[coreboot-gerrit] Patch set updated for coreboot: mainboard/intel/galileo: Add vboot support
Martin Roth (martinroth@google.com)
gerrit at coreboot.org
Mon Mar 13 21:25:56 CET 2017
Martin Roth (martinroth at google.com) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/18041
-gerrit
commit 3a22eb1b69e0140cc7f24cc3d0338e69eff7fcd1
Author: Lee Leahy <leroy.p.leahy at intel.com>
Date: Wed Jan 4 08:34:01 2017 -0800
mainboard/intel/galileo: Add vboot support
Add the necessary files and changes to support vboot.
TEST=Build and run on Galileo Gen2
Change-Id: I96170412e7bbc2b9c747ff5e2c845f29220353ed
Signed-off-by: Lee Leahy <leroy.p.leahy at intel.com>
---
src/mainboard/intel/galileo/Kconfig | 27 +++++++++++++
src/mainboard/intel/galileo/Makefile.inc | 5 +++
src/mainboard/intel/galileo/vboot.c | 69 ++++++++++++++++++++++++++++++++
src/mainboard/intel/galileo/vboot.fmd | 39 ++++++++++++++++++
4 files changed, 140 insertions(+)
diff --git a/src/mainboard/intel/galileo/Kconfig b/src/mainboard/intel/galileo/Kconfig
index e941448..b705ab7 100644
--- a/src/mainboard/intel/galileo/Kconfig
+++ b/src/mainboard/intel/galileo/Kconfig
@@ -18,6 +18,7 @@ if BOARD_INTEL_GALILEO
config BOARD_SPECIFIC_OPTIONS
def_bool y
select BOARD_ROMSIZE_KB_8192
+ select COLLECT_TIMESTAMPS
# select CREATE_BOARD_CHECKLIST
select ENABLE_BUILTIN_HSUART1
select HAVE_ACPI_TABLES
@@ -147,4 +148,30 @@ config FSP_DEBUG_ALL
FSP_CALLS_AND_STATUS, FSP_HEADER, POSTCAR_CONSOLE and VERIFY_HOBS
or FSP 1.1 DISPLAY_FSP_ENTRY_POINTS
+config VBOOT_WITH_CRYPTO_SHIELD
+ bool "Verified boot using the Crypto Shield board"
+ default n
+ select SEPARATE_VERSTAGE
+ select VBOOT
+ select VBOOT_MOCK_SECDATA
+ select VBOOT_STARTS_IN_BOOTBLOCK
+ help
+ Perform a verified boot using the TPM on the Crypto Shield board.
+
+config DRIVER_TPM_I2C_ADDR
+ hex "Address of the I2C TPM chip"
+ depends on VBOOT_WITH_CRYPTO_SHIELD
+ default 0x29
+ help
+ I2C address of the TPM chip on the Crypto Shield board.
+
+config FMDFILE
+ string "fmap description file in fmd format"
+ depends on VBOOT
+ default "src/mainboard/$(CONFIG_MAINBOARD_DIR)/vboot.fmd"
+ help
+ The build system creates a default FMAP from ROM_SIZE and CBFS_SIZE,
+ but in some cases more complex setups are required.
+ When an fmd is specified, it overrides the default format.
+
endif # BOARD_INTEL_QUARK
diff --git a/src/mainboard/intel/galileo/Makefile.inc b/src/mainboard/intel/galileo/Makefile.inc
index 16b2b4a..f2fda31 100644
--- a/src/mainboard/intel/galileo/Makefile.inc
+++ b/src/mainboard/intel/galileo/Makefile.inc
@@ -20,8 +20,13 @@ endif
bootblock-y += gpio.c
bootblock-y += reg_access.c
+verstage-y += gpio.c
+verstage-y += reg_access.c
+verstage-$(CONFIG_VBOOT) += vboot.c
+
romstage-y += gpio.c
romstage-y += reg_access.c
+romstage-$(CONFIG_VBOOT) += vboot.c
postcar-y += gpio.c
postcar-y += reg_access.c
diff --git a/src/mainboard/intel/galileo/vboot.c b/src/mainboard/intel/galileo/vboot.c
new file mode 100644
index 0000000..22c9615
--- /dev/null
+++ b/src/mainboard/intel/galileo/vboot.c
@@ -0,0 +1,69 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2016 Intel Corp.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * GNU General Public License for more details.
