From df5c1d477446857ae76a8a91adb319da9c726df3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Mon, 20 Apr 2026 10:09:26 +0200 Subject: [PATCH 01/19] configs/config.novacustom_nuc_box: enable SBOM, v0.9.1-rc1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński --- configs/config.novacustom_nuc_box | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/configs/config.novacustom_nuc_box b/configs/config.novacustom_nuc_box index ac87d510363..1ae43c1358c 100644 --- a/configs/config.novacustom_nuc_box +++ b/configs/config.novacustom_nuc_box @@ -1,5 +1,13 @@ -CONFIG_LOCALVERSION="v0.9.0" +CONFIG_LOCALVERSION="v0.9.1-rc1" CONFIG_OPTION_BACKEND_NONE=y +CONFIG_SBOM=y +CONFIG_SBOM_PAYLOAD=y +CONFIG_SBOM_ME=y +CONFIG_SBOM_INTEL_MICROCODE=y +CONFIG_SBOM_INTEL_FSP=y +CONFIG_SBOM_IFD=y +CONFIG_SBOM_VBOOT=y +CONFIG_SBOM_IPXE=y CONFIG_VENDOR_NOVACUSTOM=y CONFIG_MAINBOARD_VENDOR="NovaCustom" # CONFIG_CONSOLE_SERIAL is not set @@ -18,7 +26,7 @@ CONFIG_HAVE_ME_BIN=y CONFIG_DRIVERS_EFI_VARIABLE_STORE=y CONFIG_DRIVERS_EFI_FW_INFO=y CONFIG_DRIVERS_EFI_MAIN_FW_GUID="6f3f1f8c-f0a1-42d4-adee-14b476f9e066" -CONFIG_DRIVERS_EFI_MAIN_FW_VERSION=0x00090080 +CONFIG_DRIVERS_EFI_MAIN_FW_VERSION=0x00090101 CONFIG_DRIVERS_EFI_MAIN_FW_LSV=0x00090080 CONFIG_DRIVERS_EFI_UPDATE_CAPSULES=y CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y From ef2f3db455ef7a9efc02e72b08a691ffdb8684f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Wed, 22 Apr 2026 09:51:00 +0200 Subject: [PATCH 02/19] src/sbom/Makefile.mk: fix parallel build races MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes the build-time dependencies to elliminate race conditions preparing SBOM in a parallel build. SBOM is generated only when all components are in place, and doesn't trigger any cloning/rebuilds. Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/sbom/Makefile.mk | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/src/sbom/Makefile.mk b/src/sbom/Makefile.mk index 2502099b998..ec76ff5ea12 100644 --- a/src/sbom/Makefile.mk +++ b/src/sbom/Makefile.mk @@ -78,6 +78,17 @@ payload-swid := $(build-dir)/payload-edk2.json payload-swid-template := $(src-dir)/payload-edk2.json endif +# Keep standalone "make sbom" rebuilds read-only with respect to payloads: +# use already checked-out repositories for version extraction and avoid +# re-triggering payload fetch/build targets (especially with `make -B sbom`). +ifeq ($(filter sbom,$(MAKECMDGOALS)),sbom) +payload-swid-ready-dep := $(if $(wildcard $(payload-git-dir-y)/.git),$(payload-git-dir-y)/.git,) +ipxe-swid-ready-dep := $(if $(wildcard payloads/external/iPXE/ipxe/.git),payloads/external/iPXE/ipxe/.git,) +else +payload-swid-ready-dep := $(CONFIG_PAYLOAD_FILE) +ipxe-swid-ready-dep := payloads/external/iPXE/ipxe/ipxe.rom +endif + # Add all SBOM files into the swid-files-y target. This target contains all # .json, .ini, .uswid, .xml, .pc SBOM files that are later merged into one uSWID SBOM file. # Some of these have an option that this Makefile generates/extracts some information from @@ -372,18 +383,18 @@ $(build-dir)/vboot.json: $(src-dir)/vboot.json $(if $(vboot-gitdir),$(vboot-gitd ipxe-gitdir := $(shell git -C payloads/external/iPXE/ipxe rev-parse --absolute-git-dir 2>/dev/null) -$(build-dir)/payload-iPXE.json: $(src-dir)/payload-iPXE.json $(if $(ipxe-gitdir),$(ipxe-gitdir)/HEAD,) | $(build-dir) +$(build-dir)/payload-iPXE.json: $(src-dir)/payload-iPXE.json $(if $(ipxe-gitdir),$(ipxe-gitdir)/HEAD,) | $(build-dir) $(ipxe-swid-ready-dep) cp $< $@ + set -e; \ git_tree_hash=$$(git --git-dir payloads/external/iPXE/ipxe/.git log -n 1 --format=%T); \ git_comm_hash=$$(git --git-dir payloads/external/iPXE/ipxe/.git log -n 1 --format=%H); \ sed -i -e "s//$$git_tree_hash/" -e "s//$$git_comm_hash/" $@ -# Order-only dep on the .git dir ensures the payload is cloned before we try -# to read it. We do NOT depend on the payload binary ($(CONFIG_PAYLOAD_FILE)) -# because: (a) the recipe never reads the binary, only .git; (b) with make -B -# an order-only dep on the binary would still force a full payload