-on: https://review.coreboot.org/17408 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-11-09vendorcode/google: add common smbios mainboard version supportAaron Durbin
Provide an option to deliver the mainboard smbios version in the form of 'rev%d' based on the board_id() value. BUG=chromium:663243 Change-Id: If0a34935f570612da6e0c950fd7e8f0d92b6984f Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/17290 Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins)
2016-10-02Kconfig: Update default hex values to start with 0xMartin Roth
Kconfig hex values don't need to be in quotes, and should start with '0x'. If the default value isn't set this way, Kconfig will add the 0x to the start, and the entry can be added unnecessarily to the defconfig since it's "different" than what was set by the default. A check for this has been added to the Kconfig lint tool. Change-Id: I86f37340682771700011b6285e4b4af41b7e9968 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/16834 Tested-by: build bot (Jenkins) Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2016-08-19drivers/elog: use region_device for NV storageAaron Durbin
Instead of assuming SPI backing use a region_device to abstract away the underlying storage mechanism. BUG=chrome-os-partner:55932 Change-Id: I6b0f5a7e9bea8833fb1bca87e02abefab63acec3 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/16204 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com>
2016-08-16vboot: Move TPM-related Kconfig selects from CHROMEOS to VBOOTJulius Werner
CONFIG_VBOOT was recently moved to be independent from CONFIG_CHROMEOS. However, the latter still has some 'select' clauses to ensure that required TPM libraries are built. The TPM is an essential part of vboot, and without these libraries the vboot code cannot compile... therefore, they should be moved under CONFIG_VBOOT. Change-Id: I0145558e5127c65c6a82d62f25b5a39e24cb8726 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/16229 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-08-15Kconfig: remove unused MULTIPLE_CBFS_INSTANCES optionAaron Durbin
This option is no longer used in the code base. Remove it. BUG=chrome-os-partner:56151 Change-Id: Ia73cce7546c9839518c9e931b03c50856abc2018 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/16186 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com>
2016-08-13chromeos: Make CHROMEOS_RAMOOPS_NON_ACPI a default for non-ACPI boardsJulius Werner
This patch enables the CHROMEOS_RAMOOPS_NON_APCI Kconfig option as a default across all non-x86 Chrome OS boards. CQ-DEPEND=CL:367905 BRANCH=None BUG=None TEST=See depthcharge CL. Change-Id: If14ef4f9b1bd480f2d52df3892c73059bb9b07d5 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 8c3b74fb21aadd6de7af62f32fa98fc211d75085 Original-Change-Id: I16ff7f68762a995cd38e5fddaf6971d4b9f07e21 Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/368010 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/16154 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2016-08-08vendorcode/google/chromeos: remove unnecessary includes in elog.cAaron Durbin
The elog.c file had stale includes no longer needed. Remove them. BUG=chrome-os-partner:55932 Change-Id: I891a57d08281c3c56e9d35489d6dea6c47eaa27b Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/16085 Tested-by: build bot (Jenkins) Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2016-08-08Use VBOOT_SOURCE instead of hardcoding vboot pathPaul Kocialkowski
This replaces all occurrences of a hardcoded vboot path to the VBOOT_SOURCE variable, that may be overridden from the command line, witch fallback to the source from 3rdparty. Change-Id: Ia57d498d38719cc71e17060b76b0162c4ab363ed Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: https://review.coreboot.org/15825 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2016-07-30chromeos mainboards: remove chromeos.aslAaron Durbin
Use the ACPI generator for creating the Chrome OS gpio package. Each mainboard has its own list of Chrome OS gpios that are fed into a helper to generate the ACPI external OIPG package. Additionally, the common chromeos.asl is now conditionally included based on CONFIG_CHROMEOS. Change-Id: I1d3d951964374a9d43521879d4c265fa513920d2 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/15909 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2016-07-28chromeos/gnvs: Clean up use of vboot handoffFurquan Shaikh
BUG=chrome-os-partner:55639 Change-Id: I40a28f921499ddf43d8b423f5192ac93b40254c1 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15903 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2016-07-28chromeos: Clean up elog handlingFurquan Shaikh
1. Currenty, boot reason is being added to elog only for some ARM32/ARM64 platforms. Change this so that boot reason is logged by default in elog for all devices which have CHROMEOS selected. 2. Add a new option to select ELOG_WATCHDOG_RESET for the devices that want to add details about watchdog reset in elog. This requires a special region WATCHDOG to be present in the memlayout. 3. Remove calls to elog add boot reason and watchdog reset from mainboards. BUG=chrome-os-partner:55639 Change-Id: I91ff5b158cfd2a0749e7fefc498d8659f7e6aa91 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15897 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2016-07-28google/chromeos: Use vboot bootmode functions for elog add boot reasonFurquan Shaikh
