402 changes: 0 additions & 402 deletions Documentation/Intel/vboot.html
View file

This file was deleted.

105 changes: 105 additions & 0 deletions Documentation/getting_started/architecture.md
View file
@@ -0,0 +1,105 @@
# coreboot architecture

## Overwiew
![][architecture]

[architecture]: comparision_coreboot_uefi.svg

## Stages
coreboot consists of multiple stages that are compiled as separate binaries and
are inserted into the CBFS with custom compression. The bootblock usually doesn't
have compression while the ramstage and payload are compressed with LZMA.

Each stage loads the next stage a given address (possibly decompressing it).

Some stages are relocatable and can be placed anywhere in DRAM. Those stages are
usually cached in CBMEM for faster loading times on ACPI S3 resume.

Supported stage compressions:
* none
* LZ4
* LZMA

## bootblock
The bootblock is the first stage executed after CPU reset. It is written in
assembly language and its main task is to set up everything for a C-environment:

Common tasks:

* Cache-As-RAM for heap and stack
* Set stack pointer
* Clear memory for BSS
* Decompress and load the next stage

On x86 platforms that includes:

* Microcode updates
* Timer init
* Switching from 16-bit real-mode to 32-bit protected mode

The bootblock loads the romstage or the verstage if verified boot is enabled.

### Cache-As-Ram
The *Cache-As-Ram*, also called Non-Eviction mode, or *CAR* allows to use the
CPU cache like regular SRAM. This is particullary usefull for high level
languages like `C`, which need RAM for heap and stack.

The CAR needs to be activated using vendor specific CPU instructions.

The following stages run when Cache-As-Ram is active:
* bootblock
* romstage
* verstage
* postcar

## verstage
The verstage is where the root-of-trust starts. It's assumed that
it cannot be overwritten in-field (together with the public key) and
it starts at the very beginning of the boot process.
The verstage installs a hook to verify a file before it's loaded from
CBFS or a partition before it's accessed.

The verified boot mechanism allows trusted in-field firmware updates
combined with a fail-safe recovery mode.

## romstage
The romstage initializes the DRAM and prepares everything for device init.

Common tasks:

* Early device init
* DRAM init

## postcar
To leave the CAR setup and run code from regular DRAM the postcar-stage tears
down CAR and loads the ramstage. Compared to other stages it's minimal in size.

## ramstage

The ramstage does the main device init:

* PCI device init
* On-chip device init
* TPM init (if not done by verstage)
* Graphics init (optional)
* CPU init (like set up SMM)

After initialization tables are written to inform the payload or operating system
about the current hardware existance and state. That includes:

* ACPI tables (x86 specific)
* SMBIOS tables (x86 specific)
* coreboot tables
* devicetree updates (ARM specific)

It also does hardware and firmware lockdown:
* Write-protection of boot media
* Lock security related registers
* Lock SMM mode (x86 specific)

## payload
The payload is the software that is run after coreboot is done. It resides in
the CBFS and there's no possibility to choose it at runtime.

For more details have a look at [payloads](../payloads.md).

Binary file added Documentation/getting_started/comparision_coreboot_uefi.dia
View file
Binary file not shown.
176 changes: 176 additions & 0 deletions Documentation/getting_started/comparision_coreboot_uefi.svg
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
1 change: 1 addition & 0 deletions Documentation/getting_started/index.md
View file
@@ -1,5 +1,6 @@
# Getting Started

* [coreboot architecture](architecture.md)
* [Build System](build_system.md)
* [Submodules](submodules.md)
* [Kconfig](kconfig.md)
Expand Down
2 changes: 1 addition & 1 deletion Documentation/getting_started/kconfig.md
View file
Expand Up @@ -1132,7 +1132,7 @@ the symbol is only inside of an if/endif block where the if expression evaluates
as false, the symbol STILL gets defined in the config.h file (though not in the
.config file).

Use \#if IS_ENABLED(CONFIG_*) to be sure (it returns false for undefined symbols
Use \#if CONFIG(SYMBOL) to be sure (it returns false for undefined symbols
and defined-to-0 symbols alike).


Expand Down
16 changes: 15 additions & 1 deletion Documentation/getting_started/writing_documentation.md
View file
Expand Up @@ -100,11 +100,25 @@ If you do only reference the document, but do not include it in any toctree,
you'll see the following warning:
**WARNING: document isn't included in any toctree**

## CSV

You can import CSV files and let sphinx automatically convert them to human
readable tables, using the following reStructuredText snipped:

```eval_rst
.. csv-table::
:header: "Key", "Value"
:file: keyvalues.csv
```

Of course this can only be done from a markdown file that is included in the
TOC tree.

[coreboot]: https://coreboot.org
[Documentation]: https://review.coreboot.org/cgit/coreboot.git/tree/Documentation
[shpinx-autobuild]: https://github.com/GaretJax/sphinx-autobuild
[guide]: http://www.sphinx-doc.org/en/stable/install.html
[Sphinx]: http://www.sphinx-doc.org/en/master/
[Markdown Guide]: https://www.markdownguide.org/
[Gerrit Guidelines]: https://doc.coreboot.org/gerrit_guidelines.html
[Gerrit Guidelines]: gerrit_guidelines.md
[review.coreboot.org]: https://review.coreboot.org
6 changes: 3 additions & 3 deletions Documentation/gfx/libgfxinit.md
View file
Expand Up @@ -48,9 +48,9 @@ follows:

* `lightup_ok`: returns whether the initialization succeeded `1` or
failed `0`. Currently, only the case that no display
could be found counts as failure. A failure at a la-
ter stage (e.g. failure to train a DP) is not propa-
gated.
could be found counts as failure. A failure at a
later stage (e.g. failure to train a DP) is not
propagated.

GMA: Per Board Configuration
----------------------------
Expand Down
5 changes: 2 additions & 3 deletions Documentation/index.md
View file
Expand Up @@ -167,20 +167,19 @@ Contents:
* [Code of Conduct](community/code_of_conduct.md)
* [Community forums](community/forums.md)
* [coreboot at conferences](community/conferences.md)
* [Security](security.md)
* [Payloads](payloads.md)
* [Distributions](distributions.md)
* [Timestamps](timestamp.md)
* [Intel IFD Binary Extraction](Binary_Extraction.md)
* [Dealing with Untrusted Input in SMM](technotes/2017-02-dealing-with-untrusted-input-in-smm.md)
* [ABI data consumption](abi-data-consumption.md)
* [GPIO toggling in ACPI AML](acpi/gpio.md)
* [Native Graphics Initialization with libgfxinit](gfx/libgfxinit.md)
* [Architecture-specific documentation](arch/index.md)
* [Northbridge-specific documentation](northbridge/index.md)
* [System on Chip-specific documentation](soc/index.md)
* [Mainboard-specific documentation](mainboard/index.md)
* [Payload-specific documentation](lib/payloads/index.md)
* [Library-specific documentation](lib/index.md)
* [Security](security/index.md)
* [SuperIO-specific documentation](superio/index.md)
* [Vendorcode-specific documentation](vendorcode/index.md)
* [Utilities](util.md)
Expand Down
6 changes: 4 additions & 2 deletions Documentation/lessons/lesson2.md
View file
Expand Up @@ -130,8 +130,9 @@ The first line of your commit message is your commit summary. This is a brief
one-line description of what you changed in the files using the template
below:

<filepath>: Short description
`<filepath>: Short description`
*ex. cpu/amd/pi/00630F01: Fix checkpatch warnings and errors*

**Note:** It is good practice to use present tense in your descriptions
and do not punctuate your summary.

Expand Down Expand Up @@ -171,8 +172,9 @@ In the textbox labeled "Commit summary" provide a brief one-line
description of what you changed in the files according to the template
below:

<filepath>: Short description
`<filepath>: Short description`
*ex. cpu/amd/pi/00630F01: Fix checkpatch warnings and errors*

**Note:** It is good practice to use present tense in your descriptions
and do not punctuate your short description.

Expand Down
5 changes: 3 additions & 2 deletions Documentation/abi-data-consumption.md → Documentation/lib/abi-data-consumption.md
View file
Expand Up @@ -8,8 +8,9 @@ listed as consumable is subject to change without notice.
## Background and Usage

coreboot passes information to downstream users using coreboot tables. These
table definitions can be found in src/include/boot/coreboot_tables.h and
payloads/libpayload/include/coreboot_tables.h respectively within coreboot
table definitions can be found in
`./src/commonlib/include/commonlib/coreboot_tables.h` and
`./payloads/libpayload/include/coreboot_tables.h` respectively within coreboot
and libpayload. One of the most vital and important pieces of information
found within these tables is the memory map of the system indicating
available and reserved memory.
Expand Down
153 changes: 153 additions & 0 deletions Documentation/lib/flashmap.md
View file
@@ -0,0 +1,153 @@
# Flashmap and Flashmap Descriptor in coreboot

## Flashmap

[Flashmap](https://code.google.com/p/flashmap) (FMAP) is a binary format to
describe partitions in a flash chip. It was added to coreboot to support the
requirements of Chromium OS firmware but then was also used in other scenarios
where precise placement of data in flash was necessary, or for data that is
written to at runtime, as CBFS is considered too fragile for such situations.
The Flashmap implementation inside coreboot is the de facto standard today.

Flashmap partitions the image into clearly delimited sections and some of those
sections may be CBFSes that can hold arbitrary-length files (at least one, the
default CBFS, called `COREBOOT`). General guidance is that everything with
strict layout requirements (e.g. must be aligned to erase blocks or
something else) should have its own Flashmap section, and everything else should
normally go into CBFS.

The Flashmap itself starts with a header `struct fmap` and followed by a list of
section descriptions in `strcut fmap_area`.

### Header
The header `struct fmap` has following fields:
* `signature`: 8 characters as `"__FMAP__"`.
* `ver_major`: one byte for major version (currently only 1).
* `ver_minor`: one byte for minor version (current value is 1).
* `base`: 64 bit integer for the address of the firmware binary.
* `size`: 32 bit integer for the size of firmware binary in bytes.
* `name`: 32 characters for the name of the firmware binary.
* `nareas`: 16 bit integer for the number of area definitions (i.e., how many
sections are in this firmware image) following the header.

### Area Definition
The section is defined by `struct fmap_area` with following fields:
* `offset`: 32 bit integer for where the area starts (relative to `base` in
header).
* `size`: 32 bit integer for the size of area in bytes.
* `name`: 32 characters for a descriptive name of this area. Should be unique to
all sections inside same Flashmap.
* `flags`: 16 bit integer for attributes of this area (see below).

### Area Flags
Currently the defined values for `flags` in `struct fmap_area` are:
* `FMAP_AREA_PRESERVE`: suggesting the section should be preserved when
updating firmware, usually for product data like serial number, MAC address,
or calibration and cache data.
* `FMAP_AREA_STATIC`: Not really used today.
* `FMAP_AREA_COMPRESSED`: Not really used today.
* `FMAP_AREA_RO`: Not really used today.

### FMAP section
The whole Flashmap (`struct fmap` and list of `struct fmap_area`) should be
stored in a standalone section named as `FMAP` (which should be also described
by the Flashmap itself in `struct fmap_area`). There's no restriction for where
it should be located (or how large), but usually we need to do a linear or
binary search on whole firmware binary image to find Flashmap so a properly
aligned address would be better.

### COREBOOT section
coreboot firmware images (`coreboot.rom`) should have at least one Flashmap
section that is reserved for CBFS. Usually it is named as `COREBOOT`.

