NUC BOX v0.9.2

build.sh

@@ -43,15 +43,17 @@ usage() {
   echo -e "\tasrock_spc741d8        - build Dasharo compatible with ASRock Rack SPC741D8-2L2T/BCM"
 }
 
-DASHARO_SDK=${DASHARO_SDK:-"ghcr.io/dasharo/dasharo-sdk:v1.6.0"}
+DASHARO_SDK=${DASHARO_SDK:-"ghcr.io/dasharo/dasharo-sdk:v1.9.0"}
 BUILD_TIMELESS=${BUILD_TIMELESS:-0}
 AIRGAP=${AIRGAP:-0}
 
 function sdk_run {
-  docker run --rm -t -u $UID -v $PWD:/home/coreboot/coreboot \
+  docker run --rm -t -u $UID \
+    -v $PWD:/build/coreboot \
     -v $HOME/.ssh:/home/coreboot/.ssh \
     -e BUILD_TIMELESS=${BUILD_TIMELESS} \
-    -w /home/coreboot/coreboot ${DASHARO_SDK} \
+    -e GOCACHE=/tmp/go-build \
+    -w /build/coreboot ${DASHARO_SDK} \
     "$@"
 }
 
@@ -221,11 +223,9 @@ function build_novacustom_v5x0tu {
   wget -O novacustom_v54x_mtl_v0.9.0.rom https://dl.3mdeb.com/open-source-firmware/Dasharo/novacustom_v54x_mtl/v0.9.0/novacustom_v54x_mtl_v0.9.0.rom
 
   # Extract and transfer LAN ROM blob
-  docker run --rm -t -u $UID -v $PWD:/home/coreboot/coreboot \
-    -v $HOME/.ssh:/home/coreboot/.ssh \
-    -w /home/coreboot/coreboot ${DASHARO_SDK}  \
-    /bin/bash -c "make -C util/cbfstool && \
-    util/cbfstool/cbfstool novacustom_v54x_mtl_v0.9.0.rom extract -r COREBOOT -f payload -n fallback/payload -m x86"
+  sdk_run /bin/bash -c "make -C util/cbfstool && \
+      util/cbfstool/cbfstool novacustom_v54x_mtl_v0.9.0.rom extract \
+      -r COREBOOT -f payload -n fallback/payload -m x86"
 
   ./uefiextract payload DEB917C0-C56A-4860-A05B-BF2F22EBB717
   mkdir -p 3rdparty/blobs/mainboard/novacustom/mtl-h

configs/config.novacustom_nuc_box

@@ -1,5 +1,13 @@
-CONFIG_LOCALVERSION="v0.9.0"
+CONFIG_LOCALVERSION="v0.9.2-rc1"
 CONFIG_OPTION_BACKEND_NONE=y
+CONFIG_SBOM=y
+CONFIG_SBOM_PAYLOAD=y
+CONFIG_SBOM_ME=y
+CONFIG_SBOM_INTEL_MICROCODE=y
+CONFIG_SBOM_INTEL_FSP=y
+CONFIG_SBOM_IFD=y
+CONFIG_SBOM_VBOOT=y
+CONFIG_SBOM_IPXE=y
 CONFIG_VENDOR_NOVACUSTOM=y
 CONFIG_MAINBOARD_VENDOR="NovaCustom"
 # CONFIG_CONSOLE_SERIAL is not set
@@ -18,8 +26,8 @@ CONFIG_HAVE_ME_BIN=y
 CONFIG_DRIVERS_EFI_VARIABLE_STORE=y
 CONFIG_DRIVERS_EFI_FW_INFO=y
 CONFIG_DRIVERS_EFI_MAIN_FW_GUID="6f3f1f8c-f0a1-42d4-adee-14b476f9e066"
-CONFIG_DRIVERS_EFI_MAIN_FW_VERSION=0x00090080
-CONFIG_DRIVERS_EFI_MAIN_FW_LSV=0x00090080
+CONFIG_DRIVERS_EFI_MAIN_FW_VERSION=0x00090201
+CONFIG_DRIVERS_EFI_MAIN_FW_LSV=0x00090201
 CONFIG_DRIVERS_EFI_UPDATE_CAPSULES=y
 CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y
 CONFIG_BOOTMEDIA_LOCK_WPRO_VBOOT_RO=y