BUG=chrome-os-partner:55639 Change-Id: I3ac2b256862758bb5c9e6c2f1311972af474e8f6 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15870 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-07-28bootmode: Get rid of CONFIG_BOOTMODE_STRAPSFurquan Shaikh
With VBOOT_VERIFY_FIRMWARE separated from CHROMEOS, move recovery and developer mode check functions to vboot. Thus, get rid of the BOOTMODE_STRAPS option which controlled these functions under src/lib. BUG=chrome-os-partner:55639 Change-Id: Ia2571026ce8976856add01095cc6be415d2be22e Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15868 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-07-28vboot: Separate vboot from chromeosFurquan Shaikh
VBOOT_VERIFY_FIRMWARE should be independent of CHROMEOS. This allows use of verified boot library without having to stick to CHROMEOS. BUG=chrome-os-partner:55639 Change-Id: Ia2c328712caedd230ab295b8a613e3c1ed1532d9 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15867 Tested-by: build bot (Jenkins) Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2016-07-27Rename VB_SOURCE to VBOOT_SOURCE for increased clarityPaul Kocialkowski
This renames the VB_SOURCE variable to VBOOT_SOURCE in the build system, providing increased clarity about what it represents. Since the submodule itself is called "vboot", it makes sense to use that name in full instead of a very shortened (and confusing) version of it. Change-Id: Ib343b6642363665ec1205134832498a59b7c4a26 Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: https://review.coreboot.org/15824 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2016-07-25google/chromeos: Add support for saving recovery reason across rebootFurquan Shaikh
On some x86 platforms (skylake, apollolake), we observe reboots at different steps during the FSP initialization. These additional reboots result in loss of recovery request because vboot_reference library clears recovery request on vbnv once verification is complete and it has made a decision about which boot path to take(normal/dev, slot-a/slot-b, recovery). Provide a way to allow mainboards/chipsets to inform recovery module in vboot2 to save recovery reason to survive unexpected reboots. The recovery reason is set in vbnv after vboot_reference library completes its verification and clears the reason in vbnv while jumping to payload. BUG=chrome-os-partner:55431 Change-Id: Ie96be9aeb42c8209d8215943409e6327d6a8bf98 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15802 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-07-25google/chromeos: Add recovery module in vboot2Furquan Shaikh
Add recovery module in vboot2 that checks if a recovery request is pending and returns appropriate reason code: 1. Checks if recovery mode is initiated by EC. 2. Checks if recovery request is present in VBNV. 3. Checks if recovery request is present in handoff for post-cbmem stages. 4. Checks if vboot verification is complete and looks up selected region to identify if recovery is requested by vboot library. BUG=chrome-os-partner:55431 Change-Id: I31e332a4d014a185df2434c3730954e08dc27281 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15800 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2016-07-25vboot: Clean up vboot codeFurquan Shaikh
1. Remove unused functions/structures. 2. Add checks for NULL return values. 3. Change prefixes to vb2 instead of vboot for functions used internally within vboot2/ 4. Get rid of vboot_handoff.h file and move the structure definition to vboot_common.h 5. Rename all functions using handoff structure to have prefix vboot_handoff_*. All the handoff functions can be run _only_ after cbmem is online. 6. Organize vboot_common.h content according to different functionalities. BUG=chrome-os-partner:55431 Change-Id: I4c07d50327d88cddbdfbb0b6f82c264e2b8620eb Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15799 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2016-07-15chromeos: Fill in the firmware id (RO, RW A, RW B) FMAP sectionsPaul Kocialkowski
This fills up the RO_FRID, RW_FWID_A and RW_FWID_B FMAP sections with the relevant version from KERNELVERSION, padded to the right size and gap-filled with zeros. Change-Id: I45c724555f8e41be02b92ef2990bf6710be805c2 Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: https://review.coreboot.org/15604 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2016-07-14tpm2: implement locking firmware rollback counterVadim Bendebury
