| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
In some cases opal-prd daemon is failing to start during boot. This is
because systemd is trying to start service before `opal-prd` kernel module
load.
Sample failure message:
----------------------
Feb 21 19:03:09 grsp1 opal-prd: FW: Can't open PRD device /dev/opal-prd: No such file or directory
Feb 21 19:03:09 grsp1 opal-prd: FW: Error initialising PRD channel
Lets start opal-prd service after systemd-modules-load is started. Also
create conf file to load opal-prd module during boot. This will make sure
systemd tries to start opal-prd daemon after opal-prd kernel module load.
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
This code isn't directly used by skiboot, but it is wrong and potentially
insecure so I'm fixing it in case it's used in the future.
We pass sizeof(hash) into mbedtls_pk_verify(). However, hash is a pointer,
not an array, so rather than passing the length of the hash to verify we'll
pass in 8, and only compare the first 8 bytes of the hash rather than all 32.
Pass in 0 instead. That tells mbedtls to work out the length based on the
hash type. We allocated enough memory for whatever hash type the PKCS#7
message declared so this will be safe.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
sync to upstream dtc.git commit 45f3d1a095dd ("libfdt: overlay: make
overlay_get_target() public") from previous upstream sync commit 243176c
("Fix bogus error on rebuild"). This mainly updates license headers,
fixes one or two small bugs, sign mismatches, integer overflow, and
cases of undefined behaviour, compile warnings for newer compilers, and
introduces some checking options (which might be useful to speed up fdt
operations on awan).
The recipe for this patch is:
$ cp ../dtc/libfdt/* libfdt/
$ git add libfdt/fdt_check.c
$ rm libfdt/meson.build
Then add the INT32_MAX define to libc/include/limits.h, and update
libfdt/Makefile.inc and libfdt/README.skiboot.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
sync to upstream ccan.git commit ca7c5a9e04f3 ("ccan: make tal_dump()
format more regular.").
The recipe used to sync upstream is:
$ cd ccan
$ ./tools/create-ccan-tree -b make tmp \
array_size check_type container_of heap \
short_types build_assert endian list str
$ # replace directories in skiboot/ccan/ with those in tmp/ccan/
$ cd ../skiboot
$ patch -p1 < ccan/skiboot.patch
This also adds a README.skiboot to help with future updates.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Compilation can fail when building tests if the opal-api.h include
is not pulled in via headers. Include it directly.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Upstream ccan uses (list, existing entry, new entry) parameter ordering
rather than (list, new entry, existing entry) ordering.
Switch these to make syncing with upstream simpler.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
This adds ibm,mmu-pid-bits and a new ibm,mmu-lpid-bits to POWER10 CPUs.
POWER9 Linux has some workarounds for processors bugs that means it's
probably safer to not add the entries there.
Linux already hard codes these values correctly on these processors, but
this allows more flexibility to change things.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
This defines a PCI layout close to an OpenPOWER system and adds an
optional disk to boot from. Fix verbose runs while we are at it.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
travis.org is dead. Using travis-ci.com has some money implication and
we won't be able to check whether the config is still valid and the
tests passing. We migrated most of the existing CI on travis to github
actions.
So this can only bit-rot so let's remove it.
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Miscellaneous cleanup in the Docker files, mostly removing unneeded packages.
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Strengthen the container security settings, since we don't seem to
need more. The rest of the patch is cosmectic.
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
In the docker world, ubuntu-latest is the latest LTS release, 20.04 as
of this writing. ubuntu-rolling is the latest (non-devel) release,
which is 21.10 as of this writing. So rename our CI files accordingly
to avoid confusion.
Also ubuntu 21.10 ships with a recent enough qemu-system-ppc package
so we can now run a simple qemu boot test for powernv. The Docker file
fetches a kernel image from the op-build repo on github.
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
The only change with Fedora 34 is that since the qemu-system-ppc
package is recent, we can now run the qemu boot test.
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Fix a syntax error in the expect script.
Add -nographic when starting qemu to avoid problems on systems where
gtk is installed.
