1 /* SPDX-License-Identifier: GPL-2.0-only */
2
3 #include <acpi/acpi.h>
4 #include <bootstate.h>
5 #include <cbfs.h>
6 #include <commonlib/region.h>
7 #include <console/console.h>
8 #include <cpu/cpu.h>
9 #include <crc_byte.h>
10 #include <elog.h>
11 #include <fmap.h>
12 #include <intelbasecode/debug_feature.h>
13 #include <intelblocks/cse.h>
14 #include <intelblocks/cse_layout.h>
15 #include <intelblocks/cse_lite.h>
16 #include <intelblocks/spi.h>
17 #include <security/vboot/misc.h>
18 #include <security/vboot/vboot_common.h>
19 #include <soc/intel/common/reset.h>
20 #include <timestamp.h>
21
22 #include "cse_lite_cmos.h"
23
24 static struct get_bp_info_rsp cse_bp_info_rsp;
25
26 enum cse_fw_state {
27 /* The CMOS and CBMEM have the current fw version. */
28 CSE_FW_WARM_BOOT,
29
30 /* The CMOS has the current fw version, and the CBMEM is wiped out. */
31 CSE_FW_COLD_BOOT,
32
33 /* The CMOS and CBMEM are not initialized or not same as running firmware version.*/
34 CSE_FW_INVALID,
35 };
36
37 static const char * const cse_regions[] = {"RO", "RW"};
38
39 static struct cse_specific_info cse_info;
40
cse_log_ro_write_protection_info(bool mfg_mode)41 void cse_log_ro_write_protection_info(bool mfg_mode)
42 {
43 bool cse_ro_wp_en = is_spi_wp_cse_ro_en();
44
45 printk(BIOS_DEBUG, "ME: WP for RO is enabled : %s\n",
46 cse_ro_wp_en ? "YES" : "NO");
47
48 if (cse_ro_wp_en) {
49 uint32_t base, limit;
50 spi_get_wp_cse_ro_range(&base, &limit);
51 printk(BIOS_DEBUG, "ME: RO write protection scope - Start=0x%X, End=0x%X\n",
52 base, limit);
53 }
54
55 /*
56 * If manufacturing mode is disabled, but CSE RO is not write protected,
57 * log error.
58 */
59 if (!mfg_mode && !cse_ro_wp_en)
60 printk(BIOS_ERR, "ME: Write protection for CSE RO is not enabled\n");
61 }
62
cse_get_boot_performance_data(struct cse_boot_perf_rsp * boot_perf_rsp)63 enum cb_err cse_get_boot_performance_data(struct cse_boot_perf_rsp *boot_perf_rsp)
64 {
65 struct cse_boot_perf_req {
66 struct mkhi_hdr hdr;
67 uint32_t reserved;
68 } __packed;
69
70 struct cse_boot_perf_req req = {
71 .hdr.group_id = MKHI_GROUP_ID_BUP_COMMON,
72 .hdr.command = MKHI_BUP_COMMON_GET_BOOT_PERF_DATA,
73 .reserved = 0,
74 };
75
76 size_t resp_size = sizeof(struct cse_boot_perf_rsp);
77
78 if (heci_send_receive(&req, sizeof(req), boot_perf_rsp, &resp_size,
79 HECI_MKHI_ADDR)) {
80 printk(BIOS_ERR, "cse_lite: Could not get boot performance data\n");
81 return CB_ERR;
82 }
83
84 if (boot_perf_rsp->hdr.result) {
85 printk(BIOS_ERR, "cse_lite: Get boot performance data resp failed: %d\n",
86 boot_perf_rsp->hdr.result);
87 return CB_ERR;
88 }
89
90 return CB_SUCCESS;
91 }
92
cse_get_bp_info_from_rsp(void)93 static const struct cse_bp_info *cse_get_bp_info_from_rsp(void)
94 {
95 return &cse_bp_info_rsp.bp_info;
96 }
97
cse_get_current_bp(void)98 static uint8_t cse_get_current_bp(void)
99 {
100 const struct cse_bp_info *cse_bp_info = cse_get_bp_info_from_rsp();
101 return cse_bp_info->current_bp;
102 }
103
cse_get_bp_entry(enum boot_partition_id bp)104 static const struct cse_bp_entry *cse_get_bp_entry(enum boot_partition_id bp)
105 {
106 const struct cse_bp_info *cse_bp_info = cse_get_bp_info_from_rsp();
107 return &cse_bp_info->bp_entries[bp];
108 }
109
is_cse_fpt_info_valid(const struct cse_specific_info * info)110 static bool is_cse_fpt_info_valid(const struct cse_specific_info *info)
111 {
112 uint32_t crc = ~CRC(info, offsetof(struct cse_specific_info, crc), crc32_byte);
113
114 /*
115 * Authenticate the CBMEM persistent data.
116 *
117 * The underlying assumption is that an event (i.e., CSE upgrade/downgrade) which
118 * could change the values stored in this region has to also trigger the global
119 * reset. Hence, CBMEM persistent data won't be available any time after such
120 * event (global reset or cold reset) being initiated.
121 *
122 * During warm boot scenarios CBMEM contents remain persistent hence, we don't
123 * want to override the existing data in CBMEM to avoid any additional boot latency.
124 */
125 if (info->crc != crc)
126 return false;
127
128 return true;
129 }
130
store_cse_info_crc(struct cse_specific_info * info)131 static void store_cse_info_crc(struct cse_specific_info *info)
132 {
133 info->crc = ~CRC(info, offsetof(struct cse_specific_info, crc), crc32_byte);
134 }
135
get_cse_state(const struct fw_version * cur_cse_fw_ver,struct fw_version * cmos_cse_fw_ver,const struct fw_version * cbmem_cse_fw_ver)136 static enum cse_fw_state get_cse_state(const struct fw_version *cur_cse_fw_ver,
137 struct fw_version *cmos_cse_fw_ver, const struct fw_version *cbmem_cse_fw_ver)
138 {
139 enum cse_fw_state state = CSE_FW_WARM_BOOT;
140 size_t size = sizeof(struct fw_version);
141 /*
142 * Compare if stored CSE version (from the previous boot) is same as current
143 * running CSE version.
144 */
145 if (memcmp(cmos_cse_fw_ver, cur_cse_fw_ver, size)) {
146 /*
147 * CMOS CSE versioin is invalid, possibly two scenarios
148 * 1. CSE FW update
149 * 2. First boot
150 */
151 state = CSE_FW_INVALID;
152 } else {
153 /*
154 * Check if current running CSE version is same as previous stored CSE
155 * version aka CBMEM region is still valid.
156 */
157 if (memcmp(cbmem_cse_fw_ver, cur_cse_fw_ver, size))
158 state = CSE_FW_COLD_BOOT;
159 }
160 return state;
161 }
162
163 /*
164 * Helper function that stores current CSE firmware version to CBMEM memory,
165 * except during recovery mode.
166 */
cse_store_rw_fw_version(void)167 static void cse_store_rw_fw_version(void)
168 {
169 const struct cse_bp_entry *cse_bp;
170 cse_bp = cse_get_bp_entry(RW);
171
172 if (vboot_recovery_mode_enabled())
173 return;
174
175 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_IN_ROMSTAGE)) {
176 /* update current CSE version and return */
177 memcpy(&(cse_info.cse_fwp_version.cur_cse_fw_version),
178 &(cse_bp->fw_ver), sizeof(struct fw_version));
179 return;
180 }
181
182 struct cse_specific_info *cse_info_in_cbmem = cbmem_add(CBMEM_ID_CSE_INFO,
183 sizeof(*cse_info_in_cbmem));
184 if (!cse_info_in_cbmem)
185 return;
186
187 /* Avoid CBMEM update if CBMEM already has persistent data */
188 if (is_cse_fpt_info_valid(cse_info_in_cbmem))
189 return;
190
191 struct cse_specific_info cse_info_in_cmos;
192 cmos_read_fw_partition_info(&cse_info_in_cmos);
193
194 /* Get current cse firmware state */
195 enum cse_fw_state fw_state = get_cse_state(&(cse_bp->fw_ver),
196 &(cse_info_in_cmos.cse_fwp_version.cur_cse_fw_version),
197 &(cse_info_in_cbmem->cse_fwp_version.cur_cse_fw_version));
198
199 /* Reset CBMEM data and update current CSE version */
200 memset(cse_info_in_cbmem, 0, sizeof(*cse_info_in_cbmem));
201 memcpy(&(cse_info_in_cbmem->cse_fwp_version.cur_cse_fw_version),
202 &(cse_bp->fw_ver), sizeof(struct fw_version));
203
204 /* Update the CRC */
205 store_cse_info_crc(cse_info_in_cbmem);
206
207 if (fw_state == CSE_FW_INVALID) {
208 /*
209 * Current CMOS data is outdated, which could be due to CSE update or
210 * rollback, hence, need to update CMOS with current CSE FPT versions.
