Issue #617 has been updated by Matt DeVillier.
gaspar ilom wrote in #note-4:
> cat ./build/x86/coreboot-25.09/EOL_w541-maximized/fmap.fmd
> ```
> # layout for firmware residing at top of 4GB address space
> # +-------------+ <-- 4GB - ROM_SIZE / start of flash
> # | unspecified |
> # +-------------+ <-- 4GB - BIOS_SIZE
> # | FMAP |
> # +-------------+ <-- 4GB - BIOS_SIZE + FMAP_SIZE
> # | CBFS |
> # +-------------+ <-- 4GB / end of flash
>
> FLASH 0x00c00000 {
> BIOS@131072 12451840 {
>
> RW_MRC_CACHE@0 0x10000
>
>
>
>
> FMAP@65536 0x200
> COREBOOT(CBFS)@66048 12385792
> }
> }
> ```
there's something odd going on here, since the generated FMAP should have the
IFD, ME, and GBE regions listed if you are including those blobs in the
coreboot build.
gaspar ilom wrote in #note-2:
> Maximilian Brune wrote in #note-1:
> > Does this patch detect your issue?
> > https://review.coreboot.org/c/coreboot/+/73470
>
> Unfortunately no, it seems that this does not cause an error, as ifdtool does
> not find the regions in FMAP. Why is that?
>
> https://app.circleci.com/pipelines/github/gaspar-ilom/heads/37/workflows/a2223530-f5e9-4f28-be72-38f2f3e72e84/jobs/2705
>
> ```
> Nov 15 18:25:27 printf " IFDTOOL validate IFD against FMAP\n"
> Nov 15 18:25:27 IFDTOOL validate IFD against FMAP
> Nov 15 18:25:27 EOL_w541-maximized/util/ifdtool/ifdtool \
> Nov 15 18:25:27 \
> Nov 15 18:25:27 -t EOL_w541-maximized/coreboot.pre
> Nov 15 18:25:27 Warning: No platform specified. Output may be incomplete
> Nov 15 18:25:27 Warning: Not a single IFD region found in FMAP
> Nov 15 18:25:27 File EOL_w541-maximized/coreboot.pre is 12582912 bytes
> ```
>
> EDIT:
> Looked into the code and apart from analyzing why regions could not be found
> I think we should also question whether it is the right call to just print an
> error instead of calling exit:
>
> https://review.coreboot.org/c/coreboot/+/73470/13/util/ifdtool/ifdtool.c#1256
your manual invocation of ifdtool lacks the platform parameter, so all bets are
off. But as above, since the IFD layout is not reflected in the FMAP as it
should, then there is nothing to compare against.
here's what you should be seeing (plus the GBE region)
```
FLASH 0x1000000 {
SI_DESC@0x0 0x1000
SI_ME@0x1000 0x1FF000
SI_BIOS@0xbb0000 0x450000 {
RW_MRC_CACHE@0x0 0x10000
SMMSTORE@0x10000 0x40000
RO_VPD@0x50000 0x4000
FMAP@0x54000 0x200
COREBOOT(CBFS)@0x55000 0x3fb000
}
}
```
----------------------------------------
Bug #617: Missing safeguard: CBFS_SIZE greater than BIOS region in the IFD
https://ticket.coreboot.org/issues/617#change-2184
* Author: gaspar ilom
* Status: New
* Priority: Normal
* Target version: none
* Start date: 2025-11-14
* Affected versions: main
* Affected hardware: haswell
----------------------------------------
There are no effective safeguards to enforce that the `CONFIG_CBFS_SIZE` does
not exceed the bios region as declared in the IFD.
### Impact
- Downstream under Heads with a maximized bios region for the Haswell boards
(T440p and W541) we could verify that this bug leads to an overflow when
training the memory cache that makes it not work. This happens both with MRC
blob and NRI and causes very slow boot times (20s) and S3 suspend/resume does
not work.
- Effects on other boards have not been observed but are possible.
### Expected behavior
Coreboot should not build successfully if the `CBFS_SIZE` exceeds the bios
region in the IFD and error out reporting the problem that caused this.
## Analysis
Full details are under the PR in Heads and in particular this comment by
@tlaurion https://github.com/linuxboot/heads/pull/2025/#issuecomment-3524672338
Ifttool reports a bios region of 0xBDEFFF (BDEFFF).
However, the coreboot config contained:
```
CONFIG_CBFS_SIZE=0xBE4FFF
```
```
./build/x86/coreboot-25.09/util/ifdtool/ifdtool --platform ifd2 --layout
w541_layout blobs/w541/ifd.bin && cat w541_layout
File blobs/w541/ifd.bin is 4096 bytes
Wrote layout to w541_layout
00000000:00000fff fd
00021000:00bfffff bios
00003000:00020fff me
00001000:00002fff gbe
```
After fixing the `CONFIG_CBFS_SIZE` the issues were fixed and fast boot with
trained memory cache and S3 suspen/resume work again with NRI:
https://github.com/linuxboot/heads/pull/2025/commits/9b8b9cacdcea4f67c95dcec10b3153fc8c016940
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
https://ticket.coreboot.org/my/account
_______________________________________________
coreboot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
