x86: efi-payload: Add support for Chromium OS verified boot
Add the required config and features to make this work. This creates a
new board called chromeos_efi-x86_payload.
Update the documentation a little also.
Signed-off-by: Simon Glass <sjg@chromium.org>
diff --git a/board/efi/Kconfig b/board/efi/Kconfig
index 291bd2c..45ba76c 100644
--- a/board/efi/Kconfig
+++ b/board/efi/Kconfig
@@ -14,12 +14,24 @@
config TARGET_EFI_PAYLOAD
bool "efi payload"
+ select EFI_PAYLOAD
help
This target is used for running U-Boot on top of EFI. In
this case EFI does the early initialisation, and U-Boot
takes over once the RAM, video and CPU are fully running.
U-Boot is loaded as a payload from EFI.
+config TARGET_CHROMEOS_EFI_PAYLOAD
+ bool "efi payload"
+ select EFI_PAYLOAD
+ help
+ This is the Chromium OS version of TARGET_EFI_PAYLOAD, allowing
+ Chromium OS to boot on top of EFI.
+
+ In this case EFI does the early initialisation, and U-Boot
+ takes over once the RAM, video and CPU are fully running.
+ U-Boot is loaded as a payload from EFI.
+
endchoice
source "board/efi/efi-x86_app/Kconfig"
diff --git a/board/efi/efi-x86_payload/Kconfig b/board/efi/efi-x86_payload/Kconfig
index 08dd0c2..c5b60ba 100644
--- a/board/efi/efi-x86_payload/Kconfig
+++ b/board/efi/efi-x86_payload/Kconfig
@@ -1,4 +1,11 @@
-if TARGET_EFI_PAYLOAD
+config EFI_PAYLOAD
+ bool
+ help
+ U-Boot starts as a payload of EFI. EFI does the early initialisation
+ and U-Boot takes over once the RAM, video and CPU are fully running.
+ U-Boot is loaded as a payload from EFI.
+
+if EFI_PAYLOAD
config SYS_BOARD
default "efi-x86_payload"
@@ -9,9 +16,6 @@
config SYS_SOC
default "efi"
-config SYS_CONFIG_NAME
- default "efi-x86_payload"
-
config SYS_TEXT_BASE
default 0x00200000
@@ -38,3 +42,17 @@
imply RTL8169
endif
+
+if TARGET_EFI_PAYLOAD
+
+config SYS_CONFIG_NAME
+ default "efi-x86_payload"
+
+endif
+
+if TARGET_CHROMEOS_EFI_PAYLOAD
+
+config SYS_CONFIG_NAME
+ default "chromeos_efi-x86_payload"
+
+endif
diff --git a/board/efi/efi-x86_payload/MAINTAINERS b/board/efi/efi-x86_payload/MAINTAINERS
index abf3a15..bc8f615 100644
--- a/board/efi/efi-x86_payload/MAINTAINERS
+++ b/board/efi/efi-x86_payload/MAINTAINERS
@@ -5,3 +5,11 @@
F: include/configs/efi-x86_payload.h
F: configs/efi-x86_payload32_defconfig
F: configs/efi-x86_payload64_defconfig
+
+# This is always 64-bit (32-bit not supported)
+CHROMIUM OS EFI-X86_PAYLOAD BOARD
+M: Simon Glass <sjg@chromium.org>
+S: Maintained
+F: board/efi/efi-x86_payload/
+F: include/configs/chromeos_efi-x86_payload.h
+F: configs/chromeos_efi-x86_payload_defconfig
diff --git a/configs/chromeos_efi-x86_payload_defconfig b/configs/chromeos_efi-x86_payload_defconfig
new file mode 100644
index 0000000..45d947d
--- /dev/null
+++ b/configs/chromeos_efi-x86_payload_defconfig
@@ -0,0 +1,48 @@
+CONFIG_X86=y
+CONFIG_NR_DRAM_BANKS=8
+CONFIG_ENV_SIZE=0x1000
+CONFIG_DEFAULT_DEVICE_TREE="efi-x86_payload"
+CONFIG_PRE_CON_BUF_ADDR=0x100000
+CONFIG_VENDOR_EFI=y
+CONFIG_TARGET_CHROMEOS_EFI_PAYLOAD=y
+CONFIG_FIT=y
+CONFIG_FIT_SIGNATURE=y
+CONFIG_SHOW_BOOT_PROGRESS=y
+CONFIG_USE_BOOTARGS=y
+CONFIG_BOOTARGS="root=/dev/sdb3 init=/sbin/init rootwait ro"
+CONFIG_PRE_CONSOLE_BUFFER=y
+CONFIG_SYS_CONSOLE_INFO_QUIET=y
+CONFIG_DISPLAY_BOARDINFO_LATE=y
+CONFIG_LAST_STAGE_INIT=y
+CONFIG_HUSH_PARSER=y
+CONFIG_CMD_IDE=y
+CONFIG_CMD_MMC=y
+CONFIG_CMD_PART=y
+CONFIG_CMD_USB=y
+# CONFIG_CMD_SETEXPR is not set
+CONFIG_CMD_DHCP=y
+# CONFIG_CMD_NFS is not set
+CONFIG_CMD_PING=y
+CONFIG_CMD_TIME=y
+CONFIG_CMD_EXT2=y
+CONFIG_CMD_EXT4=y
+CONFIG_CMD_EXT4_WRITE=y