211 */
212 cmos_write_fw_partition_info(cse_info_in_cbmem);
213 }
214 }
215
216 #if CONFIG(SOC_INTEL_CSE_LITE_SYNC_IN_ROMSTAGE)
217 /* Function to copy PRERAM CSE specific info to pertinent CBMEM. */
preram_cse_info_sync_to_cbmem(int is_recovery)218 static void preram_cse_info_sync_to_cbmem(int is_recovery)
219 {
220 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD))
221 return;
222
223 if (vboot_recovery_mode_enabled() || !CONFIG(SOC_INTEL_STORE_CSE_FW_VERSION))
224 return;
225
226 struct cse_specific_info *cse_info_in_cbmem = cbmem_add(CBMEM_ID_CSE_INFO,
227 sizeof(*cse_info_in_cbmem));
228 if (!cse_info_in_cbmem)
229 return;
230
231 /* Warm Reboot: Avoid sync into CBMEM if CBMEM already has persistent data */
232 if (is_cse_fpt_info_valid(cse_info_in_cbmem))
233 return;
234
235 /* Update CBMEM with PRERAM CSE specific info and update the CRC */
236 memcpy(cse_info_in_cbmem, &cse_info, sizeof(struct cse_specific_info));
237 store_cse_info_crc(cse_info_in_cbmem);
238
239 struct cse_specific_info cse_info_in_cmos;
240 cmos_read_fw_partition_info(&cse_info_in_cmos);
241
242 if (!memcmp(&(cse_info_in_cmos.cse_fwp_version.cur_cse_fw_version),
243 &(cse_info_in_cbmem->cse_fwp_version.cur_cse_fw_version),
244 sizeof(struct fw_version))) {
245 /* Cold Reboot: Avoid sync into CMOS if CMOS already has persistent data */
246 if (is_cse_fpt_info_valid(&cse_info_in_cmos))
247 return;
248 }
249
250 /*
251 * Current CMOS data is outdated, which could be due to CSE update or
252 * rollback, hence, need to update CMOS with current CSE FPT versions.
253 */
254 cmos_write_fw_partition_info(cse_info_in_cbmem);
255 }
256
257 CBMEM_CREATION_HOOK(preram_cse_info_sync_to_cbmem);
258 #endif
259
cse_print_boot_partition_info(void)260 static void cse_print_boot_partition_info(void)
261 {
262 const struct cse_bp_entry *cse_bp;
263 const struct cse_bp_info *cse_bp_info = cse_get_bp_info_from_rsp();
264
265 printk(BIOS_DEBUG, "cse_lite: Number of partitions = %d\n",
266 cse_bp_info->total_number_of_bp);
267 printk(BIOS_DEBUG, "cse_lite: Current partition = %s\n",
268 GET_BP_STR(cse_bp_info->current_bp));
269 printk(BIOS_DEBUG, "cse_lite: Next partition = %s\n", GET_BP_STR(cse_bp_info->next_bp));
270 printk(BIOS_DEBUG, "cse_lite: Flags = 0x%x\n", cse_bp_info->flags);
271
272 /* Log version info of RO & RW partitions */
273 cse_bp = cse_get_bp_entry(RO);
274 if (cse_bp->status == BP_STATUS_SUCCESS)
275 printk(BIOS_DEBUG, "cse_lite: %s version = %d.%d.%d.%d (Start=0x%x, End=0x%x)\n",
276 GET_BP_STR(RO), cse_bp->fw_ver.major, cse_bp->fw_ver.minor,
277 cse_bp->fw_ver.hotfix, cse_bp->fw_ver.build,
278 cse_bp->start_offset, cse_bp->end_offset);
279 else
280 printk(BIOS_ERR, "cse_lite: %s status=0x%x\n", GET_BP_STR(RO), cse_bp->status);
281
282 cse_bp = cse_get_bp_entry(RW);
283 if (cse_bp->status == BP_STATUS_SUCCESS)
284 printk(BIOS_DEBUG, "cse_lite: %s version = %d.%d.%d.%d (Start=0x%x, End=0x%x)\n",
285 GET_BP_STR(RW), cse_bp->fw_ver.major, cse_bp->fw_ver.minor,
286 cse_bp->fw_ver.hotfix, cse_bp->fw_ver.build,
287 cse_bp->start_offset, cse_bp->end_offset);
288 else
289 printk(BIOS_ERR, "cse_lite: %s status=0x%x\n", GET_BP_STR(RW), cse_bp->status);
290 }
291
292 /*
293 * Checks prerequisites for MKHI_BUP_COMMON_GET_BOOT_PARTITION_INFO and
294 * MKHI_BUP_COMMON_SET_BOOT_PARTITION_INFO HECI commands.
295 * It allows execution of the Boot Partition commands in below scenarios:
296 * - When CSE boots from RW partition (COM: Normal and CWS: Normal)
297 * - When CSE boots from RO partition (COM: Soft Temp Disable and CWS: Normal)
298 * - After HMRFPO_ENABLE command is issued to CSE (COM: SECOVER_MEI_MSG and CWS: Normal)
299 * The prerequisite check should be handled in cse_get_bp_info() and
300 * cse_set_next_boot_partition() since the CSE's current operation mode is changed between these
301 * cmd handler calls.
302 */
cse_is_bp_cmd_info_possible(void)303 static bool cse_is_bp_cmd_info_possible(void)
304 {
305 if (cse_is_hfs1_cws_normal()) {
306 if (cse_is_hfs1_com_normal())
307 return true;
308 if (cse_is_hfs1_com_secover_mei_msg())
309 return true;
310 if (cse_is_hfs1_com_soft_temp_disable())
311 return true;
312 }
313 return false;
314 }
315
sync_cse_bp_info_to_cbmem(void)316 static struct get_bp_info_rsp *sync_cse_bp_info_to_cbmem(void)
317 {
318 struct get_bp_info_rsp *cse_bp_info_in_cbmem = cbmem_find(CBMEM_ID_CSE_BP_INFO);
319
320 if (cse_bp_info_in_cbmem != NULL)
321 return cse_bp_info_in_cbmem;
322
323 cse_bp_info_in_cbmem = cbmem_add(CBMEM_ID_CSE_BP_INFO,
324 sizeof(struct get_bp_info_rsp));
325
326 if (!cse_bp_info_in_cbmem) {
327 printk(BIOS_ERR, "Unable to store Boot Parition Info in cbmem\n");
328 return NULL;
329 }
330
331 /* Copy the CSE Boot Partition Info command response to cbmem */
332 memcpy(cse_bp_info_in_cbmem, &cse_bp_info_rsp, sizeof(struct get_bp_info_rsp));
333
334 return cse_bp_info_in_cbmem;
335 }
336
is_cse_bp_info_valid(struct get_bp_info_rsp * bp_info_rsp)337 static bool is_cse_bp_info_valid(struct get_bp_info_rsp *bp_info_rsp)
338 {
339 /*
340 * In case the cse_bp_info_rsp header group ID, command is incorrect or is_resp is 0,
341 * then return false to indicate cse_bp_info is not valid.
342 */
343 return (bp_info_rsp->hdr.group_id != MKHI_GROUP_ID_BUP_COMMON ||
344 bp_info_rsp->hdr.command != MKHI_BUP_COMMON_GET_BOOT_PARTITION_INFO ||
345 !bp_info_rsp->hdr.is_resp) ? false : true;
346 }
347
cse_get_bp_info(void)348 static enum cb_err cse_get_bp_info(void)
349 {
350 struct get_bp_info_req {
351 struct mkhi_hdr hdr;
352 uint8_t reserved[4];
353 } __packed;
354
355 struct get_bp_info_req info_req = {
356 .hdr.group_id = MKHI_GROUP_ID_BUP_COMMON,
357 .hdr.command = MKHI_BUP_COMMON_GET_BOOT_PARTITION_INFO,
358 .reserved = {0},
359 };
360
361 /*
362 * If SOC_INTEL_CSE_LITE_SYNC_IN_RAMSTAGE config is selected and memory has been
363 * initialized, check if there is cse bp info response stored in cbmem. Once the data
364 * is validated, copy it to the global cse_bp_info_rsp so that it can be used by other
365 * functions. In case, data is not available in cbmem or invalid, continue to send the
366 * GET_BOOT_PARTITION_INFO command, else return.
367 */
368 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_IN_RAMSTAGE) && cbmem_online()) {
369 struct get_bp_info_rsp *cse_bp_info_in_cbmem = sync_cse_bp_info_to_cbmem();
370 if (cse_bp_info_in_cbmem) {
371 if (is_cse_bp_info_valid(cse_bp_info_in_cbmem)) {
372 memcpy(&cse_bp_info_rsp, cse_bp_info_in_cbmem,
373 sizeof(struct get_bp_info_rsp));
374 return CB_SUCCESS;
375 }
376 }
377 } else {
378 /*
379 * If SOC_INTEL_CSE_LITE_SYNC_IN_ROMSTAGE config is selected, check if the
380 * global cse bp info response stored in global cse_bp_info_rsp is valid.
