On KGPE-D16 boards, ensure linux-kgpe-d16*.config are up-to-date by:

cp config/linux.. ./build/linux*/.config
	cd build/linux*
	make savedefconfig
	cp defconfig ../../config/linux..

Resulting in only linux-kgpe-d16_workstation.config being updated.

For KGPE-D16 workstation boards:
Remove `console=tty0` from `CONFIG_BOOT_KERNEL_ADD` as was blocking Qubes graphical installer (CLI installer was launched).
Comment out `export CONFIG_BOOT_KERNEL_REMOVE="plymouth.ignore-serial-consoles"` to provide a more desktop like experience.

Removed 0001-cpu-x86-smm-Use-PRIxPTR-to-print-uintptr_t.patch as already exists as 0000-cpu-x86-smm-Use-PRIxPTR-to-print-uintptr_t.patch

Added 0020-kgpe-d16_measured-boot-support.patch for coreboot 4.11

Fix TPM errors when microcode is measured by initialising TPM earlier and loading the microcode later.
Thanks to Michał Żygowski <miczyg1> for condition suggestion: `if (CONFIG(MEASURED_BOOT) && CONFIG(LPC_TPM) && boot_cpu())`

Locate bootblock location and size with CBFS API. Credit to: Michał Żygowski <miczyg1>

boards/kgpe-d16_workstation-usb_keyboard/kgpe-d16_workstation-usb_keyboard.config

@@ -57,13 +57,13 @@ export CONFIG_ERROR_BG_COLOR="--background-gradient 0 0 0 150 0 0"
 #Dual output to local console (tty0) and OpenBmc (ttyS1)
 #export CONFIG_BOOT_KERNEL_ADD="nohz=on console=ttyS1,115200n8 console=tty0"
 #Single output to tty0
-export CONFIG_BOOT_KERNEL_ADD="nohz=on console=tty0 nouveau.config=NvForcePost=1"
+export CONFIG_BOOT_KERNEL_ADD="nohz=on nouveau.config=NvForcePost=1"
 #export CONFIG_BOOT_RECOVERY_SERIAL="/dev/ttyS0"
 #export CONFIG_BOOT_STATIC_IP=192.168.2.3
 
 export CONFIG_BOOT_REQ_HASH=n
 export CONFIG_BOOT_REQ_ROLLBACK=n
-export CONFIG_BOOT_KERNEL_REMOVE="plymouth.ignore-serial-consoles"
+#export CONFIG_BOOT_KERNEL_REMOVE="plymouth.ignore-serial-consoles"
 export CONFIG_BOOT_DEV="/dev/sda1"
 export CONFIG_USB_BOOT_DEV="/dev/sdb1"
 export CONFIG_FLASHROM_OPTIONS="--force --noverify -p internal"

boards/kgpe-d16_workstation/kgpe-d16_workstation.config

@@ -58,13 +58,13 @@ export CONFIG_ERROR_BG_COLOR="--background-gradient 0 0 0 150 0 0"
 #Dual output to local console (tty0) and OpenBmc (ttyS1)
 #export CONFIG_BOOT_KERNEL_ADD="nohz=on console=ttyS1,115200n8 console=tty0"
 #Single output to tty0
-export CONFIG_BOOT_KERNEL_ADD="nohz=on console=tty0 nouveau.config=NvForcePost=1"
+export CONFIG_BOOT_KERNEL_ADD="nohz=on nouveau.config=NvForcePost=1"
 #export CONFIG_BOOT_RECOVERY_SERIAL="/dev/ttyS0"
 #export CONFIG_BOOT_STATIC_IP=192.168.2.3
 
 export CONFIG_BOOT_REQ_HASH=n
 export CONFIG_BOOT_REQ_ROLLBACK=n
-export CONFIG_BOOT_KERNEL_REMOVE="plymouth.ignore-serial-consoles"
+#export CONFIG_BOOT_KERNEL_REMOVE="plymouth.ignore-serial-consoles"
 export CONFIG_BOOT_DEV="/dev/sda1"
 export CONFIG_USB_BOOT_DEV="/dev/sdb1"
 export CONFIG_FLASHROM_OPTIONS="--force --noverify -p internal"

