MinnowBoard MRC based support #542
Conversation
miczyg1
force-pushed
the
byt_fsp_parity
branch
4 times, most recently
from
b48cbaf
to
f8a10ca
Compare
miczyg1
force-pushed
the
byt_fsp_parity
branch
2 times, most recently
from
4dfd55f
to
22e27c3
Compare
|
Needs this to land too: Dasharo/edk2#156 |
miczyg1
force-pushed
the
byt_fsp_parity
branch
4 times, most recently
from
8f8275c
to
ac6ae27
Compare
src/soc/intel/baytrail/Kconfig
Outdated
| # Put the microcode right after the manifest, so it will be verified by IBB | ||
| # and accessible without walkcbfs ASM routine if CBFS_VERIFICATION is enabled. | ||
| config CPU_MICROCODE_CBFS_LOC | ||
| # These addresses will be used by BSP to locate microcode in bootblock before |
There was a problem hiding this comment.
Why plural? I can see only one address.
There was a problem hiding this comment.
There was a problem hiding this comment.
Partially fixed, addresses now doesn't match this: https://github.com/Dasharo/coreboot/pull/542/files#diff-a68c92b0f440c50bce825bdbdc037e9897818b52b6545daa9255faf335b5c071R275
There was a problem hiding this comment.
src/soc/intel/baytrail/Makefile.mk
Outdated
| dd if=/dev/zero of=$@ bs=5120 count=1 2> /dev/null | ||
| dd if=$< of=$@ conv=notrunc 2> /dev/null | ||
| else | ||
| key_manifest_pos = $(call int-subtract, $(CONFIG_ROM_SIZE) 0x21000) |
There was a problem hiding this comment.
Please remove hardcoded size. It should be possible to use something like $(CBFSTOOL) $(1) write -r MANIFESTS -f $(CONFIG_TXE_SB_KEY_MANIFEST_PATH) to get the same result.
There was a problem hiding this comment.
I'm not sure I get it. What is wrong with the hardcoded size?
There was a problem hiding this comment.
Ohh I get it, you mean to simply put the manifest using cbfstool without defining the location. but this does not guarantee that the Key Manifest will end up in the proper location. The address of Key manifest is fixed. MANIFESTS region may be placed anywhere...
There was a problem hiding this comment.
@krystian-hebel so should we leave the hardcoded size?
There was a problem hiding this comment.
MANIFESTS region may be placed anywhere...
Then it would be better to assert that this region is properly located, than blindly dd into offset that may be outside of MANIFESTS.
There was a problem hiding this comment.
Then it would be better to assert that this region is properly located, than blindly dd into offset that may be outside of MANIFESTS.
Yes, it could be checked somewhere. But blind DD is better than building an image which won't get the CPU out of reset...
There was a problem hiding this comment.
Check implemented: a52993b
Also writing the key manifest with cbfstool using MANIFESTS region.
There was a problem hiding this comment.
It works, but is there a reason why there are two commas in $(filter)?
There was a problem hiding this comment.
No reason, probably some leftover from previous attempt to get this logic working...
|
@BeataZdunczyk @macpijan, could anyone fix the code according to Krystian's suggestion while @miczyg1 is on vacation? I also wonder if we shouldn't go upstream with those patches immediately. |
|
@pietrushnic, @miczyg1 is working today, so he will address the review and the issues raised from testing RC1. If anything is more challenging to address, we will, of course, assign the task to someone else. Upstream is out of scope for this release, but we can evaluate the effort needed. |
miczyg1
force-pushed
the
byt_fsp_parity
branch
2 times, most recently
from
8d7d3a3
to
5557b1a
Compare
|
I have addressed what I could. Not sure how to address the PCIe comments properly yet. |
filipleple
force-pushed
the
byt_fsp_parity
branch
from
bff6f1a
to
59d0b38
Compare
miczyg1
force-pushed
the
byt_fsp_parity
branch
2 times, most recently
from
e31753a
to
ebd381f
Compare
All Intel SOCs use input pullup 20K as not connected GPIO. Also GPIO output mode may be harmful. Signed-off-by: Michał Żygowski <[email protected]>
Fixes a problem where changing ME binary in the config would not result in the desired ME binary be included in the rebuilt coreboot binary. Signed-off-by: Michał Żygowski <[email protected]>
src/soc/intel/baytrail/Kconfig
Outdated
| hex | ||
| default 0x19800 | ||
|
|
||
| endif | ||
| # Ensure the bootblock does not overlap the microcode. We have 0x6400 bytes | ||
| # of space after microcode till the ned of ROM. Make a small gap of 256 bytes |
There was a problem hiding this comment.