381 * In case, it is not valid, continue to send the GET_BOOT_PARTITION_INFO
382 * command, else return.
383 */
384 if (is_cse_bp_info_valid(&cse_bp_info_rsp))
385 return CB_SUCCESS;
386 }
387
388 if (!cse_is_bp_cmd_info_possible()) {
389 printk(BIOS_ERR, "cse_lite: CSE does not meet prerequisites\n");
390 return CB_ERR;
391 }
392
393 size_t resp_size = sizeof(struct get_bp_info_rsp);
394
395 if (heci_send_receive(&info_req, sizeof(info_req), &cse_bp_info_rsp, &resp_size,
396 HECI_MKHI_ADDR)) {
397 printk(BIOS_ERR, "cse_lite: Could not get partition info\n");
398 return CB_ERR;
399 }
400
401 if (cse_bp_info_rsp.hdr.result) {
402 printk(BIOS_ERR, "cse_lite: Get partition info resp failed: %d\n",
403 cse_bp_info_rsp.hdr.result);
404 return CB_ERR;
405 }
406
407 cse_print_boot_partition_info();
408 return CB_SUCCESS;
409 }
410
cse_fill_bp_info(void)411 void cse_fill_bp_info(void)
412 {
413 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD))
414 return;
415
416 if (vboot_recovery_mode_enabled())
417 return;
418
419 if (cse_get_bp_info() != CB_SUCCESS)
420 cse_trigger_vboot_recovery(CSE_COMMUNICATION_ERROR);
421 }
422
423 /* Function to copy PRERAM CSE BP info to pertinent CBMEM. */
preram_cse_bp_info_sync_to_cbmem(int is_recovery)424 static void preram_cse_bp_info_sync_to_cbmem(int is_recovery)
425 {
426 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD))
427 return;
428
429 if (vboot_recovery_mode_enabled())
430 return;
431
432 sync_cse_bp_info_to_cbmem();
433 }
434
435 CBMEM_CREATION_HOOK(preram_cse_bp_info_sync_to_cbmem);
436
437 /*
438 * It sends HECI command to notify CSE about its next boot partition. When coreboot wants
439 * CSE to boot from certain partition (BP1 <RO> or BP2 <RW>), then this command can be used.
440 * The CSE's valid bootable partitions are BP1(RO) and BP2(RW).
441 * This function must be used before EOP.
442 * Returns false on failure and true on success.
443 */
cse_set_next_boot_partition(enum boot_partition_id bp)444 static enum cb_err cse_set_next_boot_partition(enum boot_partition_id bp)
445 {
446 struct set_boot_partition_info_req {
447 struct mkhi_hdr hdr;
448 uint8_t next_bp;
449 uint8_t reserved[3];
450 } __packed;
451
452 struct set_boot_partition_info_req switch_req = {
453 .hdr.group_id = MKHI_GROUP_ID_BUP_COMMON,
454 .hdr.command = MKHI_BUP_COMMON_SET_BOOT_PARTITION_INFO,
455 .next_bp = bp,
456 .reserved = {0},
457 };
458
459 if (bp != RO && bp != RW) {
460 printk(BIOS_ERR, "cse_lite: Incorrect partition id(%d) is provided", bp);
461 return CB_ERR_ARG;
462 }
463
464 printk(BIOS_INFO, "cse_lite: Set Boot Partition Info Command (%s)\n", GET_BP_STR(bp));
465
466 if (!cse_is_bp_cmd_info_possible()) {
467 printk(BIOS_ERR, "cse_lite: CSE does not meet prerequisites\n");
468 return CB_ERR;
469 }
470
471 struct mkhi_hdr switch_resp;
472 size_t sw_resp_sz = sizeof(struct mkhi_hdr);
473
474 if (heci_send_receive(&switch_req, sizeof(switch_req), &switch_resp, &sw_resp_sz,
475 HECI_MKHI_ADDR))
476 return CB_ERR;
477
478 if (switch_resp.result) {
479 printk(BIOS_ERR, "cse_lite: Set Boot Partition Info Response Failed: %d\n",
480 switch_resp.result);
481 return CB_ERR;
482 }
483
484 return CB_SUCCESS;
485 }
486
cse_data_clear_request(void)487 static enum cb_err cse_data_clear_request(void)
488 {
489 struct data_clr_request {
490 struct mkhi_hdr hdr;
491 uint8_t reserved[4];
492 } __packed;
493
494 struct data_clr_request data_clr_rq = {
495 .hdr.group_id = MKHI_GROUP_ID_BUP_COMMON,
496 .hdr.command = MKHI_BUP_COMMON_DATA_CLEAR,
497 .reserved = {0},
498 };
499
500 if (!cse_is_hfs1_cws_normal() || !cse_is_hfs1_com_soft_temp_disable() ||
501 cse_get_current_bp() != RO) {
502 printk(BIOS_ERR, "cse_lite: CSE doesn't meet DATA CLEAR cmd prerequisites\n");
503 return CB_ERR;
504 }
505
506 printk(BIOS_DEBUG, "cse_lite: Sending DATA CLEAR HECI command\n");
507
508 struct mkhi_hdr data_clr_rsp;
509 size_t data_clr_rsp_sz = sizeof(data_clr_rsp);
510
511 if (heci_send_receive(&data_clr_rq, sizeof(data_clr_rq), &data_clr_rsp,
512 &data_clr_rsp_sz, HECI_MKHI_ADDR)) {
513 return CB_ERR;
514 }
515
516 if (data_clr_rsp.result) {
517 printk(BIOS_ERR, "cse_lite: CSE DATA CLEAR command response failed: %d\n",
518 data_clr_rsp.result);
519 return CB_ERR;
520 }
521
522 return CB_SUCCESS;
523 }
524
cse_board_reset(void)525 __weak void cse_board_reset(void)
526 {
527 /* Default weak implementation, does nothing. */
528 }
529
cse_fw_update_misc_oper(void)530 __weak void cse_fw_update_misc_oper(void)
531 {
532 /* Default weak implementation, does nothing. */
533 }
534
535 /* Set the CSE's next boot partition and issues system reset */
cse_set_and_boot_from_next_bp(enum boot_partition_id bp)536 static enum cb_err cse_set_and_boot_from_next_bp(enum boot_partition_id bp)
537 {
538 if (cse_set_next_boot_partition(bp) != CB_SUCCESS)
539 return CB_ERR;
540
541 /* Allow the board to perform a reset for CSE RO<->RW jump */
542 cse_board_reset();
543
544 /* If board does not perform the reset, then perform global_reset */
545 do_global_reset();
546
547 die("cse_lite: Failed to reset the system\n");
548
549 /* Control never reaches here */
550 return CB_ERR;
551 }
552
cse_boot_to_rw(void)553 static enum cb_err cse_boot_to_rw(void)
554 {
555 if (cse_get_current_bp() == RW)
556 return CB_SUCCESS;
557
558 return cse_set_and_boot_from_next_bp(RW);
559 }
560
561 /* Check if CSE RW data partition is valid or not */
cse_is_rw_dp_valid(void)562 static bool cse_is_rw_dp_valid(void)
563 {
564 const struct cse_bp_entry *rw_bp;
565
566 rw_bp = cse_get_bp_entry(RW);
567 return rw_bp->status != BP_STATUS_DATA_FAILURE;
568 }
569
570 /*
571 * It returns true if RW partition doesn't indicate BP_STATUS_DATA_FAILURE
572 * otherwise false if any operation fails.
573 */
cse_fix_data_failure_err(void)574 static enum cb_err cse_fix_data_failure_err(void)
575 {
576 /*
577 * If RW partition status indicates BP_STATUS_DATA_FAILURE,
578 * - Send DATA CLEAR HECI command to CSE
579 * - Send SET BOOT PARTITION INFO(RW) command to set CSE's next partition
580 * - Issue GLOBAL RESET HECI command.
