coreboot implementation for AMD #68
Description
This task will implement support for performing DRTM between coreboot and its payload, in this case edk2. While the implementation of dynamic launch will be in coreboot, the payload must be able to handle unusual state after the hand-off. It also has to carefully manage the access to memory, as well as control when and how other cores are allowed to be started. Finally, the payload binary must contain information that would tell coreboot that it can be started through dynamic launch.
The implementation may reuse parts of PoC.
- AMD only, but
cpu/amd/piisn't proper place for this code - Many commits were added just for edk2 payload (at least all with SMM in the name), those should be present in Dasharo already so they don't have to be ported
- SKL revision wasn't specified in the config, default branch was always used. This must be changed to have reproducible builds
- SLRT needs to be added, old code uses SKL tags
- PoC TODOs: include headers directly from SKL, 64b (optional?), reserve space for TPM event log
- Documentation in coreboot: description of new option, use cases, supported/tested families and payload requirements (common and AMD-specific)
- If Dasharo gains support for newer AMD platforms: changes required for PSP involvement in SKINIT - discovery, implementation and documentation
- Send patches to upstream coreboot
Form: PR to https://github.com/Dasharo/coreboot, and if needed also https://github.com/TrenchBoot/secure-kernel-loader
Proof: logs from debug version of SKL