src/mainboard/novacustom/nuc_box/Kconfig

@@ -63,6 +63,10 @@ config D3COLD_SUPPORT
 config DIMM_SPD_SIZE
 	default 1024
 
+# A terrible workaround for SMI issues when BWP is on until a better solution is found.
+config DEBUG_SMI
+	default y if BOOTMEDIA_SMM_BWP
+
 config FMDFILE
 	default "src/mainboard/\$(CONFIG_MAINBOARD_DIR)/variants/\$(CONFIG_VARIANT_DIR)/board.fmd"
 
@@ -85,6 +89,10 @@ config UART_FOR_CONSOLE
 config USE_PM_ACPI_TIMER
 	default n
 
+# 8254 timer must be disabled for s0ix compatibility
+config USE_LEGACY_8254_TIMER
+	default n
+
 config VBOOT
 	select GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
 	select GBB_FLAG_DISABLE_FWMP

src/mainboard/novacustom/nuc_box/acpi/sleep.asl

@@ -1,11 +1,30 @@
 /* SPDX-License-Identifier: GPL-2.0-only */
 
+#include <intelblocks/gpio.h>
+
+/*
+ * Enable/disable dynamic clock gating for all GPIO communities.
+ * Arg0 - MISCCFG_GPIO_PM_CONFIG_BITS to enable, 0 to disable.
+ */
+Method (PGPM, 1, Serialized)
+{
+	For (Local0 = 0, Local0 < 6, Local0++)
+	{
+		\_SB.PCI0.CGPM (Local0, Arg0)
+	}
+}
+
 /* Method called from _PTS prior to enter sleep state */
-Method (MPTS, 1) {
+Method (MPTS, 1, Serialized) {
+	PGPM (MISCCFG_GPIO_PM_CONFIG_BITS)
 	\_SB.SIO.PTS()
 }
 
 /* Method called from _WAK prior to wakeup */
-Method (MWAK, 1) {
+Method (MWAK, 1, Serialized) {
 	\_SB.SIO.WAK()
+	PGPM (0)
+	If (CondRefOf (\_SB.PCI0.TXHC)) {
+		\_SB.TCWK (Arg0)
+	}
 }

src/mainboard/novacustom/nuc_box/bootblock.c

@@ -25,18 +25,18 @@ static void superio_init(void)
 	//TODO: use superio driver?
 	pnp_devfn_t dev = PNP_DEV(0x2E, 0x00);
 
-	printk(BIOS_DEBUG, "entering PNP config mode\n");
+	printk(BIOS_DEBUG, "SIO: Entering config mode\n");
 	pnp_enter_conf_state(dev);
 
-	printk(BIOS_DEBUG, "configure global PNP\n");
+	printk(BIOS_DEBUG, "SIO: Configuring global registers\n");
 	//TODO: document these
 	pnp_write_config(dev, 0x1A, 0x88); // Default is 0x03
 	pnp_write_config(dev, 0x1B, 0x00); // Default is 0x03
 	pnp_write_config(dev, 0x1D, 0x08); // Default is 0x00
 	pnp_write_config(dev, 0x2C, 0x03); // Default is 0x0F
 	pnp_write_config(dev, 0x2F, 0xE4); // Default is 0x74
 
-	printk(BIOS_DEBUG, "configure GPIO (logical device 7)\n");
+	printk(BIOS_DEBUG, "SIO: Configuring GPIO (LDN7)\n");
 	dev = PNP_DEV(0x2E, 0x07);
 	pnp_set_logical_device(dev);
 	// Enable GPIO 0, 5, and 6
@@ -50,7 +50,7 @@ static void superio_init(void)
 	// Set GPIO 53-53 high
 	pnp_write_config(dev, 0xF9, 0x18); // Default is 0x00
 
-	printk(BIOS_DEBUG, "configure GPIO (logical device 8)\n");
+	printk(BIOS_DEBUG, "SIO: Configuring GPIO (LDN8)\n");
 	dev = PNP_DEV(0x2E, 0x08);
 	pnp_set_logical_device(dev);
 	// Disable WDT1
@@ -60,7 +60,7 @@ static void superio_init(void)
 	pnp_write_config(dev, 0xE9, 0x00); // Default is 0xFF TODO?
 	pnp_write_config(dev, 0xEA, 0x00); // Default is 0xFF TODO?
 
