Workstations support with variable dGPU : SeaBIOS chainloading of Heads needed?

[tlaurion]

• coreboot oprom pci extraction + loading exists, but is not providing VBIOS: SeaBIOS does.
• coreboot/SeaBIOS seperation of duties prohibit coreboot by ideology from providing VBIOS implementation: SeaBIOS does and is said to do it well.
• SeaBIOS does more then extract oprom from PCI+loads it, it implements VBIOS dGPU implementation for which oprom IRQ polling results in functional graphic handling.
• Without VBIOS implementation in firmware provided by SeaBIOS (free or proprietary), oprom alone gives variable dGPU support.
• So Hypothesis here is that SeaBIOS should be used to chainload Heads payload instead of trying to implement VBIOS+oprom loading inside of coreboot. But to do so well, SeaBIOS should hebable TPM measured boot and read oprom in ram, measure it, extend TPM PCR and then load oprom+offer VBIOS free implementation so IRQ polling is functions.

---

Traces of discussions (only accessible by current members of D16 club):

• Discussion happened under https://matrix.to/#/!OkpUfvLEYpLyALVvaW:dodoid.com/$Oeai4eu3okikozVksCyW-4ML2DghNBr2fYI9oBcuV5c?via=dodoid.com&via=matrix.org&via=envs.net
• Failed previous PoC resulted by a Kconfig setting missing, this one: https://matrix.to/#/!OkpUfvLEYpLyALVvaW:dodoid.com/$jg0G2adlj6WKaGvjiE-egCqCjmL7AyDqRLBTl6tdxds?via=dodoid.com&via=matrix.org&via=envs.net
  • Some failed resulting experiments branches to be revisited in next PoC iteration
    • https://github.com/tlaurion/heads/tree/coreboot-411_d16_dgpu_oprom_test
    • https://github.com/tlaurion/heads/tree/d16_kernel_618_coreboot_fam15h-oprom

Originally posted by @tlaurion in #1792 (comment)

[tlaurion]

Some more notes:

• SeaBIOS compressed can be 68kb (references from above discussions a bit down)
• SeaBIOS would be measured by coreboot and introspection notes available through cbmem logs
• SeaBIOS implementation thought to currently miss oprom measurement and TPM PCR extend with hash prior of loading (TOCTU possible). To verify and challenge SeaBIOS comunity to provide implementation
• SeaBIOS provides TPM implementation, test it and see what it does and what it doesn't

[tlaurion]

Disclaimer: from my limited understanding of the low level interactions happening at VBIOS/oprom/efi level, most of the above could be wrong. This is why "help wanted" lable is put on this issue, and I welcome experts (coreboot devels) to jump in this discsussion up to creating PR to test hypothesis.

Some more discussion trail under https://matrix.to/#/!OkpUfvLEYpLyALVvaW:dodoid.com/$LqiTqBOtSs5v1r8n0s_UNhsVSGO1adNigZeV6Zahn7k?via=dodoid.com&via=matrix.org&via=envs.net for traceability.