## Flashmap Descriptor

Since coreboot is starting to use a "partition" of Flashmap to describe the
flash chip layout (both at runtime and when flashing a new image onto a
chip), the project needs a reasonably expressive plain text format for
representing such sections in the source tree.

Flashmap Descriptor (FMD) is a [language and
compiler](https://chromium-review.googlesource.com/#/c/255031) inside coreboot
utility folder that can be used to generate final firmware images (i.e.
`coreboot.rom`) formatted by Flashmap.

The FMD implementation is in coreboot `utils/cbfstool` folder. Here's an
informal language description:

```
# <line comment>
<image name>[@<memory-mapped address>] <image size> {
<section name>[(flags)][@<offset from start of image>] [<section size>] [{
<subsection name>[@<offset from start of parent section>] [<subsection size>] [{
# Sections can be nested as deeply as desired
<subsubsection name>[(flags)][@...] [...] [{...}]
}]
[<subsection name>[(flags)][@...] [...] [{...}]]
# There can be many subsections at each level of nesting: they will be inserted
# sequentially, and although gaps are allowed, any provided offsets are always
# relative to the closest parent node's and must be strictly increasing with neither
# overlapping nor degenerate-size sections.
}]
}
```

Note that the above example contains a few symbols that are actually meta
syntax, and therefore have neither meaning nor place in a real file. The `<.*>`s
indicate placeholders for parameters:

* The names are strings, which are provided as single-word (no white space)
groups of syntactically unimportant symbols (i.e. every thing except `@`, `{`,
and `}`): they are not surrounded by quotes or any other form of delimiter.
* The other fields are non-negative integers, which may be given as decimal or
hexadecimal; in either case, a `K`, `M`, or `G` may be appended (without
intermediate white space) as a multiplier.
* Comments consist of anything one manages to enter, provided it doesn't start a
new line.

The `[.*]`s indicate that a portion of the file could be omitted altogether:

* Just because something is noted as optional doesn't mean it is in every case:
the answer might actually depend on which other information is---or
isn't---provided.
* The "flag" specifies the attribute or type for given section. The most
important supported flag is "CBFS", which indicates the section will contain
a CBFS structure.
* In particular, it is only legal to place a (CBFS) flag on a leaf section; that
is, choosing to add child sections excludes the possibility of putting a CBFS
in their parent. Such flags are only used to decide where CBFS empty file
headers should be created, and do not result in the storage of any additional
metadata in the resulting FMAP section.

Additionally, it's important to note these properties of the overall file and
its values:

* Other than within would-be strings and numbers, white space is ignored. It
goes without saying that such power comes with responsibility, which is why
this sentence is here.
* Although the `section name` must be globally unique, one of them may (but is
not required to) match the image name.
* It is a syntax error to supply a number (besides 0) that begins with the
character `0`, as there is no intention of adding octals to the mix.
* The image's memory address should be present on (and only on) layouts for
memory-mapped chips.
* Although it may be evident from above, all `section` offsets are relative only
to the immediate parent. There is no way to include an absolute offset (i.e.
from the beginning of flash), which means that it is "safe" to reorder the
sections within a particular level of nesting, as long as the change doesn't
cause their positions and sizes to necessitate overlap or zero sizes.
* A `section` with omitted offset is assumed to start at as low a position as
possible (with no consideration of alignment) and one with omitted size is
assumed to fill the remaining space until the next sibling or before the end
of its parent.
* It's fine to omit any `section`'s offset, size, or both, provided its position
and size are still unambiguous in the context of its *sibling* sections and
its parent's *size*. In particular, knowledge of one .*section 's children or
the `section`s' common parent's siblings will not be used for this purpose.
* Although `section`s are not required to have children, the flash chip as a
whole must have at least one.
* Though the braces after `section`s may be omitted for those that have no
children, if they are present, they must contain at least one child.

To see the formal description of the language, please refer to the Lex and Yacc
files: `fmd_scanner.l` and `fmd_scanner.y`.
9 changes: 9 additions & 0 deletions Documentation/lib/index.md
View file
@@ -0,0 +1,9 @@
# Library-specific documentation

This section contains documentation about coreboot internal technical
information and libraries.

## Structure and layout
- [Flashmap and Flashmap Descriptor](flashmap.md)
- [ABI data consumption](abi-data-consumption.md)
- [Timestamps](timestamp.md)
32 changes: 4 additions & 28 deletions Documentation/timestamp.md → Documentation/lib/timestamp.md
View file
@@ -1,29 +1,5 @@
# Timestamps

## Table of Contents

Introduction
- Transition from cache to cbmem

Data structures used
- cache_state
- table
- entries

Function APIs
- timestamp_init
- timestamp_add
- timestamp_add_now
- timestamp_sync

Use / Test Cases
- Case 1: Timestamp Region Exists
- Case 2: No timestamp region, fresh boot, cbmem_initialize called after timestamp_init
- Case 3: No timestamp region, fresh boot, cbmem_initialize called before timestamp_init
- Case 4: No timestamp region, resume, cbmem_initialize called after timestamp_init
- Case 5: No timestamp region, resume, cbmem_initialize called before timestamp_init


## Introduction

The aim of the timestamp library is to make it easier for different boards
Expand Down Expand Up @@ -64,7 +40,7 @@ After such a transition, timestamp_init() must not be run again.

The main structure that maintains information about the timestamp cache is:

```
```c
struct __packed timestamp_cache {
uint16_t cache_state;
struct timestamp_table table;
Expand All @@ -77,7 +53,7 @@ struct __packed timestamp_cache {
The state of the cache is maintained by `cache_state` attribute which can
be any one of the following:

```
```c
enum {
TIMESTAMP_CACHE_UNINITIALIZED = 0,
TIMESTAMP_CACHE_INITIALIZED,
Expand Down Expand Up @@ -107,7 +83,7 @@ anymore. Thus, the cache state is set to `CACHE_NOT_NEEDED`, which allows
This field is represented by a structure which provides overall
information about the entries in the timestamp area:

```
```c
struct timestamp_table {
uint64_t base_time;
uint32_t max_entries;
Expand All @@ -127,7 +103,7 @@ This field holds the details of each timestamp entry, upto a maximum
of `MAX_TIMESTAMP_CACHE` which is defined as 16 entries. Each entry is
defined by:

```
```c
struct timestamp_entry {
uint32_t entry_id;
uint64_t entry_stamp;
Expand Down
42 changes: 8 additions & 34 deletions Documentation/mainboard/asrock/h110m-dvs.md
View file
Expand Up @@ -5,9 +5,9 @@ This page describes how to run coreboot on the [ASRock H110M-DVS].
## Required proprietary blobs

Mainboard is based on Intel Skylake/Kaby Lake processor and H110 Chipset.
Intel company provides [Firmware Support Package (2.0)](../../Documentation/soc/intel/fsp/index.md)
Intel company provides [Firmware Support Package (2.0)](../../soc/intel/fsp/index.md)
(intel FSP 2.0) to initialize this generation silicon. Please see this
[document](../../Documentation/soc/intel/code_development_model/code_development_model.md).
[document](../../soc/intel/code_development_model/code_development_model.md).

FSP Information:

Expand All @@ -21,27 +21,6 @@ FSP Information:
+-----------------------------+-------------------+-------------------+
```

Please take FSP from the directory `3rdparty/fsp/KabylakeFspBinPkg/` in
the coreboot or download the latest version from [github][FSP github].

You must use [Intel Binary Configuration Tool] BCT to set the following
parameters in FSP.fd to initialize the PEG x16 port:

```
Peg0Enable = Enable
Peg0MaxLinkSpeed = Gen3
Peg0MaxLinkWidth = Auto
```

BCT creates Fsp_M.fd, Fsp_S.fd and Fsp_T.fd. These files are integrated
into the coreboot image. If PEG port is not used, you can get these files
without BTC:

```bash
# split FSP.fd
python 3rdparty/fsp/Tools/SplitFspBin.py split -f 3rdparty/fsp/KabylakeFspBinPkg/Fsp.fd
```

## Building coreboot

The following steps set the default parameters for this board to build a
Expand All @@ -53,8 +32,7 @@ touch .config
./util/scripts/config --enable VENDOR_ASROCK
./util/scripts/config --enable BOARD_ASROCK_H110M_DVS
./util/scripts/config --enable CONFIG_ADD_FSP_BINARIES
./util/scripts/config --set-str CONFIG_FSP_M_FILE "/path/to/Fsp_M.fd"
./util/scripts/config --set-str CONFIG_FSP_S_FILE "/path/to/Fsp_S.fd"
./util/scripts/config --enable CONFIG_FSP_USE_REPO
./util/scripts/config --set-str REALTEK_8168_MACADDRESS "xx:xx:xx:xx:xx:xx"
make olddefconfig
```
Expand Down Expand Up @@ -82,7 +60,7 @@ The main SPI flash can be accessed using [flashrom]. By default, only
the BIOS region of the flash is writable. If you wish to change any
other region, such as the Management Engine or firmware descriptor, then
an external programmer is required (unless you find a clever way around
the flash protection). More information about this [here](../../Documentation/flash_tutorial/index.md).
the flash protection). More information about this [here](../../flash_tutorial/index.md).

### External programming

Expand All @@ -97,10 +75,9 @@ facing towards the bottom of the board.

## Known issues

- The VGA port doesn't work.

- PEG x16 port training correctly runs only at link speed of 2.5GT/s(gen1).
It takes more time to research the schematic of this board.
- The VGA port doesn't work. Discrete graphic card is used as primary
device for display output (if CONFIG_ONBOARD_VGA_IS_PRIMARY is not
set). Dynamic switching between iGPU and PEG is not yet supported.

- SuperIO GPIO pin is used to reset Realtek chip. However, since the
Logical Device 7 (GPIO6, GPIO7, GPIO8) is not initialized, the network
Expand All @@ -121,7 +98,7 @@ facing towards the bottom of the board.

- integrated graphics init with libgfxinit (see [Known issues](#known-issues))
- PCIe x1
- PEG x16 Gen1 (see [Known issues](#known-issues))
- PEG x16 Gen3
- SATA
- USB
- serial port
Expand All @@ -131,7 +108,6 @@ facing towards the bottom of the board.