config/linux-kgpe-d16_workstation.config

@@ -56,7 +56,6 @@ CONFIG_KEXEC_FILE=y
 CONFIG_PHYSICAL_ALIGN=0x1000000
 # CONFIG_MODIFY_LDT_SYSCALL is not set
 # CONFIG_SUSPEND is not set
-CONFIG_ACPI_VIDEO=y
 CONFIG_PCI_MSI=y
 # CONFIG_HT_IRQ is not set
 CONFIG_PCI_IOV=y
@@ -179,15 +178,15 @@ CONFIG_I2C_MUX_REG=m
 # CONFIG_I2C_HELPER_AUTO is not set
 CONFIG_I2C_SLAVE=y
 CONFIG_PTP_1588_CLOCK=y
-# CONFIG_HWMON is not set
 # CONFIG_X86_PKG_TEMP_THERMAL is not set
 CONFIG_MFD_SYSCON=y
 CONFIG_DRM=y
+CONFIG_DRM_RADEON=y
+CONFIG_DRM_AMDGPU=y
+CONFIG_DRM_NOUVEAU=y
 CONFIG_DRM_AST=y
 CONFIG_FB_VESA=y
-CONFIG_BACKLIGHT_LCD_SUPPORT=y
 # CONFIG_LCD_CLASS_DEVICE is not set
-CONFIG_BACKLIGHT_CLASS_DEVICE=y
 # CONFIG_BACKLIGHT_GENERIC is not set
 CONFIG_FRAMEBUFFER_CONSOLE=y
 CONFIG_USB=y
@@ -200,7 +199,6 @@ CONFIG_USB_OHCI_HCD_PLATFORM=m
 CONFIG_USB_UHCI_HCD=m
 CONFIG_USB_STORAGE=m
 CONFIG_RTC_CLASS=y
-# CONFIG_X86_PLATFORM_DEVICES is not set
 CONFIG_INTEL_IOMMU=y
 CONFIG_INTEL_IOMMU_SVM=y
 CONFIG_GENERIC_PHY=y
@@ -324,6 +322,3 @@ CONFIG_CRC8=m
 CONFIG_XZ_DEC_TEST=m
 CONFIG_CORDIC=m
 CONFIG_IRQ_POLL=y
-CONFIG_DRM_NOUVEAU=y
-CONFIG_DRM_RADEON=y
-CONFIG_DRM_AMDGPU=y

patches/coreboot-4.11/0001-cpu-x86-smm-Use-PRIxPTR-to-print-uintptr_t.patch

@@ -1,47 +0,0 @@
-From 06f2fcc0ffc1a903f304d8a3382f3a57163989a1 Mon Sep 17 00:00:00 2001
-From: Jacob Garber <jgarber1@ualberta.ca>
-Date: Mon, 4 Nov 2019 09:35:15 -0700
-Subject: [PATCH] cpu/x86/smm: Use PRIxPTR to print uintptr_t
-
-Since 'base' is a uintptr_t, it needs the PRIxPTR format specifier. This
-fixes a compilation error when targeting x86_64 or using Clang 9.0.0.
-
-Change-Id: Ib806e2b3cbb255ef208b361744ac4547b8ba262f
-Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
-Reviewed-on: https://review.coreboot.org/c/coreboot/+/36785
-Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
-Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
----
- src/cpu/x86/smm/tseg_region.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/src/cpu/x86/smm/tseg_region.c b/src/cpu/x86/smm/tseg_region.c
-index a8b8bb7b9a..5b5c5729d5 100644
---- a/src/cpu/x86/smm/tseg_region.c
-+++ b/src/cpu/x86/smm/tseg_region.c
-@@ -17,6 +17,7 @@
- #include <cpu/x86/smm.h>
- #include <stage_cache.h>
- #include <types.h>
-+#include <inttypes.h>
- 
- /*
-  *        Subregions within SMM
-@@ -88,11 +89,11 @@ void smm_list_regions(void)
- 		return;
- 
- 	printk(BIOS_DEBUG, "SMM Memory Map\n");
--	printk(BIOS_DEBUG, "SMRAM       : 0x%zx 0x%zx\n", base, size);
-+	printk(BIOS_DEBUG, "SMRAM       : 0x%" PRIxPTR " 0x%zx\n", base, size);
- 
- 	for (i = 0; i < SMM_SUBREGION_NUM; i++) {
- 		if (smm_subregion(i, &base, &size))
- 			continue;
--		printk(BIOS_DEBUG, " Subregion %d: 0x%zx 0x%zx\n", i, base, size);
-+		printk(BIOS_DEBUG, " Subregion %d: 0x%" PRIxPTR " 0x%zx\n", i, base, size);
- 	}
- }
--- 
-2.21.1
-
-

