diff --git a/Makefile b/Makefile index 7dfa5566..33bb8901 100644 --- a/Makefile +++ b/Makefile @@ -264,27 +264,52 @@ define define_module = ifneq ("$($1_repo)","") $(eval $1_patch_name = $1$(if $($1_patch_version),-$($1_patch_version),)) - # Checkout the tree instead and touch the canary file so that we know - # that the files are all present. No signature hashes are checked in - # this case, since we don't have a stable version to compare against. - $(build)/$($1_base_dir)/.canary: - git clone $($1_repo) "$(build)/$($1_base_dir)" - cd $(build)/$($1_base_dir) && git reset --hard $($1_commit_hash) && git submodule update --init --checkout - if [ -r patches/$($1_patch_name).patch ]; then \ - ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ - < patches/$($1_patch_name).patch \ - || exit 1 ; \ + # First time: + # Checkout the tree instead and create the canary file with repo and + # revision so that we know that the files are all present and their + # version. + # + # Other times: + # If .canary contains the same repo and revision combination, do nothing. + # Otherwise, pull a new revision and checkout with update of submodules + # + # No signature hashes are checked in this case, since we don't have a + # stable version to compare against. + # + # XXX: "git clean -dffx" is a hack for coreboot during commit switching, need + # module-specific cleanup action to get rid of it. + $(build)/$($1_base_dir)/.canary: FORCE + if [ ! -e "$$@" ]; then \ + git clone $($1_repo) "$(build)/$($1_base_dir)"; \ + git -C "$(build)/$($1_base_dir)" reset --hard $($1_commit_hash) && git submodule update --init --checkout; \ + echo -n '$($1_repo)|$($1_commit_hash)' > "$$@"; \ + elif [ "$$$$(cat "$$@")" != '$($1_repo)|$($1_commit_hash)' ]; then \ + echo "Switching $1 to $($1_repo) at $($1_commit_hash)" && \ + git -C "$(build)/$($1_base_dir)" fetch $($1_repo) $($1_commit_hash) && \ + git -C "$(build)/$($1_base_dir)" reset --hard $($1_commit_hash) && \ + git -C "$(build)/$($1_base_dir)" clean -df && \ + git -C "$(build)/$($1_base_dir)" clean -dffx payloads util/cbmem && \ + git -C "$(build)/$($1_base_dir)" submodule sync && \ + git -C "$(build)/$($1_base_dir)" submodule update --init --checkout && \ + echo -n '$($1_repo)|$($1_commit_hash)' > "$$@"; \ fi - if [ -d patches/$($1_patch_name) ] && \ - [ -r patches/$($1_patch_name) ] ; then \ - for patch in patches/$($1_patch_name)/*.patch ; do \ - echo "Applying patch file : $$$$patch " ; \ + if [ ! -e "$(build)/$($1_base_dir)/.patched" ]; then \ + if [ -r patches/$($1_patch_name).patch ]; then \ ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ - < $$$$patch \ + < patches/$($1_patch_name).patch \ || exit 1 ; \ - done ; \ + fi && \ + if [ -d patches/$($1_patch_name) ] && \ + [ -r patches/$($1_patch_name) ] ; then \ + for patch in patches/$($1_patch_name)/*.patch ; do \ + echo "Applying patch file : $$$$patch " ; \ + ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ + < $$$$patch \ + || exit 1 ; \ + done ; \ + fi && \ + touch "$(build)/$($1_base_dir)/.patched"; \ fi - @touch "$$@" else $(eval $1_patch_version ?