rebuild. -$(payload-swid): $(payload-swid-template) | $(build-dir) $(payload-git-dir-y)/.git +# Build payload SBOM metadata only after the payload is ready in regular builds. +# For standalone `make sbom`, use an existing checkout only. +$(payload-swid): $(payload-swid-template) | $(build-dir) $(payload-swid-ready-dep) cp $< $@;\ + set -e; \ git_tree_hash=$$(git --git-dir $(payload-git-dir-y)/.git log -n 1 --format=%T);\ git_comm_hash=$$(git --git-dir $(payload-git-dir-y)/.git log -n 1 --format=%H);\ sed -i -e "s//$$git_tree_hash/" -e "s//$$git_comm_hash/" $@; From 4976b49356b06624b0c65bef9fde7e858448abfd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Thu, 23 Apr 2026 11:10:59 +0200 Subject: [PATCH 03/19] mb/novacustom/nuc_box/devicetree.cb: move TPM inside domain 0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes the TPM2 recognition in Windows by ensuring consistent ACPI device path reconstruction Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/mainboard/novacustom/nuc_box/devicetree.cb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/mainboard/novacustom/nuc_box/devicetree.cb b/src/mainboard/novacustom/nuc_box/devicetree.cb index 392c9c50f2a..80653f4e628 100644 --- a/src/mainboard/novacustom/nuc_box/devicetree.cb +++ b/src/mainboard/novacustom/nuc_box/devicetree.cb @@ -54,8 +54,8 @@ chip soc/intel/meteorlake end device ref smbus on end device ref fast_spi on end - end - chip drivers/crb - device mmio 0xfed40000 on end + chip drivers/crb + device mmio 0xfed40000 on end + end end end From 761014e0de514009e2ab49e6edb84f752cf19d76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Mon, 2 Mar 2026 14:23:50 +0100 Subject: [PATCH 04/19] mb/novacustom/nuc_box/dsdt.asl: fixes for ghost PS/2 and USB wake MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/mainboard/novacustom/nuc_box/dsdt.asl | 8 -------- .../nuc_box/variants/nuc_box/overridetree.cb | 2 ++ src/soc/intel/meteorlake/acpi/xhci.asl | 18 ++++++++++++++++++ 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/src/mainboard/novacustom/nuc_box/dsdt.asl b/src/mainboard/novacustom/nuc_box/dsdt.asl index cf8d58d4345..9dd5b77bf7a 100644 --- a/src/mainboard/novacustom/nuc_box/dsdt.asl +++ b/src/mainboard/novacustom/nuc_box/dsdt.asl @@ -1,8 +1,5 @@ /* SPDX-License-Identifier: GPL-2.0-only */ -//TODO: HACK FOR MISSING MISCCFG_GPIO_PM_CONFIG_BITS -#include - #include DefinitionBlock( "dsdt.aml", @@ -27,10 +24,5 @@ DefinitionBlock( #include - Scope (\_SB.PCI0.LPCB) - { - #include - } - #include "acpi/mainboard.asl" } diff --git a/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb b/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb index 8807034adf4..adf3f7d648a 100644 --- a/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb +++ b/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb @@ -30,6 +30,8 @@ chip soc/intel/meteorlake end device ref tcss_dma0 on end device ref xhci on + register "usb2_wake_enable_bitmap" = "0xFF" + register "usb3_wake_enable_bitmap" = "0x3" register "usb2_ports" = "{ [0] = USB2_PORT_MID(OC_SKIP), /* USB3 Rear */ [1] = USB2_PORT_MID(OC_SKIP), /* USB3 Rear */ diff --git a/src/soc/intel/meteorlake/acpi/xhci.asl b/src/soc/intel/meteorlake/acpi/xhci.asl index 38850508cbc..b64fcfece99 100644 --- a/src/soc/intel/meteorlake/acpi/xhci.asl +++ b/src/soc/intel/meteorlake/acpi/xhci.asl @@ -1,7 +1,11 @@ /* SPDX-License-Identifier: GPL-2.0-only */ +#include #include +/* Include UWES method for enabling USB wake */ +#include + /* XHCI Controller 0:14.0 */ Device (XHCI) @@ -10,6 +14,20 @@ Device (XHCI) Name (_PRW, Package () { GPE0_PME_B0, 3 }) + OperationRegion (XPRT, PCI_Config, 0x00, 0x100) + Field (XPRT, AnyAcc, NoLock, Preserve) + { + Offset (0x10), + , 16, + XMEM, 16, /* MEM_BASE */ + } + + Method (_DSW, 3) + { + UWES ((\U2WE & 0x3FF), PORTSCN_OFFSET, XMEM) + UWES ((\U3WE & 0x3), PORTSCXUSB3_OFFSET, XMEM) + } + Name (_S3D, 3) /* D3 supported in S3 */ Name (_S0W, 3) /* D3 can wake device in S0 */ Name (_S3W, 3) /* D3 can wake system from S3 */ From 2b1c46a77ec673ba0ada3538b8bc214d9bdd435b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Thu, 