+ */
+
+#include <assert.h>
+#include <bootmode.h>
+#include <console/console.h>
+#include <delay.h>
+#include <device/i2c.h>
+#include <lib.h>
+#include "reg_access.h"
+#include "gen1.h"
+#include "gen2.h"
+#include <spi_flash.h>
+#include <vboot/vboot_common.h>
+
+int clear_recovery_mode_switch(void)
+{
+ /* Nothing to do */
+ return 0;
+}
+
+int get_developer_mode_switch(void)
+{
+ return 0;
+}
+
+int get_recovery_mode_switch(void)
+{
+ return 0;
+}
+
+int get_sw_write_protect_state(void)
+{
+#if 0
+ uint8_t status;
+ const struct spi_flash *flash;
+
+ flash = boot_device_spi_flash();
+ if (!flash)
+ return 0;
+
+ /* Return unprotected status if status read fails */
+ return spi_flash_status(flash, &status) ? 0 : !!(status & 0x80);
+#endif // 0
+
+ /* Not write protected */
+ return 0;
+}
+
+int get_write_protect_state(void)
+{
+ /* Not write protected */
+ return 0;
+}
+
+void log_recovery_mode_switch(void)
+{
+}
+
+void verstage_mainboard_init(void)
+{
+}
diff --git a/src/mainboard/intel/galileo/vboot.fmd b/src/mainboard/intel/galileo/vboot.fmd
new file mode 100644
index 0000000..49ac9a7
--- /dev/null
+++ b/src/mainboard/intel/galileo/vboot.fmd
@@ -0,0 +1,39 @@
+FLASH at 0xff800000 0x800000 {
+ SI_ALL at 0x0 0x200000 {
+ SI_DESC at 0x0 0x1000
+ SI_ME at 0x1000 0x1ff000
+ }
+ SI_BIOS at 0x200000 0x600000 {
+ RW_SECTION_A at 0x0 0xf0000 {
+ VBLOCK_A at 0x0 0x10000
+ FW_MAIN_A(CBFS)@0x10000 0xdffc0
+ RW_FWID_A at 0xeffc0 0x40
+ }
+ RW_SECTION_B at 0xf0000 0xf0000 {
+ VBLOCK_B at 0x0 0x10000
+ FW_MAIN_B(CBFS)@0x10000 0xdffc0
+ RW_FWID_B at 0xeffc0 0x40
+ }
+ RW_MRC_CACHE at 0x1e0000 0x10000
+ RW_ELOG at 0x1f0000 0x4000
+ RW_SHARED at 0x1f4000 0x4000 {
+ SHARED_DATA at 0x0 0x2000
+ VBLOCK_DEV at 0x2000 0x2000
+ }
+ RW_VPD at 0x1f8000 0x2000
+ RW_UNUSED at 0x1fa000 0x6000
+ RW_LEGACY(CBFS)@0x200000 0x200000
+ WP_RO at 0x400000 0x200000 {
+ RO_VPD at 0x0 0x4000
+ RO_UNUSED at 0x4000 0xc000
+ RO_SECTION at 0x10000 0x1f0000 {
+ FMAP at 0x0 0x800
+ RO_FRID at 0x800 0x40
+ RO_FRID_PAD at 0x840 0x7c0
+# GBB at 0x1000 0xef000
+# COREBOOT(CBFS)@0xf0000 0x100000
+ COREBOOT(CBFS)@0x1000 0x1ef000
+ }
+ }
+ }
+}
More information about the coreboot-gerrit
mailing list