TPM1.2 is using the somewhat misnamed tlcl_set_global_lock() command function to lock the hardware rollback counter. For TPM2 let's implement and use the TPM2 command to lock an NV Ram location (TPM2_NV_WriteLock). BRANCH=none BUG=chrome-os-partner:50645 TEST=verified that TPM2_NV_WriteLock command is invoked before RO firmware starts RW, and succeeds. Change-Id: I52aa8db95b908488ec4cf0843afeb6310dc7f38b Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 2f859335dfccfeea900f15bbb8c6cb3fd5ec8c77 Original-Change-Id: I62f22b9991522d4309cccc44180a5ebd4dca488d Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358097 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Darren Krahn <dkrahn@chromium.org> Reviewed-on: https://review.coreboot.org/15638 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2016-07-13tpm2: add tlcl_force_clear and use it before factory initVadim Bendebury
tlcl_force_clear() needs to be issued each time when the device mode switches between normal/development/recovery. This patch adds command implementation using TPM_Clear TPM2 command, and also invokes it before factory initialization. BRANCH=none BUG=chrome-os-partner:50645 TEST=verified that TPM_Clear command succeeds at factory startup and the boot proceeds normally. Change-Id: Ia431390870cbe448bc1b6f1755ed17953be9bdf1 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 347ff17b97da45fa4df547ff32f9dd2c8972cefd Original-Change-Id: I2a0e62527ad46f9dd060afe5e75c7e4d56752849 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358095 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Darren Krahn <dkrahn@chromium.org> Reviewed-on: https://review.coreboot.org/15636 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
2016-07-13tpm2: use pcr0 dependent nvram space policy definitionsVadim Bendebury
The TPM2 specification allows defining NV ram spaces in a manner that makes it impossible to remove the space until a certain PCR is in a certain state. This comes in handy when defining spaces for rollback counters: make their removal depend on PCR0 being in the default state. Then extend PCR0 to any value. This guarantees that the spaces can not be deleted. Also, there is no need t create firmware and kernel rollback spaces with different privileges: they both can be created with the same set of properties, the firmware space could be locked by the RO firmware, and the kernel space could be locked by the RW firmware thus providing necessary privilege levels. BRANCH=none BUG=chrome-os-partner:50645, chrome-os-partner:55063 TEST=with the rest of the patches applied it is possible to boot into Chrome OS maintaining two rollback counter spaces in the TPM NV ram locked at different phases of the boot process. Change-Id: I889b2c4c4831ae01c093f33c09b4d98a11d758da Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 36317f5e85107b1b2e732a5bb2a38295120560cd Original-Change-Id: I69e5ada65a5f15a8c04be9def92a8e1f4b753d9a Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358094 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/15635 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
2016-07-12vboot2: tpm2 factory initialization.Vadim Bendebury
This patch adds a TPM2 specific path in the vboot2 initialization sequence when the device is turned on in the factory for the first time, namely two secure NVRAM spaces are created, with different access privileges. The higher privilege space can be modified only be the RO firmware, and the lower privilege space can be modified by both RO and RW firmware. The API is being modified to hide the TPM implementation details from the caller. Some functions previously exported as global are in fact not used anywhere else, they are being defined static. BRANCH=none BUG=chrome-os-partner:50645 TEST=when this code is enabled the two secure spaces are successfully created during factory initialization. Original-Commit-Id: 5f082d6a9b095c3efc283b7a49eac9b4f2bcb6ec Original-Change-Id: I917b2f74dfdbd214d7f651ce3d4b80f4a18def20 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/353916 Original-Reviewed-by: Bill Richardson <wfrichar@chromium.org> Original-Reviewed-by: Darren Krahn <dkrahn@chromium.org> squashed: mock tpm: drop unused functions safe_write() and safe_define_space() functions are defined in secdata_mock.c, but not used in mocked TPM mode. The actual functions have been redefined as static recently and their declarations were removed from src/include/antirollback.h, which now causes compilation problems when CONFIG_VBOOT2_MOCK_SECDATA is defined. Dropping the functions from secdata_mock.c solves the problem. BRANCH=none BUG=none TEST=compilation in mock secdata mode does not fail any more. Original-Commit-Id: c6d7824f52534ecd3b02172cb9078f03e318cb2b Original-Change-Id: Ia781ce99630d759469d2bded40952ed21830e611 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/356291 Original-Tested-by: Caesar Wang <wxt@rock-chips.com> Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Randall Spangler <rspangler@chromium.org> Change-Id: Icb686c5f9129067eb4bb3ea10bbb85a075b29955 Signed-off-by: Martin Roth <martinroth@chromium.org> Reviewed-on: https://review.coreboot.org/15571 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com> Reviewed-by: Furquan Shaikh <furquan@google.com>