+CONFIG_CMD_FAT=y
+CONFIG_CMD_FS_GENERIC=y
+CONFIG_MAC_PARTITION=y
+CONFIG_ISO_PARTITION=y
+CONFIG_EFI_PARTITION=y
+CONFIG_ENV_OVERWRITE=y
+CONFIG_SYS_RELOC_GD_ENV_ADDR=y
+CONFIG_TFTP_TSIZE=y
+CONFIG_REGMAP=y
+CONFIG_SYSCON=y
+# CONFIG_PCI_PNP is not set
+# CONFIG_GZIP is not set
+CONFIG_EFI=y
+CONFIG_EFI_STUB=y
+CONFIG_EFI_STUB_64BIT=y
+CONFIG_CHROMEOS=y
+CONFIG_CHROMEOS_VBOOT=y
+CONFIG_BLOBLIST_ADDR=0x100000
+CONFIG_LOG_ERROR_RETURN=y
diff --git a/cros/doc/cros_efi_payload.rst b/cros/doc/cros_efi_payload.rst
new file mode 100644
index 0000000..30a305d
--- /dev/null
+++ b/cros/doc/cros_efi_payload.rst
@@ -0,0 +1,74 @@
+.. SPDX-License-Identifier: GPL-2.0+
+.. Copyright 2020 Google LLC
+
+Vboot as an EFI payload
+=======================
+
+This provides a few details about running vboot on top of EFI, useful for
+boards which have an existing UEFI BIOS. See
+:doc:`../../develop/uefi/u-boot_on_efi` for more information on the EFI payload.
+
+This uses the latest version of vboot, with a few patches to make it more
+U-Boot-friendly.
+
+
+Build and run
+-------------
+
+To obtain::
+
+ git clone https://github.com/sjg20/u-boot.git
+ cd u-boot
+ git checkout cros-working
+
+ cd ..
+ git clone https://chromium.googlesource.com/chromiumos/platform/vboot_reference
+ cd vboot_reference
+ git checkout origin/working
+ # Revert "Avoid using malloc() directly"
+
+To build for efi::
+
+ UB=/tmp/b/chromeos_efi-x86_payload/ # U-Boot build directory
+ cd u-boot
+ make O=$UB chromeos_efi-x86_payload_defconfig
+ make O=$UB -j20 -s VBOOT_SOURCE=/path/to/vboot_reference \
+ MAKEFLAGS_VBOOT=DEBUG=1 QUIET=1
+
+To run on EFI put the resulting `u-boot-payload.efi` file in a qemu image.
+
+
+Boot flow
+---------
+
+This is still to be determined. It starts vboot at the 'read-write init'
+stage which means that it just needs to boot a kernel.
+
+At present this builds but doesn't do anything useful when run. The required
+boot flow needs to be figured out.
+
+
+Exanple boot flow
+-----------------
+
+This is minimal so far. It immediately fails in vboot_rw_init() because there
+is no bloblist. Nor is there any coreboot. So we need to work out what state to
+set up and this will be a new case in `rw_init.c`::
+
+ U-Boot 2021.07-00106-g3c3721560eb-dirty (Jul 25 2021 - 20:29:04 -0600)
+
+ CPU: x86_64, vendor AMD, device 663h
+ DRAM: 84.1 MiB
+ MMC:
+ Loading Environment from nowhere... OK
+ Video: 800x600x32
+ Model: EFI x86 Payload
+ Net: No ethernet found.
+ No working controllers found
+ Hit any key to stop autoboot: 0
+ --
+ * Running stage 'rw_init'
+ Chromium OS verified boot starting
+ blob: returning err=-2
+ Error: stage 'rw_init' returned fffffffe (-2)
+ Cold reboot
diff --git a/cros/doc/index.rst b/cros/doc/index.rst
index 63c4e77..1e85bce 100644
--- a/cros/doc/index.rst
+++ b/cros/doc/index.rst
@@ -20,3 +20,4 @@
cros_sandbox
cros_coral
cros_coreboot
+ cros_efi_payload
diff --git a/include/configs/chromeos_efi-x86_payload.h b/include/configs/chromeos_efi-x86_payload.h
new file mode 100644
index 0000000..5fb052a
--- /dev/null
+++ b/include/configs/chromeos_efi-x86_payload.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright 2018 Google LLC
+ */
+
+#ifndef _CHROMEOS_EFI_X86_PAYLOAD_CONFIG_H
+#define _CHROMEOS_EFI_X86_PAYLOAD_CONFIG_H
+
+#include <configs/efi-x86_payload.h>
+#include <configs/chromeos.h>
+
+#undef CONFIG_BOOTCOMMAND
+#define CONFIG_BOOTCOMMAND "vboot go auto"
+
+#define xCONFIG_BOOTCOMMAND \
+ "scsi scan; fatload scsi 0:0 01000000 vmlinuz; zboot 01000000"
+
+#endif /* _CHROMEOS_EFI_X86_PAYLOAD_CONFIG_H */