581 */
582 if (cse_is_rw_dp_valid())
583 return CB_SUCCESS;
584
585 if (cse_data_clear_request() != CB_SUCCESS)
586 return CB_ERR;
587
588 return cse_boot_to_rw();
589 }
590
cse_get_bp_entry_version(enum boot_partition_id bp)591 static const struct fw_version *cse_get_bp_entry_version(enum boot_partition_id bp)
592 {
593 const struct cse_bp_entry *cse_bp;
594
595 cse_bp = cse_get_bp_entry(bp);
596 return &cse_bp->fw_ver;
597 }
598
cse_get_rw_version(void)599 static const struct fw_version *cse_get_rw_version(void)
600 {
601 return cse_get_bp_entry_version(RW);
602 }
603
cse_get_bp_entry_range(enum boot_partition_id bp,uint32_t * start_offset,uint32_t * end_offset)604 static void cse_get_bp_entry_range(enum boot_partition_id bp, uint32_t *start_offset,
605 uint32_t *end_offset)
606 {
607 const struct cse_bp_entry *cse_bp;
608
609 cse_bp = cse_get_bp_entry(bp);
610
611 if (start_offset)
612 *start_offset = cse_bp->start_offset;
613
614 if (end_offset)
615 *end_offset = cse_bp->end_offset;
616 }
617
cse_is_rw_bp_status_valid(void)618 static bool cse_is_rw_bp_status_valid(void)
619 {
620 const struct cse_bp_entry *rw_bp;
621
622 rw_bp = cse_get_bp_entry(RW);
623
624 if (rw_bp->status == BP_STATUS_PARTITION_NOT_PRESENT ||
625 rw_bp->status == BP_STATUS_GENERAL_FAILURE) {
626 printk(BIOS_ERR, "cse_lite: RW BP (status:%u) is not valid\n", rw_bp->status);
627 return false;
628 }
629 return true;
630 }
631
cse_boot_to_ro(void)632 static enum cb_err cse_boot_to_ro(void)
633 {
634 if (cse_get_current_bp() == RO)
635 return CB_SUCCESS;
636
637 return cse_set_and_boot_from_next_bp(RO);
638 }
639
cse_get_rw_rdev(struct region_device * rdev)640 static enum cb_err cse_get_rw_rdev(struct region_device *rdev)
641 {
642 if (fmap_locate_area_as_rdev_rw(CONFIG_SOC_INTEL_CSE_FMAP_NAME, rdev) < 0) {
643 printk(BIOS_ERR, "cse_lite: Failed to locate %s in FMAP\n",
644 CONFIG_SOC_INTEL_CSE_FMAP_NAME);
645 return CB_ERR;
646 }
647
648 return CB_SUCCESS;
649 }
650
cse_is_rw_bp_sign_valid(const struct region_device * target_rdev)651 static bool cse_is_rw_bp_sign_valid(const struct region_device *target_rdev)
652 {
653 uint32_t cse_bp_sign;
654
655 if (rdev_readat(target_rdev, &cse_bp_sign, 0, CSE_RW_SIGN_SIZE) != CSE_RW_SIGN_SIZE) {
656 printk(BIOS_ERR, "cse_lite: Failed to read RW boot partition signature\n");
657 return false;
658 }
659
660 return cse_bp_sign == CSE_RW_SIGNATURE;
661 }
662
cse_get_target_rdev(struct region_device * target_rdev)663 static enum cb_err cse_get_target_rdev(struct region_device *target_rdev)
664 {
665 struct region_device cse_region_rdev;
666 size_t size;
667 uint32_t start_offset;
668 uint32_t end_offset;
669
670 if (cse_get_rw_rdev(&cse_region_rdev) != CB_SUCCESS)
671 return CB_ERR;
672
673 cse_get_bp_entry_range(RW, &start_offset, &end_offset);
674 size = end_offset + 1 - start_offset;
675
676 if (rdev_chain(target_rdev, &cse_region_rdev, start_offset, size))
677 return CB_ERR;
678
679 printk(BIOS_DEBUG, "cse_lite: CSE RW partition: offset = 0x%x, size = 0x%x\n",
680 (uint32_t)start_offset, (uint32_t)size);
681
682 return CB_SUCCESS;
683 }
684
685 /*
686 * Compare versions of CSE CBFS sub-component and CSE sub-component partition
687 * In case of CSE component comparison:
688 * If ver_cmp_status = 0, no update is required
689 * If ver_cmp_status < 0, coreboot downgrades CSE RW region
690 * If ver_cmp_status > 0, coreboot upgrades CSE RW region
691 */
cse_compare_sub_part_version(const struct fw_version * a,const struct fw_version * b)692 static int cse_compare_sub_part_version(const struct fw_version *a, const struct fw_version *b)
693 {
694 if (a->major != b->major)
695 return a->major - b->major;
696 else if (a->minor != b->minor)
697 return a->minor - b->minor;
698 else if (a->hotfix != b->hotfix)
699 return a->hotfix - b->hotfix;
700 else
701 return a->build - b->build;
702 }
703
cse_erase_rw_region(const struct region_device * target_rdev)704 static enum cb_err cse_erase_rw_region(const struct region_device *target_rdev)
705 {
706 if (rdev_eraseat(target_rdev, 0, region_device_sz(target_rdev)) < 0) {
707 printk(BIOS_ERR, "cse_lite: CSE RW partition could not be erased\n");
708 return CB_ERR;
709 }
710 return CB_SUCCESS;
711 }
712
cse_copy_rw(const struct region_device * target_rdev,const void * buf,size_t offset,size_t size)713 static enum cb_err cse_copy_rw(const struct region_device *target_rdev, const void *buf,
714 size_t offset, size_t size)
715 {
716 if (rdev_writeat(target_rdev, buf, offset, size) < 0) {
717 printk(BIOS_ERR, "cse_lite: Failed to update CSE firmware\n");
718 return CB_ERR;
719 }
720
721 return CB_SUCCESS;
722 }
723
724 enum cse_update_status {
725 CSE_UPDATE_NOT_REQUIRED,
726 CSE_UPDATE_UPGRADE,
727 CSE_UPDATE_DOWNGRADE,
728 CSE_UPDATE_CORRUPTED,
729 CSE_UPDATE_METADATA_ERROR,
730 };
731
read_ver_field(const char * start,char ** curr,size_t size,uint16_t * ver_field)732 static bool read_ver_field(const char *start, char **curr, size_t size, uint16_t *ver_field)
733 {
734 if ((*curr - start) >= size) {
735 printk(BIOS_ERR, "cse_lite: Version string read overflow!\n");
736 return false;
737 }
738
739 *ver_field = skip_atoi(curr);
740 (*curr)++;
741 return true;
742 }
743
get_cse_ver_from_cbfs(struct fw_version * cbfs_rw_version)744 static enum cb_err get_cse_ver_from_cbfs(struct fw_version *cbfs_rw_version)
745 {
746 char *version_str, *cbfs_ptr;
747 size_t size;
748
749 if (cbfs_rw_version == NULL)
750 return CB_ERR;
751
752 cbfs_ptr = cbfs_map(CONFIG_SOC_INTEL_CSE_RW_VERSION_CBFS_NAME, &size);
753 version_str = cbfs_ptr;
754 if (!version_str) {
755 printk(BIOS_ERR, "cse_lite: Failed to get %s\n",
756 CONFIG_SOC_INTEL_CSE_RW_VERSION_CBFS_NAME);
757 return CB_ERR;
758 }
759
760 if (!read_ver_field(version_str, &cbfs_ptr, size, &cbfs_rw_version->major) ||
761 !read_ver_field(version_str, &cbfs_ptr, size, &cbfs_rw_version->minor) ||
762 !read_ver_field(version_str, &cbfs_ptr, size, &cbfs_rw_version->hotfix) ||
763 !read_ver_field(version_str, &cbfs_ptr, size, &cbfs_rw_version->build)) {
764 cbfs_unmap(version_str);
765 return CB_ERR;
766 }
767
768 cbfs_unmap(version_str);
769 return CB_SUCCESS;
770 }
771
cse_check_update_status(struct region_device * target_rdev)772 static enum cse_update_status cse_check_update_status(struct region_device *target_rdev)
773 {
774 int ret;
775 struct fw_version cbfs_rw_version;
776
777 if (!cse_is_rw_bp_sign_valid(target_rdev))
778 return CSE_UPDATE_CORRUPTED;
779
780 if (get_cse_ver_from_cbfs(&cbfs_rw_version) == CB_ERR)
781 return CSE_UPDATE_METADATA_ERROR;
782
783 printk(BIOS_DEBUG, "cse_lite: CSE CBFS RW version : %d.%d.%d.%d\n",
784 cbfs_rw_version.major,
785 cbfs_rw_version.minor,
786 cbfs_rw_version.hotfix,
787 cbfs_rw_version.build);
788
789 ret = cse_compare_sub_part_version(&cbfs_rw_version, cse_get_rw_version());
790 if (ret == 0)
791 return CSE_UPDATE_NOT_REQUIRED;
792 else if (ret < 0)
793 return CSE_UPDATE_DOWNGRADE;
794 else
795 return CSE_UPDATE_UPGRADE;
796 }
797
cse_write_rw_region(const struct region_device * target_rdev,const void * cse_cbfs_rw,const size_t cse_cbfs_rw_sz)798 static enum cb_err cse_write_rw_region(const struct region_device *target_rdev,
799 const void *cse_cbfs_rw, const size_t cse_cbfs_rw_sz)
