NUC BOX v0.9.2#879
Conversation
filipleple
changed the title
|
The fixes have been backported to the v0.9.0 release tag on nucbox_v0.9.1_oldbase |
filipleple
force-pushed
the
nuc091
branch
3 times, most recently
from
4807a60 to
9bc6189
Compare
|
@filipleple, #889 is successfully addressing CI issues. |
@SergiiDmytruk right, thank you, saved me quite a bit of trouble 😅 |
|
Looks like the only thing missing is an update of ME.bin in dasharo-blobs. |
|
@filipleple was v0.9.1 never merged to the |
@philipanda yes, it was never merged into That's done, now we're doing v0.9.2, basing on latest I've removed the v0.9.1-related comment from the PR desc. |
Ah, right, makes sense 👍 |
Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Fixes the build-time dependencies to elliminate race conditions preparing SBOM in a parallel build. SBOM is generated only when all components are in place, and doesn't trigger any cloning/rebuilds. Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Fixes the TPM2 recognition in Windows by ensuring consistent ACPI device path reconstruction Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Fixes ACPI code for proper S3 handling and USB wake enablement Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Because UEFI DBX keeps growing in size, and we have a lot of UEFI variables, we've run into an issue where there's not enough free space to update the DBX. Increase the SMMSTORE region to 512K to mitigate this issue. Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Enable debug SMI, which works around issue Dasharo/dasharo-issues#1664. This is a workaround and should be removed once a proper solution to the issue is found. Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Improve performance by lowering the EPP value from the power-on default of 0xb3 (70%) to 0x73 (45%). Lower value = higher performance. Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Move mainboard_configure_gpios() from bootblock_mainboard_early_init() to mainboard_init() in ramstage. GPIO configuration does not need to run before DRAM is available and the full device tree context is present. Disable USE_LEGACY_8254_TIMER (required for s0ix/modern standby compatibility) and normalize SIO printk messages to a consistent "SIO: <action> (LDNx)" format. Inline the half_populated constant in the memcfg_init() call. Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Required to build with SBOM support, otherwise go is missing Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
The GH runners have UID 1001, while user coreboot in SDK has id 1000. This creates a mismatch of IDs and causes permission problems when mounting coreboot git repository under /home/coreboot/coreboot in the container, because the /home/coreboot is a HOME directory of different user. To fix the problem, move the mountpoint to a "neutral" place, where permissions should not be a an issue. The /build directory is chosen so that it does not collide with any HOME directory or system directory. Upstream-Status: Inappropriate [Dasharo CI] Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Move the mountpoint to /tmp, where permissions should not be a an issue. Upstream-Status: Inappropriate [Dasharo CI] Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
GCC 13 promotes -Wflex-array-member-not-at-end to an error. The bpm_ibbs and bpm_ibbs_bottom structs contain hash_struct members with flexible arrays that are not at the end of their containing struct. Their layout is fixed by the CBnT hardware specification and cannot be reordered. Suppress the diagnostic with a pragma guard around the affected struct definitions. These hash_struct fields are deprecated since CBnT BWG v1.2.0 and are always written with size=0 (no payload bytes). Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
$(wildcard ...) already returns an empty string when the path does not exist, so the $(if $(wildcard ...),x,) wrapper is redundant. Replace both payload-swid-ready-dep and ipxe-swid-ready-dep assignments with a plain $(wildcard ...) call. Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
get_smbios_data is unconditionally present in struct device_operations, so a preprocessor guard is not needed. Replace #if CONFIG() / #endif with if (CONFIG()) so the compiler checks both branches. Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
|
Added ME update. Needs Dasharo/dasharo-blobs#58. |
| SI_GBE 8K | ||
| #endif | ||
| SI_ME 0x009ec000 # 10,137,600 bytes = matches IFD exactly | ||
| SI_ME |
There was a problem hiding this comment.
I see MTL laptops doing the same, but making size of SI_ME dynamic in the presence of #if CONFIG_MAINBOARD_USES_IFD_GBE_REGION means that one of two configurations won't match IFD. And ifdtool expects an exact match in
coreboot/util/ifdtool/ifdtool.c
Line 1430 in 5e4b1fc
The smaller size (10MiB - 16 KiB - 8 KiB) is 0x9FA000 and you want to either specify it and grow IFD region or use the smaller region size from IFD (0x0080f000) but keep the size of SI_ALL as is in both cases.
There was a problem hiding this comment.
Hmm, think there's a chance it has to do with users reporting Descriptor: Invalid in HSI after fusing?
Fixing it for the NUC now either way
There was a problem hiding this comment.
Since there's no risk of NUC BOX suddenly shipping with the GBE region populated, I've put only one statically defined option: https://github.com/Dasharo/coreboot/compare/1e32ee848f9afe4e491be763dfdd147b942ccbeb..293011cf7141dcff958409824f45d1f952975f40
There was a problem hiding this comment.
Hmm, think there's a chance it has to do with users reporting
Descriptor: Invalidin HSI after fusing?
Probably not. One (the only?) IFD check resulting in FWUPD_SECURITY_ATTR_RESULT_NOT_VALID that I found is here, which seems to be about region being writable by anything other than it.
Update to latest CSME 18.1.18.2724_v5 for Meteor Lake H/U Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
After switching from Corporate to Consumer CSME, the ME binary shrunk. This allows to reclaim some free space in the FMAP by shrinking the region. Upstream-Status: Pending Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
4 participants
ref: NCM-2211