## TODO

- PEG x16 Gen3
- NCT6791D GPIOs
- onboard network (see [Known issues](#known-issues))
- S3 suspend/resume
Expand All @@ -155,8 +131,6 @@ facing towards the bottom of the board.
```

[ASRock H110M-DVS]: https://www.asrock.com/mb/Intel/H110M-DVS%20R2.0/
[FSP github]: https://github.com/IntelFsp/FSP
[Intel Binary Configuration Tool]: https://github.com/IntelFsp/BCT
[MX25L6473E]: http://www.macronix.com/Lists/Datasheet/Attachments/7380/MX25L6473E,%203V,%2064Mb,%20v1.4.pdf
[flashrom]: https://flashrom.org/Flashrom
[H110M-DVS manual]: http://asrock.pc.cdn.bitgravity.com/Manual/H110M-DVS%20R2.0.pdf
5 changes: 5 additions & 0 deletions Documentation/mainboard/index.md
View file
Expand Up @@ -51,6 +51,7 @@ The boards in this section are not real mainboards, but emulators.

## Lenovo

- [Mainboard codenames](lenovo/codenames.md)
- [Hardware Maintenance Manual of ThinkPads](lenovo/thinkpad_hmm.md)
- [T4xx common](lenovo/t4xx_series.md)
- [X2xx common](lenovo/x2xx_series.md)
Expand All @@ -69,6 +70,10 @@ The boards in this section are not real mainboards, but emulators.
- [T430 / T530 / X230 / W530 common](lenovo/xx30_series.md)
- [T431s](lenovo/t431s.md)

## MSI

- [MS-7707](msi/ms7707/ms7707.md)

## SiFive

- [SiFive HiFive Unleashed](sifive/hifive-unleashed.md)
Expand Down
0 Documentation/thinkpad/codenames.csv → Documentation/mainboard/lenovo/codenames.csv
View file
File renamed without changes.
7 changes: 7 additions & 0 deletions Documentation/mainboard/lenovo/codenames.md
View file
@@ -0,0 +1,7 @@
# Lenovo mainboard codenames

```eval_rst
.. csv-table::
:header: "Marketing name", "Development codename"
:file: codenames.csv
```
Binary file added Documentation/mainboard/msi/ms7707/J1-flash-protect.jpg
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Documentation/mainboard/msi/ms7707/JSPI1-Winbond-W25Q32BVSIG.jpg
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Documentation/mainboard/msi/ms7707/JSPI1-connected.jpg
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Documentation/mainboard/msi/ms7707/JSPI1.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
34 changes: 34 additions & 0 deletions Documentation/mainboard/msi/ms7707/flashlayout.svg
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
112 changes: 112 additions & 0 deletions Documentation/mainboard/msi/ms7707/ms7707.md
View file
@@ -0,0 +1,112 @@
# MSI MS-7707 V1.1

* MSI MS-7707 V1.1 (Medion OEM Akoya P4385D MSN10014555)
* SandyBridge Intel P67 (BD82x6x)
* Winbond 25Q32BV (4MB)
* Fintek F71808A SuperIO
* Intel 82579V Gigabit
* NEC uPD720200 USB 3.0 Host Controller
* IME 7.0.4.1197

## Flash chip (Winbond 25Q32BV)
```eval_rst
+---------------------+--------------------+
| Type | Value |
+=====================+====================+
| Size | 4 MiB |
+---------------------+--------------------+
| BIOS range | 2 MiB |
+---------------------+--------------------+
| Write protection | Yes (via jumper) |
+---------------------+--------------------+
| Header | Yes (JSPI1) |
+---------------------+--------------------+
| Package | SOIC-8 |
+---------------------+--------------------+
| In circuit flashing | Yes |
+---------------------+--------------------+
| Internal flashing | Yes |
+---------------------+--------------------+
| Socketed flash | No |
+---------------------+--------------------+
| Dual BIOS feature | No |
+---------------------+--------------------+
| ME removable | Yes |
+---------------------+--------------------+
```

## Installation instructions
* The standard method is to only flash the 2MiB BIOS region. In that case it's
not needed to extract blobs from vendor firmware and internal flashing is
sufficient.
* To flash the whole chip (e.g. to disable ME) blobs are needed to build
coreboot. Blobs can be extracted with util/ifdtool from 4MiB full dump image
(see below). Its recommended to include the VGA BIOS as well (4MiB write only).
Kconfig is prepared already if it gets enabled (path and 8086,0102).
```
coreboot/3rdparty/blobs/mainboard/msi/ms7707
├── descriptor.bin
├── gbe.bin
├── me.bin
└── vgabios.bin
```
* Never write a full 4MiB image if blobs are not included. The generated
coreboot.rom file is always 4MiB but the 2MiB flash command below will only
flash the last 2MiB (BIOS) block.
* The J1-Jumper sets the 'Flash Descriptor Override Strap-Pin' and enables
full 4MiB access for internal flasher (read and write).
* **Write BIOS-range** (2MiB) with J1-Jumper=off (as on picture/default
position):
```
flashrom -p internal:ich_spi_force=yes --noverify-all --ifd -i bios -w coreboot.rom
```
* **Read full dump** (4MiB) with J1-jumper=on:
```
flashrom -p internal -r original.rom
```
* **Write full dump** (4MiB) with J1-Jumper=on:
```
flashrom -p internal -w coreboot.rom
```
* After successful flashing turn main power off, wait some seconds to drain
the capacitors, pull the battery and set the JBAT (clrcmos) jumper for some
seconds. Setting the jumper alone is not enough (the Fintek is VBAT backed).
Put all back in place and restart the board. It might need 1-2 AC power cycles
to reinitialize (running at full fan speed - don't panic).
* External flashing has been tested with RPi2 without main power connected.
3.3V provided by RPi2. Read more about flashing methods [here](https://doc.coreboot.org/flash_tutorial/index.html).
* In case of going back to proprietary BIOS create/save cmos settings as early
as possible (do not leave BIOS on first start without saving settings).
The BIOS might corrupt nvram (not cmos!) and leave the system in a dead state
that needs an external flasher to revive. If stuck, reset the Fintek (see
above) and restart the system several times and/or try setting J1 to
temporarily disable ME.

![](J1-flash-protect.jpg)

* The JSPI1 header (5Ă—2 2.0mm pitch pin header) for external flashing is
directly connected to the flash chip. Additional 3.3V to /HOLD and /WP is not
needed (internally re-routed already).

![](JSPI1-Winbond-W25Q32BVSIG.jpg)

![](JSPI1-connected.jpg)

![](JSPI1.png)

## Flash layout

* The 4MiB flashrom is divided into 4 sections:

![][flashlayout]

## Links

- [BIOS ROM]
- [Fintek F71808A datasheet]
- [Winbond 25Q32BV datasheet]

[BIOS ROM]: https://www.medion.com/de/servicebackend/_lightbox/treiber_details.php?did=9744
[Winbond 25Q32BV datasheet]: https://www.winbond.com/resource-files/w25q32bv_revi_100413_wo_automotive.pdf
[Fintek F71808A datasheet]: https://www.alldatasheet.com/datasheet-pdf/pdf/459069/FINTEK/F71808A.html
[flashlayout]: flashlayout.svg
8 changes: 3 additions & 5 deletions Documentation/mainboard/sifive/hifive-unleashed.md
View file
Expand Up @@ -12,15 +12,13 @@ For general setup instructions, please refer to the [Getting Started Guide].
The following things are still missing from this coreboot port:

- Support running romstage from flash (fix stack) to support boot mode 1
- CBMEM support
- FU540 clock configuration
- FU540 RAM init
- Placing the ramstage in DRAM
- Starting the U54 cores
- FU540 PIN configuration and GPIO access macros
- Provide serial number to payload (e.g. in device tree)
- Implement instruction emulation
- Support for booting Linux on RISC-V

- Add support to run OpenSBI payload in m-mode
- SMP support in trap handler

## Configuration

Expand Down
77 changes: 77 additions & 0 deletions Documentation/northbridge/intel/haswell/mrc.bin.md
View file
Expand Up @@ -27,6 +27,83 @@ Now, place `mrc.bin` in the root of the coreboot directory.
Alternatively, place `mrc.bin` anywhere you want, and set `MRC_FILE` to
its location when building coreboot.

## SPD Addresses

When porting a board from vendor firmware, the SPD addresses can be obtained
through `i2c-tools`, which can be found in many GNU/Linux distributions. A more
[detailed description](https://hannuhartikainen.fi/blog/hacking-ddr3-spd/) of
the procedure and beyond can be found in
[Hannu Hartikainen's blog](https://hannuhartikainen.fi).

First load the kernel modules:

```bash
modprobe i2c-dev
modprobe eeprom
```

Find the SMBus and the addresses of the DIMM's EEPROMs (example output):
```bash
$ decode-dimms | grep Decoding
Decoding EEPROM: /sys/bus/i2c/drivers/eeprom/7-0050
Decoding EEPROM: /sys/bus/i2c/drivers/eeprom/7-0052
```

Alternatively, look at the sys filesystem:
```bash
$ ls -l /sys/bus/i2c/drivers/eeprom/
total 0
lrwxrwxrwx 1 root root 0 Apr 4 01:46 6-0050 -> ../../../../devices/pci0000:00/0000:00:02.0/drm/card0/card0-eDP-1/i2c-6/6-0050/
lrwxrwxrwx 1 root root 0 Apr 4 01:46 7-0050 -> ../../../../devices/pci0000:00/0000:00:1f.3/i2c-7/7-0050/
lrwxrwxrwx 1 root root 0 Apr 4 01:46 7-0052 -> ../../../../devices/pci0000:00/0000:00:1f.3/i2c-7/7-0052/
--w------- 1 root root 4096 Apr 4 01:47 bind
lrwxrwxrwx 1 root root 0 Apr 4 01:47 module -> ../../../../module/eeprom/
--w------- 1 root root 4096 Apr 4 01:46 uevent
--w------- 1 root root 4096 Apr 4 01:47 unbind
```

The correct I2C bus is 7 in this case, and the EEPROMs are at `0x50` and `0x52`.
Note that the above values are actually hex values.

You can check the correctness of the SMBus and the addresses of the EEPROMs via
`i2cdetect`:

```bash
$ i2cdetect -l
i2c-3 unknown i915 gmbus dpc N/A
i2c-1 unknown i915 gmbus vga N/A
i2c-6 unknown DPDDC-A N/A
i2c-4 unknown i915 gmbus dpb N/A
i2c-2 unknown i915 gmbus panel N/A
i2c-0 unknown i915 gmbus ssc N/A
i2c-7 unknown SMBus I801 adapter at f040 N/A
i2c-5 unknown i915 gmbus dpd N/A
```

Probing the SMBus:

```bash
$ i2cdetect -r 7
WARNING! This program can confuse your I2C bus, cause data loss and worse!
I will probe file /dev/i2c-7 using receive byte commands.
I will probe address range 0x03-0x77.
Continue? [Y/n]
0 1 2 3 4 5 6 7 8 9 a b c d e f
00: -- -- -- -- -- -- -- -- -- -- -- -- --
10: -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
20: -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
30: 30 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
40: -- -- -- -- 44 -- -- -- -- -- -- -- -- -- -- --
50: UU -- UU -- -- -- -- -- -- -- -- -- -- -- -- --
60: -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
70: -- -- -- -- -- -- -- --
```

The SPD addresses need to be left-shifted by 1 for `mrc.bin`, i.e., multiplied
by 2. For example, if the addresses read through `i2c-tools` when booted from
vendor firmware are `0x50` and `0x52`, the correct values would be `0xa0` and
`0xa4`. This is because the I2C addresses are 7 bits long.

## ECC DRAM

When `mrc.bin` has finished executing, ECC is active on the channels
Expand Down
5 changes: 0 additions & 5 deletions Documentation/security.md
View file

This file was deleted.

1 change: 1 addition & 0 deletions Documentation/security/index.md
View file
Expand Up @@ -4,4 +4,5 @@ This section describes documentation about the security architecture of coreboot

## Vendor

- [Verified Boot](vboot/index.md)
- [Measured Boot](vboot/measured_boot.md)
324 changes: 324 additions & 0 deletions Documentation/security/vboot/index.md
View file
@@ -0,0 +1,324 @@
# vboot - Verified Boot Support

Google's verified boot support consists of:

* A root of trust
* Special firmware layout
* Firmware verification
* Firmware measurements
* A firmware update mechanism
* Specific build flags
* Signing the coreboot image

Google's vboot verifies the firmware and places measurements within the TPM.

***

## Root of Trust

When using vboot, the root-of-trust is basically the read-only portion of the
SPI flash. The following items factor into the trust equation:

* The GCC compiler must reliably translate the code into machine code
without inserting any additional code (virus, backdoor, etc.)
* The CPU must reliably execute the reset sequence and instructions as
documented by the CPU manufacturer.
* The SPI flash must provide only the code programmed into it to the CPU
without providing any alternative reset vector or code sequence.
* The SPI flash must honor the write-protect input and protect the specified
portion of the SPI flash from all erase and write accesses.

The firmware is typically protected using the write-protect pin on the SPI
flash part and setting some of the write-protect bits in the status register
during manufacturing. The protected area is platform specific and for x86
platforms is typically 1/4th of the SPI flash part size.
Because this portion of the SPI flash is hardware write protected, it is not
possible to update this portion of the SPI flash in the field, without altering
the system to eliminate the ground connection to the SPI flash write-protect pin.
Without hardware modifications, this portion of the SPI flash maintains the
manufactured state during the system's lifetime.

***

## Firmware Layout

Several sections are added to the firmware layout to support vboot:

* Read-only section
* Google Binary Blob (GBB) area
* Read/write section A
* Read/write section B

The following sections describe the various portions of the flash layout.

### Read-Only Section

The read-only section contains a coreboot file system (CBFS) that contains all
of the boot firmware necessary to perform recovery for the system. This firmware
is typically protected using the write-protect pin on the SPI flash part and
setting some of the write-protect bits in the status register during
manufacturing.
The protected area is typically 1/4th of the SPI flash part size and must cover
the entire read-only section which consists of:

* Vital Product Data (VPD) area
* Firmware ID area
* Google Binary Blob (GBB) area
* coreboot file system containing read-only recovery firmware

### Google Binary Blob (GBB) Area

The GBB area is part of the read-only section. This area contains a 4096 or 8192
bit public root RSA key that is used to verify the *VBLOCK* area to obtain the
firmware signing key.

### Recovery Firmware

The recovery firmware is contained within a coreboot file system and consists of:

* reset vector
* bootblock
* verstage
* romstage
* postcar
* ramstage
* payload
* flash map file
* config file
* processor specific files:
* Microcode
* fspm.bin
* fsps.bin

The recovery firmware is written during manufacturing and typically contains
code to write the storage device (eMMC device or hard disk). The recovery image
is usually contained on a socketed device such as a USB flash drive or an
SD card. Depending upon the payload firmware doing the recovery, it may be
possible for the user to interact with the system to specify the recovery
image path. Part of the recovery is also to write the A and B areas of the SPI
flash device to boot the system.

### Read/Write Section

The read/write sections contain an area which contains the firmware signing
key and signature and an area containing a coreboot file system with a subset
of the firmware. The firmware files in *FW_MAIN_A* and *FW_MAIN_B* are:

* romstage
* postcar
* ramstage
* payload
* config file
* processor specific files:
* Microcode
* fspm.bin
* fsps.bin

The firmware subset enables most issues to be fixed in the field with firmware
updates. The firmware files handle memory and most of silicon initialization.
These files also produce the tables which get passed to the operating system.

***

## Firmware Updates

The read/write sections exist in one of three states:

* Invalid
* Ready to boot
* Successfully booted


Firmware updates are handled by the operating system by writing any read/write
section that is not in the "successfully booted" state. Upon the next reboot,
vboot determines the section to boot. If it finds one in the "ready to boot"
state then it attempts to boot using that section. If the boot fails then
vboot marks the section as invalid and attempts to fall back to a read/write
section in the "successfully booted" state. If vboot is not able to find a
section in the "successfully booted" state then vboot enters recovery mode.

Only the operating system is able to transition a section from the
"ready to boot" state to the "successfully booted" state.
The transition is typically done after the operating system has been running
for a while indicating that successful boot was possible and the operating
system is stable.

Note that as long as the SPI write protection is in place then the system
is always recoverable. If the flash update fails then the system will continue
to boot using the previous read/write area. The same is true if coreboot passes
control to the payload or the operating system and then the boot fails. In the
worst case, the SPI flash gets totally corrupted in which case vboot fails the
signature checks and enters recovery mode. There are no times where the SPI
flash is exposed and the reset vector or part of the recovery firmware gets
corrupted.

***

## Build Flags

The following *Kconfig* values need to be selected to enable vboot:

* COLLECT_TIMESTAMPS
* VBOOT

The starting stage needs to be specified by selecting either
VBOOT_STARTS_IN_BOOTBLOCK or VBOOT_STARTS_IN_ROMSTAGE.

If vboot starts in bootblock then vboot may be built as a separate stage by
selecting `VBOOT_SEPARATE_VERSTAGE`. Additionally, if static RAM is too small
to fit both verstage and romstage then selecting `VBOOT_RETURN_FROM_VERSTAGE`
enables bootblock to reuse the RAM occupied by verstage for romstage.

Non-volatile flash is needed for vboot operation. This flash area may be in
CMOS, the EC, or in a read/write area of the SPI flash device.
Select one of the following:

* `VBOOT_VBNV_CMOS`
* `VBOOT_VBNV_EC`
* `VBOOT_VBNV_FLASH`

More non-volatile storage features may be found in `security/vboot/Kconfig`.

A TPM is also required for vboot operation.
TPMs are available in `drivers/i2c/tpm` and `drivers/pc80/tpm`.

In addition to adding the coreboot files into the read-only region,
enabling vboot causes the build script to add the read/write files into
coreboot file systems in *FW_MAIN_A* and *FW_MAIN_B*.

***

## Signing the coreboot Image

The following command script is an example of how to sign the coreboot image
file. This script is used on the Intel Galileo board and creates the *GBB* area
and inserts it into the coreboot image. It also updates the *VBLOCK* areas with
the firmware signing key and the signature for the *FW_MAIN* firmware.
More details are available in `3rdparty/vboot/README`.

```bash
#!/bin/sh
#
# The necessary tools were built and installed using the following commands:
#
# pushd 3rdparty/vboot
# make
# sudo make install
# popd
#
# The keys were made using the following command
#
# 3rdparty/vboot/scripts/keygeneration/create_new_keys.sh \
# --4k --4k-root --output $PWD/keys
#
#
# The "magic" numbers below are derived from the GBB section in
# src/mainboard/intel/galileo/vboot.fmd.
#
# GBB Header Size: 0x80
# GBB Offset: 0x611000, 4KiB block number: 1553 (0x611)
# GBB Length: 0x7f000, 4KiB blocks: 127 (0x7f)
# COREBOOT Offset: 0x690000, 4KiB block number: 1680 (0x690)
# COREBOOT Length: 0x170000, 4KiB blocks: 368 (0x170)
#
# 0x7f000 (GBB Length) = 0x80 + 0x100 + 0x1000 + 0x7ce80 + 0x1000
#
# Create the GBB area blob
# Parameters: hwid_size,rootkey_size,bmpfv_size,recoverykey_size
#
gbb_utility -c 0x100,0x1000,0x7ce80,0x1000 gbb.blob

#
# Copy from the start of the flash to the GBB region into the signed flash
# image.
#
# 1553 * 4096 = 0x611 * 0x1000 = 0x611000, size of area before GBB
#
dd conv=fdatasync ibs=4096 obs=4096 count=1553 \
if=build/coreboot.rom of=build/coreboot.signed.rom

#
# Append the empty GBB area to the coreboot.rom image.
#
# 1553 * 4096 = 0x611 * 0x1000 = 0x611000, offset to GBB
#
dd conv=fdatasync obs=4096 obs=4096 seek=1553 if=gbb.blob \
of=build/coreboot.signed.rom

#
# Append the rest of the read-only region into the signed flash image.
#
# 1680 * 4096 = 0x690 * 0x1000 = 0x690000, offset to COREBOOT area
# 368 * 4096 = 0x170 * 0x1000 = 0x170000, length of COREBOOT area
#
dd conv=fdatasync ibs=4096 obs=4096 skip=1680 seek=1680 count=368 \
if=build/coreboot.rom of=build/coreboot.signed.rom

#
# Insert the HWID and public root and recovery RSA keys into the GBB area.
#
gbb_utility \
--set --hwid='Galileo' \
-r $PWD/keys/recovery_key.vbpubk \
-k $PWD/keys/root_key.vbpubk \
build/coreboot.signed.rom

#
# Sign the read/write firmware areas with the private signing key and update
# the VBLOCK_A and VBLOCK_B regions.
#
3rdparty/vboot/scripts/image_signing/sign_firmware.sh \
build/coreboot.signed.rom \
$PWD/keys \
build/coreboot.signed.rom
```

***

## Boot Flow

The reset vector exist in the read-only area and points to the bootblock
entry point. The only copy of the bootblock exists in the read-only area
of the SPI flash. Verstage may be part of the bootblock or a separate stage.
If separate then the bootblock loads verstage from the read-only area and
transfers control to it.

Upon first boot, verstage attempts to verify the read/write section A.
It gets the public root key from the GBB area and uses that to verify the
*VBLOCK* area in read-write section A. If the *VBLOCK* area is valid then it
extracts the firmware signing key (1024-8192 bits) and uses that to verify
the *FW_MAIN_A* area of read/write section A. If the verification is successful
then verstage instructs coreboot to use the coreboot file system in read/write
section A for the contents of the remaining boot firmware (romstage, postcar,
ramstage and the payload).

If verification fails for the read/write area and the other read/write area is
not valid vboot falls back to the read-only area to boot into system recovery.

***

## Chromebook Special Features

Google's Chromebooks have some special features:

* Developer mode
* Write-protect screw

### Developer Mode

Developer mode allows the user to use coreboot to boot another operating system.
This may be a another (beta) version of Chrome OS, or another flavor of
GNU/Linux. Use of developer mode does not void the system warranty. Upon entry
into developer mode, all locally saved data on the system is lost.
This prevents someone from entering developer mode to subvert the system
security to access files on the local system or cloud.

### Write Protect Screw

Chromebooks have a write-protect screw which provides the ground to the
write-protect pin of the SPI flash.
Google specifically did this to allow the manufacturing line and advanced
developers to re-write the entire SPI flash part. Once the screw is removed,
any firmware may be placed on the device.
However, accessing this screw requires opening the case and voids the
system warranty!
Binary file added Documentation/soc/intel/fit.dia
View file
Binary file not shown.
60 changes: 60 additions & 0 deletions Documentation/soc/intel/fit.md
View file
@@ -0,0 +1,60 @@
# Intel Firmware Interface Table

The FIT allows to run code before the actual IA32 reset vector is executed
by the CPU. The FIT resides in the BIOS region (usually near the reset vector)
and is pointed to by the FIT pointer residing at `0xFFFFFFC0`.

## Table layout
The table consists of blocks each 16 bytes in size.
The first is called *FIT header* the other are called *FIT entry*.

![FIT in x86 memory map][fit]

[fit]: fit.svg

## Fit types

Each entry has a *type* that give the other bits in the entry a different
meaning. The following types are known:

