soc/amd/mendocino: Add support for separate RW A/B partition SPL file
Add support for having different Security Patch Level (SPL) table files
in the read-only and the read-write A/B partitions. This allows the SPL
table file in the main or RO FMAP partition to only cover the embedded
firmware binaries in that partition and have a separate SPL file in the
RW A and B partitions that covers the embedded firmware binaries in the
RW partitions.
BUG=b:243470283
Signed-off-by: Felix Held <felix-coreboot@felixheld.de>
Change-Id: I1ba8c370ce14f7ec88e7ef2f9d0b64d6bb4fa176
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67555
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
diff --git a/src/soc/amd/mendocino/Kconfig b/src/soc/amd/mendocino/Kconfig
index 7155aab..d7c5372 100644
--- a/src/soc/amd/mendocino/Kconfig
+++ b/src/soc/amd/mendocino/Kconfig
@@ -421,6 +421,21 @@
depends on HAVE_SPL_FILE
default "3rdparty/blobs/mainboard/\$(CONFIG_MAINBOARD_DIR)/TypeId0x55_SplTableBl_MDN.sbin"
+config HAVE_SPL_RW_AB_FILE
+ bool "Have a separate mainboard-specific SPL file in RW A/B partitions"
+ default n
+ depends on HAVE_SPL_FILE
+ depends on VBOOT_SLOTS_RW_AB
+ help
+ Have separate mainboard-specific Security Patch Level (SPL) table
+ file for the RW A/B FMAP partitions. See the help text of
+ HAVE_SPL_FILE for a more detailed description.
+
+config SPL_RW_AB_TABLE_FILE
+ string "Separate SPL table file for RW A/B partitions"
+ depends on HAVE_SPL_RW_AB_FILE
+ default "3rdparty/blobs/mainboard/\$(CONFIG_MAINBOARD_DIR)/TypeId0x55_SplTableBl_MDN.sbin"
+
config PSP_SOFTFUSE_BITS
string "PSP Soft Fuse bits to enable"
default "34 28 6"
diff --git a/src/soc/amd/mendocino/Makefile.inc b/src/soc/amd/mendocino/Makefile.inc
index 225b4a9..bdc1a7a 100644
--- a/src/soc/amd/mendocino/Makefile.inc
+++ b/src/soc/amd/mendocino/Makefile.inc
@@ -121,6 +121,11 @@
# type = 0x55
ifeq ($(CONFIG_HAVE_SPL_FILE),y)
SPL_TABLE_FILE=$(CONFIG_SPL_TABLE_FILE)
+ifeq ($(CONFIG_HAVE_SPL_RW_AB_FILE),y)
+SPL_RW_AB_TABLE_FILE=$(CONFIG_SPL_RW_AB_TABLE_FILE)
+else
+SPL_RW_AB_TABLE_FILE=$(CONFIG_SPL_TABLE_FILE)
+endif
endif
#
@@ -193,6 +198,7 @@
OPT_WHITELIST_FILE=$(call add_opt_prefix, $(PSP_WHITELIST_FILE), --whitelist)
OPT_SPL_TABLE_FILE=$(call add_opt_prefix, $(SPL_TABLE_FILE), --spl-table)
+OPT_SPL_RW_AB_TABLE_FILE=$(call add_opt_prefix, $(SPL_RW_AB_TABLE_FILE), --spl-table)
# If vboot uses 2 RW slots, then 2 copies of PSP binaries are redundant
OPT_RECOVERY_AB_SINGLE_COPY=$(if $(CONFIG_VBOOT_SLOTS_RW_AB), --recovery-ab-single-copy)
@@ -209,7 +215,6 @@
--combo-capable \
$(OPT_TOKEN_UNLOCK) \
$(OPT_WHITELIST_FILE) \
- $(OPT_SPL_TABLE_FILE) \
$(OPT_PSP_SHAREDMEM_BASE) \
$(OPT_PSP_SHAREDMEM_SIZE) \
$(OPT_EFS_SPI_READ_MODE) \
@@ -237,6 +242,7 @@
$(OPT_APOB_NV_BASE) \
$(OPT_VERSTAGE_FILE) \
$(OPT_VERSTAGE_SIG_FILE) \
+ $(OPT_SPL_TABLE_FILE) \
--location $(shell printf "%#x" $(MENDOCINO_FWM_POSITION)) \
--output $@
@@ -253,6 +259,7 @@
$(AMDFW_COMMON_ARGS) \
$(OPT_APOB_NV_SIZE) \
$(OPT_APOB_NV_BASE) \
+ $(OPT_SPL_RW_AB_TABLE_FILE) \
--location $(shell printf "%#x" $(MENDOCINO_FW_A_POSITION)) \
--anywhere \
--output $@
@@ -264,6 +271,7 @@
$(AMDFW_COMMON_ARGS) \
$(OPT_APOB_NV_SIZE) \
$(OPT_APOB_NV_BASE) \
+ $(OPT_SPL_RW_AB_TABLE_FILE) \
--location $(shell printf "%#x" $(MENDOCINO_FW_B_POSITION)) \
--anywhere \
--output $@