138 Commits (master)
 

Author SHA1 Message Date
Raito Bezarius bae6a905ac initramfs: introduce compression 1 year ago
Raito Bezarius 94e542b2a8 platform/x230: init 1 year ago
Raito Bezarius 59c5ffbda6 entrypoint: just wire up celun for system computation and kernel 1 year ago
Raito Bezarius 37793ce3f6 coreboot: make rom size uppercase 1 year ago
Raito Bezarius abc04f36c1 coreboot: just link libgfxinit and libhwbase
While keeping hermeticity!
1 year ago
Raito Bezarius 634f5081b6 patches: add coreboot toolchain 4.16 compatibility
Warnings stuff, Ada stuff, etc.
1 year ago
Raito Bezarius 1310a397d1 coreboot-toolchain: 4.14 -> 4.16, enable Ada 1 year ago
Raito Bezarius d32e206d7f patches(submodules): kill more vboot 1 year ago
Adam Joseph 65f821adf8 README.md: update roadmap/news 1 year ago
Adam Joseph 9dd5bdf298 eliminate "magic numbers", support 8mbyte single-image flash chips
Prior to this commit, ownerboot had quite a lot of "magic addresses"
and flash chip layouts.  This commit eliminates all of them.

All flash chip geometry is now computed from first principles and
two parameters:

  1. The flash chip size
  2. The number of images per chip (two means NORMAL/FALLBACK)

If (flash-chip-size / num-images) is too small, coreboot's build
process will notice this and fail.

It should be possible to build a single-image (i.e. no FALLBACK)
ownerboot for use on 8mbyte flash chips, which lets people try this
out without having to buy a new flash chip or (in the case of the
rk3399-gru-kevin laptop) doing any soldering.
1 year ago
Adam Joseph c72e1a55be src/platform/*: use pkgs.writeText for custom.fmap files 1 year ago
Adam Joseph a499113a7a initramfs: move most of it into upstream/six-initrd submodule 1 year ago
Adam Joseph 76f0bcd2ca default.nix: warn the user if they try to build the entire scope
The `AAAAAASomeThingsBuildTooMuch` attrname is borrowed from a
similar attribute in nixpkgs' `top-level/all-packages.nix`.
1 year ago
Adam Joseph a2c0e1ddfb initramfs: pass contents using an attrset
This commit significantly cleans up the assembly of the initramfs by
specifying and manipulating its contents using an attrset (in { dest
= src; } form) rather than chunks of bash script.
1 year ago
Adam Joseph 6dbb2f8c92 initramfs: eliminate custom $build variable
Previously the initramfs required overriders to use a custom
`$build` environment variable as the destination for files to be
packed into an initramfs image.  This commit eliminates it, so the
standard $NIX_BUILD_TOP can be used instead.
1 year ago
Adam Joseph 0e0ab73687 src/image: fix ability to boot from NORMAL region
commit fa3da49c84 "coreboot: update
patch to add master header in both images" still isn't causing
coreboot to put a master header into the NORMAL region.  As a
result, images built after that commit but before this one will
always use the FALLBACK region.

This commit adds the master header explicitly, since I still can't
seem to get coreboot to do that on its own.
1 year ago
Adam Joseph 98c5638e64 src/userspace: merge back into initramfs
Previously ownerboot had separate `userspace` (the initramfs
contents without kernel modules) and `initramfs` (the complete
initramfs) expressions.  This was done in order to allow the use of
CONFIG_INITRAMFS_SOURCE, which links an initramfs image into the
kernel itself.

I did this because I was having a hard time getting coreboot to load
a separate initrd on rk3399.  I have since solved that problem, and
am now using coreboot to load an initramfs on all platforms.  There
is no longer any need for this unusual separation.
1 year ago
Adam Joseph f26abaaeba em100: add mips64n32 to badPlatforms 1 year ago
Adam Joseph 1b602c7f98 common/arm64.nix: allow to pass extra flags to flashrom scripts 1 year ago
Adam Joseph db21d5d2ac common/amd64.nix: remove redundant `$@` from flashrom script 1 year ago
Adam Joseph fa3da49c84 coreboot: update patch to add master header in both images
Prior to this commit, ownerboot had to manually add the
cbfs-master-header to the NORMAL image, because the part of
coreboot's build machinery which adds it had not been updated to
understand ownerboot-style dual-CBFS images.

This commit updates the coreboot patch so that it does that job, and
removes the manual update from ownerboot.

As an added benefit, the NORMAL and FALLBACK images now have
identical layouts, except for the (top-aligned) bootblock on x86.
1 year ago
Adam Joseph e5f921bedd coreboot: kgpe-d16: include but do not apply 0003-southbridge-amd-sb700-disable-two-hacks.patch
This commit includes, but does not apply, a patch that I was
experimenting with while solving the boot-hang problem.

This patch does not appear necessary, so it is not applied.  However
I don't want to forget what I was experimenting with at the time, so
it is included here to make it part of the git history.
1 year ago
Adam Joseph 8736520bb3 kgpe-d16: expand double-reset condition to completely fix boot-hangs
This commit adds a one-line coreboot patch which has finally solved
100% of my got-stuck-while-booting problems.