patches/coreboot-4.11/0020-kgpe-d16_measured-boot-support.patch

@@ -0,0 +1,67 @@
+diff --git a/src/mainboard/asus/kgpe-d16/romstage.c b/src/mainboard/asus/kgpe-d16/romstage.c
+index 637ec42109..8a92f88375 100644
+--- a/src/mainboard/asus/kgpe-d16/romstage.c
++++ b/src/mainboard/asus/kgpe-d16/romstage.c
+@@ -46,6 +46,12 @@
+ #include <cbmem.h>
+ #include <types.h>
+ 
++#include <security/tpm/tss.h>
++#include <security/tpm/tspi.h>
++#include <program_loading.h>
++#include <smp/node.h>
++#include <cbfs.h>
++
+ #include "cpu/amd/quadcore/quadcore.c"
+ 
+ #define SERIAL_0_DEV PNP_DEV(0x2e, W83667HG_A_SP1)
+@@ -547,7 +553,6 @@ void cache_as_ram_main(unsigned long bist, unsigned long cpu_init_detectedx)
+ 		power_on_reset = 1;
+ 
+ 	initialize_mca(1, power_on_reset);
+-	update_microcode(val);
+ 
+ 	post_code(0x33);
+ 
+@@ -573,6 +578,13 @@ void cache_as_ram_main(unsigned long bist, unsigned long cpu_init_detectedx)
+ 	sr5650_early_setup();
+ 	sb7xx_51xx_early_setup();
+ 
++	if (CONFIG(MEASURED_BOOT) && CONFIG(LPC_TPM) && boot_cpu()) {
++		tpm_setup(0);
++		tlcl_lib_init();
++	}
++
++	update_microcode(val);
++
+ 	if (CONFIG(LOGICAL_CPUS)) {
+ 		/* Core0 on each node is configured. Now setup any additional cores. */
+ 		printk(BIOS_DEBUG, "start_other_cores()\n");
+@@ -687,6 +699,17 @@ void cache_as_ram_main(unsigned long bist, unsigned long cpu_init_detectedx)
+ 	pci_write_config16(PCI_DEV(0, 0x14, 0), 0x54, 0x0707);
+ 	pci_write_config16(PCI_DEV(0, 0x14, 0), 0x56, 0x0bb0);
+ 	pci_write_config16(PCI_DEV(0, 0x14, 0), 0x5a, 0x0ff0);
++
++	if (CONFIG(MEASURED_BOOT) && CONFIG(LPC_TPM)) {
++		size_t bootblock_size = 0;
++		const void *bootblock = cbfs_boot_map_with_leak("bootblock", 1, &bootblock_size);
++		tlcl_measure(2, bootblock, bootblock_size);
++
++		extern char _romstage, _eromstage;
++		tlcl_measure(2, &_romstage, &_eromstage - &_romstage);
++	}
++
++
+ }
+ 
+ /**
+@@ -718,3 +741,9 @@ BOOL AMD_CB_ManualBUIDSwapList (u8 node, u8 link, const u8 **List)
+ 
+ 	return 0;
+ }
++
++void platform_segment_loaded(uintptr_t start, size_t size, int flags)
++{
++	if (CONFIG(MEASURED_BOOT) && !(flags & SEG_NO_MEASURE))
++		tlcl_measure(2, (const void *) start, size);
++}