2016-06-30vbnv: Do not initialize vbnv_copy in vbnv layerFurquan Shaikh
If read_vbnv finds that the vbnv_copy is not valid, it initializes it with the correct HEADER_SIGNATURE and other attributes. However, the vbnv copy is checked for validity and initialized at the vboot layer as well. Since, vboot is the owner of this data, it should be the one initializing it. Thus, if read_vbnv sees that the data is not valid, simply reset it to all 0s and let vboot layer take care of it. This also removes the need for additional checks to ensure that the dirty vbnv copy is properly updated on storage. Change-Id: I6101ac41f31f720a6e357c9c56e571d62e0f2f47 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15498 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Julius Werner <jwerner@chromium.org>
2016-06-29vbnv: Do not silently reset cache in read_vbnvFurquan Shaikh
Currently, read_vbnv performs a reset of the vbnv cache if it is not valid. However, this information is not passed up to the vboot layer, thus resulting in missed write-back of vbnv cache to storage if vboot does not update the cache itself. Update read_vbnv to return a value depending upon whether it wants a write-back to be performed when save is called. Return value: 0 = No write-back required 1 = Write-back of VBNV cache is required. Change-Id: I239939d5f9731d89a9d53fe662321b93fc1ab113 Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/15457 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-06-23kconfig: allow various tpm type and interface permutationsVadim Bendebury
Until now it was assumed that all TPM devices were of the same type (TCG 1.2 spec compliant) and x86 based boards had LPC connected TPMs and all other boards had I2C connected TPMs. With the advent of TPM2 specification there is a need to be able to configure different combinations of TPM types (TPM or TPM2) and interfaces (LPC, I2C and SPI). This patch allows to do it. Picking Chrome OS still assumes that the board has a TPM device, but adding MAINBOARD_HAS_TPM2 to the board's Kconfig will trigger including of TPM2 instead. MAINBOARD_HAS_LPC_TPM forces the interface to be set to LPC, adding SPI_TPM to the board config switches interface choice to SPI, and if neither of the two is defined, the interface is assumed to be I2C. BRANCH=none BUG=chrome-os-partner:50645 TEST=verified that none of the generated board configurations change as a result of this patch. With the rest of the stack in place it is possible to configure different combinations of TPM types and interfaces for ARM and x86 boards. Change-Id: I24f2e3ee63636566bf2a867c51ed80a622672f07 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 5a25c1070560cd2734519f87dfbf401c135088d1 Original-Change-Id: I659e9301a4a4fe065ca6537ef1fa824a08d36321 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/349850 Original-Reviewed-by: Martin Roth <martinroth@chromium.org> Reviewed-on: https://review.coreboot.org/15294 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
2016-06-12Kconfig: Set VBOOT_OPROM_MATTERS for relevant non-x86 devicesJulius Werner
The VBOOT_OPROM_MATTERS configuration option signals to vboot that the board can skip display initialization in the normal boot path. It's name is a left-over from a time when this could only happen by avoiding loading the VGA option ROM on x86 devices. Now we have other boards that can skip their native display initialization paths too, and the effect to vboot is the same. (Really, we should rename oprom_matters and oprom_loaded to display_skippable and display_initialized or something, but I don't think that's worth the amount of repositories this would need to touch.) The only effect this still has in today's vboot is to reboot and explicitly request display initialization for EC software sync on VBOOT_EC_SLOW_UPDATE devices (which we haven't had yet on ARM). Still, the vboot flag just declares the capability (for skipping display init), and it should be set correctly regardless of whether that actually makes a difference on a given platform (right now). This patch updates all boards/SoCs that have a conditional path based on display_init_required() accordingly. BRANCH=None BUG=chrome-os-partner:51145 TEST=Booted Oak, confirmed that there's no notable boot time impact. Change-Id: Ic7c77dbd8356d67af7aee54e7869f9ac35241b99 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 9c242f7 Original-Change-Id: I75e5cdda2ba2d111ea50ed2c7cdf94322679f1cd Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/348786 Original-Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/15113 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Furquan Shaikh <furquan@google.com>
2016-05-25vendorcode/google/chromeos/vboot2: use cbmem for postcar region selectionAaron Durbin
When the vboot cbfs selection runs in postcar stage it should be utilizing cbmem to locate the vboot selected region. Change-Id: I027ba19438468bd690d74ae55007393f051fde42 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/14959 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com>