Upstream coreboot contains the following code:

  /* Reset for HT, FIDVID, PLL and errata changes to take effect. */
  if (!warm_reset_detect(0)) {
    printk(BIOS_INFO, "...WARM RESET...\n\n\n");
    soft_reset();

However `warm_reset_detect(0)` is *not* the complement of "cold
reset" (i.e. power supply was disconnected and reconnected).
Apparently there is a whole other category of "other resets" which
are neither warm nor cold.  These conditions are detected by
`other_reset_detected()`.

The patch being added expands the condition above to include these:

  if (other_reset_detected() || !warm_reset_detect(0)) {

After including this patch I have experienced zero of the infamous
"Assigning resources...<hang>" problems.  Hooray!
1 year ago
Adam Joseph d217c4eff4 fmap, payload: move to top-level scope
This commit moves the `fmap` and `payload` arguments to `coreboot`
into the top-level scope, so they can be provided without needing to
override the `coreboot` expression.
1 year ago
Adam Joseph 01549c9400 src/image: rename parameter initramfs_image -> initramfs
This allows to have the argument automatically populated by
`callPackage`.
1 year ago
Adam Joseph d4372b0df2 coreboot: drop CONFIG_LINUX_COMMAND_LINE patch
This patch is no longer needed, and in fact it now ends up
clobbering the command line in the FIT DTB, so we must drop it.
1 year ago
Adam Joseph 5572d76a08 docs: coreboot -> image 1 year ago
Adam Joseph 2c30620ed2 coreboot: separate compilation from payload installation
This commit causes the coreboot payload (i.e. the Linux kernel,
initramfs, and any necessary DTBs) to be inserted into the coreboot
image as part of a separate derivation from the one which compiles
coreboot.

As a result, changing the contents of the initramfs is extremely
fast -- it can now be done without any recompilation.

As a result of this, the attribute name for the final image to be
flashed has changed from `coreboot` to `image`.  The `coreboot`
attribute now builds a payloadless `coreboot.rom`.
1 year ago
Adam Joseph 8efee177f2 platform/kevin/fit: add missing pre/postBuild hooks 1 year ago
Adam Joseph 94446e20b9 README.md: update roadmap 1 year ago
Adam Joseph 5ac11dd7fd kgpe: add patch for USE_WATCHDOG_ON_BOOT and enable it
This commit adds a coreboot patch which enables
CONFIG_USE_WATCHDOG_ON_BOOT for kgpe-d16; in upstream coreboot this
feature is found on only a few intel cpu platforms.

When enabled, this feature starts the hardware watchdog very early
in the boot process -- before PNP enumeration or DRAM
initialization.  This ensures that any hangs or freezes due to
transient conditions (flakiness, temperature, electrical noise)
won't prevent the machine from eventually booting.  This is very
useful for unattended servers.

On kgpe-d16 the watchdog is cancelled immediately before jumping to
the payload (i.e. Linux kernel).  I found that if I left the
watchdog enabled, any attempt to use it (for example, to cancel it
or extend it) from Linux resulted in the machine resetting.  Perhaps
this can be fixed, but for now I am content to simply re-enable the
watchdog from Linux rather than leaving it running.
1 year ago
Adam Joseph c7c4370f18 platform/common/arm64: only pass --fmap to flashrom when passing -i
Previously, the flashrom scripts would pass --fmap to every
invocation of flashrom, even when overwriting the entire image.
This was unnecessary, and would cause issues if the chip being
written to had a corrupted fmap table.  This commit passes the
--fmap flag only when it is needed due to the -i flag being present.
1 year ago
Adam Joseph 1a92a17774 src/plat/kevin: allow to override atf and fit
This commit lifts `atf` and `fit` into the ownerboot scope where
they can be selectively overridden.
1 year ago
Adam Joseph c0c6141971 coreboot: kgpe-d16: do not enable hw monitor until kernel boots
This commit adds a coreboot patch which causes kgpe-d16 to skip the
PNP enumeration/assignment process for the "hardware monitor"
(basically a temperature sensor and fan-speed controller) block on
the southbridge chip.

I have found this patch solves the last remaining boot reliability
problem I was having with my unattended kgpe-d16 machines.

The commit message for this patch is below:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The hardware monitor is one of the blocks within the w83667hg-a chip
(there are many others).  It is basically a bunch of ADCs (analog to
digital converters) hooked up to voltage, current, and temperature
sensors in various locations on the motherboard.

This block has the ability to generate several different interrupts
(SMI#, OVT#, etc) in response to thermal conditions.  It appears to
sometimes (about 10% of boot-ups, depending on temperature) spew
erroneous alarm interrupts the instant you enable it, when doing so
from within coreboot.  This causes the w83667hg-a chip and the
entire system to hang, and the watchdog cannot recover from this
state because it is part of the w83667hg-a chip too.