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
openpower.xyz no longer exists but op-build now exports artifacts on
github.
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Each signed variable update contains a timestamp -- this timestamp is checked
against the previous timestamp seen for that particular variable (if any), and
the update is rejected if the timestamp is not a later time than the previous.
This timestamp check is intended to prevent re-use of signed update files.
Currently, the code stores the timestamps in the TS variable, which is then
stored in regular variable storage (typically PNOR). This patch promotes the
variable to "protected storage" (typically TPM NV), so avoid this variable
being accidentally cleared.
This change should only come into effect when either:
- initializing secvar for the first time (i.e. first boot, or
after a key-clear-request)
- processing any variable update
Systems that already have a TS variable in PNOR will not be affected until
either of the above actions are taken.
Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Tested-by: Nick Child <nick.child@ibm.com>
Reviewed-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
As the PNOR variable space cannot be locked, the data must be integrity
checked when loaded to ensure it has not beeen modified by an unauthorized
party. In the event that a modification has been detected (i.e. hash mismatch),
we must not load in data that could potentially be compromised.
However, the previous code was a bit overzealous with its reaction to detecting
a compromised SECBOOT partition, and also had some inconsistencies in behavior.
Case 1: SECBOOT partition cleared.
.init() checks the header for the magic number and version. As neither matches,
will reformat the entire partition. Now, .load_bank() will pass, as the data
was just freshly reformatted (note: this also could trigger the bug addressed
in the previous patch). Only variables in the TPM will be loaded by
.load_bank() as the data in SECBOOT is now empty.
Case 2: Bank hash mismatch.
.load_bank() panics and returns an error code, causing secvar_main() to jump
to the error scenario, which prevents the secvar API from being exposed.
os-secure-enforcing is set unconditionally, and the user will have no API to
manage or attempt to fix their system without issuing a key clear request.
This patch unifies the behavior of both of these cases. Now, .init() handles
checking the header AND comparing the bank hash. If either check fails, the
SECBOOT partition will be reformatted. Variables in the TPM will still be
loaded in the .load_bank() step, and provided the backend stores its
secure boot state in the TPM, secure boot state can be preserved.
Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Tested-by: Nick Child <nick.child@ibm.com>
Reviewed-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
When the SECBOOT partition is formatted, the bank hash stored in the
control TPM NV index must be updated to match, or else we will immediately
fail to load the freshly formatted data at the .load_bank() step.
However, while the secboot_format() function does calculate and update the
bank hash, it only writes the new hash for bank 0. It does not update the
value for bank 1, or set the current active bank. This works as expected if
the active bank bit happens to be set to 0. On the other hand, if the active
bit is set to 1, the freshly formatted bank 1 will be compared against the
unchanged bank hash in bank 1 at the load step, therefore causing an error.
This patch fixes this issue by also setting the active bit to 0 to match
the freshly calculated hash.
Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Tested-by: Nick Child <nick.child@ibm.com>
Reviewed-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
This fixes "orphan section" warnings when linking skiboot.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
|
|
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
All PHB5 error registers read when getting the PHB diagnostics data
have the exact same definitions as on PHB4, so we don't need any new
type. OPAL_PHB_ERROR_DATA_TYPE_PHB5 is not used in skiboot. It's
never been imported on linux, so it is safe to remove the symbol.
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
This patch fixes errors seen when linux looks for the interrupt to use
for a device LSI:
pci X:Y:Z of_irq_parse_pci: failed with rc=-22
The of/irq parsing code requires those new properties to be able to
map the interrupt specifier correctly. It was not needed before
comitting cd12ea6d8e1 ("interrupts: Do not advertise XICS support on
P10"), because the LSI mapping code was defaulting to the XICS
interrupt controller node, which is now removed (and had those
properties).
Fixes: cd12ea6d8e1 ("interrupts: Do not advertise XICS support on P10")
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Lowest Point of Coherency (LPC) memory allows the host to access memory on
an OpenCAPI device.
When the P10 chip accesses memory addresses on the AFU, the Real Address
on the PowerBus must hit a BAR in the PAU such as GPU-Memory BAR. The BAR
defines the range of Real Addresses that represent AFU memory.