2016-05-24vendorcode/chromeos/vbnv: Add CMOS init functionJagadish Krishnamoorthy
Add cmos init helper function. This function saves the Vboot NV data, calls cmos init and restores the Vboot NV data. Change-Id: I8475f23d849fb5b5a2d16738b4d5e99f112883da Signed-off-by: Jagadish Krishnamoorthy <jagadish.krishnamoorthy@intel.com> Reviewed-on: https://review.coreboot.org/14898 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2016-05-16vboot: Call verification_should_run directly in the if statementPaul Kocialkowski
Using a dedicated variable is slightly less readable and makes the code less consistent, given that other test functions are called directly in the if statements. Change-Id: If52b2a4268acb1e2187574d15cc73a0c1d5fe9bb Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: https://review.coreboot.org/14817 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2016-05-09xip: Do not pass --xip for early stages if CAR supports code executionFurquan Shaikh
On modern x86 platforms like apollolake, pre-RAM stages verstage and romstage run within the cache-as-ram region. Thus, we do not need to pass in the --xip parameter to cbfstool while adding these stages. Introduce a new Kconfig variable NO_XIP_EARLY_STAGES which is default false for all x86 platforms. Apollolake selects this option since it supports code execution with CAR. Change-Id: I2848046472f40f09ce7fc230c258b0389851b2ea Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/14623 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2016-05-03chromeos: Ensure that the last file in FW_MAIN is not also the first onePaul Kocialkowski
In the case where one of the FW_MAIN regions is empty, the last file (empty) will also appear to be first and have a zero offset, making head complain. This is a very borderline use case, since the FW_MAIN_ regions should have been filled previously, but an extra check doesn't hurt. Change-Id: I15491c5b4a5e7d1f9fb369cc5fa4e3875e2dad3b Signed-off-by: Paul Kocialkowski <contact@paulk.fr> Reviewed-on: https://review.coreboot.org/14472 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2016-04-20vboot: Compile loader in postcar as wellAndrey Petrov
Change-Id: Ide3202fca75c77ccebf17d61d93945ba7834a13b Signed-off-by: Andrey Petrov <andrey.petrov@intel.com> Reviewed-on: https://review.coreboot.org/14398 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-04-05chromeos: Fix adding a bmpblk to GBBPatrick Georgi
The codepath was untested and incomplete. It now determines the right GBB region sizes and puts the data in. BUG=chromium:595715 BRANCH=none TEST=none Change-Id: I2cc47ddd8aa7675375ca5ed5f75632c30c65dd1e Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 36e026404ed049d61b677ef043a781c8c209dd93 Original-Change-Id: Ib872627740dbd8ac19fc3e2a01464457f38366ed Original-Signed-off-by: Patrick Georgi <pgeorgi@google.com> Original-Reviewed-on: https://chromium-review.googlesource.com/336358 Original-Commit-Ready: Patrick Georgi <pgeorgi@chromium.org> Original-Tested-by: Patrick Georgi <pgeorgi@chromium.org> Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/14239 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-04-05chromeos: Add enable-serial GBB flagPatrick Georgi
This mirrors vboot's flag table. BUG=chromium:595715 BRANCH=none TEST=none Change-Id: I4473eb6c0e073f555e6a692a447e8cc85f8e4eeb Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 0fc50a6cff5ba900e6407d58a8f18db63b5946a5 Original-Change-Id: Ieabd3f9391ba256557e18386f334558d64a81694 Original-Signed-off-by: Patrick Georgi <pgeorgi@google.com> Original-Reviewed-on: https://chromium-review.googlesource.com/336630 Original-Commit-Ready: Patrick Georgi <pgeorgi@chromium.org> Original-Tested-by: Patrick Georgi <pgeorgi@chromium.org> Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/14238 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-04-05google/oak: Log hardware watchdog in eventlogJulius Werner
The MT8173 hardware watchdog can assert an external signal which we use to reset the TPM on Oak. Therefore we do not need to do the same double-reset dance as on other Chromebooks to ensure that we reset in a correct state. Still, we have a situation where we need to reconfigure the watchdog early in the bootblock in a way that will clear information about the previous reboot from the status register, and we need that information later in ramstage to log the right event. Let's reuse the same watchdog tombstone mechanism from other boards, except that we don't perform a second reset and the tombstone is simply used to communicate between bootblock and ramstage within the same boot. BRANCH=None BUG=None TEST=Run 'mem w 0x10007004 0x8' on Oak, observe how it reboots and how 'mosys eventlog list' shows a hardware watchdog reboot event afterwards. Change-Id: I1ade018eba652af91814fdaec233b9920f2df01f Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 07af37e11499e86e730f7581862e8f0d67a04218 Original-Change-Id: I0b9c6b83b20d6e1362d650ac2ee49fff45b29767 Original-Signed-off-by: Julius Werner <jwerner@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/334449 Original-Reviewed-by: David Hendricks <dhendrix@chromium.org> Reviewed-on: https://review.coreboot.org/14234 Tested-by: build bot (Jenkins) Reviewed-by: Julius Werner <jwerner@chromium.org>