23 Apr 2026 11:52:09 +0200 Subject: [PATCH 05/19] mb/novacustom/nuc_box/acpi/sleep.asl: fix USB S3 wake MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes ACPI code for proper S3 handling and USB wake enablement Upstream-Status: Pending Signed-off-by: Filip Lewiński --- .../novacustom/nuc_box/acpi/sleep.asl | 23 +++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/mainboard/novacustom/nuc_box/acpi/sleep.asl b/src/mainboard/novacustom/nuc_box/acpi/sleep.asl index 0212e7aeeb8..26122beb9dc 100644 --- a/src/mainboard/novacustom/nuc_box/acpi/sleep.asl +++ b/src/mainboard/novacustom/nuc_box/acpi/sleep.asl @@ -1,11 +1,30 @@ /* SPDX-License-Identifier: GPL-2.0-only */ +#include + +/* + * Enable/disable dynamic clock gating for all GPIO communities. + * Arg0 - MISCCFG_GPIO_PM_CONFIG_BITS to enable, 0 to disable. + */ +Method (PGPM, 1, Serialized) +{ + For (Local0 = 0, Local0 < 6, Local0++) + { + \_SB.PCI0.CGPM (Local0, Arg0) + } +} + /* Method called from _PTS prior to enter sleep state */ -Method (MPTS, 1) { +Method (MPTS, 1, Serialized) { + PGPM (MISCCFG_GPIO_PM_CONFIG_BITS) \_SB.SIO.PTS() } /* Method called from _WAK prior to wakeup */ -Method (MWAK, 1) { +Method (MWAK, 1, Serialized) { \_SB.SIO.WAK() + PGPM (0) + If (CondRefOf (\_SB.PCI0.TXHC)) { + \_SB.TCWK (Arg0) + } } From 969b19c049cfe771a8d231674bf61442d1379b10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Mon, 4 May 2026 17:07:08 +0200 Subject: [PATCH 06/19] mb/novacustom/nuc_box/: increase SMMSTORE size to 512K MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Because UEFI DBX keeps growing in size, and we have a lot of UEFI variables, we've run into an issue where there's not enough free space to update the DBX. Increase the SMMSTORE region to 512K to mitigate this issue. Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd b/src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd index 847cbcdfb37..9f506a0882a 100644 --- a/src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd +++ b/src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd @@ -13,16 +13,13 @@ FLASH 32M { RECOVERY_MRC_CACHE 64K RW_MRC_CACHE 64K } - SMMSTORE(PRESERVE) 256K + SMMSTORE(PRESERVE) 512K RW_ELOG(PRESERVE) 16K RW_SHARED 16K { SHARED_DATA 8K VBLOCK_DEV 8K } RW_NVRAM(PRESERVE) 24K - - CONSOLE(PRESERVE) 128K # <== SPI flash console region here - BOOTSPLASH(CBFS) 1M } From 3013a9787c08ef05c4ac732fc50ab95a58eca955 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Mon, 4 May 2026 17:13:00 +0200 Subject: [PATCH 07/19] mb/novacustom/nuc_box/ramstage.c: Generate SMBIOS table with ME FWSTS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/mainboard/novacustom/nuc_box/ramstage.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/mainboard/novacustom/nuc_box/ramstage.c b/src/mainboard/novacustom/nuc_box/ramstage.c index b83d622455a..2e0d140f42c 100644 --- a/src/mainboard/novacustom/nuc_box/ramstage.c +++ b/src/mainboard/novacustom/nuc_box/ramstage.c @@ -2,9 +2,19 @@ #include #include +#include #include #include +static int mainboard_smbios_data(struct device *dev, int *handle, unsigned long *current) +{ + int len = 0; + + len += cse_write_smbios_type14(handle, current); + + return len; +} + static void mainboard_init(void *chip_info) { // The DACC feature resets CMOS if the firmware does not send this message @@ -20,6 +30,14 @@ void mainboard_update_soc_chip_config(struct soc_intel_meteorlake_config *config config->s0ix_enable = 1; } +static void mainboard_enable(struct device *dev) +{ +#if CONFIG(GENERATE_SMBIOS_TABLES) + dev->ops->get_smbios_data = mainboard_smbios_data; +#endif +} + struct chip_operations mainboard_ops = { + .enable_dev = mainboard_enable, .init = mainboard_init, }; From 718453e341c80180a54d43340b306efc7da9bbba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Mon, 4 May 2026 17:20:35 +0200 Subject: [PATCH 08/19] mb/novacustom/nuc_box: enable debug SMI MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Enable debug SMI, which works around issue Dasharo/dasharo-issues#1664. This is a workaround and should be removed once a proper solution to the issue is found. Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński --- src/mainboard/novacustom/nuc_box/Kconfig | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/mainboard/novacustom/nuc_box/Kconfig b/src/mainboard/novacustom/nuc_box/Kconfig index e62bfe67e77..dfaebfbab8e 100644 --- a/src/mainboard/novacustom/nuc_box/Kconfig +++ b/src/mainboard/novacustom/nuc_box/Kconfig @@ -63,6 +63,10 @@ config D3COLD_SUPPORT config DIMM_SPD_SIZE default 1024 +# A terrible workaround for SMI issues when BWP is on until a better solution is found. +config DEBUG_SMI + default y if BOOTMEDIA_SMM_BWP + config FMDFILE default "src/mainboard/\$(CONFIG_MAINBOARD_DIR)/variants/\$(CONFIG_VARIANT_DIR)/board.fmd" From 38a411aafb5d0d0199accc68376f4e3e7de8ca5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Mon, 4 May 2026 17:26:57 +0200 Subject: [PATCH 09/19] mb/novacustom/nuc_box: Bump Energy Performance Preference to 45% MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Improve performance by lowering the EPP value from the power-on default of 0xb3 (70%) to 0x73 (45%). Lower value = higher performance. Upstream-Status: Pending Signed-off-by: Filip Lewiński --- .../novacustom/nuc_box/variants/nuc_box/overridetree.cb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb b/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb index adf3f7d648a..fc88c21d003 100644 --- a/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb +++ b/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb @@ -1,4 +1,9 @@ chip soc/intel/meteorlake + + # set EPP to 45%: 45 * 256/100 = 115 = 0x73 + register "enable_energy_perf_pref" = "true" + register "energy_perf_pref_value" = "0x73" + device domain 0 on #TODO: all the devices have different subsystem product IDs #subsystemid 0x1849 TODO inherit From 6d55de34cb9d41a9680cf738f73c438d2da0faea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Thu, 7 May 2026 13:53:03 +0200 Subject: [PATCH 10/19] configs/config.novacustom_nuc_box: bump to v0.9.2-rc1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński --- configs/config.novacustom_nuc_box | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/configs/config.novacustom_nuc_box b/configs/config.novacustom_nuc_box index 1ae43c1358c..fd6de8d8842 100644 --- a/configs/config.novacustom_nuc_box +++ b/configs/config.novacustom_nuc_box @@ -1,4 +1,4 @@ -CONFIG_LOCALVERSION="v0.9.1-rc1" +CONFIG_LOCALVERSION="v0.9.2-rc1" CONFIG_OPTION_BACKEND_NONE=y CONFIG_SBOM=y CONFIG_SBOM_PAYLOAD=y @@ -26,8 +26,8 @@ CONFIG_HAVE_ME_BIN=y CONFIG_DRIVERS_EFI_VARIABLE_STORE=y CONFIG_DRIVERS_EFI_FW_INFO=y CONFIG_DRIVERS_EFI_MAIN_FW_GUID="6f3f1f8c-f0a1-42d4-adee-14b476f9e066" -CONFIG_DRIVERS_EFI_MAIN_FW_VERSION=0x00090101 -CONFIG_DRIVERS_EFI_MAIN_FW_LSV=0x00090080 +CONFIG_DRIVERS_EFI_MAIN_FW_VERSION=0x00090201 +CONFIG_DRIVERS_EFI_MAIN_FW_LSV=0x00090201 CONFIG_DRIVERS_EFI_UPDATE_CAPSULES=y CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y CONFIG_BOOTMEDIA_LOCK_WPRO_VBOOT_RO=y From 548c735feb8e4c92dfcddd505c94f17e21af9947 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Thu, 7 May 2026 14:45:46 +0200 Subject: [PATCH 11/19] mb/novacustom/nuc_box: move GPIO init to ramstage, fix s0ix compat MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Move mainboard_configure_gpios() from bootblock_mainboard_early_init() to mainboard_init() in ramstage. GPIO configuration does not need to run before DRAM is available and the full device tree context is present. Disable USE_LEGACY_8254_TIMER (required for s0ix/modern standby compatibility) and normalize SIO printk messages to a consistent "SIO: (LDNx)" format. Inline the half_populated constant in the memcfg_init() call. Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/mainboard/novacustom/nuc_box/Kconfig | 4 ++++ src/mainboard/novacustom/nuc_box/bootblock.c | 23 +++++++++---------- src/mainboard/novacustom/nuc_box/ramstage.c | 2 ++ .../nuc_box/variants/nuc_box/overridetree.cb | 2 +- .../nuc_box/variants/nuc_box/romstage.c | 4 +--- 5 files changed, 19 insertions(+), 16 deletions(-) diff --git a/src/mainboard/novacustom/nuc_box/Kconfig b/src/mainboard/novacustom/nuc_box/Kconfig index dfaebfbab8e..7ba24e23f7f 100644 --- a/src/mainboard/novacustom/nuc_box/Kconfig +++ b/src/mainboard/novacustom/nuc_box/Kconfig @@ -89,6 +89,10 @@ config UART_FOR_CONSOLE config USE_PM_ACPI_TIMER default n +# 8254 timer must be disabled for s0ix compatibility +config USE_LEGACY_8254_TIMER + default n + config VBOOT select GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC select GBB_FLAG_DISABLE_FWMP diff --git a/src/mainboard/novacustom/nuc_box/bootblock.c b/src/mainboard/novacustom/nuc_box/bootblock.c index ca7367297fa..c43923eb1b8 100644 --- a/src/mainboard/novacustom/nuc_box/bootblock.c +++ b/src/mainboard/novacustom/nuc_box/bootblock.c @@ -25,10 +25,10 @@ static void superio_init(void) //TODO: use superio driver? pnp_devfn_t dev = PNP_DEV(0x2E, 0x00); - printk(BIOS_DEBUG, "entering PNP config mode\n"); + printk(BIOS_DEBUG, "SIO: Entering config mode\n"); pnp_enter_conf_state(dev); - printk(BIOS_DEBUG, "configure global PNP\n"); + printk(BIOS_DEBUG, "SIO: Configuring global registers\n"); //TODO: document these pnp_write_config(dev, 0x1A, 0x88); // Default is 0x03 pnp_write_config(dev, 0x1B, 0x00); // Default is 0x03 @@ -36,7 +36,7 @@ static void superio_init(void) pnp_write_config(dev, 0x2C, 0x03); // Default is 0x0F pnp_write_config(dev, 0x2F, 0xE4); // Default is 0x74 - printk(BIOS_DEBUG, "configure GPIO (logical device 7)\n"); + printk(BIOS_DEBUG, "SIO: Configuring GPIO (LDN7)\n"); dev = PNP_DEV(0x2E, 0x07); pnp_set_logical_device(dev); // Enable GPIO 0, 5, and 6 @@ -50,7 +50,7 @@ static void superio_init(void) // Set GPIO 53-53 high pnp_write_config(dev, 0xF9, 0x18); // Default is 0x00 - printk(BIOS_DEBUG, "configure GPIO (logical device 8)\n"); + printk(BIOS_DEBUG, "SIO: Configuring GPIO (LDN8)\n"); dev = PNP_DEV(0x2E, 0x08); pnp_set_logical_device(dev); // Disable WDT1 @@ -60,7 +60,7 @@ static void superio_init(void) pnp_write_config(dev, 0xE9, 0x00); // Default is 0xFF TODO? pnp_write_config(dev, 0xEA, 0x00); // Default is 0xFF TODO? - printk(BIOS_DEBUG, "configure GPIO (logical device 9)\n"); + printk(BIOS_DEBUG, "SIO: Configuring GPIO (LDN9)\n"); dev = PNP_DEV(0x2E, 0x09); pnp_set_logical_device(dev); // Enable GPIO 8 and 9 @@ -70,7 +70,7 @@ static void superio_init(void) // GPIO 87 set high pnp_write_config(dev, 0xF1, 0x80); // Default is 0xFF - printk(BIOS_DEBUG, "configure ACPI (logical device A)\n"); + printk(BIOS_DEBUG, "SIO: Configuring ACPI (LDNA)\n"); dev = PNP_DEV(0x2E, 0x0A); pnp_set_logical_device(dev); // User-defined resume state after power loss @@ -85,7 +85,7 @@ static void superio_init(void) } pnp_write_config(dev, 0xE6, cre6); - printk(BIOS_DEBUG, "configure hardware monitor (logical device B)\n"); + printk(BIOS_DEBUG, "SIO: Configuring hardware monitor (LDNB)\n"); dev = PNP_DEV(0x2E, 0x0B); pnp_set_logical_device(dev); // Enable hardware monitor @@ -94,7 +94,7 @@ static void superio_init(void) pnp_write_config(dev, 0x60, 0x02); pnp_write_config(dev, 0x61, 0x90); - printk(BIOS_DEBUG, "configure GPIO (logical device F)\n"); + printk(BIOS_DEBUG, "SIO: Configuring GPIO (LDNF)\n"); dev = PNP_DEV(0x2E, 0x0F); pnp_set_logical_device(dev); // Set GPIO 00, 01, and 07 as open drain, and 2-6 as push-pull @@ -106,19 +106,19 @@ static void superio_init(void) // Set GPIO 80-86 as open drain, and 87 as push-pull pnp_write_config(dev, 0xE8, 0x7F); // Default is 0xFF - printk(BIOS_DEBUG, "configure fading LED (logical device 15)\n"); + printk(BIOS_DEBUG, "SIO: Configuring fading LED (LDN15)\n"); dev = PNP_DEV(0x2E, 0x15); pnp_set_logical_device(dev); // Configure fading LED (divide by 4, frequency 1 Khz, off) pnp_write_config(dev, 0xE5, 0x42); - printk(BIOS_DEBUG, "configure deep sleep (logical device 16)\n"); + printk(BIOS_DEBUG, "SIO: Configuring deep sleep (LDN16)\n"); dev = PNP_DEV(0x2E, 0x16); pnp_set_logical_device(dev); // Set deep sleep delay time to 0s pnp_write_config(dev, 0xE2, 0x00); - printk(BIOS_DEBUG, "exiting PNP config mode\n"); + printk(BIOS_DEBUG, "SIO: Exiting config