800 {
801 /* Points to CSE CBFS RW image after boot partition signature */
802 uint8_t *cse_cbfs_rw_wo_sign = (uint8_t *)cse_cbfs_rw + CSE_RW_SIGN_SIZE;
803
804 /* Size of CSE CBFS RW image without boot partition signature */
805 uint32_t cse_cbfs_rw_wo_sign_sz = cse_cbfs_rw_sz - CSE_RW_SIGN_SIZE;
806
807 /* Update except CSE RW signature */
808 if (cse_copy_rw(target_rdev, cse_cbfs_rw_wo_sign, CSE_RW_SIGN_SIZE,
809 cse_cbfs_rw_wo_sign_sz) != CB_SUCCESS)
810 return CB_ERR;
811
812 /* Update CSE RW signature to indicate update is complete */
813 if (cse_copy_rw(target_rdev, (void *)cse_cbfs_rw, 0, CSE_RW_SIGN_SIZE) != CB_SUCCESS)
814 return CB_ERR;
815
816 printk(BIOS_INFO, "cse_lite: CSE RW Update Successful\n");
817 return CB_SUCCESS;
818 }
819
is_cse_fw_update_enabled(void)820 static bool is_cse_fw_update_enabled(void)
821 {
822 if (!CONFIG(SOC_INTEL_CSE_RW_UPDATE))
823 return false;
824
825 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD))
826 return false;
827
828 if (CONFIG(SOC_INTEL_COMMON_BASECODE_DEBUG_FEATURE))
829 return !is_debug_cse_fw_update_disable();
830
831 return true;
832 }
833
cse_update_rw(const void * cse_cbfs_rw,const size_t cse_blob_sz,struct region_device * target_rdev)834 static enum csme_failure_reason cse_update_rw(const void *cse_cbfs_rw, const size_t cse_blob_sz,
835 struct region_device *target_rdev)
836 {
837 if (region_device_sz(target_rdev) < cse_blob_sz) {
838 printk(BIOS_ERR, "RW update does not fit. CSE RW flash region size: %zx,"
839 "Update blob size:%zx\n", region_device_sz(target_rdev), cse_blob_sz);
840 return CSE_LITE_SKU_LAYOUT_MISMATCH_ERROR;
841 }
842
843 if (cse_erase_rw_region(target_rdev) != CB_SUCCESS)
844 return CSE_LITE_SKU_FW_UPDATE_ERROR;
845
846 if (cse_write_rw_region(target_rdev, cse_cbfs_rw, cse_blob_sz) != CB_SUCCESS)
847 return CSE_LITE_SKU_FW_UPDATE_ERROR;
848
849 return CSE_NO_ERROR;
850 }
851
cse_prep_for_rw_update(enum cse_update_status status)852 static enum cb_err cse_prep_for_rw_update(enum cse_update_status status)
853 {
854 if (status == CSE_UPDATE_CORRUPTED)
855 elog_add_event(ELOG_TYPE_PSR_DATA_LOST);
856 /*
857 * To set CSE's operation mode to HMRFPO mode:
858 * 1. Ensure CSE to boot from RO(BP1)
859 * 2. Send HMRFPO_ENABLE command to CSE
860 */
861 if (cse_boot_to_ro() != CB_SUCCESS)
862 return CB_ERR;
863
864 if ((status == CSE_UPDATE_DOWNGRADE) || (status == CSE_UPDATE_CORRUPTED)) {
865 /* Reset the PSR backup command status in CMOS */
866 if (CONFIG(SOC_INTEL_CSE_LITE_PSR))
867 update_psr_backup_status(PSR_BACKUP_PENDING);
868
869 if (cse_data_clear_request() != CB_SUCCESS) {
870 printk(BIOS_ERR, "cse_lite: CSE data clear failed!\n");
871 return CB_ERR;
872 }
873 }
874
875 return cse_hmrfpo_enable();
876 }
877
cse_trigger_fw_update(enum cse_update_status status,struct region_device * target_rdev)878 static enum csme_failure_reason cse_trigger_fw_update(enum cse_update_status status,
879 struct region_device *target_rdev)
880 {
881 enum csme_failure_reason rv;
882 void *cse_cbfs_rw = NULL;
883 size_t size;
884
885 if (CONFIG(SOC_INTEL_CSE_LITE_COMPRESS_ME_RW)) {
886 cse_cbfs_rw = cbfs_cbmem_alloc(CONFIG_SOC_INTEL_CSE_RW_CBFS_NAME,
887 CBMEM_ID_CSE_UPDATE, &size);
888 } else {
889 cse_cbfs_rw = cbfs_map(CONFIG_SOC_INTEL_CSE_RW_CBFS_NAME, &size);
890 }
891
892 if (!cse_cbfs_rw) {
893 printk(BIOS_ERR, "cse_lite: CSE CBFS RW blob could not be mapped\n");
894 return CSE_LITE_SKU_RW_BLOB_NOT_FOUND;
895 }
896
897 if (cse_prep_for_rw_update(status) != CB_SUCCESS) {
898 rv = CSE_COMMUNICATION_ERROR;
899 goto error_exit;
900 }
901
902 cse_fw_update_misc_oper();
903 rv = cse_update_rw(cse_cbfs_rw, size, target_rdev);
904
905 error_exit:
906 cbfs_unmap(cse_cbfs_rw);
907 return rv;
908 }
909
is_psr_data_backed_up(void)910 static bool is_psr_data_backed_up(void)
911 {
912 /* Track PSR backup status in CMOS */
913 return (get_psr_backup_status() == PSR_BACKUP_DONE);
914 }
915
is_psr_supported(void)916 static bool is_psr_supported(void)
917 {
918 uint32_t feature_status;
919
920 /*
921 * Check if SoC has support for PSR feature typically PSR feature
922 * is only supported by vpro SKU
923 *
924 */
925 if (cse_get_fw_feature_state(&feature_status) != CB_SUCCESS) {
926 printk(BIOS_ERR, "cse_get_fw_feature_state command failed !\n");
927 return false;
928 }
929
930 if (!(feature_status & ME_FW_FEATURE_PSR)) {
931 printk(BIOS_DEBUG, "PSR is not supported in this SKU !\n");
932 return false;
933 }
934
935 return true;
936 }
937
938 /*
939 * PSR data needs to be backed up prior to downgrade. So switch the CSE boot mode to RW, send
940 * PSR back-up command to CSE and update the PSR back-up state in CMOS.
941 */
backup_psr_data(void)942 static void backup_psr_data(void)
943 {
944 printk(BIOS_DEBUG, "cse_lite: Initiate PSR data backup flow\n");
945 /* Switch CSE to RW to send PSR_HECI_FW_DOWNGRADE_BACKUP command */
946 if (cse_boot_to_rw() != CB_SUCCESS) {
947 elog_add_event(ELOG_TYPE_PSR_DATA_LOST);
948 goto update_and_exit;
949 }
950 /*
951 * The function to check for PSR feature support can only be called after
952 * switching to RW partition. The command MKHI_FWCAPS_GET_FW_FEATURE_STATE
953 * that gives feature state is supported by a process that is loaded only
954 * when CSE boots from RW.
955 *
956 */
957 if (!is_psr_supported())
958 goto update_and_exit;
959
960 /*
961 * Prerequisites:
962 * 1) HFSTS1 Current Working State is Normal
963 * 2) HFSTS1 Current Operation Mode is Normal
964 */
965 if (!cse_is_hfs1_cws_normal() || !cse_is_hfs1_com_normal()) {
966 printk(BIOS_DEBUG, "cse_lite: PSR_HECI_FW_DOWNGRADE_BACKUP command "
967 "prerequisites not met!\n");
968 elog_add_event(ELOG_TYPE_PSR_DATA_LOST);
969 goto update_and_exit;
970 }
971
972 /* Send PSR_HECI_FW_DOWNGRADE_BACKUP command */
973 struct psr_heci_fw_downgrade_backup_req {
974 struct psr_heci_header header;
975 } __packed;
976
977 struct psr_heci_fw_downgrade_backup_req req = {
978 .header.command = PSR_HECI_FW_DOWNGRADE_BACKUP,
979 };
980
981 struct psr_heci_fw_downgrade_backup_res {
982 struct psr_heci_header header;
983 uint32_t status;
984 } __packed;
985
986 struct psr_heci_fw_downgrade_backup_res backup_psr_resp;
987 size_t resp_size = sizeof(backup_psr_resp);
988
989 printk(BIOS_DEBUG, "cse_lite: Send PSR_HECI_FW_DOWNGRADE_BACKUP command\n");
990 if (heci_send_receive(&req, sizeof(req),
991 &backup_psr_resp, &resp_size, HECI_PSR_ADDR)) {
992 printk(BIOS_ERR, "cse_lite: could not backup PSR data\n");
993 elog_add_event_byte(ELOG_TYPE_PSR_DATA_BACKUP, ELOG_PSR_DATA_BACKUP_FAILED);
994 } else {
995 if (backup_psr_resp.status != PSR_STATUS_SUCCESS) {
996 printk(BIOS_ERR, "cse_lite: PSR_HECI_FW_DOWNGRADE_BACKUP command "
997 "returned %u\n", backup_psr_resp.status);
998 elog_add_event_byte(ELOG_TYPE_PSR_DATA_BACKUP,
999 ELOG_PSR_DATA_BACKUP_FAILED);
1000 } else {
1001 elog_add_event_byte(ELOG_TYPE_PSR_DATA_BACKUP,
1002 ELOG_PSR_DATA_BACKUP_SUCCESS);
1003 }
1004 }
1005
1006 update_and_exit:
1007 /*
1008 * An attempt to send PSR back-up command has been made. Update this info in CMOS and
1009 * send success once backup_psr_data() has been called. We do not want to put the system
1010 * into recovery for PSR data backup command pre-requisites not being met.