2016-03-29vboot: Handle S3 resume path for TPM initializationDuncan Laurie
When doing verification of memory init code in verstage vboot should issue a TPM_Startup(ST_STATE) instead of TPM_Startup(ST_CLEAR) in order to preserve the flags in TPM_STCLEAR_FLAGS which include things like physical presence. In doing so we can also skip the rest of the TPM init work in this function in the S3 resume path. BUG=chrome-os-partner:50633 BRANCH=glados TEST=S3 resume on chell and ensure TPM is resumed instead of being cleared and that 'tpmc getvf|getpf|getf' does not show any difference in flags between boot and resume. Change-Id: I7a48eaf7f57d2bc6ebc182178cbe60ceb2ad8863 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: f059f39a0f5c2f21e564b9554efacf26a41ad794 Original-Change-Id: I647869202d2f04328764155d3de4cad9edf10ae4 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Previous-Reviewed-on: https://chromium-review.googlesource.com/332434 Original-(cherry picked from commit 5fc7792e4104523569140cd84ce313da721ec34b) Original-Reviewed-on: https://chromium-review.googlesource.com/332542 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/14107 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-03-08Chromeos: Modify wifi_regulatory_domain to use "region" key in VPDHuang, Huki
In ChromeOS VPD spec the right name is "region". Signed-off-by: Hannah Williams <hannah.williams@intel.com> Reviewed-on: https://chromium-review.googlesource.com/322851 Reviewed-by: Hung-Te Lin <hungte@chromium.org> Reviewed-by: mukesh agrawal <quiche@chromium.org> (cherry picked from commit 21ea0663e7f3ffe3aaea6b6ce0e1216fcd9ca23e) BUG=chrome-os-partner:50516 BRANCH=glados TEST=build and boot on chell Change-Id: I4ba9a9c65af3732fa263030640495ab5bea91d1f Signed-off-by: Patrick Georgi <pgeorgi@google.com> Original-Commit-Id: 848f18e731eb11dd3037d12607d7364f95e64e34 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Change-Id: Ib96036f9cd76449f170af5c3dd6ef6e8e91ded94 Original-Reviewed-on: https://chromium-review.googlesource.com/329293 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13837 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2016-02-29vboot: Set S3_RESUME flag for vboot context if necessaryDuncan Laurie
If a platform does verification of the memory init step, and it must resume with the same slot that it booted from then it needs to set the vboot context flag when resuming instead of booting. This will affect the slot that is selected to verify and resume from. BUG=chromium:577269 BRANCH=glados TEST=manually tested on chell: 1) ensure that booting from slot A resumes from slot A. 2) ensure that booting from slot B resumes from slot B. 3) do RW update while booted from slot A (so the flags are set to try slot B) and ensure that suspend/resume still functions properly using current slot A. 4) do RW update while booted from slot B (so the flags are set to try slot A) and ensure that suspend/resume still functions properly using current slot B. Change-Id: I77e6320e36b4d2cbc308cfb39f0d4999e3497be3 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Original-Commit-Id: 4c84af7eae7b2a52a28cc3ef8a80649301215a68 Original-Change-Id: I395e5abaccd6f578111f242d1e85e28dced469ea Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/328775 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13834 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2016-02-22cbfs: Add LZ4 in-place decompression support for pre-RAM stagesJulius Werner
This patch ports the LZ4 decompression code that debuted in libpayload last year to coreboot for use in CBFS stages (upgrading the base algorithm to LZ4's dev branch to access the new in-place decompression checks). This is especially useful for pre-RAM stages in constrained SRAM-based systems, which previously could not be compressed due to the size requirements of the LZMA scratchpad and bounce buffer. The LZ4 algorithm offers a very lean decompressor function and in-place decompression support to achieve roughly the same boot speed gains (trading compression ratio for decompression time) with nearly no memory overhead. For now we only activate it for the stages that had previously not been compressed at all on non-XIP (read: non-x86) boards. In the future we may also consider replacing LZMA completely for certain boards, since which algorithm wins out on boot speed depends on board-specific parameters (architecture, processor speed, SPI transfer rate, etc.). BRANCH=None BUG=None TEST=Built and booted Oak, Jerry, Nyan and Falco. Measured boot time on Oak to be about ~20ms faster (cutting load times for affected stages almost in half). Change-Id: Iec256c0e6d585d1b69985461939884a54e3ab900 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/13638 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-02-10chromeos/Kconfig: Remove dependency on GBB_HAVE_BMPFVMartin Roth