mode\n"); pnp_exit_conf_state(dev); } @@ -190,7 +190,6 @@ void bootblock_mainboard_early_init(void) { uint8_t fan_curve = get_fan_curve_option(); mainboard_configure_early_gpios(); - mainboard_configure_gpios(); superio_init(); hm_init(fan_curve); } diff --git a/src/mainboard/novacustom/nuc_box/ramstage.c b/src/mainboard/novacustom/nuc_box/ramstage.c index 2e0d140f42c..88f7b8db699 100644 --- a/src/mainboard/novacustom/nuc_box/ramstage.c +++ b/src/mainboard/novacustom/nuc_box/ramstage.c @@ -17,6 +17,8 @@ static int mainboard_smbios_data(struct device *dev, int *handle, unsigned long static void mainboard_init(void *chip_info) { + mainboard_configure_gpios(); + // The DACC feature resets CMOS if the firmware does not send this message printk(BIOS_DEBUG, "Handling DACC\n"); do_smbus_write_byte(CONFIG_FIXED_SMBUS_IO_BASE, 0xBA >> 1, 0x0F, 0xAA); diff --git a/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb b/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb index fc88c21d003..38e913cd5e0 100644 --- a/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb +++ b/src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb @@ -3,7 +3,7 @@ chip soc/intel/meteorlake # set EPP to 45%: 45 * 256/100 = 115 = 0x73 register "enable_energy_perf_pref" = "true" register "energy_perf_pref_value" = "0x73" - + device domain 0 on #TODO: all the devices have different subsystem product IDs #subsystemid 0x1849 TODO inherit diff --git a/src/mainboard/novacustom/nuc_box/variants/nuc_box/romstage.c b/src/mainboard/novacustom/nuc_box/variants/nuc_box/romstage.c index 353f6662f73..570460b885b 100644 --- a/src/mainboard/novacustom/nuc_box/variants/nuc_box/romstage.c +++ b/src/mainboard/novacustom/nuc_box/variants/nuc_box/romstage.c @@ -16,9 +16,7 @@ void mainboard_memory_init_params(FSPM_UPD *mupd) [1] = { .addr_dimm[0] = 0x52, }, }, }; - const bool half_populated = false; - mupd->FspmConfig.DmiMaxLinkSpeed = 4; - memcfg_init(mupd, &board_cfg, &spd_info, half_populated); + memcfg_init(mupd, &board_cfg, &spd_info, false); } From 63ade56688323ac8e08d178ff042db9460cbac47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Thu, 14 May 2026 14:41:50 +0200 Subject: [PATCH 12/19] build.sh: bump DASHARO_SDK up to v1.9.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Required to build with SBOM support, otherwise go is missing Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński --- build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.sh b/build.sh index 587e5287048..0875f543bd0 100755 --- a/build.sh +++ b/build.sh @@ -43,7 +43,7 @@ usage() { echo -e "\tasrock_spc741d8 - build Dasharo compatible with ASRock Rack SPC741D8-2L2T/BCM" } -DASHARO_SDK=${DASHARO_SDK:-"ghcr.io/dasharo/dasharo-sdk:v1.6.0"} +DASHARO_SDK=${DASHARO_SDK:-"ghcr.io/dasharo/dasharo-sdk:v1.9.0"} BUILD_TIMELESS=${BUILD_TIMELESS:-0} AIRGAP=${AIRGAP:-0} From ef922fa08d3a28dcaec29feb3f903afaac790220 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Thu, 14 May 2026 12:54:47 +0200 Subject: [PATCH 13/19] build.sh: Fix permissions when building with GH actions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The GH runners have UID 1001, while user coreboot in SDK has id 1000. This creates a mismatch of IDs and causes permission problems when mounting coreboot git repository under /home/coreboot/coreboot in the container, because the /home/coreboot is a HOME directory of different user. To fix the problem, move the mountpoint to a "neutral" place, where permissions should not be a an issue. The /build directory is chosen so that it does not collide with any HOME directory or system directory. Upstream-Status: Inappropriate [Dasharo CI] Signed-off-by: Michał Żygowski --- build.sh | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/build.sh b/build.sh index 0875f543bd0..5adec61d90e 100755 --- a/build.sh +++ b/build.sh @@ -48,10 +48,11 @@ BUILD_TIMELESS=${BUILD_TIMELESS:-0} AIRGAP=${AIRGAP:-0} function sdk_run { - docker run --rm -t -u $UID -v $PWD:/home/coreboot/coreboot \ + docker run --rm -t -u $UID \ + -v $PWD:/build/coreboot \ -v $HOME/.ssh:/home/coreboot/.ssh \ -e BUILD_TIMELESS=${BUILD_TIMELESS} \ - -w /home/coreboot/coreboot ${DASHARO_SDK} \ + -w /build/coreboot ${DASHARO_SDK} \ "$@" } @@ -221,11 +222,9 @@ function build_novacustom_v5x0tu { wget -O novacustom_v54x_mtl_v0.9.0.rom https://dl.3mdeb.com/open-source-firmware/Dasharo/novacustom_v54x_mtl/v0.9.0/novacustom_v54x_mtl_v0.9.0.rom # Extract and transfer LAN ROM blob - docker run --rm -t -u $UID -v $PWD:/home/coreboot/coreboot \ - -v $HOME/.ssh:/home/coreboot/.ssh \ - -w /home/coreboot/coreboot ${DASHARO_SDK} \ - /bin/bash -c "make -C util/cbfstool && \ - util/cbfstool/cbfstool novacustom_v54x_mtl_v0.9.0.rom extract -r COREBOOT -f payload -n fallback/payload -m x86" + sdk_run /bin/bash -c "make -C util/cbfstool && \ + util/cbfstool/cbfstool novacustom_v54x_mtl_v0.9.0.rom extract \ + -r COREBOOT -f payload -n fallback/payload -m x86" ./uefiextract payload DEB917C0-C56A-4860-A05B-BF2F22EBB717 mkdir -p 3rdparty/blobs/mainboard/novacustom/mtl-h From bf1e9bb4b55395172c9eaff0b0c72507f61016ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Fri, 15 May 2026 11:50:30 +0200 Subject: [PATCH 14/19] build.sh: fix GOCACHE permissions when building with GH actions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Move the mountpoint to /tmp, where permissions should not be a an issue. Upstream-Status: Inappropriate [Dasharo CI] Signed-off-by: Filip Lewiński --- build.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/build.sh b/build.sh index 5adec61d90e..213ef3e94a5 100755 --- a/build.sh +++ b/build.sh @@ -52,6 +52,7 @@ function sdk_run { -v $PWD:/build/coreboot \ -v $HOME/.ssh:/home/coreboot/.ssh \ -e BUILD_TIMELESS=${BUILD_TIMELESS} \ + -e GOCACHE=/tmp/go-build \ -w /build/coreboot ${DASHARO_SDK} \ "$@" } From 467162060e14ac00a6e1ea71bbc3f77db2f70a01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Fri, 15 May 2026 13:03:00 +0200 Subject: [PATCH 15/19] security/intel/cbnt/measurement: fix GCC 13 flex-array build failure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit GCC 13 promotes -Wflex-array-member-not-at-end to an error. The bpm_ibbs and bpm_ibbs_bottom structs contain hash_struct members with flexible arrays that are not at the end of their containing struct. Their layout is fixed by the CBnT hardware specification and cannot be reordered. Suppress the diagnostic with a pragma guard around the affected struct definitions. These hash_struct fields are deprecated since CBnT BWG v1.2.0 and are always written with size=0 (no payload bytes). Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/security/intel/cbnt/measurement.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/security/intel/cbnt/measurement.c b/src/security/intel/cbnt/measurement.c index ba7203df807..bb1fcccbec4 100644 --- a/src/security/intel/cbnt/measurement.c +++ b/src/security/intel/cbnt/measurement.c @@ -86,6 +86,15 @@ struct bpm_hash_list { struct hash_struct hashes[]; } __packed; +/* + * GCC 13+ rejects flex-array members that are not at the end of a containing + * struct. The hash_struct fields below are deprecated since CBnT BWG v1.2.0 + * and are always written with size=0 (no data bytes), but their position is + * fixed by the hardware spec, so we suppress the diagnostic here. + */ +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wflex-array-member-not-at-end" + /* IBB Segment Element (upper part) */ struct bpm_ibbs { char structure_id[8]; /* "__IBBS__" */ @@ -117,6 +126,8 @@ struct bpm_ibbs_bottom { /* ibb_segments[segment_count]; */ } __packed; +#pragma GCC diagnostic pop + /* KMHASH_STRUCT */ struct km_hash { uint64_t usage; /* see KM_HASH_USAGE_* constants for values */ From 4755d1cdea1f53569366bac499018082a18b5c13 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Mon, 18 May 2026 11:27:15 +0200 Subject: [PATCH 16/19] sbom: simplify wildcard dependency assignments MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit $(wildcard ...) already returns an empty string when the path does not exist, so the $(if $(wildcard ...),x,) wrapper is redundant. Replace both payload-swid-ready-dep and ipxe-swid-ready-dep assignments with a plain $(wildcard ...) call. Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/sbom/Makefile.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/sbom/Makefile.mk b/src/sbom/Makefile.mk index ec76ff5ea12..4b096946a9b 100644 --- a/src/sbom/Makefile.mk +++ b/src/sbom/Makefile.mk @@ -82,8 +82,8 @@ endif # use already checked-out repositories for version extraction and avoid # re-triggering payload fetch/build targets (especially with `make -B sbom`). ifeq ($(filter sbom,$(MAKECMDGOALS)),sbom) -payload-swid-ready-dep := $(if $(wildcard $(payload-git-dir-y)/.git),$(payload-git-dir-y)/.git,) -ipxe-swid-ready-dep := $(if $(wildcard payloads/external/iPXE/ipxe/.git),payloads/external/iPXE/ipxe/.git,) +payload-swid-ready-dep := $(wildcard $(payload-git-dir-y)/.git) +ipxe-swid-ready-dep := $(wildcard payloads/external/iPXE/ipxe/.git) else payload-swid-ready-dep := $(CONFIG_PAYLOAD_FILE) ipxe-swid-ready-dep := payloads/external/iPXE/ipxe/ipxe.rom From 5d637435dd015c072df43cc636ccaefa95fba4ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Mon, 18 May 2026 11:27:51 +0200 Subject: [PATCH 17/19] mb/novacustom/nuc_box: use if (CONFIG()) for SMBIOS guard MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit get_smbios_data is unconditionally present in struct device_operations, so a preprocessor guard is not needed. Replace #if CONFIG() / #endif with if (CONFIG()) so the compiler checks both branches. Upstream-Status: Pending Signed-off-by: Filip Lewiński --- src/mainboard/novacustom/nuc_box/ramstage.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/mainboard/novacustom/nuc_box/ramstage.c b/src/mainboard/novacustom/nuc_box/ramstage.c index 88f7b8db699..4e70ef5f8ef 100644 --- a/src/mainboard/novacustom/nuc_box/ramstage.c +++ b/src/mainboard/novacustom/nuc_box/ramstage.c @@ -34,9 +34,8 @@ void mainboard_update_soc_chip_config(struct soc_intel_meteorlake_config *config static void mainboard_enable(struct device *dev) { -#if CONFIG(GENERATE_SMBIOS_TABLES) - dev->ops->get_smbios_data = mainboard_smbios_data; -#endif + if (CONFIG(GENERATE_SMBIOS_TABLES)) + dev->ops->get_smbios_data = mainboard_smbios_data; } struct chip_operations mainboard_ops = { From d57ba2e7ad3d0d11b387fb46189540c94f359d7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Thu, 21 May 2026 13:00:50 +0200 Subject: [PATCH 18/19] 3rdparty/dasharo-blobs: update NUC BOX ME MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update to latest CSME 18.1.18.2724_v5 for Meteor Lake H/U Upstream-Status: Inappropriate [Dasharo downstream] Signed-off-by: Filip Lewiński --- 3rdparty/dasharo-blobs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/dasharo-blobs b/3rdparty/dasharo-blobs index cc5549a841b..c4461e62974 160000 --- a/3rdparty/dasharo-blobs +++ b/3rdparty/dasharo-blobs @@ -1 +1 @@ -Subproject commit cc5549a841bdf7a444a6cbacae0dc47c377c07b8 +Subproject commit c4461e62974d2565455402701b01878eaf699ce5 From 293011cf7141dcff958409824f45d1f952975f40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Lewi=C5=84ski?= Date: Thu, 21 May 2026 12:55:10 +0200 Subject: [PATCH 19/19] mb/nuc_box/: shrink ME region for consumer bin. in FMAP MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit After switching from Corporate to Consumer CSME, the ME binary shrunk. This allows to reclaim some free space in the FMAP by shrinking the region. Upstream-Status: Pending Signed-off-by: Filip Lewiński --- .../novacustom/nuc_box/variants/nuc_box/board.fmd | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd b/src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd index 9f506a0882a..4886589b6a8 100644 --- a/src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd +++ b/src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd @@ -1,11 +1,9 @@ FLASH 32M { - SI_ALL 16M { - SI_DESC 0x4000 # 16K -#if CONFIG_MAINBOARD_USES_IFD_GBE_REGION - SI_GBE 0x1000 # 4K (overlaps with PD) -#endif - SI_ME 0x009ec000 # 10,137,600 bytes = matches IFD exactly + SI_ALL 10M { + SI_DESC 16K + SI_ME 0x9FC000 } + RW_UNUSED 6M SI_BIOS@0x01000000 16M { RW_MISC 2M {