= $($1_version)) $(eval $1_patch_name = $1-$($1_patch_version)) @@ -473,6 +498,7 @@ bin_modules-$(CONFIG_UTIL_LINUX) += util-linux bin_modules-$(CONFIG_OPENSSL) += openssl bin_modules-$(CONFIG_TPM2_TOOLS) += tpm2-tools bin_modules-$(CONFIG_BASH) += bash +bin_modules-$(CONFIG_POWERPC_UTILS) += powerpc-utils $(foreach m, $(bin_modules-y), \ $(call map,initrd_bin_add,$(call bins,$m)) \ diff --git a/boards/talos-2/talos-2.config b/boards/talos-2/talos-2.config index 36239166..ad4347bc 100644 --- a/boards/talos-2/talos-2.config +++ b/boards/talos-2/talos-2.config @@ -23,6 +23,7 @@ CONFIG_GPG2=y CONFIG_PCIUTILS=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_POWERPC_UTILS=y #Whiptail in console mode CONFIG_SLANG=y @@ -45,7 +46,7 @@ export CONFIG_BOOT_REQ_HASH=n export CONFIG_BOOT_REQ_ROLLBACK=n export CONFIG_BOOT_KERNEL_REMOVE="quiet" export CONFIG_BOOT_KERNEL_ADD="console=tty0 console=hvc0 rootdelay=3 rootwait panic=10" -export CONFIG_BOOT_DEV="/dev/sda1" +export CONFIG_BOOT_DEV="/dev/nvme0n1p2" export CONFIG_BOARD_NAME="Talos 2" export CONFIG_FLASHROM_OPTIONS="--noverify-all -p linux_mtd" diff --git a/config/linux-talos-2.config b/config/linux-talos-2.config index f3695a5c..bce84fec 100644 --- a/config/linux-talos-2.config +++ b/config/linux-talos-2.config @@ -175,13 +175,14 @@ CONFIG_NLS_ASCII=y CONFIG_NLS_ISO8859_1=y CONFIG_NLS_UTF8=y CONFIG_SECURITY=y -CONFIG_IMA=y CONFIG_EVM=y +CONFIG_SECURITYFS=y CONFIG_CRYPTO_ECB=y CONFIG_CRYPTO_CMAC=y CONFIG_CRYPTO_MD4=y CONFIG_CRYPTO_ARC4=y CONFIG_CRYPTO_DES=y +CONFIG_TCG_TPM=y # CONFIG_CRYPTO_HW is not set CONFIG_PRINTK_TIME=y CONFIG_MAGIC_SYSRQ=y diff --git a/initrd/bin/seal-totp b/initrd/bin/seal-totp index d9608890..c67a574d 100755 --- a/initrd/bin/seal-totp +++ b/initrd/bin/seal-totp @@ -30,12 +30,17 @@ dd \ secret="`base32 < $TOTP_SECRET`" pcrf="/tmp/secret/pcrf.bin" +DEBUG "Sealing TOTP with actual state of PCR0-4)" tpmr pcrread 0 "$pcrf" tpmr pcrread -a 1 "$pcrf" tpmr pcrread -a 2 "$pcrf" tpmr pcrread -a 3 "$pcrf" -# pcr 4 is expected to be zero (boot mode: init) -dd if=/dev/zero bs="$(tpmr pcrsize)" count=1 status=none >> "$pcrf" +DEBUG "Sealing TOTP with actual state of PCR4 (Going to recovery shell extends PCR4)" +# pcr 4 is expected to either: +# zero on bare coreboot+linuxboot on x86 (boot mode: init) +# already extended on ppc64 per BOOTKERNEL (skiboot) which boots heads. +#We expect the PCR4 to be in the right state at unattended unseal operation +tpmr pcrread -a 4 "$pcrf" # pcr 5 (kernel modules loaded) is not measured at sealing/unsealing of totp DEBUG "Sealing TOTP neglecting PCR5 involvement (Dynamically loaded kernel modules are not firmware integrity attestation related)" # pcr 6 (drive luks header) is not measured at sealing/unsealing of totp diff --git a/initrd/bin/talos-init b/initrd/bin/talos-init index 3dbb7400..956f227f 100755 --- a/initrd/bin/talos-init +++ b/initrd/bin/talos-init @@ -8,6 +8,10 @@ devmem 0x80060300D0010081 8 254 devmem 0x80060300D0010082 8 254 +# Disable fast-reset which doesn't reset TPM and results in different values of +# PRCs every time. +nvram -p ibm,skiboot --update-config fast-reset=0 + # Alias for cbmem to remove need for '-f' option in every call echo "alias cbmem='cbmem -f /sys/firmware/cbmem'" >> $HOME/.profile export ENV=$HOME/.profile