The two existing OPAL calls, OPAL_NPU_MEM_ALLOC and OPAL_NPU_MEM_RELEASE
are used to manage the AFU momory.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
The remaining translation mode: OpenCAPI 5.0 with TLBI/SLBI Snooping, is
not used due to performance problems caused by the mismatch between the
ERAT and Bloom Filter sizes.
When the Address Translation Mode requires TLB and SLB Invalidate
operations to be initiated using MMIO registers, a set of registers like
the following is used:
• XTS MMIO ATSD0 LPARID register
• XTS MMIO ATSD0 AVA register
• XTS MMIO ATSD0 launch register, write access initiates a shoot down
• XTS MMIO ATSD0 status register
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Update the content of three current OPAL API calls to support PAU.
- OPAL_NPU_SPA_SETUP
The Shared Process Area (SPA) is a table containing one entry (a
"Process Element") per memory context which can be accessed by the
OpenCAPI device.
- OPAL_NPU_SPA_CLEAR_CACHE
The PAU keeps a cache of recently accessed memory contexts. When a
Process Element is removed from the SPA, the cache for the link must
be cleared.
- OPAL_NPU_TL_SET
The Transaction Layer specification defines several templates for
messages to be exchanged on the link. During link setup, the host
and device must negotiate what templates are supported on both sides
and at what rates those messages can be sent.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Add elementary functions to handle a phb complete, fundamental and
hot resets.
For the time being, specific creset and hreset are not supported.
A complete fundamental reset is based on the following steps, in this
order:
- Place all bricks into Fence state
- Disable BARs
- Reset ODL to Power-on Values
- Set the i2c reset pin in output mode
- Initialize PHY Lanes
- Deassert ODL reset
- Clear the the i2c reset pin
- Unfence bricks
- Enable BARs
- Enable ODL training mode
Link training is also set up.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Follow the Procedure IO_INIT_RESET_PON as described in the
P10 OPHY workbook document to reset and initialize the PHY lanes.
The memory mapped SRAM (64 bit aligned) has to be used to configure the
PHY, which is reachable the linked registers: address and data.
The different links can be configured at the same time, that implies using
a global lock to avoid conflicts.
Authored-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
This patch add a new function to dump PAU registers when a HMI has been
raised and an OpenCAPI link has been hit by an error.
For each register, the scom address and the register value are printed.
The hmi.c has been redesigned in order to support the new PHB/PCIEX
type (PAU OpenCapi). Now, the *npu* functions support NPU and PAU units of
P8, P9 and P10 chips.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Add more PHB interfaces:
- to control pci error type in case of freeze.
- add the addresses of the registers needed by the OS to handle
translation failures.
- to detect the fence state of a specific brick
- to configure BDF (Bus Device Function) and PE (Partitionable Endpoint)
for context identification.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
The default action for the errors (unexpected errors on the opencapi
link) reported in the PAU FIR2 registe is mostly set to system
checkstop.
This patch changes the default action of those errors so that the PAU
will raise an interrupt instead. Interrupt information are logged so
that the error can be debugged and linux can catch the event.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Next main part of the hypervisor PAU initialization.
The P10 PAU supports two OpenCAPI links.
The PAU provides various configuration selections for both of the OCAPI
Link Transaction Layer functions (OTLs). These include a link enable,
behavior controls, debug modes, and virtual channel credits to send to
the AFU. The OTL Configuration 0, OTL Configuration 1, OTL
Configuration 2, and TLX Credit Configuration registers are used to
control these functions.
This patch completes the PAU configuration following the
sections 17.1.3.4 to 17.1.3.10.2 of the workbook document.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Enable OpenCAPI mode for each brick which are connected to be used in
this mode. This is be done through 7 steps as described in the
P10 OCAPI 5.0 Processing Unit Workbook document, section:
17.1.3.1 Enabling OpenCAPI.
The following sequences must be performed:
1. Set Transport MUX controls to select OpenCAPI
2. Enable Clocks in XSL
3. Enable Clocks in MISC
4. Set NPCQ configuration
5. Enable XSL-XTS Interfaces
6. Enable State-machine allocation
Enabling the NTL/GENID BARS allows to access to the MMIO registers.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Implement the necessary operations for the OpenCAPI PHB type and
inform the device-tree properties associated.