This symbol is not defined. Change-Id: I2b0a3fca82d85962fc882f237b70702cab0400db Signed-off-by: Martin Roth <martinroth@chromium.org> Reviewed-on: https://review.coreboot.org/13647 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins)
2016-02-10google/chromeos: backup -> back upPatrick Georgi
See discussion on https://review.coreboot.org/13600 and https://review.coreboot.org/13601 Change-Id: Ia8274b0b296d6b398f75c0d91a6fded4c5f57e10 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: https://review.coreboot.org/13643 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2016-02-09vboot2: Store depthcharge graphic assets only in ROPatrick Georgi
These files aren't updated (or updatable), and as such don't need to be copied to the RW sections. Change-Id: Ie78936792ad651fbf8500fc7e34f0899e33a904c Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Reviewed-on: https://review.coreboot.org/13633 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2016-02-09chromeos: Add option to back up VBNV CMOS into flashDuncan Laurie
This adds a new kconfig option that will back up the VBNV data from CMOS to flash, and restore it if the CMOS data is invalid during boot. This allows special flags to not get lost when power is lost, RTC reset is triggered, or CMOS is corrupted. BUG=chrome-os-partner:47915 BRANCH=glados TEST=manually tested on chell: 1-boot and run "enable_dev_usb_boot" 2-reboot and check that it is enabled with crossystem 3-run "mosys nvram clear" 4-reboot and check that it is still enabled Change-Id: I38103d100117da34471734a6dd31eb7058735c12 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 8a356e616c6885d5ae3b776691929675d48a28f9 Original-Change-Id: I06e7ddff7b272e579c704914a0cf8cc14d6994e8 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324122 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13600 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-02-09google/chromeos/vboot2: defer clearing rec mode switchAaron Durbin
Certain platforms query the recovery mode switch more than just within vboot during the boot flow. Therefore, it's important that the first call to get_recovery_mode_switch() is consistent through memory training because certain platforms use the recovery mode switch to take different action for memory training. Therefore, defer the clearing of the rec mode switch to a place when it's known that memory is up and online. BUG=chrome-os-partner:44827 BRANCH=glados TEST=Three finger salute is honored on chell by retraining memory. Change-Id: I26ea51de7ffa2fe75b9ef1401fe92f9aec2b4567 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 6b0de9369242e50c7ff3b164cf1ced0642c7b087 Original-Change-Id: Ia7709c7346d1222e314bf3ac7e4335a63e9a5144 Original-Signed-off-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/325120 Original-Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/13604 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-02-09chromeos: Make vbnv_flash driver safe for CAR usageDuncan Laurie
This modifies the vbnv_flash driver to make it safe for use in cache-as-ram by handling the global variables safely. To make this cleaner all of the variables were moved into one structure and referenced from there. BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell using following patches to test backup and restore of vbnv_cmos into flash Change-Id: I3a17fa51cfd754455502ac2e5f181dae35967f2a Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 48876561fa4fb61e1ec8f92596c5610d97135201 Original-Change-Id: Id9fda8467edcc55e5ed760ddab197ab97d1f3d25 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324121 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13599 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-02-09chromeos: Remove CONFIG_VBNV_SIZE variableDuncan Laurie
The VBNV region size is determined by vboot and is not really configurable. Only the CMOS implementation defined this config variable so switch it to use VBNV_BLOCK_SIZE defined by vboot in vbnv_layout.h instead. This requires updating the broadwell/skylake cmos reset functions to use the right constant. BUG=chrome-os-partner:47915 BRANCH=glados TEST=manually tested on chell Change-Id: I45e3efc2a22efcb1470bbbefbdae4eda33fc6c96 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: e2b803ff3ac30ab22d65d1e62aca623730999a1d Original-Change-Id: I4896a1a5b7889d77ad00c4c8f285d184c4218e17 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324520 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13598 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-02-09chromeos: Add vbnv wrapper for the different backendsDuncan Laurie