diff --git a/modules/coreboot b/modules/coreboot index 77d0f629..e66e0139 100644 --- a/modules/coreboot +++ b/modules/coreboot @@ -43,7 +43,8 @@ else ifeq "$(CONFIG_COREBOOT_VERSION)" "4.19" EXTRA_FLAGS := -fdebug-prefix-map=$(pwd)=heads -gno-record-gcc-switches -Wno-error=packed-not-aligned -Wno-error=address-of-packed-member else ifeq "$(CONFIG_COREBOOT_VERSION)" "talos_2" coreboot_version = git - coreboot_commit_hash = b2d4cc237c51b84c0b465976a56c6deb21b9f263 + coreboot_patch_version = talos_2 + coreboot_commit_hash = 068ad520e4ae898d356add72ea7d2a13913b76ab coreboot_repo := https://github.com/Dasharo/coreboot else diff --git a/modules/powerpc-utils b/modules/powerpc-utils new file mode 100644 index 00000000..dc19d13f --- /dev/null +++ b/modules/powerpc-utils @@ -0,0 +1,27 @@ +modules-$(CONFIG_POWERPC_UTILS) += powerpc-utils + +powerpc-utils_version := 1.3.5 +powerpc-utils_dir := powerpc-utils-$(powerpc-utils_version) +powerpc-utils_tar := powerpc-utils-$(powerpc-utils_version).tar.gz +powerpc-utils_url := https://github.com/ibm-power-utilities/powerpc-utils/archive/v$(powerpc-utils_version)/$(powerpc-utils_tar) +powerpc-utils_hash := 77efe3978ac9c251c4728a35b9aebd6076583939a8e26cc7f07ffa86432a8bf0 + +powerpc-utils_configure := \ + ./autogen.sh && \ + $(CROSS_TOOLS) \ + CFLAGS="-Os" \ + ./configure \ + --host $(MUSL_ARCH)-elf-linux \ + --prefix "/" \ + --without-systemd \ + --without-librtas + +powerpc-utils_target := \ + $(MAKE_JOBS) \ + $(CROSS_TOOLS) \ + DESTDIR="$(INSTALL)" \ + install + +powerpc-utils_output := src/nvram + +powerpc-utils_depends := $(musl_dep) diff --git a/patches/coreboot-talos_2/0001-Use-usr-bin-env-in-skiboot.patch b/patches/coreboot-talos_2/0001-Use-usr-bin-env-in-skiboot.patch new file mode 100644 index 00000000..a28327cf --- /dev/null +++ b/patches/coreboot-talos_2/0001-Use-usr-bin-env-in-skiboot.patch @@ -0,0 +1,321 @@ +Use /usr/bin/env in skiboot's shebangs + +diff --git a/payloads/external/skiboot/Makefile b/payloads/external/skiboot/Makefile +index e4db9bb5616..8ce85049afe 100644 +--- a/payloads/external/skiboot/Makefile ++++ b/payloads/external/skiboot/Makefile +@@ -22,6 +22,7 @@ $(skiboot_elf): | $(skiboot_dir) $(build_dir) + $(skiboot_dir): + git clone $(skiboot_git_repo) $(skiboot_dir) + git -C $(skiboot_dir) checkout $(skiboot_revision) ++ git -C $(skiboot_dir) apply $(CURDIR)/patches/*.patch + + $(build_dir): + mkdir -p $(build_dir) +diff --git a/payloads/external/skiboot/patches/0001-Update-shebangs-to-use-usr-bin-env.patch b/payloads/external/skiboot/patches/0001-Update-shebangs-to-use-usr-bin-env.patch +new file mode 100644 +index 00000000000..23e6d80514d +--- /dev/null ++++ b/payloads/external/skiboot/patches/0001-Update-shebangs-to-use-usr-bin-env.patch +@@ -0,0 +1,301 @@ ++From fcdc09787c255ea43a0efc035e6e346b4b2c161a Mon Sep 17 00:00:00 2001 ++From: Sergii Dmytruk ++Date: Fri, 9 Jun 2023 20:40:09 +0300 ++Subject: [PATCH] Update shebangs to use /usr/bin/env ++ ++Signed-off-by: Sergii Dmytruk ++--- ++ external/boot-tests/boot_test.sh | 2 +- ++ external/boot-tests/extract_gcov.sh | 2 +- ++ external/gard/test/add_test.sh | 2 +- ++ external/npu/run_procedure.sh | 2 +- ++ external/pflash/build-all-arch.sh | 2 +- ++ external/read_esel.sh | 2 +- ++ hdata/test/dtdiff_wrap.sh | 2 +- ++ libstb/sign-with-local-keys.sh | 2 +- ++ make_version.sh | 2 +- ++ opal-ci/build-centos7.sh | 2 +- ++ opal-ci/build-docs.sh | 2 +- ++ opal-ci/build-fedora29.sh | 2 +- ++ opal-ci/build-qemu-powernv.sh | 2 +- ++ opal-ci/build-ubuntu-16.04.sh | 2 +- ++ opal-ci/build-ubuntu-18.04.sh | 2 +- ++ opal-ci/build-ubuntu-latest.sh | 2 +- ++ opal-ci/install-deps-qemu-powernv.sh | 2 +- ++ test/hello_world/run_mambo_hello_world.sh | 2 +- ++ test/hello_world/run_mambo_p9_hello_world.sh | 2 +- ++ test/hello_world/run_qemu_hello_world.sh | 2 +- ++ test/make-boot-coverage-report.sh | 2 +- ++ test/run.sh | 2 +- ++ test/run_mambo_boot_test.sh | 2 +- ++ test/run_qemu_boot_test.sh | 2 +- ++ test/sreset_world/run_mambo_p9_sreset.sh | 2 +- ++ test/sreset_world/run_mambo_sreset.sh | 2 +- ++ 26 files changed, 26 insertions(+), 26 deletions(-) ++ mode change 100644 => 100755 external/read_esel.sh ++ ++diff --git a/external/boot-tests/boot_test.sh b/external/boot-tests/boot_test.sh ++index 233467c2..ade47f13 100755 ++--- a/external/boot-tests/boot_test.sh +++++ b/external/boot-tests/boot_test.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ # Lets try for /bin/sh but bashisms will sneak in. ++ ++ # partial bash strict mode ++diff --git a/external/boot-tests/extract_gcov.sh b/external/boot-tests/extract_gcov.sh ++index c40e01e5..0c2f8ae5 100755 ++--- a/external/boot-tests/extract_gcov.sh +++++ b/external/boot-tests/extract_gcov.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ if [ "$SKIBOOT_GCOV" != 1 ]; then ++ echo "Skipping GCOV test on physical hardware. Enable with SKIBOOT_GCOV=1" ++diff --git a/external/gard/test/add_test.sh b/external/gard/test/add_test.sh ++index 8e773609..b401414c 100755 ++--- a/external/gard/test/add_test.sh +++++ b/external/gard/test/add_test.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash -uex +++#!/usr/bin/env bash ++ # ++ # this is a really dumb script for auto-generating test cases from known good-data ++ # ++diff --git a/external/npu/run_procedure.sh b/external/npu/run_procedure.sh ++index f61ec8d4..6605c883 100755 ++--- a/external/npu/run_procedure.sh +++++ b/external/npu/run_procedure.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ # Copyright 2016 IBM Corp. ++ # ++diff --git a/external/pflash/build-all-arch.sh b/external/pflash/build-all-arch.sh ++index 5974fbce..ef709c57 100755 ++--- a/external/pflash/build-all-arch.sh +++++ b/external/pflash/build-all-arch.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ # ++ # Script to build all pflash backends ++ # ++diff --git a/external/read_esel.sh b/external/read_esel.sh ++old mode 100644 ++new mode 100755 ++index 492fbce1..872d8cbf ++--- a/external/read_esel.sh +++++ b/external/read_esel.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ # Copyright 2013-2014 IBM Corp. ++ # ++ # Licensed under the Apache License, Version 2.0 (the "License"); ++diff --git a/hdata/test/dtdiff_wrap.sh b/hdata/test/dtdiff_wrap.sh ++index 75c18baf..55cd016b 100755 ++--- a/hdata/test/dtdiff_wrap.sh +++++ b/hdata/test/dtdiff_wrap.