The OpenCapi PCI config Addr/Data registers are reachable through
the Generation-ID Registers MMIO BARS.
The Config Address and Data registers are located at the following offsets
from the AFU Config BAR plus 320 KB.
• Config Address for Brick 0 – Offset 0
• Config Data for Brick 0 – Offsets:
◦ 128 – 4-byte config register
• Config Address for Brick 1 – Offset 256
• Config Data for Brick 1 – Offsets:
◦ 384 – 4-byte config register
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Configure early PAU Global MMIO BAR registers to allow PAU MMIO
register accesses. This is done for each PAU. Enable the Powerbus
interface is mandatory for MMIO accesses.
For each OpenCAPI device, configure the bar registers to access to
the AFU MMIO and to the AFU Config Addr/Data registers.
AFU Config/Data registers = GENID_ADDR (from phy_map file) + 320K
(= 0x50000)
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Update the platform_ocapi structure to store Rainier platform-specific
values for detecting and resetting OpenCAPI devices via the module
I2C (PCA9553)
The unique number I2C bus ID associated to each OpenCapi device
is get from the I2C port and engine.
(De)Assert a reset and detect an OpenCapi device is available through
the I2C bus id and address.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
OpenCapi for P10 is included in the P10 chip. This requires OCAPI capable
PHYs, Datalink Layer Logic and Transaction Layer Logic to be included.
The PHYs are the physical connection to the OCAPI interconnect.
The Datalink Layer provides link training.
The Transaction Layer executes the cache coherent and data movement
commands on the P10 chip.
The PAU provides the Transaction Layer functionality for the OCAPI
link(s) on the P10 chip.
The P10 PAU supports two OCAPI links. Six accelerator units PAUs are
instantiated on the P10 chip for a total of twelve OCAPI links.
This patch adds PAU opencapi structure for supporting OpenCapi5.
hw/pau.c file contains main of PAU management functions.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Move the OPAL entry points for npu2 opencapi to the common opal NPU
file. This prepares us to add same entries for PAU opencapi in this common
file.
No functional change.
Signed-off-by: Christophe Lombard <clombard@linux.vnet.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
This patch enables Skiboot to initialize and Linux to boot to user space
on the AWAN core and chip models.
We need the distinction between core and chip models because the core
models do not have an XSCOM unit, CHIPTOD, nor RNG. The chip
model does have them and they work.
So, add a device_type property to the awan node to distinguish core from
chip. Sample DTS are provided for the core and chip models in
external/awan.
Just like Mambo, we need to return in slw_init before trying to
initialize SLW. Without an XSCOM unit in the device tree for the core
model, the SLW code path eventually fails an assert due to lack of
chips.
This commit defines a QUIRK_AWAN where previously Mambo used
QUIRK_MAMBO_CALLOUTS so now Mambo and AWAN core both work.
Also, fix up chip quirks so the core model and chip model boot and
initialize the appropriate units.
Disable sreset and power management in a couple spots because the chip
model does not support stop with EC=1 and enter_p9_pm_state spins in the
branch-to-self after stop.
Provide an external/awan/README.md with a high-level view of booting in
the environment.
Signed-off-by: Ryan Grimm <grimm@linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Fix endian for the 4-byte LPC copy similarly to other flash drivers.
This allows flash to be detected on POWER8 AST BMC systems with a LE
skiboot.
Fix incorrect comments in those other drivers while we're here.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Convert phb3 dt construction and in-memory hardware tables to use
explicit endian conversions.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
This significantly simplifies the SLW code.
HILE is now always supported.
Reviewed-by: Stewart Smith <stewart@flamingspork.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
|
Fixes: 891ed8df67 ("Initial POWER10 enablement")
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
|