1011 * We cannot do much if CSE fails to backup the PSR data, except create an event log.
1012 */
1013 update_psr_backup_status(PSR_BACKUP_DONE);
1014 }
1015
initiate_psr_data_backup(void)1016 static void initiate_psr_data_backup(void)
1017 {
1018 if (is_psr_data_backed_up())
1019 return;
1020
1021 backup_psr_data();
1022 }
1023
1024 /*
1025 * Check if a CSE Firmware update is required
1026 * returns true if an update is required, false otherwise
1027 */
is_cse_fw_update_required(void)1028 bool is_cse_fw_update_required(void)
1029 {
1030 struct fw_version cbfs_rw_version;
1031
1032 if (!is_cse_fw_update_enabled())
1033 return false;
1034
1035 /*
1036 * First, check if cse_bp_info_rsp global structure is populated.
1037 * If not, it implies that cse_fill_bp_info() function is not called.
1038 */
1039 if (!is_cse_bp_info_valid(&cse_bp_info_rsp))
1040 return false;
1041
1042 if (get_cse_ver_from_cbfs(&cbfs_rw_version) == CB_ERR)
1043 return false;
1044
1045 return !!cse_compare_sub_part_version(&cbfs_rw_version, cse_get_rw_version());
1046 }
1047
cse_fw_update(void)1048 static uint8_t cse_fw_update(void)
1049 {
1050 struct region_device target_rdev;
1051 enum cse_update_status status;
1052
1053 if (cse_get_target_rdev(&target_rdev) != CB_SUCCESS) {
1054 printk(BIOS_ERR, "cse_lite: Failed to get CSE RW Partition\n");
1055 return CSE_LITE_SKU_RW_ACCESS_ERROR;
1056 }
1057
1058 status = cse_check_update_status(&target_rdev);
1059 if (status == CSE_UPDATE_NOT_REQUIRED)
1060 return CSE_NO_ERROR;
1061 if (status == CSE_UPDATE_METADATA_ERROR)
1062 return CSE_LITE_SKU_RW_METADATA_NOT_FOUND;
1063 if (CONFIG(SOC_INTEL_CSE_LITE_PSR) && status == CSE_UPDATE_DOWNGRADE)
1064 initiate_psr_data_backup();
1065
1066 printk(BIOS_DEBUG, "cse_lite: CSE RW update is initiated\n");
1067 return cse_trigger_fw_update(status, &target_rdev);
1068 }
1069
cse_sub_part_str(enum bpdt_entry_type type)1070 static const char *cse_sub_part_str(enum bpdt_entry_type type)
1071 {
1072 switch (type) {
1073 case IOM_FW:
1074 return "IOM";
1075 case NPHY_FW:
1076 return "NPHY";
1077 default:
1078 return "Unknown";
1079 }
1080 }
1081
cse_locate_area_as_rdev_rw(size_t bp,struct region_device * cse_rdev)1082 static enum cb_err cse_locate_area_as_rdev_rw(size_t bp, struct region_device *cse_rdev)
1083 {
1084 struct region_device cse_region_rdev;
1085 uint32_t size;
1086 uint32_t start_offset;
1087 uint32_t end_offset;
1088
1089 if (cse_get_rw_rdev(&cse_region_rdev) != CB_SUCCESS)
1090 return CB_ERR;
1091
1092 if (!strcmp(cse_regions[bp], "RO"))
1093 cse_get_bp_entry_range(RO, &start_offset, &end_offset);
1094 else
1095 cse_get_bp_entry_range(RW, &start_offset, &end_offset);
1096
1097 size = end_offset + 1 - start_offset;
1098
1099 if (rdev_chain(cse_rdev, &cse_region_rdev, start_offset, size))
1100 return CB_ERR;
1101
1102 printk(BIOS_DEBUG, "cse_lite: CSE %s partition: offset = 0x%x, size = 0x%x\n",
1103 cse_regions[bp], start_offset, size);
1104 return CB_SUCCESS;
1105 }
1106
cse_sub_part_get_target_rdev(struct region_device * target_rdev,size_t bp,enum bpdt_entry_type type)1107 static enum cb_err cse_sub_part_get_target_rdev(struct region_device *target_rdev, size_t bp,
1108 enum bpdt_entry_type type)
1109 {
1110 struct bpdt_header bpdt_hdr;
1111 struct region_device cse_rdev;
1112 struct bpdt_entry bpdt_entries[MAX_SUBPARTS];
1113 uint8_t i;
1114
1115 if (cse_locate_area_as_rdev_rw(bp, &cse_rdev) != CB_SUCCESS) {
1116 printk(BIOS_ERR, "cse_lite: Failed to locate %s in the CSE Region\n",
1117 cse_regions[bp]);
1118 return CB_ERR;
1119 }
1120
1121 if ((rdev_readat(&cse_rdev, &bpdt_hdr, 0, BPDT_HEADER_SZ)) != BPDT_HEADER_SZ) {
1122 printk(BIOS_ERR, "cse_lite: Failed to read BPDT header from CSE region\n");
1123 return CB_ERR;
1124 }
1125
1126 if ((rdev_readat(&cse_rdev, bpdt_entries, BPDT_HEADER_SZ,
1127 (bpdt_hdr.descriptor_count * BPDT_ENTRY_SZ))) !=
1128 (bpdt_hdr.descriptor_count * BPDT_ENTRY_SZ)) {
1129 printk(BIOS_ERR, "cse_lite: Failed to read BPDT entries from CSE region\n");
1130 return CB_ERR;
1131 }
1132
1133 /* walk through BPDT entries to identify sub-partition's payload offset and size */
1134 for (i = 0; i < bpdt_hdr.descriptor_count; i++) {
1135 if (bpdt_entries[i].type == type) {
1136 printk(BIOS_INFO, "cse_lite: Sub-partition %s- offset = 0x%x,"
1137 "size = 0x%x\n", cse_sub_part_str(type), bpdt_entries[i].offset,
1138 bpdt_entries[i].size);
1139
1140 if (rdev_chain(target_rdev, &cse_rdev, bpdt_entries[i].offset,
1141 bpdt_entries[i].size))
1142 return CB_ERR;
1143 else
1144 return CB_SUCCESS;
1145 }
1146 }
1147
1148 printk(BIOS_ERR, "cse_lite: Sub-partition %s is not found\n", cse_sub_part_str(type));
1149 return CB_ERR;
1150 }
1151
cse_get_sub_part_fw_version(enum bpdt_entry_type type,const struct region_device * rdev,struct fw_version * fw_ver)1152 static enum cb_err cse_get_sub_part_fw_version(enum bpdt_entry_type type,
1153 const struct region_device *rdev,
1154 struct fw_version *fw_ver)
1155 {
1156 struct subpart_entry subpart_entry;
1157 struct subpart_entry_manifest_header man_hdr;
1158
1159 if ((rdev_readat(rdev, &subpart_entry, SUBPART_HEADER_SZ, SUBPART_ENTRY_SZ))
1160 != SUBPART_ENTRY_SZ) {
1161 printk(BIOS_ERR, "cse_lite: Failed to read %s sub partition entry\n",
1162 cse_sub_part_str(type));
1163 return CB_ERR;
1164 }
1165
1166 if ((rdev_readat(rdev, &man_hdr, subpart_entry.offset_bytes, SUBPART_MANIFEST_HDR_SZ))
1167 != SUBPART_MANIFEST_HDR_SZ) {
1168 printk(BIOS_ERR, "cse_lite: Failed to read %s Sub part entry #0 manifest\n",
1169 cse_sub_part_str(type));
1170 return CB_ERR;
1171 }
1172
1173 fw_ver->major = man_hdr.binary_version.major;
1174 fw_ver->minor = man_hdr.binary_version.minor;
1175 fw_ver->hotfix = man_hdr.binary_version.hotfix;
1176 fw_ver->build = man_hdr.binary_version.build;
1177
1178 return CB_SUCCESS;
1179 }
1180
cse_sub_part_get_source_fw_version(void * subpart_cbfs_rw,struct fw_version * fw_ver)1181 static void cse_sub_part_get_source_fw_version(void *subpart_cbfs_rw, struct fw_version *fw_ver)
1182 {
1183 uint8_t *ptr = (uint8_t *)subpart_cbfs_rw;
1184 struct subpart_entry *subpart_entry;
1185 struct subpart_entry_manifest_header *man_hdr;
1186
1187 subpart_entry = (struct subpart_entry *)(ptr + SUBPART_HEADER_SZ);
1188 man_hdr = (struct subpart_entry_manifest_header *)(ptr + subpart_entry->offset_bytes);
1189
1190 fw_ver->major = man_hdr->binary_version.major;