```eval_rst
+-----------+------------------------------------------------------------------+
| no. | Description |
+===========+==================================================================+
| 0x0 | HEADER. |
+-----------+------------------------------------------------------------------+
| 0x1 | MICROCODE. |
+-----------+------------------------------------------------------------------+
| 0x2 | STARTUP_ACM. |
+-----------+------------------------------------------------------------------+
| 0x7 | BIOS_STARTUP_MODULE. |
+-----------+------------------------------------------------------------------+
| 0x8 | TPM_POLICY. |
+-----------+------------------------------------------------------------------+
| 0x9 | BIOS_POLICY. |
+-----------+------------------------------------------------------------------+
| 0xa | TXT_POLICY. |
+-----------+------------------------------------------------------------------+
| 0xb | KEY_MANIFEST. |
+-----------+------------------------------------------------------------------+
| 0xc | BOOT_POLICY_MANIFEST. |
+-----------+------------------------------------------------------------------+
| 0x10 | CSE_SECURE_BOOT. |
+-----------+------------------------------------------------------------------+
| 0x2d | TXTSX_POLICY. |
+-----------+------------------------------------------------------------------+
| 0x2f | JMP_DEBUG_POLICY. |
+-----------+------------------------------------------------------------------+
| 0x7f | SKIP. |
+-----------+------------------------------------------------------------------+
```

## Usage in coreboot

The most common usage of FIT is to use *Type1* to update microcode before
execution of the IA32 reset vector happens.

## References

* [Intel TXT LAB handout](https://downloadmirror.intel.com/18931/eng/Intel%20TXT%20LAB%20Handout.pdf)
* [FIT bios specification](https://www.intel.com/content/dam/www/public/us/en/documents/guides/fit-bios-specification.pdf)
132 changes: 132 additions & 0 deletions Documentation/soc/intel/fit.svg
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
1 change: 1 addition & 0 deletions Documentation/soc/intel/index.md
View file
Expand Up @@ -8,3 +8,4 @@ This section contains documentation about coreboot on specific Intel SOCs.
- [FSP](fsp/index.md)
- [Ice Lake/9th Gen Core-i series](icelake/index.md)
- [MP Initialization](mp_init/mp_init.md)
- [Firmware Interface Table](fit.md)
18 changes: 11 additions & 7 deletions Makefile.inc
View file
Expand Up @@ -196,15 +196,12 @@ ifeq ($(CONFIG_USE_BLOBS),y)
# this is necessary because 3rdparty/blobs is update=none, and so is ignored
# unless explicitly requested and enabled through --checkout
forgetthis:=$(if $(GIT),$(shell git submodule update --init --checkout 3rdparty/blobs))
ifeq ($(CONFIG_PLATFORM_USES_FSP2_0),y)
forgetthis:=$(if $(GIT),$(shell git submodule update --init --checkout 3rdparty/fsp))
endif
ifeq ($(CONFIG_PLATFORM_USES_FSP1_0),y)
ifeq ($(CONFIG_SOC_INTEL_FSP_BROADWELL_DE),y)
ifeq ($(CONFIG_PLATFORM_USES_FSP1_0)$(CONFIG_PLATFORM_USES_FSP1_1)$(CONFIG_PLATFORM_USES_FSP2_0),y)
# this is necessary because 3rdparty/fsp is update=none, and so is ignored
# unless explicitly requested and enabled through --checkout
forgetthis:=$(if $(GIT),$(shell git submodule update --init --checkout 3rdparty/fsp))
endif
endif
endif
UPDATED_SUBMODULES:=1
COREBOOT_EXPORTS += UPDATED_SUBMODULES
endif
Expand Down Expand Up @@ -267,7 +264,14 @@ $(obj)/$(1).aml: $(src)/mainboard/$(MAINBOARDDIR)/$(1).asl $(obj)/config.h
@printf " IASL $$(subst $(top)/,,$$(@))\n"
$(CC_ramstage) -x assembler-with-cpp -E -MMD -MT $$(@) $$(CPPFLAGS_ramstage) -D__ACPI__ -P -include $(src)/include/kconfig.h -I$(obj) -I$(src) -I$(src)/include -I$(src)/arch/$(ARCHDIR-$(ARCH-ramstage-y))/include -I$(src)/mainboard/$(MAINBOARDDIR) $$< -o $(obj)/$(1).asl
cd $$(dir $$@); $(IASL) $(IGNORED_IASL_WARNINGS) -we -p $$(notdir $$@) $(1).asl
if [ -z "$$$$($(IASL) -d $$@ 2>&1 | grep 'ACPI Warning')" ]; then echo " IASL $$@ disassembled correctly."; true; else echo "Error: Could not correctly disassemble $$@"; $(IASL) -d $$@; false; fi
if ! $(IASL) -d $$@ 2>&1 | grep -Eq 'ACPI (Warning|Error)'; then \
echo " IASL $$@ disassembled correctly."; \
true; \
else \
echo "Error: Could not correctly disassemble $$@"; \
$(IASL) -d $$@; \
false; \
fi
endef

#######################################################################
Expand Down
2 changes: 2 additions & 0 deletions configs/config.lenovo_t420_static_option_table_no_mem_fuses
View file
Expand Up @@ -4,4 +4,6 @@ CONFIG_VENDOR_LENOVO=y
CONFIG_BOARD_LENOVO_T420=y
CONFIG_NATIVE_RAMINIT_IGNORE_MAX_MEM_FUSES=y
CONFIG_NATIVE_RAMINIT_IGNORE_XMP_MAX_DIMMS=y
CONFIG_VBOOT=y
CONFIG_H8_FN_KEY_AS_VBOOT_RECOVERY_SW=y
# CONFIG_INTEL_CHIPSET_LOCKDOWN is not set
3 changes: 3 additions & 0 deletions configs/config.lenovo_x220_mrc_bin
View file
@@ -0,0 +1,3 @@
CONFIG_VENDOR_LENOVO=y
CONFIG_BOARD_LENOVO_X220=y
# CONFIG_USE_NATIVE_RAMINIT is not set
2 changes: 1 addition & 1 deletion configs/config.pcengines_apu1
View file
@@ -1,4 +1,4 @@
CONFIG_LOCALVERSION="v4.9.0.4"
CONFIG_LOCALVERSION="v4.9.0.5"
CONFIG_VENDOR_PCENGINES=y
CONFIG_PAYLOAD_CONFIGFILE="$(top)/src/mainboard/$(MAINBOARDDIR)/seabios_config"
CONFIG_NO_GFX_INIT=y
Expand Down
2 changes: 1 addition & 1 deletion configs/config.pcengines_apu2
View file
@@ -1,4 +1,4 @@
CONFIG_LOCALVERSION="v4.9.0.4"
CONFIG_LOCALVERSION="v4.9.0.5"
CONFIG_VENDOR_PCENGINES=y
CONFIG_PAYLOAD_CONFIGFILE="$(top)/src/mainboard/$(MAINBOARDDIR)/seabios_config"
CONFIG_BOARD_PCENGINES_APU2=y
Expand Down
2 changes: 1 addition & 1 deletion configs/config.pcengines_apu3
View file
@@ -1,4 +1,4 @@
CONFIG_LOCALVERSION="v4.9.0.4"
CONFIG_LOCALVERSION="v4.9.0.5"
CONFIG_VENDOR_PCENGINES=y
CONFIG_PAYLOAD_CONFIGFILE="$(top)/src/mainboard/$(MAINBOARDDIR)/seabios_config"
CONFIG_BOARD_PCENGINES_APU3=y
Expand Down
2 changes: 1 addition & 1 deletion configs/config.pcengines_apu4
View file
@@ -1,4 +1,4 @@
CONFIG_LOCALVERSION="v4.9.0.4"
CONFIG_LOCALVERSION="v4.9.0.5"
CONFIG_VENDOR_PCENGINES=y
CONFIG_PAYLOAD_CONFIGFILE="$(top)/src/mainboard/$(MAINBOARDDIR)/seabios_config"
CONFIG_BOARD_PCENGINES_APU4=y
Expand Down
2 changes: 1 addition & 1 deletion configs/config.pcengines_apu5
View file
@@ -1,4 +1,4 @@
CONFIG_LOCALVERSION="v4.9.0.4"
CONFIG_LOCALVERSION="v4.9.0.5"
CONFIG_VENDOR_PCENGINES=y
CONFIG_PAYLOAD_CONFIGFILE="$(top)/src/mainboard/$(MAINBOARDDIR)/seabios_config"
CONFIG_BOARD_PCENGINES_APU5=y
Expand Down
89 changes: 70 additions & 19 deletions payloads/external/LinuxBoot/Kconfig
View file
Expand Up @@ -41,18 +41,16 @@ config LINUXBOOT_ARM64

endchoice

config LINUXBOOT_ARCH
string
default "amd64" if LINUXBOOT_X86_64
default "i386" if LINUXBOOT_X86
default "arm64" if LINUXBOOT_ARM64

comment "Linux kernel"

config LINUXBOOT_COMPILE_KERNEL
bool "Compile kernel"
default n

if LINUXBOOT_COMPILE_KERNEL
comment "parse linux crosscompiler with: LINUXBOOT_CROSS_COMPILE"
endif

config LINUXBOOT_KERNEL_PATH
string "Path to kernel"
default "Image"
Expand All @@ -61,32 +59,85 @@ config LINUXBOOT_KERNEL_PATH
if LINUXBOOT_COMPILE_KERNEL

choice
prompt "Kernel version"
prompt "Kernel release"
default LINUXBOOT_KERNEL_STABLE
help
Choose the kernel release.

Select 'custom' if your want to define the kernel version.
For more information about the current 'mainline', 'stable' or 'longterm'
version, visit: https://www.kernel.org/

config LINUXBOOT_KERNEL_MAINLINE
bool "mainline"
help
Mainline kernel version

config LINUXBOOT_KERNEL_STABLE
bool "4.14.67"
bool "stable"
help
Stable kernel version

config LINUXBOOT_KERNEL_LATEST
bool "4.18.5"
config LINUXBOOT_KERNEL_LONGTERM
bool "longterm"
help
Latest kernel version
Longterm (LTS) kernel version

config LINUXBOOT_KERNEL_CUSTOM
bool "custom"
help
Custom kernel version

endchoice

config LINUXBOOT_KERNEL_VERSION
string
default "4.18.5" if LINUXBOOT_KERNEL_LATEST
default "4.14.67" if LINUXBOOT_KERNEL_STABLE
config LINUXBOOT_KERNEL_CUSTOM_VERSION
string "kernel version"
default ""
depends on LINUXBOOT_KERNEL_CUSTOM
help
Choose the Linux kernel version number. (x.x.x)
Release candidate kernels (rc) are currently are not supported.