| # of space after microcode till the ned of ROM. Make a small gap of 256 bytes | |
| # of space after microcode till the end of ROM. Make a small gap of 256 bytes |
src/soc/intel/baytrail/Makefile.mk
Outdated
| dd if=/dev/zero of=$@ bs=5120 count=1 2> /dev/null | ||
| dd if=$< of=$@ conv=notrunc 2> /dev/null | ||
| else | ||
| key_manifest_pos = $(call int-subtract, $(CONFIG_ROM_SIZE) 0x21000) |
There was a problem hiding this comment.
It works, but is there a reason why there are two commas in $(filter)?
src/soc/intel/baytrail/txei.c
Outdated
| /* get number of full 4-byte slots */ | ||
| static size_t bytes_to_slots(size_t bytes) | ||
| { | ||
| return (bytes + (SLOT_SIZE - 1) + SLOT_SIZE) / SLOT_SIZE; |
There was a problem hiding this comment.
This is the ceiling of size, which is then increased by one. Is this an error or is it caused by the length not including the header? In any case, this should be commented.
There was a problem hiding this comment.
Reworked it to actually do what the comment does: 6a4524e
Used ALIGN_UP like the original source of CSE HECI src/soc/intel/common/block/cse/cse.c does
Also added comments near the loops where the slots are written to explain how it works.
|
|
||
| /* Write the body in whole slots */ | ||
| for (i = 1; i < pend_slots; i++, *p++) { | ||
| write_slot(i, *p); |
There was a problem hiding this comment.
This looks like out of bounds read. Either add a check that pend_len is divisible by 4, or add a comment that all the messages come from this file (i.e. there are no non-static functions with message controlled by the caller) and have sizes that are of such sizes and the check isn't necessary.
There was a problem hiding this comment.
It may often be out of bound read, depending on the message length. If it is not divisible by 4, then some additional bytes may be sent at the end of message. However, ME/TXE should not care, because the real length of the message is in the message header. But we still must write 32bit slots... Of course we may always check for the message length, reallocate and copy it to a new buffer that is divisible by 4 and appended with zeros if necessary. However, the original source of CSE HECI src/soc/intel/common/block/cse/cse.c does not do it.
There was a problem hiding this comment.
This is not exactly what you wanted. Although like I mentioned above, it is based on the CSE HECI from common blocks, which does the same. And TXE/CSE should not care about bytes after the message size.
src/soc/intel/baytrail/txei.c
Outdated
| case TXE_FWSTS0_COM_DEBUG: | ||
| case TXE_FWSTS0_COM_SOFT_TEMP_DISABLE: | ||
| case TXE_FWSTS0_COM_SECOVER_JMPR: | ||
| printk(BIOS_INFO, "Current TXE operation mode does not allow" |
There was a problem hiding this comment.
However, never break user-visible strings such as printk messages, because that breaks the ability to grep for them.
Signed-off-by: Michał Żygowski <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
This PR adds silicon initialization not covered by native coreboot support but done in FSP. It also contains various fixes, TXE BIOS flow and CBFS_VERIFICATION integration with TXE Secure Boot on Bay Trail platform - Intel MinnowBoard Turbot.