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ # Takes /dev/stdin as dtb, saves to file, does dtdiff ++ # Also runs parameter through a dts->dtb->dts conversion ++diff --git a/libstb/sign-with-local-keys.sh b/libstb/sign-with-local-keys.sh ++index b78a079b..164e53a1 100755 ++--- a/libstb/sign-with-local-keys.sh +++++ b/libstb/sign-with-local-keys.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ PAYLOAD=$1 ++ OUTPUT=$2 ++diff --git a/make_version.sh b/make_version.sh ++index 59fe01c7..fa8bdb44 100755 ++--- a/make_version.sh +++++ b/make_version.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ usage() { ++ echo "$0 [ prefix ]" ++diff --git a/opal-ci/build-centos7.sh b/opal-ci/build-centos7.sh ++index 79b4c2e9..96dcad00 100755 ++--- a/opal-ci/build-centos7.sh +++++ b/opal-ci/build-centos7.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ set -uo pipefail ++ set -e ++diff --git a/opal-ci/build-docs.sh b/opal-ci/build-docs.sh ++index 817773bf..3f56b61c 100644 ++--- a/opal-ci/build-docs.sh +++++ b/opal-ci/build-docs.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ set -uo pipefail ++ set -e ++diff --git a/opal-ci/build-fedora29.sh b/opal-ci/build-fedora29.sh ++index 56099d28..3b1c63a4 100755 ++--- a/opal-ci/build-fedora29.sh +++++ b/opal-ci/build-fedora29.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ set -uo pipefail ++ set -e ++diff --git a/opal-ci/build-qemu-powernv.sh b/opal-ci/build-qemu-powernv.sh ++index 904f0e67..8c6ba96c 100755 ++--- a/opal-ci/build-qemu-powernv.sh +++++ b/opal-ci/build-qemu-powernv.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ set -e ++ set -vx ++ ++diff --git a/opal-ci/build-ubuntu-16.04.sh b/opal-ci/build-ubuntu-16.04.sh ++index 39fb3f1c..cffbfdfc 100755 ++--- a/opal-ci/build-ubuntu-16.04.sh +++++ b/opal-ci/build-ubuntu-16.04.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ set -uo pipefail ++ set -e ++diff --git a/opal-ci/build-ubuntu-18.04.sh b/opal-ci/build-ubuntu-18.04.sh ++index 6fd755f3..dde32b12 100755 ++--- a/opal-ci/build-ubuntu-18.04.sh +++++ b/opal-ci/build-ubuntu-18.04.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ set -uo pipefail ++ set -e ++diff --git a/opal-ci/build-ubuntu-latest.sh b/opal-ci/build-ubuntu-latest.sh ++index 16c33a9f..099b5c5c 100755 ++--- a/opal-ci/build-ubuntu-latest.sh +++++ b/opal-ci/build-ubuntu-latest.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ set -uo pipefail ++ set -e ++diff --git a/opal-ci/install-deps-qemu-powernv.sh b/opal-ci/install-deps-qemu-powernv.sh ++index a67daf40..506c9470 100755 ++--- a/opal-ci/install-deps-qemu-powernv.sh +++++ b/opal-ci/install-deps-qemu-powernv.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ set -e ++ sudo apt-get -y install eatmydata ++ sudo eatmydata apt-get -y install gcc python g++ pkg-config \ ++diff --git a/test/hello_world/run_mambo_hello_world.sh b/test/hello_world/run_mambo_hello_world.sh ++index 54d445b1..a5bb99ad 100755 ++--- a/test/hello_world/run_mambo_hello_world.sh +++++ b/test/hello_world/run_mambo_hello_world.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ ++ if [ -z "$MAMBO_PATH" ]; then ++diff --git a/test/hello_world/run_mambo_p9_hello_world.sh b/test/hello_world/run_mambo_p9_hello_world.sh ++index 9560527a..45f3eaa6 100755 ++--- a/test/hello_world/run_mambo_p9_hello_world.sh +++++ b/test/hello_world/run_mambo_p9_hello_world.