choice
prompt "Kernel configuration"
default LINUXBOOT_KERNEL_ARCH_DEFAULT_CONFIG

config LINUXBOOT_KERNEL_ARCH_DEFAULT_CONFIG
bool "Default architecture configuration"
help
This option will use the default configuration for the
selected architecture.

config LINUXBOOT_KERNEL_CUSTOM_CONFIG
bool "Custom (def)config file"
help

endchoice

config LINUXBOOT_KERNEL_CONFIGFILE
string "Kernel config file"
default ""
string "Config file path"
default "defconfig"
depends on LINUXBOOT_KERNEL_CUSTOM_CONFIG
help
Add your own kernel configuration file. Otherwise a default
minimal defconfig is used.
Path to the kernel configuration file.

Note: this can be a defconfig file or a complete .config file.

choice
prompt "Kernel binary format"
default LINUXBOOT_KERNEL_BZIMAGE if LINUXBOOT_X86 || LINUXBOOT_X86_64
default LINUXBOOT_KERNEL_UIMAGE if LINUXBOOT_ARM64

config LINUXBOOT_KERNEL_BZIMAGE
bool "bzImage"
depends on LINUXBOOT_X86 || LINUXBOOT_X86_64

config LINUXBOOT_KERNEL_UIMAGE
bool "uImage"
depends on LINUXBOOT_ARM64

endchoice


config LINUXBOOT_DTB_FILE
string "Compiled devicetree file"
Expand Down
4 changes: 4 additions & 0 deletions payloads/external/LinuxBoot/Makefile
View file
Expand Up @@ -45,6 +45,10 @@ endif
ifeq ($(CONFIG_LINUXBOOT_COMPILE_KERNEL),y)
ifeq ($(CONFIG_LINUXBOOT_ARCH),arm64)
kernel: initramfs
if [[ ! -f "$(top)/$(CONFIG_LINUXBOOT_DTB_FILE)" ]]; then \
echo "<< Linux kernel devicetree is missing. >>"; \
exit 1; \
fi
$(MAKE) -f targets/linux.mk
else
kernel:
Expand Down
2 changes: 1 addition & 1 deletion payloads/external/LinuxBoot/arm64/kernel_fdt_lzma.its
View file
Expand Up @@ -46,7 +46,7 @@
};
ramdisk-1 {
description = "Compressed Initramfs";
data = /incbin/("u-initramfs");
data = /incbin/("initramfs");
type = "ramdisk";
arch = "arm64";
os = "linux";
Expand Down
147 changes: 92 additions & 55 deletions payloads/external/LinuxBoot/targets/linux.mk
View file
Expand Up @@ -13,83 +13,120 @@
## GNU General Public License for more details.
##

kernel_tarball=https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-$(CONFIG_LINUXBOOT_KERNEL_VERSION).tar.xz
ARCH-$(CONFIG_LINUXBOOT_X86_64)=x86_64
ARCH-$(CONFIG_LINUXBOOT_X86)=x86
ARCH-$(CONFIG_LINUXBOOT_ARM64)=arm64

TAG-$(CONFIG_LINUXBOOT_KERNEL_MAINLINE)=mainline
TAG-$(CONFIG_LINUXBOOT_KERNEL_STABLE)=stable
TAG-$(CONFIG_LINUXBOOT_KERNEL_LONGTERM)=longterm

pwd:=$(shell pwd)
top:=../../..
project_dir=linuxboot
kernel_dir=$(project_dir)/kernel

XGCCPATH?=$(PWD)/util/crossgcc/xgcc/bin
ifeq ($(CONFIG_LINUXBOOT_ARCH),i386)
LINUXBOOT_COMPILE?=$(XGCCPATH)/i386-linux-
ARCH?=x86
else ifeq ($(CONFIG_LINUXBOOT_ARCH),amd64)
LINUXBOOT_COMPILE?=$(XGCCPATH)/x86_64-linux-
ARCH?=x86_64
else ifeq ($(CONFIG_LINUXBOOT_ARCH),arm64)
LINUXBOOT_COMPILE?=$(XGCCPATH)/aarch64-linux-
ARCH?=arm64
tarball_dir:=$(project_dir)/tarball
decompress_flag=.done

OBJCOPY:=$(LINUXBOOT_CROSS_COMPILE)objcopy

ifeq ($(CONFIG_LINUXBOOT_KERNEL_CUSTOM),y)
kernel_version:=$(CONFIG_LINUXBOOT_KERNEL_CUSTOM_VERSION)
else
kernel_version:=$(shell curl -s -k https://www.kernel.org/feeds/kdist.xml | \
sed -n -e 's@.*<guid isPermaLink="false">\(.*\)</guid>.*@\1@p' | \
awk -F ',' '/$(TAG-y)/{ print $$3 }' | \
head -n 1)
endif

OBJCOPY:=$(LINUXBOOT_COMPILE)objcopy
kernel_dir=$(project_dir)/kernel-$(subst .,_,$(kernel_version))
kernel_tarball=linux-$(kernel_version).tar
kernel_mirror=https://mirrors.edge.kernel.org/pub/linux/kernel

ifeq ($(findstring x2.6.,x$(kernel_version)),x2.6.)
kernel_mirror_path := $(kernel_mirror)/v2.6
else ifeq ($(findstring x3.,x$(kernel_version)),x3.)
kernel_mirror_path := $(kernel_mirror)/v3.x
else ifeq ($(findstring x4.,x$(kernel_version)),x4.)
kernel_mirror_path := $(kernel_mirror)/v4.x
else ifeq ($(findstring x5.,x$(kernel_version)),x5.)
kernel_mirror_path := $(kernel_mirror)/v5.x
endif

all: kernel

toolchain:
if [[ ! -x "$(LINUXBOOT_COMPILE)gcc" ]]; then \
echo "Toolchain '$(LINUXBOOT_COMPILE)*' is missing."; \
exit 1; \
fi
lookup:
ifeq ($(kernel_version),)
$(error kernel version lookup failed for $(TAG-y) release)
endif
@echo " WWW Kernel [$(TAG-y)] $(kernel_version)"

$(kernel_dir)/.config:
echo " WWW Download Linux $(CONFIG_LINUXBOOT_KERNEL_VERSION)"
mkdir -p $(kernel_dir)
ifeq ("$(wildcard $(kernel_dir)/README)","")
curl -s $(kernel_tarball) | tar xJ -C $(kernel_dir) --strip 1
fetch:
ifneq ($(shell [[ -d "$(kernel_dir)" && -f "$(kernel_dir)/$(decompress_flag)" ]];echo $$?),0)
mkdir -p $(tarball_dir)
if [[ ! -f $(tarball_dir)/$(kernel_tarball).xz && ! -f $(tarball_dir)/$(kernel_tarball).xz ]]; then \
echo " WWW $(kernel_tarball).xz"; \
cd $(tarball_dir); \
curl -OLs "$(kernel_mirror_path)/$(kernel_tarball).xz"; \
cd $(pwd); \
fi
endif

config: $(kernel_dir)/.config
echo " CONFIG Linux $(CONFIG_LINUXBOOT_KERNEL_VERSION)"
ifneq ($(CONFIG_LINUXBOOT_KERNEL_CONFIGFILE),)
unpack: fetch
if [[ -d "$(kernel_dir)" && ! -f "$(kernel_dir)/$(decompress_flag)" ]]; then \
rm -rf $(kernel_dir); \
fi
if [[ ! -d "$(kernel_dir)" ]]; then \
mkdir $(kernel_dir); \
echo " XZ $(kernel_tarball).xz"; \
tar xJf $(tarball_dir)/$(kernel_tarball).xz --strip 1 -C $(kernel_dir); \
fi
touch $(kernel_dir)/$(decompress_flag)

$(kernel_dir)/.config: unpack
@echo " CONFIG Linux $(kernel_version)"
ifeq ($(CONFIG_LINUXBOOT_KERNEL_CUSTOM_CONFIG),y)
cp $(CONFIG_LINUXBOOT_KERNEL_CONFIGFILE) $(kernel_dir)/.config
else ifeq ($(CONFIG_LINUXBOOT_ARCH),i386)
cp x86/defconfig $(kernel_dir)/.config
else ifeq ($(CONFIG_LINUXBOOT_ARCH),amd64)
cp x86_64/defconfig $(kernel_dir)/.config
else ifeq ($(CONFIG_LINUXBOOT_ARCH),arm64)
cp arm64/defconfig $(kernel_dir)/.config
else
cp $(ARCH-y)/defconfig $(kernel_dir)/.config
endif
$(MAKE) -C $(kernel_dir) olddefconfig ARCH=$(ARCH-y)

ifneq (,$(filter $(CONFIG_LINUXBOOT_ARCH),i386 amd64))
$(kernel_dir)/arch/x86/boot/bzImage: config toolchain
else ifeq ($(CONFIG_LINUXBOOT_ARCH),arm64)
$(kernel_dir)/vmlinux: config toolchain
build: $(kernel_dir)/.config
@echo " MAKE Linux $(kernel_version)"
ifeq ($(CONFIG_LINUXBOOT_KERNEL_BZIMAGE),y)
$(MAKE) -C $(kernel_dir) CROSS_COMPILE=$(LINUXBOOT_CROSS_COMPILE) ARCH=$(ARCH-y) bzImage
else
ifeq ($(CONFIG_LINUXBOOT_KERNEL_UIMAGE),y)
$(MAKE) -C $(kernel_dir) CROSS_COMPILE=$(LINUXBOOT_CROSS_COMPILE) ARCH=$(ARCH-y) vmlinux
endif
endif
echo " MAKE Kernel $(CONFIG_LINUXBOOT_KERNEL_VERSION)"
$(MAKE) -C $(kernel_dir) olddefconfig CROSS_COMPILE=$(LINUXBOOT_COMPILE) ARCH=$(ARCH)
$(MAKE) -C $(kernel_dir) -j $(CPUS) CROSS_COMPILE=$(LINUXBOOT_COMPILE) ARCH=$(ARCH)

ifneq (,$(filter $(CONFIG_LINUXBOOT_ARCH),i386 amd64))
$(project_dir)/bzImage: $(kernel_dir)/arch/x86/boot/bzImage
ifeq ($(CONFIG_LINUXBOOT_KERNEL_BZIMAGE),y)
$(top)/$(CONFIG_LINUXBOOT_KERNEL): build
@echo " CP bzImage"
cp $(kernel_dir)/arch/x86/boot/bzImage $@
else
ifeq ($(CONFIG_LINUXBOOT_KERNEL_UIMAGE),y)
$(project_dir)/target.dtb: $(top)/$(CONFIG_LINUXBOOT_DTB_FILE)
cp $< $@
else ifeq ($(CONFIG_LINUXBOOT_ARCH),arm64)
$(project_dir)/vmlinux.bin: $(kernel_dir)/vmlinux
$(OBJCOPY) -O binary $< $@

$(project_dir)/target.dtb: $(PWD)/$(CONFIG_LINUXBOOT_DTB_FILE)
cp $< $@

$(project_dir)/vmlinux.bin.lzma: $(project_dir)/vmlinux.bin
xz -c -k -f --format=lzma --lzma1=dict=1MiB,lc=3,lp=0,pb=3 $< > $@

$(project_dir)/uImage: $(project_dir)/vmlinux.bin.lzma $(project_dir)/../arm64/kernel_fdt_lzma.its $(project_dir)/target.dtb
$(top)/$(CONFIG_LINUXBOOT_KERNEL): build $(project_dir)/vmlinux.bin.lzma $(project_dir)/target.dtb
cp $(project_dir)/../arm64/kernel_fdt_lzma.its $(project_dir)
cp $(PWD)/$(CONFIG_LINUXBOOT_INITRAMFS)$(CONFIG_LINUXBOOT_INITRAMFS_SUFFIX) $(project_dir)/u-initramfs
cp $(top)/$(CONFIG_LINUXBOOT_INITRAMFS)$(CONFIG_LINUXBOOT_INITRAMFS_SUFFIX) $(project_dir)/initramfs
mkimage -f $(project_dir)/kernel_fdt_lzma.its $@
else
$(error Kernel image format not found)
exit 1
endif
endif

ifneq (,$(filter $(CONFIG_LINUXBOOT_ARCH),i386 amd64))
kernel: $(project_dir)/bzImage
else ifeq ($(CONFIG_LINUXBOOT_ARCH),arm64)
kernel: $(project_dir)/uImage
ifneq ($(TAG-y),)
kernel: lookup $(top)/$(CONFIG_LINUXBOOT_KERNEL)
else
kernel: $(top)/$(CONFIG_LINUXBOOT_KERNEL)
endif

.PHONY: kernel config toolchain
.PHONY: all kernel build unpack fetch check