An even bigger problem is that the hardware monitor is initialized
*before* the fans are brought up to full speed.  So if the CPU is
above the critical temperature it will remain there because the fans
are in their default low-speed boot state.  The chip just keeps
getting hotter and hotter -- not enough to damage itself, but hot
enough that it won't come down to an acceptable temperature with
simple reboots and power-cycles; you have to leave the system off
for a while.  Since the fans aren't running while the system is off
this takes quite a while (several minutes).  It's a very fussy and
fidgety process, and not something you want to walk a remote-hands
guy at the datacenter through over the phone.

To avoid this whole mess, let's simply not assign PNP resources to
the hardware monitor from coreboot.  Linux doesn't need these
anyways; it communicates with the hardware using I2C.
1 year ago
Adam Joseph 2d5f5d5bee coreboot: kgpe-d16: print DIMM voltages to console
This commit adds a patch which causes coreboot to print a message to
the serial console when adjusting any of the DIMM slot voltages.
1 year ago
Adam Joseph 2e73337b54 src/coreboot/default.nix: reorganize patches
This commit reorders the (rather large) list of patches to coreboot,
sorts them by category, and adds comments to explain them.

No change in the post-patchPhase source.
1 year ago
Adam Joseph fe5aa87b05 doc/platform/kgpe/notes.md: mention watchdogs 1 year ago
Adam Joseph b5a8773e5d doc/kevin/notes.md: add some links 2 years ago
Adam Joseph 5ad23de431 eliminate all <nixpkgs> path-references
This commit eliminates all path-references to <nixpkgs>, so we can
stop using NIX_PATH.
2 years ago
Adam Joseph 71bc5b7beb platform/kevin: eliminate path-reference to nixpkgs
Now that 6deb86f6138265a715dd005c310ad33a2e2865ff has merged
upstream in nixpkgs we can directly reference arm-trusted-firmware
as part of the nixpkgs package set.  This allows to eliminate a
<nixpkgs>-style path reference.
2 years ago
Adam Joseph 3a5b64ebd0 src/lib/nixpkgs.nix: bump pinned nixpkgs 2 years ago
Adam Joseph 69c09a294e pin nixpkgs using a tarball rather than submodule
Submodules are too much of a headache; this commit switches to
pinning a known-good nixpkgs using a tarball rather than a submodule.
2 years ago
Adam Joseph b564f8897f arm64: flashrom.forChromebook only for ec
In order to write to the chromebook embedded controller flash we
need to use Google's fork of flashrom.  However for writing to the
chromebook CPU firmware flash (which is a different flash chip) we
can use mainline flashrom.  So let's do that.
2 years ago
Adam Joseph 75141bfe4d kevin/custom.fmap: drop BIOS@0 region
On x86 platforms, it is necessary to wrap the entire image in a
BIOS@0 region which marks the memory-mapped flash image as needing
SMM protection.  Unfortunately this creates overlapping FMAP
regions, which flashrom cannot handle without a patch.

On arm64 platforms, the BIOS@0 region is not needed.  So let's not
include it.  This allows us to skip the flashrom patch on arm64.
2 years ago
Adam Joseph f1490acef3 src/coreboot/default.nix: avoid reimporting nixpkgs
This commit changes a few path-references into `<nixpkgs/..>` so
they use attrset references instead.  This way it is not necessary
to have nixpkgs accessible via $NIX_PATH when you build ownerboot.
2 years ago
Adam Joseph 1e33255408 src/coreboot/patches: add !CONFIG_USE_OPTION_TABLE patches
This commit imports four patches which fix bugs in coreboot's
behavior when !CONFIG_USE_OPTION_TABLE on KGPE-D16.
2 years ago
Adam Joseph 277ec9e263 src/platform/kgpe/default.nix: set USE_OPTION_TABLE=no
Upstream describes this option as "Enable this option if coreboot
shall read options from the CMOS NVRAM instead of using hard-coded
values."

The RTC_BOOT_BYTE (which controls normal/fallback) indicator is
always taken from CMOS NVRAM, regardless of how this option is set.
When set to `no`, no other parts of the CMOS NVRAM are read or
written.

On KGPE-D16 I have found that USE_OPTION_TABLE=yes is frustratingly
flaky and unstable; about 1 in 20 boots will hang in the PNP device
enumeration.  Apparently during SMP boot, multiple cores attempt to
access the (single) CMOS NVRAM concurrently, causing massive
headaches.  Please don't turn this option on unless you are willing
to deal with extreme frustration.
2 years ago
Adam Joseph 7e4dfde706 platform/common/amd64.nix: omit --fmap when writing the entire chip
Trying to write to a chip using --fmap will fail if the chip does
not yet have a valid fmap table (for example, a blank chip).  Let's
omit this flag when writing the entire image.
2 years ago
Adam Joseph 7817620c35 README.md update roadmap 2 years ago
Adam Joseph 88d20a5f63 src/coreboot: switch to lib/modules.nix-style Kconfig
This commit drops the verbatim `.config` files for coreboot that
were previously in the repository and converts them to NixOS-style
module configurations.

The big benefit of doing this is that the perl script in nixpkgs
that handles this will check to make sure that coreboot's Kconfig
machinery isn't silently ignoring any of our settings.  It also
makes this configuration easier for end-users to customize.
2 years ago