-	printk(BIOS_DEBUG, "configure GPIO (logical device 9)\n");
+	printk(BIOS_DEBUG, "SIO: Configuring GPIO (LDN9)\n");
 	dev = PNP_DEV(0x2E, 0x09);
 	pnp_set_logical_device(dev);
 	// Enable GPIO 8 and 9
@@ -70,7 +70,7 @@ static void superio_init(void)
 	// GPIO 87 set high
 	pnp_write_config(dev, 0xF1, 0x80); // Default is 0xFF
 
-	printk(BIOS_DEBUG, "configure ACPI (logical device A)\n");
+	printk(BIOS_DEBUG, "SIO: Configuring ACPI (LDNA)\n");
 	dev = PNP_DEV(0x2E, 0x0A);
 	pnp_set_logical_device(dev);
 	// User-defined resume state after power loss
@@ -85,7 +85,7 @@ static void superio_init(void)
 	}
 	pnp_write_config(dev, 0xE6, cre6);
 
-	printk(BIOS_DEBUG, "configure hardware monitor (logical device B)\n");
+	printk(BIOS_DEBUG, "SIO: Configuring hardware monitor (LDNB)\n");
 	dev = PNP_DEV(0x2E, 0x0B);
 	pnp_set_logical_device(dev);
 	// Enable hardware monitor
@@ -94,7 +94,7 @@ static void superio_init(void)
 	pnp_write_config(dev, 0x60, 0x02);
 	pnp_write_config(dev, 0x61, 0x90);
 
-	printk(BIOS_DEBUG, "configure GPIO (logical device F)\n");
+	printk(BIOS_DEBUG, "SIO: Configuring GPIO (LDNF)\n");
 	dev = PNP_DEV(0x2E, 0x0F);
 	pnp_set_logical_device(dev);
 	// Set GPIO 00, 01, and 07 as open drain, and 2-6 as push-pull
@@ -106,19 +106,19 @@ static void superio_init(void)
 	// Set GPIO 80-86 as open drain, and 87 as push-pull
 	pnp_write_config(dev, 0xE8, 0x7F); // Default is 0xFF
 
-	printk(BIOS_DEBUG, "configure fading LED (logical device 15)\n");
+	printk(BIOS_DEBUG, "SIO: Configuring fading LED (LDN15)\n");
 	dev = PNP_DEV(0x2E, 0x15);
 	pnp_set_logical_device(dev);
 	// Configure fading LED (divide by 4, frequency 1 Khz, off)
 	pnp_write_config(dev, 0xE5, 0x42);
 
-	printk(BIOS_DEBUG, "configure deep sleep (logical device 16)\n");
+	printk(BIOS_DEBUG, "SIO: Configuring deep sleep (LDN16)\n");
 	dev = PNP_DEV(0x2E, 0x16);
 	pnp_set_logical_device(dev);
 	// Set deep sleep delay time to 0s
 	pnp_write_config(dev, 0xE2, 0x00);
 
-	printk(BIOS_DEBUG, "exiting PNP config mode\n");
+	printk(BIOS_DEBUG, "SIO: Exiting config mode\n");
 	pnp_exit_conf_state(dev);
 }
 
@@ -190,7 +190,6 @@ void bootblock_mainboard_early_init(void)
 {
 	uint8_t fan_curve = get_fan_curve_option();
 	mainboard_configure_early_gpios();
-	mainboard_configure_gpios();
 	superio_init();
 	hm_init(fan_curve);
 }

src/mainboard/novacustom/nuc_box/devicetree.cb

@@ -54,8 +54,8 @@ chip soc/intel/meteorlake
 		end
 		device ref smbus on end
 		device ref fast_spi on end
-	end
-	chip drivers/crb
-		device mmio 0xfed40000 on end
+		chip drivers/crb
+			device mmio 0xfed40000 on end
+		end
 	end
 end

src/mainboard/novacustom/nuc_box/dsdt.asl

@@ -1,8 +1,5 @@
 /* SPDX-License-Identifier: GPL-2.0-only */
 
-//TODO: HACK FOR MISSING MISCCFG_GPIO_PM_CONFIG_BITS
-#include <soc/gpio.h>
-
 #include <acpi/acpi.h>
 DefinitionBlock(
 	"dsdt.aml",
@@ -27,10 +24,5 @@ DefinitionBlock(
 