6 changes: 5 additions & 1 deletion payloads/external/LinuxBoot/targets/u-root.mk
View file
Expand Up @@ -18,6 +18,10 @@ go_path_dir=$(project_dir)/go
uroot_bin=$(project_dir)/u-root
uroot_package=github.com/u-root/u-root

ARCH-$(CONFIG_LIBUXBOOT_X86_64)=amd64
ARCH-$(CONFIG_LINUXBOOT_X86)=i386
ARCH-$(CONFIG_LINUXBOOT_ARM64)=arm64

go_version=$(shell go version | sed -nr 's/.*go([0-9]+\.[0-9]+.?[0-9]?).*/\1/p' )
go_version_major=$(shell echo $(go_version) | sed -nr 's/^([0-9]+)\.([0-9]+)\.?([0-9]*)$$/\1/p')
go_version_minor=$(shell echo $(go_version) | sed -nr 's/^([0-9]+)\.([0-9]+)\.?([0-9]*)$$/\2/p')
Expand Down Expand Up @@ -64,7 +68,7 @@ build: checkout
GOPATH=$(go_path_dir) go build -o $(uroot_bin) $(uroot_package)

u-root: build
GOARCH=$(CONFIG_LINUXBOOT_ARCH) GOPATH=$(go_path_dir) $(uroot_bin) \
GOARCH=$(ARCH-y) GOPATH=$(go_path_dir) $(uroot_bin) \
$(uroot_args) -o $(project_dir)/initramfs_u-root.cpio $(uroot_cmds)

.PHONY: all u-root build checkout get version
13 changes: 11 additions & 2 deletions payloads/external/Makefile.inc
View file
Expand Up @@ -322,13 +322,22 @@ payloads/external/iPXE/ipxe/ipxe.rom ipxe: $(DOTCONFIG)
linuxboot:
$(MAKE) -C payloads/external/LinuxBoot \
CPUS=$(CPUS) \
CONFIG_LINUXBOOT_ARCH=$(CONFIG_LINUXBOOT_ARCH) \
CONFIG_LINUXBOOT_X86_64=$(CONFIG_LINUXBOOT_X86_64) \
CONFIG_LINUXBOOT_X86=$(CONFIG_LINUXBOOT_X86) \
CONFIG_LINUXBOOT_ARM64=$(CONFIG_LINUXBOOT_ARM64) \
CONFIG_LINUXBOOT_KERNEL=$(CONFIG_PAYLOAD_FILE) \
CONFIG_LINUXBOOT_INITRAMFS=$(CONFIG_LINUX_INITRD) \
CONFIG_LINUXBOOT_INITRAMFS_SUFFIX=$(CONFIG_LINUXBOOT_INITRAMFS_SUFFIX) \
CONFIG_LINUXBOOT_COMPILE_KERNEL=$(CONFIG_LINUXBOOT_COMPILE_KERNEL) \
CONFIG_LINUXBOOT_BUILD_INITRAMFS=$(CONFIG_LINUXBOOT_BUILD_INITRAMFS) \
CONFIG_LINUXBOOT_KERNEL_VERSION=$(CONFIG_LINUXBOOT_KERNEL_VERSION) \
CONFIG_LINUXBOOT_KERNEL_MAINLINE=$(CONFIG_LINUXBOOT_KERNEL_MAINLINE) \
CONFIG_LINUXBOOT_KERNEL_STABLE=$(CONFIG_LINUXBOOT_KERNEL_STABLE) \
CONFIG_LINUXBOOT_KERNEL_LONGTERM=$(CONFIG_LINUXBOOT_KERNEL_LONGTERM) \
CONFIG_LINUXBOOT_KERNEL_CUSTOM=$(CONFIG_LINUXBOOT_KERNEL_CUSTOM) \
CONFIG_LINUXBOOT_KERNEL_CUSTOM_VERSION=$(CONFIG_LINUXBOOT_KERNEL_CUSTOM_VERSION) \
CONFIG_LINUXBOOT_KERNEL_CUSTOM_CONFIG=$(CONFIG_LINUXBOOT_KERNEL_CUSTOM_CONFIG) \
CONFIG_LINUXBOOT_KERNEL_BZIMAGE=$(CONFIG_LINUXBOOT_KERNEL_BZIMAGE) \
CONFIG_LINUXBOOT_KERNEL_UIMAGE=$(CONFIG_LINUXBOOT_KERNEL_UIMAGE) \
CONFIG_LINUXBOOT_KERNEL_CONFIGFILE=$(CONFIG_LINUXBOOT_KERNEL_CONFIGFILE) \
CONFIG_LINUXBOOT_INITRAMFS_COMPRESSION_XZ=$(CONFIG_LINUXBOOT_INITRAMFS_COMPRESSION_XZ) \
CONFIG_LINUXBOOT_UROOT=$(CONFIG_LINUXBOOT_UROOT) \
Expand Down
2 changes: 1 addition & 1 deletion payloads/external/SeaBIOS/Makefile
View file
@@ -1,5 +1,5 @@
TAG-$(CONFIG_SEABIOS_MASTER)=origin/master
TAG-$(CONFIG_SEABIOS_STABLE)=a698c8995ffb2838296ec284fe3c4ad33dfca307
TAG-$(CONFIG_SEABIOS_STABLE)=a5cab58e9a3fb6e168aba919c5669bea406573b4
TAG-$(CONFIG_SEABIOS_REVISION)=$(CONFIG_SEABIOS_REVISION_ID)

project_git_repo=https://github.com/pcengines/seabios.git
Expand Down
2 changes: 1 addition & 1 deletion payloads/external/U-Boot/Kconfig
View file
Expand Up @@ -9,7 +9,7 @@ choice
default UBOOT_STABLE

config UBOOT_STABLE
bool "v2016.1"
bool "v2019.4"
help
Stable U-Boot version

Expand Down
13 changes: 7 additions & 6 deletions payloads/external/U-Boot/Makefile
View file
Expand Up @@ -13,8 +13,8 @@
## GNU General Public License for more details.
##

# 2016-1 tag
STABLE_COMMIT_ID=fa85e826c16b9ce1ad302a57e9c4b24db0d8b930
# 2019-4 tag
STABLE_COMMIT_ID=3c99166441bf3ea325af2da83cfe65430b49c066

TAG-$(CONFIG_UBOOT_MASTER)=origin/master
TAG-$(CONFIG_UBOOT_STABLE)=$(STABLE_COMMIT_ID)
Expand All @@ -30,6 +30,7 @@ unexport KCONFIG_DEPENDENCIES
unexport KCONFIG_SPLITCONFIG
unexport KCONFIG_TRISTATE
unexport KCONFIG_NEGATIVES
unexport $(COREBOOT_EXPORTS)

all: build

Expand All @@ -50,11 +51,11 @@ else
touch $(project_dir)/$(STABLE_COMMIT_ID)
endif

$(project_dir)/tag-$(TAG-y): fetch
checkout: fetch
echo " Checking out $(project_name) revision $(TAG-y)"
cd $(project_dir); git checkout master; git branch -D coreboot 2>/dev/null; git checkout -b coreboot $(TAG-y)

config: $(project_dir)/$(TAG-y)
config: checkout
rm -f $(project_config_file)
ifneq ($(CONFIG_PAYLOAD_CONFIGFILE),)
ifneq ("$(wildcard $(CONFIG_PAYLOAD_CONFIGFILE))","")
Expand All @@ -64,7 +65,7 @@ else
false
endif
else
cat $(project_dir)/configs/coreboot-x86_defconfig >> $(project_config_file)
cat $(project_dir)/configs/coreboot_defconfig >> $(project_config_file)
endif

$(MAKE) -C $(project_dir) olddefconfig
Expand All @@ -82,4 +83,4 @@ distclean:
print-repo-info:
echo "$(project_git_repo) $(project_dir)"

.PHONY: config build clean distclean fetch print-repo-info
.PHONY: checkout config build clean distclean fetch print-repo-info
4 changes: 2 additions & 2 deletions payloads/external/iPXE/Kconfig
View file
Expand Up @@ -42,12 +42,12 @@ choice
depends on BUILD_IPXE

config IPXE_STABLE
bool "2017.3"
bool "2019.3"
help
iPXE uses a rolling release with no stable version, for
reproducibility, use the last commit of a given month as the
'stable' version.
This is iPXE from the end of March, 2017.
This is iPXE from the end of March, 2019.

config IPXE_MASTER
bool "master"
Expand Down
4 changes: 2 additions & 2 deletions payloads/external/iPXE/Makefile
View file
Expand Up @@ -13,9 +13,9 @@
## GNU General Public License for more details.
##

# 2017.3 - Last commit of March 2017
# 2019.3 - Last commit of March 2019
# When updating, change the name both here and in payloads/external/iPXE/Kconfig
STABLE_COMMIT_ID=fd6d1f4660a37d75acba1c64e2e5f137307bbc31
STABLE_COMMIT_ID=ebf2eaf515e46abd43bc798e7e4ba77bfe529218

TAG-$(CONFIG_IPXE_MASTER)=origin/master
TAG-$(CONFIG_IPXE_STABLE)=$(STABLE_COMMIT_ID)
Expand Down
2 changes: 1 addition & 1 deletion payloads/external/tianocore/Makefile
View file
Expand Up @@ -100,7 +100,7 @@ build: update checktools
fi; \
build $(BUILD_STR); \
mv $(project_dir)/Build/CorebootPayloadPkg*/*/FV/UEFIPAYLOAD.fd $(project_dir)/Build/UEFIPAYLOAD.fd; \
git checkout CorebootPayloadPkg/Logo/Logo.bmp > /dev/null 2>&1
git checkout CorebootPayloadPkg/Logo/Logo.bmp > /dev/null 2>&1 || true

clean:
test -d $(project_dir) && (cd $(project_dir); rm -rf Build; rm -f Conf/tools_def.txt) || exit 0
Expand Down
1 change: 0 additions & 1 deletion payloads/libpayload/Kconfig
View file
Expand Up @@ -415,7 +415,6 @@ menu "Debugging"

config DEBUG_MALLOC
bool "Debug memory allocator"
depends on USB
default n
help
Select this option if you want to debug the memory allocator. This
Expand Down
2 changes: 1 addition & 1 deletion payloads/libpayload/arch/arm/main.c
View file
Expand Up @@ -30,7 +30,7 @@
#include <exception.h>
#include <libpayload.h>

unsigned int main_argc; /**< The argc value to pass to main() */
int main_argc; /**< The argc value to pass to main() */

/** The argv value to pass to main() */
char *main_argv[MAX_ARGC_COUNT];
Expand Down
2 changes: 1 addition & 1 deletion payloads/libpayload/arch/arm64/main.c
View file
Expand Up @@ -31,7 +31,7 @@
#include <libpayload.h>
#include <arch/mmu.h>

unsigned int main_argc; /**< The argc value to pass to main() */
int main_argc; /**< The argc value to pass to main() */

/** The argv value to pass to main() */
char *main_argv[MAX_ARGC_COUNT];
Expand Down
2 changes: 1 addition & 1 deletion payloads/libpayload/arch/mips/main.c
View file
Expand Up @@ -17,7 +17,7 @@
#include <libpayload.h>

/* The argc value to pass to main() */
unsigned int main_argc;
int main_argc;
/* The argv value to pass to main() */
char *main_argv[MAX_ARGC_COUNT];

Expand Down
2 changes: 1 addition & 1 deletion payloads/libpayload/arch/x86/main.c
View file
Expand Up @@ -34,7 +34,7 @@
unsigned long loader_eax; /**< The value of EAX passed from the loader */
unsigned long loader_ebx; /**< The value of EBX passed from the loader */

unsigned int main_argc; /**< The argc value to pass to main() */
int main_argc; /**< The argc value to pass to main() */

/** The argv value to pass to main() */
char *main_argv[MAX_ARGC_COUNT];
Expand Down
28 changes: 18 additions & 10 deletions payloads/libpayload/drivers/i8042/keyboard.c
