6 Replies Latest reply on Apr 15, 2016 3:38 PM by Brett

    Intel Atom E3815 Bios

    SAGEE Community Member

      I am seriously looking at the Atom for a platform that has safety critical aspects to it and I wanted to see if anyone had more information on the bios and maybe a guide in creating our own? 

        • Re: Intel Atom E3815 Bios
          FrankWeerdenbur Green Belt

          Hello SAGEE,

           

          ELTAN might customize the BIOS to implement safety critical aspects based on your requirements.

           

          For this you can contact us directly:

           

          Email: Fweerdenburg@eltan.com

          Website: www.eltan.com

           

          Best regards,

          Frank

          • Re: Intel Atom E3815 Bios
            AdolfoS Brown Belt

            Hello SAGEE

             

            Here you can find two options available for companies interested on creating their own bootloader

             

            One is the firmware engine, this allow for easy customization of a basic firmware:Intel® Firmware Engine | Intel® Architecture Firmware Resource Center

             

            The other is the FSP, the FSP provides binaries that perform basic Firmware Initialization and can be integrated with Coreboot or EDK-II code:Intel® FSP - About | Intel® Architecture Firmware Resource Center

             

            Additionally for security you must also search about TXE Firmware, the Trusted eXecution Engine provide features to prevent BIOS tampering, however information about TXE is considered Intel Confidential and require that you have CNDA account.

             

            Best Regards,

            Adolfo Sanchez.

            • Re: Intel Atom E3815 Bios
              Brett Green Belt

              Hi SAGEE,

               

              As someone whom over the last 6 months has brought up a custom E3800 design using Coreboot I can say don't be intimidated. Yes, there is a lot to learn at first but once figured out it's very straight-forward. I did want to pass along a couple of things. Intel did seem to back out some of the security requirements for the "Bay Trail I" version thankfully. Being an embedded product all that stuff does is get in the way.

               

              The CPU will boot without a TXE image but the XDP port will be locked out.

              So long as the TXE image is present it the XDP will be available. You don't have to configure anything, just add the TXE image in the FITC tool.

              You don't need to sign your images or generate a manifest.

               

              When you said 'safety critical' be aware that unless you are a large company you will never have access to FSP source and therefor cannot do any code coverage analysis. For example if you are doing a DO178 project you typically can only get a cert on DAL C and below. These processors will not boot without the FSP.

               

              Brett

                • Re: Intel Atom E3815 Bios
                  Nitya Green Belt

                  Hi Brett

                   

                  We are working on one customized board based on Intel ISX design based on E3845. With reference bios image, processor is booting but we are not able to get HDMI display.

                   

                  Any clues?

                   

                  While building from coreboot, I generated .rom file without TXE. Is there any additional care to be taken? Can I flash directly this image?

                    • Re: Intel Atom E3815 Bios
                      AdolfoS Brown Belt

                      Hello Nitya

                       

                      Are you including the Intel FSP on the Coreboot Image?

                      Are you using the FITC tool to build the final Image?

                       

                      Best Regards,

                      Adolfo Sanchez

                      • Re: Intel Atom E3815 Bios
                        Brett Green Belt

                        Hi Nitya,

                         

                        We have the GPU disabled on our product so I may not be much help here. I guess my first question would be is yours also? If you look through your coreboot boot logs with the log level set to 8 (SPEW) then you will see the entire PCI enoumeration. Look for Bus 0, Device 3, Function 0 - it will show up as 00:03.0, and make sure it is enabled. Be careful, as it may initially say it is enabled and then it becomes disabled at a later stage. Whether it is enabled or not is set in the FSP by the BCT. Also, did you add the VGA BIOS?

                         

                        As for building Coreboot to the best of my knowledge it has no provisions to add the TXE image. I did find where you can add a descriptor.bin file but that assumes you have an image of that too. I have never tried it so I don't know if it works for our processor. The best way to get the descriptor, and the TXE if you are going to add it, correctly loaded is to use the FITC tool. You may have to contact your Intel rep to get access to it and the TXE - they should come together in a package. If you can't get the FITC then this document, 514482_ByTti_SoC_SPIFlashProgGuide_Rev1p0, gives you the layout of the descriptors including the soft straps.

                         

                        When booting the first thing the processor does is read address 0x10 of the flash looking for the Signature telling it to boot in descriptor mode. (The very first steppings of the processor would boot in non-descriptor mode but the current ones cannot. You can find statements in the docs where it says it one way then corrects it a sentence later. ) It then reads the Descriptors, the TXE if present and then 1st stage boot - the part that runs in 'cache as ram' mode.

                         

                        It is not really obvious how flash is laid out but certain things are fixed: 0x10 for the Signature, 0x14 for the beginning of the descriptor tables are at the start of flash. The boot image MUST be at the very end of flash because the reset vector is at xxFFFF0. The TXE can be located anywhere in between with it's start location specified by its descriptor.

                         

                        Once you have a complete flash image you do not need to rebuild it with the FITC tool. Just reflash the coreboot image for updates. For example, I use a 16MB boot flash but I only build a 2MB coreboot image. When I need to update coreboot I just update the flash from E00000 to FFFFFF.

                         

                        Hope this helps,

                        Brett