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ if [ -z "$P9MAMBO_PATH" ]; then ++ P9MAMBO_PATH=/opt/ibm/systemsim-p9/ ++diff --git a/test/hello_world/run_qemu_hello_world.sh b/test/hello_world/run_qemu_hello_world.sh ++index 4f12958d..b1a70d62 100755 ++--- a/test/hello_world/run_qemu_hello_world.sh +++++ b/test/hello_world/run_qemu_hello_world.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ QEMU_ARGS="-M powernv -nographic -device ipmi-bmc-sim,id=bmc0 -device isa-ipmi-bt,bmc=bmc0,irq=10" ++ ++diff --git a/test/make-boot-coverage-report.sh b/test/make-boot-coverage-report.sh ++index 210880ee..0bdeff15 100755 ++--- a/test/make-boot-coverage-report.sh +++++ b/test/make-boot-coverage-report.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ # We cheat and do this in a shell script so I don't go Makefile crazy. ++ ++diff --git a/test/run.sh b/test/run.sh ++index e159bd30..8c28e222 100755 ++--- a/test/run.sh +++++ b/test/run.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ t=$(mktemp) || exit 1 ++ ++diff --git a/test/run_mambo_boot_test.sh b/test/run_mambo_boot_test.sh ++index adff1804..675138d9 100755 ++--- a/test/run_mambo_boot_test.sh +++++ b/test/run_mambo_boot_test.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ ++ if [ -z "$MAMBO_PATH" ]; then ++diff --git a/test/run_qemu_boot_test.sh b/test/run_qemu_boot_test.sh ++index db657eed..8fe751f7 100755 ++--- a/test/run_qemu_boot_test.sh +++++ b/test/run_qemu_boot_test.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ QEMU_ARGS="-M powernv -m 3G -nographic -device ipmi-bmc-sim,id=bmc0 -device isa-ipmi-bt,bmc=bmc0,irq=10" ++ ++diff --git a/test/sreset_world/run_mambo_p9_sreset.sh b/test/sreset_world/run_mambo_p9_sreset.sh ++index 926ce3e4..25e95365 100755 ++--- a/test/sreset_world/run_mambo_p9_sreset.sh +++++ b/test/sreset_world/run_mambo_p9_sreset.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ if [ -z "$P9MAMBO_PATH" ]; then ++ P9MAMBO_PATH=/opt/ibm/systemsim-p9/ ++diff --git a/test/sreset_world/run_mambo_sreset.sh b/test/sreset_world/run_mambo_sreset.sh ++index 8fba5eb9..6192aa4f 100755 ++--- a/test/sreset_world/run_mambo_sreset.sh +++++ b/test/sreset_world/run_mambo_sreset.sh ++@@ -1,4 +1,4 @@ ++-#!/bin/bash +++#!/usr/bin/env bash ++ ++ ++ if [ -z "$MAMBO_PATH" ]; then ++-- ++2.35.8 ++ diff --git a/patches/powerpc-utils-1.3.5.patch b/patches/powerpc-utils-1.3.5.patch new file mode 100644 index 00000000..35b27cdb --- /dev/null +++ b/patches/powerpc-utils-1.3.5.patch @@ -0,0 +1,17 @@ +AC_FUNC_MALLOC somehow fails to find malloc(), so drop the check + +Weirdly, it doesn't fail configuration, but instead adds -Dmalloc=rpl_malloc +and fails linking. + +diff --git a/configure.ac.orig b/configure.ac +index a7be3ee95c..74aade323b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -33,7 +33,6 @@ AC_TYPE_UINT8_T + # Checks for library functions. + AC_FUNC_FORK + AC_FUNC_LSTAT_FOLLOWS_SLASHED_SYMLINK +-AC_FUNC_MALLOC + AC_FUNC_MKTIME + AC_CHECK_FUNCS([memset strchr strcspn strdup strerror strrchr strstr strtol strtoul strtoull gettimeofday]) +