View file
Expand Up @@ -38,7 +38,7 @@

struct layout_maps {
const char *country;
const unsigned short map[4][0x57];
const unsigned short map[4][0x59];
};

static struct layout_maps *map;
Expand All @@ -58,7 +58,8 @@ static struct layout_maps keyboard_layouts[] = {
0x00, 0x20, 0x00, KEY_F(1), KEY_F(2), KEY_F(3), KEY_F(4), KEY_F(5),
KEY_F(6), KEY_F(7), KEY_F(8), KEY_F(9), KEY_F(10), 0x00, 0x00, KEY_HOME,
KEY_UP, KEY_NPAGE, 0x00, KEY_LEFT, 0x00, KEY_RIGHT, 0x00, KEY_END,
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00, KEY_F(11),
KEY_F(12),
},
{ /* Shift */
0x00, 0x1B, 0x21, 0x40, 0x23, 0x24, 0x25, 0x5E,
Expand All @@ -71,7 +72,8 @@ static struct layout_maps keyboard_layouts[] = {
0x00, 0x20, 0x00, KEY_F(1), KEY_F(2), KEY_F(3), KEY_F(4), KEY_F(5),
KEY_F(6), KEY_F(7), KEY_F(8), KEY_F(9), KEY_F(10), 0x00, 0x00, KEY_HOME,
KEY_UP, KEY_NPAGE, 0x00, KEY_LEFT, 0x00, KEY_RIGHT, 0x00, KEY_END,
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00, KEY_F(11),
KEY_F(12),
},
{ /* ALT */
0x00, 0x1B, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36,
Expand All @@ -84,7 +86,8 @@ static struct layout_maps keyboard_layouts[] = {
0x00, 0x20, 0x00, KEY_F(1), KEY_F(2), KEY_F(3), KEY_F(4), KEY_F(5),
KEY_F(6), KEY_F(7), KEY_F(8), KEY_F(9), KEY_F(10), 0x00, 0x00, KEY_HOME,
KEY_UP, KEY_NPAGE, 0x00, KEY_LEFT, 0x00, KEY_RIGHT, 0x00, KEY_END,
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00, KEY_F(11),
KEY_F(12),
},
{ /* Shift-ALT */
0x00, 0x1B, 0x21, 0x40, 0x23, 0x24, 0x25, 0x5E,
Expand All @@ -97,7 +100,8 @@ static struct layout_maps keyboard_layouts[] = {
0x00, 0x20, 0x00, KEY_F(1), KEY_F(2), KEY_F(3), KEY_F(4), KEY_F(5),
KEY_F(6), KEY_F(7), KEY_F(8), KEY_F(9), KEY_F(10), 0x00, 0x00, KEY_HOME,
KEY_UP, KEY_NPAGE, 0x00, KEY_LEFT, 0x00, KEY_RIGHT, 0x00, KEY_END,
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00, KEY_F(11),
KEY_F(12),
}
}},
#endif
Expand All @@ -114,7 +118,8 @@ static struct layout_maps keyboard_layouts[] = {
0x00, 0x20, 0x00, KEY_F(1), KEY_F(2), KEY_F(3), KEY_F(4), KEY_F(5),
KEY_F(6), KEY_F(7), KEY_F(8), KEY_F(9), KEY_F(10), 0x00, 0x00, KEY_HOME,
KEY_UP, KEY_NPAGE, 0x00, KEY_LEFT, 0x00, KEY_RIGHT, 0x00, KEY_END,
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x3C
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x3C, KEY_F(11),
KEY_F(12),
},
{ /* Shift */
0x00, 0x1B, 0x21, 0x22, 0xA7, 0x24, 0x25, 0x26,
Expand All @@ -127,7 +132,8 @@ static struct layout_maps keyboard_layouts[] = {
0x00, 0x20, 0x00, KEY_F(1), KEY_F(2), KEY_F(3), KEY_F(4), KEY_F(5),
KEY_F(6), KEY_F(7), KEY_F(8), KEY_F(9), KEY_F(10), 0x00, 0x00, KEY_HOME,
KEY_UP, KEY_NPAGE, 0x00, KEY_LEFT, 0x00, KEY_RIGHT, 0x00, KEY_END,
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x3E
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x3E, KEY_F(11),
KEY_F(12),
},
{ /* ALT */
0x00, 0x1B, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36,
Expand All @@ -140,7 +146,8 @@ static struct layout_maps keyboard_layouts[] = {
0x00, 0x20, 0x00, KEY_F(1), KEY_F(2), KEY_F(3), KEY_F(4), KEY_F(5),
KEY_F(6), KEY_F(7), KEY_F(8), KEY_F(9), KEY_F(10), 0x00, 0x00, KEY_HOME,
KEY_UP, KEY_NPAGE, 0x00, KEY_LEFT, 0x00, KEY_RIGHT, 0x00, KEY_END,
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x7C
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x7C, KEY_F(11),
KEY_F(12),
},
{ /* Shift-ALT */
/* copied from US */
Expand All @@ -154,7 +161,8 @@ static struct layout_maps keyboard_layouts[] = {
0x00, 0x20, 0x00, KEY_F(1), KEY_F(2), KEY_F(3), KEY_F(4), KEY_F(5),
KEY_F(6), KEY_F(7), KEY_F(8), KEY_F(9), KEY_F(10), 0x00, 0x00, KEY_HOME,
KEY_UP, KEY_NPAGE, 0x00, KEY_LEFT, 0x00, KEY_RIGHT, 0x00, KEY_END,
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00
KEY_DOWN, KEY_PPAGE, 0x00, KEY_DC, 0x00, 0x00, 0x00, KEY_F(11),
KEY_F(12),
}
}},
#endif
Expand Down Expand Up @@ -232,7 +240,7 @@ int keyboard_getchar(void)

ch = keyboard_get_scancode();

if (!(ch & 0x80) && ch < 0x57) {
if (!(ch & 0x80) && ch < 0x59) {
shift =
(modifier & KB_MOD_SHIFT) ^ (modifier & KB_MOD_CAPSLOCK) ? 1 : 0;

Expand Down
6 changes: 5 additions & 1 deletion payloads/libpayload/drivers/options.c
View file
Expand Up @@ -357,7 +357,11 @@ int set_option_from_string(const struct nvram_accessor *nvram, struct cb_cmos_op
*(u64*)raw = strtoull(value, NULL, 0);
break;
case 's':
raw = strdup(value);
raw = malloc(cmos_entry->length);
if (!raw)
return 1;
memset(raw, 0x00, cmos_entry->length);
strncpy(raw, value, cmos_entry->length);
break;
case 'e':
cmos_enum = lookup_cmos_enum_by_label(option_table, cmos_entry->config_id, value);
Expand Down
1 change: 1 addition & 0 deletions payloads/libpayload/drivers/storage/ahci.c
View file
Expand Up @@ -224,6 +224,7 @@ static u32 working_controllers[] = {
0x8086 | 0x1c03 << 16, /* Mobile Cougar Point PCH */
0x8086 | 0x1e03 << 16, /* Mobile Panther Point PCH */
0x8086 | 0xa102 << 16, /* Desktop / Mobile-Wks Sunrise Point PCH */
0x8086 | 0x5ae3 << 16, /* Apollo Lake */
};
#endif
static void ahci_init_pci(pcidev_t dev)
Expand Down
5 changes: 3 additions & 2 deletions payloads/libpayload/drivers/timer/Kconfig
View file
Expand Up @@ -54,7 +54,7 @@ config TIMER_IMG_PISTACHIO
bool "Timer for IMG Pistachio"

config TIMER_MTK
bool "Timer for MediaTek MT8173"
bool "Timer for MediaTek"

endchoice

Expand All @@ -77,7 +77,7 @@ config TIMER_GENERIC_REG
default 0x004A2000 if TIMER_IPQ40XX
default 0x0200A028 if TIMER_IPQ806X
default 0x101C0100 if TIMER_MCT
default 0x10008048 if TIMER_MTK
default 0x10008068 if TIMER_MTK
default 0xff810028 if TIMER_RK3288
default 0xff850008 if TIMER_RK3399
default 0x60005010 if TIMER_TEGRA_1US
Expand All @@ -89,6 +89,7 @@ config TIMER_GENERIC_HIGH_REG
hex "Generic Timer High Register Address"
default 0x004A2004 if TIMER_IPQ40XX
default 0x101C0104 if TIMER_MCT
default 0x10008078 if TIMER_MTK
default 0xff81002C if TIMER_RK3288
default 0xff85000C if TIMER_RK3399
default 0x0
Expand Down
2 changes: 1 addition & 1 deletion payloads/libpayload/drivers/timer/img_pistachio.c
View file
Expand Up @@ -18,7 +18,7 @@

uint64_t timer_hz(void)
{
return lib_sysinfo.cpu_khz * 1000;
return (uint64_t)lib_sysinfo.cpu_khz * 1000;
}

uint64_t timer_raw_value(void)
Expand Down
13 changes: 11 additions & 2 deletions payloads/libpayload/drivers/usb/ehci.c
View file
Expand Up @@ -634,6 +634,8 @@ static void *ehci_create_intr_queue(

/* create #reqcount transfer descriptors (qTDs) */
intrq->head = (intr_qtd_t *)dma_memalign(64, sizeof(intr_qtd_t));
if (!intrq->head)
fatal("Not enough DMA memory to create #reqcount TD.\n");
intr_qtd_t *cur_td = intrq->head;
for (i = 0; i < reqcount; ++i) {
fill_intr_queue_td(intrq, cur_td, data);
Expand All @@ -642,6 +644,8 @@ static void *ehci_create_intr_queue(
/* create one more qTD */
intr_qtd_t *const next_td =
(intr_qtd_t *)dma_memalign(64, sizeof(intr_qtd_t));
if (!next_td)
fatal("Not enough DMA memory to create TD.\n");
cur_td->td.next_qtd = virt_to_phys(&next_td->td);
cur_td->next = next_td;
cur_td = next_td;
Expand All @@ -651,6 +655,8 @@ static void *ehci_create_intr_queue(

/* create spare qTD */
intrq->spare = (intr_qtd_t *)dma_memalign(64, sizeof(intr_qtd_t));
if (!intrq->spare)
fatal("Not enough DMA memory to create spare qTD.\n");
intrq->spare->data = data;

/* initialize QH */
Expand Down Expand Up @@ -824,14 +830,17 @@ ehci_init (unsigned long physical_bar)
* and doesn't violate the standard.
*/
EHCI_INST(controller)->dummy_qh = (ehci_qh_t *)dma_memalign(64, sizeof(ehci_qh_t));
if (!EHCI_INST(controller)->dummy_qh)
fatal("Not enough DMA memory for EHCI dummy TD.\n");
memset((void *)EHCI_INST(controller)->dummy_qh, 0,
sizeof(*EHCI_INST(controller)->dummy_qh));
EHCI_INST(controller)->dummy_qh->horiz_link_ptr = QH_TERMINATE;
EHCI_INST(controller)->dummy_qh->td.next_qtd = QH_TERMINATE;
EHCI_INST(controller)->dummy_qh->td.alt_next_qtd = QH_TERMINATE;
for (i = 0; i < 1024; ++i)
periodic_list[i] = virt_to_phys(EHCI_INST(controller)->dummy_qh)
| PS_TYPE_QH;
periodic_list[i] =
virt_to_phys(EHCI_INST(controller)->dummy_qh)
| PS_TYPE_QH;

/* Make sure periodic schedule is disabled */
ehci_set_periodic_schedule(EHCI_INST(controller), 0);
Expand Down