1191 fw_ver->minor = man_hdr->binary_version.minor;
1192 fw_ver->hotfix = man_hdr->binary_version.hotfix;
1193 fw_ver->build = man_hdr->binary_version.build;
1194 }
1195
cse_prep_for_component_update(void)1196 static enum cb_err cse_prep_for_component_update(void)
1197 {
1198 /*
1199 * To set CSE's operation mode to HMRFPO mode:
1200 * 1. Ensure CSE to boot from RO(BP1)
1201 * 2. Send HMRFPO_ENABLE command to CSE
1202 */
1203 if (cse_boot_to_ro() != CB_SUCCESS)
1204 return CB_ERR;
1205
1206 return cse_hmrfpo_enable();
1207 }
1208
cse_sub_part_trigger_update(enum bpdt_entry_type type,uint8_t bp,const void * subpart_cbfs_rw,const size_t blob_sz,struct region_device * target_rdev)1209 static enum csme_failure_reason cse_sub_part_trigger_update(enum bpdt_entry_type type,
1210 uint8_t bp, const void *subpart_cbfs_rw, const size_t blob_sz,
1211 struct region_device *target_rdev)
1212 {
1213 if (region_device_sz(target_rdev) < blob_sz) {
1214 printk(BIOS_ERR, "cse_lite: %s Target sub-partition size: %zx, "
1215 "smaller than blob size:%zx, abort update\n",
1216 cse_sub_part_str(type), region_device_sz(target_rdev), blob_sz);
1217 return CSE_LITE_SKU_SUB_PART_LAYOUT_MISMATCH_ERROR;
1218 }
1219
1220 /* Erase CSE Lite sub-partition */
1221 if (cse_erase_rw_region(target_rdev) != CB_SUCCESS)
1222 return CSE_LITE_SKU_SUB_PART_UPDATE_FAIL;
1223
1224 /* Update CSE Lite sub-partition */
1225 if (cse_copy_rw(target_rdev, (void *)subpart_cbfs_rw, 0, blob_sz) != CB_SUCCESS)
1226 return CSE_LITE_SKU_SUB_PART_UPDATE_FAIL;
1227
1228 printk(BIOS_INFO, "cse_lite: CSE %s %s Update successful\n", GET_BP_STR(bp),
1229 cse_sub_part_str(type));
1230
1231 return CSE_LITE_SKU_PART_UPDATE_SUCCESS;
1232 }
1233
handle_cse_sub_part_fw_update_rv(enum csme_failure_reason rv)1234 static enum csme_failure_reason handle_cse_sub_part_fw_update_rv(enum csme_failure_reason rv)
1235 {
1236 switch (rv) {
1237 case CSE_LITE_SKU_PART_UPDATE_SUCCESS:
1238 case CSE_LITE_SKU_SUB_PART_UPDATE_NOT_REQ:
1239 return rv;
1240 default:
1241 cse_trigger_vboot_recovery(rv);
1242 }
1243 /* Control never reaches here */
1244 return rv;
1245 }
1246
cse_sub_part_fw_component_update(enum bpdt_entry_type type,const char * name)1247 static enum csme_failure_reason cse_sub_part_fw_component_update(enum bpdt_entry_type type,
1248 const char *name)
1249 {
1250 struct region_device target_rdev;
1251 struct fw_version target_fw_ver, source_fw_ver;
1252 enum csme_failure_reason rv;
1253 size_t size;
1254
1255 void *subpart_cbfs_rw = cbfs_map(name, &size);
1256 if (!subpart_cbfs_rw) {
1257 printk(BIOS_ERR, "cse_lite: Not able to map %s CBFS file\n",
1258 cse_sub_part_str(type));
1259 return CSE_LITE_SKU_SUB_PART_BLOB_ACCESS_ERR;
1260 }
1261
1262 cse_sub_part_get_source_fw_version(subpart_cbfs_rw, &source_fw_ver);
1263 printk(BIOS_INFO, "cse_lite: CBFS %s FW Version: %x.%x.%x.%x\n", cse_sub_part_str(type),
1264 source_fw_ver.major, source_fw_ver.minor, source_fw_ver.hotfix,
1265 source_fw_ver.build);
1266
1267 /* Trigger sub-partition update in CSE RO and CSE RW */
1268 for (size_t bp = 0; bp < ARRAY_SIZE(cse_regions); bp++) {
1269 if (cse_sub_part_get_target_rdev(&target_rdev, bp, type) != CB_SUCCESS) {
1270 rv = CSE_LITE_SKU_SUB_PART_ACCESS_ERR;
1271 goto error_exit;
1272 }
1273
1274 if (cse_get_sub_part_fw_version(type, &target_rdev, &target_fw_ver) != CB_SUCCESS) {
1275 rv = CSE_LITE_SKU_SUB_PART_ACCESS_ERR;
1276 goto error_exit;
1277 }
1278
1279 printk(BIOS_INFO, "cse_lite: %s %s FW Version: %x.%x.%x.%x\n", cse_regions[bp],
1280 cse_sub_part_str(type), target_fw_ver.major,
1281 target_fw_ver.minor, target_fw_ver.hotfix, target_fw_ver.build);
1282
1283 if (!cse_compare_sub_part_version(&target_fw_ver, &source_fw_ver)) {
1284 printk(BIOS_INFO, "cse_lite: %s %s update is not required\n",
1285 cse_regions[bp], cse_sub_part_str(type));
1286 rv = CSE_LITE_SKU_SUB_PART_UPDATE_NOT_REQ;
1287 continue;
1288 }
1289
1290 printk(BIOS_INFO, "CSE %s %s Update initiated\n", GET_BP_STR(bp),
1291 cse_sub_part_str(type));
1292
1293 if (cse_prep_for_component_update() != CB_SUCCESS) {
1294 rv = CSE_LITE_SKU_SUB_PART_ACCESS_ERR;
1295 goto error_exit;
1296 }
1297
1298 rv = cse_sub_part_trigger_update(type, bp, subpart_cbfs_rw,
1299 size, &target_rdev);
1300
1301 if (rv != CSE_LITE_SKU_PART_UPDATE_SUCCESS)
1302 goto error_exit;
1303 }
1304 error_exit:
1305 cbfs_unmap(subpart_cbfs_rw);
1306 return rv;
1307 }
1308
cse_sub_part_fw_update(void)1309 static enum csme_failure_reason cse_sub_part_fw_update(void)
1310 {
1311 if (skip_cse_sub_part_update()) {
1312 printk(BIOS_INFO, "CSE Sub-partition update not required\n");
1313 return CSE_LITE_SKU_SUB_PART_UPDATE_NOT_REQ;
1314 }
1315
1316 enum csme_failure_reason rv;
1317 rv = cse_sub_part_fw_component_update(IOM_FW, CONFIG_SOC_INTEL_CSE_IOM_CBFS_NAME);
1318
1319 handle_cse_sub_part_fw_update_rv(rv);
1320
1321 rv = cse_sub_part_fw_component_update(NPHY_FW, CONFIG_SOC_INTEL_CSE_NPHY_CBFS_NAME);
1322
1323 return handle_cse_sub_part_fw_update_rv(rv);
1324 }
1325
do_cse_fw_sync(void)1326 static void do_cse_fw_sync(void)
1327 {
1328 /*
1329 * If system is in recovery mode, skip CSE Lite update if CSE sub-partition update
1330 * is not enabled and continue to update CSE sub-partitions.
1331 */
1332 if (vboot_recovery_mode_enabled() && !CONFIG(SOC_INTEL_CSE_SUB_PART_UPDATE)) {
1333 printk(BIOS_DEBUG, "cse_lite: Skip switching to RW in the recovery path\n");
1334 return;
1335 }
1336
1337 /* If CSE SKU type is not Lite, skip enabling CSE Lite SKU */
1338 if (!cse_is_hfs3_fw_sku_lite()) {
1339 printk(BIOS_ERR, "cse_lite: Not a CSE Lite SKU\n");
1340 return;
1341 }
1342
1343 if (cse_get_bp_info() != CB_SUCCESS) {
1344 printk(BIOS_ERR, "cse_lite: Failed to get CSE boot partition info\n");
1345
1346 /* If system is in recovery mode, don't trigger recovery again */
1347 if (!vboot_recovery_mode_enabled()) {
1348 cse_trigger_vboot_recovery(CSE_COMMUNICATION_ERROR);
1349 } else {
1350 printk(BIOS_ERR, "cse_lite: System is already in Recovery Mode, "
1351 "so no action\n");
1352 return;
1353 }
1354 }
1355
1356 /* Store the CSE RW Firmware Version into CBMEM */
1357 if (CONFIG(SOC_INTEL_STORE_CSE_FW_VERSION))
1358 cse_store_rw_fw_version();
1359
1360 /*
1361 * If system is in recovery mode, CSE Lite update has to be skipped but CSE
1362 * sub-partitions like NPHY and IOM have to be updated. If CSE sub-partition update
1363 * fails during recovery, just continue to boot.