 	#include <southbridge/intel/common/acpi/sleepstates.asl>
 
-	Scope (\_SB.PCI0.LPCB)
-	{
-		#include <drivers/pc80/pc/ps2_controller.asl>
-	}
-
 	#include "acpi/mainboard.asl"
 }

src/mainboard/novacustom/nuc_box/ramstage.c

@@ -2,11 +2,23 @@
 
 #include <dasharo/options.h>
 #include <device/smbus_host.h>
+#include <intelblocks/cse.h>
 #include <mainboard/gpio.h>
 #include <soc/ramstage.h>
 
+static int mainboard_smbios_data(struct device *dev, int *handle, unsigned long *current)
+{
+	int len = 0;
+
+	len += cse_write_smbios_type14(handle, current);
+
+	return len;
+}
+
 static void mainboard_init(void *chip_info)
 {
+	mainboard_configure_gpios();
+
 	// The DACC feature resets CMOS if the firmware does not send this message
 	printk(BIOS_DEBUG, "Handling DACC\n");
 	do_smbus_write_byte(CONFIG_FIXED_SMBUS_IO_BASE, 0xBA >> 1, 0x0F, 0xAA);
@@ -20,6 +32,13 @@ void mainboard_update_soc_chip_config(struct soc_intel_meteorlake_config *config
 		config->s0ix_enable = 1;
 }
 
+static void mainboard_enable(struct device *dev)
+{
+	if (CONFIG(GENERATE_SMBIOS_TABLES))
+		dev->ops->get_smbios_data = mainboard_smbios_data;
+}
+
 struct chip_operations mainboard_ops = {
+	.enable_dev = mainboard_enable,
 	.init = mainboard_init,
 };

src/mainboard/novacustom/nuc_box/variants/nuc_box/board.fmd

@@ -1,28 +1,23 @@
 FLASH 32M {
-	SI_ALL 16M {
-		SI_DESC 0x4000     # 16K
-#if CONFIG_MAINBOARD_USES_IFD_GBE_REGION
-		SI_GBE 0x1000      # 4K (overlaps with PD)
-#endif
-		SI_ME 0x009ec000   # 10,137,600 bytes = matches IFD exactly
+	SI_ALL 10M {
+		SI_DESC 16K
+		SI_ME 0x9FC000
 	}
+	RW_UNUSED 6M
 
 	SI_BIOS@0x01000000 16M {
 		RW_MISC 2M {
 			UNIFIED_MRC_CACHE(PRESERVE) 128K {
 				RECOVERY_MRC_CACHE 64K
 				RW_MRC_CACHE 64K
 			}
-			SMMSTORE(PRESERVE) 256K
+			SMMSTORE(PRESERVE) 512K
 			RW_ELOG(PRESERVE) 16K
 			RW_SHARED 16K {
 				SHARED_DATA 8K
 				VBLOCK_DEV 8K
 			}
 			RW_NVRAM(PRESERVE) 24K
-
-			CONSOLE(PRESERVE) 128K  # <== SPI flash console region here
-
 			BOOTSPLASH(CBFS) 1M
 		}
 

src/mainboard/novacustom/nuc_box/variants/nuc_box/overridetree.cb

@@ -1,4 +1,9 @@
 chip soc/intel/meteorlake
+
+	# set EPP to 45%: 45 * 256/100 = 115 = 0x73
+	register "enable_energy_perf_pref" = "true"
+	register "energy_perf_pref_value" = "0x73"
+
 	device domain 0 on
 		#TODO: all the devices have different subsystem product IDs
 		#subsystemid 0x1849 TODO inherit
@@ -30,6 +35,8 @@ chip soc/intel/meteorlake
 		end
 		device ref tcss_dma0 on end
 		device ref xhci on
+			register "usb2_wake_enable_bitmap" = "0xFF"
+			register "usb3_wake_enable_bitmap" = "0x3"
 			register "usb2_ports" = "{
 				[0] = USB2_PORT_MID(OC_SKIP),	/* USB3 Rear */
 				[1] = USB2_PORT_MID(OC_SKIP),	/* USB3 Rear */

src/mainboard/novacustom/nuc_box/variants/nuc_box/romstage.c

@@ -16,9 +16,7 @@ void mainboard_memory_init_params(FSPM_UPD *mupd)
 			[1] = { .addr_dimm[0] = 0x52, },
 		},
 	};
-	const bool half_populated = false;
-
 	mupd->FspmConfig.DmiMaxLinkSpeed = 4;
 