Add a wrapper around the vbnv implementations and call into the different backend functions from there. Also move some of the common functions to the common code and simplify the backend drivers. This will allow some of the code to be re-used so the CMOS backend can backup the data into the flash backend. One side effect of this is that the cache of VBNV was removed from CMOS and EC backends and moved into the VBNV wrapper, but the flash backend also still has a separate cache because it has more state and complexity in the implementation. The wrapper cached data is not used for normal vbnv_read/vbnv_write because some callers need the ability to force a write if the backend storage is cleared (i.e. CMOS clear). BUG=chrome-os-partner:47915 BRANCH=glados TEST=build and boot on chell Change-Id: I4d2e0e99af7e8a44aec77ad9991507401babcca6 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: c30f60434a64f6c0eb9ede45d48ddafff19dd24f Original-Change-Id: Ia97f6607c5ad837b9aa10b45211137221ccb93a0 Original-Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324120 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/13597 Tested-by: build bot (Jenkins) Reviewed-by: Martin Roth <martinroth@google.com>
2016-02-04google/chromeos/vboot2: honor boot region device sizeAaron Durbin
Vboot keeps track of the size of the hashed region in each RW slot. While that size was being used to calculate the hash it wasn't being honored in restricting the access within the FMAP region for that RW slot. To alleviate that create a sub region that covers the hashed data for the region in which we boot from while performing CBFS accesses. BUG=chrome-os-partner:49764 BUG=chromium:445938 BRANCH=glados TEST=Built and booted chell with cbfstool and dev-util patches. Change-Id: I1a4f45573a6eb8d53a63bc4b2453592664c4f78b Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 4ac9e84af5b632e5735736d505bb2ca6dba4ce28 Original-Change-Id: Idca946926f5cfd2c87c4a740ad2108010b6b6973 Original-Signed-off-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324093 Original-Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/13586 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2016-02-04google/chromeos: guard cbmem_find() in verstage and bootblockAaron Durbin
When vboot_handoff_flag() is called in the bootblock or a separate verstage there's no memory nor the possibility of dram coming online. Therefore, don't bother to attempt call cbmem_find(). BUG=chrome-os-partner:44827 BRANCH=glados TEST=Built chell with separate verstage which pulls in vboot_common.c dependency. No more linking errors w/ cbmem_find() not being around. Change-Id: I494c93adc1c00459fdfaa8ce535c6b4c884ed0fb Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 414ce6aeaff657dc90289b25e5c883562189b154 Original-Change-Id: I8a5f2d154026ce794a70e7ec38883fa3c28fb6e7 Original-Signed-off-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/324070 Original-Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/13580 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-02-04chromeos/vboot: allow platform to hook into vboot_reboot()Aaron Durbin
Sometimes it's necessary for the platform to perform clean up tasks prior to reboot when employing vboot. For example, x86 systems that resume and do vboot verification may need to clear their sleep control register prior to doing a cold reset so that the next boot doesn't appear to be a resume. Allow that hook by introducing vboot_platform_prepare_reboot(). BUG=chrome-os-partner:46049 BRANCH=glados TEST=Ensure vboot_platform_prepare_reboot() called from vboot_reboot(). Change-Id: I622c9181d9fa3048204e3df3223d5dd4b458abca Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: f31ffc40bde002dec398fd4dd9d2ee9d65df0d7b Original-Change-Id: I97318cec34494a7fc4b1ecf2cb22715d20e730ff Original-Signed-off-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/323501 Original-Reviewed-by: Patrick Georgi <pgeorgi@chromium.org> Original-Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/13575 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2016-02-04chromeos/vboot: provide support for x86 memory init verificationAaron Durbin
For x86 systems which resume through the reset vector one needs to ensure the the RW slot taken at resume time matches the one at boot time. The reason is that any assets pulled out of the boot media need to match how the platform previously booted. To do that one needs obtain the hash digest of the chosen slot, and it needs to be saved in a secure place on the normal boot path. On resume one needs to retrieve the hash digest back to compare it with the chosen slot. If they don't match resuming won't be possible. BUG=chrome-os-partner:46049 BRANCH=glados TEST=Suspended and resumed on chell. Also, tested with an EC build which returns a bad hash to ensure that is properly caught. CQ-DEPEND=CL:323460 Change-Id: I90ce26813b67f46913aa4026b42d9490a564bb6c Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 01a42c0ecfc6d60d1d2e5e36a86781d91d5c47a9 Original-Change-Id: I6c6bdce7e06712bc06cc620a3d7a6a6250c59c95 Original-Signed-off-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/323500 Original-Reviewed-by: Patrick Georgi <pgeorgi@chromium.org> Original-Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/13574 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>