1364 */
1365 if (CONFIG(SOC_INTEL_CSE_SUB_PART_UPDATE) && vboot_recovery_mode_enabled()) {
1366 if (cse_sub_part_fw_update() == CSE_LITE_SKU_PART_UPDATE_SUCCESS) {
1367 cse_board_reset();
1368 do_global_reset();
1369 die("ERROR: GLOBAL RESET Failed to reset the system\n");
1370 }
1371
1372 return;
1373 }
1374
1375 if (cse_fix_data_failure_err() != CB_SUCCESS)
1376 cse_trigger_vboot_recovery(CSE_LITE_SKU_DATA_WIPE_ERROR);
1377
1378 /*
1379 * CSE firmware update is skipped if SOC_INTEL_CSE_RW_UPDATE is not defined and
1380 * runtime debug control flag is not enabled. The driver triggers recovery if CSE CBFS
1381 * RW metadata or CSE CBFS RW blob is not available.
1382 */
1383 if (is_cse_fw_update_enabled()) {
1384 uint8_t rv;
1385 rv = cse_fw_update();
1386 if (rv)
1387 cse_trigger_vboot_recovery(rv);
1388 }
1389
1390 if (CONFIG(SOC_INTEL_CSE_SUB_PART_UPDATE))
1391 cse_sub_part_fw_update();
1392
1393 if (!cse_is_rw_bp_status_valid())
1394 cse_trigger_vboot_recovery(CSE_LITE_SKU_RW_JUMP_ERROR);
1395
1396 if (cse_boot_to_rw() != CB_SUCCESS) {
1397 printk(BIOS_ERR, "cse_lite: Failed to switch to RW\n");
1398 cse_trigger_vboot_recovery(CSE_LITE_SKU_RW_SWITCH_ERROR);
1399 }
1400 }
1401
cse_fw_sync(void)1402 void cse_fw_sync(void)
1403 {
1404 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD))
1405 return;
1406
1407 timestamp_add_now(TS_CSE_FW_SYNC_START);
1408 do_cse_fw_sync();
1409 timestamp_add_now(TS_CSE_FW_SYNC_END);
1410 }
1411
send_get_fpt_partition_info_cmd(enum fpt_partition_id id,struct fw_version_resp * resp)1412 static enum cb_err send_get_fpt_partition_info_cmd(enum fpt_partition_id id,
1413 struct fw_version_resp *resp)
1414 {
1415 enum cse_tx_rx_status ret;
1416 struct fw_version_msg {
1417 struct mkhi_hdr hdr;
1418 enum fpt_partition_id partition_id;
1419 } __packed msg = {
1420 .hdr = {
1421 .group_id = MKHI_GROUP_ID_GEN,
1422 .command = GEN_GET_IMAGE_FW_VERSION,
1423 },
1424 .partition_id = id,
1425 };
1426
1427 /*
1428 * Prerequisites:
1429 * 1) HFSTS1 CWS is Normal
1430 * 2) HFSTS1 COM is Normal
1431 * 3) Only sent after DID (accomplished by compiling this into ramstage)
1432 */
1433
1434 if (cse_is_hfs1_com_soft_temp_disable() || !cse_is_hfs1_cws_normal() ||
1435 !cse_is_hfs1_com_normal()) {
1436 printk(BIOS_ERR,
1437 "HECI: Prerequisites not met for Get Image Firmware Version command\n");
1438 return CB_ERR;
1439 }
1440
1441 size_t resp_size = sizeof(struct fw_version_resp);
1442 ret = heci_send_receive(&msg, sizeof(msg), resp, &resp_size, HECI_MKHI_ADDR);
1443
1444 if (ret || resp->hdr.result) {
1445 printk(BIOS_ERR, "CSE: Failed to get partition information for %d: 0x%x\n",
1446 id, resp->hdr.result);
1447 return CB_ERR;
1448 }
1449
1450 return CB_SUCCESS;
1451 }
1452
cse_get_fpt_partition_info(enum fpt_partition_id id,struct fw_version_resp * resp)1453 static enum cb_err cse_get_fpt_partition_info(enum fpt_partition_id id,
1454 struct fw_version_resp *resp)
1455 {
1456 if (vboot_recovery_mode_enabled()) {
1457 printk(BIOS_WARNING,
1458 "CSE: Skip sending Get Image Info command during recovery mode!\n");
1459 return CB_ERR;
1460 }
1461
1462 if (id == FPT_PARTITION_NAME_ISHC && !CONFIG(DRIVERS_INTEL_ISH)) {
1463 printk(BIOS_WARNING, "CSE: Info request denied, no ISH partition\n");
1464 return CB_ERR;
1465 }
1466
1467 return send_get_fpt_partition_info_cmd(id, resp);
1468 }
1469
is_ish_version_valid(struct cse_fw_ish_version_info * version)1470 static bool is_ish_version_valid(struct cse_fw_ish_version_info *version)
1471 {
1472 const struct fw_version invalid_fw = {0, 0, 0, 0};
1473 if (!memcmp(&version->cur_ish_fw_version, &invalid_fw, sizeof(struct fw_version)))
1474 return false;
1475 return true;
1476 }
1477
1478 /*
1479 * Helper function to read ISH version from CSE FPT using HECI command.
1480 *
1481 * The HECI command only be executed after memory has been initialized.
1482 * This is because the command relies on resources that are not available
1483 * until DRAM initialization command has been sent.
1484 */
store_ish_version(void)1485 static void store_ish_version(void)
1486 {
1487 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_BY_PAYLOAD))
1488 return;
1489
1490 if (!ENV_RAMSTAGE)
1491 return;
1492
1493 if (vboot_recovery_mode_enabled())
1494 return;
1495
1496 struct cse_specific_info *cse_info_in_cbmem = cbmem_find(CBMEM_ID_CSE_INFO);
1497 if (cse_info_in_cbmem == NULL)
1498 return;
1499
1500 struct cse_specific_info cse_info_in_cmos;
1501 cmos_read_fw_partition_info(&cse_info_in_cmos);
1502
1503 struct cse_fw_partition_info *cbmem_version = &(cse_info_in_cbmem->cse_fwp_version);
1504 struct cse_fw_partition_info *cmos_version = &(cse_info_in_cmos.cse_fwp_version);
1505
1506 /* Get current cse firmware state */
1507 enum cse_fw_state fw_state = get_cse_state(
1508 &(cbmem_version->cur_cse_fw_version),
1509 &(cmos_version->ish_partition_info.prev_cse_fw_version),
1510 &(cbmem_version->ish_partition_info.prev_cse_fw_version));
1511
1512 if (fw_state == CSE_FW_WARM_BOOT) {
1513 return;
1514 } else {
1515 if (fw_state == CSE_FW_COLD_BOOT &&
1516 is_ish_version_valid(&(cmos_version->ish_partition_info))) {
1517 /* CMOS data is persistent across cold boots */
1518 memcpy(&(cse_info_in_cbmem->cse_fwp_version.ish_partition_info),
1519 &(cse_info_in_cmos.cse_fwp_version.ish_partition_info),
1520 sizeof(struct cse_fw_ish_version_info));
1521 store_cse_info_crc(cse_info_in_cbmem);
1522 } else {
1523 /*
1524 * Current running CSE version is different than previous stored CSE version
1525 * which could be due to CSE update or rollback, hence, need to send ISHC
1526 * partition info cmd to know the currently running ISH version.
1527 */
1528 struct fw_version_resp resp;
1529 if (cse_get_fpt_partition_info(FPT_PARTITION_NAME_ISHC,
1530 &resp) == CB_SUCCESS) {
1531 /* Update stored CSE version with current cse version */
1532 memcpy(&(cbmem_version->ish_partition_info.prev_cse_fw_version),
1533 &(cbmem_version->cur_cse_fw_version), sizeof(struct fw_version));
1534
1535 /* Retrieve and update current ish version */
1536 memcpy(&(cbmem_version->ish_partition_info.cur_ish_fw_version),
1537 &(resp.manifest_data.version), sizeof(struct fw_version));
1538
1539 /* Update the CRC */
1540 store_cse_info_crc(cse_info_in_cbmem);
1541
1542 /* Update CMOS with current CSE FPT versions.*/
1543 cmos_write_fw_partition_info(cse_info_in_cbmem);
1544 }
1545 }
1546 }
1547 }
1548
ramstage_cse_misc_ops(void * unused)1549 static void ramstage_cse_misc_ops(void *unused)
1550 {
1551 if (acpi_get_sleep_type() == ACPI_S3)
1552 return;
1553
1554 if (CONFIG(SOC_INTEL_CSE_LITE_SYNC_IN_RAMSTAGE))
1555 cse_fw_sync();
1556
1557 /*
1558 * Store the ISH RW Firmware Version into CBMEM if ISH partition
1559 * is available
1560 */
1561 if (soc_is_ish_partition_enabled())
1562 store_ish_version();
1563 }
1564
1565 BOOT_STATE_INIT_ENTRY(BS_PRE_DEVICE, BS_ON_EXIT, ramstage_cse_misc_ops, NULL);
1566