-	memcfg_init(mupd, &board_cfg, &spd_info, half_populated);
+	memcfg_init(mupd, &board_cfg, &spd_info, false);
 }

src/sbom/Makefile.mk

@@ -78,6 +78,17 @@ payload-swid          := $(build-dir)/payload-edk2.json
 payload-swid-template := $(src-dir)/payload-edk2.json
 endif
 
+# Keep standalone "make sbom" rebuilds read-only with respect to payloads:
+# use already checked-out repositories for version extraction and avoid
+# re-triggering payload fetch/build targets (especially with `make -B sbom`).
+ifeq ($(filter sbom,$(MAKECMDGOALS)),sbom)
+payload-swid-ready-dep := $(wildcard $(payload-git-dir-y)/.git)
+ipxe-swid-ready-dep := $(wildcard payloads/external/iPXE/ipxe/.git)
+else
+payload-swid-ready-dep := $(CONFIG_PAYLOAD_FILE)
+ipxe-swid-ready-dep := payloads/external/iPXE/ipxe/ipxe.rom
+endif
+
 # Add all SBOM files into the swid-files-y target. This target contains all
 # .json, .ini, .uswid, .xml, .pc SBOM files that are later merged into one uSWID SBOM file.
 # Some of these have an option that this Makefile generates/extracts some information from
@@ -372,18 +383,18 @@ $(build-dir)/vboot.json: $(src-dir)/vboot.json $(if $(vboot-gitdir),$(vboot-gitd
 
 ipxe-gitdir := $(shell git -C payloads/external/iPXE/ipxe rev-parse --absolute-git-dir 2>/dev/null)
 
-$(build-dir)/payload-iPXE.json: $(src-dir)/payload-iPXE.json $(if $(ipxe-gitdir),$(ipxe-gitdir)/HEAD,) | $(build-dir)
+$(build-dir)/payload-iPXE.json: $(src-dir)/payload-iPXE.json $(if $(ipxe-gitdir),$(ipxe-gitdir)/HEAD,) | $(build-dir) $(ipxe-swid-ready-dep)
 	cp $< $@
+	set -e; \
 	git_tree_hash=$$(git --git-dir payloads/external/iPXE/ipxe/.git log -n 1 --format=%T); \
 	git_comm_hash=$$(git --git-dir payloads/external/iPXE/ipxe/.git log -n 1 --format=%H); \
 	sed -i -e "s/<colloquial_version>/$$git_tree_hash/" -e "s/<software_version>/$$git_comm_hash/" $@
 
-# Order-only dep on the .git dir ensures the payload is cloned before we try
-# to read it.  We do NOT depend on the payload binary ($(CONFIG_PAYLOAD_FILE))
-# because: (a) the recipe never reads the binary, only .git; (b) with make -B
-# an order-only dep on the binary would still force a full payload rebuild.
-$(payload-swid): $(payload-swid-template) | $(build-dir) $(payload-git-dir-y)/.git
+# Build payload SBOM metadata only after the payload is ready in regular builds.
+# For standalone `make sbom`, use an existing checkout only.
+$(payload-swid): $(payload-swid-template) | $(build-dir) $(payload-swid-ready-dep)
 	cp $< $@;\
+	set -e; \
 	git_tree_hash=$$(git --git-dir $(payload-git-dir-y)/.git log -n 1 --format=%T);\
 	git_comm_hash=$$(git --git-dir $(payload-git-dir-y)/.git log -n 1 --format=%H);\
 	sed -i -e "s/<colloquial_version>/$$git_tree_hash/" -e "s/<software_version>/$$git_comm_hash/" $@;