From de5cc493662ed55b61c2e4de231589ca090528ff Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 2 Oct 2024 17:23:20 -0400 Subject: [PATCH] fetch_git_signing_keys.sh: an attempt to store known signing keys and show which ones are not publicly available (unfound_keys_users.txt) Signed-off-by: Thierry Laurion --- git_signing_keys/README.md | 10 + git_signing_keys/error_log.txt | 187 + git_signing_keys/fetch_git_signing_keys.sh | 86 + git_signing_keys/keys.txt | 39 + ...0FFC139F57AACE3E946186BB2ED46ACD2C6CF7.asc | 30 + ...52DFD7727000734B9A53BD365ED1E014824647.asc | 121 + .../keys/key_0A59C698920806EB.asc | 359 + .../keys/key_0F948052DDECBE68.asc | 472 + ...33C1225C1B41AFC46B33EBEB03A691DB2F0833.asc | 51 + .../keys/key_4AEE18F83AFDEB23.asc | 24 + ...6E8D948B90871EF9AE2FAC91AB3245B1D14ABD.asc | 220 + ...3C8D614C0D2CA978C43AF2FD14C4672CA7D2C5.asc | 143 + ...5F80D1599EA6D2C70AA9A19A53E1BB3FF00461.asc | 86 + ...FABA8B40366BFFC88176A52B4A4BE581022A54.asc | 76 + ...E40F3DE2ECB70D746863563FBAF0E7D81427AB.asc | 51 + ...D0526BD96AE6338E6257BDA8853020E8EE6FBA.asc | 75 + ...75583D172140AF4A6B10186CD35B07297B3CF9.asc | 52 + ...8184069239FF65DE0BCD7DD9BAE35991DE5B22.asc | 277 + ...35540225E98BDBC82491B41E9C3CA91AE25114.asc | 41 + ...6066CF922E52796F187ABE2BBB776A35B978FD.asc | 51 + ...444D06D3CAFA92F68A21E679C78E6659DB658F.asc | 50 + ...C74E341054A169CE52BE5FB65BFE540DEF86C0.asc | 472 + ...66C89569895C0B86D598D09963C36AAC3B2B46.asc | 52 + .../keys/key_AAFC4B34BBEBB31C.asc | 39 + ...F4B7893D4D05C8F18069BAE7B4A71658E36A93.asc | 525 + .../keys/key_B5690EEEBB952194.asc | 28 + .../keys/key_B65BFE540DEF86C0.asc | 472 + ...E32619E2F71736F5910BB144CB2D868DD16BDA.asc | 43 + ...25FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3.asc | 89 + ...57D2B23F605B99A3E297760F948052DDECBE68.asc | 472 + ...ACBC6CFCCA7A99779FB69127B829528903C906.asc | 54 + ...53996957F0D56EE54D6F72555577116BFA74B9.asc | 101 + ...1AB4639F52FF4B8E302151902C199C68C4B327.asc | 41 + git_signing_keys/not_found_keys.txt | 10 + git_signing_keys/signatures.txt | 40666 ++++++++++++++++ git_signing_keys/success_log.txt | 29 + git_signing_keys/unfound_keys_users.txt | 10 + 37 files changed, 45604 insertions(+) create mode 100644 git_signing_keys/README.md create mode 100644 git_signing_keys/error_log.txt create mode 100755 git_signing_keys/fetch_git_signing_keys.sh create mode 100644 git_signing_keys/keys.txt create mode 100644 git_signing_keys/keys/key_080FFC139F57AACE3E946186BB2ED46ACD2C6CF7.asc create mode 100644 git_signing_keys/keys/key_0A52DFD7727000734B9A53BD365ED1E014824647.asc create mode 100644 git_signing_keys/keys/key_0A59C698920806EB.asc create mode 100644 git_signing_keys/keys/key_0F948052DDECBE68.asc create mode 100644 git_signing_keys/keys/key_1533C1225C1B41AFC46B33EBEB03A691DB2F0833.asc create mode 100644 git_signing_keys/keys/key_4AEE18F83AFDEB23.asc create mode 100644 git_signing_keys/keys/key_4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD.asc create mode 100644 git_signing_keys/keys/key_523C8D614C0D2CA978C43AF2FD14C4672CA7D2C5.asc create mode 100644 git_signing_keys/keys/key_575F80D1599EA6D2C70AA9A19A53E1BB3FF00461.asc create mode 100644 git_signing_keys/keys/key_5EFABA8B40366BFFC88176A52B4A4BE581022A54.asc create mode 100644 git_signing_keys/keys/key_64E40F3DE2ECB70D746863563FBAF0E7D81427AB.asc create mode 100644 git_signing_keys/keys/key_79D0526BD96AE6338E6257BDA8853020E8EE6FBA.asc create mode 100644 git_signing_keys/keys/key_7C75583D172140AF4A6B10186CD35B07297B3CF9.asc create mode 100644 git_signing_keys/keys/key_868184069239FF65DE0BCD7DD9BAE35991DE5B22.asc create mode 100644 git_signing_keys/keys/key_8735540225E98BDBC82491B41E9C3CA91AE25114.asc create mode 100644 git_signing_keys/keys/key_8D6066CF922E52796F187ABE2BBB776A35B978FD.asc create mode 100644 git_signing_keys/keys/key_A2444D06D3CAFA92F68A21E679C78E6659DB658F.asc create mode 100644 git_signing_keys/keys/key_A6C74E341054A169CE52BE5FB65BFE540DEF86C0.asc create mode 100644 git_signing_keys/keys/key_A766C89569895C0B86D598D09963C36AAC3B2B46.asc create mode 100644 git_signing_keys/keys/key_AAFC4B34BBEBB31C.asc create mode 100644 git_signing_keys/keys/key_ACF4B7893D4D05C8F18069BAE7B4A71658E36A93.asc create mode 100644 git_signing_keys/keys/key_B5690EEEBB952194.asc create mode 100644 git_signing_keys/keys/key_B65BFE540DEF86C0.asc create mode 100644 git_signing_keys/keys/key_C7E32619E2F71736F5910BB144CB2D868DD16BDA.asc create mode 100644 git_signing_keys/keys/key_D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3.asc create mode 100644 git_signing_keys/keys/key_E157D2B23F605B99A3E297760F948052DDECBE68.asc create mode 100644 git_signing_keys/keys/key_E8ACBC6CFCCA7A99779FB69127B829528903C906.asc create mode 100644 git_signing_keys/keys/key_F553996957F0D56EE54D6F72555577116BFA74B9.asc create mode 100644 git_signing_keys/keys/key_FB1AB4639F52FF4B8E302151902C199C68C4B327.asc create mode 100644 git_signing_keys/not_found_keys.txt create mode 100644 git_signing_keys/signatures.txt create mode 100644 git_signing_keys/success_log.txt create mode 100644 git_signing_keys/unfound_keys_users.txt diff --git a/git_signing_keys/README.md b/git_signing_keys/README.md new file mode 100644 index 00000000..63e8680e --- /dev/null +++ b/git_signing_keys/README.md @@ -0,0 +1,10 @@ +This is a simple script permitting to go through each commit and try to get keys from randomly selected servers from a list. + +- Individual key found are stored under keys/key_* +- Unfound key IDs are under not_found_keys.txt +- Unfound key users are under unfound_keys_users.txt + +The last file is important, since it shows that some commits previously found cannot be verified. + +As stated under https://github.com/linuxboot/heads/issues/1794#issuecomment-2389524366, one has to remember that for each git commit, the whole git tree is being signed by latest git commit signee. +But with public keys not being found easily from gpg key servers, some older commits with expired/revoked keys will look odd doing `git log --show-signature` diff --git a/git_signing_keys/error_log.txt b/git_signing_keys/error_log.txt new file mode 100644 index 00000000..5b50099c --- /dev/null +++ b/git_signing_keys/error_log.txt @@ -0,0 +1,187 @@ +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Failed to retrieve key 07609BDE4C8AEAB90F6EFCA94CA7B2A5D5C92A9C from hkp://pgp.surfnet.nl +Server hkp://keyserver.freenet.de could not be reached. +Failed to retrieve key 07609BDE4C8AEAB90F6EFCA94CA7B2A5D5C92A9C from hkp://keys.openpgp.org +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key 0A52DFD7727000734B9A53BD365ED1E014824647 from hkp://pgp.surfnet.nl +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 from hkp://pgp.surfnet.nl +Failed to retrieve key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 from hkp://keys.openpgp.org +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Failed to retrieve key 1705719801234567 from hkp://pgp.surfnet.nl +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key 1705719801234567 from hkp://keys.openpgp.org +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Failed to retrieve key 3A07364F010D7C71552FAFA687F342A528DFD8E5 from hkp://pgp.surfnet.nl +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Failed to retrieve key 3A07364F010D7C71552FAFA687F342A528DFD8E5 from hkp://keys.openpgp.org +Server hkp://pgp.mit.edu could not be reached. +Failed to retrieve key 3E3D140D4439F0659D4A8FED20C3618D656E7853 from hkp://pgp.surfnet.nl +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key 3E3D140D4439F0659D4A8FED20C3618D656E7853 from hkp://keys.openpgp.org +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Failed to retrieve key 48579AA47429663E from hkp://pgp.surfnet.nl +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key 48579AA47429663E from hkp://keys.openpgp.org +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Failed to retrieve key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 from hkp://pgp.surfnet.nl +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key 5EFABA8B40366BFFC88176A52B4A4BE581022A54 from hkp://keys.openpgp.org +Failed to retrieve key 5FCA029DCAB21268 from hkp://pgp.surfnet.nl +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Failed to retrieve key 5FCA029DCAB21268 from hkp://keys.openpgp.org +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key 687A5005935B1533 from hkp://keys.openpgp.org +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Failed to retrieve key 687A5005935B1533 from hkp://pgp.surfnet.nl +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Failed to retrieve key 7C75583D172140AF4A6B10186CD35B07297B3CF9 from hkp://pgp.surfnet.nl +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Failed to retrieve key 924C1CD7C19D95FE7A577D2848579AA47429663E from hkp://keys.openpgp.org +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Failed to retrieve key 924C1CD7C19D95FE7A577D2848579AA47429663E from hkp://pgp.surfnet.nl +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Failed to retrieve key A766C89569895C0B86D598D09963C36AAC3B2B46 from hkp://keys.openpgp.org +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Failed to retrieve key C7CFA251FF608213 from hkp://keys.openpgp.org +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key C7CFA251FF608213 from hkp://pgp.surfnet.nl +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Failed to retrieve key C7E32619E2F71736F5910BB144CB2D868DD16BDA from hkp://keys.openpgp.org +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keys.gnupg.net could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.freenet.de could not be reached. +Server hkp://pgp.mit.edu could not be reached. +Server hkp://keyserver.cryptonomica.com could not be reached. +Server hkp://keyserver.pgp.com could not be reached. +Server hkp://keyserver.kjsl.com could not be reached. +Server hkp://keyserver.ubuntu.com could not be reached. diff --git a/git_signing_keys/fetch_git_signing_keys.sh b/git_signing_keys/fetch_git_signing_keys.sh new file mode 100755 index 00000000..eed08b63 --- /dev/null +++ b/git_signing_keys/fetch_git_signing_keys.sh @@ -0,0 +1,86 @@ +#!/bin/bash + +# Check if gpg is installed +if ! command -v gpg &> /dev/null; then + echo "gpg could not be found. Please install gpg and try again." + exit 1 +fi + +# Check if git is installed +if ! command -v git &> /dev/null; then + echo "git could not be found. Please install git and try again." + exit 1 +fi + +# Remove existing artifacts +rm -f signatures.txt keys.txt not_found_keys.txt error_log.txt success_log.txt unfound_keys_users.txt +rm -rf keys + +# Extract signatures from git log +git log --show-signature > signatures.txt + +# Parse the signatures and extract unique keys +grep -oP 'using (RSA|DSA|ECDSA|EDDSA) key \K\w+' signatures.txt | sort | uniq > keys.txt + +# Define key servers to try +key_servers=( + "hkp://keyserver.ubuntu.com" + "hkp://keys.openpgp.org" + "hkp://pgp.mit.edu" + "hkp://keyserver.pgp.com" + "hkp://keys.gnupg.net" + "hkp://pgp.surfnet.nl" + "hkp://keyserver.cryptonomica.com" + "hkp://keyserver.freenet.de" + "hkp://keyserver.kjsl.com" +) + +# Function to shuffle array +shuffle() { + local i tmp size max rand + size=${#key_servers[*]} + max=$(( 32768 / size * size )) + for ((i=size-1; i>0; i--)); do + while (( (rand=RANDOM) >= max )); do :; done + rand=$(( rand % (i+1) )) + tmp=${key_servers[i]} + key_servers[i]=${key_servers[rand]} + key_servers[rand]=$tmp + done +} + +# Create keys directory +mkdir -p keys + +# Fetch and save the public keys from key servers +while read -r key; do + found=false + shuffle + # Extract user information for the key + user=$(grep -A3 -B3 "$key" signatures.txt | grep 'Author:' | head -n 1 | sed 's/Author: //') + if [ -z "$user" ]; then + user="Unknown" + fi + echo "Debug: Key = $key, User = $user" # Debugging statement + echo "Attempting to fetch key $key for user $user" + for server in "${key_servers[@]}"; do + echo "Trying server $server" + if ! ping -c 1 -W 1 "${server#*//}" &> /dev/null; then + echo "Server $server could not be reached." >> error_log.txt + continue + fi + if gpg --keyserver "$server" --recv-keys "$key"; then + gpg --export --armor "$key" > "keys/key_$key.asc" + found=true + echo "Successfully retrieved key $key from $server" >> success_log.txt + break + else + echo "Failed to retrieve key $key from $server" >> error_log.txt + fi + done + if [ "$found" = false ]; then + echo "Key $key not found on any key server." | tee -a not_found_keys.txt + echo "Key $key not found for user $user" >> unfound_keys_users.txt + fi +done < keys.txt + diff --git a/git_signing_keys/keys.txt b/git_signing_keys/keys.txt new file mode 100644 index 00000000..3fadb54e --- /dev/null +++ b/git_signing_keys/keys.txt @@ -0,0 +1,39 @@ +07609BDE4C8AEAB90F6EFCA94CA7B2A5D5C92A9C +080FFC139F57AACE3E946186BB2ED46ACD2C6CF7 +0A52DFD7727000734B9A53BD365ED1E014824647 +0A59C698920806EB +0F948052DDECBE68 +140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +1705719801234567 +3A07364F010D7C71552FAFA687F342A528DFD8E5 +3E3D140D4439F0659D4A8FED20C3618D656E7853 +48579AA47429663E +4AEE18F83AFDEB23 +4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +523C8D614C0D2CA978C43AF2FD14C4672CA7D2C5 +575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +5EFABA8B40366BFFC88176A52B4A4BE581022A54 +5FCA029DCAB21268 +64E40F3DE2ECB70D746863563FBAF0E7D81427AB +687A5005935B1533 +79D0526BD96AE6338E6257BDA8853020E8EE6FBA +7C75583D172140AF4A6B10186CD35B07297B3CF9 +868184069239FF65DE0BCD7DD9BAE35991DE5B22 +8735540225E98BDBC82491B41E9C3CA91AE25114 +8D6066CF922E52796F187ABE2BBB776A35B978FD +924C1CD7C19D95FE7A577D2848579AA47429663E +A2444D06D3CAFA92F68A21E679C78E6659DB658F +A6C74E341054A169CE52BE5FB65BFE540DEF86C0 +A766C89569895C0B86D598D09963C36AAC3B2B46 +AAFC4B34BBEBB31C +ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +B5690EEEBB952194 +B65BFE540DEF86C0 +C7CFA251FF608213 +C7E32619E2F71736F5910BB144CB2D868DD16BDA +D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3 +E157D2B23F605B99A3E297760F948052DDECBE68 +E8ACBC6CFCCA7A99779FB69127B829528903C906 +F553996957F0D56EE54D6F72555577116BFA74B9 +FB1AB4639F52FF4B8E302151902C199C68C4B327 diff --git a/git_signing_keys/keys/key_080FFC139F57AACE3E946186BB2ED46ACD2C6CF7.asc b/git_signing_keys/keys/key_080FFC139F57AACE3E946186BB2ED46ACD2C6CF7.asc new file mode 100644 index 00000000..9ae5a30a --- /dev/null +++ b/git_signing_keys/keys/key_080FFC139F57AACE3E946186BB2ED46ACD2C6CF7.asc @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFwGhroBEACysodv4GiKgZWEjmCb7W65r/5T5Pf//tfVZUGn+pJOX1n9ZtQ9 +WSLVMV8xSgaEb4Ht/BvpKCVlnjrl2w3/J17sQduAAoKx/qTsZVnD/4ouIF2Ar+r/ +jN9QJrKNtL3Mb3PwPCkbEjmZI2qrk7cd5/dEJ0XZaTA5msH/TlVyWC8JS+I3QLZV +nb0Vv2xTKi6+9d4uI/LQYAEULrZiA94egvfC1inyJK6RqvaAgbp+sFvnoUvHzCQN +vAMVcmI+RmfS496yTLFihWakv8kfopjCmHAwH7S/8eT1jAYq494F5ZEy6x0N7NRi +UZ5Ykx089rTvIH+GoDm8GRVq4H/rRf8j+ZZddYa8Nmgkwqern8a/C0S9qyga1hly +uoct+NL3RMv57bTdWeJT9tO6P672SHKMya39pY5Ppb623A1Pl+qAK7HmlCZNdz6J +F9rzyvYX/8cJrf9GCWkpj+lSQG4sRVrbZvKi4bnmdbkrspLiuBiFkPI4gW0WH4C9 ++C2g8dLpigwwpos++bP58NwQYK4HPB5R5IG7sHd3PMm40nd10NbRuh67BHsVUYd7 +4tv1dYielKVuytMjrA2yOcGUzaoVGwvtMyeXnUMalPZbUjulS7byP+Y97Js9ix8G +ibfqeVFwSE4MzH+zFOWqlMZRFkDVJ90CljMfDw09VGiOr4M5iIyNuINv0wARAQAB +tFBNYXJlayBNYXJjenlrb3dza2ktR8OzcmVja2kgKGNvZGUgc2lnbmluZyBrZXkp +IDxtYXJtYXJla0BpbnZpc2libGV0aGluZ3NsYWIuY29tPokCTgQTAQgAOBYhBAgP +/BOfV6rOPpRhhrsu1GrNLGz3BQJcBoa6AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4B +AheAAAoJELsu1GrNLGz35sQP/iv/KbZ7i5z5Y3L30nOwBZKgzCoiN4OLauLEJuUR +CcU4WKbKw1kuiSfjrTWTnK4Jk0VIVr6U7UQOr3zNzfyltSaattNjkvOYY+q4up25 +wKAvlOg61lml8y6XbrXY9IRr+zXKgbEacSdgNORyCJjFMrT+evufrSFDTS6joJuJ +lQmrZHTlGbi//3GlLNZ+OGwcRRFfq2LqEG6rQoqp6t5/QmXMFw8KBMaop1dt90TW +Ti5GyCjUtT4lTy15iTkh6C2QTphH3EbmNsybit+ZB7ATpO7ka+YkTDcHvYyOUcwj +/vH06aA44WgGPYVU2q2wXl2xYY44PEImd7fMgxPES1bcJssapU5ilByHfHRGOS8V +tBRxEYrmF2ACOt3LdHEg4n47uJROQhGBaoWjVmveDkKlI1ShveovdEo+fZQSBjsp +haZYHbhQaixHi+0Q+49zQjtQjo/AEnlS3J6A7NiBoxJWzMLGQfM+2kzHkMzTF7K2 +YzI1G7sTeKZjnO6YsJ4P7fPnGkd1AwbyzAkYoogAwf4WLbtBYvCOCTT4yDYtwSmr +zOp/DelSiRim+6Jn6bMNVhJVb7WnLTZMxJ46lpSf/rY+0D7X/4c8vo3/ZfoW0zD2 +leBVP1phn9GlVPLnH07ufNQ2IEXInF6wLnHP7s5ghuzlgRWva45DggWVCPuHHz6k +fa1c +=zAIz +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_0A52DFD7727000734B9A53BD365ED1E014824647.asc b/git_signing_keys/keys/key_0A52DFD7727000734B9A53BD365ED1E014824647.asc new file mode 100644 index 00000000..f0386429 --- /dev/null +++ b/git_signing_keys/keys/key_0A52DFD7727000734B9A53BD365ED1E014824647.asc @@ -0,0 +1,121 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGWlIikBEADWRveb6BN+GyOJ5ucHQFAvu0So2G2FIzknJ81BKzAqzR+WgF4z +23ddpXNvYBJVwwdO8lb14DpR+AqUxShRKBHjoSb7TnS77Cpg4hscqMN6VU8fpSty +s+2klcAGNrBjFPYkAOsNE09N4Vk92FVa1req6O15qfHWEGfwuTw7fIBdapQEGpf8 +QaGkfusxNQkI6L5CwhlvewTEmWmCw2Gr/u9uIjvr1cEZRhY6p7zmoSTXBWltDMin +jD8katG1xn3gu9fsDzAcCZLpQrf67TQFMeDLsUFnMv+5z3JbXCS/fS7KFGSCCDt4 +GjzbxagCn/S7OQFkITUx49r/sdqm8lbP2uWxjDfM8cWLiDJSsSBRkCD6V/mvvqqQ +8F87+u6uo0pS2V+wo8OFt24z+nj5uOs7AMh//It43rAbDH3hSrPhJmepcpWH0XSA +upd3+04FBChV9J6gYM2mglRSATZlyDFD20oU3X7fVRBqKAXD/BGXvBwvoUYzLruI +ZjVUZECcsO+3DTJZAo6nad5/26BtXc46h6/OpN7JSj1eFDpDWkAbOyqG9pnA8n8q +hHy+cPwQYuiSePcTtXhlcXdwa4BWbcmxAReaKkkNz8iWGoxtkNOsTYFvLFRdSQPv +YU+kox4Tp8JFs+D4FecThermD/NxbmOqFePqlqH3u4RPEFBHT18ODp/u4QARAQAB +tDVDaHJpc3RpYW4gRm9lcnN0ZXIgPGNocmlzdGlhbi5mb2Vyc3RlckBtYWlsZmVu +Y2UuY29tPokCTgQTAQoAOBYhBKGe8fvXJb4p+qYb98P7o2bJCI2WBQJlpSIpAhsD +BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEMP7o2bJCI2WAlIP/02TmDaO68Kq +3lcwUuGOj9mrsfqAL7HeW6AaqhM0PRskwUTPLKYIVD5ZqFQF08S85iBdrVMLyEiU +W6tXTZdNOx0aC99aEv93eGgfp0jEMT2Hj2fEkrxWaOtRYr3h4+8ax3T9jTwsx0/B +Xavc1DcE2KXiVshyTMXGmny2pPHpWi75IJsaY1hBcZ0P+4woG9Gb0lLKJdbnG78I +NZe9VZO2oUH+NVKRYouG4Y8d3KK4ZVF0pLKSnh6v5DDBmUykgB0eUv14hQMuIARc +bKkmoEGNGGutvpnqkM5jF+cNMc7ZbOGZA0vjYzY1TGs/rreI/+MVE0OZ85hmnT2l +wF8Pe+jl6jQdWpZcWUSs2nhkTtZDY/xkVwo3V47Q0BZqG89lwoJ/WaTxwOxCcNjm +sZ2pJdsFYeK0jSJ35RSodI8GrjNpJymw45OyxGhRDMWwtLQv5NtU1btT6sSaqg1L +A26pUjerr/iUAwUPP8A5mBDeTluSvkL9W4kXodHg+6kxbZ9UPypT64CRFTHkVgJ9 +lya9kE+Fui6quJpLa9dld6Ioy4iPTSl/mgHO8O99fUSD+dFYCN+RH/YJe2PQK+hS +Zy5EyW34qP1hjL03S41y+mxN5mHZSG7+4AL72EzGcVFNsQfbztiSFYfX2VeCl7X5 +LSSwRWVfl3s/5EtjbRNAkEWHM8rZoDPBuQINBGWlJfoBEACi221LGrVUwkGtY05Z +1fKjt4ELAhcPk1lADSpLJ6PPUXZOMZeyrY1KFDNYDznX1pvgkllfJtIMrbYzJxlc +AufzFHMGdGBqvAq4uovTP2571e8bMkivMayQ9MiGgPYzKG8nj56TdjwDsiYg+rxL +uqumDDrMJRAzGZo6HiFMyRtGKg1K7q9pTJ/Lh5w7AjxONNAD21pHgpkAHnz0PCVc +9lWZp8pushCmwu0N4TFpjXwk14dcFZ250ugTpttVyCscZ9oRY0xODyBKa4f8UGxM +6Z2JOaTRW1m8HLozlN6EdHeLHcCrHS5YrBAeKnd+fp7fF2ygcUWUCtlKGOklCWD7 +gpwcoT6M+9VagwO6rQqCiy1XDuCOgDlTghuMpmHUXTG2YGxlcznGFuYzQSceqgR+ +18GStPHLzXOa4A6xxhjF/ZgLht6DfXCDTK87hd/UDBncqzgJCTFabFDSZsLEqrNQ +X2nLEHe+xfQCugG1fUpZK1Btsz9Nn5/pDWi3oKOWhHoCQVau4cTqJuy3Chhix8mO +UF0b845k1ytluT+tXjuVssJlnhkymSOnSwMhlCrTXxznK8QKBDizjKYM4bVaYMX6 +SaaabBLGdpNalRiWeyYbCrumwKGEWBPo0UnVi3QMf16LBRQMwkEqO78VVpnFRoZs +LnZx7Z27imolm0VQ2ABtlUY1LQARAQABiQRyBBgBCgAmFiEEoZ7x+9clvin6phv3 +w/ujZskIjZYFAmWlJfoCGwIFCQlmAYACQAkQw/ujZskIjZbBdCAEGQEKAB0WIQQK +Ut/XcnAAc0uaU702XtHgFIJGRwUCZaUl+gAKCRA2XtHgFIJGR/a/EACIkutXP36Z +Unk0ducLHfturC/pFT4AXRu/ssChSrnklsMfbM0VHeJP0SDhC1VA7VDGSPJja4Dj +L6SeK2Lt9SOSntad0LVyd3m+h7RQqVU+DI036pgf0aAsGGxBPsMwTsQ3MM6WfH1E +FR5ndqXkQRz6l5ZV7mwyelGyfBvUVntMyHdm8THCY38I8y0wXAS9eIalMoSOHT6+ +q8tz/k/TUbbeCXtLc1BjhyKPxDlw9kH6z7qyj5ENQw56s5j/L/BIC2zeior9/84I +IAzLPTRan6tYY+ub8uhUWnirblDNpQWEf0CKhRJEiRbxBBlagM7rvTFf404ga5W5 +CXNun+t78/fRUJ0ZriaVS5TuuhG14wv9kCzDAM4HcPe2FNf7+2sIllhNVMO04O9B +sJewKxGH4tQmIYCSHo9fQjKRuc0b+0mE08/J3Oa3jsB7nQ9gldQMzsQcMFlJbL9m +kbprA4WWdok3gWzWFz5Iq5Iea4gMmGnu/tYHu7r7kMu5ViJtvfb9GjJMpPzXb1zd +CDlj8l4gqRYHCciahVZkI5VpU81W6Ombbp/IRDUbeEQ7FalstL1oTn43TmqHa0P4 +Kqh05JIrXRhLchTRRLspwTIl+4gk//H61RJwLjjSbWPzj+4Jve5V3n8rAXgSlPM8 +JS+X8EpuUJwxU6XiF9uj6ms8VylZFIK4RinrD/9JFSaU+pSaGC7VCiFgAJZl2YS7 +aVpApnkTJPd/bvUKX1q5Lk4qHR6N9sEuplXqS2MqBb3biq4AoeKaijFdb4U4bDTB +HX1Nj3Lm1in2IUoN0/5HW1rsF9JbbrdrpkVNmvgOAld72jFW6EeXg2FUZk3tHP08 +uBZve4JGtECPmnOo2PjdFZeFW1RvU6MeaxR2NfmWt/C9wfusRC6nYEZwJ1C2yKg5 +5TwXmXzuCjfBuL2ZzxLsG0Y3EfIgnWdeYdUARkIBjMOofpiJNeZMHuFF63Ti1D+5 +peGHkV6cYzAorwzVpNA8RUVypPw62KtIApMHcZqjHeSUYR/noLX63qOUhCARQmLM +p/L3o5+TBD7r6WPJrVQTv4taOUALqcI249lcy9BMPgHF7JvB8etAy3NAxjeMK81U +oihWonRroECNex4XZophv/g8Jn5UCF3MF/61u5P8vfMf09zstUmrSCx6b6vRC9R7 +kQN3iAxgvtG13ag3P80G3HelCMgSkvMF+A0IPDTe72cDnP9DsVv/lJPiR1ZTtJmT +EoyP8x4uBX9sX6Pq/GkAuLP1JLohp8kivhiQb4h5sXZe0hOFcCFcivSa6vuB+U4O +lhRfjUejXdvCeaN4/ygGAV4tJUzdoc3B8Vd8kTW7/OC3EepaUc1dj02hJUNZ4NLC +yiNqQjjitUprTkooJLkCDQRlpSXSARAAvDGzR7Ctnavv7jlDrXm/t0u3Kscus8fp +EwFcU8pl6YChI5j17XtS0/WwIvKLR+fKXuvmbi0f/B8JKciiY4azGNvJS+viKNs9 +JG649iKbaByxjhaygc1nU7DMm4yJG8FLax/b1wZBmpXAiWM0lP9zO/SqgExvaSCS +edecf2tCodCaKyeIfn+W1iuznGQ33XW6rzJ3dlHWzCoXMrUflyoW80wkwTV1HgH0 +aNysLrleIvc77E7vqxx/KZpXLCG2aG7ouBbh5VRnrysQZzXEgNjaY0cIBejYKRi6 +Shrr93AWLcbRgQAiRL2eGPOe6i/T+Y8URXPb8sXRa8ZYsRwro72FTwF6jAzfP/dH +K2jTLu05acWwK9rYSLj9ccqOSjMwMePAg44Y5dQAxEmMEGCQZqAOTHArXzxFqv3r +OBIiqSUYG94v+XLe8F6NBlqBRrJAT6p4jTJzGLwWxiVAiK7/EmehmXRAoaZBV8yI +nQd1fQnpb+ZoAGrn7AVxcxC3n0lVfGuZLq8+PytNekDxm4YtT84hkwB4RY/bsIkI +AXpBg5yqz7rrZPaX9xNfPsAAZNAVjTWqFZQff8YGV/xmdupqoIO+O+BDV/oSttbN +1JNGMo1Qnk6KCgql/3qUPV7a0b7b8vJ2eIvX33QT7n+iNOefn4jzst7bB/Ph3R9t +knVW5BcICkcAEQEAAYkEcgQYAQoAJhYhBKGe8fvXJb4p+qYb98P7o2bJCI2WBQJl +pSXSAhsCBQkJZgGAAkAJEMP7o2bJCI2WwXQgBBkBCgAdFiEEgsnEUD0DZ7N0cUZf +lkUhtDh7BeUFAmWlJdIACgkQlkUhtDh7BeV9Jg/+IQZYgQ7VkGC2Qz6EgQSvt+gf +VTaJhFZT/zlY+DGFhB/oYnx8Wr2f8yqn4Sq344WmoCmoNn+YtUVzaPs1/3pEZrMw +Aapdv5DEhxSJinQzrWIdSwXHltiPlnMxW3XTpNuk38usyq5Cfe8LU6w5hHenpnjn +d+mycBHt3XKFf+/DvLv93dlo0cZNzBzbc3fQhAHFGsy9xrTnvOOd5mt28YBq2d0b +9JKjKMlf56LxUEOcW4Tr5Oz5n7F8buLLF2t68M2rseASNpBHtfq31WCF/4TS7BgX +ZHiBkCxK1Y2iEkxyHhafpsJUb+GSiHlehAMRMX+fzY8/qU2mA0vtcADNn91crXeB +zEYgt4RXFeTwsVdNci07snJu/BKVor1+MxBXP7uUtTR1FZgv0h3yj2SyR57sZHbH +yR1llqVMMzST4hRGkbMZYux6cI/4TqTAzwCleFK4cobGDFm1dR4WYrElnL92q79J +JVTj1kKBeVmq2rxcYKfvHCdOo/bwAWMiKzF/v2cNb3jvMEqIluzjClEp+1LMUV3r +uCx3TuInXEaJ13njOMdx4Mpc+rPcHIJvms+oTMs670XGHbRFoxFfTZza1Ud8BZvf +ZsrZXFD+Vo/pjRbfFYhfcsDZInr9XpphD+1TH6AG7VaKZMJvCIMLdjlmQ9L3V2f2 +H/pDn76VnWKJPPTA2HAuBA/9GeCDjpKTKVBRDqDPBc678vXuooituMMwGr1hpiia +vXT7gBpeQRlRDWVXUjQJf2JueqWhoyfPBGaWbk7SPaBgHhBLy7OMiKSylhI4msJK +PzMI2heSzojheEpmzF5FMTBzyzT/WNWP7wLT/Cd1NCOnhdSwp5EtlRYm6xprOxEY +96EfvF5RJLMFoL/Y/AHruVHe4MlV9QY20HcbfWtvwJUix01OGOr5MQePgf+G//uv +jZLQ2Hq9LFqhGO1mjbptryELo6gPKHnq1L6pxMcxWTBiiroqLe/j6TUEPyKeYX/M +qJj7S5tixmc/sZ/G65NQcly8TiA/nv1RpPcJ817P4AVxJELE8LT61h7uOfm/yiNB +hqSnVPVYLaxV4mHoPNsomAyMW0OjpfSwNq+Cvz68NNh5RMlTs8SEsCGbeDJhpoAk +G7TKOu+dS5H1QsghQXVkqbQLsGWw/t8nNtvCTZFVYCTM0WRylEz+yIo50Gx6Yy3L +Vz4wDAOmJkcYUekSkhW8pLlY1ynVRnM6WLZ+BaSGppZkJVb4hkGN7YJiRSUqabLa +NaKX4hacYJDh9SRg6Zq2R1XGLGxxyAht+KGCMPHvaUvIIm09PdAiaLA4Er3Zyhze +q0L7MWo/q/76Js+svXH1DlhyNyVMBnI5thgza/8982SjOgCPOCNspoAymdjBDlUj +MTW5Ag0EZaUiKQEQAL3nvvFJIXNlWNLQXSF76TNCjDkDIAV6mXlt03CGfBBTK9iS +oEQp/xTHdI0IRf/8fG19RO5mBj41dExS/aMrsEvY19sSBs3hnSrteW/0MCgwuUxE +ynzJUuaYkGEzi+zh5ZXQjsNLLJ9ulpR4Ke9F68E72U5GKcA//tKA46owcg9qt6uI ++nHUggJFuXArhz7JxnZVprj5x4NxyFAireCij4/6914GE/WLKMv6Lx3T5p86heVR +TnM5EupU6lWBLdqMj/siRxm6OndPF9puKO/FphfS8ECWy6CE7znfpuASTJo9or1G +n7JhlaSinXrzbtBXYM3UmI87RDg7fmqMaMk3ia4i8n6xTZzmA3ADs+TW++jY/ub5 +9k2uNiiXLc2bNfhq4C7TWq25zhPLuBAWWS/KRni+f1E60h7czWGypIkDRe1NzjmW +SGLqLYwwJEsrAQuAN90lc6E99VD44ZCB+r9epsMvPnFlwAeXzJIUTd1c0Y6Fpziw +Nf40nl4EEa98x4T9qXm7B1LfoLp4UuJ6+JGEPXQTkn+6LAz7JZL1ZBWVTRuob6BY +g2wq17FJv6UL5zu72peGUR7wZeB0wIu1LOfOWf7qFOl0l7bsDiLAbMZDCSYZpmQc +39Rvdggnfd3iPKWWJQ9B55fsTP+3EAGohPaiQRYfz45pCDcQHpnJya8NMNgBABEB +AAGJAjYEGAEKACAWIQShnvH71yW+KfqmG/fD+6NmyQiNlgUCZaUiKQIbDAAKCRDD ++6NmyQiNllSpD/sGOZsS81LbUXfp2aFGzcx/AwbJJN6rZ4svLfhfqYMIxJL0bE+O +P+y7nCTG66QM4Chhl9TBAJxpEA5JEcWZ+1Fk7jrU4GwtzhDFy/VkxTQwXCj6z5Nl +GfBEwmRcopYY4bI+FeBx/PXaSuS8QjLm3dZl/IP5BQJrBaAnajLivB55+EEcj/47 +7ZDE4Y+TnilSkkiclc999iGRvLUNMmfX9j6THRsYzbLZQYWyhJv0Kia4/7TyczTC +ZN4b2JgtLr0ggz5wwdoXqSSkmBnZ8M/1ApZFBj8EYid/mg3tTw2nN+KM4apb0CB1 +uUCV2Fxy92Fdikh/q7P3VYu2VYERoTuACf4lj01YafdxccPvb0/3ulgJZ4g/YpH9 +GHzkECckf6F47xCurae/kUhK7d2mfa7sz5efH/F4au7d4tcGmEWFUVlwO7pBrh2P ++Gz6siUEi/DgUXmuk2lAFGCU6Yw+UtJTWr8xQq+aBs4tkYGk+FmZLvAIWFAlJlRJ +HF4bsBVweEMYBubfoWshVrhKxv3zwnTABsSDLvs37gAtxkIf/Wg/o8BzfhXxRnhv +X9VyNzbcH/sM8VksnHZWydia0GhHTRJoO9m/bsSzJx1djvOlGR3rUnvnsf5K2BZH +zSAbxzRFP+gcjHq7Rm3hvRwybxEeRzqpTqgAnxqMoeDzudXhK609oQrMdw== +=PpgF +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_0A59C698920806EB.asc b/git_signing_keys/keys/key_0A59C698920806EB.asc new file mode 100644 index 00000000..3495f713 --- /dev/null +++ b/git_signing_keys/keys/key_0A59C698920806EB.asc @@ -0,0 +1,359 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFcvsuwBEADMq/5IsoIDvK7OlWhF0UTIcmTzWL1E8OM407pUJhckSrMcCE2I +hvEev3GhIbj9t91jdFcb4TdBkYlPzCCMgs2HT3eAPXB3kIFZL8kjimu/KWroYF10 +VQQBs42gJV7tDhDsjATJcNF84utniR5momukQ8ZXhguZ4myIGm8PlkRSAkEBcE2r +GrEvB+a5+p+h46FAc/K4aiTfdg0t63derv1f1b1M63fmH7kZYItSzTI7yJDfJu/3 +svafJFtsCHlgiPdCqjERDz6yomkyEhCj51KqqEVuZ1C/sjIVM67wSkYaVOIUirfM +gsOvCDvhHxwCMDkzzHTps9msAu4iEh26bZMwMl24gv6xeUNxZxqXjvAN0iPfLiEJ +ITLHS/Z2ifYQUr8HjSsulQsyvG+mpOG5QnGIgDXjTxqVDEyK2XcmR5ZSHcR8ws0z +9b8G953nwxQha+QJz0sCHi40NfHAXjT//DiMRPNmNd1nI/LQXqr6tM5rJqUXXIct +uyqOLq6iQ42lPfpdS/k5swoW8Tri/aB4JflLv8Qcd9GDqB2YW9hoH1zwQTshLpqK +Wya6b3dBIzYHAEdUDNRhn/JaLdACubmvt+tES8f+WJKQX6COT4SucrfVms2OQAue +6DgRnt248nUgNlY2r4n+lvjAh5TisrK7Lq0PtkfTlVBcrUo/v6/GM8YmZQARAQAB +tB1GcmFuY2lzIExhbSA8ZmxhbUBrZXliYXNlLmlvPokCOQQTAQoAIwIbAQcLCQgH +DQsKBRUKCQgLAh4BAheABQJa5fqxBQkFl3svAAoJEH7uLohJ/86cEsIP/jppzMx5 +qGaKNCi/lAPY4b77AERkblG1hLs5RmtqxVLDXY9oDEBk1DjGDYv2vXUtc0begYDD +T9s32CEs5L6pIkhBr15gl19ZxUjXWStvib/5GT/vO/9FJVHps/4nqQUnzo1VUxoU +Cv//KFsfA5zXS9HNkrhkeZnr7ReOrvKQ2RNbnVvu+az3OtFrECfOk/kYL8kEEkcE +lIIbkdrnLj3UKzZAsHXahHWfItoCbkZIojVVP4bbjfpJ1jpLd/rcuZ9ByjHHngY/ +PR5XKmRuSpyWXjFLpOI08oFrzQwLSv/5TS8cTftPSFmLK0LqcLTqs9/qmQb5Vohx +phA6kJLqykip9PO5Q4KAB7HxOnnlPsAFUpcDBsqcfjthyFU+ySVkZXvNDAtCUx7J +NIjcd3+Tp9rhI8ZZtGDdBg2D5+SMGmgQSc9XhAjCAJ/IeC/jfAm+a4mjsx8andcP +QdZ/OR5NsEg/ivGl1Kdg0ms2DrFCED8tHyTgQnpUjW+xar8c7lw8bO7d9hy8vdGl +kOVnyDnZn7DAOwoSK/je2EeLfr+51gZ1UC/A/GweSNt/9GPew9egNa9QEkdYG2+G +7zVEb5hQ5/bhbxWgBTHfzOcnbywoQrpPcfWb+h15hCr5CT4JYRwTvN67lVrZnQz6 +6mFvGu9I4PUmor4VxaooC8TEw6oja208RndmiQI5BBMBCgAjAhsBBwsJCAcNCwoF +FQoJCAsCHgECF4AFAlkGQCAFCQO3wK8ACgkQfu4uiEn/zpxSeg//S0jqnhVgRn/a +VrYdd+jpKRCoBSUHBOW8Mts5+lL87CBJssn6HMpAo1nUYJQCropz/2CbENJbDL+T +yFWpiCQWMdraXZe9q2j179DJi9KYgUP2837zPbNa14kNiXhmzqcZISu1q9OZo1Fc +CkgGU2nW3nijxhQqUZ+sfEHgFDCGTreT9yQwVtqfOWhUNmbxzkRAqpA39g23AOjm +G6v4SbbZDT2HDrhauWSER52Yg0A4Dv4et1AU23rrZyUvkk4p7L4RFU7aEsR+uAtZ +13eQ11se2+SiSD0VAiFK0gqksAOSyMGhIgO0yFO7rGUj3xvg/2tLPLLW5ieyzvn7 +GoVe0MbGJSICkfU6H3jJBIg9jahKvzzQiAKdDQhTR1deqXpqKwp6QXy/DElfDx1Z +JT45b7HOfuD0tT0Dclwpg9qYKSEJFPRByT21gY0BvBQkUVgRwMnR7DMV6OuaLXMQ +LABYpLZrOMNoAeKrKPZnBl3YDdZOYZca5N76Dvz3439tDSg5X40wLXl2PbOnhZnV +F8xycg6n0b1enyPKxpB7gHtJsDOauNolrkpWhOsNgKFiDLej5V3lu8Z4RzFww1Bl +AV7BSXM0zoThirUJi5pc0BrFVWUam0WOagSfRbQ2tBO2tCVe3iFRrweuwqF+eixo +wQMlaQiPLT4ZTOHaNwdQgfuf7An8KoWJAjkEEwEKACMFAlcvtHkCGwEFCQHhM4AH +CwkIBw0LCgUVCgkICwIeAQIXgAAKCRB+7i6ISf/OnFg6D/9WiBUYgSTzTcQ1OCxj +yXBNYI4UZufBXmVxaJeOce19EZ/3xD72Hhtr/XYowzGI78Abk5oI4+/gtVII+1jq +rm6iahl0rC66NF9IOd+ndS/kjSV652t36XiJqSYCnhOOqqlxHoGJNuSHBo1XjgjE +93w4PA1tu6L/DkJtquqnNKKOU85HBcjZmXvBWVcWaEqIEqVSZoQ8cFx5ltP34/8o +8b6fajo4tADDwutPMKwMHesmUUUSaaC8iW4ITnLIrPojD9xSDLdwAZmXJe1SFRIg +G2SJ0AjY6vKeYA+cJoZvIRn0DstF7rwdFuA/jEmZHN0SHqa5fbsCLdPsCi55xPhd +r1wkptAveYL3Cq015ooWt/05gbrFgGHieuFvTz+ahMQlfW5CmmSI0X2jJWWnz66G +XZTUwa6qr0u2KFJvtUAKIKlClrPNahp9z19hK1scUwhSADUoOu5GvJYDPmr3w3jc +snRFV2WbVcDeoYY0VAyjddGwXwCRIErDwEMXuJef1KXfxHcDyxTQZ42AqS3KYurB +r0OhBCoCSIgZZbUCoQmyj4bPT6+3y45GbzqLL9hrvb2qsyT3O8r7OHvCt+EEkh8s +h9xJkD0j+NBOpM/z1q1lFkFVX/G2b8mu+zX9yR+Zo4QXQ+kU/EqBGDIiSIb4izRW +TDhwJ0UFkL3MpfXBzBMs4LzxhLQfRnJhbmNpcyBMYW0gPGZsYW1AYWx1bS5taXQu +ZWR1PokCOQQTAQoAIwIbAQcLCQgHDQsKBRUKCQgLAh4BAheABQJa5fqxBQkFl3sv +AAoJEH7uLohJ/86cdMIP/1pf5qxNZJT9D2udoHDPZgdgeN1dtQAJ+npLoRRdJ4ch +fwwvjpN+vEc6ISmT3O1GK/PT9tbQog9Qf0yvKt/dkLs14r9ALpbeAX4/QjB4ePW8 +UbdCoD8Ay2Ks9MsuHZ3tVl5sErI0PvCk/FKdU8DAuBmAWghmHQqWIoypiR1omv4B ++Vco188nrgEadHiuqJQiVMelRje9XACRZa6QmzXAO2wcSN5LClPThTPswuOYQYZx +BMBNzZiBIWmu/Eg6Yh0pUf2Elh1g9EHe2XJcPAFivsG4fMf5//wX1O+/0GgZyl2p +jAK2jcOlJEe/vrlE2uYoE+8hbGuzRKwsQwJznFbm/cpOzBCxJRCdwY6rW6PiBvom ++Ny3HUpESVNEF4PWcVi4TBFycniqtqJ9zUxqg2hbS8ALQtVEQspe7CXP6A8tQXTu +xddrxM4xegK+Cb5kIkK6JXoDo19fQbJvQXXeQCqyBjBPdF6dfdT/g6Vbwgbge8bg +RgBITidpOcmeg+sKT4bX0ELj5rrbEkuYwYwdYd94pWzfkthkT+DRqh1Xn++TaQJs +0cv2T1z7RBOQXCigjtATMG8ZxePT/nv2U+TqsaFPww3QQ2EVZGT2lJ9+nhY6FVYM +aDDviqlTdsbY5xolIAqYoToA2r2QbLaq7arSnHFclv7qE1YKM51GnxSp8a9RLJg5 +iQI5BBMBCgAjAhsBBwsJCAcNCwoFFQoJCAsCHgECF4AFAlkGQDgFCQO3wK8ACgkQ +fu4uiEn/zpysLA//cy2EMOldQ77o38H6gpY8fxruBGXzYNhpQssRt/6/7gTOEfLJ +UkNhoU2VwyfU9yhvs0OiMh3UQortdnZG4m+z1Lk0DIYrePY+JSfBZKs1xdkI5IY0 +qSyUamY0jff/UV1ll30/hXBvnBCII4fqR94s9TuKWNrneIG58VA4hoiJQl2EmBCE +vJiGpgr3oJERnn0j7dkCaUNMI0VUgBlTcpLVYSd3Gbe3K/Qu9WizyfuSjVlYxpeQ +bKpMVp0Nw9oFZ7oalqhzEa8ynv7ZweWqCCjN6TQJRxPq78VNF7wuTCotPPNq3c9Y +5bwFoUmt7mdQ4c3wQppOttiMcLM6V5ycp36wlagA7LihQG2NCTjrOvWM4O2iIGS4 +5gk/5rifdCFZFukYhl3FwNupESUV3zeGoxmLBSsizsAm4YqEFut231OmFxndnKRG +M8SQuUW7cFZG+/1NS+qpDu3pEXRh4JAem3XLRgxMJPbtf1lz7T/LM8yF2srqAAGY +9U7d4zuwy6PZSQCjXo/LxjDLuBA46XaBwGsBvTpn89RuRGkAFLKiG1Lkg+4DKt7S +W3Q/C9ZUQwVV+svTY9Mjleqv73UlM7ARGDY10kw6Jw5gb9rvl596aqVd+5Vs+IWi +HymnlcLL93P2S5WJmbJX679secjmTTGThVD8uIoX9vdrUXc8vPsIkgUn3/iJAjwE +EwEKACYCGwEFCQHhM4AHCwkIBw0LCgUVCgkICwIeAQIXgAUCVy+0gAIZAQAKCRB+ +7i6ISf/OnICZD/0T4kDkjWGk2eFy2idOrQT26/1KgSC0E53iCCrtGbwDbLmDPlOK +oiUe5YGz2dHcEz49/LHI6S/PWzhLfCy+5jXfaR6NbVyB2v4iPgJju8prSXwq2knt +kx8WkeBAyHBwMscC1kmONyukqH1j0n/q4ofDp1RiPY7oeLrvIytAQ6urfrWtIQlb +mg0LEEKZ69lIupbzq5BkDOjLN0pXZpNtxdIsbim7gi+3kGsehXnAVHYICuCoUBrA +MQGG5jnAG/BEAyJWxD7Ht7A59fTnfrh/8LV6DRei7fEPhPRwbRJL9pwgM8qEccBV +l3WgLBU3y9FExCfAuZI2qAcsLTOU+Xp/M0Fzca+V4GhotRaRHUJElExnHnPmFaYG ++rghdiohWJEwfTDXL2nLVvLU/ACtEXMramEX9Dt5GpEBPTmxuAWUXbzd+CE7uRaI +mftXe+B2qvvpBLTJ63vEJwfPHBYnWVCoSNe0r7NrYdBTetq+/OTn8UKIEKl6Vq5L +C5iL1tHGr3+hwfSvyESrX415Wlb59kw7zP8QZgNR60MTDaQAF+Bg/hJ5+5Ax3YQB +pm7HingR0Z+ZLhLVOyhaK/LI1USnqRYb98oufjieNTR/TufxdTHwVX7mjd3AC1FQ +oCxmLJHSquUkd4QhTKuTtQssb3SPHKkifsWSI+itQTxeR0ArKulqjLOQ6IkCOQQT +AQoAIwUCVy+y7AIbAQUJAeEzgAcLCQgHDQsKBRUKCQgLAh4BAheAAAoJEH7uLohJ +/86ccn4QAIAn0BL5gIWb8r+a+fq3hdfYFsXWzgqyBIsHyvxYg2AlP3tRjVMG9ggw +1J7ShbK9uUPtjCrePhbfkzzAT48zsHr1bUKBDuEYIsUYuuwNNGCA5QivPopIqOn+ +KaEiFHjfgVjXewgmhQfPiVVDWYJt2kUSaMlM1OHcjvO+NZ2TSHwfITicKxWxVX69 +hR11Rh+Fd2peBBYpVIR2Z0P/FfG6I7mKSnJRsfIL1DVVR2W4umsQEL1uErmt1iF8 +zpSOEZS5rJ/VWxDpBW7HMC8SbuD05av9TWLm0C7EupolJyV9ws+hqZp7dghv/hbr +HVN2H9eHed6sTRZByLldWNCVxmf06xIaSzPm1AaMBqoX2j7ksdS4ZgzBOCs62rDI +TJDrK8V2ZBOqXUXthh1EB08JPM865F2g/iG03LxBE6DQYiytA5mR8aS9bf7opk/8 +d40bqU40D5Mxkz8KShxSikSOjiyL851MQuM0b4failynvvwNVna3N9pJ4sT5X9pg +VfgP0rwB+60fVkoBXSXlorFlS+qgjeo0+dg9S/KZ8F6v7NI79iJdn10tYNKtK8qt +fKzqzNsGr6a6pAkjq48aDNFVNzgq506mejX9KiNZ8REoVRBFw5iPHdvKbgbi91Vh +S2gxKQ5x1eSV8WpgqlM4bph9Ea3strmhuY+hWsAZ8FiUmscl4N9uiQI5BBMBCgAj +AhsBBwsJCAcNCwoFFQoJCAsCHgECF4AFAl3tu5QFCQerVqYACgkQfu4uiEn/zpx1 +JBAAxoFnH1FpecZIcDv2tFlA8Q5T5YOrj33Bwmef+6oRB8jwJgdCw5MBWSOTB4RL +FAl7uxlxrq4qZOhSKPC9y+PM16E8506WyBLXytet+b2F4ah3Uw3YYjpnS0ESgrxc +V4DoJFBg+fKAlaqqEVgZWZ/GsiFFWd4DiVYcMqWx21k2yevYikhMunrH2g6r4nKJ +Ogqq/zE3VjsLFQgFamPxmt76HuL0RpU1vlFQy6nNC93TOFx5goLly/USc1KSNfyF +hj5eM3DCGtcLSkVRncKP1g6YjP2Io34k6j3v6g3017QNNlbJl7cTgBk1FlSm5uA1 +TRys5j1DIIh193IGURL7z8lVH9RzwSM/YljPLyTMntLbn1SNYPAc5RKZVrfZBGia +ykURXYTQdo7IVIB+AgdEpF7HcaDb56DZh/LmYWKYKNGTNc/03iPNOs9GjSN2bdGT +FDbNLDB2cy6+bqmkrxlClOpW6LyiYpL8T7V1Gefg1DZwItI9jXwxgDTLnVSZCJ21 +w0LUeJyI7xiilZbXAnQd8ZhhyohFD/7Mw30+FZRrubwRDTHer7sgiV392fOnngOa +NIX20BTunQ2E/WmoZxsNEcbrTbGVnDsmp6Pe2wmhQFJmTQKkgukWBHNNsguJp4LW +Gdi0IF5FEMhN0mLJhUcZwQ/YrbdINuZv+9NidJy2Cwb0/vC0H0ZyYW5jaXMgTGFt +IDxmbGFtbWl0QGdtYWlsLmNvbT6JAjkEEwEKACMCGwEHCwkIBw0LCgUVCgkICwIe +AQIXgAUCWuX6ngUJBZd7LwAKCRB+7i6ISf/OnJLMEACJyrOcKWn8Yqw9UUBOoOF4 +h0HnUMLrYLF8mvNzY4k51i5gFcnuAFjGWd6xKlj9ybdlSc1fSScGy4XxhhJiNt2b +CsvXxSMZ2QIPlvkVJ0KvkejPyXxWP8C8fkIiyGuMurH+e6IsinBm2rg7nTDr58hB +nFBbZArW2CWnDoVrPOmzzpJS5lS9Cp6vN4wuaYUNiGEa+w6czd7gCzFlwpBXIKTT +U1d4ZjLTBDhRO1Z6pO6ySzQlod6Mpn7iFlCZk6t2D4ZaGM+koh8/vKefh/PACc7h +ycFdpowZ3GAFK5bkN4wlOP/Xyz+rOGYWJ+Q8oLyIYFGodwxan/29YAiWW1NqD16J +nARskWY8qxzDKizUgSUy6ljx2CP7vr2vGCAs9VqWR9frnHJvCC9mtmBridFrYOIM +/7FG3a13U0ES8qM+UMiQvBic2q8OBRsFYogK8N1+RCyORTsZ2tyMqtl8XDPrv2Al +5gGaxC2/x+2Xgo7b0dPKEL7VES/XoLSiJOhCh5zARGpTgkGJFdcPPxoSfoMRQvnv +lQMWk093uN2nmVP3syqiCnTCFnR81ZIgSmk3kLP1YDgVYjC5s6HeyCDJptTnPLc+ +1fMby9s3xTOuF7FvlXQdoIsbYxKRIJJ6d0O5bisIsZjYJC+aqGxwbfuX6gEHr/LP +D62/ak5WFMvcP4rBu3Sr1YkCOQQTAQoAIwIbAQcLCQgHDQsKBRUKCQgLAh4BAheA +BQJZBkA4BQkDt8CvAAoJEH7uLohJ/86cL0oP/26RJXFnG8Uk5Y6hCb1/wPW+BzPp +wgEn9SD0euAoBhF0X67ZEN76piHg936pgR4Z4H6aM5KSkx0YRl/X00pHdysxznX8 +Wa+rOp4K7+9sSPDZaouR2SuBY3IooOjJwrDZXI9MF+RNjTV1WrYcwwN2Q+T1DFv4 +R7H/vpSAv7ryV2tFdxFKfzG73erRHM8hB5PengZT504d1ZGN5sdP+oXN4sgr9QhC +00MVpswHaqdzKLBioBB0oDAaPBDz4T9p23NoqkHmqMVJa5GnRG11LRAaYr0hJ96g +J35kQjmnZd8EYLZkNDYiOTdGD4d2A8RDAIBFONS+zm3MXEmlcGxzoPwJGAA1JJ/H +YGClCaBPRR4bxko1453/xiG7qyeJvAkXMpDWvM5GCI3KVcJEyV/b+dm+aW0QAXDg +CXpLDgYXABOiJQPAlZFWCenP4UYGhpeKUYk38qS9njK33/TxLiyvdEnNUmPn3EOk +mhlrspE6QgvbioBq2Cxqot+/a3ukpwJ5iInGwCQ4J8OIVXwXMvUcp5KBhurVMBe0 +LRJh6jGTyhbi0rYAcDOVQWWZ7B97SmKPFpiox6dACEzaCtaTUY6XRaD+38+8uP3a +rFBkhZ3VC93YGcDLqZ0lbhgLrJAw5azKPVBMztn9HbZefVw/fcDt7tGQHYl4Glwz +StvkwXA5zcz+oP0fiQI5BBMBCgAjBQJXL7RtAhsBBQkB4TOABwsJCAcNCwoFFQoJ +CAsCHgECF4AACgkQfu4uiEn/zpz/Og/9GgEFvNyDxbTtunV/QrrZa7fZ+fSImQPG +kAopg3XKy/FcnJxF13XU+Lry1b9S80tWdn8dKriW582yqc2JZbDIjnClS9eEAiSU +hPVNOhGpm6uriYuKer1sczHACYcy95Kpym6TZST+aG8LnfjLbPvaABIT4YQYq6V0 +6f15ap9NdMh+zN4ink1L2BokxQjT7GZMeRN1W2nwY5PKSo+yMVRpiW2l2a/AAcx6 +KjHxBwsoGIvqQ3/3FO8EeVVXelA2euG5ouWbDy54EeAWvuabsS0ehPeqxhT1I/4G +AKdMoBDI16aQhVP0yi1vCaVk8aIYJupIcP9BP+Svs0P/+g6ixyBI06d93el3FG0i +iNrUp6CJrTRTGMZC079BjXRJGqEmEuSazUt0rqg2iwSsvgrnueUyQEcZGL0wqyMJ +CNa59W8+k+v3laR2LsGlRXgEsTeult3txE5Jcvq/TfBqfws6/pZ75fTZd2OxkVwH +aCEEOBcKNtNfSeakdzOwn0csxg+t3Msu6sD1AUpmfILMeLLRr3lGTtTwUcPxlfsv +Nqfw2iOKDKIWtnlgvza2JxJY83+ZbMw4WrWLWu+86r5dg2Jld1WXr/4DSSYjusZH +WEaSBi2WOLFO1lA26lNdZj+HUEupEBSM32n3sJ7PxUFdY5YQ3FicO/MvAOd+ckSq +rQsOrtKGmEC5AY0EVzd0EQEMALui3QHOx5/fBV1U4GCh20OMbwuT0dsWDte7lU7E +f31d6ivzr5Y2KyguQuayhyXvEF2nLx3P0CoDOTd+HBhMnIdWe25KBafyyCcqDq7M ++uAnXS+6MulL5DFqfQ3k3Kb8bRs7pEVfH5JSQi3JxRiY74BfCmY6belqpDia8ssH +pBcsbB5SlJ+3cZBNr/+mOO2igX3aODgBSecEH/9nq6uB+jWfWvyFl7kTHnTq9FcV +ZU8X8kiaMhv0vW9uW58UrZrm3aP+kgPeQ9xD/8ybpWMVF1Bu/7M2avKiCrf14F3H +JzDp+5gQ0oc6VF4z+wTtwuAi4VPa5ZDX4nQJ1TuK6+vF2vQI5b0pJMNah4Hbv1ot +FklJpc2qrPMzJl/iZDLVPcGyEsZRIxIa9E8RgJ5dLDgnKpyqTWSMFXv7YveTVQku +bOwMaFY0/XNH+xxGUwLYI0CV0wozcMlk12HWPbpOQ7k6XAxcqoMnGaC8uUhhwEO8 +r72HshcpIVAkli/yY8oGBNeCVwARAQABiQIlBBgBCgAPAhsgBQJa5fr6BQkFj7po +AAoJEH7uLohJ/86cKOIP/AsEXz+DycHWL8ashORbF3e8R093QJG7AHoPDA8xGTC8 +p7d63wDMPpNtaKvw6petwTusSNhjp+wLfuDv9/BEF0xma+20x8Glu8OcivawYJOu +D1UXOVsTqdYnXHX7o4E+1pL/Jzg5LAqoPYzmL5YQ2J248ahSywlTSIhTx1qM6RvJ +2+lPPcA+772pm5FzIc33pzxFv6uM84yhlTGESs8oF8eGYy+JFjLnxTP8uH8QFc+b +wAX6putxN1N18YCg+uAQc2lXLkJIFaRapLTwszqcA4KyD2ENqTszEB4Xs8cMmcwD +uACzGso8TpXHDFSBimpoeHKg7yDJQzBGJdBlBWovPs+fcS55RizKOMlMQZjE2Vcj +0Db2KrAj/+W48LyxarbqXVjYj4h4EwbXEEeMD51bBGPwVdif7GSXim8gOgqm2W+R +J3vbB4GQli6htqfrS+V1nlUt+BQ4FtpTReNmUBJRCYe70ZXjFd5RIYA0sGSTnu3R +6tTwjE3UNKReSvSIUSaRbeQ1Y3XnYmV6CpdpqP/jl+tgQQ+pdGv9DmWzcPNzoThS +/J0HyXfwDdSpaB2iBugD51mswhPV7/KBrJvT8u0hz/PzXevAodGCJnb2cmpk4bmC +emmB/C3frVBKCLZdIJCsGHC+dL4KIQKIXXgnAq/4VOpqSOP7XdZBQq5YY0k0a/My +iQIlBBgBCgAPAhsgBQJd7bvFBQkHo5WyAAoJEH7uLohJ/86c+Q4QAKHT8DBgV/Ht +4sGKfQcm7J6LVdMlDpVxFTyDHd7pFgRPkCe/319xR/LAo0NHpmuAGhBM12euq1a2 +qmtOz1WIE2+/cWk4BHWznGZ7XvbxeoIa/4CUT6RkS2NJRHvoyOdSyWIpMCRuQTW9 +crPGtb5r+4iqtwAkkbTFp9mUAcU3nBR4AG6yvj4l/N0rQfCrdAGOrvBtjkz50mEX +2icXieNOgG/RrzFmI1XOzlxQjJaFr29RQRT0FQ8wLvvdDibjF2XsQW5MeTI0GkBN +qZx6pAH9fTgHFHp1A5FrtxZp0viBsjAftPAY7SnKx9PUWqy15wZa21l74r7l6SQv +kZN6atBW9Wx0Zu9JUldpXbniOYW1//mH4egcixlIkMdlZzFfEPFzmRi+8xgUZh19 +u7xg3IOYBY8vyoT6ogoRdULyqHpPcd+1a3IAU2cT6Q0g11YPTvgIFHKfrTzQm7sX +QkmqkncwlLhVHPiUuvLAD0MOTQonpJVqCDuFmcv9UIpFgjMdt4HSAe0i+uXADadh +ibdKYPQzt7UxZeaeR1hllKzJfXxiaX9xT2nVXm3lN47JNGfaZtwtSzJzTQbjBjQI +HlGcrjf4cNOwSbauBYVBrDq9CgV7Esp9lyGjFWJAI4A7OP1hrZ880VPrY8anl/kG +Qn0jgoYm2c13Se2/r5exopJLFFzI89QIuQGNBFc3c/QBDACXobWdUAk0b2CxorBu +BP+pk+GImeJMWMx19UVzYMPwmDdQ8wYIiKdDKeBUI9flNRemjxlaCvLCS5+ehSXN +piev3WxPw6pG8JIDT0BfjFkTBCYYGLCOVMdLxOActiecLcUmSDsGJJDMseGccs5e +kSkOT/cQoWpQpAcIoS0R7KzHrg1HZIdzi14LN3ejZ/6rlAOWcY+w3g5n4qEjVUxA +LG2wN4IBfUnzvKE3+kNM1nTKttRjsZOKQnLhH3UTsPgkxGUZKkE5rxSjWl+utfjz +1+UDhoD+zOTsFgiyXq4EdloS8NnBygaFT3UATyR+NVbn1BX/kwLFcHaDQsU9JE0t +i8MDo5nLOc21rb4WEFFuqNzd0ngNi18fAfFb7ES/uVjSvzlT1WylI3QNuJyVZlxk +SFnIgS025JN11ZI4u6gCG5nEonl9/bCkeLltRoYHsqAC9d27zfUuQe/IC0u4EnO1 +lQovSVYlWkK7JLECblHExHx74XHqVP0z62BSgg2x25XUD78AEQEAAYkDxAQYAQoA +DwIbAgUCWuX67gUJBY+6eAGpwN0gBBkBCgAGBQJXN3P0AAoJEApZxpiSCAbr6sYL +/2nlrN7pq6wr0y4Ko6B4SM5xgifdCwofZobaWYtB+pBjiYCWAv4q2wCYv0GVFj8/ +bTZUrk+TDGvdDJPqrBuvjIejLS01VBDlUivvb4pzwxnObdw0q5VbbrqLG/nxe9Yb +1i/iItKF2OMeikJ6miOBSAZxVc9SMelZtWMHaDQNLAECAOmWsAvPjTA4qbRtUCZO ++NnOzscg0oG2GEbxv9Ytk1Nctpp3+cNPIvV9lTf0OxpFYTYvdazzjH+wLE/PvK5B +2eo1itD+uUiki0UhjO8LtfBJklXqr1mG2HdklWou2rRLWWmSwvqCnWdZDhOofEuc +E0Ti/bikRLUujRT0w+G1MloFD8aE0woTm+aDzyYrOJ/uWMDtx7MApxNHrysdx0i0 +ZDA/mTbrSmpEevUUFch77nzEwNeQieM71LWunupG07xhWoUXzezmkp1lWbjPi6zZ +0D6yi5FLQEaWdDoMZ0UzALYpi0lyLwj83NsQor8WypOGTKN42d14UAcAqAj3iwE5 +bgkQfu4uiEn/zpyf/xAAtfj0v2tOCOGHJ1qzoIQi620hu4usYBDOfQd3IpwmNFOu +piiZhkW7dFgwsaVTpzScdQY20S7MrKDcii9LJI5gLNUd0kRB838X84tbJiHU6pf9 +SDnPQb28Vky1TeeHBTc1UW1ABYq/Q2euzyYdA50oJbssZNVOzNDc7bjOcXSYWakC +DfGrv5e2iVMkL9RXppy1OX5iTjTIZWeotZxam2NW1fuRybMAizUWaK8ZmlK210TY +WgFa17BGLDi4afykd71aIlWfg0YSY5+0CxF/g0hWSa97OEB/Zg/UhLSC3Nb7a5/y +54y4bwkb67ImDK9eg14PTYY/LU1ZWurYvmq5L9MDwymTTg6emeAR4tbTVGoa6hz3 +26iIkYzCvz0dEFIJ91QNXHm//Pn5qHngtKWkFjbcYZkuuJ6qaBOnDnOcAyDSNtEm +EwC5KQQs7lPqt58dTTHP/qczyvqjXFNPYEe7TOkVlxUyqnjw73cByobF/0N2r2Tl +NZyTBk3nPDSyc9moooPJV86myzQoJBYttPpLvSDBidxYO0OJ7TfdVxT5/0wA38jn +T9Jj9c37Yi/MgTjpkhHMlTu8U6KFWv81px/31A0UMv/Hke28hDKQEmr5Z7KALHY5 +A///yV7Q2YZ+e4IihpbLJytrm/6qTOX165LcKPNT6kyeWm94G9ZQu/YmJHTTffOJ +A8QEGAEKAA8CGwIFAl3tu7IFCQejlbwBqcDdIAQZAQoABgUCVzdz9AAKCRAKWcaY +kggG6+rGC/9p5aze6ausK9MuCqOgeEjOcYIn3QsKH2aG2lmLQfqQY4mAlgL+KtsA +mL9BlRY/P202VK5Pkwxr3QyT6qwbr4yHoy0tNVQQ5VIr72+Kc8MZzm3cNKuVW266 +ixv58XvWG9Yv4iLShdjjHopCepojgUgGcVXPUjHpWbVjB2g0DSwBAgDplrALz40w +OKm0bVAmTvjZzs7HINKBthhG8b/WLZNTXLaad/nDTyL1fZU39DsaRWE2L3Ws84x/ +sCxPz7yuQdnqNYrQ/rlIpItFIYzvC7XwSZJV6q9Zhth3ZJVqLtq0S1lpksL6gp1n +WQ4TqHxLnBNE4v24pES1Lo0U9MPhtTJaBQ/GhNMKE5vmg88mKzif7ljA7cezAKcT +R68rHcdItGQwP5k260pqRHr1FBXIe+58xMDXkInjO9S1rp7qRtO8YVqFF83s5pKd +ZVm4z4us2dA+souRS0BGlnQ6DGdFMwC2KYtJci8I/NzbEKK/FsqThkyjeNndeFAH +AKgI94sBOW4JEH7uLohJ/86cEwkP/RdfXbkAQcygc5IddbOZ5lW+jpGNgeyLJmBU +ia2o1UVxZt/8BJQjsbZNXvAVFBGvwFbSXiPZ2Nw4cvkbCK+yAjpw+c5+idT6Hq1d +VXPqMWrh7natYViElbyqPMg6RCSjbEpUBDlVtl3jP/J1ZglL+RxuZMDE9geMmbJA +3o5ZLe3AOddKVKmbgenXEJ5P3fRokScRutI9X9drK5F4M5o6CYr269lFPU/kM0Hv +C47Jy9/e95et8WrNTDilFDeJ8zsFpkec3iGZhgWpzRM6ZKWrPzYOfpDfGXYbV1Wh +PQFvnf9A8cE5Cp3JbqLY9MQqlnOSsVyfx2esp8Od1tv6wC0DHvHWR26YszmY8fdY +cKygXMQ2cKBxFJAyQqmdIHiv8PzhG943g8OQRdGTZaJ5iJzlkDMZksCWXTrPQlnN +s9hzYvycga8azwofDgnpCg/LjuyAMKd+PP2qvmAGjSfIjvDEl7PC0DEpxaboM02l +x+Bf36vuVxEfrX3OmSfWvKUnHgtyi2QYtsvUP9ZUWIKfOexHsORWW6JstJcVAibU +gzUHMfShN3QmK6M9i0XB4e76fscLGur/6s8nOAaVle30MTbG71mmJT4aLjKEb2yl +d1o8T47IUvKpWJm1G2bh6ErgSbPMgWjDOkwsf8yOyIT3fVoz/szY/7FwPvBGKg1+ +ZC4S0UNKuQINBFcwDb0BEADSm3vVWhzb3LDWi7TclD/xwuN68f0VbwiKKQtixy86 +hfu8mpEfUCjYyaD7KYM3cKeDpu+E6BHrDTqG9RH3LTC3G2Lz88IInu+7bZ70yz8r +WwH30RoFZfhVWZblK+JILrRWN18zFjU0jIiziByNF24ziclDz69CVupDBOlvQQQs ++Plz/K/caX+1EqPJ6czXfKOCqgkYRZBFLW9ZNV/2PHSrg7w10ggDuAhXLI4HGa7r +jyk6Bb3CmKxo9n9BBUhD72/Ecj7KtzQkDnGfHyFb0cadAbbZJfySRdI+XgGbu5Ke +jzhccUqwLp/Kc5Wk99B/WC1sEU/f3A8MwN9MC8zEWt9q90yNaZrrIHLVw27TrFLE +xOO+Uh6mnHzn4KjW9RfYbn7ZGRCelnYc8FSL5l0iIHGWszKR7s0SbUKgGG7poR6Y +lWiuUKoVAG5LytfkS9zQzom2v9wBHjHeAIPFFVAa3E+sqGzNVssSUQdpEtEAuax0 +PAu1JLDu0gHqhBLwPieQb4zQwZmOyICG+0J3T2HQzcfxAA5zOlatqGCJBUims3u0 +XdMcko4R13HA5AXK8lZk6DrLXi5A/B6MuHAu4obVxMkzbgPKt7xVZG2qjwyDAFx4 +iZ5V92aLn52Xj2Wfbwth/3Mjt09ICr+V0/A/V6M0hxFaylx8yslkVTGVRmQlD6g5 +kwARAQABiQIlBBgBCgAPAhsMBQJa5frYBQkFlyCZAAoJEH7uLohJ/86cMBgP/2l2 +vzgBUQEnkvqYAQcTIXoNFazdCVaf52lcLOZaEIX8oNYTBbITFGKOrI7bf3hWwZWF +YwUcl07gcWLk24wxFJAaN9iJofhFLgPTxoQT8TnWtBOUuTmhaD0fXY0rxhQ5Uc9m +QdEiDgEiozwsQQy7RVsGny89ah4UUipR8eQEe7k2/20TzTJH3d5zPVFuUZqL4lMh +7wTasXjke1Ay2TytnPwcaRNiP3kvCGUuSkc5QlF1+fkMBzsvWLsg+wKoW/FCRwLt +scrjllbYEcisjOYsLkXGGH4clnWNObS7BV98V5dvCj0LcaLhNUQcd+EOIQxWH2UA +cUsoOSPQ9pv3ZVDvC8AXkxw8Q3GzE79sIs9iblh3rAf6kjeWrt5AbQmxzYe3SxEQ +UF8nPKd5uGAVXbdogmPSm+skPocNiLrVBqlJGEHlERX3R6c91zK6fJE5uNEkVKcU +bmP7QtOSD/alMiFTOd9QRA9+SZNqfCBSbOLlUnfZpvzZH5dzmk1XUUlei9CdNlcm +SVqGm/U5mQCo6tCfbAmN/RK8ObFAi46BPf1st1BozjJ7xtlzXZ0Ov7zbNniX4QvJ +zLLze0LonszbjZEvc86a1EbJ410WaaajDF+ZPDIX/n47mFjet9uBVjDqnOn21Bml +KeTeiWS64cMB/Ngeb56q3yIpz0ND8zM2Xaf1hzxCiQIlBBgBCgAPAhsMBQJd7bum +BQkHqvvmAAoJEH7uLohJ/86cf+oP/3hyN9OQw+68SDL/YtZMcI0SA8bdai7TyUsi +JoWnHWGLg3lymoZ4le/SjdH0Eu4ymtW0FTO/fYGk6hT6Wx5Arv++WV4txFYK4wce +pFoKahagHgDI8lQ/sAZ3j4faKll4vsShd/BXXeKc4QeGMPiaw0jnIwu2USsl7hmb +UWwIabvQ7A0b/a5y4hIzUIReLT4Dt4ssydy1fCYOZ2JDg8Q7l96gRpk0wdyomtFJ +1/+6O3TY4f4Wj9sdYNk5j/TtWaxDN1SRE6nDsBXxWviluLluk+m/9PoNJORvANr0 +yIuhimcPUOPnlaHhNCigvKkz0WJXjUpMkoLHGUwlghSPVpjLTmeswzmkvvUOPknZ +9WGkaMbV8ShU88KhwDhbHziQrq8C2DNufQBEtBGEQuTRy/F4HxoJDvAYHE1wp6ow +O5OHQhk2NUPyTO4xq0486yIFRm5IqwYKRhE1Ir9n9s4/IHdcQv5lxCdoTkEmZdpv +p3e9Esk2IW6lDz9qs9Vn/krYvkECj9ppXSyeM+c/2hyXbG2mRCV9C89g5cUC0cGx +ybiKI+yFDAV29Y4tnjg7i/4gwKjLyHHv8Zg58SYoaLSaVg6D8zWDkyHQfLQGKTzF +Um/xMjR0UpLRq9YmVMJL02rks9kHE9EdTGioJoStjJXV/XRTjvpMxuf3p0P2fQ7e +MqHz0V+WuQGNBFcwEOgBDACfZAVmx/dKkGvqyGqg6r2Xeu2ItJT/sPyTfPotn1Rk +wrdh0CWzLmE/nwQLm3idOhtsSLjXlQ2RjFnyc/b4fObSQ6MjoBMxBafYvffsLtBm +QfJxxxY97IKvITAv1AThpZoG5unZyyvY+uQbkJCBDnZNKI0xL5a46hwDhPUdPL/g +5oks3p29p12umsJmfUVgkorU4PSJk/3ldhcOwLjgqDfEgxaEHcI7ngHoBpC1xkv0 ++d5LxJBbSdx0SJPqXVQLWLnXxS5K5c0tEUllrtZL3rH/eFDJLFpMvAGdK6jx6fr8 +uq7lOYyQR9IpCxWlq9zYIed7t6KkJArepiGIE72iNfiQclAlTbHY2UZg0y3L8deq +MsQDrQ18IZPwVNZAeCTOhKORdTysOcMFhHDQlG6YJF9CHNKeetwJoWbXr91xP2VD +5dlpvSRHk6uC/V4oLyXRx07gHb6syI18WXL3KjPaw4ZIv4lkrApdTj7942rQQRjx +Af0r/eQTV0OwFKgdSWL5MWcAEQEAAYkCJQQYAQoADwUCVzAQ6AIbIAUJAeEzgAAK +CRB+7i6ISf/OnEW+D/0bxe5qVG+Mf6eR/G9A5ujjjMx1sj4W1RR/X+y3RtKFiDyP +6mZnUhCBp3w4xAOT+2eCsCfoxKnBeTtIdA+QcpTrp+GsvYQEjTxXKKyfjHNsSTL6 +qIzOM6j/ylFX6UnVpa/ppgWiWpFPhAq5awL+Da4g5SwwPEQE/7osCU6+O1/WtZBb +ddnoMqhCp8u8vh6FLnelt6jX/0cxpKPXJJ2Vgl7mxGwqx1tcBy9PibxDy2MD2Yp1 +aBsRuS3yRAby/zBYhatKKdT/8JOzOM2rIKxe7DyUzgvzhes9EXyN3GVp4aqzTWBz +FwAy7J4HHNbys6InFxmhBpFD00xlr1KGe5J7yHNJL9Yu0J2lTL1SmQJimiIBphfj +Xrspahhrrd+UuPc3oVXZc32JXP13bVSKf+ZS89HdpPP1Y1LSMt9kxGZTZTtUAwik +i97ncIa6weYDY8UFnaJ31nni/qfCcomrnu5mIGX2iXQJK+OgKTMW9qkhaHrO9Y9s +kO0h/uE0DjOef2uIq63j/BOz3peNbMhY9Zsb+9zIgyIJoeycmKHqBe1vHNqP5Tzz +71Ppiys87V9j4DZzof6dS/oZnoa7v2hiLUlSEJWj/YqqXt0D0Uial8rwtY4cv3M6 +Y1iK4luYuTGf2D5FsdjMBFduPlJ46J+hmBA/gSc94iZB3dTzca/IN0F9zNjxOrkB +jQRXMBByAQwAnILvmPAaw8IoKxHQWxzSfT7VwkG6YSpTr86kLe5qdc1x3FnFIp1m +s9+cXH0fyKlk1h/aAEGZBrqPKbjrYuZpC3uaRH33dYEWtqDu+8NfQjpQpVxZJl10 +fUZsrAO7R9XL9hSHKPTkLpG+a/9U8RfWVtrQvXkdWlGQIIB2Tg7jqqh+9braoGHF +Cqx4+NzOFROdD7FSYI0ZWgr0nbnNQEY8McyAtmxxsCIR9QzvNApQNFpL50a4UzLB +t/i3KsIVmZ/iBvNB6TiSsBctgFM2188RnckQ91rneRv+rInOwsgDQww1HSKrv/MB +mfDH0h8fWfY8NFo596bv9PM5bcgm9qnOOjiJgLPuoz4J9LfX7VASMb77+jB2XOdB +d0xrn356icj0TmQiNJaLXZAdlH25tF4yv2aC/f5Twh3MHWYzHBoujMESUL+5LHOY +jQjKPiKuT2OvkI2Tj6O9ENSfel23O5iaV7OmKAc/d4Jz2Y9g3tiFIBqsFeVRIcfi +BtvjmobLlANbABEBAAGJA8QEGAEKAA8FAlcwEHICGwIFCQHhM4ABqQkQfu4uiEn/ +zpzA3SAEGQEKAAYFAlcwEHIACgkQytGrP0EJpZdUlAv/S8r/B7qbkK/m8cAZC63b +OhAjyGPcJ/3RLFIiAWibShvzgVblg/PzqprniLYNUTAZa8g8oCq61pGjuLRxp0jw +v9G8HayHhj6fDxJr0/9yfgn7Iz39vCJhryx4tG2u81dWkqmgvFOzMMv1meeStct3 +JFDu5UpwtqqAl/yge2MCvp5zIjZ12QUVDiRlqsGQi05Z60uE7d3QHcWR8m6VzAG7 +o2R6RBfcZD0rFNAAaHvI6rfh9IFHSK63dJnPEW5xm8e++Dm9Nj36yRrxU61ORpqG +MJhDz59VDKOyKYLSZ4B1/p12/FQn/mLgEJJtgm4VwTSKRhsxeLfdJ94oNWDVo9Uc +sRKK9McnjpFlIKrX5uqOMBkWrRuLbzfWApycsCy7kVE5NUFG67YFQ9msmmnfx8r6 +1KEA045I3z52oSivR5P54lnm8IoXkLp5cyjWLGnBK5+MDfAldKXZRm9Z+3CMkSkn +fOZEZxMl+SYyGkEiPCwo/vtWneLHlDEH6UIq/Y8dyXTHeUsP/Aom271BN5BApfwF +wpfG0zLCRdu0lzmODic6XaeEaQWPKr+y/csMWyD6DLF9mirQqMojr8RvrDu3PIew +aYlHVQ7tLLUNWk+vX5fe62l2O4NaPqfi5uLeBfPaPD5zkzgBoY6NbTkMTxFPIzeK +8tNqgstDQMDtTgPdwKdg6ffu5Tgul4L46ehPJNUUIwdMRjPUhS9e7pQG1xI5pTRR +5sIOcXX6gqcIRQBnbRzfpq3HCb4trkB/YIv/O42mLXyVc22hIOpJcFr9XWT+zdbE +YC59KTtN2zhseq+rzQRCZpd9hGul0lz9wlrsNEc0xHKkfIhZZgCN8w8sMajYZEkr +ehQaKXmZHxv5JpGimGGaqpcJv0IdnPcXy/SfotzUz7REXijSEouDGsGRT8XPDtwf +72eJz/nD5s+JmGK17egSVSW3BPezGtgO+KvXITLwrFivrRlJ+5xHwgkcqlOMwD5x +L+QYsfOZante65OhnQDjvrLS9qMh1CwT68qYtL7O4xGFYYTkonendt7A2ScJJmUj +ORBADqHUs5SM5GddfmJ+tDtL/sd3OpDwZXrSlhP7Txq1VQBDerRx4QDwLCjNv+Pj +41TlCPPpKHGNCH68WCASq7COGqMuaZHgxf5HwK0cbWYEkWQjWp4wjYe76RU+MVZ4 +HWLwb+G0ga1FpnLCPY2PigiBsE2OuQGNBFcvto8BDACSJg6yWJyYkoRG0vRvUugv ++6e4XW55E8aSomXPo+HCj6hfhjmPQR2/KAjxH5I0B0JtDmiPCHZd4BJAYgRuFWwo +OV1e/EPnX20kTxGrWClG8EaxSKKM92gmB31EbFMrlyxl7x3y4Q4qC/R5MqiAFrbL +U9qVo7xLJFOEGGjIuXxUM3dWDyD+QTNcx/VzpuslEiro2611GMR5yo/lUttT1S03 +vbnBXVEW9iyjOCVq8pOMZej8cpCZHy39caZvN8F+CNiAkPraNvJm5f76kssEjLh8 +ot7AZUEgdbXTGj0XsEypt5q9EMueUtbyoo2psXn6CtkFmskQKpuJV4s32wLU4R3s +Di//TBfzfDxJDjIhwskVIYkxiBYtMIPZ3Gk5GtfJ60RK2uCckquPToLmL/+IJcEX +nX70RJylTpWSxafFzymV6R7YdQuP77pP0+dbPmMv8GNbNevpOgW412Qxd3o73JxG +tF27ln2vFchpjq9nPTSnQOJV7SmXpgKOiY/BvpBINi0AEQEAAYkCJQQYAQoADwUC +Vy+2jwIbIAUJAeEzgAAKCRB+7i6ISf/OnEYcEADK/Mls0XC1v/PvhbHcFpc+VHCF +wED3729wWb3zWnJJzR324ab9u/AbYJ68ssEPFPBs95mimcHIcw4vZB4FOkdW5OEu +QSx7cssQQHl212VnA2oNPGDzG2nJJ7ZU1vd29J2IdKlMiq6khw58t5pBMfpK9CkQ +crCLEmqpoV+TPVqazjid/xEyIEb4Qv0/G5PF0lhDBSqW/S8qlieTF94658WYfd5f +NHoTEfI6V9ARChZAnRZDmEiVKDW1itGTOl/iihC1Zr3Ry7HbP5cU0Oagt8eGyscW +Ty22gl1APg9pfPgZIwqRo4/JR4g9vbkcIUnxlNgoHu37COhEBmFEaMHjUMIy2z18 +o9+T4IcEU0fihAgLy+PM+lnKAObDUuz7F50s4KOFRbCYNGBpoPLORsWbBFFtbcqW +WG0eYt1cP2O8tKuYPADGqb+S3WQgFHsNhBgzS2W5pEhQojgfJIcc6H5nMzUREN4z +WMKZfdhZQEjepgqeNgTeA9T5IkhhQwsrtdBMx2v/xbFCs4uJdpPMVK53aSylBbF3 +BxFJ0reBvIrFx76T/qavrI30tkKqrpLKG73QwnApF49tUeQeFDQ5+c0hNmhKqKsC +WH68asYs/InOSUo4Qk+gC2hlvU4M7X/jYiiAWiUSCEQU89NgX6O7J59mwn4nRi++ +yNS76KuWDxjVv2RlfbkBjQRXL7ZCAQwAnNKWBURtegw1jvO8f9fvXvaEHEgcc4K9 +kNVcY9G4HqCu2JaJjVXavAJ1ERKEo2phn1/i06FyDpdYaTlsbv8IyOGKVzNVlEqo +A9/YsLS+/pM8a6fT9ooM2a6UT6cNkEvaC9vY0sVF/HgnXn1XzYlbVBUBvHzefkGF +QpywJ7Z5l10T1DGoOm3b6TfdpfxEbQRhl2sztTuuQhW+BPamjubrrMChzQZieIRd +bNDWISwu2HLvt0kmvoISU/GCOjctfX3xXFvf2M1NBXsUKBTdg2AYCafQxh1GPmUB +5WyDJY0b+3U3iQDAPh455ijb+EgvOMUSf5RaEZDEcymi2s8OqPX9q+m1lG7TTxGs +suqTEO/YvRVW6iANCdO8J+unmWWBO80RlbJPzI1uwmrl0ple0N3/QRkKxXq92l6I +lbRhlWNW+tBCvL2ZMaFhQoI20tf6zw1NXERBidHFE5HogIcQj2fmmiWThIZ8Vn2u +d+/ZkWEWjPYMPl+j2xiiVEEM66Z0Dn0hABEBAAGJA8QEGAEKAA8FAlcvtkICGwIF +CQHhM4ABqQkQfu4uiEn/zpzA3SAEGQEKAAYFAlcvtkIACgkQbtcY2sx8BS/fqQv9 +HT7Vku5vYSchOqy0jVoXzCYFqegOwO95Og9ygr0MlkS1WO58ylanvwlrWnJPAgQ6 +gcO+WjR7/iQBSmcqXAlcPsj4nPZk6dnXAYaERfvKKNdDmt3IizCw2B20WnjaFJTu +zIThg+lmKGFMHXp1Mxi46GbFAfLXwcVlvKTM4JfSU0WSafCDbtAk6dJOGllurSiT ++gFewhgDgoa9qvbb+mnh2Etx0U/Wdac7Qa49mCyi5/NhxXtv5RzZpOrt+E+IGJj9 +OQ8j57MZtHrxh8yBCq3dZ6JvSjtIf0ne/upqJRaFCw+Gv1EWtuF+BLWtC2fEwfU9 +xpwGv8gu4g4FyZxASsNMETaenef9EA3pi5zrYoyrEDkBuuDl1iwczI77wQj/8ywE +MgmTFuU2RgfNqHq8IoQnNgc3TtFaOU8eWFR8rm7SARAkv9Tw5ejQ6Lr+xToWSw0z +2mOWY8iyXDOZ6qrUTSnenx9JJ2B7kNoEg8wipRUYr+f+KIze92WiUsB87kpfZpCd +Tt0P/2fTXIjoVkcc23rk0cK2Za4kjYh9nctNrlvx7QZQpCBHxwjUoEbjrJFyoRqr +kxNWJqCJHNPPMSZSplLkqtTIuUGiYFsLaD9/gDeQAcfD8nM/h7M3nZLAWig3enpH +SOskOjuK4eFhBVzEwdHi3q0SnBV9McvqqC5T5lyKrPLyFdxeHuVEdaJZUYzqrOeV +oirzPdAbjhLxkL0+95u2539c68lUiW3Whtbv3aPzIX26vQ7FVNp9Z2KNvsTLojk3 +IHIkytp4Tq4kAM36+4sF6qMAQEh1Ump0PlddZBK2nasMUNaKrdM3LGvhK+7jB96j +LqYZXH7s3UCX1DyRyrV4A0x/kDiPgmoKPclUS2LEsIalq/p90Vov22NrrsZd4QaP +6XZiOPsQqdHHhJ+a/MTRuIv9o3E3ElZi16wCnGw4XWCXoV0m2E6qWO4xXcuCyun/ +L3elQ/z5QC5+sOUYewJk3hMhl22ExdHFbFF4fpBIlMUhxxeNJdN5bpiBvkZY2t2F +m4YvAEHEN18ZfOpegPUBLpLrGiCpF+NS6hDhzi6gkgWyMW6c/31EtMuJLQWiuvwD +A7LSk+9Q29Zti4u+bf/uTwhI05xJ9fcKLXX9Hm3yGHFiWSrkE83bUQMpekHbUcBc +hxnkhldirreAQz210kuZcB+FoFdS3gWdl8hpoZN3+87wL/6X +=kiri +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_0F948052DDECBE68.asc b/git_signing_keys/keys/key_0F948052DDECBE68.asc new file mode 100644 index 00000000..4bb0d0c8 --- /dev/null +++ b/git_signing_keys/keys/key_0F948052DDECBE68.asc @@ -0,0 +1,472 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBEyNK10BEACl4642TKimqqnfWHZFCpMSGW5F7cQ0PoIi6OfhHHLSBp9Un6NZ +dBN0jjo1Waa25OimEUU+jHi3FBu2hRAu1ZYj6uuWyarUy3ZthW1KXj29ABRZhJ7X +2DlrLt+fq3RoJkRIe41f313odqGICnN6N3wu5hpRmiQiODnLoYHPv7wjTMUNsXJ2 +BtWhFazZGxejevz7qbJH+X2QAcYiD+ymJRUk+voZJuaACCPyN8v/2DxCCbgc3WC5 +drMlS776jPYV8UeEenL5C1EUu7av5aBV//eSKm8BQZKNKuiYkKIn7UFQkbEDIhQO +HpOiV8Fw+3V7uXWfdApKF0xRp2i4Y1DrT7L+52Y13u+s+RRzIf2YKI6sNYaOU+lR +AYl/XWV7+xxKbrOqxktAbuqV9AzMwwDrHJif6kgwkfdt+2hlqvXBsbo6tfaYLAQD +d/rck8in/rgICrfMs1Mv86BWZq996qeV3YA9NUBoS6lsGhc1Zzrfe/xX41gckAHk +tn3RLSABVO8Vga71r0/pkOeYDfMWh1G0hZnKhGK+jV7LisroCTBqMu3h8BY8Um0E +/9ZqSGjVoNnOgJhW81L+96U3TxgYUP3xeUvjpYGLXx7w15GW5KlGwGVrnjYOrFmf +ioIp3uNTRpevlkbPvUnQyX3+8alotZdXxmE7DWLJdVYZiXbCs77YVJh12wARAQAB +tCdUcmFtbWVsbCBIdWRzb24gPGh1ZHNvbkBvc3Jlc2VhcmNoLm5ldD6JAlUEEwEK +AD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAFiEEpsdONBBUoWnOUr5ftlv+ +VA3vhsAFAl/KIoAFCRUeKpwACgkQtlv+VA3vhsAUfw//X01bslVPtrXKTEdgG9QB +eZ+L+TNfcTvo4Rcmabn09W33LHAXR++HG6V6T02heG5WvArOwBrvSmM5M+qICuwF +0gT5cQm270PHg4ivOB5qKFQq/34vjJ7pVJc1S1gi44YOwy+fIfSZJ1VXCUobblEq +G60Yux9AVy1/wlUBnvniJDACpDFGgK+0yKATw6Wv31JFtdR+ZTEQSs5DmZEZs0xc +1N4q44xZXK3StoBxC2VUztwj5V89Y3T26XI4AKQuoQXmHpEfCcJckN4w1R+NP3Bc +J77cVHhUYR6obCOZfomYfuMq0Ot+8Qvoz1KuuNvbzIs+y3r1CLB90EwjLwbHkTH8 +hgT7WQvnxKTp5ZaRBFqe8MNwD6vdC3K3pb7D8HSNzEGsDStmh1C1dxFnZKOayy8A +JWBmo0QTbI2f0Qx3bvSafb6FsvXOMhuexauZSoL0jGvSyYAPG2p2/KmwJjSZnSSa +olNmhj5Fz4pXJ0v5uS79F6pGDJIFG+2Ofk72tiX2gUqYzg411cZsgvfppiWAIFdL +DtlS2mc6vUiDyQsHS7AJlUJMZ2tRm8OmYCpfmW0riqEGnPtcXi0Fqvz1QOyz5cz2 +iG7MjpRK8n6YuAhpiQsxjXHpVmGQV4LNXE0cbdILWdZle2wqx7XvpUBCS7daLMDp +oNThuaPnUtOAF4Ol4b9J9bSJAlUEEwECAD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAFiEEpsdONBBUoWnOUr5ftlv+VA3vhsAFAl7g2qQFCRQ04sYACgkQtlv+ +VA3vhsDfng/6A2AsO7QMcWGvb0q+UQVXYiFJquiPj8Bik5jL4IULD0+qydKqEQCT +Uf1VIGY+gAE365ZwhdFrcou7xNrHtgbuuBHLicHkZAOpzZ4o5Ox3tRTZa5mAWTNO +PkPcF8VyxdUKKcD97KvAo5O/EV2RcYhzqLyRknWOcPixlr94N2eTEhKzzVH84+Eu +zD7h/9IAg+ITby++MYdE3ZeDQRSpMpCE0oSqvw0BvW+1ZuLZ8YZ0zEqerZNXpAST +KzqA+jCdJPOBIOzOfJ7ogWD9/JeRzXX/QX4vbMTuZSwmGWtgAlTy3A3XT/z45y8H +BlVDihi/9yYeS/n4+cPG6XgBtVq+9DjKNlmLb3pAMs+Ddlwd27bHkb9us2U3+cvl +L2ugLVr2JmSHIEkoe+B0g1PsjnNOe5CemmYvZZbv+Ql9LhEB5kf6YqDXcdem70V7 +rjZn33nAU/Kg8ML2v195riav0oWgq64Dw85W9pFlular6Fww6hmptDNv+z6ef4c/ ++mfRREYVstsdK7rktMsI5d28hdfJUw6BL9MRGgjn4wWleBZInt5uUqRrgKwv0pJL +7BuWK77pZ6L8KxVqBhj7pp06rZN3pQyUh9YYPdI0ibYruZjY5yOewHB+JX7qukw/ +XVmTlElF3lehb1vpmGu6PfToARhP3s/vWlQVSadwgSxdEuvPst9Xs2qJAj4EEwEC +ACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJb20RXBQkRL0xwAAoJELZb +/lQN74bAMyMQAJeXYwBjGC3SbwkTnDQZXADHpERdGQvpHjA7SxBHJYWsGKllrlrG +/dGMGKU/wUW6EpkFabZcHXJd3nA71pQ49jSfzxpMilLTEOZS918+2ylXU6X4y3gj +mcRTg33LL4QeT1TbIzUkV8uwcOUrQLyv1IvszIxRQ/snKJfZta+/Tso+3NtUUrWU +gQzMk6/uj4Wi2cSbWBjtXNlC7QX+X2adcgu0pXztX5UQQXB+e5WJ7HXHChyCdXKQ +FE78z72IDRDC2+9+fclnuvu6Y3IlXyO7TTgyqJ3ij5j7JdmZnzQgxY6WvMXjoK4t ++x9SMXJEWjTmcbDW49YWXhXDg+HrNCNZpBNWLPaugRlFNyp+be54+EOkjZLl7wws +nWf3NIGFXruu41qtCVnO/bRb79+gMQEcZiVtpbdsdpFbAhlAEhPfn11XPspgKsX6 +oPEeBACI0tB3xCrQnNVmHhOT9ubpmCyVARkDLzFNC1Oe5MS/OD5rJZxCHf3yEPay +XJ4WooZ9fcnHekWqcact+AsAWcxVtYQfundxkg8fhhf7F8hW+nDI/17vaH7RN+xm +DOZeV15Pj9ipFpwBTNIVuCxKU5vtWUAUnwfxdtZNgU3Yidse59SdVVurWmG5cSnN +chFsTvamTdRjshLuf/NQyB/DCwjCFEiQ9ljUIqlsTpM8dF1Qw4P5FFuHiQI+BBMB +AgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWfdoRgUJD0twZAAKCRC2 +W/5UDe+GwB1DEACNL57Zb+z0H5Cj2K1yEgUyrBQo0xw/NHuTGNORn8axsgj3sNZe +DwL9BpwlpbbMU+sBFLwcjcPf5gQUA1FDx9jdMiVKePYTUupgeyR6HnIqHKhzARD7 +Fvu7KHGsY66poDJ6yBPTXvzthjH38gCA9zd8hFnU69Wj51lcDJ75NGrPS0K9x6f3 +CREkDhm9Bl0O1wAAMQXhPA86h9yu8opAk/zTPoSYG0D6TnLc3MBfEPXG9r8rh+8l +m7paF44AW+QFiQ+usAQqwGTVOMAEC/j437afyVWuMfycJwR3gEjY5xrEK9Za4MUE +RWoHmDdAKN2A4Cj7j/I8OOURuQIZn/Sd8nJCHw4JDzewCRcAvzNKjBcGT6Ca2Tjp +yAID5yFHo4rrkN0H2RHyPxZVa+fLL0GcnI+GDVELAltLrhhR2IlxXNNTpQLd/Ul5 +fDdU2fJFGgb0EaC3Tb+vsBg7c426jJPA6R39mE40ut/iQ3CSEJ93bkfOMecBmOHf +RHBiR+cL2NWRIdt0v+0IGGyxFFaQzkmvqkHrtvrls6GUqk5Ac7wcMtPZr/LM9sPr +vRQdfFkew18zC8low8D2TEbeGFNA9S1aALriKm+IRk9HDPKzZYqAG+RsVVqQJUyd +7A04zunKDZCS1UJpcIIbZxZ1f9OJKode+btrBRTrX+mZJCcGs5+NY+ImTIkCPgQT +AQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlnY+eYFCQ8tAgMACgkQ +tlv+VA3vhsD1EQ//ULIT95cJnAzQcyNHhLFtiN//Tcd2BzSHejdLbhEieJ9eW0e7 +i030pi0irCHFZrp41PmOPDVMCZL5976lI3QceSj0h/VdRWqr4iOaEh1UWUVxuj+c +PXdgEmUVler1Gle355sSgRf8u4SYIPLTKyKv6GgMfS21amo52ysNv31nfy8THf/r +etgI/GCyjjVVyP1aVivMyuaWNbQ0qE1oH+aWovcBsdc+g3QR4qsLqwUXAZQhXfUY +mWsOAoU8qIhQ9Kz/N/Of7kQidDrVHouL2QZ62UTVwdTeK66BaJa159ru0X8lxh6Z +d0VBxLjVULinacn4eb/uEmQV6aqDeQhi2XpApG6i0TP4A1YF2Fkr7tQCv03TwiqZ +er+16POazfqzARJVjk+HnwpyYn4KLZ2Kf+ArVkORy5QWqpm0mA69jiuaBF4V/Ktr +mG57VuLwZxto49JygqsSIzv+rOKS7YtqLrmOVclzqsICqB6BQpvnTNMS0QrCW+9e +jDCiJnfh7pNE9GHAsc0yyanLT/Xik3WkPvqLewbOVQtX090uyN5K9lXOoA2O0OIp +q507zkgOr01eOeatktxA3Ae7v2HKrUD9ugu15i1N9ScVhZdj2JGACYtPhNycIUAX +9BYNexITCPBf8+Yb1VdVZXiCVfUudM8b3u4bgP1dtdCPxH/JPIbEKeB+iwWJAj4E +EwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJX9kw8BQkNSlRXAAoJ +ELZb/lQN74bA0iYQAKUckhPHU6kdxu1+2ZdHqU2ItTDgGSONOAgJ2Xv+vO2XmAo8 +pXQhG/k7MZtDbc1pjfe7kZbY9oi7701oMaZDbhaGyFIYf0GqF0Pjb7yh2xoogj2V +mqav9hVe5k/t0u9/7QbYINXCxfzLoNsNsCmSq/znM9z1G5e8pX+eQenuNXasv99A +oiazQzoMyDnaO7exzSwqNpvOcfka3spzWmEX885t+unVZGyWniruTPGv0Bl+/9Ka +PNqRsRg9SKBsnGW5yAzZI0rUSaJnVaJIUhLshBrAxgVAeaPl7X1+8yBAIatz0hNW +we5wDMmBE/YegoOJq2jjis/MDIIGgxktXX4Frh2W9Qi9gSsIGT4/1mKu99b7tXcl +yVp1Mb3ybmzuAyV0VWyBfA7kgBGF4/m8XvaSMpcH54ZJXY/Z7BnobVryFdSWCePz +M0xHrag4Ju0YhKAdo+iQHoOITCQ7I165S6ML4n7LryJt23YnAzlMWPDmoiYbP2rv +jmcHOw4RtCWk0RfGGZAkeI2/yedSv+tYxCAANpqvngTSxtwCaGQMfZD15ahAC4j2 +iER+yK4Eo/l3LeYsDYIR2xuXiW6TjA9OMrF9Kjo/PEgCNtroVLxX8wKPLudEQ7Oo +3lHrrFlOReuCLWtN1xCHE5u013+q3vnvO0uBMJcvaRRW8XZtzsGKnFDjIggZiQI+ +BBMBAgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVhKWlwUJC2aesAAK +CRC2W/5UDe+GwLbwD/9SnT0AVC80ojWciVNbEy1Oiw0+KcVUTRTOXxH1hFmh9MLT +7I+avn698GwPnJ3WSg/CvKO5TJCGwCoRHeOSPGS9+zM/GIyteBA7uM5pNs0J1T02 +3jMZEsa8zCiYgX6ivLVU3EnoBOoPYIXC2G1+H3CYEqpLBElv65YIRAVU3OZqBUSD +rHiuGarIsR4rASrYd+S4zY47yFinhqeTfrLMXdO1BrAk1Yq/eVUGjpBWo013xqix +VRhEFYOigjZ0Lutf/5szlNbiTzorQxW0gMK3MA0evKn64bjiK3N5frPLStrV3Vqd +UGD7qR1K8Nuv1L/cvDNUiUgHn/ifiUFTa8r/TgA/L7Oehfic37uMnYGhbzrdiBUl +bkUZBovfwNFr6QcPCeoen7JF01zhMsDfmEoEHbBPTMTcQdaMrFyTIWyBv9js0qWH +ecLHYbz4lDakAQwNQYJblgPIwkZIwjnPvTj4MEpx/7q5du0RH661MJb6Ums5sgL3 +aAA4Uvoefh5UYjPXOaM3e1w8dJEs62gSN8AdIdvDoY2lydLKuGaDzjc9WOOVPMmK +63NehfJ6E1sxNp/lljJ6O6hwbEyfSx5jNd4+yHNdxf9iP8LbVeaA1wU1Cr0sEuKi +Yu+eFruRiN0zPp2Pu0Wyvy7sGHB/3izTvTl5qi99aSeyc3baHutgpjEo4OZvPYkC +PgQTAQIAKAUCTVyR9QIbAwUJCWYBgAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA +CgkQtlv+VA3vhsBRzA//QibkWNpnMfCr1LfrFFb8MllksHiuGaOUPWyQf6zzi3XD +iOEmMXGoC8nUydifHzxZe4E+G/ZDXk3DT5mXAe72zeTcAMm2aecoQrP+IOb/YrYo +eup4Eoggb3vTv8jRS+NSCtk6EloWrVzKTMwOB+RbVXjx6HcZ/f6M2zEg/etqe//9 +jWxgjFZdnnRlvrJmQ6+AvmhzyLy90tgNEMMpZC58V+d7/7UkEQduqRLut0BXYlWM +t/vYdNFZII7blo+aBaV4spzQfQmk7OWQ/fm1u5ip7QNxbg1Us/lXZ4pevuN+1ae4 +TJGDgp1uJWp7GC/2A0nLzw8GA09nR6lnN420aYGlAMFN5ZLyKUL57cKUYPWOmQ0H +8eFh/0J9ae8BSyqAINHu3Q46qfRc/4M1rUwIf04R2S12h+rL8DFJkcbRQYgXVtKN +lf9+BSKwSabhc+DbvKKHSV+y3MuzgHHk0vl8BJGetEASpe/X1Wdz3c6egEbvOgoB +yBBxR9o0qyHSFKQ2N1oC+Pi5gTX7Vadnow+9AYLmC79rHWGfhXP7Od5i7t9pTviD +TzwmgYrQDt4aT5OySUmoEYX962V0JrzjiBHb7JdNy/Y6hgtg5Z3BUDcbHDRDZOp8 +L1zq58H6/1FGKdKdkj0bSKE/s53HJ9dblVrxLWpTEmESJOrbS3TWUTv9UZiRUqK0 +IVRyYW1tZWxsIEh1ZHNvbiA8aHVkc29uQHN3Y3AuY29tPokCVQQTAQoAPwIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AWIQSmx040EFShac5Svl+2W/5UDe+GwAUC +X8oieQUJFR4qnAAKCRC2W/5UDe+GwJ7dD/oDu5vgWf2HBj4KS9Or3Vf18Q5sXsAz +3Xn8awRGcodLbCFcRoP/H1cUTE5RYJ5hmxg2woPf3vQXB2RJyDa5vK7ua/bjX2sK +j/kRSRnoRb4KV7/gRks2kWjGE87bG3XisygzZvJAFTi9tA8MceRc6sNZYuT7dtGr +KELOpbiExrU6V8jPSiSvNq8TMRzMj4ddgwua/lJ2EL4/c/lmVKOVAbxd+C2DHjT7 +FpEFj7Ihiju7xBIVGRTelEPDPXmVfw8NzkxQTunWEio/sbyKgyV/ArhSJBr/1DSm +UzpNlzBY6FBcffkAM5eTX7BAIz3R0O5aQD0spHBd72dbrEIhgPAzHkIHhcdTwOZm +98ogn6Feay+2MjsDGv5jKVH3TyqR0pZvjcJXMwBnpoNM6m9husLbX0ab59L89V3g +t7oGpo8nOPI4p6N6QTDvDejAnqBIrvIFzI7O41hZjFhtB+BP+LWA+50inlmKZxDu +O70PkekyImHaqwLjj0tR2oQTlO7YiefykNITANHy/ZMTsmDn7raxc+Ti8eMsaRnE +ijqgL2VKLJw2xjSZyzkQ/BEelhWGP8mY+xo47kd1ouvvwITu9twG1Xx4y6uX6Ios +MmDlXAvxoIdr1jTd5dHZP+/3uQL8/SpXqx3KEzaIvLaipQnBNkKMNPbJnDR6S/Zt +JPwElrtuXmUsNokCVQQTAQIAPwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AW +IQSmx040EFShac5Svl+2W/5UDe+GwAUCXuDaowUJFDTixgAKCRC2W/5UDe+GwPxV +EACDjqYb6cDZlyZceSD8p9wBg3NL0gegfRGG443CND1qL53pHeafGYHpeSinaJWY +U+1J5CK3dCaxud/V6fR+7YM5nkLIzYMCXwBflXB3dkFCg2TSY4eaCsXq+BqrQ9UU +mQqvAcGMQed51Rulc4O5iySJyCjAhfGUKOt8Za7QFGQbxcKiOkTPPqRszEXWm/JZ +YLRvObMHw/cI/SWeh0NlfPibmOw5gOCKzwPv3FiCNMTJqh43DcE5pum4ZWDKOb7o +qLhp1nwHQsgpCDELXfifg6Z3EfJuGkeow1vTNJg47DdXAIGHiZmpeul8ZtN+ktvW +8ZJfkpoiMLqZji8dANZa8umWvz3Srsgc/kcyu/3/NNMoqH8BHrNfScTBQFw0NTHn +a6GOSQqeFcBvDyjtl2hJ2qVzkzgX5kAcAKdhlGZuvGheehly06YjSp8hAuFBj2/q +xoGbzl1Fv7SnfJsEPTbr9Ntnh+2b9Wrxx94y+4SY1eEHwmUfcHhFJXa3N4hgpjcs +mVrRD8bBFcgpTA37oVHx57X8dzZ/vq5w0uPJ39wjO6G47RHf75MYAWTOmjvUxsUL +5qkqoKaXPuc93IeOUki40kt1/usJ+FDV/hnjdwFGJsgiDL4ROHsBjZb8Zt8tr4O8 +FNrJnmVS6wKB2esfgeyaxyGitliF4rbjToSAx4hX8j6Q+YkCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlvbRFUFCREvTHAACgkQtlv+VA3vhsB2 ++g//f9aWmWOy9zI+CiTOwOn7ryBFPoVkf6sKTRX4P87PABmY2tg256h13kyx7Gji +5IKWsyzr4uT+Z5xmVvJev7m76cskXubTYfnp4C5rh8OAbvAqGtWTIudddCG7N8TI +e/TB8RBOGLsAOFHOEa2zIhyV5AYuFDL6iMkTQ2MIOjPwAYmv7KcH+ZuM9Tai4aJF +rwOEnkNScn6X5qf8lJmleoLNIuul/0FLJBG1EyvqVBY0OrX4VEzdv+9cwL3IXRn5 +Pk82xbNcRYl8RY56A4z7Q4RskMywEcuL5qk8VTrxBDDzCpHbBHaiEjIoeE11FPeL +lehLakHjSVEoYQ8zOaLiCbkK3fNdmDz/cBEF17Mb9revaaneDWfgOEsIB4OBz1A+ +eNkFU96upFiUAOg/fgogHXHcm2e6eaIGnzKnyBh0CT85REagPGUQTOnmjcK2DaHW +08owa1zJi/qO/mgFzEizrKYpOjhUYrmAHbIqXfbewTFlopwmnyK6TAd46cW24Rvu +8T/sGAk2DQXXYgbNtDGBrQU3tFat1mRhP/bdyw4dMSvq1zoBtWnaZK4rf+GxpaiD +CIq//S+Z4kuMFYmrAGCbz0l9rk7/vgIwi8aibJfKMfDlD8ci5pTXtYWRkFaoxgWo +X9x6dyMn1GdDbfUml/vS7Hc78i8wgy99+mo1NRonWBIvISuJAj4EEwECACgCGwMG +CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ92hHBQkPS3BkAAoJELZb/lQN74bA +S/QP/RnZKNb06T+3SWvsze+JOLR2bNQrIuIcF147IKuUMZX6SZc34uBO7B8PSdfX +nicoD2mGudHdGp7BqEVdDuzT4rWb4pxUrielZv1YLLWNKUep/AsbxI40yEclFoop +/kuqbf2zgYOegkzVPh9LaUr+/Pmg29cDmV+a5Ytqn0L6swMH1+LLzWu+awxQmbm0 +f/19IKLB9Ad6gFvUgmK2x5yfmCQxoVHopMMNEsKJqkdC54qp4w4H0eOCXT72d681 +2We+nZQInQp4ih7mSX6UGQPIzq4eOsB23ifwrIme9DxhzVHk/racqdq6mU9S8d+U +P3j5vfxlighZsSmXIass8MY1ooG+0Ezq15svQmH7RiIivFzw3hGaWNOsV80VzkM5 +5WHZfAzeaEkIGtzFRhj8mKp04hgttxwk+b/9cgyw0Toyg/ClvHBZl//MvNzHhYGj +SHR0IECOs3SgfDpd+8GE9dDXoMj9ggIts+JqUPw2Nd99IPq2viJ+4DTmxJ+fKJfl +i5WhvW75RO5xbshLPfuUlRVRLv/hle86eGPyIdcP9+rVtoSozLdtfbgjkmP80qcT +0+2su9gurjqMyUpHXkBdKumc5QcBeUeN+HltJnXInTMMAvmekOp9NYDTT8gcuAwa +m+ZA8j/oFTN1qyokqyMKnv79SqSZ3s4oPVRp3qLzuHjKR/DWiQI+BBMBAgAoAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWdj56AUJDy0CAwAKCRC2W/5UDe+G +wIBdD/9ulmYjyYQ1IEiji6yxdbpCAweINeOc1zZsnMk9hX1Nx0CWyxovixyEzjo4 +6jjZrjLV3h7ayGIeSHisP/XL6gMChb8xMlhv501YDH8BujhnykZIA8muJaYJB+vU +IXwcr6nx1iWVglkIc0NEsKe9Xe20efcXFdgGS6qoVquZfehvKv4LAttLndjfu+XG +L0AgeaAeHgB77PqrqWux6kwoyJKiemeIp31uHo4KF2jas863Rk5WPoIVTcf29mnS +XfX0C70HAkdQxXIZQdJz/HyL2srDDMDn2DVAEC+UixZo5Ib5Wz9YBE9OpTW91c5o +M0J2gvi9k9tnPhbNR4Y3k9P6REct18oyBzPzPr4tan58KkMaLlgjrXDmEV4+BJHP +qLgS+gIV4074oYG71tr3TOgVTtEBzruNnicz0LC3gR7FyKqt7mHjE4Zd645c1DL1 +gwzWjkXGyya006l8Yx6KpsovCFcP6Cx3oW/H4G+3S/Sk5d6ggCQ6Jx9xamc2akuP +enz/ltHt5C0Ted9OVXUrLXOugKc9demVLM/G0xd63P1TaywsmVcb7P66PkZ8G54Y +27h4LiMUVE8IO/1QJYLwKc5keSto3P0KqB5LNXShI4lMVpZMicVz/GSZS8KUqSFJ +Th+1CqvTkkkwCL3bPl69rxB0tQGKzPB/a+kfIMqDWX7kah9NNYkCPgQTAQIAKAIb +AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlf2TDwFCQ1KVFcACgkQtlv+VA3v +hsBVzw/+OmKnUJ5emY4mp4vN6ghUyZU071kT3m0rpOlB29LbyrPEI2J1boVgBOKk +xYtiGhMI12B2/cZuEtTM9EpnSxjQcw0Dzi7OtZzZh4KBrqOpC2E/j2YQCVtNuHaD +H/Ygj+4ybf00N62mw4uFPapzqMPw6CBIuOJ9dNDBKBSAGibNFvPqtZbU5MWnC5Q/ +kw0gKGpmG3ExusAgw2Kof5Szh0MEb6a90uckx9TdxDkqLCzaN3MNHTPR1INHZtec +/EAovxn7uAHnu+hG37+uuModqHpcYIgOxzVUkjw8DrxKBUBofoFp0eJO01aJ2+it +d7AbbngX/Iodv0yXee3v+fEMOBzbjj8p/n9TQy6zYC1MxLhp2u0uTOdmTYIono4L +VpxEnfvlRBLdMigcPagdicVZBU6QSWz6+6sxoQSyEBMfqCqK3kcbW2i0NRPnedg+ +9/qQI9BENZcz2deulEDhVaGP4K72knVlEPbPcUSaO/cGFDgVbMTF1jzusmSWeQQs +kO89hTeA1B47t1ne+Z4E3TzPRMF5rzOMnZh2lLFfvO8ze9ekpcwm3Oi4Kwg+pcCg +kW56DSaVHCG7W/YJleW0Fjnz3ORPutPkFMMYm1WW3HLtLWImjTEGeSuhB7JDc8Oc +YIpMz6gOFvBOV8sBJLjvT0Dux3AV3IRxSUKo8KWLxZhblHbc5yKJAj4EEwECACgC +GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJWEpaXBQkLZp6wAAoJELZb/lQN +74bAFXYP/jGedvt9gZDOaEyvYIi7U8JSqBjPdgsvHFmd9tah2VAjiLS+XzkkAL1r +vdFyDT7XEW+2K7XTOBa0tkzkt847zXytLAOqApWN8of3gHF3g9r8u7wMmOmvnAz9 +xK96wb9Kyj9U6kQ574gMv/fmGWVJsYP+FMXI7P4z/Jb+oweyCxYZ97wXBjhUAJ30 +EwkAkAdp0affmHNRfHlY4ciF9wP42iiIq0vceJ4vMOySAc154NBESLMKogC4lBRR +g2Lbu5xwBnjj5mFwIYoPcl6MpeFk1mhvsUScsTdA8PUvq6TDkBridx/62oejpu9J +nn2NQSDLq/npp0PjS1jGGdxiziGvE+IYasS76vNUEyAY2FA49AsjFxCSTV9hV52G +LZqJse0brhs0NiWGsY8fcm7apYa03GiZfX/xbZKGjC2PEdQYy2b14daVBq0jshh0 +VNzate+RhKozeWxn2ipeXIvys/XtQR8AmjZWqz8VJQIxipO4XcRnG18awt4SL7wO +NYUXY8nir+mlEQQKqemVvmr4WpxvgH0SmvFn6sDDjs7MlaHThlpExymAe5ZW5nkT +/WUXRQAtABZLv1HTByOBDmYWlaRR9xPcP814oyP5n9RT0uRXNjG7NdaDz5DzEUjs +tNu2ze5SrivOVzRjOw+1GlSMSheKSpSBn9curJ6RagnVRVs84T9RiQI+BBMBAgAo +BQJNX8OWAhsDBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRC2W/5U +De+GwNyED/4rz5FGWnRl6l5vOWvI1gTGMVjIoYVyCsFhHSWfzVwv/FGIjMdJiTB1 +xPiTqqsnY4BU+s5UDIj099I59OzA1Rv5eQNr6wRXYeAQ7offfpN7K9rg/Nx71xrG +k9kX57wZ8zkUMUsV1yE3d92SOybVz56XNKrDvqdJHcMe/3I+HU0Z9+akIqjUd3CV +wlZ0TVNAhlQA7nx1zZ3EQR3+Uf7cacfS1nZX3/88q8vGg3VqfaVpgrVpuyhZJAYN +hhXJ2SwnI/v2LUWkhgMjLi6QW/6G6d/pHiw1CTB4iYKwppmjYNO8wwK6Q4gSJrih +gaLsJmQ8c8knCyTgr+Dck88b62laNIcd/qHTiDm6r8UgNt7dKIewsbhVWtD5f70O +x7VEdkh/+AmrPPiNNsMl51eixxsZntMyzuCKXbunqqfLO9/oxeFEe6QXV8L36IQb +JmHyaAUxbo9feQGC3Udu6uNYnrSwpg9FeZXKvNcH3L7GtjsrmZbVF9hZpzkGP0rS +xLLBAUkGbQExcUeVNtjZ2oZXj+wQ8V17C1GinNhvIT3tcJTlH0/sZTYzUw+b+W+b +VS0yoqJjZ/zUEgQMvPvKxcPc57yoUpy/VZ44K6Pg/9kY/cKkK4NiJSeFT7EjHuLs +HfKUmStpRFoyI4HwRcgHaxDKGGxwTkwA9CZgQc1kQYSTKIC6rlUcBbQhVHJhbW1l +bGwgSHVkc29uIDxodWRzb25AdHJtbS5uZXQ+iQJVBBMBCgA/AhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJfyiKABQkV +HiqcAAoJELZb/lQN74bAAlUP/i2Nn/s8qMLqFIgFizQOCvEcn1MApu0i4iWjngKM +6W88lkh+9+odXexB2weXUV4qgnNPBzG1x3PyJHODe/jPcO4AqzvABrArYfhNQa5y +OE3PoTtXl6GctD/3V+nFWeZr4DATer/yHvWp2DhZ4Lw67hV/o9eC/OPp8rRya7sX +kcfbM+KaN16Vai75WJ+zCyRoEgYT/SJGljRs7+bd1cR26qWaRwwxjZvQBUy3k1Cw +DulpQq+Q2zV+2Zu4ruaIdzeKBfsvivLMbysOMly4eeWLgOVjDkIm3G8FkIxllnei +2QA5560DHdM/5+kKwZ/i/956kV2YOvQPVNhC6MMkNNxrmd42Y8wZ16pWjydo4+fn +nHOnIDiEBifxwSf5o7Bn8A8HY70D+hO5nf97J5U4GPlsvu8Xsc3Arq7RVenrCop6 +nMEd+cPQQC639IfXindixRQo9irk5K2xeas6pBaaCn8Br+Ib98Z/DZVkOIhEkb0S +BaHpoLg3C7/cJ4LuFNdMsSm6+ryVLQAYya3+4QdHovFCvo6/+jynPVTtGxmdxE0R +zuHztV8/2rmXSvk2DYKcllvWdWVmpjt3MEvtZqSRdiXQEPbHZ1mvz+3BxkcRNODR +rkydPXwbzepFVew70aZa/XkxpThOYvngMCCbesZAPwP7xyEd7RzKU1qBxiCUE8Ce +i9GeiQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQ +VKFpzlK+X7Zb/lQN74bABQJe4NqjBQkUNOLGAAoJELZb/lQN74bAH2UQAIQFer/n +N3L70iyQK3VkJdO0WHsRO7MQvm6hx43u6TwwQHNpN8kWED9eeJj9loB21dO2MVvN +ePjU4Jr8s4rHcMVGzFy+OqAjE9Y6ORXtgn4yjktLkNqxwpcmQs80Y9tLElyEYYoV +h1dLUy8dE/isYQT5t36hL34BxZHkxYBz83XKQxdRwlFBsiAyEGg0I2iA9UJOACR2 +6+wPlIWvCK/yYvuLdhmvwc6PgkfFJFn4OzMeYws0R1ZZbO2l/eUMdL0CrCWJ5k6x +IC2qR8YLpKArkGNWKtHkfgGuu5yTKWf0i3tkApSOgdaa0zhoMdy2BIwbZRia8/5y +86vdzK6y9KzhOe9/+hL9fauB8EctjnTo0hbHIF5lCPc4MozpQulO6EwMGn2yo5dK +F8RP5xSo0IbTQvDFudFbV9riVIxu+PQ9GsWW85D/5B9kannsTkZJX3Ec3uQtFrsj +6/WcFBcfoNkIrNY4qI+g69Z3IBfdeLNf/uqBArNH5lnmRJ0TQ8mtyEINzAP4EfNu +tPEd3rJblwZxqysVYI3S0WEoyDG4apH+6eCyrrFuhK5kilNTOZ3a0HDeREjr5Sq3 +nA+RpAaI+XtUXLF13Rp7hE6zOVT3cbT6+Nm/is8t62ewdYDjwuN9vpoPS3sMILhV +9dr7uHy3o3QeJ89Svk4tso3VR7T6ni2JRGMoiQJBBBMBAgArAhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgAUJES9McAUCW9tE/QIZAQAKCRC2W/5UDe+GwJSKD/0e +YxRacfK40TevILrKiRFOR7S/WOixGPqnf8MqHG+YiNAIAw5TomUq0BPMWegGLTfw +lviFRFiSkJ6S7lcuKFiPvJI7op3mR5fzN6frmmjrEuqQ37Anbv28O+BeD6VcrHxD +WjtSulEkmDnMrN8hwR1ZPq4xti/8bwrvJpbH8SRO5p6tV8xQ/x6khXvsBGDA6wJA +YxKy+SzYsJNV37yh5OEkwwa1xmNjAahTSW++R+vw5euWhZG2gxWKBsRctVu6USgb +kXVPCu1RkJ3P0eRkxjb4KerreMWFhgLwkkYacBD0JO4kzd3UKViBCLpRZHc0/e0Z +OFQxg76Kw6PGuZPnh3ECcnHUB3hob+NReaNI66PCmUX9PgGzbIBTfGCzUukcCnjg +4cAJvhvhRioWcYOE2tJAEcuoL6AloY5nQs0IYfeD07hzwrQ42zkzTDNa6wEhiLrY +NN3TliZJqpkXgmu8A7FpNYLvRmSZrgt6sjgaA26mlCCv50EVCGbp+3UAFQCJfwvC +Hoix4B+3lRqYXp/zdGwtxeQg+NvwNuZmXaFGX3QZPeCM11OEEKeXdhmkyaMHJzsq +//B9BiwVfAEaqlyqt+cBwkhPPV8HR+Cl/AJk49ePs6STS3F+VDfLAH8IZdmowYGh +D/RVPFN5NDmGB+mKTJvRYAg9OdawY74J8oDgTFMQjIkCPgQTAQIAKAIbAwYLCQgH +AwIGFQgCCQoLBBYCAwECHgECF4AFAln3aEYFCQ9LcGQACgkQtlv+VA3vhsCp5Q/+ +IDnqUcLSKrhLQ3SY4ytsMmfeRgPGvkhGQbToNcHnIKtza8YHAaeGzTeha0WI1dgI +sHOgih+NYYsnSDvLWpZWRAgp56zpVfBUuprd8mbUdO2bklxvfqvLyvIaJcAzLrC2 +pc2IOnNXjNcFiE6r7R/MFTvjEj4BXLh4wvW3eLMhM7tG75fJMSDDNRFaDFZ8weLG +0RheJYWVTNZHm4M4+vggDw/LedmZxSz7ROg40lufeM4pIo+Prn52EAosX/wOS0+o +mTN8nXEnC5gyuNHoB/VMT+faz8kUWLDCE/Oib/ZVN4ZRLhvoyHlF27mrgaBEKNOd +MjJ66jfN4tIAXHFs/ecYxRFzfpx7hyhr8L7aGprEdbdec2YtN2m7LEeoWGYYlBns +gwZyAcjacFtqZkvUZFRUmqbFdMb5mSHZNrNSs5hucV/Zi2/BHFiDdX5EbUDP2hbm +YC0toPV0oGd0pM3LJcqBxZ/aDL2sXDtVq1HN+oEz1++U3ZwITjzyWHUCbIdWVtjN +NDM/cBiPKBWJyXu/+D9mbp6xt7eEtI3tGc0bzBas3hMmuBMDfegD2nkjmReRLs9J +JVdcssXAZjkOglVDELER2Tk2BYRI0MdgX4SyZe5oSQWRkXqRpTt9vOsqXI5tqk1X +zQ0trLNRS3tUYjMUjedBtrlAqOfKEml0+BY9wJrLaAmJAj4EEwECACgCGwMGCwkI +BwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ2PnoBQkPLQIDAAoJELZb/lQN74bAljAQ +AIeTb4as5CDOCshMMdBw1tzDcWMtPNf+GTvo/bspSitqvw2XuKdb+l9kIwmRcmlJ +AnbY5JR4xplwHGYPqWvmS/5/EIvEiyFUjfACRtsz7fYA22AWByDLzzWBDRqy4jum +1QNK22LKxb0vQe+Lr8Mcdqxp2F2DYeBCDZnhQbt/9l34ZcYM6SL9pyRUxQztut0Z +bO4ZP2OMkXU77bPRUYbK6/CZTv2IPCsNGP+VhsTfcgEXlX5jfxA/fbvTUG0E137Z +GVA33/W5HrZtBv/bi1aO5zIkr/7WoZV75fIoQzpauKRnO+rhkQCp6v+wkYt+pl9E +A6HwXZcYJCa8HfGE96sK4Jcv3TfW/p6CDkRGd4nESnqt0YH+Hd2tuHAAf5nQVlBf +EoWS7sz0OFW8n0FXtnFTJ+Bw8vpI4B8zym6jxOvS0H2VvlP9AHfpxzAxIaDm1UKp +J14H8sjcJiRNUhgY8d3f4o+Uyq9rurT3nLsHPubGkKlgrlw6xY5oEAYfxEr38eO6 +Ifps7+UBIOIlBrxxqBakwVBkvjby3DOjMpI0egLE61y5FBC6me2Xfeo51cp8d9in +X2UQiX+Vs/grzEf0L10vASMe+1PTzyEMhLvQQNMIyRU/+7mIJ1uUmp/wtYpDexFE +BZHQR95JI8xYWWA7ZHUb1Y88APK7O7WQLFQ/Okj6BY2xiQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV/ZMPAUJDUpUVwAKCRC2W/5UDe+GwO5X +D/97ikPHHggkFcoOcFpItf9W1kV+t1cELotBC6JQElGCRwjvkdWaR3AORsNdHIAu +43ltdx9LeSI757dnaDmDXTLI2MTdiQ8b3NFA1J4+u/mCRWBg7CsA9VmZfy0dokEM +EE57sSWz6Fc5IbuSlCCcgz3l7cTJwVovF/Pc6Jd2+AEHC+pWaNEI3HkgZHhSXLhN +Mblir0HKpyK3IE3bBRFXdRs/e1wg902TBYo7wM+T9M3CXXHnACMFJ/doNSb1J7i7 +Uh/puFNCN96mqgkeafHDiPa0Qe+sgpZIBaur6wuW5/qRDyXUq6CygIrHmuagG4uz +9GIMTUePTYvkJgFXRL5Zl8FkhCmdihQf2v3acY7SYXpH/+nckmkgu+vc0uxLaG49 +F04fgfD/Pst9SkxTiH046tXJPRAo3p64Q6vquhkZDAYg0YjbEMSxL+sV8lbj2pqf +Y0sOBPsfBr3NqJy3DRlitm8uFVvufHP18ARAIJkXRKKsNdsU+YuSEyLEe2gaj/OY +JkYmhEYwkxQ29I/Kx7eYU2cO8avUoUWVQcjwQB84x+yCby0P5jODrDQfP2CWrHkB +sb2Mj+zAIN9X8AwNkXKUwmw5vrZ4wmaHpMcQYa7YTknJx2qbu/FqwHhvVJsnzapk +4JD10dYrkWYdJKvs91o5PMuXYZl2EUXtmzecehuF4M+P44kCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSlpUFCQtmnrAACgkQtlv+VA3vhsBA +mRAApZpdloMYR6Dh9euCYCYE9PadK0d9XTZN17orz2YpDmo025HMkYlxYk2aCzkc +di3AaSOf32Zpf7lbY7W7e4Q6v/GDABr1HwoClp7G0PmDsDSOXfE/OAbddlPJeXWG +/Fwfu7jC1VPWTt2ApVdZ/hkhNPNQ0W+h9jS8WeolitXDM9k/AVf3lods4K3L10PN +aWPKctKUO/CyaW3NYkaXY+W/Xe2ySUOgBS1hslqiLzZmALBiNEIf6bQukSJVzRTW +LzevO20f82pGBmI+U5mH4tDW2ZIeN/Bz5ouS+xMQlAu+LPRH6M9OAiE6kpldNYqf ++cOaREKPiA9/KGc4R89gGHrWwzJhmRr5p+V8Ad9yfdU/lPPeR0X43iDG7v3NE+t/ +E333C0iz1FNSm6V7R9EYViB7RuZfCSGDpfSLl74bsEAq4hnwQMBN/Et7LIDFwcJ8 +leWxmr6AVV7YgQFJejjUQJwJYLNU73RAgYwRlgzk/iz5xSfeJBLfy3UmHz4Cylax +gKFPqOSlsGAD7QkxNTc1YukQ+dDkepcc7l9gEaw8qOdiN4cnjBhNcNnvvMqotexU +JY6FqJ33SGvq2gwyd7+dEMQrZko14MB44ErcrTBWI0E0aFMZipRFmZCNlMsDiCm6 +16EthBTzLMHJ+xhqlViQJjtMOiA7yurWLL2i2M+nCfGRKvSJAj4EEwECACgFAlRY +QY0CGwMFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELZb/lQN74bA +IsMP/Ahx8PneGNWVA2eMNo8uQFwCG2o2Q4+r9ToK80Ordw58sQSqukP1dDCdF6V2 +rl6VpbSRT9M67okHMN+JV/opfVTeF44ilxl9fMkSy6x8TC0QLoRgx0npNfJaw8a8 +7HdtpZobU8iwIScpzTjGVlRv33TXdf7j8ojrt8ZgStzJWQpiuXpQVZYNf1jszz4j +khxOpieBn/W/0rXj2obZ9JH7+hbrR1zOAzE3CMalAhs6VygmzOzajnW7HQAIkr+r +Pg21yHzvhpigRGE8yuqg1lyp5YYLJ7h0zznP//ivjyp0cHJPWL6o8oKiKrdw7MHm +838v7qlDOqujE1+DauWgI2j4B7mbgoCtZY94yCZMGMT9Kd2lM2rW7u6RFYbvZl56 +4nQMB1C0BQ3ZR7KA1BKWzA5EZFHB9TcwrYBZJUk5gLjQ0lPZxyhNsotLcnXsN7jW +zmkkrbiN7cOAL5aAJNS1GfSGcr0jF9vtRK8xdPelKKTOp1Mc6dFqByzXKhv2aGT5 +anlfJnThANeS94TvqQAidvO4aVhIiE7YEW7lkIl/sdegW7tDY3gY1PXziY0cKQD1 +XLDFFgfXyJuiud+8j1eBO9N1zFLd940AO/oAOsDkC69CNY9xXPekb4W50/cMQHfG +s8b1Ve9uKSSdqJmylTRis+GOfBNGQroCehlvqgRUZUlMoF1ktCtUcmFtbWVsbCBI +dWRzb24gPHRyYW1tZWxsLmh1ZHNvbkBnbWFpbC5jb20+iQJVBBMBCgA/AhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJf +yiKBBQkVHiqcAAoJELZb/lQN74bAabsP/igzNaAbZRmyRNVSyI9XYq41iierDPu8 +CgU6IZLc7WAo7QRMtX2YuR+tnU+iNKem9yAKhjJQPS1rMxXx1aqKMqGkxPQV2Kdo +kwrD0fJ8/8OEu1DbRY6xr4KwgFxMRGTPbFfy08db+6rltRKtmj39A+wCUlRiL/YF +ynUEH3zoI8t/+8YXWYsCvpGNWAXbp2eVysFpbNWud1QJWrkLyHVD5lUMMQS++uwh +Rynhij7mB4XWgZogvqz5xJc1v6wTLgZ5t27rIcoEPMbmdMejTKB8/BCBMMMKLqq4 ++jF+9S8lTDBYf4b/HwzpwdgTy+tpGQm8dQ13ZIGB4DIOoWjKb2hi8ZEplX1nVCq4 +C20tnYA7tncPY4024QEKNzzzZw4Clyj+bOyNksnrF4dhuPcSoSstyWosSqUIpsIq +squSpGkc9qNJqS3B2UO/boJglHF0veuJVHLMI53glTLZDEoFttaAsxUDnFntCzhG +B+OpiOfDTQFe4dHT0P/3WllYWqKN+vKM9dyB02dwcggEKaEswMrMRd6EJlJNgXiR +i57GiDMdr/OIygibEiLK32SRM0UR//HNveatNh+qun0k90RHdAF7hCiwT1yVhJZX +eDyeboTDcqCDSMm8vVWxoNP6EUjIEv/9rLEkc3OwlnjH40hFmvuUeOvwam5Mb34c +LJMDSjBVab8FiQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYh +BKbHTjQQVKFpzlK+X7Zb/lQN74bABQJe4NqjBQkUNOLGAAoJELZb/lQN74bAdzcP +/1YJ/hmTnQraMkrM7QPcKuZ/2nCA/eBPAq4ahYOC4MNaovkUAPJmMHfki4epfZBe +xBSaEolagzAJGrcCW5eARjhJQYAhH5tWCfqumWvQr4P++4kvmEaxGpYycis7qL3C +vEPwwUr+ZeB28rYgHxlhk11GuTFVDVlQG7ubJI9EgHyvdU8SkqiK7PikyKtvVdKs +10YWm6Vtr/emT9FQaRQvfuSOzqe5mLMKok98evnjGAc2DQ7Sz3HadrIhNVa3R5hY +Zu2NuW/XcqJ8AZS6zGxvoD4TIYFOv79CG4gE5trnZ+ROf5AkhfkJ9ljf0lgTqlAf +AhzL1szT6EIjpWvst1sSmuJwEHkOHA9AWws1UVXfcQFP/Li/LkVhxu5n0lVwLOff +CTkT7JruI2GPavJlhv00wtP7oatLxIkmSKJiFvquG88uVTH2EdZGp7jheW0KaCN6 +2AQ7YGcMDdEMCy0MiNQseu8sGqVG48OptgpAtoCimvQiC6G1mFUnDro+XdEUq56x +inOVz1V5capGPNxgBGwIbc61VWs+J+X+XhMpBAEmAR4/lZfYBofabsCW2SybIY5o +nkeZC6lAujjumvn3ZXjFs2fVitXWW4jRPuyYBB2uYzbd/PdHRtCyyoq3N45QTxib +k6rNae1s13CqH2D8bXuc9RlYkBDYl/U7r23uYfCVKn3BiQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCW9tEWAUJES9McAAKCRC2W/5UDe+GwIZR +D/0dZTlWy/gAhPQ2OatwyAept9t4LwWKhxbAz+Ap6VsH9mIfs1+dOJNGbMh/osd5 +7c8AbE4gIbY+H6IKoLLMlri+vEX+z79erTtST0SlJrJ0YwVAUJ3Wcg1WTHWtxmBb +F6B/tFAS/8JqcJmbLj9wBX5nh+aMIJiidhFB5i4A2bKnmhWmpkaA6j+nx4nn3yk+ +k+2IOlecaC0aOYd0kY6mTx2ZdpB0RAKrzJ/Sy83fstiHJ/dGOVoejysURig+o1ly +LgmV1Zup930YSfAR7+GClqgk2+11prF60HIgr1vqKkT8dLroPe7B9q0Gh5bXyG46 +ATRx376+RQp/hXTHl0puJbAwS6Ow+SncnrWj/R2bvqIHwvA4hd13AU6cUcOYBJ87 +STY1Gg4rHjqMGtXR/O7sHnHmYLSNQO0WmuWFWtd1DNryh4oubxRUELWmAgiFJ7jC +ifWcZEzAVkVyKlA2cuKCA+7mzenX+9OT7WB94jgPqpOA9Mz0n/f5dmB49yIdtTJ+ +/+Nz6fQQUbhi2bnUO5qV2UgE3v/NpaPm6x7JTU2N0gooIXvV+sANpVQlgHRYJMtc +k48h64nAlAYgGtUWaZY4rfMeQ4cJfwhwJAJ9B6d5l+NrPtBZJndVy032sA8cPHEb +511+0Z2KZmkOzd4Hw5bBmORhGMIe8FEDKuD0dGugs868JYkCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAln3aEQFCQ9LcGQACgkQtlv+VA3vhsDK +eRAAgTPObrLuCqMtDpZqeJqcYFfEC5WIUEVUdRhAu9f9Preb1Xsm60NJHrD6K/U+ +JjpaMdTMOVDSAZMh07SLfWhy6ayfjczETpHzNWsT6In2FvrDjE90nkvyDiSjiJ5u +usFKh39mmsNOr/BSOFBy/hjArts7cyWHvglAArjmEscdaEcofrLybgEfmIVLEP7p +y6IegEP0Yqdt8NAPiKSYLb+WP+MkosRAXyAiWTTvKyJ2OngCt8domWX/JV+fJMyz +pJoimAVUbWQ3OHTjVu+98QdDW3bajr7LE++OW5zVRlJg1lRB/nsETDAatvEoN3Wm +GKVXS7wXEw+C5vHj9zA/gSOgjT6uaw9cRIEf2eW4DV6fDjVQjyODulyXZY08GnC9 +lt8KaIezgVsW7EI/MTAIHC/xnDIxgEDnid28hEcEuLSoR/b+L/tbhNwf+HC/j5MJ +4gOdjv/qzWDAyoj3bz20ljNrU3tQduuZpOXaref+TKUG4xEYl1INjh9wE/a47hS8 +0NLoDigqMdf8KT+PQjc5EAkwKRkCzjQnvJ/aONoL1813DaDTvF02x/+9OzaUYlDv +zeZ6v+Tkuhq02w4ciDEoC+AO81PblUHLWAXOdnarXCGzt3UN1CtRHvPfwQVYonn9 +Cyu/Zx4pmF+MayiEr1h+W3kAtNoppBZfR7fOIljIQQDddPGJAj4EEwECACgCGwMG +CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ2PnoBQkPLQIDAAoJELZb/lQN74bA +Y6sP/3gsjjmnq/GgdgOD8YQnk5zyG8uUYzJsGeii5XjjH7rPhUBh+lAJEu+4BXR+ +cMz0738YuKBZvxBTZ9S4C6uCrl/C9W08DNI7n3srgSHqirKH+OVK2g/Hulu2SAi5 +9aLOkDgDDXCf8ShIGDhxu36s8ATAATKKLHlWQg/j38gbNCE1B+S+DRD1+ObO0SIY +z35AMchE75r2SR3SXwhYvphHLNj/EXFDwNWDgPp+Qx5JsWKBvbZYwW7CAZYDQpz2 +0Dn8WPtQOTv7i2bOdO9A4s/+jTKCN3SeLmqAVrIRKAed0OshZSrdq60jGED7poHy +o20Zy6DrdHWlZ/zz3BjuJdTn1JnZOMdxyCxuxYynJwMprhp6E4iw+f0Kc7x4aTMZ +y3cauN2B7Y9LBB5JMZUHM4C5R0SfUpgJMoztSQBgyVadpEMUyhsCveetCZGg+dQC +8LrhZr2WnlHAY/VUr8nJweg++Fqnp4P4ZMzLZJfe2RE7wnvXG4EBpUIxDSftRI0Y +SaQbZ7mlAAcj1f0jcEJoBQHd6iD3zvj5Ajp+/mUHMr1Lg9fZiEHBRMtIdR3WjWFB +TTZ8pWuUv6vHb71YuHBbEuSzIsxbMxPlbr8tAeoruW6If1t+7S9CIcp6j+SymkhE +qo/QQ5pNpddjS7KxeiVon77q9zAyaeafs7HKVHkcoN+qszUiiQI+BBMBAgAoAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV/ZMOgUJDUpUVwAKCRC2W/5UDe+G +wOVoD/9k6DUhKtshVhbvuzYYjeXexvj4U0cwgOq9vYN6rhBMj4KPwsze6xoEe7bO +XB7A/H+3FiZRs1bksyMWnpfYGcSG+iXUEsC97bt+23V31bfGVW305tIN0yFFStEV +6eAvaokE1t5H7O4DDDtBpP4b75yssR4vJvV/CQFi6h1CiscF3gV7KZgFeKbOQ/Un +2sLjg4BUTvjptH/PeDG9f0gTRWe/7Yw+FTP/zziYsFjhpqebq0mPIRr8D+peHfU1 +VXsVehs3cbYvZUdyCZJbaiNwcXsOZCmGuM8QpXB0/CvogHiz2Q97k/97SnLLrd23 +X4yOVpcqde7SBm+a50MK3r30y36nf0cSU42r0lTBZxOwwktxHwkGN5dkBip6kcW2 +5M0T+ngclR0EDii3/2QRPbrCDc19NaBXy7tLmtptU0EZ/h4/ZCyBJNchtFiMEOOf +yZ4wSVImggNds2OkcfKm4t7Jqs1ETN7jsKXmPFRKZtSdpe7OXL7eDPMo0aB9KqDg +S9uryIYwgQfTot/a9Eko0sxHjxad+SscOhyZrhHcnq0i/Yt/OFbcd1brOlFa4gC1 +S7au27OQwFycuXidrytdC8+7LtmKdjubkOJaZtJ99UAhXNTgfR3cnjkG2btoItng +sBNb2Ujgf3aSkaETN840it4x4VsTVbnsLEtqEK0y1mqJaXVGmIkCPgQTAQIAKAIb +AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSlpgFCQtmnrAACgkQtlv+VA3v +hsD0Fg//YwhVLJK0aTIK5zN2KyT2BUGsj96xiPWEjAOKx9MRWU3kgCFEzO/ThM17 +rsMf1Ke5bHR/KU1efIo98o6xXMLMgd9wEx3KAB4YrwxrLQ9E7CydV8zxSKnvqa07 +D3qelLu5ARhmSsTkjSf4PHsafaaPElUyodHwhNpOt2N22QcL9HNMdaom4ZdNAdX3 +njloOysjo5+TrVJOM3ZnAuuLa3RR0SgE9Obvu39JCZUVjdB+BqpQrdove+MKfjlm +fvaASPy2vVPcfoCCBvQ5UJCMxQfdTyquCrYmsS6+0fkPt2BZFCcgJtECZ3HvvwHL +gALXxukeZYjDOHVVjw0hccBgeVROs56PXViW0FdzbDDr2p8usjwpRCe2njN3gjeg +qcTzHRoxOKJgJakskvNmaiPq7bO2ZmMBtQGkqrJX1noF28sN1lwTNd9dpjCAS6jA +vIIvdJZCaGpV3o4WbZHWxQ9s4UoPuCjEeo+1x6uP4vDZ/z5B01dBE8ovwSorpMOl +XVzUPxLlHb327224LJTASlDLFbe6oQAaGXkZBmRoOWUalOpcV7fwpf6HaCtEMM9P +uDnWpdyyyh76hi7lSJOS82uNKkFX5a+4W6J1oJ2pQDjSymx1ruO1Ag2g8fV4jOxG +bP+QrRXKTWKMV71utqrt4kLwlq9fu//c2irXMTsHBSkpLiayd/GJAj4EEwECACgF +AkyNK10CGwMFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELZb/lQN +74bAjwgP/iFz8JEb9peHoijEVX5aThYdNsb4+MgP+djI46aXd+trd7t5vq2xCM4q +n7tdOJx+lD1w2G8qIVvMB0J67MEJxXGsXqvkD1BmLVe9Smrqy8qQmIL7aFHDBYt7 +i78EZyyR+DiiRaRyM6yeV7jSfej6tLjMIitz7d9KESx5RrDO8V/CZXXDvsySppTp +V72oWwDY5Uy9i2qQHfz5qAJ7dcgJnaGnEkdWqcgFBSJ9iMhkGg5akYiMSXEKS+q5 +mv406UxIwuQ2xr4/Zx5UXBl4nSYyFg1JiN6GtX+FpjqFqkzhF0iaYs7+aeqSMkoj +SfYD2KClQpXr6VnOSwQqMMDEQbqDkDdViSwoSUVJWBvRS9qloHBYVgEf8N96lWCK ++wBT/CbQ2OalQmPlvjz7vSlE1gQfjCvVYNl3zmJepmK6XjFCCS9soZuiH5aVxEda +5HhBGCeojwVLGJuAmkeQzCQfKVzGb86CY9sAAfYAVuI0U23w07xThxYs4z9TkT7U +EY101MQV7NC2eG8N9mlfESfoUNyeeZd3huMhASqeklNJ6BWtWz1lWdwWxbQFczvO +IqOnNIqLMEuGolMNlAz9FIARCmI0iscLK6GwtXVREUC5tbCdlrEcder3WUaOnDvH +0dUzxG9Skx2AxyRaE1+dhsfS08DMom3tKnyTWLmFLaqMDcaZGMv7uQINBEyNK10B +EADdyPxj0hprJJpB/8BbUz/q6bf2n95JlJZCtqbfFTMhJYkkRQ1N9l3sBl536F7h +2iMKcOFkTq4gYSWsPIx/jG4QWWG6yUYWbXJZEG9KRyv5zq2lk7ajUq3aOGmkR2lM +7I2ZsmgFfR+mfUUV4/ov9Ap0T8upzMkMyasiDtmtSpMFbOVpRgJhRUrlUR2dz1Kk +5En2DN6H2DyooPx1X+llgoZxixgnaUyNwYReoLoy30/3zZ4vPZEbxcBw2BaLtyQO +IKsoptsnyGBNDTLa6SEyXTVzIXJiyqOZV++9B9OgCJJ4Fipk704jKt3SCNOzhzp6 +IetMnBN1q5HIIs3OArh/Ta5lwXuZO3kv8Pv4nHNSqcHL3m4TuJdSJkXIP9b4+AJt +/x3anBvSjjtR8/GPA4GkbF6KDmW8xIDSrJQDIMyjRZRCE+xoqGuHIUQ3ywtEf7sp +bONszvg34bmn0BWTtsf2ATw9gBhW6xI/OdizcYuAyoR/JvzE1UZ7+5b6YOruX3Fd +3kSNQCSdmETpUScx3S13lLlBk12O087luZA+8FbKG/G2GJNH1VEk0A9iUlt+J+Gi +ugsk8hYloeCFXKRDaVO+9iitM4LE0A1fgSA29By7b8fi4N6emMk2MmqGGM6d7ear ++VIretNEnbHYxBn33ClonSQqiJrM53/LVlu35gSxkgUHRQARAQABiQI8BBgBCgAm +AhsMFiEEpsdONBBUoWnOUr5ftlv+VA3vhsAFAl/KIrgFCRUeKtsACgkQtlv+VA3v +hsBvjA/+Owx98l/J369ZwyMMueXQabTpdizH8zEKEmPCEjcfVvNwXfNMo00mP8LM +1WNUi1w5coJo+FoIfjjzcKwe9zuPWuvvKlmAPoc4ZK9GGHyAboxBCO3KAdbUkmWA +xBkvSAmaeuACDe2qlk9g3WoaBK/lLYxUJcKmi8V7fETEnRd2tO/E7wRJOcwJ/p4P +RBABlix7MOwvSuZaX+hnWFJHSPKhtS+stKaremcabB+LwPaFcfEuEnM73LC046GJ +/BmMYZlFeq0u+zgZBZMM2ymj2UOEcbRZTRUXc6PgjC9PAm9pf5PCWLBHEcnctruw +6mW+bRuh88Qgd5T3aasCErYUJsgDVV+lljJsRWRJF62+SOONUZxr2V3AeBAISDeg +oEZ2XVud3patNiP73/g18c11rf7cYcXAdK+tCSdoS04YHQ5OR5Usk/xXAIZ/0wHh +WDI4f1IVQj4ZnFgWFhmO2gPr7dPrNGUCYGtdJZAfr7fe1P8YgWIKO44dYoRatS/Z +ikV0zyOprHAW/36O4OivqHb/MLm4xXSQoiUbkVGUJOBfu9oia0/wPxnQzv2smI8e +EzxHgpQNMPuQQUlp2gbfnzSQB4qDq/mSAG4MKxYjmIgN+8LWmHF9C05YAbidiGJT +axkq1GZtR8xYQGePwR/df1n3q79J54BuaHyAkcAIcryckibgxEy5AQ0EVGbZ+QEI +AOTTfksPR/69ixTlc+bJ3vQgqEynJEdJ3ou8093XGzBvHhe2k+Cuka+all/U2L37 +3HKZHcsxJUg0282mqZjCZuqB2AYxdYQzR7k1/6pjtVwPhnhRhFuftLdDlIOg9kvh +t25PCjcW5k+OjY62InNJ7Q1h9rG8JYxWUMlKgWbu4qVgcMOc83gNjotivVTysEYk +eJreLFgA+7FHTQPANaofmT45iz0BKoEWWJL/eTafDc4cCB5ebXjtTsPr8NbzJ/d/ +4dRAIIELPM7IKs90OU2mDGGO8mAbEaShuGY4pOCAzOm+2GsL9ClGZ2uvT8khaIhm +hQZCk1u4yDezIprlfMd3qYMAEQEAAYkDWwQYAQoAJgIbAhYhBKbHTjQQVKFpzlK+ +X7Zb/lQN74bABQJfyiK5BQkNRHw/ASnAXSAEGQECAAYFAlRm2fkACgkQD5SAUt3s +vmgOpwf/XrYcFM7kIbVlpht9KqJsOVKcwDk0PpZcjJWVxDu6NtsMh/liOwidVufz +SNEfobJsjc2yYJFBL4uoPDq24YY6qF6cDfLdy5E+AaCUyiol6Fco8hrXSaqxpLj8 +tdPiFRgw7b1Tuq2b3WUi1JdgJZruGoLv6Y9P/6f26m6N+fEhbgOm89GxUJ2MoVN2 +VN/Q+ySkgAIERVYEoTZdELwYD4UMFWvxqOm9UMbaYXiB5mYdkR0d35tTcPWg/O1h +3zoFQc5vI/u+cEAuYA57+SbxvPV6o404IvtG6N3MesFC66/UbIZd1BLNi+tdCRWx +kR7Pko2naJmjdl2Cge3tPBr/tO7FkwkQtlv+VA3vhsDGEw/9Geq2kQ5PArlBJ6Od +mme+bcz8hVmKl0kf2E7+2odVK2mbAAMLvQaYHm8MA/TP7AtPvLbRbOBnqf+LDH9k +ouhMqmarcj51PIIk9HEl2ESfKk9rxLU5lpTvib73ZcCyv8K7TdZn4LyveyQ20Xuf +WC1m0Wjex75uq+BBDmzD6CN491K10qBVAUJMadNXxOQo5r1w+U85/80wEBrOX+vl +WnEq4QOS5OZSzpAg+XlJb0uDtnDuee5pBtzNgKJ7Z9gUCUPxf9BnMjfYigigIg8S +uDLVAetW648vW46vZ0c+Sk7jFfJbRDjgKlO6Ok9536MAU++nKEFIzoL+Y6eM2FB/ +N/HdW2hRHwrzPSGs5vaNnW0dQtCzetS0rzwTQbckvmyVHw2vm8/1EqZuSNFOg1la +N1aKPblYAWBnqNEgwNwo7S3sn0RvA91+u9LaDxLF+l+sm5dlvRbYRVl0p98wAhOd +GVxTYhGb3hmlfg5+1ZdWEIYoVCz8TqqkAxmG33+qqrmKhl1tbMqewnHLFP4DP1vu +sVJnTClJVpU9+yV+iRf6/b1bE/PeiBDdbHLSWq99kN2AygMYATIi97ipHMX0b9xa ++HcgW/CazktiexpsAau/WHsSDwzNPf1cyd284seB3zR3jozTMtSnDXZ7LR/raKSl +eMsM1wlos97yDIqzrVJdmJcVlvq5AQ0EVGbaCwEIAKAwVQtsK9EcXd9KFCpzrmpf +7ODiGcOtLONKUqgRYA4tnrPHfoKQGmjnOjoTEd4zydJ2kyroT2k910YAropjf3NP +7+zUSJVhytpg4ipOJT+0pwvIrM5ob1ACkecawfxs+nQMhaFAFfxA0Rdg5NOt5SQ6 +k8MLNxFpbye41wh6SpMBU1oBsHrQ3WdTrNdWqkKMLXHNTCwBOyvTq1T4CxByrcLl +Ty6LUBlPSW2+qnVGxs1VLEV7yW7ayzAehDMDPbtyGoCRpBwOaYk2WNpZLErbzNvo +RSBU+UaOrW0xTaROkS0frIh8sXVrCvajy/t3TpdfDyElPSe+O7RUWLGj2RsvjOkA +EQEAAYkCPAQYAQoAJgIbDBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJfyiK5BQkN +RHwtAAoJELZb/lQN74bACTsP/jnRIV4TpVbGoS9kFcD8Ymg3BijJOmJ5ybBvPv/u +251SKjFy0nlg5dkHe+iyczvZBYZaR4dQow50ow2iretqV91kOYw9nWREi5NtuU9H +gBl29jJEG0J2z8bb768uniITaaOEJ+3ckROInJuhoS3BOozEQ3tyYrAs3ci+/588 +46ygjq7zsOYTxmdd/gqzB6X7j7CC3zSinEgVVIWo3Mhn65HpQblIZEipzAAYxn7w +M8wTXBxfPSnxi3XtOWl9xo9+UGSSsFVd12va9PLVUhIHx+lm3/ITZrJ2TxjMqsA4 +cxc9MUQ9XpvcK9ntPn0kvYEaUGZeplDaOiG/j3G5tfsnEsb+22cNvQsJG2BDvKM5 +0nJRuwWzrtzXuQBPLF1EXIZUEml4U/LFjZ7bR7XP/wKHJTXOeSJDOmJuXwa8sBn8 +F0vqg45T7vz6zDGFDzoxjEcW667yWhzX39a1XDUnNKY75PuGIlQK6aBUFfZ6kX9B +g90zZfNrZ+e0wj6SAB+QVfip7xhF4CgUsGRldcfUlQfi4SUFAnIJmuOSSo4K+3hR +Q1nyrwC7PV/wW80sqy69J1+1uEYFbaPlz3681e+mV8z6fsPeXdQz3CJL5G46dHnn +JQy38Iyhu6VLe2WQngaz1XRL0QNak7ZhIJBe6IHbKjgKLFpBAmCGUy76VesykAyT +R2MM +=rvrD +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_1533C1225C1B41AFC46B33EBEB03A691DB2F0833.asc b/git_signing_keys/keys/key_1533C1225C1B41AFC46B33EBEB03A691DB2F0833.asc new file mode 100644 index 00000000..77225387 --- /dev/null +++ b/git_signing_keys/keys/key_1533C1225C1B41AFC46B33EBEB03A691DB2F0833.asc @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFmPNE4BEACvr0DOzBfA5/AuWdvEKMffyTInLV2FMVUCHLhFUkMjz2e1B+Ur +Fw7IDL3sf94+8NWedQYPJzjfM5hwz3RdSBAo9cYTk1QPaCUqJuWgna/+PYpFpzJD +I7SNaAlH37SrUg22+2omQNKWpJK5GSU+GN75vjv6ewXBQ+6D/FP7ea9gLCMdMJ45 +3efaRRh39QqqM6vmBUxv+iUsztunI3/yr5hlcej1GFGzcY69WqetkPgUgVo4xaAk +1d67kUvqh7uzgdDLqxsuGKNVFTc2Utq9eX4L9ldNUyXjY/7CLmBobFjjvCEtivvK +yZ8Owb3MWnUKucEwJCII+xx/gtR01YSMjebbZsBUeBWqEZaRM+c5IwLCvqRm82BZ +IYj1T4gjWcpbIeQ8WSVMmXhBFtAUAjx+Y/42XuxZwqu1GsJ2T2LOjM6sipXNX72q +cxSAJrAETaqmBmP3DZwA+iW5mCXnUPOf+W49GCXAOpVzICoXDOfN49e5hjTjKs1j +r1PBMh2IQ0jCOOtMvAKW/Irlq9qREV4nWVgF213PiOnnScEMQEEKscVDvj+MZ75P +cXFj3U51gORu+GsqgDXnx9jooK0peaPVYZ+l+0uihHCrdbfOilk7KxdDL4rZA/sY +mA4L0Xu0uLNykyE3RgFHUD5Gd/V4huzZ0ViMRa8b+uEvBPD7Bs7LloJsSwARAQAB +tCVEYXZpZCBIb2JhY2ggPHRyaXBsZWhAaGFja2luZ3RoZS5uZXQ+iQI4BBMBAgAi +BQJZjzROAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDrA6aR2y8IM5+8 +D/9Jn+jYFLrW135T1T7TQZQ2922YOcsY5iIo9b2/L9bkShJibBUz1cB8joNhw4lg +T3PRbLDoddYODEDDbF56taWrN65dpL2ZLier9Ote/g66oxElaPKojhLyb07Y4+i+ +JtUxX8x4uWYgvoNmAGMdkAY04KSRFx8QF5fZv4a12RJT38CX41hDeIxLu+bie3+g +s2JCLJlUpU+k6mersV9ZjvCaCNLI63ranVC9EvbUzBruRKxi4pUWulP2dFAsfIT/ +k9lCnTnY9ry7NixgYLksUEMEJPu3OV4uxHT5zJ/9hnn+9Jw2nHRLOGkL8gcZB3x2 +mGKKeUKtHS38lUIAukEoAvpH8rLR6w7/MQwH/LzCxkN6eecUWRtxabanXDdf3G6s +CqIUkW56Hxc71lRZtBeVitL5M65F0wVJhJ54Jh1f6Kt8vgLyEjjRHugxz6WGcU0M +FK5pIf12KNr3YSH8T3bs8jVsYvKRIkK9xJ/EUCtem/QWm11cRD3fB3yA55fUlCNp +TQD16cUKWLsfgxTipp3ldSZrht1QpH4cNo1WVPbIhWDuuDxD02iDs2FmJPUKELZ7 +Q24uKw/U7B0bfeCqLMro6N7E2xen/jeIdq7I5EDAP18j0Z84jk9CcOblOhqboHDn +iVW2y7go2yWvCb3TeauRWDEK0ahrveQ31o9xhGbIG1+upbkCDQRZjzROARAA/ZiO +TyJnjw7961aSoOg77npT37fev5PokxDyN3fF3xOGU9J+hHdUFD/WaDXaauN+zgYF +TZjV5KDMoPlu/5Kc1PI4tfmaRrdR0pq1mNol8QnPPwjfRg9F/+5ICu84o1NI+uOW +5m0L6Ou3J7ItzPZ7noI4vZucO7Fk/VkZG5lH8/rPJFcApwvy5yoHTn5h8XC6GJUR +Fy355G2VjiPU2NJ840vK9fG4jihu6xNFOUkCu7rDihdeEAKrBSqdPwp5Zv0YTAp0 +hkzrN0k+P20xKp7bRQlXooISowfwL3HfHa0gRlaUy3z46UVx6MOMx5F7b8GPE0eA +3b6+0Qcu1ijxUB7Df2Ymo5tjpjCNrzwhHLtk5z3yoI5KIxEql6yLah7f7Hc3Z9dq +8+0Bk7FMoJu4iTt5p3qMqmhoVjNCD5z4mXFORR+UIvJ001YpfOHYd9cN+slDBDbX +io6TUUsjgDAyaUW9+9/mZvVig4/jg9HpLnsc5Rza+SEmjF/C6eiS+4y0MITbTKa4 +E4SQk58a2LAlViLUEIkUNNwpynKqrd3mJveAJM22XbvLLclSnpBmwhxEe+YLOH1i +tCoLJe4a52fsCFJy3E1pH9aL+lX0nygTM5cGStlv0W3G0YEZcqvb1MjLj/7WvWae +ckvgWZamBhyzIc+qKota4bKYSzSriP6nuKDzaGcAEQEAAYkCHwQYAQIACQUCWY80 +TgIbDAAKCRDrA6aR2y8IM23SEACu2u04eGP5qzCwbCO7I10NWkKywZ63P3KtI7G4 +iFeQOShOTnOY7pw0pZ9Ows++bllwy4GKmJP/bgNp5L2T3Y3gPXXI5RWJpZLlDP2E +TzjFDjDKncTVCocg4lLPDjQJJ+xqzo4TLfzMoUlieJc78ajrlCrCry3D4qMliut8 +zpAGWy4CyzFt7yiCTWYT24TudMPKo5u5boo0pfz8u2s2ueTjzLYDYILPRriowLTl +dS/I0rLeTAaxb4RYRsCyrEjRLrWq4HQsZunWkVet96l1psaFA7DZL/A9YsqRxAQ5 +uBqKCnCWqEW/NA58h3G9IpJfg6f8n0RjGO8WPN5l3QEwYo4tZj+hgpGZ/HbPJvKA +RRSITs1T0nc7mAQ0xT2+qs5+Hsa0kmOKEYFcYgGDZearn/3WZk3EAgiNQlrrzfev +PYcQDrq0tgNEC+G4CpKSQ7W94lLXJG1nNuXOIj8L5EoqE/3G0gKTVzLO6IYg4Vfu +O8XQjE75EZElu8Aj3rBk4C3zseWTIRTYc3+sbnyMwD0dd45OhXVeUmv+KD5szQH1 +HCeoDfkR2HhwHeFzWfx6U7H3JC6JCoBOtvCtdP2fzLQrTmBQoITSx4RSod8IaozO +xzJUge5M1eK7jaF2GHzFwjOgIB12adl8w3ZINAV3dA3IgS53iE0yO/CCS9nRap4b +ztLu2w== +=AUQr +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_4AEE18F83AFDEB23.asc b/git_signing_keys/keys/key_4AEE18F83AFDEB23.asc new file mode 100644 index 00000000..4c58ba31 --- /dev/null +++ b/git_signing_keys/keys/key_4AEE18F83AFDEB23.asc @@ -0,0 +1,24 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta +x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT +SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ +7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa +buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v +yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs +b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW +BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf +DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6 +9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws ++8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5 +4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O +j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz4+JASgE +EwEIABwFAlmUaEEJEEruGPg6/esjAhsDBQkMEnf/AhkBAADQ7ggAl3STwz66sRPI +y9Oo1OP9TqdurI50oThX3e5SPkbuw1N+ejvCh39COPpm/kqh28D3ceYR1CqyZWrl +gnkoaLByYYKl38aolE9phJjSFJRIGpgeIcu6wImQ8GlBMGFwQy19UIHYnp9V6hfY +NXQrXF8IZuWtJUHS+IDFQyeYvkLnlG69thmxO7yzNeGS8hH3oK1ZsnxAZoR/X8pK +lbPx6m1j+iZ/dQ9+906OezFzyNUSo81pH3ELpDq3nesFr9eAxjohjJ6yfJidzk7o +m57FQVpWPKREW0CJh8NowBGlc6aAybSWGgFEpv+4xRo3cJJhOYTilnB4lxSLt5aC +ahCWNfa63g== +=mmCu +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD.asc b/git_signing_keys/keys/key_4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD.asc new file mode 100644 index 00000000..f3738eae --- /dev/null +++ b/git_signing_keys/keys/key_4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD.asc @@ -0,0 +1,220 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFxbWDgBEAD0d+4lmlUajbDlgnLno0xJaWUPzScu30izLNHJuQPxSjaXUnyo +bzJyPaygsL7e6UV6QoRNrv2sqYHwv7SWVBHMv3jy3nea8hrW3K05qKx+mc0w1Dvq +mkRADg7OPMRuB6JS42iVu4Rb/YQpoJGEPV9h+GSsOXffs+HQ7RkanS4tlb7wyXzi +m00NJauQw9WmlHfnTE0YyTE2ybwN4nWPZabC5hiVL7uOu3Ut7a3Z3es5DyyeQZxf +PuHAZcE/iuZLmICRHl/0KprfBXPzet9OCIKCOxloeI20tq6/cnBvK8HUl0vnD05+ +7nE/k57JSlkbv9sqibBhiDQdEKFfSQlUjqiWVNpvGSjbPo7Q9oJTT3hp60FW3um4 +aSNXrPa49bbpZvheJ/cOQHqNduc5/l4YsZ4qWgizIFXR7sjGQ4uVfrcyv1dZ+tD9 +gjkuE/e1xjWfH9jAXAll0GPgPTKTnOVNBtrtZgQUQS6zUWLwtFu8fZvVMAimC+o4 +pc+px9keMFNxFLhEoI+dCnsxCdIgwt8j6tTIqyoRQIPVpOUNjXexrOKJjQnCetHc +zX1gdX/SXKWLr6asIke1RCL2SliraYlYOm5rxZVqKGT0bN5wqzRTlrUqr8DKXURC +fFGxX4wcIcOb52CuIk7cQZfph+NctseyKcph7r+w1HClsEACrcGaXxmAhQARAQAB +tCFLeWxlIFJhbmtpbiA8a3lsZS5yYW5raW5AcHVyaS5zbT6JAlQEEwEIAD4CGwMF +CwkIBwIGFQgJCgsCBBYCAwECHgECF4AWIQQN/ioDf++2v8Vvc8W573cNbv42DwUC +YBBeuAUJB3dtegAKCRC573cNbv42D/nREADxiD06+7NVCjGiKa8J4mE3dyC1UoOg +oiN4cBd7XqiJvfXxhPIwIjuukTE3s0gXvl39Fd592992y3q0Tf+qHAqQqN3y71E7 +dG2y/SVln2bbSag20oCYydeyxdbl7j0oMjB8jlcuXsEC57OgLfpWm5T0c67QxU+e +1c3LtfYuT+6iHqn4SJU4u/4i3FMx5o9+FnH0sTFjJMnHCmPmVGWUxUDWQ69Q4qdD +ooH9QgvoK2FJvKnvR1qlIOMTF/8Ll/wQKceflib+Xvs4W5n54hLXQbD/k4XIslS8 +kvTZ0WFTNvbujAWtM4HQf9ocIPV77FVHaj9414Is06mL9v7z8FwWMC/nCR2osa9R +Xr3DRFVwdb0kKs/QQzbOOnivl3zQ91l5IXtROpmDhEeaaou43yce7iwg7tX0Hufp +I+IjDqxvk9ihRYdfz3MgMjONVAQyqkpsLLeLygOAuPNu7DvheRNDWLWtrnFNyaae +4qJ7jAR0dsOcEyqEgLl7e+pHmjMFvbz5evCJnbubhJwMWs9YgXqgYWaUCLs6pSY0 +1nvWyDgPAlfJmeZdqxZm6lxOlATRcaoSq/GsPekRpbepl79b94097JZINO890mKA +MJw3s6gemPnPYzFUwXaa7AUec+tNyCmjX/a99b66r6GlF0QZEcvPGqcGSOkq3HWI +I4tgir+MXi8KJ4kCVAQTAQgAPhYhBA3+KgN/77a/xW9zxbnvdw1u/jYPBQJcW1g4 +AhsDBQkDwmcABQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJELnvdw1u/jYPC+kP +/RHYZFmv6QDN3y1TZizgqQXwvqIQ2UUZCtm1fqF4Tmqft+wCa9+xtU2/afExi+2B +fDSBi8DYr5489zWUGsuNplSGbVP277n1+C7XFKHfP6kecQPVYkM6RSqALNOI6t+r +OErAGz5dYTQMbjmUovtYacaQwhqQD/VVej/MK/p5YKnAocoAnCvvCy9yyMbLqOcA +3sKxBzabURRVRqLoOYKsoJgcrRGd1jzwy2AYGi3U3BuRbNZwP1UWfy46WlA/XbbJ +CNXSftUfdCK6aLQbAUBFXXqiOtv5WS3m3yWfSYFpBuaPKRTVX8NQVNuUlo17gYEC +5Ls7fcqtFNhsvrizUOX1Rfs25wlwbGgewyqM1M6YN9DhxTUeuuNc9NMHpC74znow +ZG579RxER/jQIAg3Hpmhfxb18py5VjxE2m/gd6rBqHaxm/FEl8ab+zsWDm2IX3o3 +FF55NvM44SMSGi2t/D9pspO3EjQB5DbvyKazKBM4XJ1dZQamzM4+Dgn5Q4YHF5eG +nqP62ttQSrR3sccJ2wcY3Z5Xmm04b2LXDYPpJcExY8EyMw0P3NDx1qsTE2n5vygv +I0e3qkggKSMbRbzfclwV+0wp5t4GFxOsLsll3yCq7VaQ5tFpHQN2lLIO8qVudWot +awqiYGYotliCZ4QmRSboSR+JWPqBnxsS1iwJlCjyyABqiQJUBBMBCAA+AhsDBQsJ +CAcCBhUICQoLAgQWAgMBAh4BAheAFiEEDf4qA3/vtr/Fb3PFue93DW7+Ng8FAmPS ++jwFCQs6CQQACgkQue93DW7+Ng9xixAAwtE8SbHbx9XR1zUxsD8RyPEDiASR9KFB +vLrSGRaq9DsfGAzZTJXUSx3lz4ZvfZXZm/fk+vyuQ8TGRcKCnDkTdr6lhh01+AKG +Ho4vjcxV20Nd/KaP9rKXSiAPPRRVOoNvg0UELiAhUpweC1Pi7e+LE9G9F7uHFVdB +8+/NPqAxlXh6AoxY3ftOGYPrqmRMUjBWNwbcmymLS8/NbbfP+Bb8PYczeaClZ2WW +/iadQ3J6lNMEG+PdbUCzbUlXE9la730WkUHECGdwILYpM2ie81P8CKJBq2x+Yyf6 +IpJTv9AWdYRmWXAy1bNEJu9eBD3lYPAv/7lA1oHJ572EjjpkGmxx0b+ifziC3Nlp +GAQKb3Zy+YhvWqf6zyvbZZrefMw/gJoP9wpV3ce1OmFnKiEKZcFmFdVEdaE2VreE +SKEqmTs/51sAJ/GZ7WP0vYdXLzltFtnNcwHLXZBl2Y6HookcQYvTerPzMDve6RG4 +lUkufkF5y3Xt5Q6rSljob9pFq8A223I/PmNFW2+d+ZtVJG9pQf6fYnlAFSuol0sv +ENcQm2lVGX0naWzLTheNb6p/stc3LHs0HjPekD4aYXkddAs+AVda8l8pPO3bg/9s +oifhpI3gJ0lYhuIpyT3+V95z1OM+3VoYCFFCMm72inbm1eqQop5siy4vkugK8wve +BTRUKMVUuwu0Gkt5bGUgUmFua2luIDxreWxlQHB1cmkuc20+iQJUBBMBCAA+AhsD +BQsJCAcCBhUICQoLAgQWAgMBAh4BAheAFiEEDf4qA3/vtr/Fb3PFue93DW7+Ng8F +AmAQXrIFCQd3bXoACgkQue93DW7+Ng+6xhAA5I8fcjC33nP4SeZdeyg5OdQzEQid +fADlFV1QaOqOvlMLuZpDjO5MW2khzomtn2jGLJpzDWyje0bGvxnmgPGH5nFcI/t3 +C1652HVZh8oVBl51Ot3lGQU2TpvzKtAmB7G2wD5v3OiyAwPyrsf0OJSgrJlK2z/q +e1aKYjBAAFWYTVwx/S9u0v2YKd52Joa1WqB9rlwh5MS8FrnTs6ZSVGNmfTDPcFxT +WXUCpX9N/zZu5l9VOPuEotxhozQ5OiqvoP8WXYUKGqsoFmUEu9WDf2zfaI2IHst6 +WnJfPWZesZoJoDUkpzijtfhiz8k/WMtrTNKJ0zc8gXG5Rs1UGfhO0qo3dbOOsLR3 +he2oZyzlYndfFodYW2ktAZJqeS7subSkm0qRYT+i/3fIqd5aTRgfeVCu4OsJPYMM +NcEyPrpsnzxsoXUEF1+e9QxKlIUUs4u5Rk92Gm/Q0BcfmMWd8jeGRkcQNrmatC3l +7x/NRx8fszBistR6LkpYhBFS1XRsayW7Rnuuacs//JY42gR6m1p0ZZbrRZZb39op +pKQJ5dHbXTmaZL2/eiqJc28qr7rgAZYEsp0DM1WcjEBIiOgQ9Uy6PA1xldYtmu38 ++mGP+WpQbn3AtdmHpZfANYiXCI7qr5G8jJTdkwPYrLNe1tqrtNXH08HHc2yYBgYR +3g4vG0pEEw41GoKJAlQEEwEIAD4WIQQN/ioDf++2v8Vvc8W573cNbv42DwUCXFtZ +xQIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRC573cNbv42D3WG +EADeeXs1ueihl0sNY95YcRKelQLn4pxAf5w3P9EQ3iddUuq8KZYk+s3oCRdRDUo/ +5y2mYwg4Bp/cCMMy3tgLxQmtZWEGeYBRApepcJRXTkFu7qJnO92AdfyxKGxYR0oQ +48cTkzUPhmpUrMzsaOKJ/WUX7OUtwKSEoRqcI2UEIcNLEQ5U/XGglNvSBZLcwdaE +K8XVe8gp3er8GLjMQa2MJYw/Zhp8ftqGHFMBmIFdV0e9gwRGDU1hfPP0XKqV1PDr +bwBUyB1JuOHo1UxWAJH+RtgwfAQYgwKloTUHH6dk5kSRAQvUEFxNgNXjghBIW+BU +kQzdNvOPI6/ZzRU3RpweBsWu2knGdEFIbaK0VQRJrFiV0E4GdrLkxS1IuRDhfqeR +pxFvl7cjibVQM4VvVQG+ZHYjDEpOE6frQ+FflyLtezNKxrmGbyZc+BYYtihrpBxR +PKS026JNx1HMmUc2aE05outI2tyVdejvv3/qRD4l6BLMQjipfcaymkstFhYMiydL +Hy88ZhvGHkxT93Mopi3ASskK/+Ha2eAhTcenlUoNbI6LJsLOQ32mxOp3no8pN/fr +c3/2xhQ4uy3dy/NNHyFHlsbi3caellN02CugR/6lVMKES9rLkB/dH8To/GKlq1p2 +8Ks5UREEkGOmWIB4hu/bKhtNuOocJIIXxAxTRzdWD5UrXokCVAQTAQgAPgIbAwUL +CQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYhBA3+KgN/77a/xW9zxbnvdw1u/jYPBQJj +0vo8BQkLOgkEAAoJELnvdw1u/jYPmtgQAKpc/IpZUHb/DGwMutALb1H/H5qW1Hmu ++dhLnipoptspPbuj+4otZ/I/CMgKRWfYt1wql2oYAyvLDlewTx8TcNFepWUGCQO/ +x7QPMqHX16lRYC4zEEbVChFSW71e4ypQyjU4AVjthHY52x3OnljLA/U4fsAMQH9U +BllODSCHyZBGPniUKLG4dauHhQht4xCLRWxnzsjQxsbeV5FH2NtP4WgPDha3cKBN +Mc5Nba5cxJNSl898ku3JsuvE3z7k4gb2amBI+X7ikSpPExHV1Ap3wQKyTxuFMKf1 +YiSzeoWouKsDot4D+QW4uBBWBlLzEGCLDnn1tHkc4ZaucXDe4JwoOp8OQmQgxl76 +wo+vevyE1V4exbuoa2gZxBh9WzfP6sDXfkHawbnUbL9UxQYOgAg42sQC7QtsZhlQ +qd2zfYt8x38UJQ77DPogPcZHscx0tbWSRTe3f2IsAfBg4zztMgFJQn8sM05VSQ1t +MObRe93pg0TX8Ctlcu8ZnbReuDcUMcf60hJh1Its8iOwgr8fqnDCXXGlttovKZDA +BQyNJUJzuWWzOJUf1s0Xoif1UWViL76TAvtlbqRsxq9Ly35Xfy7ymiA/N3HlAv84 +rk/hKO2v9UEwyBIzaHuY9tZNvbcUAEOmHmW80SEWi8zA/qwFBlkciYRKUwJkucm0 +RG5nIC1q/4MYuQINBFxbWX4BEADhP6YantHw3UHqc7PBeL2aYRuY/jAFYvyiSxfX +uwIRLPgMZE3w00+q8kPnVZm0AMCJIB7cA1zu5q2cFWz02cUl8ADgGRds1psfYs9v ++CT/WRaNoMTBWDFzh0ynj2z2U4X+XgIupEy+uRvBSN/LVrJ48DLrEifzwPboDOa5 +u9m0NKSwnk0pkkpMh91HJrgYY/Q7HIEeGDaW8XxbTuWLPeQuOZ2A5NQQj+wsJFxp +XjyK4YrROX+oc2rSGUet3T+V0eI2x2hKmj2RxjdzDG9m339bTDyyDi4Ptc51BC9x +BNK75lPn87cVavyZQ7AWtCePgAcLNGDUSAQq3krSChwuXpYaHD2sLifyFGuaCLg9 +L+JUMJ02bTMZLc87O00nJCESSju7ycZY5bn7FKYDw66YqO1Ox/JNK3xqyzrM9ENp +cx9l/bYslxPSo2W5fCnVUPYHoNoqbhvKY0TuvdqrpJVoRBNGxVw09Eqy/qev2sKG +He/jeXR2XEEROTraliaR5Vio6/cVMATXkrMb8AKeE98NtfQEjl6/A2z/MRyjTmCb +NhAHvhIO27lrDyUtFDj5dEadQoatZk2JOmeGj5EveHik7OhcswSODI2yUL1rFaSV +txT0nhjb0ccj52JalkxTtlPPpUNbo1ZW0VbCTZPLmv6xeSAOG7VZ4pAs1ShETzIa +kT6GUQARAQABiQI8BBgBCAAmAhsgFiEEDf4qA3/vtr/Fb3PFue93DW7+Ng8FAmAQ +XsEFCQd3bEMACgkQue93DW7+Ng90wA//aWMwm8wxmq04biXofRhUZi3EoK+e9htn +oPA1KfAJvANUrOVNpPqSWelJOWnNfWmYaq2BCA897JE+ZVvor73IRLwe0S6MeGGC +mkuCnTHyoMG4qwRRgI9bYE2MoRZbIc57GszE7jyWxcdtockxJtNJ7o/i76/DHU1Y +ls5MMUiYn7KhNyb8g+nNzFVErQD+mTqBWfOLg4tLAxQC0HDBVRTMfPs+UQxgA1N2 +2j6JyRu8W2llOWHNilHy79VVA50JiauqAfSPK/pCOqr0WXsPdff7wtMBFP6OnuAj +f3R6iWHQpqopCOLJwzM+gbsJT1sommD1LDCR/N4NknM+l2L2SQWqHxBOtjiv6C43 +4eCS56PbDuLuFKY5F+IArc8QtKz6X1zOHPwVoEYRl3LlSErCg/zjc7/ddB/xQdR8 +bHFrd5kFF86gJ61gfTFMqv+VgQyMzLZVZx4n5s+1NZvrbfEj4vjA+ffwo0I5UwS+ +w/eeK90z8fcr9UhgyhLbb5o65cLP8E2R0eTofDqC0idYiWQ1xBwkzkwopA1B2sAD +IfmUTRFHl7Sup4X0O5r/0bF10Yv2iyQ4L2BJ/4JLB2Y/Oe7ciJU7zZIrUo4f9B9L +mXhth0/ZX5TtqqxV1FT68i/mdtSBNc6R+MFDs0AvdNuiWiULySslbqPrO+t5xaFi +3jkkv7sVG8eJAjwEGAEIACYCGyAWIQQN/ioDf++2v8Vvc8W573cNbv42DwUCY9L6 +WwUJCzoH3QAKCRC573cNbv42D/FhD/4wtqEmYpbDeyuegYrN1uoJlyUclo1PzglY +kldEi7FELlgmBiDnlt36dg0v6AGDGbJVIV0EGOLWSln7gmHuiJwtac2gUh/8Bo6t +vSrdnB7IyC3Q5wX4tIMfXxi0NBTs1NffFEYkdrEl4fXEpXBLkaqCt0GxPYBglf2v +2fnYBBwpzYo70KaKEVBBl35dEj5wvuZzZ1Imt/AgR3ras/rA6TranhPMX6HGc3me +RKx28uL777CaKFGgF/5AOX5l2VQ9q051OJFQiixWMsklCx5jLt3XiTAkgDyJepaS +AO6S1f/428KPR4j5BXayBohHM/i2F49bKHJk0l94BC9mV/nnzAYoIWN/Gu1zqeDm +NsdfIbYl2mRynKMCE4Dsm5YoaPDobnYEe+sENMwj/ERNjwH2SkGPjO9n3c1u+/1G +elBWmv0HNWQHSikLhnsAWuNXuabbdzZWgkey8hLDX93OFsWhOrjlOhLOeVttIAba +Eil9aq3mCK6efDs+DqhrXURRaFUcICGgoFmfc58T48BwLkLywbQvkJ+yMbwXqMAJ +Vt29pUF/gb1N9eLbioHfLAQrGLONqPnXWeflXpzqIaSWeP+n6mmuiGIT3VXNi9YH +hrdPnKnpehh7KrTTFaKD49mIY9h9atEJl2xLz4bKrG3HDFQyMFAon3+c3Wdg65SJ +YXqhBW48ZLkCDQRcW1ksARAA3H7CM0TiLLneP3NPMzMdJuvnps9v24QYe7Cs8Xzk +vKYIP2V4sPwVQuQiCVyWq1UAo+yoVrJRFoYp9IJmKCTEPRaouC/9pCtFj7SMGrXA +MpfQt4Q6tnVDOF1PBK6c58LX264MhISVJQyiEwbOFZmxGWsDfvR570SZm6DOg3EN +fIoH+I1iD0R4M4guAXXd20yzMqZ34hNcHSLoyY54fFrKJU15+3mESksITLH6HALu +UDuVJRc06Zp8lR96I8hpgmljrsr+W7iOKcIqlZKCBPGspsY7GmNJ69rxx1mFme16 +0UoTdfHzoqs6IedhvHfMjDfxVeMXnnVxTIPeKb86VWbwXPnLy1YCFN7HcOisWp3G +yVJGkggj8JgCKULNUF4YnKN+0hMNLaChQMIZ0Sp5PnbgT19b5qk18d9UM2vt/Vkn +XFMS+SiiTz/bI0MdRu6Sf8DvsrmFijzr5Kf+AuYnoARvGvAlqxbst1CU0FKS2sPZ +jzO12HkvRrDKy7MsKGzddUdX4MzmYXMDALhVNaX8VQsu9AKRH0JjOzg1Gekimxz8 +7RFFxAQS4HplALjijZ56O6tVGK3ubx7TMZ+VlWsYlFH0SP/z+54V1MKy48fNrcP1 +m6baHS7/JgGbT4YZIH77kvlCAHrmvGVdwXxZ1mcNTvRM1vZUtHwlJd5S9ogquqP4 +NjsAEQEAAYkEcgQYAQgAJgIbAhYhBA3+KgN/77a/xW9zxbnvdw1u/jYPBQJgEF7B +BQkHd2yVAkDBdCAEGQEIAB0WIQRNbo2Ui5CHHvmuL6yRqzJFsdFKvQUCXFtZLAAK +CRCRqzJFsdFKvRXrD/98HjcOi4tEcFKrFWaN0xcE8Dyg6qGncaWVwQ1ocM/KCv7M +rXmhcUVHSXF5rYqgHCtRBGAnck0RGmr3an+jD/yrxQBJyIMA1FaIbtD6ZFBueoMS +4e5NbAALuFX1e8/X7yzN/hwhNKfaUhwzmM60Lll8/l30pDeFEZhhxEyhyxtXkfFS +2srj154eXTlK97zvTwpoNHDW/cWkDXZfD9fz04vOdFLVc1AUZb6RXg8+XowooDBC +qGjdTJoImMGnEhavQIc6DTVoSLVw/YUirI7mumOvRAoHGH2FyYCOoeezOG0WOmFV +yLErSF1zIGGve49orrRwvEtDBk+U3BUdRUUM/S3gL8d4/mQN4CStDdUzTSaHkoYD +gzv8Bx3F7Oy6EMAfKmbOjj48EEe7RywXg6Tb1iJgUYnGWSYDbh+LwEpTHRfwYvqu +JTqk7u/iXVuDlchb22IATuO1OLhoiFVJW0lOxD55AlUtDoUhFIBR4+2Esz0quDtk +egh0vP7piPcuJYSI8mSdPO2G0vh9LNltRzHDh+ucAetO92OPcCGomOHSy2cKr9NX +KEKmmfGqwrPO0nM2W3Lv66d31LIOVMRKHzLH3kpSZMV67zfHnCURrSbd8p0YZRb/ +cP7mQT/OU0AXcjXHiD66LhdqnH35LmRIzZIqAN2+DYOFknyQki0t844IURLcMwkQ +ue93DW7+Ng8WQA/+MJ92j+VgEMhIhG9OCHsGiAO4OrLhJzkriSWUWORmkeHo7uvx +UdByMiQWtxrEuOgfV0M6TSUeIzXInY41u5WZnWXFW7QZvFk8toVyiGu1UqCpVEC5 +tnaWGTciL2bAvYe6AUBMfm61gcKISkdr7GWL8ipHWwB3MMgguqhk6QYtDyMh1anr +v6YOSt9nkzgXX81c22NbilYMsFovpGwIr8yOUPrihCcFiPB510HA4K1CxIYzD7Ub +0snlc2CRUtVR1L2kbNUEzv+zwckwuZrDmlSpcdyGakI+yQBvn7kyY3LqxxFYzXqU +f1TaNPC7HMU10QK+K9/Pa105L7q+wTqlwhOpaykKBngQVmtLh1OmppbCEfP6T1w/ +FOitM0CUoa0Ve8kHXmiT+Wv0bfFLhWVYwDyz3TkzBYvzztllit68YumwFmA3pC06 +W0Lh7GLFwizHl2nZieFoc/ioee3W1ue0BrI8uH/QAk6EcBw1OmLdj0Q/TL1+c5UE +3EuA8oNjOoOsIpECBwaD0lGwv5fP30LgPR8sLzxXtfHS5uZAjY2A7IKutRAEKbTW +b9mwkaZge3AG+8c+ZFnBHixPDaVyCMx1mnzbKj29nmrNtdz82TojrdCUKy2OhahM +vnBEAPhCJ8klHNfha3piKKzNcxySJ7AwVlZh5zPDDZpcdtsd5jPT3Qb99g+JBHIE +GAEIACYCGwIWIQQN/ioDf++2v8Vvc8W573cNbv42DwUCY9L6WwUJCzoILwJACRC5 +73cNbv42D8F0IAQZAQgAHRYhBE1ujZSLkIce+a4vrJGrMkWx0Uq9BQJcW1ksAAoJ +EJGrMkWx0Uq9FesP/3weNw6Li0RwUqsVZo3TFwTwPKDqoadxpZXBDWhwz8oK/syt +eaFxRUdJcXmtiqAcK1EEYCdyTREaavdqf6MP/KvFAEnIgwDUVohu0PpkUG56gxLh +7k1sAAu4VfV7z9fvLM3+HCE0p9pSHDOYzrQuWXz+XfSkN4URmGHETKHLG1eR8VLa +yuPXnh5dOUr3vO9PCmg0cNb9xaQNdl8P1/PTi850UtVzUBRlvpFeDz5ejCigMEKo +aN1MmgiYwacSFq9AhzoNNWhItXD9hSKsjua6Y69ECgcYfYXJgI6h57M4bRY6YVXI +sStIXXMgYa97j2iutHC8S0MGT5TcFR1FRQz9LeAvx3j+ZA3gJK0N1TNNJoeShgOD +O/wHHcXs7LoQwB8qZs6OPjwQR7tHLBeDpNvWImBRicZZJgNuH4vASlMdF/Bi+q4l +OqTu7+JdW4OVyFvbYgBO47U4uGiIVUlbSU7EPnkCVS0OhSEUgFHj7YSzPSq4O2R6 +CHS8/umI9y4lhIjyZJ087YbS+H0s2W1HMcOH65wB6073Y49wIaiY4dLLZwqv01co +QqaZ8arCs87SczZbcu/rp3fUsg5UxEofMsfeSlJkxXrvN8ecJRGtJt3ynRhlFv9w +/uZBP85TQBdyNceIProuF2qcffkuZEjNkioA3b4Ng4WSfJCSLS3zjghREtwznVEP +/iDGX+jJO1n/T/QeIj7fw1xyrUl65THANnKONxL0S4clCtL/rFFE7WoWpUY0o1zg +tESHzahsZSxgCzsPofrqHboSKZqL0Vzx6Q06JwmVmwIWGC/az859HvFIicQ70dTa +5gRpLvcf8wlSvjDv+vWZueCwGHDsJSkigMmni/46op+vBJ8nIkuwCyB/RXoLAV5Z +S3TyY4E+eH7bF1eKuF9d9+bUmT5+BqsqACag312WgMGd9EJOt0WFmXozbKqHXK5B +QG0n+Qlgvv3hK2uFktwk4LAj7O54MfEqFHFt/SQCR9k6w1fNHuGs3MsRwSTM8VJ8 +qAG5AfXdQCvk4RbnBNzA/mRrk7cHsxChv+gHYaGfOIyCcCbCBfUA7cW55M1xWMNR +yd3jbk9phmph0k1itYU8glWFYK7w2yQzHXmDvecAoNQk6wUbV0+9MP22Fnw22Hex +2TT30r0dXvqu+gym30MobiPd6tQ3hdiW/4z/SnWk0g3lnb83lQQo//vbh/djyY6c +teQf6SKdRTOtHvL6QBN7s5qzBEigvkll7i8F/3mvX333BAo48Pk6abcRbyNcPtDK +FII9TK/sTwP8d+OxYknOZJmWtqEX2Ep5jnRVWyYLis1/6b6hRkoAEgfKeSB3o2Oe +VnUqxxZJ4Qi75dCIvP/CXKXViGuR9whq9PdgP5zFGIzGuQINBFxbWDgBEADUbmZ9 +xvVccQo1usxzIjR6GYiXsLrHeDNDnwQ6LaQT9M8JwI/pO4fEEeJWLzwPGOKb0XhF +X5nCBpyakY/9kHaVd9yqmFQvFOJImZJ43z3z910Jjsv93JAUU72XvtACCxiAELlY +o9pnVwhO0e2yDG1nhIWhikn0BcOOxqgyJGY/KGAnt+o996U6XoYrzJENmvU/5YY7 +1v693CxMG5cX0xMtlk98q+OJu3UZFzq3ze3zVTta8bqHoqj5f8bCq5tOh6eK5e1F +S7hhT4gsB7tbnO0RZiErcnSXlXqfoio/twb+mZ9KWLLzYl99Yh7q5IWZFXRVbu94 +52cYv4eC6KHSYoYgQ3Uks9iUSTTClYIizUf0vTPPXNEjd82uqN0Yzb5JdGIOO0E/ +R8PgwBEOqoS+BEfsgCGONePujrQjUSehLN2iwjxp+4O5ELobJ29LtpotSqoMlVHQ +vdb8avlzJkX5e0MgVr4VIUNybWQFfC1aw46KnBGGOHC0zdvfZx7LeMkblFLUugDj +bphC8m1MjzZ3/N22KccLMyh4bRaM4wny+jxLdxgXQHIShy+fPrP6ln7rzjJYxIE/ +452tJXIT/+bzTfVkE/FbjnlAv+DDQOrXQUrwmpx26B3+LftDLYtBjTAT01nBtcPh +GASW4dPvjsUV60wQO9kQA2jZD6NfdFVx8Dz06QARAQABiQI8BBgBCAAmAhsMFiEE +Df4qA3/vtr/Fb3PFue93DW7+Ng8FAmAQXsEFCQd3bYkACgkQue93DW7+Ng87TA/9 +F8mt4kXjIq16b7DQx9NoO6gahGIDCWVANtKCGfp1pZzBd+g5Ijy64zg/vt/T3bM4 +0fSpmP4gy68g7DgZoX2XHLcEzDOoz7Ne0S78uSKw3pvV/mrwI3PINW8uGNGPAKpB +YW0nMXibvAQlHY7lGHjW2oexULH8g7Qx2jwLltc1DKoaQ3aJSBaIYbK2/DyJTG66 +TB0a/8UJkj3uQIVpAPFhmjh0G44auoDn0/6U2h1OaWQuJwkdu5QwLge9arFOmirD +CfnFQBV4EPqqVhJ06BaLEZNoKcc6GJM9kwTvVOAc70b6uO6cDxQycbhCJ2mjP1js +/7ejReBpl8cOmNtdmGxleN7SAcLVZ3i7f9N/pqEN3TkY5JHR41LBwlQGi+XFWbRv +kGJEkt/vt6BMYSn+EJM/I/uHwtKhstEQxXrIJo9462kf13BOf8joo4266OwyE/Rv +VmMeSNpiDUX8RTAFZCgbu62QXhwE1OzTtdHGJDC+FS3odLl69NuAz4hkb/vCC2gc +OXwYeGlSX0Q8CCcPYj0PxcznPMrd3Aw0SQ87v4n3rK4OAjx11UzoYPLOuqsUmug1 +EhQC2QbwOJkxZ8ax/5RF5h17Sv+rTfFZpsEciep/8eebZJf57DO+6pOTaJe38nXv +cosLq4sOwdpUjdIh4p+QrLrg7QGRorhtBVAsr+xHNeyJAjwEGAEIACYCGwwWIQQN +/ioDf++2v8Vvc8W573cNbv42DwUCY9L6QwUJCzoJCwAKCRC573cNbv42D0TWEADc +cdG2o3qJaTBLzl0jR7bYTUW8fedlU7fB2bFAweJsL3/XjfIFgkehiIaUTp4fqFlN +VubsPA/wh63ORbqDtP2e3LMYlDPLpWG3zipW5OOqyZqlp5CCtDaKlqikw3BGkp1O +Bn6Wu1BPqAELuNB+mhlqbfZuDOrQ5eIlstsAZ864r57Tvnwni5uuTNjNwxkllshl +72Q1dQYmXkI7JwDHW0uDIII+XSPu52ITJJAKKdsk1hOUEFr6V2tkKxIyhoiTOzdY +vZTsaZzqo/H+gZ9cx0comDFLkmYnVBASnxmyatE+V5WS0+8DHBjIKevFXDh6yADS +eqJwkHzINt6dvdyw1JoOF8wSQInZnSBI7fUDV5q2gpD6LwpG/vImULKMeevaKKph +p5+DZrW1JNub8ir/j4vpR3xzOkdwYMjqkBV6BFMVJyIN0C2nw6B5N+2NuaAx6sj9 +cfE5AqxkGY6lkePch/HbiUPglrVD1hyoW+cjZefjL6Es6HECTRomndCQyUxGexlS +foN15Imxbxx9YJE1lNSUWa74WpTjrFTEg46xQS5aaB3OjKEzQopriU84GdD11hpg +3KqLi1HMDmV70S9MaQIqfO5bkZMPMvzGd7gx7n1RyBsMWIISxqRRkhUtgsPlOmT/ +JEKKHmJG7sWiHXYohSws5k3Gd8SS2PBcUX3LJuREjQ== +=cRWO +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_523C8D614C0D2CA978C43AF2FD14C4672CA7D2C5.asc b/git_signing_keys/keys/key_523C8D614C0D2CA978C43AF2FD14C4672CA7D2C5.asc new file mode 100644 index 00000000..70a96040 --- /dev/null +++ b/git_signing_keys/keys/key_523C8D614C0D2CA978C43AF2FD14C4672CA7D2C5.asc @@ -0,0 +1,143 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBF33iQcBEADZ7EOAFAlTCFc8BNpY4pY48GfieTDJir+1bZfINGeAAvF8TPJj +V7IPdbJ8yP6wwMRmcqHk/u1H7M9xhPheYKvNOuO2I1LeydBvztVGYSOFsYu6535u +Rak0/sXb9EXG4ZyIH0mLjcqUhfSlTcEyDCRGnkaYEQDjl5PDschx7afCoi5ujQ0f +3LT2cW+m0d3Abb/eIVGQDDgGUgn3Kj5mBd59fU07SEeynViDIngKV7lWKLT+r4vN +Ot9ajgXpkZz4Fs1yFHvEHqPOdr6NfxHqIGHW2CXOJulw4J1TtB6cAyBCODmaV3LN +52WY6shPKl7GeIlptAPpwhrTwp9lDiv1YRJhmqTzAHpa72ianeru3c9gPJAYBpkB +R9i/jEWPNwBq88amntA5m8UDesr9/bzQq8dZdLMbtTLlm8zwVEhasLYWonwlM6f5 +i25rOn/b2iAp6ccSwtzjNkDvbuYSdTaOLF44qMRA7YUcwaOJnM1CLXutuAwjxsGz +eVD1Cb2ewMHAQYqhF03H+N/W0jmn+hqjyvV0D2kGQhsArSaljvYs4dzJji0tw6+/ +2TvlxQZrlUDSXlybv6Q+pjESVukmFnqxLtuRiEFZPtz4FnpNq7tiEK426M5tyUuM +7qPIcqwpjQ48wr5lkTSFK52KFWqkhg3VTgFaJdXws3vvrZ3hdqnKJjo9OQARAQAB +tDtNYW51ZWwgUGFsZW56dWVsYSBNZXJpbm8gPG1hbnVlbHBhbGVuenVlbGFtZXJp +bm9AZ21haWwuY29tPokCTgQTAQgAOBYhBBi+T3NvJ/wZDB4QALs8C8aYZQk3BQJe +Hvs7AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJELs8C8aYZQk3dWIQAKDU +F/3ojRVi71NmgrjToopS0vCkEAMEfBKRbeMlhM7YhX0Zxse/M0xOtVJcpVUWYA7U +t+j8KkkNp/MGMbTNRkhDM1eFgnlrBRK4APNJ0McDJjJWfpq56gsvHkcZWj0WWiYY +9e1RNhUbd3/H1P8r9CET9BWt4iF2UqAt/s39hm/PXiUnHRroA4fgfpZWaZmzhHlV +xFY9kGMSMCPvMPPFacfbfku3uEiWRjNWkGrp6jFKiv6drJs9p6Dkrz41W4Fjp9PM +WJ6usZdK/3Kl34hbHE5IqItWC6muULWigpd/Y39yHWc9lxHjwuw6X9Fwwd89hGvk +ytnqyV/SKHZiolLTsiuQOLwdwY+FcOX5kcIXFURqg64N5xNBW99QF7SuGf1rhZK1 +wogthFbxuNhpo1K1PDrrFVDNHWdYXk6NUta2nla7Nf35WSxFcjqbGLAfrB5VI2rC +o3ebEynpTeQBBwraMB3CrgW/9ujYh24SmXQfXEDayAXFVHMyHkK7JCtKGNqcAWZ/ +CSojWV2nlSvjbLMyNPi5oYFOreaumAzAGrVeYQgCGCqjB4G63P0kuBmmGYUEo1Zg +0SBv+rBX96IaRxKFGICdesTgWlSqhvWQwLXO+Ob06eGH71/hR0EmSWckWyYBjxrE +jRUlhRHEfl+He+T4VBluiMnjfMufv8HOXy01XFGqtDRNYW51ZWwgUGFsZW56dWVs +YSA8bWFudWVscGFsZW56dWVsYW1lcmlub0BnbWFpbC5jb20+iQI2BDABCAAgFiEE +GL5Pc28n/BkMHhAAuzwLxphlCTcFAl4e+4wCHQAACgkQuzwLxphlCTd6uBAAioKi +1fdSOEi+7YmTX9Fd/jYGBzv0fcxLBISVoGsLzIjdGFDKE5MBvh1TUHANVvwjUAja +rZNvs33c7N0JA1sfeLohKpK6AwP+czdyH30XpRbApkS7txWeaNZrWgR2+KpdCvXM +uknELAFa9KroOQQTH8AO9O9fJo86eH82ab6AYycmJhcNuqSPtQ/Fpymf2th4ifA7 +Wv+4PXzZGpd+U4VKwDyJcKeSkISw68nZI7uxV7ooYA4HuXWWFcSN25lK7uXcXheE +puJAYTV0ZnSrrzpOVaFbiUggtvXGcdyNjcQx5KgSp8ykS9M/FOcl4Am1kjvUdFrb +ZMzeAkZPhmfc2IzyjSzDaiLrtWAsNkMLPil1kh/Ebd8wchukhMdQ+Ffy0/7fqY9H +6/i8aoe6fDjvxCbX7XODo3Ek8zMY49JIsGLePmVmhvQ5EIey1JJQF+A1AFGImY2+ +30zuYqw85fgfvTHIjWJ0lHp4SXmcVKjPlbxTqQPsTRYZ4qgqI/wsGA86ocfzUhY/ +2teRYOzMrdlBt8lbjmVQsLx/VfScgpGAAyLb6cGBwCvZaOC/WN2E6jSBT6GkmFqM +dUGDhdnOf/6xzQgA4IqRBgGxct7FNV2cQs3N7wWIbS0lfe0ZurTGoFheTf95LWxH +ryKeX9Vnv9qNQ+NWiU0xNVKNshYa15zbWIskoPqJAk4EEwEIADgFCwkIBwIGFQoJ +CAsCBBYCAwECHgECF4AWIQQYvk9zbyf8GQweEAC7PAvGmGUJNwUCYrQpgAIbAQAK +CRC7PAvGmGUJNxv9D/9uyDX0N+cWJc9dTx5N3WcRBHrTBDuHmroVuA6uv6HhYz2d +/tdJ0R4hlkOa6t3DrCUHnbNIkknC3EZzl9xArjQY5dGNi0aAkAPf8fI9BITFowbI +4xVREjEcTf1eEGOmVQARyfbDVoNkLVk9l0DcfT4emOR4KJREsxFzfEYEOHABS17S +9qyxtZppGLEHfnL0XlwD4Zps/kEp16xFLakK0PezktZpNl4SG/WxMZw6/gm5h+gT +0Toefgn4OQ33PYDO7WMPWEZbPWPBOu7x36gHQ4r099tQtkM7T/NcPQ/Ex83secOm +OIyoHsPHahy+xIGGdqaaWxQy0KhqJbosoG//suDbhuZnWi3mS4Fpuh1TKlQHy8gk +CsJtwdA6iG2R+lFLwXUJ3YBQR58Ns11wQAY+IoYtQ7pBSue+SWwWg8kmU8q9BKXT +VbZV3BGeTsRrfpQr23N2Ah06a5Im7hnXed0x9zuaWvFBwylDWcet3Slok0/vWt5L +88rTdHKWWHcBnoDYJDFgSiS5IsSyjK2YYQyox/qpvuyLs5WF3gB93+GViuHbOYAf +BVDz0j415257rlVJa5B+E8RgUy6D3jJDeJ/3EvooQcoTOdZy5ae2wxJl+OGxxoar +Whz50p3tzfkQ6wJXtWa6NRd5FVvvtTFkgnQXiEud7L50wyFyCy5zwV1ZWVRfn4kC +TgQTAQgAOBYhBBi+T3NvJ/wZDB4QALs8C8aYZQk3BQJd94kHAhsDBQsJCAcCBhUK +CQgLAgQWAgMBAh4BAheAAAoJELs8C8aYZQk3YsIP/0GZtGQKCJHcgkoAnoq9kjEj +Bc0AR/VpPchbSwczrgqcg9Evz/mgB2r8tm+22sZvnWll6z9CYIoGU7OnkgNHUMJp +1fP+wrMjEJ0W7Bnrp6wRND14VfcQp4o9VMzzO7k0EDLMS006bb1EEc+LPMTUSnef +7S7n60pEFw2WblnZQ4/TPqS02AQ6exHmcH2PSgQtF+BnNLL0987w2y3sf7nkGkEk +quxwbe64QSu1cFupqULlwV9p6nTAP/7AyJPxsysoYiaOjeAi+2wLSSge7Cs0EJJ1 +nRSeSB9LxZUMsGVJug2+NfbGT+pm5cuuB36egGxV7wbcY/xU+hgyf2fO0ECBr+T+ +fr+hOE2lqVMtqS2Kz0IoQ98ellTrx8aTaWIAFi2uyLNsGzoHu3F3b1QLOHCkhG5x +QPDcnnz6oGQ3sNn7IbMiE22Vv+BOaO1k9CNBwSvYUVxJVwhYamd4sR8CJ9NegdPh +qfLuEuWhTXhBg0YB05G1cr+IKUg2WOUIAuUg1s0mCp825AF1G/JAahSR7HFPqCpT +f7NCOuv7kJ2sSRnhvodxSSt9enRbvP40mTvtX8ac/jhP5Gscc79eKw5UHOVl0a/V +v0pGjJVlKErUGDBPYemejV9qBcjCvgUxZBZuFMLH49svVl8O8xGvih8b6upuCEX+ +5m7Ls+mZ83SVwBW0E9SjuDMEYrQprRYJKwYBBAHaRw8BAQdAP32BD8CBeGDACOz6 +imxFcxtalcVFPZqoA5Rs3cOyuFCJAjYEGAEIACAWIQQYvk9zbyf8GQweEAC7PAvG +mGUJNwUCYrQprQIbIAAKCRC7PAvGmGUJN3vOD/95l78HsHBr9h01sVyfhMAeS9dQ +dCbspJeFxkXGWKRJBVPOv6W+ZVUT5oRSjCHnKaApty5V/16FZq591KtMfDPznFP6 +0KB1ihakmsmmLJRdIbjLQVAPZvbXZZaH6sietTa1jMKT91lE9/koG4StFeyReHdV +DLTJ6nh3RVxKeo0tG3z0xoTNkz3XKsPoPEhhqEw/eYvbX732/B7DJ4iWVli3XcJi +DcDSQTOqbXu4ODS7KVPcecXj4PfLUNViVzn2HBN/cqoTJ6mRkKaCxJtlB2jNy1/C +AcbudtWStMM9hVREL1VTbomkgdhKYwDCw4jlw8y2l7i0vt4x3J274Rr6+2d2vaJa +RRnUiJQAK++rkxBWr2pFaKdZ/ueu+giRjcyHyjVsZoHm9emqDQ401s9CcqqmMiui +vZiXO8lGEuTnLSsNhGsdFD0sutwIe2UHiZNKLmbTBs17cmh4fVPJyIzu1pL4HRlv +ZbfmAyGZu12lmmR7FXF8vv+ppCR5C5LGbVsgX9/Z3WtfsS7lLoSqVG89vQklISov +Ev7GaHbLXMMm0jKCjj4h6K0Rrj+iFWw1uyojQIYP2RR9V/g97EYP25lHkxiFaXGH +D+RcGFE6AivOu1KWh4BfRWg0XeNK6DUhN1cqqkAYKTjnsu67B948I8Hpnn47X/Gv +wue47TEt3vs337nefLgzBGK0KaAWCSsGAQQB2kcPAQEHQIX50mTUDpmhMnQHpSFV +I14MOfTUv5uq7rUdZCSHNBTIiQKtBBgBCAAgFiEEGL5Pc28n/BkMHhAAuzwLxphl +CTcFAmK0KaACGwIAgQkQuzwLxphlCTd2IAQZFgoAHRYhBFI8jWFMDSypeMQ68v0U +xGcsp9LFBQJitCmgAAoJEP0UxGcsp9LFzVUBAMJNeE5yIN9erjB7v+s5sgL2N1m/ +huzAIw1Pc5matJ5ZAP9vB7qwOylXeap5atmxYQxeT3vkCpBTW+2paDH3axqNARk0 +EADYZWrn/VzPyE7ElQFKrHok/2++gnb1Ly1UCXUnTaysIcSd2X9pcBxcOxbMytXY +mb9p1k1+KcpQoSKFjGNrqdotvPXoy8eKBlz9djJGVZRFC1/wvjqqSFH+XeP5STC6 +n28CxtcKmpi8GEQllEletUV4vxSTteXVdEo+CiIA7DqY/yGDO1r3qAr/yIjvBg68 +M8cNWG48Cs+6hSANTmdGsZ/wOg9ySuPXFIYA9ylsCqVcN9J9ABOZMc+3Ky3YfhiA +XysmftwyxbYZsn9p2xMqse55WXYhv1pElQM7aPmTYjNFTQA23l0OcxPZJAFPzywf +pVFXFdrD99n2iBt+ebTreZj5u16Mg1pUxxN7oZgIuDsl6VprFOV1z/DBvI7aLVtp +Olj13In2cubz9P1LJMc0eXrnJb6ko/0s3PLRSnxZJ6gv2NbAO6CM3CjFfS0gk+Wx +SV6k9bpai7qJnQzXc+8PRVIKKKokYwZwAqagZP2vw0wzRpiZWRN11hE4D/zDwAT6 +snbXD95J32cTWl/Xhc0HZFKxnSBhVkmQkKaY81hOaic3qLsyM2893QT9Dh/yrEqP +x0K4J/ZUvz8nEg8zZYgs38gnzVOvUcbw8Sel8eX/ehqdJmrhlwFZwy0OZGJAuqeG +4pBb5Ecs9PGFiwpDpisWRd1aJhinGTht/oHevLjzWQeTLrg4BGK0KYcSCisGAQQB +l1UBBQEBB0C8pwwwGteM8WHvv653VzENiRKyRVinSNpEASBka3vzTwMBCAeJAjYE +GAEIACAWIQQYvk9zbyf8GQweEAC7PAvGmGUJNwUCYrQphwIbDAAKCRC7PAvGmGUJ +NxExD/9JHc2+6pg5E466Gv2pBAwnrbdjPBlZDfgezV60YDtrqG647WCXAxKPGDqC +34hOx8HITgmnfGRuFEtRItsgex1eaaNQnpu0MbD+20xRllfpzKPxAnd6/fDSBWHR +Z9ad6NJ0TsfCheGl+uNu2QPgVP0nugUpoyrh57Kydy7loaU7yIjqTmU6rk7VF2LK +dMwFqaoKK7erAMWSne4xOaNn8WYZQ7TJ3VA9dZyqNrpu7NNrqVhdM5KdKpDmqkT2 +Gacdxog5n6+moJ6ds1tr9rCwO063X6QXd24dU0qKKcJZjAA8dnhSSiUKPRhqueza +UsOvmE3IiN7qF/pXuMuXxGvTl6u7XumefS0Ea74YlFLs9feV9TeM8rVhM83VMGoM +PnIywXq0IIF32yAPGpq0zSwIJxbJbp6PeJvBwVXrJmDkxbiQPcMzN3Q7Rr46sLYE +rKWGgGNoqWpTYyV/VHEHqDEb0H1f2D4tOIVdrC2OVLtIiKZCpdiScgTHH1haxm+x +h6g3MxngBE8AhmV7usytcGucmLUl8/Lmow31l1gdEveIfIf0O2+6xjWALhYO+D2o +Z+gPkhn1rKonLOc3HiFHHhion6dX4iI6pi1lJHwDxPRBBAR46n1ZEzY8t58wU/gG +fSEgDYtXAOuMFvOK0LmQDkTw5TMTOHi1Qp746j/HtYPFaay7YbkCDQRd94kHARAA +354oeoqYBkGz/g6DRhNCjCq0dhHhaDpMqTbA8YI8OuWmjO3LgvDlHXWRqreub30d +MWCA8vgIQHqZ86nMFS4kicJ0MeFNA2VaW6N1GzlSc7dzKrvKNlYtakDFV+ZkyXeK +GzVlVMkEDR3CNT7zrExFpE0od8Y0RtNSNkAa42ZPfHt6vrTB5a/j4oXtRMfs9f/0 +dmzjdF9v7rCiAAudvQ9iVpBEGjCnNw9uRQRmVLFCTT8uEXgntgtyZ/D0XzUHatkq +Afdxww9vXT6fKir5U2jWkbda07Rk7YWMgdpNaBB05ygRzbP129al7nLVRNScq0y1 +MRSkz8uVKj0lc0yCGsRFHAt9wklRpzYFxxf9wHSz5NFGlGFmaKTQL4xj8T8QYOxr +VIgQghXXraBd0OlzBoRVOBYUKBZN+FtYiOHC99N53JHfrLSlXzMTDiyPtfaaN46F +8yo4cJbWBhIMRU5AIY0MEGMAC3pI7q8Du+t0onnZyJzWtem5bLHhq1O7fm0XCcSK +rYWo2xfrftHXiGOaUFqAZUK4dc4hOVdbSTPpgbWaY+jJgZ+gkLSkbQeTnxOPEDEk +zf7pZ60Au7FpXifCHTAikykaPe5smgeQt56iYDKS63wQeuADqM6GEwBQGGzX1vKa +TxFB6lNOTeym8xo/6zaHw179S13s8xt3F4a9K4GiS/kAEQEAAYkCNgQoAQgAIBYh +BBi+T3NvJ/wZDB4QALs8C8aYZQk3BQJitEcGAh0DAAoJELs8C8aYZQk3qI4QAJ36 +a0MmpOKWPLBCpXxBrsY41+hNX9jsq5tHHsqP53Jx3x0fjtqY+ySI8zYQAZzHAaj5 +YYtvxZpGQtMhHa2dEEFW9v97f35B+NDX283/i0SeMsIKCxVWznaAx+rm/SprsBe0 +1FZDdxU8WmHdj4//EHrPsocuMy9YvUcL8h3hoo/0LDoY6soDzM9xTXLcQIK6JK0M +Tu7YyfrWspM6Lc7SEjhiEtesbONJyVt0J2Wb2NCxkrVN4CeFI9E4sKKFAfJnxrBK +GnY+5HuQil+ZSep76n7+HZ63A7YMyH8W/NowMm/kLKfDFymIP8qEyd77T4GvE2Fv +cmp/LQ6UMzV1AuspzGIalhL4c/26s5hlKJNv2go8y8lW/+/+moPI+lr4BH0wmvMN +qQq4Uzxw6NuXeJXdCCudhvaAc95UFHBazNDehoEOWeAb/1MYpqyPl4Y7YPhUZmjr +VBSUnyJo7PBcGw4pd8bjdNoZ4GxFDmM9eCKmZM3mYoJqT9/3VTP5KYox/GySBbU5 +Vy6ptO8tiZTdjK8JYF6w2XGv3vv5JcW5wbefP/uMwa4zL5IS2AgGuvnWwnu4wsou +wmlxPLhsWKAA5arpy20m9/D0zxROXkTLgxmHeoPU0rdV/oisvNjH2qCzuakQs87r +C3armkNpUUsDT/DRPeDNimDTo5w4nmHySGnjRZuFiQI2BBgBCAAgFiEEGL5Pc28n +/BkMHhAAuzwLxphlCTcFAl33iQcCGwwACgkQuzwLxphlCTdAiA//eAQJP2WGgbIz +IB/d8VNeq7psLKq2UNxNj2Zscao/hqHwhVcT06Yo30OVxWUJOuQa69b441Ho8cNJ +6yDnJygDl+A7smfn/SWI1L20UHFTk5pfJOFrCc6CP6mv6eH9TfeXXGGE4q9mXUIw +mVYoHhxEuTAFXAvHUQ/u6TkGY0bn5TkRiBkEPsNczCxUG21hTybzY5Eu7GEu3d5k +lkiAGg/Zh8jly4KNy5X9nUug96KyyVB8UkBYrrJQwDuRuCqFniu7B1py7FcWb4WF +fHVXZlO00I1aaaNVhNLCTJ20B94uS/60Hu0ViEhs5i8ddjvDMyCG1CU6vOKSmLrv +EbxK88o7qFX3sFrTPe5c1HSlzKhNyp8NuhLsWSGPkMovyzK5k8In+SdaKH6G13hV +4gX+wQNIQACTlv8q2SKfEXZM9EjG1T+mLy8935I/8Cs9NhAjkzTjHFD0ymx/TUqI +ly2fbWKe2v9T8EZFo6I5alpvDFbbez/nVE6xAYeS9wCa2lynMZZOhbrKp4LXo/8k +znVIIpXKPMyO52EEl3Qw5YeIkAD1h+yCFA7dYs433DJ4vTDksAO9v7qn0YnAGSmB +c+PKHAQB+cZGBinPMt5L7FIpy05UuszB40ctfQbSiT6vMHs/HIkRLSXZOyu5+B8v +Xx5ixUsM0HdOaExooqsthuz6NUSacDc= +=g1JV +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_575F80D1599EA6D2C70AA9A19A53E1BB3FF00461.asc b/git_signing_keys/keys/key_575F80D1599EA6D2C70AA9A19A53E1BB3FF00461.asc new file mode 100644 index 00000000..18c6aa93 --- /dev/null +++ b/git_signing_keys/keys/key_575F80D1599EA6D2C70AA9A19A53E1BB3FF00461.asc @@ -0,0 +1,86 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGWEgFkBDADC4Jlxj50VlKdWaFJm0gpBEqC/FUWuuTydb21XotkxuvgrB7BP +lVQA9YDdl6QXRo/6LlQBDSfV9JHr+Ymw82Zn+GvHk0Xps6fl4luHY83BfFlLEK2/ +QKUeJPApjXcxamwaGkSPcWLbl7J84C/YWLnyxi8FG1GTLPVi1fTLZQ8k/bLRoaQ2 +hTDF151iemSRfeKdYsjT/CzWtZZ1WEh7xghl2TkrWKQ70k/WRGTXaiq2UCQOre/+ +tMJVQEBlaZNK6M1K9ZJOx+WgyiA5M7R3eAKe1YCSkBYwAa2rsHIX1sTc6CQ6ze0p +YfAxD/wsZ6yZ2q77DgqNAxJU1zHYUz6YEyFKPsqzbo19wDmZTdC7SPt1JXozMAOC +P9tziriyaxOEEdXn97jGraTTG0TFXo/apnA6lrcJZote6bhfPjh9rF/4Aj8QQLkk +FjUrTLsCJeHNs266+dlqpMtRKP4sjvst3WyJ761E9YqMtt9AwWgqaQutbTnZvqvJ +5o/K+WrDeBqGq1UAEQEAAbRdSW5zdXJnbyBPcGVuIFRlY2hub2xvZ2llcy9UZWNo +bm9sb2dpZXMgTGlicmVzIChXaXRoIGtleSBtYXRlcmlhbCBiYWNrdXApIDxpbnN1 +cmdvQHJpc2V1cC5uZXQ+iQHPBBMBCAA5FiEECsyytmTuF+BUsF4LSjjai+ucg5YF +AmWEgFkCGwMFCwkIBwICIgIGFQoJCAsCAhYAAh4HAheAAAoJEEo42ovrnIOWIaAL +/0kCyV1Sin2TulkeTo9W1KQEzSJvy0yb7GzEOskFI7kgWY+WIW/0S7LC8lKEHH+H +aiLHwKSx9qRhfkUmJ6UIPOLqPO5rQCdzxzh6XB8igjNt2F/lLr4mKMoNcAb2ps7a +rW08KTfRCPAjXw8Zr6tpXuzTtj3iRlRilUeaRyrbPnaagzmjQ/q2p7Ucw28UL7PA +v1UD4tP8qZQsM6Dp62+ePXfZnjp+hfFy0M8xeGwwiOxf3+0kdVMP3xMLsXiAu3fe +/Mq+enTLoNcI9dXmwZaqxnjhMHYHV8W2R57dBcU/+NxC27WRL/s27lpPqA2qFCRc +1QAg/5YiOTQbN8C6VSpH5oE3nVZ7MpEHwNxbT0q8dP4DtpignskuDTCd9VsU9PUQ +5jX50IOclj4ycTOjcmQrDeQtFbeEARGBzd/Et7rDoUQxZ22qLzqrfmdZVNlaIqn2 +VbyCO5V6wo3wjV37hcSKkJt0LxRMV9tycfLloBeplpkjjDxp/+i/te6JJkJm804f +W7kBjQRlhIBbAQwAq3h5dGULS7KuudMVbKZ5BMbuJQim9L4IobjqoDiOdKQ6Ultt +7m00SR+4OqfTXAxM1q6XgHtUjHBWhHS9f0yn5Yi9D7X+zBzdJS88HgbtepQZHa/y +wr3kZISk1e51EJNXjloDhvWsGZlve7xTB3i/SOzas5f32kaA62ee3UrB9+A26+r+ +YC49Xx5VRxsvJmGy25VAQvfrE59UhYPtGVDAm4KawOZKitq+hkpLSwDvK284XiNH +lLAZIbBZI8gE9k013jJwhbHgbUfDs9JRqUg/qjxJy87socoa6UaEQmIMsth1+Xsw +od+37aNiQiUgEGfs0JC4OxZ5G8Ipmt/JK7K0fgxdaeCJoz+OWpd8/wQ4Of33vinS +vTc1g/tvULF8QHsuRFITOlLzIRszY1s6ftgvHRxz7QN80QlYzp9MfEU21b/BlNVO +hMsdzNqKz9xoavxIHyqZ4mhCYwBdbtx4nraSL1OACFJnc5ZnZfK9+F2YvaGiRZWR +09L9ggvny68NZwopABEBAAGJA2wEGAEIACAWIQQKzLK2ZO4X4FSwXgtKONqL65yD +lgUCZYSAWwIbAgHACRBKONqL65yDlsD0IAQZAQgAHRYhBFdfgNFZnqbSxwqpoZpT +4bs/8ARhBQJlhIBbAAoJEJpT4bs/8ARhij8MAJMDDWL7xMFIT7QSurUbmaMks/xP ++lIoQJa43sOHNLPdN3w7Zs55qr+3QZDkicU3qoUfhMVOCigiGq6i/4xew8iktIqg +pmL3EZ0l753idTGoqvmZf5p+paAPRr26l2toaJRxNXik1v0nRf/mX8Sp8pBeGxBI +ehJI/uUJPbim/mSD4t+ePkKGYDK7P9huXFge9JKbd3V0ZXsG12Z3gJbFIS4lOX+b +01xCsHI7tM0OKNPNrTGazE78rsOJKh1vcrxdbmR9+x4UcRCgR/oQWQJcxOVJy+0p +saQD/D9mgKkhGcY+f8nMGJkyuEdro0klFLrMvAkcZ//cIIoLYXknEkoTBGC1/xZg +jVHB/0mVFryhWp9EhPi27pmODft80jLP8zMdkNjzEo/r/oX3SBuIR1f6Xo77r8lp +j3T1DXV/MoDEN2KS0+JqjJy/POQuA7iWYcKAwlZUxdBKd0RzUWI0Y4aJy2vYzwb2 +5JD3ZNGDxHrjlzncG7r1Y5540bVhWvRTiJz6eXngDAC7CicF1qeSyjSuA1/wh4IV +ZUvtbrX+PMRmEgesOHBaOfvfhRvZU+PseIzSX2lZbNVyIqfy5luSLHxRaJuXppYl +PYRNzZdWdkB1T122Vdr449kblhAxr9xnCFRvRJrJ0wmztZoDc9b6466hQy43/q8z +DbzXC4K2nx8+OQi/v9n7nzn9l5Rb9Q1Ia2K44+DK7PWmW/Fm7XO3OnTnByG6ORHX +T/5blmtZH7Ozg89Z48QWf7QNn+gB/bvUtIbcz6pkCKKRHiX6HJ294CE5VkA+2f8r +6ENwIGzuMIJn9PmOdYww8Wz82wBru9MMdoxs7tjknNvV8i6XGdCEfpNneXsNSpip +lJ0OWBwQTJwuS1obgx+JM65TdGg9BRy5gwtqPLu5tp0RfpFbplQlGfxWwBs7gr4Q +7fXrhVpUeaKyo6wLsyJH/Cr91znrnH/hcRcM+53OYqI4CQT7Men3sFU6pnslAU3S +sf36MG+zHvMLgbAW1FswH5e21aS2Ki7Q7O3LyqivhiK5AY0EZYSAXAEMALmx70Vv +3TQcSBglxVHHRtxZNS4Dj6vRxCS+etf7q/fnj5sn5w6VCHghl9fefO2SUUZoiKNf +cj2Jeai9U6kboWZGEVxKBUqJev5/Jh86jtWUDpFPNdMvfQ+h41QtX7I/97I+IqHP +GuvD+tZcS5x0kabiW+zr0Vf0tNy2xn/WvXSf7gmZFVkGGsltRMtVO5Uulsimt6EB +f6wizdvN39dsARvUquJzxdfn+15qyCSechopTb0bw1eAEg3vlpF7OjmTNbK4RkS0 +UmL6mTgQLm3t0ysZYJWLlY+GJFvisOk6BfG8WwbenMchEyALbhk8mz+HL9IAKcuD +fL36elhDV6Wv3tPIISGaZb+L7jwuWuLp0IQD1d0WHV2K0r062Y+MNLSJYEj37piA +g/3B2ISmIz5k5mEKgVzcQ73VOKsakY4Wkb5RrmuROWUDN0X54hbEet8CNG1fRMMZ +tBlPVlEAjEUlKekQCvEQ06ihNAs/8a11q54iBxO8QUeQ74s80e5lLUAhIQARAQAB +iQG2BBgBCAAgFiEECsyytmTuF+BUsF4LSjjai+ucg5YFAmWEgFwCGwwACgkQSjja +i+ucg5a9qgwApAJuZSsYKzOY0yYGMGcQzR4Qhh6PUoAIDm3wxWthR6+quI79a3yf +Kz3IjV4rXF15rjAgiO9S85hkUQ/Cubkv+pbWvMp1G2LMawvY9llnwDV2YN9o1UYk +hMdqlO/x4JWhGffk4dnMjrx0XobZgmR0Wd5QZDFnsuHxQfFgx/xxbwbULWsIl7Mi +pzFTXZwcl2LgXr2fzDpVVj6anmVowXDPkBJKPGyJGbZXrfA5XeRA26Z+M1mvHi1p +XUMuVPWFHJw/Hn+aBqnIx1oofaeYzuxFP4fRoR3iTdXRZ5nmMZ+srQZgFArVOoqp +4CH2X08qZzz4kfXfcTTyU5FbKESkfh/y2CgL1/PMqTHQChW8RUheBBrn3vMvSFRj +kitxf48tSzYHwm6PhC5i6iP6G3pUB+rR/HLQ3EiXCAlKHNxezfH3PhY+lh0vxKXD ++WvMy/cuyQpoeBQBd6vcLzaMAe/Kjsb2KGG64vOryMxsQWOMrt4bu/9dL65k5QB/ +Yw5edDl1yBSOuQGNBGWEgF0BDADFOSVRCX1GzaYx3K1EZZPzsKhCCmvxkqsLV61p +LV5ivm8MSYAM5XlAP0EPu+xkdS7PBaOi/Skca1KEXCqM8+4Op5wCxXmxcEvq5Qyt +xzCnapPsszFGYMzi942CjkSRLibq8Lg6fj7DFB6o2h3hRfaEa+PD7NVPPknWBsCK +qmqYAuQvmWVwln9DL+70Dfcp+ojjzCdaJiBz4L6gc4dSQTLrqBep37LCYzWw7YRX +sZfb3Hh6ubcyfaeDhs/qn/6ujLxjRxX7j39caJVpBZItcqVcRcNmtp6CHXyjfFdN +Ao0eRp3OxwHVbElvcKO6UQ7qVbSkmzUytVuVvxKt6N0ATviv+glkJfYMuUDigrLI +/66N2mM19vJeCpJr9DEi93zFHbaSdSiNXUjMll07Cc3z4UfPmw5Y+HpPk1k6l8Q4 +bGVzUoPKZJ/mUw96Zpx0zCLYXEXmnxEmqGhVIRHmaHfVmcBXyaum7WGZOsgPe7DU +Lji+FNG3/2w2cU0QP1eUf/kBJFcAEQEAAYkBtgQYAQgAIBYhBArMsrZk7hfgVLBe +C0o42ovrnIOWBQJlhIBdAhsgAAoJEEo42ovrnIOWoX8L/0WccGbNVoyPPjAM42ks +CRf8DkbJg3KvcJ1j+4dWeUpXsPp/BDRFouWvv/oRfs+heYilwVqxm1UDMawMTDB2 +Src7dgoXnHZwajLLrwazIKAj7VapNdvu/Wls6rwozh8lH0tm8qyTpl0z7ew8wtZD +AGlzYnXNTNnz6KD1PQwXwGFfP+B2h1G5HdJae/gv+ZVcFHi7uf7JUhatQVWk9iRX +7Nbd5wt8xSPnIevgl+2lGvfaWZx0P5LIR3Tm88s5HBH46hKpTSeCkXpMJ1a8xj0W +HmRlgX7JbxFrHIlO7ra76nBZjEF7l5zQtKnNoijVyZFI6HOBEs/iiusZDA4IJeNn +nmyxVMfLft6R//g3cyI6s9ahfLRkE+7Tn/uorJuAP42kDUUVthPXMg78jUIq0gwR +KjVCwry2uZ1xTxIWNu64Dz1R2ek3eqmTmWsu3+jWWYiC6tbhDWZXw1qnuRgvchBS +Ss+HcafiTGiHGWSfTtMW+uTxkrHh8FiMH7U9/C1JUWsG7A== +=fi4m +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_5EFABA8B40366BFFC88176A52B4A4BE581022A54.asc b/git_signing_keys/keys/key_5EFABA8B40366BFFC88176A52B4A4BE581022A54.asc new file mode 100644 index 00000000..9738a3bf --- /dev/null +++ b/git_signing_keys/keys/key_5EFABA8B40366BFFC88176A52B4A4BE581022A54.asc @@ -0,0 +1,76 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mHMEYIa9ShMJKyQDAwIIAQELAwMEcKugujfg4tlBtHUkZM7iLd3Up10ybI4E8Jw1 +B4IN3kr6BgPLfY/3Xzbycq4amlP3NSsQ4VW6xIdDNNEQFgrJhPF8i+2p44A0rMBJ +gt5qzuDWnO7qVGXtdlchBu5D3O5TtC1WaWN0b3IgQmVzc29ub3YgPHZpY3Rvci5h +LmJlc3Nvbm92QGdtYWlsLmNvbT6IxQQTEwkATQIbAwULCQgHAgYVCgkICwIEFgID +AQIeAQIXgBYhBEYzEmiZydevtx0MzibX80EH5idDBQJi7aU7FBhoa3BzOi8vcGdw +Lm1pdC5lZHUvAAoJECbX80EH5idDIlcBfRjzKCWWcYLfaAm+TROESCHunr31xt4z +7ECx5SUGbJJeo+WzV4YxJyXJAhJE88+CogF9FOkUF8rvhT0o+STuzQBu0m50DPDs +Qndh08GVYGR97hsPmr+Dk1RvjYh9U8BO6h+oiLAEExMJADgCGwMFCwkIBwIGFQoJ +CAsCBBYCAwECHgECF4AWIQRGMxJomcnXr7cdDM4m1/NBB+YnQwUCYZLXyAAKCRAm +1/NBB+YnQyb2AX9LrO4jc3ih7/KUrwsMrriN3KL7nXHjYgPwQ/z+IiLYyp9PwnNf +P9DR8KtljaYDDT8Bf2pwAmfAP8NPnNZ/9fnMw1k+G7pCXxhuJLVjWj/7aYRQew1F +unRLBTy/rfvW+M/pBoiwBBMTCQA4FiEERjMSaJnJ16+3HQzOJtfzQQfmJ0MFAmCG +vUoCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQJtfzQQfmJ0MK6AF/X3gS +Gx/ZTzmE325rKFeIbhpISZzbDMjDFgAHFHZqeA9Fx1Rie0HfsODeCiLkb7RZAX9p +q0Z5MqWSNutv1zqSp4vSLr2RBcYXzqpGfZEk50tHNY5kYNHnD8ndBsmz7fohjKG4 +lwRi7aBiEgkrJAMDAggBAQ0EAwRYaektbbKIiKbf8Oo44emvpUHRSHVrbRSK0gV7 +9DHONcujZzK1T5sSXKnmLfDquX9ePXTPVl0bW36FrSdoJYP2CewydRU9IMJhwUZ1 +d2wBBjtzKJ4VeVMatL1g1aXjwXJSsj6QqDuket8nCylPnSovHpb/C/axierlFQr1 +0tINAAMBCgmIngQYEwkAJgIbDBYhBEYzEmiZydevtx0MzibX80EH5idDBQJi7aSG +BQkEoookAAoJECbX80EH5idDAykBf3lXErMVlGr7ogWRlJAa1sJVqhvVV31N7PJp +eq+adxBEeRiqA0s/Eh4vNeu2e71vtAF/ZZa6RpFjlj9gJWgjUF41oXLV6PbmLkaa +QcGYwp75gcLxxkXraUVic4FVkegtXmb1uJMEYu2fwhMFK4EEACMEIwQBrXFHRvaY +3jOMt99bOlEhYxV/9BWoy+5ipeGvbsyn5gjdzRgrEDB6VgGnGQ4L30H1HGqV+9Ye +Qrj50ejzItqQ1ggA/bFfCjW4TQuToix++5y1xMYl/xLJHVZDwoDLdoDIaceZs+z5 +c19sLeuXkNCs0t5yw91W1rK93e3SdWOjCi2CMoGJAVcEGBMJACYWIQRGMxJomcnX +r7cdDM4m1/NBB+YnQwUCYu2fwgIbAgUJBKKGAADDCRAm1/NBB+YnQ7ggBBkTCgAd +FiEEXvq6i0A2a//IgXalK0pL5YECKlQFAmLtn8IACgkQK0pL5YECKlTwwwIGJSoI +Mp9MvQ7bVk7ICsx42DX+dYZ9fApvPiSn/rXIgohTLkEcO2qtHj4b6HFhXj1LCZmR +7Ngo4+zH8qkQ5Q1rNHACBjmAzktGm7qUYL0F4lg0NO3af53jqHiKGPUh94doqW7/ +Pyi11HDL14KtD05uROQQHGadUZ0hM5qWXgc3u+vhPLrnQWMBf3uZZZqMY/T5bq5w +NqtRx5pAUthyIzHPxk9rRQwi/qLvfxsnNKidoIs2Px9Ja5e3iAF/cblEeTu+qtcU +HjlXtPT5eGKfw9tSn2fjOqMSj2jX12LZvgv7gGmsIJwCbzYiuLSVuJMEYZeUgxMF +K4EEACMEIwQAScPXt1RhHH3ZGpfZsul6EGiGx3psu1twR8Y3X5TzXu1KXtND2yGC +YaR19Ydr4ElmzN0SfbxE+WBeEBzlK891AiwATcyM+89ns5a4dvW7mR/A07pV6tr3 +QGERsBRrXdEUXzlVMKdnOLApaIeAL8+MjUhdK1yS5VH7z587Nl5GwavCoMGIngQY +EwkAJhYhBEYzEmiZydevtx0MzibX80EH5idDBQJhl5SDAhsgBQkF3u4AAAoJECbX +80EH5idDIV8Bf2xgm8Rvkpu56KyikCeDjTrRkppNP+OAJiDONg5VZwdE86oEDjZb +Lr7nkjf+Y63puAGAhQEdcy20VL4/ZKgDJ1HkNqXT2xrOf/uO4QTMUQkylbDZYHRj +Ey0FRWQa/Ed+ifFxuHcEYIa9ShIJKyQDAwIIAQELAwMELTxJI9fR5PLHlm2cRszt +Frs+pTqDgUpT5X70OGOPJoCymsCfNxqj0isG/YDo1jDuJFH2TfMOduiAC9IVDNwa +N+vBp4Pi5GqSmXZmJFTuIrKAPchb12Ha9bfEDNdWa3upAwEJCIjQBCgTCQBYFiEE +RjMSaJnJ16+3HQzOJtfzQQfmJ0MFAmLto+U6HQFNb3ZlZCB0byBCcmFpbnBvb2xw +NTEyIHRvIHdvcmsgYXJvdW5kIG9wZW5rZXljaGFpbiBpc3N1ZQAKCRAm1/NBB+Yn +Q76iAX9gxmNk0n9iSXJezl79DOwRhhOnygj8bYKokXj2Vq46/4eHA9S18qB4ie3z ++eNxspgBf1NZG2h5c4qarCBhlpVd0F6GBhtB8kzNE+zCQmJx6rJbWizBwOD0cT2o +nMG+qQ57G4ieBBgTCQAmAhsMFiEERjMSaJnJ16+3HQzOJtfzQQfmJ0MFAmGS1/4F +CQbrCLQACgkQJtfzQQfmJ0OjMgF/cZDj480D/5Mj34sMVjrgDBUS8QJhJZ2ykIcR +VuvIiuDXEWJgGzyLUPHdEbEz/cdwAX9uBmX5GVjbZ+mGEgxjX664Dhnfxj8e/FYx +5zPTeFNNLDVr8MRrTDYz4hIbAsvh0Dm4cwRghr5gEwkrJAMDAggBAQsDAwQldlMg +k1CeDaKic3sy34oVp9FjcjUB6w1tj3j1o1TTLkMc74rJbyErpwl/YBBZWrgG3/sN +wfLjCNU1T2rltcb9NnQ833RoisEhrAY7iRvzYQs9BSiQ4O+pLyeO3VY7c9KIvgQo +EwkARhYhBEYzEmiZydevtx0MzibX80EH5idDBQJi7Z6wKB0BTW92ZWQgdG8gTklT +VCBjdXJ2ZSB0byBzdXBwb3J0IE9wZW5TU0gACgkQJtfzQQfmJ0OM9AF+JT2+1V2q +l4JpnX1h1HVI1kvvz8HYNLMN5OFzGV0fvxMCd5954Tkr6L6WJMfGmcQDAXsHoTss +inTYwUiCkAoAKN91EzDhi4cBr7epxm74GxPiIOQemgjQUlgMlTdm9tMTL+WIngQY +EwkAJgIbIBYhBEYzEmiZydevtx0MzibX80EH5idDBQJhktf+BQkG6weeAAoJECbX +80EH5idDDtEBfj8zmIgLwogwgt8X0rHaC6i8mU1rGSqlhm5woVfuXg0iKH8K2iZq +y3HLpTazB/Io/QF+IWGjFCCJLMFr5QVrSZ3R9AeE67QUcfyElOGW+EdDZosTK7Lt +GSaZg3bK+VaOylr9uHMEYIbB+BMJKyQDAwIIAQELAwMEYKszc6tybY+L1DmTKDq2 +x5mm+XMLbiMDIct+x9W5UjInPFV25hpCNUGpLskARAMqQyTYCc/fJL255NhTefax +QEkowdY2gZs5krmFKwE1J4gNgcQwBDEubRncvlcXHmlhiM0EKBMJAFUWIQRGMxJo +mcnXr7cdDM4m1/NBB+YnQwUCYu2kTDcdAU1vdmVkIHRvIE5JU1QgY3VydmUgdG8g +d29yayBhcm91bmQgb3BlbmtleWNoYWluIGlzc3VlAAoJECbX80EH5idDFFkBf1X4 +JbeSTNGYFSn+s5SSso4GDo8Xd5S1X+S2d1EiOWmH9mIJ9E3IURvU2UnnYbtc7QF+ +IQ29yqOgFsGPxMuJC0VmRh6TM7i6n9NF3HAWSn40t2H8Dw9lZ+Useoulr0YUdsQy +iQE1BBgTCQAmAhsCFiEERjMSaJnJ16+3HQzOJtfzQQfmJ0MFAmGS1/8FCQbrBAYA +oZYgBBkTCQAdFiEE/K3YxHRAaILbz2mECD9eJcOv0WIFAmCGwfgACgkQCD9eJcOv +0WIohwF+OwPg2SUhy+l8MA+fOtJ66u1uWxlZpkg08u9gE7xtoU5NhYM14MdAVuCU +14WofkmDAX0V8tHT57Cugr2On6SQNvByzyq9odUp54HNbvSi8AwI/LS/+ueleJZa +aMhHqin2jjoJECbX80EH5idDnfsBf3OWbevaRme7kWcewTCWmbLPIT2lIBMVimoE +/K0Nob0soE7Q4JBR8BzBUImwE9I7FwF/SsANRT1iiTsYZpjxVQ6chJ4ckNU68FVz +5dbVLZVQXiAoARMbuqMSGWzvspRMTGk/ +=ILxx +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_64E40F3DE2ECB70D746863563FBAF0E7D81427AB.asc b/git_signing_keys/keys/key_64E40F3DE2ECB70D746863563FBAF0E7D81427AB.asc new file mode 100644 index 00000000..126aa594 --- /dev/null +++ b/git_signing_keys/keys/key_64E40F3DE2ECB70D746863563FBAF0E7D81427AB.asc @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBE14py8BEAClxp7x8D4Zn6HH/97Q1Hz9cvfspYe3VnBW9zQfXEovy6DlS0gO +47QVaGNnGk+c0o9OieaV5kDRg9V/RL/uwqMBSLnXDQJWsDqgRrRPl2HgDTIMizcP +rAs57yxsOknq/QfcxMdmyv9wxLiPJwgmRIjEXoMyZ9EUPjj1yGXzZSBJVLf+NheD +L7SI2QpnQFDNz/Tm6cxQ57/FCbFoxeGUYz1UFBRKZZX6vJlzuMsjx9MQ10owj3Xy +Q8ddy9yV4Wz7j+VzmM2HqwxGXudCFY3iVaFplheJfa1H6l4muQ36EpfsOwT2ZWMk +aPo2bhAh3dw5L2aR9Qt9sAD6WovXwWGnMMmKFpex7hHHvV+Z/mnMHxQEUQ764Pmb +1smuG0C1mf+XWbyfPb1wOzIPGVYHlDmKuY8A6d+I2s7T5AmPAtd3ZPQxgQKP8SmS +P0Hf462YvWBjvY1QaUXlY6YiEYmXfYF/8nsMgNlruFG1G+NLNyJ19nFN4St3gWe1 +2helgfVhOWXe4diTMYFZ6e7S4589M1UpdXoHtoMFYKxCp8nn5/TYgA1szALBsFY+ +MMO4JUW7KffpQal6Anql5YVgGwoL7g2QRaN2T+5lZv7QrcaJ45lYv2ME8lFLTGJm +VxGOtsjnw+wX24Gq56EZfHsKR4v9PR9cuqqOYBg0CiI/Jwruj/gWp4WCXwARAQAB +tCpQaGlsaXBwIERlcHBlbndpZXNlIDx6YW9saW5AZGFzLWxhYm9yLm9yZz6JAjgE +EwECACIFAk14py8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJED+68OfY +FCerY5gP/1HXMT+3eq2aRbwHjvpX54gSc0Kpw8VD3Kpyp53tuxSMfXCKlpLSV8AW +tP5GmaheEDGJZNjBysiYegaedp+rKj4Hj0v98eVbURHFR7JcL5YUJH3uyb/Dc35u +Q7AOBAsQC5E1zcWNZqzKFWiauwBsbjIRJYm5OFJL21p7nya0oUkWEOsWntgvkng9 +rLUsU9LkIWAdzjU0nBE+keMpIpsMHlWTl3BRfxhpg4XcDyw67OW+lU54wF+sK7ws +O1UUOIUhAGzYpt8QuJcjZis/PUjukmR04G1DFIV5RS0r4Y47SMgXQTZ7H8kO9CO8 +vmHUiLIj3KI8K53J7LiTUep08KdeKn5eN6NrnBUMa0hLgRFlU5Wdjg3eUBAWPgah +XGj6yJILhjWIYjNo42uohZOXA+xHhF36KfmfpwBVA6o4y9h33LWoMZM2bs38ZH6V +X/jH25xFDi4NydXdScsnWkiQUlQRmtjK+F2GDwd6Ss+qgRAlL9AyrFgqAbSoCXwH +NneMAcI82wTbkzT6uBm4U86saUcDQ9rdBcq4l96Ga/6goQj7d1rJvluPnApkm3iZ +CI5S8xPrWJCR8ivlhuWI1hgMEmgm9EwcK4BX56ogeDTTlLzZ6PFKiJYAQCKeFz2c +aHl7x/MDncHSmfmAUlI2pp+gY7Iww7n89QxUiM5kOXKI3LjQhpFKuQINBE14py8B +EACwItexQ/8uywNYfAFrzaAiaGP1UhvfX1bo9Aw9+oiF4Cj9MkUbwQkPV/7SXpUc +Chqfc/kAEPGKZOAKQ5wPoFHL4murWTLjB9MCxAl6ceRWRNYKCYR2hf8U3/mW5uLJ +x48FieL0Nz9LN8DlsphAqDzelX48RZIUedOsuiYEEfBHwIqYup4+M3JhM4peTT3Q +do62verXJSNCjFCYJ9TYHaZDCTkXvc87fMG8MJWXWcAtP9P8fq2IVKWjRSw5Nvol +M7o67PgrBUXprbdxlBkC2ohP4fFs4GRaSyygeyob/nNiBrmcqATCERwgjeeivkPL +Om5lMFW35jfeMUxzy0K2Kipdkyf71mRGBPBmSejDILV5C1fxMH3IqLZfxcinHYK4 +T3KLqAZ7xx1bAYfd/mA7odPeNQvzpIlv/JZAurU3CpkY5HD17EjeK6Pnwy3dyB0v +pW9TriUDWkMnMenz6OrZ9cPSrIBoKeUkwgQ9wKvsw5Q2FzhwXOYaxkTrF92qDlTD +iHjav1rGhLzh/ymY+r2HPteYpf9TdJLf+h04wBd4795EvD+Y5r4SIWK3qgzueZIi +H1wdiQnY5J/3FqbMllSUB2xQ0fiidafm7AN3sJ1JSDrJXH8AO+07YVaaCRB5JeHA +Il72YOPipqfy2we5613PIjdAVKMTpCmcmknpghpdVEL54QARAQABiQIfBBgBAgAJ +BQJNeKcvAhsMAAoJED+68OfYFCerAbAP/RH4g7VO3rx/5kmaVrkiX77XwUVu/lRk +3W56zeY4kiqScSM00ROZnlGNxQCrfz5VkRBBWuS380CPD71gm8MXESnQVGHaK4Nf +xI9+V52LNSk/Rgafw+ngxY34OPjOMsDSa+oMYgLZUxAfxG6KC6S0koxFLA4/R0In +dX2O4KaznzEmOjBIGURwiQpxVL0OgVb9w1SxyWMP56b984sM1kVGuaptE2EKV0WI +yV38AiS0lmWpZPBvMEun5PF4oCmawyXmiAMMUKXHChI/f40Z0GJusjv/hHprq9+j +G2SsGxQ3VFsYApVJPN5A6fiZpCTevZ2LE5X7ad4KXyHA9RDg1/dqqJqfiUr1k3Bl +3gtVgJLHkIEUMHzKjInlVn1mSftIliElX1JZYlj5DzWmngeKKD6BPG/NO5TiVD3D +Cew1DEtbFyV/Cji+RIUTU/lKBGAb0fbnAZLQ4Thy6Dubir17hHqPDBu7tgPntORz +r4kIy/BGBQ8Vz1UQ9lCcmq/aNbAQJ2Od65+wbzhFUEa/ee5tItbehQ/z2l3+ArV2 +vNPGxzGtF3I37jppjMfm0wpsWmyN9+vAFKz5sZ68ZZ2qfjv+CiNdn0HUeEK0udI1 +BIOtobmm8Y60xbA3SJZnxFSLNDbzP250iPJJieYdF3v74U3COkhIi+jMFWXvc42A +it5OWxYsgAmO +=0qTj +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_79D0526BD96AE6338E6257BDA8853020E8EE6FBA.asc b/git_signing_keys/keys/key_79D0526BD96AE6338E6257BDA8853020E8EE6FBA.asc new file mode 100644 index 00000000..bff6838b --- /dev/null +++ b/git_signing_keys/keys/key_79D0526BD96AE6338E6257BDA8853020E8EE6FBA.asc @@ -0,0 +1,75 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFmLHioBEADjWIlRYnzz15eRvqa+tBr38CrNz++nJJq3cOv8Cqk00J6TQDfs +pF4OSLXxyYkxtdaFaOCx+gskbPYqgpYyqZp8Qz9Jw6zTiVaJX9VtQKWLQ2TEJuge +AtesebyJZzwY5biSkWfWDBi/2jDKEGXcAqa5pbgFW8HCpGwHCKMYzCde/NtFwOhI +EapaN5ck5PmIzwqs23Xro704ULPBOnhFcX/HHW07hi2I6IsbKeUJWxxVpUP/PiHh +2pgGYH+FH4hJpuQ+Pbg2q2Tx15rkwf9KTxiEDMCuPSQsBD9gP43BLk+ohw7z2895 +hKai0UmClrykmdI/PzI2P1tvwjl6t6LNc2fdVyIJTtn/RmH15/OExtDG9UwR33Mn +m9f2vK71J+Hmus/zUIs3LjDRi7YQi73RzmD6QLc18IA7h58iw0sBQ8LYGPRz0OuO +l7XtujC7BU7i75/8QpdFn/3tMGJ32WBOkgFhRBZk8RZuMh8v9s9qs99+WvErhFwm +l0J/n2TajYuhtL2GMcivDzHej+ifnn1+Rs9BP9LmDeKM7NRPU9pdZw3trA2Iz8b/ +QeKU9W8NbnXxAUMec0uEBPfmXzhhyX5xKW1t+Tt9qvXHySgxAcD/BCc6uMlIw9fC +cxKUhOISlWg93UQPqhgbm6bLT2Lg4H8QjdoSiDwhFuqGHTVQgyy6DUTXJwARAQAB +tDFBbGV4YW5kZXIgUGFldHplbHQgfCBOaXRyb2tleSA8YWxleEBuaXRyb2tleS5j +b20+iQJUBBMBCAA+FiEEedBSa9lq5jOOYle9qIUwIOjub7oFAlmLHioCGwMFCQlm +AYAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQqIUwIOjub7q0VQ//WmoKiG+B +kDFJjABxKhNCeGi67SMAOlMaS4Uv7Dc/uKXF55FKd6DipcuEEw4eMgRjpaPF9tl9 +6rru5qF1Ju1WU96MSN+SVdJo0xGrrFwuIPc/gYdllZwvluL5QIpOpugBiIY7JhE/ +sjoJifab41+/S1YYICsbcf7WDgvnxBBepe9ZhAezidjChlZMYT+uNeo2OS1kbvMT +Oup29uJ9Cy4/FbJFKyNvMHO2lua85oDyfXCqXnEKWOJThgtB2RKdj9rkZLiiskEw +gWRlqLOyymNehaTzMbaggFhez0Y4hQct43ciP15kiekBgTGbSaWx1fgj0QBGqPan +SXm6JjudUSb6B0JrG02QTRduL8KyfG7hG06vrj9ET7yE59DEkNS4n/W9ijZuos6u +lzjsQ3yl1uMLd21iqH8Ms4cdzttMv+VkmB6mbvE5z2+IHeaCYsb0+6t3KMtb9qoE +Rl3kGPoEH+MwkxJjr2bmyRPpIYQ8IpZL4uGODRFEIcT1RjZ0mN0uwQzidumq+qBF +VIxuUx0BqaSVUpkksQXSckL948aPk7SaJXmp8zRdV09IEUmEIDyAKYi4lg+BJEUb +qCDW+YRuJy5cUP98YD9ctKJp2O7IFJepOIHJCnofFtD2O30zdB345Y3hymO1Pu9b +levEvB31gYhTdh+tGrWA3kJWAja1kyxA43C5Ag0EWYseKgEQAPSodRpROF8Ke1wG +ACF9TzZC1a4djQAIzz5DDH8jL+QXet5dpKl6WXHtWdUSXDU9JqL8VPE18u7T99y6 +O6XzfwLaNm/I6/Dhl47J1cHyZdVVxftasBC7GCDKY4lZOQ3cMFQGx/GjFB0QDN0S +QPi4gXC0FfLlt9LF6H+MbSqIJTH2NfkBiPFhq7kocM8MQDjPiE/BiSIQMR9Y1Djv +cZe/CbK2x7mw4yZhHAwY6JfyJ5nf7iu+TVSgORYq0wrY9aT9BtadyDNqp6qanCSN +Y7sniB163DJ2ysgplC9HiVP1ppfFW8ulq0DGk0RbqyC1vjCqtGHDjcUtEdEc/mx6 +Np8NTyEVcENrfLIzpM1+56VidyTwi4Vu0ivFTIb89mOL9CsqMAMPzVcxwmna5Knm +CeAf/BfG4By/Mnw2AT658gYkF7I1XzCs9yrSDuWgCTdv69scCmh6g/8nLjW2JZKZ +1rsgF6xrdFdCfzJ77Rajq0a0Kg7h8UGgVU/1DMd7ano7v0t7/18u0GIFOxE707wz +mPqZznQmyEKQQb2Y6T4jYmeki6LSyMYCHEOlDusdja7JaaMi4j9fseQH6jr38gMG +TYPNhXtO3/91xDuQdyc2Skil+I1ZhDJJ1j3C4F6D0JHb3Z277L0efemdIz0eq24J +W3VG0CBbU5wY6a/skpMkd7ueGTFxABEBAAGJAjwEGAEIACYWIQR50FJr2WrmM45i +V72ohTAg6O5vugUCWYseKgIbDAUJCWYBgAAKCRCohTAg6O5vum2/D/44pSlzdR2X +WuI5Mep/fRJh2KWIqzhvc4xR3kk5anCPVapbSzKMONExfdFTZkiIzRzg+Lq4+nGF +hg9FzFc/7aNtuutha4ZvQPEX1jPHlFgVRnxv7khuuDNo7gaQCaPfS2TLyAWSe6Yp +atMfUr+yRk/Krq4OAALIQcUXMrSaTjtu6lJBV7VBpxi9eaQkdsaQ2aqHoGoLyIsA +s+fCt+3N18tPKQTBTcIn1BsHAyVQ5ftyJlUe9wIQxPf1k93Nx3fDPYJHdM8n7/PJ +H99v6KxtdTGZmONNQWuG4jdgKudmKKIL5hsqVg0eVR4PO8wVovqD2MdT5Xm2Qnln +VxjBPrx2yV4TK8IRLFVEV+B33E2Lg0giZfvGoJsG0XWe35Focix9KniLGoB4Cjez +4dW5hcHGmWFAKGyYefiLUtaoK8IK5NU6CMIP/Vv0gD6FfBOLUHtcNxzGk4kTHHDu +/3Rz+2hylYz20yuxYLJbOdpqSOj0NVJTq2grmFQ1VF7+NpzIP7ZVhsrtfjJJi9HO +MPDPAQOEfRB8amRQw7bfSLuiCNWhOZC3KB9uvt2LRWPeDpkOPiCScW8BDqQ8BZ3G +kGPiJ0iic2Mugvy780AkYaE7ilNPWhq0+Sc7knvJzi5+B/4HQnGrDKklV3ibrwHC ++sN8lGF1FekmiUpSShjysp/BFWEF0HrEg7kCDQRZiyE+ARAAuVb5zcWa0sumx+rg +AegPTyJ84odS5ViMIzFvjgRWhEmxB5iQ44Kc0jw3EwAvqS8bW+iCvZK0ff+L8RSG +9FjORk6mbKegM3sd+iFmZfLvuStm5kAwZDRsRR5qn+JXSTIh0KqY1dt/lvxmYOXt +rM2bGPLUa3Qb88G6Rb+vjbzg8g5rm7DcM2Bt9PVTV+TrnVTun9QYeVsG3JzGc1xy +2w5ViM/lzLwvZMkO2UP1azqIM232UqQyjrdRlX8WqOz9/jGaovSxhOqGNZC+toWV +6dbQkwmPWeZFVCQFuuyVGN3E2yRb2ybtOFaiC81eXqKJDVFMgi/X/APsXn0GH+Cf ++gwNPCjr9Os0KUvX0SImTdyOdl5JgknTW5s8x9m05+Oa+PChXQiswIBSnZ+8nTt4 +pe2MVI038Cfr6hz8w6s8d1ilxRwa1klcKkqRGvSMJP+k5KnD8hvYcjjePr+b7hPU +K11YT5bX5rCF9VVisMqSdC2N2dO7v4gc+hdUhu6/oL2QV/BcjnmZy4uNo0N6l33Q +R/CM8WRfsg/twVteUHLF9BRsdsdqt5Z6m/AR5UNGSO8J9EvAY2BCHEeifNBxauJa +aHV9pEGBFjgQ2zD7GY06riQ+hLEN5O1/qSCE3yMU9zjxxkI4F9d/ixHXTyBORkec +ZdLXR6mjoF5FoHIkakOfIrus13kAEQEAAYkCPAQYAQgAJhYhBHnQUmvZauYzjmJX +vaiFMCDo7m+6BQJZiyE+AhsgBQkJZgGAAAoJEKiFMCDo7m+6B2gP/1PF9ZhJEq8A +7NlH4HtHJiPhriq/+GsviJNaGNrVBBric6PwFtKxf3T6V/mTV42EDquZxeJz2SdW +AZRLBA2ShDX0KQVCn8OALh9Z9gQMEmGKyDUju0SGFuV6Oq8vN6RZdmzX07QA6xTc +7w/fOjXl9mbgBlsr1Ssnzn4ZO+lrcWgqoS710d9uW3yR+hDMBMDwYCNacxnTgT+S +/PcS/do9Q5/U/QQF38Q1Zd9Mw8PyUn0csSXI+opCxT03nnY0XMVchXlfYhlkczEI +OZyz4vBi/AmoqSZWD6ayQJC+ARuiD0zdp5jiHoI6b1hjWwAfi3eOX9uWIkD01Uqk +ZAVrp5yJ0Bamqttxhs14GypydBz082TseT4hOX2XNsKGTNG98qY5vOv08oLBKhaj +HklGjdwyFh/JdX5FdvZn/vxYaN7TUAbDsLJDXYVwgAxwCxCidVtzQEpvl8GY9uhN +n2qzp+6tJXzlwRqMC6BAVGlJ5yppapOW0jpe7R9dfF6mF32m9nrbEaxvwAVI5ai8 +Q/edSUNHnsgn+VmCjNB14BzyWhBoH2Fo0u56VP5U3Nr1t/NQZ1T91ito80YGZa52 +8nR1KGqLvtP80KLqeTFZLaaPlgmcuza1HuWXHB3SVSKLMv/OU74Liitfooa4fDij +LREwT8mTOOo6vbGIRnxZonk52MecmcBo +=bwNa +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_7C75583D172140AF4A6B10186CD35B07297B3CF9.asc b/git_signing_keys/keys/key_7C75583D172140AF4A6B10186CD35B07297B3CF9.asc new file mode 100644 index 00000000..fd38c349 --- /dev/null +++ b/git_signing_keys/keys/key_7C75583D172140AF4A6B10186CD35B07297B3CF9.asc @@ -0,0 +1,52 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGCGXrMBEACyjUF2km1USOeXPySqBFQrB6awE04egOEVrd4Ipab3B7WDyMzS +0w/Zq1EHfd2/JH/Byh05VaCFGa4TrN1zn4xQzJsLgbXwo5KbhIVw6UfCz9mLdcVS +dbQL2k7PzAEiYx9/1CYREK1zJxeC+ZsQGBuqvlua2U6p/1jn44ZuEttjFw5HCTIS +tBMtUAQzoYwImkagU7ACjP6odZlVqCtykzDevKqp9iRW7ZIEyq1sIw2ynxBso+rG +2b3h1sHFBpQ1dFQI/QE/R3sbtqg410r8ISfmVs7cfyXcrIN0iFQuNkUN82FVwJQp +XO3jp5xj/o6ZJF925t+E0dOdlEwMfwz52PylyOpkCiKY84e2AIZwF+QzifSeS0FC +8MREcQ3iyjK+qwst7xqDac1npX9Aij8/tVOYdbwyzJ86/SPRt/bo9bPcUJGUdYtR +k5t/vA5NsgL3Jw1ROQidFU74/PywExQh6K9wsajm2/IcfJJeHfjtwa0Yv8kOOUZo +V/p5rP+OyDzcQeVZGMRRqplB0udiDFRTKS2l56GrIIqcx82jBjHIT1anp1HYeMpr +6iVRYldPLkwchjvmpBiC15aSSqlwMBOugYIKgUuUgt4t4d+80UEA09Ygm/RLQ6EK +0seRG+qixAAvGJohl1ByOMmj7joRFJxhsR5qO9fzLyu0XLO0gfEjIdZiKwARAQAB +tClLcnlzdGlhbiBIZWJlbCA8a3J5c3RpYW4uaGViZWxAM21kZWIuY29tPokCVAQT +AQoAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBHx1WD0XIUCvSmsQGGzT +Wwcpezz5BQJkSTx0BQkFpBFBAAoJEGzTWwcpezz5kLsP/jOh+dwNh/xtE77zXhne +PeeZdWP7eN2NO3fLOrXV7+YMn4Nx/J5o64sIJGopx8fKoT3CNQmvJCA2IJ8obPsX +xSu7TUSDj24xAGuNCfdUcsJtbJd88FrIn+VkCg6ffwL8ZNZQdmY9O2kuogwGdbGY +axdnAAcpsV09C91qL8d03FEOrCxlSLeHBbpFOZMMpxj6zff2Lf4XKqyEO7fQV+c5 +HzlCTXG6gibieg2rNoo5ala0b2uaXiZJYwF6g6nAhaWijW2dV+leh7nFZyYtK4WX +fKIcD57FaINxf+VhGp1aAvITN9JIEmkv1LHJJP/mVe/xZGcC3POfOb/zzMOI/8Bi +/TbvsxbtqkxxGTXMMPjZz42KBcE0DiWNu1/3OEgnp+OjvLjHyBoGssRS9iDOIYzK +B2F70XRy1ckgbGJS3p7V0PaTNKhBPAbAO00oidg8fxKQlRCxJ8ReIsqfQ44TJRPN +vj9bCrXIuyInS/2e6tg5uaw4JWSf6TYp+pICxO7z/U/4NmiaVsu90iuOG/efvBZc +mrM3nIICZIGfMIUXKzxfTcoP0M0HiWbRk8fMzL/LI41/B6n+mIeXw6oD8BlUwfHC +Qj6cB6a4HQBCOrTb5JzbTWd/hwHo7/1Pt/3134RV8PakkbP15TF7L+vwCjwlLVNS +v3i+GDXdBCnJ5cW3TMcDj7mZuQINBGCGXrMBEADW9p7xl02baDUCv8W9KmL9w6CL +rjZ62CRPpdKhqpinzyUXeMX+vfur8kG5aO6uA1Sh8omCqmSu9+tMnblleqtDfOuT +POBsE6AlbjMhYJNNzN1KstabDmHvLMSu1zFBiBBbiDTGnUqwe7Gjay+Jhq48JUvS +oqMIPdRpWv54GXI8/QZMUek9hEf78Xh+zg68utixnAhrp6LqtV1t8+1pvE015aaN +9iTwHR0/1MCOP90TUySKvS4KH5972QaoK3W3Nx3ORKoTU99TFx5RUNU9ELbo8P+S +LBTUucqGTkpZpx4GIADds5UylADaOM879Ij9ZdEOjq7kiFmSheFiDS7/0qR4POrI +T1s/6HJ+U/PIJQsXu0/GLrR0a1l5zJCxtgvv+y4YngpFb06tPdNNQL2Fatvp06Z+ +9IreX0M+d1ZlY85fr5thjUuoTUn4DNjYcAgy8JiEkbO1pyhnpWKtSJ3LB0DOMfQT +RiSKUHwmDSYj/yhL28KML4b+fGp6M+UPDijoBerlA5QOrpD5fJbuBzy0uxIUng15 +dC1PUnrhbJvJCVCi222euhxdYzNhQnVV2+o5wMfBaV8xNxezNuU5SQ/z9fra1SMf +TRmhQgqCtAk+qNT0NjykGHQ9zUy0D0lHXvsS1H/ZWNKp/oUyPOy4mianmCQOC9sb +3YIrwa2UoKEpPryYgQARAQABiQI8BBgBCgAmFiEEfHVYPRchQK9KaxAYbNNbByl7 +PPkFAmCGXrMCGwwFCQPCZwAACgkQbNNbByl7PPkrIw//dJ+jHnywuFqoffz1nI5s +fNnGXcZ32JLwbSO99X7LIWg3OlfC++l2s9LOcWBFB1fGWrzQzbEl8YSFYyvX+wpc +dWfGgHJFmUuR8rxIAxBFFl03JkVPzxzAI42NIqcfCp/cuEJFMgAHYUt0sKZhDzLk +IEcG0fH1onEaHYP3AlYMtNE79Yssj8yheFXJOP2dz3k9+algynjeQsrs8FoejvLJ +dWTxCWCKkBAu5hEY5Eu/ChZU7pFPCAR6hCcEu1jnliZAwv/Ny6ln7RP04fJAcibB +SQKwa0MZhqQ9rAEPDIjTusYDXa53FOPSzlocAJUL7/lzRn65lPMh+qZKnEe2sZHc +9d5BfHL01AX/voznaDJVjVQt3joFD6/awZXvI6WPnJwC+RL898WyVfAGDOtVoE6v +i64nbpJFZ/myrMf6mIOqPnyilOR7LXmJ5pMuEDaGkTwjD7S/mjoDv9+KWBNiyibL +SGEiTdu2uEgMfpUkz4JP0Qcwxe/zSxZPC/P2wekCd3TDJuLK8AHHhkI3df2cy0rM +RECS4WIJPSlVLYuOO6Tk46XXraof3qt2Lhoiau0sapTW1iI0+rQ3mZGcl1XpV575 +iGeXI9tSULVi6PHHjhbOMYC/NLtY9z1hM4dbPRWZ1aEmhELEkvMHAwTJEGBsYq4Z +mrQVOTR46KK7gbsKc/Z1YZY= +=b3JM +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_868184069239FF65DE0BCD7DD9BAE35991DE5B22.asc b/git_signing_keys/keys/key_868184069239FF65DE0BCD7DD9BAE35991DE5B22.asc new file mode 100644 index 00000000..0c7858f5 --- /dev/null +++ b/git_signing_keys/keys/key_868184069239FF65DE0BCD7DD9BAE35991DE5B22.asc @@ -0,0 +1,277 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFaUBZEBEAC9wqT4Zl240LqQqTHP+gHdO+zrBATzqGS9hOdbTQwqEwiL8Dsy +XV7ORmL1To7PBCqE/XciI3YhTQzrlUy51Wrs55oYX1UjfyixASDplRAf/pluLLTI +kJV9CBDQrs46p0iKnSXVSKBxrXCZiI7NuCL7DVZNRuAyPUihRfuskNV8KXk2F87H +gPw8tE2Jx5OUVYAEme8KpO3zg2VFk2+xDoaKXLLs2eYDYxwlLHN6RWy7WC6PnAR4 +Ke9ElcxyaeY08eMBHIEbW7AuH/yvsWMpmyo8eN9oOK7i6rJZxMoqziQ1+njQYZGj +8m62CYy9Ri6NDrlY3z516FboKuPvLOgU2zSBgy2x+FOIECg2aMKWFnNGoD7g8tZB +mDMVJkXFcyXtj6gqjmrg1ollnyMxSQevqLTBu3QHBRGEH5CmBDXUwBqxKtEV03qv +iQOkoj6lmSRB8xo76JSRSihq8io1pQpiUuZVphnZNOZsQDCtZ9DVJvA2KZmWm4fG +2LIOeTPITj2NgrWDCcrlfVhc+iiYTlv/DoLtmQg0tSnhINJMMiyruLA7fexrQ1ep +rhgZcEl5a9W+h0bI2eemqfgosR2N2SnT1kJmfGixAfjUHSIKZMOfRYIpQcavvSVw +Z+d8+G9BFjxnED6QMq6M9DZNIqs/nk6tHmfhPd3xWCGPew/k/avZhJhydwARAQAB +tCtTemN6ZXBhbiBaYWxlZ2EgPHN6Y3plcGFuLnphbGVnYUBnbWFpbC5jb20+iQJY +BBMBCABCAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAIZARYhBIaBhAaSOf9l +3gvNfdm641mR3lsiBQJmOP1QBQkQkkW/AAoJENm641mR3lsieZcP/jIV6qAOzbZo +wSdFLb73XFzGZgm4iDVo3AgR5Sdm6G6I7Hw0aUNnllYE4iyhij4NwXczHoL+UcpA +m023vFaYHnKKB90uYflxAQcmbUW5p95JyOWUyRVUEtpRAA1AXfGPwWLY4o0qYev5 +cHZd7yl4YhXk/+THfa4ctTi7dCCHqmZiM/5rOkd8SNh0e+CfxTNsmDzrD5Irncs3 +cvQF/3vrscOd8FfDX3oklWJHYt6ZOduGmBdBYWujlHukT8IoShk3dfRK2Q6wMmuQ +kncPMXN1ktx/1jYDbE2SlUkQAgJLz9M/Kr9aCqnvkvhb49NpBrMpl9LEe5tkDk2/ +nivZG+HwdrCpjCtCpcSIEBvot4uQZ8Pz7cvl9CRi8ZklqtvJSq4g5nuN5XS+O+yZ +nU3r9ss3+1+EelZ1oB1GCa+TPqMyTw+q0oT0oJlUMb+x6HCnV8ojb3Zb8L+D2DUP +JdrKnOqF5fhR8D+gCkBRGxlvwdv4WDOw644wCv7KX03+OLF5bgJx7Iycxn8s/iVn +LEClYdykr+lbFyagMTRo19pg7J0e+iFwjdCXPfFPgpf3r6QmhrlszoLGZOKvlvKO +MUNNciVd8KldsNQ3bHKiVPCSHDKj44233hWyHjPoNuI9aznJQHiO12NCkDEHS/jD +xOnLYC8A2VamdxL7aoPpvCOMId4B4JGXiQJYBBMBCABCAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAIZARYhBIaBhAaSOf9l3gvNfdm641mR3lsiBQJjxtd1BQkP +FAVkAAoJENm641mR3lsijvcP/14ZwgR70BOjf74LOiLkIgO9OZbV/ggFA5MCfxv4 +MFIITuzfkUJ6FSgPJs2TRJTpAEr7AnJDvVqRb3KgPO9DNMF5lmp4dSyx0EAYL3dE +dJwMqGtVPuhf13lBZUj773xcajrNQMdmFQ4Jh3eVXcr+KpU2r14aeP8Lwpxdq6yD ++XozHosdnfma5MSdmu5un9zZeTN5xZtgSV6/y/0vS36Cmv4OPAd3yk+BzY8Hup// +f04s8BKCrDR1xvm0GPXlM19kGpLfUl7TP5krS++df1VIPoXdy1X3t0kzJBjC//wO +xngS4TC8jYB7fdKy2ZNOIVSPUkETfsXZmi0E/Vye269B4QnqrtcDW6QQN7LALSvH +WzDRwQ3zKwU04VZeZk785CgDqfB+xqBgP/6Aj8s/KVCw2Ejn344Nd6pVNy7zUcth +Il8GW74dl8BuDRkiTa5Iz0lXHU1u1pzLgnDnYPF2h6k/1pjUAsNakIhVuOL2e2bL +Yq6F40fBEzbnGRCwMSsMFAYiOKLaJ4fmfvzDLDQS6iyY5dage58sDgttd3v6y3yh +kzDPUcnfCqPJhZkZVCR3A1Fft6W2Dvj2SplbZkhvkAHCUkCvJKF/mK1zCBj4DEOa +7IpxrDnq1SA6ipt2Z5fE9XJRrD3Prx/J/9y+xW/mfM7LXgnU28K3MJdUjnmQnAqp +7h9yiQJYBBMBCABCAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAIZARYhBIaB +hAaSOf9l3gvNfdm641mR3lsiBQJh4tFaBQkNL/9JAAoJENm641mR3lsiWY4P/14p +NKea8AdA/HQIz00wKreksXk1o9ggLi9uOknyYWmu7Hsm3b8sEg+EysoTtkVpQ4kq ++ej/WXFgFv/kbhNpkrRxm86qpBIAYmUPVgeXpz06l3NX/720RC16unJM1rTj7N3b +O53mYkQzJfkyqAY49x1MdZF5GfKSRxM6uq1ghN0fMrDXfwz2RX3fp8/01CxgQxdg +oN8BbIDcJH7u8vj0mOPv2vqKi2zAlZnfAAloBqpV1m4tVVuciaAqUjUiel/gllwm +Abd08sqXlx5M4Kb5jU1XeowaHiUSf7hpbtj2/AxpNzfDklBAf2f+/g1pcai1//1/ +y8fy+OLCjnVWJpOeJ758+KDA960oV8LqoFb0C49FihKIWNeyVfeqnzzT9VewWzng +lO8JRJCZZUZozbaQCHAUDDo2zARmUsRb1O0LzAaas5No82qbh5R8+z9QsCjkLvJ8 +24b60aBkrYGZN9sciieRL9I4Bp5M6UbjDx7OH3VTqqyiOKFsx+85sckXFLArkHhi +DxkF1/tvx9uv2GZO7ThHS1MJrsYtapswZGioECjx9RJ7Ee3lgAypOhe22rHmHU5R +iRD/J+XOXpZ7P6Z4wCw3lTEgJU5aCJ6DkNi2BNUXM8BvWLbVxA/Idp0mRC0JeVOU +Mw67sVu/GqpX/cEWxgUcbyNz/yb5co1bXcuhDO2TiQJYBBMBCABCAhsDBgsJCAcD +AgYVCAIJCgsEFgIDAQIeAQIXgAIZARYhBIaBhAaSOf9l3gvNfdm641mR3lsiBQJh +4EZBBQkNLXQwAAoJENm641mR3lsiKEMQALroBLfYtld1/tg62M4+HFLBb95DOg7W +BcM8ydlTS2b/hWcwnt4ukamRvNmUI0JEU0o+1YFGydLlgRr51qp3unRg/Xfl8S8S +FqrV7LCHLR9BqFKHUzlCKxd3HmnmU4lf4AQvMjGmatpji07tQrVxEXtJTN1X9dwM +cwUOCaZNwdxUJgTzse8vpIc55BfGRAR1MxOFzIUfe9hZP//4xCjF7h9QZ6eOZyTs +AtrWsZPbA9hVbBdapwaHliQccJR8aQ8rpRbOhgUEUwIoDHeWBb2qP/awWPfN+cq1 +r14shALbP7Zt8nCHYQYejmU50HeoPfvpfV/4jdjgwjVPTXOQijvJGLhVws3bdbxx +ieFDYdBlMErfL6z3bSvBnkYbqr2gIDz2bYThxczKNicaAGCYRVFh8nakCEStKNp7 +Eu79enYJzE77FsROmDtELUtgC6T7CCaM7NtTT9H6Z1kOtZQpBQXvVJQdavsvyXcU +s1WhnQ30kptVDxN58fdpvgXwygGfJFWoaVbbGjSr6rXpL7HfyqNng17/2U6H0uVg +9mT20pE11uuygipfbO2V/0mVVdRhOqOh1edqc4z50TgOFE9IhqMHGAJvE/UlmfIb +EofEGGUgc43hg2JPtiz+N7tjoxCDLwU9562bM+CMU4+VGlwI+u3EIAmoX1XvpKqU +5JzuuHHbUTFUiQJYBBMBCABCAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAIZ +ARYhBIaBhAaSOf9l3gvNfdm641mR3lsiBQJf/r6TBQkLS+yCAAoJENm641mR3lsi +2IwQAIofzEA3eejlzPrfvEsOVIZ8K/Fgn8K/IGoHJn76SA8OnZ692WNLVWibRbLI +8xfRanXntVU136So6C52tKZznAHiiPD0StfnCxT3yyzV8HyHobkxoiqXEzbDZIGn +HzQRs75iJh/zx2nYmM9z6GoB4TvEgD0XlNO8PXwLwybvQgkUQDl9Zjzcw7rwha4F +xbJihtNi8SXFuLR4wjoeZMx1d2gtooUbk2xcT8+sXp3QHuYEBiIlHlE5QgUuZD6g +skjWnK4MJaVEmVwCjm1UwrtKVpXqc+GioMxTJUQER1kWWx7UqbFu6o6coFKNZ4Yn +7Wnp8iZHfCOMTZCS/Zg8IXfw8x9zq1YcymweAZBaXrWhNDXXItZVOokK089tEa35 +YqCdnR+QjVOKqjiPLoA8tRAt+nFFu65d4Dx0BS9zckLiHUJsNuMCJMxJJGCGKOaF +sTsI3UR1O4eXkTGt5Idvrd6yLicBzh5PJ5HQ2qo6hTS1t+Yc15JZiUrsJQ35Zl6/ +7jQhoD87VtqremjDQM+T0wjWcki4L1k29OF7IYQVi6+Yoa19NrqRHgLafMTu82tW +s9gLztGA5gcuhZUkZpIbT/f0a5wUmgNHfudXkaZ2fK8+H/Ctl7KzimBqTqYTjYqf +4pBmJ69Rmz0MRjw/w+ZueYwu5O1KEaJxZ9PngiDKdpj7yJxliQJYBBMBCABCAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAIZARYhBIaBhAaSOf9l3gvNfdm641mR +3lsiBQJeHIz5BQkJabroAAoJENm641mR3lsiIhIP/02b8J1hk2cW9VRBVTaZ2W/S +x4eAN4w7j7GwZVvK4skOcv3xYqz9V7nG+aXHddaoSrmTbTBRPe2AReZnAEtNoGtp +scIui1KCYfVQf6zGK2Y4BpYnJO0CCuZncPlbTKIECt9f3TyJSS82ngFy57ji9V5r +kiWA7/NoWaoB86L18H1GdiHyK2oZnkoz8GXTO5sgBPqIuH5GAc8T6Jjgh3wjvfJ6 +xOXKOmH6EGdqxXMzt0kBuumIfEYbuttldGZhFMWWE0oOUFLjanojwejPauqPxyP3 +Ag5j1Ir8zy1Dhud5nslBsf7yhGvOjXxJ+t16BkqPAmXFTXX6ka3di6xZ/Gj/X6qp +eJaPt6nlCamG6Q0DU2Hnoeai+WuyqTvWAcrGKvAq+hLCy4kX3MgyikCnB8lOnZQZ +2PygKwpgOzYnoA/4Wc91LT4I2BTECTjMP797ZawzQHa0Yqi0cNcTC3F2oLmjvxRb +lDmgMXQnTvmJCstYUk23PQEbTABW/cZ3DbyUESZeMedZ7nOyQB/0E8Vfo4hl2c9u +eb1+D4rre/uX9rztefJrto/5ZB+FOnq2mPYLN7TCD5I8Odo4t0oCuapT8jKMyrqI +7lFpnZBYV2K0AGEMKIzrMZZcAa6q4eoal6fJAH34oU6lpgGz9MyUse9CB3K9HOy6 +LYcWcO4z4U7/U+aHyClAiQJYBBMBAgBCAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIe +AQIXgAIZARYhBIaBhAaSOf9l3gvNfdm641mR3lsiBQJcOHQdBQkHhaIMAAoJENm6 +41mR3lsimJsQAJsjtWb9mMTBwdqK0UhXJgmeCsE03mNmAwMb2kgvk3KgMeq5Qy3u +BgCGafiJkibso2+8GEyNXH49ovV21t6xU20crhZXh+BvAwqzJuxXb339lNLU/2dr +v7YWHhkIQRaAJ2o8V2TIvTtk9CpOfar6vpQ2U0TGja3ldaq2KjYJpHyZUhbhWpIr +pqb5kIaNb3P6kCTSfOlWRYS3iDS4v5KMI33sXm3AiIxXH5Yya/Kz5QrfGbvgVuwg +cQr1AUOYIMpAFkWMD2G1EvF7BYRii3g+FA6SV0H30K+1JZvuOjYwkJwnA6oUWgmX +WvTIQKE4okm9DFqCkOS02iRbgFlaVmSr3tUxqtwQ/N2kIjg7giHlZ3cWkxFsxGma +WBC0DyvZ8AmsVdWWbo2KX6hSJyLVIXgDS4wx3GzE3iuqegV5SpYSh6TWdlb4ULSx +Zmmh2c7MrceF8FxsL/xFeN/4nJv7MHKP/NEJ0CXMcJ4qCQKjZSCWsW+4/5aZvcXO +VXpxpDKbK988Ffk1WjQ+m4RXO+ZwSLhEk561xT2H561c6O34v8wEwPKEjVL2FKly +LUj5wdEKht6fY2yNQa3qpVWBtZiLRrzt+xD4r5Sz1otajMHx26NmqPEjdrgr04lH +FQ7h6IZ8AsQopHhmjqgn7LE+lAvFZCyDm34n8GsCTAFMEUxB5ZUDNzyziQJBBBMB +AgArAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAIZAQUCWlXCDQUJBaLv/AAK +CRDZuuNZkd5bIjxOEACHe4lgJOPyRG+WMN1EYglenf5iMsuz5kbZK3BZ9jjZsC7x +C8Sda2XTdz0ZVgWdBm8NxpfxQsBdSBblaL3s35AhsiklXBV7vy0ag67X0nUx9yDY +mu0HCw+PQkxVU0Z3/AC5SQul0+bOTYG/ydjql0FMgU5tSWruP9BSSshGJ1etcBXj +qBjKdy8rsiiel/BahrzJ2r+HSMzY0Shb99lsSugs7cf0vhWj+jejfZBfz3K1dV/x +tsF6s2P01B147zQRaYCD/+0BopWnT9VsSehk5lyK7yEWR4WwBfJSSUKDmHC2cUmR +74F3UbHDGKhSjAnPuXK8S+7rV5P3XDhotaTSbiN0xEbLC3+cGSDHYGD40+gtCpzf +/E2joSCKncNPXKCMSqUprlrk99vUBC5disbGUZ7aUm6MIcolj9dKGUnWe+WcBYOV +5S4bK/Rtg8eRL9MrACia7P3XZmNhmtachOtlcAWCtGXh4jT+WZpBUTq/lKjv4plt +NiqQMXi1IrE3ahG95QERNRxvL1Ed14p+8vCiIZBYv+nGxYJY2ciyjPMaqOBGgwhq +HtbAGf0hGV0QU4ifQrOUKFvfDs630LEtUmhCGDu0jViioakVjqEn/aDpfvDXPvcW +fLTDoMmCus6tIlOkFY+kHfB6a9MKB1Y94ePue8RsB2hS1JRS88hzjryZ1jpsKYkC +QQQTAQIAKwIbAwUJA8JnAAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlgwWI0C +GQEACgkQ2brjWZHeWyJlhw/5AcW0c+hkP5+ZjF1aDQBh+0+jAlWPoskjm3aL79wN +3UwfgzjgTVTmZpjbYBJAPafkNuk2qVKHiQyLFze5Z1QSLRwFJXzmQXZtnMynb4At +AWtPUbpZKiyQ0Tg1t7Ar+zO5mgI5FHZ7Xpq0srLlCwYQwl6/LNIhwgfYRJT6Qbdh +JZq0ERLPgt/k3K6a5DCjNxofu3bHhIF5KJU0S9JLOVN2VgWEt5KNgDY7z1SUHbPN +e/E0LUJ8L8YEhIVDpMD0Uyx0MbpFG/1svtpslp6tjP/AmcWLlqLaVV4WUqQOjpEw +qDD91xw+sZfSqdRPUsbCXlK7BmwzbnCr6syRMm7xFcf3Tsijeuen+HdHjpe3WUxX +13egBfVSINVSQPsdvgn4A5A33/d/tEbXSdEp3S+lNPakf+ry/FYRjZFuDCB4dV0x +HkwTfZb+y4VH4jnbToxRTk9/dZ4rK0t5jOCIHUFXz0BFSXXCUo57kXla89RqiHQs +qq3rBxD2CNTnxE/xjWY/hEhqu02PcmgFAVIiVVwiL45Rv/eLu/yMvcgEn5utHjto +G3PA+eqUQRKKewZ8S876lXG4rlkGXgcLxLx98AnoVt+rwfB2MRn8S93HhZBx8sMw +c4YOswrqMkpuEbh4R0MJqReqZGCvWcl653QU+UAcgp4E6OFKTfWIwOq2RXldppW3 +pKyJAlUEEwECACgFAlaUBZECGwMFCQPCZwAGCwkIBwMCBhUIAgkKCwQWAgMBAh4B +AheAACEJENm641mR3lsiFiEEhoGEBpI5/2XeC8192brjWZHeWyL5Ag//b2/TbicL +arXP+DLJNIuTGUzgqnK7utBasFWCixTkJfqYbpCIy29JkRR2Oiu2kWEY6tM9Vto6 +R8jaEqcCwLZqDSyGa3dOhOiigeuEAKQURNfLx1YJJeVKIwbYkynGh4y+p4XWm48X +YIvmYIlVb4ZSRNdl0aM6AH+Sy/xda5OlVDwnsuf382vuRzwuaC0B2YMIm4ZvMI4m +dKGI+O52wJJKX8h20lH2ze9kW4Yr4KBMMxV+aAAHTt19cnPsuhCGlcV+4IQqfD5b +gbtmaAC00BViw0E1JRvxgWucU4LsRWDogljc+up1VHwFA3Itz4kM1kbXjITzD1/k +Unc4CfWqZx/Z8tBAkhjm4tIhrvVsKB+PdB2RRlfPjCmTwRKlNUkP4SCGKpmULNT2 +YGp+4BRQF3mY+9PB2Rk5HDdIn4m+I2vzrmKEIa3a9gO0+UujwsIgXeQphRNE5vaG +n892Prh1OJ4DLvxmRMXf1LJ3YTcYe2kvMhDdXNHy5eiLM8wyt7GPyT0US6416A9C +wYFcejFbicfMhNRR2oRsaAfug1WScQGUt243izRF229ITTz+I5MBwqhBtRe6ZqnW +LqSZfn0qaDyuKiTkjazd/kDOjiFjkyKgFC2cVnYlApRCNAN8nQ4QtH2jWZw+tpoT +OzFID7slu18nXYZV6yJ4xb12KBvXxxZZoRO0MlN6Y3plcGFuIFphbGVnYSAoTml0 +cm9rZXkpIDxzemN6ZXBhbkBuaXRyb2tleS5jb20+iQJUBBMBCAA+AhsDBQsJCAcC +BhUICQoLAgQWAgMBAh4BAheAFiEEhoGEBpI5/2XeC8192brjWZHeWyIFAmY4/VYF +CRCSRb8ACgkQ2brjWZHeWyKwKA//YrS8DXuvtHGErAbPyOOPq9LMKEkS8nQHT/6m +ukby/d7c0S8Gm/RI8hYqqgzLJJhVeQvcVePnVhH4Diis5ODObKPcxr1uBw7huMkS +5DR75Bx/UzR1Lv2+xjBeUf0k4TktQmAFnzaQYFxG4/Xjsub7u+R0KK7AxalrSB4z +lIYSYpdiGsoNIB6bzXnf/TvOUJi/yz9PV7r2aTN3dLsAOEu6CcMGxI4scfjwkEjX +scyAkACxKN2zGeEM2xccSeM5axsEyUdbAibrh++NfFV8JRl8Smk6bfyhBB+CMsIA +m6yoHPhovzGYvOKofF8qp5XiEd6c3QhaX47VExkrQAHbHWmrgMQ46mG1VZgV4AQk +JHXjS+k0IzS1Q2glveS2LvXjQKZUkrVjAIHcd0Mo7+/FYFjhS93EoqD6FC1TMMjg +GwmhF04hCUOwGlRpgaYJ0bM9dqJLNWPkxR3OKVdgqlecHsRiTkUR59nbGA8yQ4o7 +QTnID/BGyZoYMB0O5c8ESAWIVS0ifDw46wyBMnb/xsT81XgCTcOv2jIIrxs6J/DP +Zuq6zYiN2E8WBBkIvUpyH/PXmVbGKWAIt1U7nI4gZBw2GKxja4bH1iVBNU/oNLHY +TqFo6y+b+t2pxz20Xbsazo7SxbCVVDMobxp4qvWhyOW+1LLCEzZuDiySpmTD1t8i +YiFDZMuJAlQEEwEIAD4CGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AWIQSGgYQG +kjn/Zd4LzX3ZuuNZkd5bIgUCY8bXegUJDxQFZAAKCRDZuuNZkd5bIhcjEACKEnVd +29uKZFLYBa13xQJFvW1Ts4SNEz8k/iN/cmEf0QA664qmxuLm89c1VjIHzquc/SyR +0mbr70wI1oj66Bwdxan3yhnCNqFvi+6styU9QKVtzIn5GeIxVk4efTg32dWx7yYm +thS8dc04jjQVqDyURVE3FhO78QckiSN8zJ0YF662mnjZ8gKMUsSCbu2tDXq4u54U +zhJsd2cwGd2aF5c1liS1F+A1WLt0yF+WtNKH9O+ER+hFBb8is02IKCQuQm8A3DRe +BotxtBQ2bciAlN1uMwBEEYAMXz33KIK7f971+wlXoKPiSz7BbHsSEqp60pt6HnOU +dcFutYPQisf1fVF66kGEC6Vi1VcsyR5Que07uGJ0HZlfLdNxvobopdyEsuu6BmN4 +7UB4ByfwK7VnGTrWszY6Lqwa6kixJCAfolZb3mCs6WSmEGH77rpqN5xvIjGrjEtl +0Im94rr3kcolTtjtDNRvHATAUQZJwOXHOx81pK2jnJ4K3Bvr8EIWZeivG9kGMXRo +H664wTyJf/yWvp2LeAdue9CN0szHZ37AfiqnYOydEo6XD13/FCXsy9y0/CKZw4te +UvtuP5I402SwdXgpvtB/qE50QfTMGObPmkerOAEwM5jmtf6bOBbIfw3ltsCq1Plw +wu5MjCKYixB4OfaWqRIygDDGmopR9y1Ff8uTwYkCVAQTAQgAPgIbAwULCQgHAgYV +CAkKCwIEFgIDAQIeAQIXgBYhBIaBhAaSOf9l3gvNfdm641mR3lsiBQJh4tFjBQkN +L/9JAAoJENm641mR3lsisFQQAKJKxg1YShT1t/XcHelU3hodmG1DAIGOG7fYcGXF +qWinsKYOZuHDvw13lBjXIdGBqkWcgA52QMeG13f8lzEfSagwMOknsPzo1dtV4k6f +jJrsGkmQt+gbWLmk87gNLqLNbZ5VhTlUGiHhKcNV8n7IujZKbNPgrXWqgnehEjnW +yG2zZes4laImrehwLzunu5okJtgrSOXSNkmWV+L/QQOMZcmd6FNcD6ehzAMNM/9G +Xm4+RUMQPEAgPPT8whwBg3FftiZRogpE1QOmcCMD/MBlhAUnlrkzTsbsLftwJTxA +TdgFfAhbE+Bi5IqXWxr0XzDulYfL2PlM65hcyNRyk8rXZrYSXQx0Ov03whkKItIC +3GCmS89zME2J8za1JrQOQEXZhCxvv9PXSNKvfamZqC7vkbPjnT+I1WU1vxXUuOrs +bdk/yUNtK1Ta78za+jguGBgQy79FDAALY29fc9wvEYT6pfNgL6/7H3Vdqq5Ela+/ +Q/77vSnqaZVDA90IOWVb4Zmc/Rs7Pvl3vyfA6V7FV54q48GQekdXRWzQbt7E+tw9 +um9Mlry0mQ1yBgmSEQBuvshtHmvZuXAG0aS9jGb7bzM7WxL0OONT3bU4x3PAtXb0 +5oISLop+sXKBxKDeKjYAgXdLoY8JwnqSfXU5JyNdmwrx3q7Zz7G1KkeiELnJx0+R +29WEiQJUBBMBCAA+AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAFiEEhoGEBpI5 +/2XeC8192brjWZHeWyIFAmHgRkkFCQ0tdDAACgkQ2brjWZHeWyLJJA//eRK/flE9 +vSYXhWvV8CiKFTWsyaUHXBY9nM4dU0sbm6rlX6RvFF3zUXuDh1o1aQi+1dzc5B/v +1BYNEU0zwdjXZuhQTa8sBfPqPCcpmOFe10Dcc/kHIK4UYUDUDlmUMozAor1mfTmA +TE7sLMMR3p5IxuSUHj+o4Q1u5dIvmYU5q2eMHC6+9UoX8Qc21y/PdgFF8UeuBekg +HierJOW9uocAp7TKh70n8xsjQ7M3BtJq1UeLYQmVkCLBxX+93oHiLJo8IO/NFLjs +ExzeoVDJS9fnkEjjuP0v7gQ0+oC4O4CCH4IkQWIqDqdVn1BRWzb+kxIdy5i7UGA7 +A5UZHqwzsNa32OKgX3O5EBykUVix/+H5XyDTrUXYW9X3kx96B1DEpW7RAiues+/l +ryWPpwPcP+AQvObd1NprKH9WKirjsjd+yRjpcxX9HptDSZGnk+O75sSczaPjvsO1 +QuCRSXasQi76qg8Rd/Xdf0c7Vo4pGIBgCFRkMmxCsk7apiZUx1YbByuCP/I7BFqu +iwlVAdB4fCv6yNr6pki8FNwPWqFZm2GS/uXoXDo9mcK/yCD44tQeMU9vrkjHY9Kv +2O1/0piqiGQZNBFG3LcdsX9sBTjuji6uzw4azV6lbqEe0MyRNUsHI2TDBD/SFU0z +aTmS4w4BsAJ3/jFELppLleIdWK4t7vfVfAmJAlQEEwEIAD4CGwMFCwkIBwIGFQgJ +CgsCBBYCAwECHgECF4AWIQSGgYQGkjn/Zd4LzX3ZuuNZkd5bIgUCX/6+lgUJC0vs +ggAKCRDZuuNZkd5bIvwCEAC9fwIc2MJOzgBmC7QcI3RjTMZNMqpwjqxp/S2CYaMe +J39cyXtoGWHJv5xlIJ8b5Sietj84tt9HgEYMtsOMXkvlRaDvv/S3R1gzqVj/KZZN +dIQe/oSjt19sbGZcPB2jFT3Rub59B8uTWEBZFDO9o/QQwVJsHFkNm97BYwwgVtV6 +bRIB1frmI5zx/iux7sjYfEH3cCxApF/HsiplH5yk0PSvJpImi6mWAT8QmiI3bBtl +rs/UYNUkI7j+dOo9w0gtHwiCwsVngqirX4m0ifFp1RHJpQvh6Viy3hCcSicaP1sF +cYkkbKgi3dqo/Agl0vOC9W8G7o8T5mdn0fCXyyF3SFNNz795GZh+CUOvuPjaaLx0 +xkKfEpi9nfJOZgC/pWwYOZpR0LGhoeP5N1YGS39Ok5++dDM/2LwOzqUSuSDpl/rS +Sx+hr1BY+Pdjd3/FIj5sMw+5ce64nhzj+g5krExCIlZ3BFQJ7uDvVCGMWyQW3bZP +dHnWMPgfO2odEkxT/6F+Rfe+smv2Y5Lh1aqi/R8M84gtHCMcz+rmLHwyYmH87/ps +GDJCiPhkfR2HKli9ZXxn4BnckGcVLSkOf79k6XwrtFJHY/C1HsvOC7N4oqu+A0kz +Rcxoz8+FCMdDnH2fpv/FhloaTWX6M1j0jmseQVHI9+mUcHQNHjvGFKByIez6OIZH +/okCVAQTAQgAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYhBIaBhAaSOf9l +3gvNfdm641mR3lsiBQJeHIz8BQkJabroAAoJENm641mR3lsiP9MP/i/ujdpK/6Ti +2Z96Jkt40jkkW0QqfCibg7+jtgkr1P52Q2rzEQNAR6d2bcUjyZJBk6BVIcFUxLaf +6Kbd3wPNqGhaofH2LkgXKqnYdS9sds3AWxmI00gjVWbV5d6m9xojsSllq0iU+I5v +PQFNR4GOYiV2wuGIC+BmVXfNr9ktKv3DcPl0b+DRS9HiRNT/iVimKzC7ruvwgh1N +LBtIFj4eo6Okbg4d0+bwhfRsBiePAzDcl5zNOpy/4dIa128v7sgrbLCao6LSRGnE +JS22QDaao9HUa0em9IPab9m3r6Lfi+GVTC1XnzXuiY1oP/JikehubWBoTSxRCM9q +/75nbuiQr63WIJgn+nRfrbuY9hTcwsrVOZ9cQtUJRek7+swz/4Rw5LH8w75QkGhr +RPWnHMAg+n8wZa+35EzrcyuBdSHELAVEZoEEsFScUBBU9ZqW5BsK3w/t6UI+P8SM +/Cq7QtQheKG7wxKL+MUMiHQ2l9COKvJD/T08bIyWJsl7C6qoVdh8HUlNiXwqrbru +vVAKVUPQUT7eda+1Bu6l3NYZWQ485kwhopX7hpMAPhSKY7bH7rcecxDQw9/fAV2U +MQ/olFFWlbRHYxJUeVd4tIPWO/Vs+YOwHnhORizLIXykFTcQVMyNqDu741/4DdVc +dccDW6GDwkbQyJ81hUbxPZwQ8+3ZducyiQJUBBMBCAA+AhsDBQsJCAcCBhUICQoL +AgQWAgMBAh4BAheAFiEEhoGEBpI5/2XeC8192brjWZHeWyIFAlw4dCUFCQeFogwA +CgkQ2brjWZHeWyKhfRAAqEK7778ZXuaP8M9wTh05ttA2PNGJFPdg6OoOn+A76Wy8 +5i0Sdi57d5law3F7KVtmkKESOdhcX9RvhTMZUg1xILqKlbIgXAVrar5j8+dxEZYl +8THaXEJyXePYw7NAbBKxwA1SYDlLOiHwIMSiM4JaRFpFwAA2G3lx9/Gx8x1oOvoL +fDLnI6IJet43CU0YjNtbTqM/pXQz3+XDniIv0OGYzJZcOy+rJgXYc7ZI874WOQE3 +kxXPLKzA1zemcFdiHw+YkgQUq5ILP6RJ/ozn0mc+7yLimN9Z7VyU0gtF40zctxvI +8JxOucvlxmIVI4p1STJelBTMBPI8lJo1ADaGbQJ4Lnp/78u6rzESdtX8QtjN6e39 +x0RGonwKSFcIa4IJg7VYeYLdv1D64D6mtoR3jdnPXAqCBfF94pVWJaxIGt5qzYxw +U9o86aTqbF7Fmrw8a0sU7TXQIzVfGEUMVoFiSK82S0bFCBBMb+T3qfLcS1kyNl8W +rBQIDyxxT2mV0IqOiy3zrBVj77eZ1u5X3h03oBrwpcV9NAxlsDXH1EcXTuPQb6jv +jgWKWWDNpjYU12D3w1ihtNV3PrCaqYJtnQPoc1KiKBYgYgmpIsQargFtOmR0bDn1 +svSobxfO67PLbOgxCU49wgGQkypEwrrrMHGHxiMA18m0RNOE8epJAZQX7iWt3LmJ +AlQEEwEIACcCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AFAlpVwhUFCQWi7/wA +IQkQ2brjWZHeWyIWIQSGgYQGkjn/Zd4LzX3ZuuNZkd5bIgpdEACGvBzQ/P+n8WxN +GlE5GhuXx1mtQYptzPOrQPYLyzs6P2JodiXN8e2aJ6g6RmIGVRnNEUkBBRM9Apts +cTTrjl8Yeg3Qa09yKFw7UwavmVAcrdvS8zMIntog7q0carSoZma5a/JxCBtMXntq +wk7p9+IaOoIlcT6bP9X5dtB5cvV11JvfzBuqix61sDh9vNJBqu8JYLOwXWvQiB2M +tWFhB0RVA+VFO28arXpnNveogKoKdWbAaKwtzgI+A9ztXnj6W5XCrWxNGCunu2F3 +ihOg5febSj4yt4Jt5diQqYudsGv+0DLIkLm0NHQjZ5i5Q4cA3vPIUT/3NeOmblEP +r6GRJYeaglf6QiLGB35h1hpQvRsEAJ5UxWMmxJRmWhvzR3iidTzDMwSl9FKT2TsX +JSwvmvdMc2mYwpcvwECdX/zwWYsdXoOQYRWftfn+P5MmtyK5Eyc7/veMW6h+mNDI +cih6JKntCQp4SzbFfhJn6Qe7b3rvInb9ePu8hqW6/d67Gf9vr3mlwWW2oOs3z9c5 +8bMxKTs+yAFx7gHyazazJtCFBDf/kBqxxR5B6v9w5UmHWztaoJFZyxkHcL6SKj6Q +KSngCQ2Fnj2Nz4mfM9XKc60aB8YwnCfrFj/z2KyhVHTVvUaIz+4JWzjPY23H4IoP +VLE+MDqXi7y7Mvf+gSE91QrH3qez0okCPQQTAQgAJwUCWDBZ5AIbAwUJA8JnAAUL +CQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDZuuNZkd5bIlYGEAC3XmW9klFm5JOH +Lw071F+QNunCxf+i6nFvDK8L0cyABeG+dOGDPBeMRV6me+YdH/mR6Q53gp1NswXw +oyQBYV1JC9LBF51UL2YIhpzDU80qFm767rRLI5Sxtiyds76seRJeYOaNoRKDtgOs +m6jOKPwqU1gJ4cYhAfhqlWjcR5onpckORzwWQ/k5kZK4mK96oa0dUMtoPVepcOEi +HStvEtxweee6kq2Kh1olriw3RX4PsQy6fWEdroduDze5HQa800sx3xs7QFtwnxH9 +ozMgb45ScJ2QZuaniBARyK3I0vJ2nPj+nlwhzwCfYRpS4JSR2n/OOJheZnShiTSl +Ju2dS4FIyxOSZ7q898JUcSSQBNhU2BD6hsgH62Mw4yHV68Zxyera0yNuT1wO68GN +ARU8i/quGlAs/Diz9M7fzUIKo/bqr4MTXTtbWJ7QBWe2H3+/sxRzIbtb0NU46ukw +iRuD/KYNa5BLMebldn3g1mhC8Yqch90Z69BKDC2HW+XNYJt9c+RrAgfeAl006Iex +2ykft0M9LRrEIEJsvIxXb7be88Pn+O0BdxF/Ovmr3useQAI5fH8SyAt21HW9mIvP +ia5rIfy8l2B0pdRvjRSMQlvpkkQje+ItUdXAbvZ6kaYO6gSvzfdcNupt/LNrq8Wd +czEGnO2wobwBRctIehqDrP/kGJCmzbkCDQRWlAWRARAArJ3tw8pZRWBp+njhIsyo +F+YXzHLTLQq6ZYQn/tIXfP/5aB2bdjtz5MNTTR0M2nbQk5WDzCqv+0iHi7ifiN02 +QaGOJgbXNFLktDeysRU/bsYhJ5P7RvR5fbDsHPyR460VwUoLgZG6swScOOR8cTlP +xjwiIlr1/rmAkMp/OlgZ+xfiU3Af+lrYQ9G9qokq1KGnRfLjXGNjdGVu3+qipWi1 +HO4s6viSry7xd2QOjkzFIGA+v/Q7zQboSZ5xy3oYThfsTj9qg7huJV4N8LHwhTBx +GcAelnoW/xlfYyqThYH7RWy5Im2zs6s1F0p6xxCgbCzgD/zb19219fMjyCwRVI7G +0enn3PC/+xkFpPuKGZBagD3uoc3Vvmh8QRMkNHo0Cy/KWXkdF7Aj7HnIpeBevmxO +oLUSrkj9SQoA/ezBgtHjhMbdwiNnXFbDs1ojvoLu4ftXnd0FAroOJcTPYqfpfZGN +ujNQtnbFcX2IFnZrI/XMTHp2TTj6sTw1EOMhD0JgZF7AdOvh91rvIS3qUBHUWlEk +mXE6Rv4Ew5fNidxdlE8e70CoRZx+FSvRRiH7snhgNgdmL5Z06HKOT/ffGaFW0Nq1 +Ri3a17wX8B12ai8mBTj10nH0QA061H9cHrx/Xez/TnYkXki9CUFGJO18IysneQEh +8C4IF1N1jY41GXJ7sCbQMOsAEQEAAYkCPAQYAQgAJgIbDBYhBIaBhAaSOf9l3gvN +fdm641mR3lsiBQJmOP1sBQkQkkXbAAoJENm641mR3lsiCE8QALqNwZ6lmmUM7Rkz +S4qBXcT8HQgWuuIzA2D6jvLmsBdWi+CxeaXFI7AEY+OdGjbXb1WxUREG1Qd8Opg+ +NHq2qe9XYCjKRYXh87Mm+8ct6AVTQ+a5sDtc7oIJY9vk9hbTlCt/6v6AT+OD6kmq +z044zsmy0S5ZQDMEuoIx1RLq2IyxwrMCOc6ffakk2URA2fdPmZZWcH9NFenjrZCy +1BuwLMsjE9I/zQoOC+r+zyz8Yw1r1MwoXl2XOPiIgwNj9mFNE+9S7POOPQm+DNkQ +sUN9aE5EMH5sPPliEEXOCnxOilqJM+f7rbk7MLb02vuhEIZtlRJg7zWcw5Xl39Lv +VimKi3a9ugvyupo8aoM235CTQMZzbmrpXU7uuhrDqqYqMuCYF0ZALH7v3xnqlRsf +y0uHl4xGjtBq77Tp1/H+4m5YKIEx1uV57Z43dSK4FOo/SK3g01a8qDUkLwR4dJSj +/ErXwRvK2ifCqBTre3leT9jAnzq4QjSfUmbbRCGz6AyWIcrLoYmhq6HtZZelqfF8 +XpHD6dLvP1JLXFW/XQebBNjnX2sMSnuolcmiGo4Qy1KM+CQexbIur0m5JOf1BCHj +KXA+IFPHCexoDM7cwY7gRhHGVPwIcH7i3zIrXUn30uUzQ8vjdfHimoVbyTLRnzpP +9T1q9oOjjW9HogBYJf4jZGakcCGF +=BhoE +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_8735540225E98BDBC82491B41E9C3CA91AE25114.asc b/git_signing_keys/keys/key_8735540225E98BDBC82491B41E9C3CA91AE25114.asc new file mode 100644 index 00000000..59d06d0b --- /dev/null +++ b/git_signing_keys/keys/key_8735540225E98BDBC82491B41E9C3CA91AE25114.asc @@ -0,0 +1,41 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGKqedoBDADJBEGR1HhCL7NNss7dnXuudhBBd5HgyqYuPnPSRse2ai3nonDB +s1BvgquoHF4JG0JeMD009HXctqFStEO5BzDdtfMyWJ1HLChqQRjEMxZ76HI91yGn +pPvc7GPP9xxGs1zIM8ZGj3dGBEEUOnFBqojHVa/5MfIpf+UqPMkjck8dmEYRcueV +8gL+woFwMcw+9J6F9KJlFgbZGXLH0MyDd1GJyvhUFvwBT18CFWEORsBKvtxEZSBy +7mDFM5EAyY1FBvOxLiFn9B3tUXfCMINdC/RRCbzekmvilWrXDMWgCtLm8yLQHiaZ +KDLu5tvssWZH4p5vD3zIwr0RiCDzprMuwEqvSQchQeAiWUZpqjb114wdB7YLouae +otvVGdl4szUQ60PhlLarVcngAYZLeK6z3AYUei79wyzT04419b0wCXnwbVSY6pxd ++ltqybgbzJj7oiRq5qNPO9q1x3v+YsaWyJAevFfEYuGHfs5GPpXG5mCM21gmZiuK +YopEIsTivuLhExcAEQEAAbQlSm9uYXRob24gSGFsbCA8am9uYXRob24uaGFsbEBw +dXJpLnNtPokB1AQTAQoAPhYhBIc1VAIl6YvbyCSRtB6cPKka4lEUBQJiqnnaAhsD +BQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEB6cPKka4lEUIjwMAK/d +87VrnyLt2kqIScWB+fcmHe1SC5LJ0Q0Nuwd1aVB91XCmwppV3Btv/HqipKCbP2Ay +vBsQYdTorH+uANOK/XCehNE/uE87Q0r3c1ip+ls1iib5dQA/rJEucgDeqHhF0bnT +yW84fpQnt4E02ak2Szlf1EqQBkkQaSxLiULAunaL58QFS70CeA+ZCML7XaCASlka +mo5+RSnlvTTuLENY/JdaLFftH5LvIkhnzLP6kzqhD6eUMmeAa9xS/VvFczEve519 +AqoLsiDhNLsIlyS8PTc/6usvT7nFo1t6jeRPWA4l9VJGKc32ZL0q+fRtWH0vX0dL +7lwZxsaqLR2bYspprHoLD/8AgdvZ4R+zg115gwDvJatIZRXWtOxsnLc5RhUbqUhB +XRMS9gdiGU76uxVjOsviqocJ8GOkNnZfkSsLQUVHC+1AeOnsNbn9uMfkxC+SzV6T +I9LEYHZ7aUQuHMvwQzDl4g4H7Yd/Mwx8hkcEAgf6l2o5Iiq3pTjElpsx809VCbkB +jQRiqnnaAQwA96YqFadhK04bInnF2HSuZtD2k8+aGeP5MbRR6HXAnQSnSFSDGBnq +DeXD1x1euy1/paCYiEFkw9mS9W9qD34k0yEf+84zmNFtxvHZp6XKMCbXLbMzes+J +FGeOB5cfGGVe/GxNPJQfDTbPgrpjlvPIaHFPu7gnEd+hL4FTPBcfSdHyUoS1f9k6 +7mA6DSTz8UkVoMiFlUJyfKEM6nLtWXep8K+JkphKh0RDlZTcjreGuwqtWImBRErA +RbEkUg1EQyx+A9AhmjSBzFz1zRELLQbiSkNWe0YcRPScmkoXbpgoq1J11GTEVeBX +lkYTPvPI30DQ7q9QSDvfiRI8FzEZ4XCxvfV1IM3bsR/1e1cO/3hLwF5bMkDfOITw +2DbaYGWY5oAvsj5XvzfVMwSDxMrTXjBSVBx/L3f51Msy4SmzsrPcl/JR7VMtRd8f +g5jzc+rNZ3UsD0hydVrIEnYECmbaWqahjos0EAKpi8CUfvHqfV5mBEYrqKUnHupY +elyJ2oX8GT1LABEBAAGJAbwEGAEKACYWIQSHNVQCJemL28gkkbQenDypGuJRFAUC +Yqp52gIbDAUJA8JnAAAKCRAenDypGuJRFK05C/9eGD7mHOKEujtOiuebz4WsKfuZ +TdZ3AW7OzDlDFrwXTF0FIzidpSrsW5/iGFk3Uekcku1BJ7Hb7zueH0akHPeg9LHt +D6SDtasrY8jElkBo8p8mj2CDnCJOVts1yW37xDiMj7fzq7Nq3YjNzjAlGQyGmLWO +NVayqV5G4tmtMurAJ5HZKkMzaYwdM+ZixZ/qc3Lg66FGNUF+9i+YrqbMSXZAqEmB +amKgAodlflTu2Fy3W4tZ4IcQ0y/irLM9HDGh+lBB5QYTqj5ra750TDb7qc72tWDt +1q0ydgGMmYCHbwQM/i9pvEJOtBoJWHpj5deDeJWxg65GyBaVWyNJ5bXpEgYrXDOf +NbgFcuytwKLehoikas3Bm0OXYlewuzmbQNhysdVLQHKh58KLgU2wfqTdCm6riv5N +dLu7oysqFPXDk/iEzkgo8wbmJrqY7zfbazqZgCIjyD6Ym3c7p71yZwvUlWpUC0eF +TDpTzLru1daCcxs8s3k9xMDsIG3WvJXWWJicjqA= +=C38e +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_8D6066CF922E52796F187ABE2BBB776A35B978FD.asc b/git_signing_keys/keys/key_8D6066CF922E52796F187ABE2BBB776A35B978FD.asc new file mode 100644 index 00000000..a2a3acb5 --- /dev/null +++ b/git_signing_keys/keys/key_8D6066CF922E52796F187ABE2BBB776A35B978FD.asc @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFs+h7ABEADZ69WSCEZqxCLk+aER08xEcfqzTV6GayuxxrCMm/xeMhzOijkT +AIjfae7T8QoXO4TbDtKyVI3kWaSMZnNNWyMVlBCELIDFzpRQJE1riZKKqbMIFuno +GGaaxIHFoGVgymYbxXi497KNm7r4p3/z0pdthDPCTbudZ/zg8HxrhrDoLVTbpgQs +Fu9sVgYeWe2Jv5aVQFZONPqyX1B3iF9x1EtY+RXvQ5lq6DgMtMd5aSY0X+WED1+A +6qSQ65lCK6LO9p2IT/6nBnRl5VGWfkvMLxKUtWCZtGQ+HcWDaCY9MOFNiadi7mj8 +GNskMDgMk481f5DawGvtAAV14ZiBnVJB8qG8NMqt3dMKELuuO4feKIyvMWaQ30mx +1xEQ8V05hdATbdz2aPkMY8Acf9qx1uItVGOmOQeTCZac5faTSoRONa0gtffVD+2O +sVH6a1tGT0qgAqoASoma+RHOIQ6qZ7/vdal28LAz8WVhSaGpsHlrXh0SgtV6NseL +kNNpnNxb/991X+lFJXXXQu1MAhagWJ06LAflUs2Oy+vhZb0eT9Y8xSkqrGEWMk1k +Q9lskGh4Y5Ztpot7uMfmPgFBidHIDEUjjOdRYJsDSl9GbhPSYtbeuwZb6dj+Byss +X133NJ9f/1/lqEoTvwtDftnkE8oEIqvgsSq3m4hXHJd+L3TK9H1yO8Tl3wARAQAB +tCdNYXR0IERlVmlsbGllciA8bWF0dC5kZXZpbGxpZXJAcHVyaS5zbT6JAjkEEwEI +ACMFAls+h7ACGwMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRAru3dqNbl4 +/Za4D/wPFRHzElhnCB23/dEOgcsVhjlyffncmvQdZXip42+K3Uz7kQYeS2eD2J5T +o8nTnih++82Oor2O5WbkTw7k+WhHeM8r+MPYkqzyEGLzddHYohyUQGAD5fe3gFpD +AdxN/9XKcZBvBn+f3RsAHtE1mUHNhvgRINC7b4GNmhKOuR7e/hSu83BX/oPVfD3a +3uAfmBExqMH+Ny0eRCvbi4GanZdDXupj2N7an73WO+cfmgU5k7v18E5H5Z7LBn+O +diIRoHnwYrWf/xeM90oblvjNBJ9NJRvdWk5iBgSegigTzELrjRTPZMxBgBRKs9/3 +f/IulpHtbpj8kQLOh6UXnLBsAvgnZHfcMcT6i1axAyFzjFBj8gNAtksxvenSTi3f +fXUO+Kntl4oOHLH7ExeUlScJm33NzXeT/L+L1Y+FWGquJc04MJ7LiLm9MZWN5vgb +y1wsqAxm/AeAAInWGSLgAYhKcYEjGdTF/y1itVO9syEPuFfjiaZVeDaDaRyOVi8h +JsrWMFDkngiTuEi0owQbswpugW8Mv4gWiShIU+fOY5Jbloy6cLMqieT1ANRuORBI +nx6Qub3GLEbrCaTdh4A46OOs8aXmirOA19YpnHqZutoxztDIg2VCULr7n9XzVgLa +wWZV53Fxoi08NIKWYjaECYqdvQyyPoo7cZMbsZjKC7nEno+IdrkCDQRbPoewARAA +oPzqh/oesP2wPdBRutJtwY/8+0/U7Gs9WW7haRmWxSi2mIA5DcR9EMPn2qQH4Gup +Ai6Wp6yzJENXhfSOvmZYBU9Z5LPn+ybwuOlFRfq1FQSq6bfGYlRVIqNVuztKEp/Y +DS8tDcGzw9zjPQ/LFHhi0k4sHJGjl80+kt9N/V8zeU0wYQ+htdkG92wE3sH6OSz+ +AB10zo6kDof/iKj561EeXlFEZyQnWs6qa1Su2zmihwGyx0TettyChLng3ZlOgi91 +BeFkqfpENOicdK1JNGk5nXFjhE/3Lgr3pal6G53wipmJN2krjM7uYiaSRl14cM7a +N7b7kkZnNp3ORCMN3sj4L+Fkk2XF/TZ5ZYrNK1FW4yQ2HQ9O8kNc5EHwpNo8xqKM +xiq7oJOrPV0xkNSDb4opVXRtdlr14181UbR811SVh1DFzZe2Sdfhkk3KGnlAqiuF +J5J845qDdkKiL7jFNeksQ6C0EMUqGlYuCoNYw/Toa6TDv+VcVpFb311XdhsyB+Ol +2mdgzkyefW5RkHuloYAfnJdQFIRm/hdZEzF8hnsN/6V8zP7IF+eF0prMkgAF3v1F +H97n8RvtEyIbi5vXgOQzenCZ6Lp8Drx3OUBrCXKLqzddXN/NjVXonyHUM7WduSMt +Ue/+b6ZR3/fKUb38EvDl2zqezFBao+WL0+cyVit13bcAEQEAAYkCHwQYAQgACQUC +Wz6HsAIbDAAKCRAru3dqNbl4/X2JD/0ThF00Vc4OtUFh4Wytgjb9Xy7a2/R7hYCl +fQTI2hQoyE3J9irgOnolbizfnPntezIIVeyct5KAFzZIKMWYocPbe66dGE9emkQW +7lbs1REfUvfo21IGjnnnJqBD03d3vUnLF06RTwXl3qx/CT00mKz6mUhCFK+5tpJ5 +nslq2GRqdulNclcPWIAtNgUS2QHrNecbMboeWVlDUMFx4RUJUi6Mi3I9eR1SVW/2 +AJE8WXlTXXX23RES8U2K7h+zVBo0jUaBqvXaKOLNPv8BfEOaZIm/Smh4aaVo1XHA +bklDAXP8Ebj98VzAt76DeSaLUd/i0Ftznz8mVThvFWw0VSJ3LQW6lDAp2jWbjkdC +FAeyQL4bAOZZQnTfW7Od/EOtKbXYqTlP+VuodafX0x/zokGhD1+7BhKZT67fHdB6 +TRYbxRAiJwIFCCBLQsEBmklRzUNC2sUwlcQY/kwyxU5W74Nfs0w5Axvpwr5AeOo1 +tmYGnxb4DATVbx4fbH1EqK51SsoAAPf7bOVIB/ZIhlMzIo+IklcG3lMi7CJYpNje +9FqZvxjCH7B7aOh3Yg6Nefx6l+Ziguxz2HwjZee6d4YCSQJJQUrfxzBDBHBGJBYs +ZSu7qEFTQ7oiKKaBXkUbqXWHQmkT3Bgawn3/RSiAyBfSJtVvWhsc9Yy35jJfO17V +B45szEOW4w== +=7mNW +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_A2444D06D3CAFA92F68A21E679C78E6659DB658F.asc b/git_signing_keys/keys/key_A2444D06D3CAFA92F68A21E679C78E6659DB658F.asc new file mode 100644 index 00000000..32e3f707 --- /dev/null +++ b/git_signing_keys/keys/key_A2444D06D3CAFA92F68A21E679C78E6659DB658F.asc @@ -0,0 +1,50 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFpO96sBCACPb+PqUSql7PAUMCYpBPOsyMo30o3LmkUIFXKfggyiSW5zNO/s +3RSqAX5Uv7xBf+fUmTlpxXRrl9PpUSKM+EAqKCa48eDEDiKbsPdA7xP7uUq/rDUn +2QebGR+deINqZ6Ut+T4drgvLDmIZSOgox12MMRcac/idUDhB20h1g2byLwbwwuu6 +KLMiEbzAqHkiN+RwRquA7ulWvr5oFCM/C8PTfd9m3Mhk2cAGppjdIuzrc9D6hhSt +UlMeoMO5/6FpAOT1s+D5uBhh3GnsKmZKr9Ov1zvhObPNtWn9TsNXIZ3cxy+SrqzG +HNvZufXaXaeepVQWScHwKKRgyQ8tlT/asXlnABEBAAG0MUluc3VyZ28sIFRlY2hu +b2xvZ2llcyBMaWJyZXMgPGluc3VyZ29AcmlzZXVwLm5ldD6JAVQEEwEIAD4CGwMF +CwkIBwIGFQgJCgsCBBYCAwECHgECF4AWIQSiRE0G08r6kvaKIeZ5x45mWdtljwUC +XCl94QUJA7u5tgAKCRB5x45mWdtljxZqB/0QtShOrj4b0oTp82xGH1ZXg5Ynspvl +AiTCrPQdVcgLGOJZMOIcYIXEHUZyOTMa82EL326sEfAfZ/SDL1GORXqoz34N/CCl +OIrOcjWZtplwN0ZoFb0AggRwNigsNMHccmP6Zs3yip5SPaHdOdjzVuxufOdrX/LB +ThzcrTY4y1059WciOWCCqR4G7wM9wCPxZDR/r5/qzOpgJdKVb1pgs3huTaUN8r2U +YcQCnDAR7XxSlBmtyPxht8sOZMUxIAjA9UPE0LbMG+KwRlSLGKAx1zsOjjzsaKyl +w8uiJuQiWxquyM7K9a5VVNPaB7CONlOiuUCX0vj5f2hAHm6zicQ1QcTliQFUBBMB +CAA+FiEEokRNBtPK+pL2iiHmeceOZlnbZY8FAlpO96sCGwMFCQHhM4AFCwkIBwIG +FQgJCgsCBBYCAwECHgECF4AACgkQeceOZlnbZY84yAf+KR2ZkuvNZnjFQW86Oigc +5DV0iEqSP0EqbK8dWFT9/INn74IGReRprWSdvRftvLQImxLHJQzXv5dDsIvKUJ2m +0pvhFF2sgFwwz2fZSZ4rFbc0gx/4onLUji13/xFATk+++ZA7eNacUl6yFbthi/Yc +OdhB23sckPl1CPizizDKbcp6NIOxNKYMw3SyLKQ9AdM2SNVuHHSkaajZuFC/QHWX +TfIaq90+7FlrUwCXNqas7VGASEOioIe24W0fBgzlpKGB8h0p4o5ozAvwT4lS+nb1 +CzpTtKxGb7d0Cmhia19M9B2yFiPrf3Ac2A55dUsa7kAEq3CqQhRafYOGLbQsOYV4 +zLkBDQRaTverAQgAqsCz/wMmNiWgFHN06PHQCC6hU0T+uSsDhciTgrHwXx48RTQF +vCMRRILYXNTgfWQT4gqTCssTzkh1k/zibVcl/Y+v/98oazcHtbkSCHBpEkFn5r/C +h7ncX529geF5N1zZ/+8/nMrLQLIEHxe21EQuHRvqqz3diP4ulAcNr7acOquxMK9x +TsCg0SwvGI6uheoZxk1btfa/ehySndz96Jeiwf8zq9GF7HrsY6gdYGLCTRfBVVA1 +tl9hYPSvamGR+IZBG84Vyy0YkpxDJRiL0i4Gg+cViQw6oSsX4rvhCyfyQzDH0qCm +1lKYhS07ovrNG2TjFRGvXMxmKQiOZ0kLLMJ92wARAQABiQE8BBgBCAAmAhsMFiEE +okRNBtPK+pL2iiHmeceOZlnbZY8FAlwpfekFCQO7ub4ACgkQeceOZlnbZY/UDQf/ +a2+vk6x4suglAJQ8x6RmoQZaw6v6HaWU5qpRrNvFt8wDeM816gmZkWbm8EjRy8wm +MS64Lcror2So8xMr0gjY/hqtMT864RRfXkpRbNmdzIszdtsYO2gvIwGU38ZYRI3J +Z/VHMN0qA/Z1MZg7rs9lRazPwyUt3AImC7O3HRSAlkNVAvxf84XTXijn561QO33/ +Lidycw+fLj9JnVlflQmH1nWIzrTTJDt0j1pl1QcEL41dI51b29/aaCEfJbN/aK/J +w92SMh/+Jz5BmaTqdT3dJou9zF65b5tYjB0g3qLbP7dNQB1u5i9558r7xDY7ozP6 +n5phvl4E9vNkWYRK1DhTBbkBDQRaTverAQgAwn7ZiNGr3seFH8j20kgt6b/bXG7k +CjwcYATvJPYBzpLfN+gop10Ohacoa2ZBdYgJxv3w2MXJOxKZ2KQb43cj9mObE32E +yaDhf6vtRqqPXdnFUOVrFbsEFvxQ6LpsPKK5Clay4gOVaEQcdVKPe8TITwgTdHKy +ScnvwM3a4KpVHHChflGZxOHHqXwW8XeQkuNNga3wisGm2FbBDaK34iSm1O1v00Ks +DB0wMjYNnmgyFaUsho1ac5qSlFdctZpoUz05Wce1UErnPxU77YIm0BLJuT0H2B6+ +8i0rgMPUdpe+ODhYcDZOjlkIXbemPKYIr9d4/YJkc55t83ujbC7FV2EA9wARAQAB +iQE8BBgBCAAmAhsgFiEEokRNBtPK+pL2iiHmeceOZlnbZY8FAlwpfeUFCQO7uboA +CgkQeceOZlnbZY+lBAf+OfSbc3nVwp1RdWf3OCwgbpPKt+B+fW2QpfgZnRyTLeip +hpMaiXMIB0NhOpqBFY3YM5Y4hNi/SExJvMXmb+WgYGr6CCXszYhtsVHtXgj2u92Y +MYxf8LSEe9/12msryK3XLwD/xSWRcWXYCal+Q126WNDworef+0lEq5YNNJWADD16 +kmWLnCWIx36hXADL1TYlvHGW8C6uJ0F7LWYkEWA/6d95eH5ScP2E/HFs/wLTwemx +3Synwxnk18XTmV7/Q+S95wk+OXu8JV24uCi6umKFZv1VQKCMiivj52CzpeY2+4pB +j/KolF3MgXsxk2HVdWh69G7cH1VaTHetBriQ/ceDAg== +=aRLB +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_A6C74E341054A169CE52BE5FB65BFE540DEF86C0.asc b/git_signing_keys/keys/key_A6C74E341054A169CE52BE5FB65BFE540DEF86C0.asc new file mode 100644 index 00000000..4bb0d0c8 --- /dev/null +++ b/git_signing_keys/keys/key_A6C74E341054A169CE52BE5FB65BFE540DEF86C0.asc @@ -0,0 +1,472 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBEyNK10BEACl4642TKimqqnfWHZFCpMSGW5F7cQ0PoIi6OfhHHLSBp9Un6NZ +dBN0jjo1Waa25OimEUU+jHi3FBu2hRAu1ZYj6uuWyarUy3ZthW1KXj29ABRZhJ7X +2DlrLt+fq3RoJkRIe41f313odqGICnN6N3wu5hpRmiQiODnLoYHPv7wjTMUNsXJ2 +BtWhFazZGxejevz7qbJH+X2QAcYiD+ymJRUk+voZJuaACCPyN8v/2DxCCbgc3WC5 +drMlS776jPYV8UeEenL5C1EUu7av5aBV//eSKm8BQZKNKuiYkKIn7UFQkbEDIhQO +HpOiV8Fw+3V7uXWfdApKF0xRp2i4Y1DrT7L+52Y13u+s+RRzIf2YKI6sNYaOU+lR +AYl/XWV7+xxKbrOqxktAbuqV9AzMwwDrHJif6kgwkfdt+2hlqvXBsbo6tfaYLAQD +d/rck8in/rgICrfMs1Mv86BWZq996qeV3YA9NUBoS6lsGhc1Zzrfe/xX41gckAHk +tn3RLSABVO8Vga71r0/pkOeYDfMWh1G0hZnKhGK+jV7LisroCTBqMu3h8BY8Um0E +/9ZqSGjVoNnOgJhW81L+96U3TxgYUP3xeUvjpYGLXx7w15GW5KlGwGVrnjYOrFmf +ioIp3uNTRpevlkbPvUnQyX3+8alotZdXxmE7DWLJdVYZiXbCs77YVJh12wARAQAB +tCdUcmFtbWVsbCBIdWRzb24gPGh1ZHNvbkBvc3Jlc2VhcmNoLm5ldD6JAlUEEwEK +AD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAFiEEpsdONBBUoWnOUr5ftlv+ +VA3vhsAFAl/KIoAFCRUeKpwACgkQtlv+VA3vhsAUfw//X01bslVPtrXKTEdgG9QB +eZ+L+TNfcTvo4Rcmabn09W33LHAXR++HG6V6T02heG5WvArOwBrvSmM5M+qICuwF +0gT5cQm270PHg4ivOB5qKFQq/34vjJ7pVJc1S1gi44YOwy+fIfSZJ1VXCUobblEq +G60Yux9AVy1/wlUBnvniJDACpDFGgK+0yKATw6Wv31JFtdR+ZTEQSs5DmZEZs0xc +1N4q44xZXK3StoBxC2VUztwj5V89Y3T26XI4AKQuoQXmHpEfCcJckN4w1R+NP3Bc +J77cVHhUYR6obCOZfomYfuMq0Ot+8Qvoz1KuuNvbzIs+y3r1CLB90EwjLwbHkTH8 +hgT7WQvnxKTp5ZaRBFqe8MNwD6vdC3K3pb7D8HSNzEGsDStmh1C1dxFnZKOayy8A +JWBmo0QTbI2f0Qx3bvSafb6FsvXOMhuexauZSoL0jGvSyYAPG2p2/KmwJjSZnSSa +olNmhj5Fz4pXJ0v5uS79F6pGDJIFG+2Ofk72tiX2gUqYzg411cZsgvfppiWAIFdL +DtlS2mc6vUiDyQsHS7AJlUJMZ2tRm8OmYCpfmW0riqEGnPtcXi0Fqvz1QOyz5cz2 +iG7MjpRK8n6YuAhpiQsxjXHpVmGQV4LNXE0cbdILWdZle2wqx7XvpUBCS7daLMDp +oNThuaPnUtOAF4Ol4b9J9bSJAlUEEwECAD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAFiEEpsdONBBUoWnOUr5ftlv+VA3vhsAFAl7g2qQFCRQ04sYACgkQtlv+ +VA3vhsDfng/6A2AsO7QMcWGvb0q+UQVXYiFJquiPj8Bik5jL4IULD0+qydKqEQCT +Uf1VIGY+gAE365ZwhdFrcou7xNrHtgbuuBHLicHkZAOpzZ4o5Ox3tRTZa5mAWTNO +PkPcF8VyxdUKKcD97KvAo5O/EV2RcYhzqLyRknWOcPixlr94N2eTEhKzzVH84+Eu +zD7h/9IAg+ITby++MYdE3ZeDQRSpMpCE0oSqvw0BvW+1ZuLZ8YZ0zEqerZNXpAST +KzqA+jCdJPOBIOzOfJ7ogWD9/JeRzXX/QX4vbMTuZSwmGWtgAlTy3A3XT/z45y8H +BlVDihi/9yYeS/n4+cPG6XgBtVq+9DjKNlmLb3pAMs+Ddlwd27bHkb9us2U3+cvl +L2ugLVr2JmSHIEkoe+B0g1PsjnNOe5CemmYvZZbv+Ql9LhEB5kf6YqDXcdem70V7 +rjZn33nAU/Kg8ML2v195riav0oWgq64Dw85W9pFlular6Fww6hmptDNv+z6ef4c/ ++mfRREYVstsdK7rktMsI5d28hdfJUw6BL9MRGgjn4wWleBZInt5uUqRrgKwv0pJL +7BuWK77pZ6L8KxVqBhj7pp06rZN3pQyUh9YYPdI0ibYruZjY5yOewHB+JX7qukw/ +XVmTlElF3lehb1vpmGu6PfToARhP3s/vWlQVSadwgSxdEuvPst9Xs2qJAj4EEwEC +ACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJb20RXBQkRL0xwAAoJELZb +/lQN74bAMyMQAJeXYwBjGC3SbwkTnDQZXADHpERdGQvpHjA7SxBHJYWsGKllrlrG +/dGMGKU/wUW6EpkFabZcHXJd3nA71pQ49jSfzxpMilLTEOZS918+2ylXU6X4y3gj +mcRTg33LL4QeT1TbIzUkV8uwcOUrQLyv1IvszIxRQ/snKJfZta+/Tso+3NtUUrWU +gQzMk6/uj4Wi2cSbWBjtXNlC7QX+X2adcgu0pXztX5UQQXB+e5WJ7HXHChyCdXKQ +FE78z72IDRDC2+9+fclnuvu6Y3IlXyO7TTgyqJ3ij5j7JdmZnzQgxY6WvMXjoK4t ++x9SMXJEWjTmcbDW49YWXhXDg+HrNCNZpBNWLPaugRlFNyp+be54+EOkjZLl7wws +nWf3NIGFXruu41qtCVnO/bRb79+gMQEcZiVtpbdsdpFbAhlAEhPfn11XPspgKsX6 +oPEeBACI0tB3xCrQnNVmHhOT9ubpmCyVARkDLzFNC1Oe5MS/OD5rJZxCHf3yEPay +XJ4WooZ9fcnHekWqcact+AsAWcxVtYQfundxkg8fhhf7F8hW+nDI/17vaH7RN+xm +DOZeV15Pj9ipFpwBTNIVuCxKU5vtWUAUnwfxdtZNgU3Yidse59SdVVurWmG5cSnN +chFsTvamTdRjshLuf/NQyB/DCwjCFEiQ9ljUIqlsTpM8dF1Qw4P5FFuHiQI+BBMB +AgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWfdoRgUJD0twZAAKCRC2 +W/5UDe+GwB1DEACNL57Zb+z0H5Cj2K1yEgUyrBQo0xw/NHuTGNORn8axsgj3sNZe +DwL9BpwlpbbMU+sBFLwcjcPf5gQUA1FDx9jdMiVKePYTUupgeyR6HnIqHKhzARD7 +Fvu7KHGsY66poDJ6yBPTXvzthjH38gCA9zd8hFnU69Wj51lcDJ75NGrPS0K9x6f3 +CREkDhm9Bl0O1wAAMQXhPA86h9yu8opAk/zTPoSYG0D6TnLc3MBfEPXG9r8rh+8l +m7paF44AW+QFiQ+usAQqwGTVOMAEC/j437afyVWuMfycJwR3gEjY5xrEK9Za4MUE +RWoHmDdAKN2A4Cj7j/I8OOURuQIZn/Sd8nJCHw4JDzewCRcAvzNKjBcGT6Ca2Tjp +yAID5yFHo4rrkN0H2RHyPxZVa+fLL0GcnI+GDVELAltLrhhR2IlxXNNTpQLd/Ul5 +fDdU2fJFGgb0EaC3Tb+vsBg7c426jJPA6R39mE40ut/iQ3CSEJ93bkfOMecBmOHf +RHBiR+cL2NWRIdt0v+0IGGyxFFaQzkmvqkHrtvrls6GUqk5Ac7wcMtPZr/LM9sPr +vRQdfFkew18zC8low8D2TEbeGFNA9S1aALriKm+IRk9HDPKzZYqAG+RsVVqQJUyd +7A04zunKDZCS1UJpcIIbZxZ1f9OJKode+btrBRTrX+mZJCcGs5+NY+ImTIkCPgQT +AQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlnY+eYFCQ8tAgMACgkQ +tlv+VA3vhsD1EQ//ULIT95cJnAzQcyNHhLFtiN//Tcd2BzSHejdLbhEieJ9eW0e7 +i030pi0irCHFZrp41PmOPDVMCZL5976lI3QceSj0h/VdRWqr4iOaEh1UWUVxuj+c +PXdgEmUVler1Gle355sSgRf8u4SYIPLTKyKv6GgMfS21amo52ysNv31nfy8THf/r +etgI/GCyjjVVyP1aVivMyuaWNbQ0qE1oH+aWovcBsdc+g3QR4qsLqwUXAZQhXfUY +mWsOAoU8qIhQ9Kz/N/Of7kQidDrVHouL2QZ62UTVwdTeK66BaJa159ru0X8lxh6Z +d0VBxLjVULinacn4eb/uEmQV6aqDeQhi2XpApG6i0TP4A1YF2Fkr7tQCv03TwiqZ +er+16POazfqzARJVjk+HnwpyYn4KLZ2Kf+ArVkORy5QWqpm0mA69jiuaBF4V/Ktr +mG57VuLwZxto49JygqsSIzv+rOKS7YtqLrmOVclzqsICqB6BQpvnTNMS0QrCW+9e +jDCiJnfh7pNE9GHAsc0yyanLT/Xik3WkPvqLewbOVQtX090uyN5K9lXOoA2O0OIp +q507zkgOr01eOeatktxA3Ae7v2HKrUD9ugu15i1N9ScVhZdj2JGACYtPhNycIUAX +9BYNexITCPBf8+Yb1VdVZXiCVfUudM8b3u4bgP1dtdCPxH/JPIbEKeB+iwWJAj4E +EwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJX9kw8BQkNSlRXAAoJ +ELZb/lQN74bA0iYQAKUckhPHU6kdxu1+2ZdHqU2ItTDgGSONOAgJ2Xv+vO2XmAo8 +pXQhG/k7MZtDbc1pjfe7kZbY9oi7701oMaZDbhaGyFIYf0GqF0Pjb7yh2xoogj2V +mqav9hVe5k/t0u9/7QbYINXCxfzLoNsNsCmSq/znM9z1G5e8pX+eQenuNXasv99A +oiazQzoMyDnaO7exzSwqNpvOcfka3spzWmEX885t+unVZGyWniruTPGv0Bl+/9Ka +PNqRsRg9SKBsnGW5yAzZI0rUSaJnVaJIUhLshBrAxgVAeaPl7X1+8yBAIatz0hNW +we5wDMmBE/YegoOJq2jjis/MDIIGgxktXX4Frh2W9Qi9gSsIGT4/1mKu99b7tXcl +yVp1Mb3ybmzuAyV0VWyBfA7kgBGF4/m8XvaSMpcH54ZJXY/Z7BnobVryFdSWCePz +M0xHrag4Ju0YhKAdo+iQHoOITCQ7I165S6ML4n7LryJt23YnAzlMWPDmoiYbP2rv +jmcHOw4RtCWk0RfGGZAkeI2/yedSv+tYxCAANpqvngTSxtwCaGQMfZD15ahAC4j2 +iER+yK4Eo/l3LeYsDYIR2xuXiW6TjA9OMrF9Kjo/PEgCNtroVLxX8wKPLudEQ7Oo +3lHrrFlOReuCLWtN1xCHE5u013+q3vnvO0uBMJcvaRRW8XZtzsGKnFDjIggZiQI+ +BBMBAgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVhKWlwUJC2aesAAK +CRC2W/5UDe+GwLbwD/9SnT0AVC80ojWciVNbEy1Oiw0+KcVUTRTOXxH1hFmh9MLT +7I+avn698GwPnJ3WSg/CvKO5TJCGwCoRHeOSPGS9+zM/GIyteBA7uM5pNs0J1T02 +3jMZEsa8zCiYgX6ivLVU3EnoBOoPYIXC2G1+H3CYEqpLBElv65YIRAVU3OZqBUSD +rHiuGarIsR4rASrYd+S4zY47yFinhqeTfrLMXdO1BrAk1Yq/eVUGjpBWo013xqix +VRhEFYOigjZ0Lutf/5szlNbiTzorQxW0gMK3MA0evKn64bjiK3N5frPLStrV3Vqd +UGD7qR1K8Nuv1L/cvDNUiUgHn/ifiUFTa8r/TgA/L7Oehfic37uMnYGhbzrdiBUl +bkUZBovfwNFr6QcPCeoen7JF01zhMsDfmEoEHbBPTMTcQdaMrFyTIWyBv9js0qWH +ecLHYbz4lDakAQwNQYJblgPIwkZIwjnPvTj4MEpx/7q5du0RH661MJb6Ums5sgL3 +aAA4Uvoefh5UYjPXOaM3e1w8dJEs62gSN8AdIdvDoY2lydLKuGaDzjc9WOOVPMmK +63NehfJ6E1sxNp/lljJ6O6hwbEyfSx5jNd4+yHNdxf9iP8LbVeaA1wU1Cr0sEuKi +Yu+eFruRiN0zPp2Pu0Wyvy7sGHB/3izTvTl5qi99aSeyc3baHutgpjEo4OZvPYkC +PgQTAQIAKAUCTVyR9QIbAwUJCWYBgAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA +CgkQtlv+VA3vhsBRzA//QibkWNpnMfCr1LfrFFb8MllksHiuGaOUPWyQf6zzi3XD +iOEmMXGoC8nUydifHzxZe4E+G/ZDXk3DT5mXAe72zeTcAMm2aecoQrP+IOb/YrYo +eup4Eoggb3vTv8jRS+NSCtk6EloWrVzKTMwOB+RbVXjx6HcZ/f6M2zEg/etqe//9 +jWxgjFZdnnRlvrJmQ6+AvmhzyLy90tgNEMMpZC58V+d7/7UkEQduqRLut0BXYlWM +t/vYdNFZII7blo+aBaV4spzQfQmk7OWQ/fm1u5ip7QNxbg1Us/lXZ4pevuN+1ae4 +TJGDgp1uJWp7GC/2A0nLzw8GA09nR6lnN420aYGlAMFN5ZLyKUL57cKUYPWOmQ0H +8eFh/0J9ae8BSyqAINHu3Q46qfRc/4M1rUwIf04R2S12h+rL8DFJkcbRQYgXVtKN +lf9+BSKwSabhc+DbvKKHSV+y3MuzgHHk0vl8BJGetEASpe/X1Wdz3c6egEbvOgoB +yBBxR9o0qyHSFKQ2N1oC+Pi5gTX7Vadnow+9AYLmC79rHWGfhXP7Od5i7t9pTviD +TzwmgYrQDt4aT5OySUmoEYX962V0JrzjiBHb7JdNy/Y6hgtg5Z3BUDcbHDRDZOp8 +L1zq58H6/1FGKdKdkj0bSKE/s53HJ9dblVrxLWpTEmESJOrbS3TWUTv9UZiRUqK0 +IVRyYW1tZWxsIEh1ZHNvbiA8aHVkc29uQHN3Y3AuY29tPokCVQQTAQoAPwIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AWIQSmx040EFShac5Svl+2W/5UDe+GwAUC +X8oieQUJFR4qnAAKCRC2W/5UDe+GwJ7dD/oDu5vgWf2HBj4KS9Or3Vf18Q5sXsAz +3Xn8awRGcodLbCFcRoP/H1cUTE5RYJ5hmxg2woPf3vQXB2RJyDa5vK7ua/bjX2sK +j/kRSRnoRb4KV7/gRks2kWjGE87bG3XisygzZvJAFTi9tA8MceRc6sNZYuT7dtGr +KELOpbiExrU6V8jPSiSvNq8TMRzMj4ddgwua/lJ2EL4/c/lmVKOVAbxd+C2DHjT7 +FpEFj7Ihiju7xBIVGRTelEPDPXmVfw8NzkxQTunWEio/sbyKgyV/ArhSJBr/1DSm +UzpNlzBY6FBcffkAM5eTX7BAIz3R0O5aQD0spHBd72dbrEIhgPAzHkIHhcdTwOZm +98ogn6Feay+2MjsDGv5jKVH3TyqR0pZvjcJXMwBnpoNM6m9husLbX0ab59L89V3g +t7oGpo8nOPI4p6N6QTDvDejAnqBIrvIFzI7O41hZjFhtB+BP+LWA+50inlmKZxDu +O70PkekyImHaqwLjj0tR2oQTlO7YiefykNITANHy/ZMTsmDn7raxc+Ti8eMsaRnE +ijqgL2VKLJw2xjSZyzkQ/BEelhWGP8mY+xo47kd1ouvvwITu9twG1Xx4y6uX6Ios +MmDlXAvxoIdr1jTd5dHZP+/3uQL8/SpXqx3KEzaIvLaipQnBNkKMNPbJnDR6S/Zt +JPwElrtuXmUsNokCVQQTAQIAPwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AW +IQSmx040EFShac5Svl+2W/5UDe+GwAUCXuDaowUJFDTixgAKCRC2W/5UDe+GwPxV +EACDjqYb6cDZlyZceSD8p9wBg3NL0gegfRGG443CND1qL53pHeafGYHpeSinaJWY +U+1J5CK3dCaxud/V6fR+7YM5nkLIzYMCXwBflXB3dkFCg2TSY4eaCsXq+BqrQ9UU +mQqvAcGMQed51Rulc4O5iySJyCjAhfGUKOt8Za7QFGQbxcKiOkTPPqRszEXWm/JZ +YLRvObMHw/cI/SWeh0NlfPibmOw5gOCKzwPv3FiCNMTJqh43DcE5pum4ZWDKOb7o +qLhp1nwHQsgpCDELXfifg6Z3EfJuGkeow1vTNJg47DdXAIGHiZmpeul8ZtN+ktvW +8ZJfkpoiMLqZji8dANZa8umWvz3Srsgc/kcyu/3/NNMoqH8BHrNfScTBQFw0NTHn +a6GOSQqeFcBvDyjtl2hJ2qVzkzgX5kAcAKdhlGZuvGheehly06YjSp8hAuFBj2/q +xoGbzl1Fv7SnfJsEPTbr9Ntnh+2b9Wrxx94y+4SY1eEHwmUfcHhFJXa3N4hgpjcs +mVrRD8bBFcgpTA37oVHx57X8dzZ/vq5w0uPJ39wjO6G47RHf75MYAWTOmjvUxsUL +5qkqoKaXPuc93IeOUki40kt1/usJ+FDV/hnjdwFGJsgiDL4ROHsBjZb8Zt8tr4O8 +FNrJnmVS6wKB2esfgeyaxyGitliF4rbjToSAx4hX8j6Q+YkCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlvbRFUFCREvTHAACgkQtlv+VA3vhsB2 ++g//f9aWmWOy9zI+CiTOwOn7ryBFPoVkf6sKTRX4P87PABmY2tg256h13kyx7Gji +5IKWsyzr4uT+Z5xmVvJev7m76cskXubTYfnp4C5rh8OAbvAqGtWTIudddCG7N8TI +e/TB8RBOGLsAOFHOEa2zIhyV5AYuFDL6iMkTQ2MIOjPwAYmv7KcH+ZuM9Tai4aJF +rwOEnkNScn6X5qf8lJmleoLNIuul/0FLJBG1EyvqVBY0OrX4VEzdv+9cwL3IXRn5 +Pk82xbNcRYl8RY56A4z7Q4RskMywEcuL5qk8VTrxBDDzCpHbBHaiEjIoeE11FPeL +lehLakHjSVEoYQ8zOaLiCbkK3fNdmDz/cBEF17Mb9revaaneDWfgOEsIB4OBz1A+ +eNkFU96upFiUAOg/fgogHXHcm2e6eaIGnzKnyBh0CT85REagPGUQTOnmjcK2DaHW +08owa1zJi/qO/mgFzEizrKYpOjhUYrmAHbIqXfbewTFlopwmnyK6TAd46cW24Rvu +8T/sGAk2DQXXYgbNtDGBrQU3tFat1mRhP/bdyw4dMSvq1zoBtWnaZK4rf+GxpaiD +CIq//S+Z4kuMFYmrAGCbz0l9rk7/vgIwi8aibJfKMfDlD8ci5pTXtYWRkFaoxgWo +X9x6dyMn1GdDbfUml/vS7Hc78i8wgy99+mo1NRonWBIvISuJAj4EEwECACgCGwMG +CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ92hHBQkPS3BkAAoJELZb/lQN74bA +S/QP/RnZKNb06T+3SWvsze+JOLR2bNQrIuIcF147IKuUMZX6SZc34uBO7B8PSdfX +nicoD2mGudHdGp7BqEVdDuzT4rWb4pxUrielZv1YLLWNKUep/AsbxI40yEclFoop +/kuqbf2zgYOegkzVPh9LaUr+/Pmg29cDmV+a5Ytqn0L6swMH1+LLzWu+awxQmbm0 +f/19IKLB9Ad6gFvUgmK2x5yfmCQxoVHopMMNEsKJqkdC54qp4w4H0eOCXT72d681 +2We+nZQInQp4ih7mSX6UGQPIzq4eOsB23ifwrIme9DxhzVHk/racqdq6mU9S8d+U +P3j5vfxlighZsSmXIass8MY1ooG+0Ezq15svQmH7RiIivFzw3hGaWNOsV80VzkM5 +5WHZfAzeaEkIGtzFRhj8mKp04hgttxwk+b/9cgyw0Toyg/ClvHBZl//MvNzHhYGj +SHR0IECOs3SgfDpd+8GE9dDXoMj9ggIts+JqUPw2Nd99IPq2viJ+4DTmxJ+fKJfl +i5WhvW75RO5xbshLPfuUlRVRLv/hle86eGPyIdcP9+rVtoSozLdtfbgjkmP80qcT +0+2su9gurjqMyUpHXkBdKumc5QcBeUeN+HltJnXInTMMAvmekOp9NYDTT8gcuAwa +m+ZA8j/oFTN1qyokqyMKnv79SqSZ3s4oPVRp3qLzuHjKR/DWiQI+BBMBAgAoAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWdj56AUJDy0CAwAKCRC2W/5UDe+G +wIBdD/9ulmYjyYQ1IEiji6yxdbpCAweINeOc1zZsnMk9hX1Nx0CWyxovixyEzjo4 +6jjZrjLV3h7ayGIeSHisP/XL6gMChb8xMlhv501YDH8BujhnykZIA8muJaYJB+vU +IXwcr6nx1iWVglkIc0NEsKe9Xe20efcXFdgGS6qoVquZfehvKv4LAttLndjfu+XG +L0AgeaAeHgB77PqrqWux6kwoyJKiemeIp31uHo4KF2jas863Rk5WPoIVTcf29mnS +XfX0C70HAkdQxXIZQdJz/HyL2srDDMDn2DVAEC+UixZo5Ib5Wz9YBE9OpTW91c5o +M0J2gvi9k9tnPhbNR4Y3k9P6REct18oyBzPzPr4tan58KkMaLlgjrXDmEV4+BJHP +qLgS+gIV4074oYG71tr3TOgVTtEBzruNnicz0LC3gR7FyKqt7mHjE4Zd645c1DL1 +gwzWjkXGyya006l8Yx6KpsovCFcP6Cx3oW/H4G+3S/Sk5d6ggCQ6Jx9xamc2akuP +enz/ltHt5C0Ted9OVXUrLXOugKc9demVLM/G0xd63P1TaywsmVcb7P66PkZ8G54Y +27h4LiMUVE8IO/1QJYLwKc5keSto3P0KqB5LNXShI4lMVpZMicVz/GSZS8KUqSFJ +Th+1CqvTkkkwCL3bPl69rxB0tQGKzPB/a+kfIMqDWX7kah9NNYkCPgQTAQIAKAIb +AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlf2TDwFCQ1KVFcACgkQtlv+VA3v +hsBVzw/+OmKnUJ5emY4mp4vN6ghUyZU071kT3m0rpOlB29LbyrPEI2J1boVgBOKk +xYtiGhMI12B2/cZuEtTM9EpnSxjQcw0Dzi7OtZzZh4KBrqOpC2E/j2YQCVtNuHaD +H/Ygj+4ybf00N62mw4uFPapzqMPw6CBIuOJ9dNDBKBSAGibNFvPqtZbU5MWnC5Q/ +kw0gKGpmG3ExusAgw2Kof5Szh0MEb6a90uckx9TdxDkqLCzaN3MNHTPR1INHZtec +/EAovxn7uAHnu+hG37+uuModqHpcYIgOxzVUkjw8DrxKBUBofoFp0eJO01aJ2+it +d7AbbngX/Iodv0yXee3v+fEMOBzbjj8p/n9TQy6zYC1MxLhp2u0uTOdmTYIono4L +VpxEnfvlRBLdMigcPagdicVZBU6QSWz6+6sxoQSyEBMfqCqK3kcbW2i0NRPnedg+ +9/qQI9BENZcz2deulEDhVaGP4K72knVlEPbPcUSaO/cGFDgVbMTF1jzusmSWeQQs +kO89hTeA1B47t1ne+Z4E3TzPRMF5rzOMnZh2lLFfvO8ze9ekpcwm3Oi4Kwg+pcCg +kW56DSaVHCG7W/YJleW0Fjnz3ORPutPkFMMYm1WW3HLtLWImjTEGeSuhB7JDc8Oc +YIpMz6gOFvBOV8sBJLjvT0Dux3AV3IRxSUKo8KWLxZhblHbc5yKJAj4EEwECACgC +GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJWEpaXBQkLZp6wAAoJELZb/lQN +74bAFXYP/jGedvt9gZDOaEyvYIi7U8JSqBjPdgsvHFmd9tah2VAjiLS+XzkkAL1r +vdFyDT7XEW+2K7XTOBa0tkzkt847zXytLAOqApWN8of3gHF3g9r8u7wMmOmvnAz9 +xK96wb9Kyj9U6kQ574gMv/fmGWVJsYP+FMXI7P4z/Jb+oweyCxYZ97wXBjhUAJ30 +EwkAkAdp0affmHNRfHlY4ciF9wP42iiIq0vceJ4vMOySAc154NBESLMKogC4lBRR +g2Lbu5xwBnjj5mFwIYoPcl6MpeFk1mhvsUScsTdA8PUvq6TDkBridx/62oejpu9J +nn2NQSDLq/npp0PjS1jGGdxiziGvE+IYasS76vNUEyAY2FA49AsjFxCSTV9hV52G +LZqJse0brhs0NiWGsY8fcm7apYa03GiZfX/xbZKGjC2PEdQYy2b14daVBq0jshh0 +VNzate+RhKozeWxn2ipeXIvys/XtQR8AmjZWqz8VJQIxipO4XcRnG18awt4SL7wO +NYUXY8nir+mlEQQKqemVvmr4WpxvgH0SmvFn6sDDjs7MlaHThlpExymAe5ZW5nkT +/WUXRQAtABZLv1HTByOBDmYWlaRR9xPcP814oyP5n9RT0uRXNjG7NdaDz5DzEUjs +tNu2ze5SrivOVzRjOw+1GlSMSheKSpSBn9curJ6RagnVRVs84T9RiQI+BBMBAgAo +BQJNX8OWAhsDBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRC2W/5U +De+GwNyED/4rz5FGWnRl6l5vOWvI1gTGMVjIoYVyCsFhHSWfzVwv/FGIjMdJiTB1 +xPiTqqsnY4BU+s5UDIj099I59OzA1Rv5eQNr6wRXYeAQ7offfpN7K9rg/Nx71xrG +k9kX57wZ8zkUMUsV1yE3d92SOybVz56XNKrDvqdJHcMe/3I+HU0Z9+akIqjUd3CV +wlZ0TVNAhlQA7nx1zZ3EQR3+Uf7cacfS1nZX3/88q8vGg3VqfaVpgrVpuyhZJAYN +hhXJ2SwnI/v2LUWkhgMjLi6QW/6G6d/pHiw1CTB4iYKwppmjYNO8wwK6Q4gSJrih +gaLsJmQ8c8knCyTgr+Dck88b62laNIcd/qHTiDm6r8UgNt7dKIewsbhVWtD5f70O +x7VEdkh/+AmrPPiNNsMl51eixxsZntMyzuCKXbunqqfLO9/oxeFEe6QXV8L36IQb +JmHyaAUxbo9feQGC3Udu6uNYnrSwpg9FeZXKvNcH3L7GtjsrmZbVF9hZpzkGP0rS +xLLBAUkGbQExcUeVNtjZ2oZXj+wQ8V17C1GinNhvIT3tcJTlH0/sZTYzUw+b+W+b +VS0yoqJjZ/zUEgQMvPvKxcPc57yoUpy/VZ44K6Pg/9kY/cKkK4NiJSeFT7EjHuLs +HfKUmStpRFoyI4HwRcgHaxDKGGxwTkwA9CZgQc1kQYSTKIC6rlUcBbQhVHJhbW1l +bGwgSHVkc29uIDxodWRzb25AdHJtbS5uZXQ+iQJVBBMBCgA/AhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJfyiKABQkV +HiqcAAoJELZb/lQN74bAAlUP/i2Nn/s8qMLqFIgFizQOCvEcn1MApu0i4iWjngKM +6W88lkh+9+odXexB2weXUV4qgnNPBzG1x3PyJHODe/jPcO4AqzvABrArYfhNQa5y +OE3PoTtXl6GctD/3V+nFWeZr4DATer/yHvWp2DhZ4Lw67hV/o9eC/OPp8rRya7sX +kcfbM+KaN16Vai75WJ+zCyRoEgYT/SJGljRs7+bd1cR26qWaRwwxjZvQBUy3k1Cw +DulpQq+Q2zV+2Zu4ruaIdzeKBfsvivLMbysOMly4eeWLgOVjDkIm3G8FkIxllnei +2QA5560DHdM/5+kKwZ/i/956kV2YOvQPVNhC6MMkNNxrmd42Y8wZ16pWjydo4+fn +nHOnIDiEBifxwSf5o7Bn8A8HY70D+hO5nf97J5U4GPlsvu8Xsc3Arq7RVenrCop6 +nMEd+cPQQC639IfXindixRQo9irk5K2xeas6pBaaCn8Br+Ib98Z/DZVkOIhEkb0S +BaHpoLg3C7/cJ4LuFNdMsSm6+ryVLQAYya3+4QdHovFCvo6/+jynPVTtGxmdxE0R +zuHztV8/2rmXSvk2DYKcllvWdWVmpjt3MEvtZqSRdiXQEPbHZ1mvz+3BxkcRNODR +rkydPXwbzepFVew70aZa/XkxpThOYvngMCCbesZAPwP7xyEd7RzKU1qBxiCUE8Ce +i9GeiQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQ +VKFpzlK+X7Zb/lQN74bABQJe4NqjBQkUNOLGAAoJELZb/lQN74bAH2UQAIQFer/n +N3L70iyQK3VkJdO0WHsRO7MQvm6hx43u6TwwQHNpN8kWED9eeJj9loB21dO2MVvN +ePjU4Jr8s4rHcMVGzFy+OqAjE9Y6ORXtgn4yjktLkNqxwpcmQs80Y9tLElyEYYoV +h1dLUy8dE/isYQT5t36hL34BxZHkxYBz83XKQxdRwlFBsiAyEGg0I2iA9UJOACR2 +6+wPlIWvCK/yYvuLdhmvwc6PgkfFJFn4OzMeYws0R1ZZbO2l/eUMdL0CrCWJ5k6x +IC2qR8YLpKArkGNWKtHkfgGuu5yTKWf0i3tkApSOgdaa0zhoMdy2BIwbZRia8/5y +86vdzK6y9KzhOe9/+hL9fauB8EctjnTo0hbHIF5lCPc4MozpQulO6EwMGn2yo5dK +F8RP5xSo0IbTQvDFudFbV9riVIxu+PQ9GsWW85D/5B9kannsTkZJX3Ec3uQtFrsj +6/WcFBcfoNkIrNY4qI+g69Z3IBfdeLNf/uqBArNH5lnmRJ0TQ8mtyEINzAP4EfNu +tPEd3rJblwZxqysVYI3S0WEoyDG4apH+6eCyrrFuhK5kilNTOZ3a0HDeREjr5Sq3 +nA+RpAaI+XtUXLF13Rp7hE6zOVT3cbT6+Nm/is8t62ewdYDjwuN9vpoPS3sMILhV +9dr7uHy3o3QeJ89Svk4tso3VR7T6ni2JRGMoiQJBBBMBAgArAhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgAUJES9McAUCW9tE/QIZAQAKCRC2W/5UDe+GwJSKD/0e +YxRacfK40TevILrKiRFOR7S/WOixGPqnf8MqHG+YiNAIAw5TomUq0BPMWegGLTfw +lviFRFiSkJ6S7lcuKFiPvJI7op3mR5fzN6frmmjrEuqQ37Anbv28O+BeD6VcrHxD +WjtSulEkmDnMrN8hwR1ZPq4xti/8bwrvJpbH8SRO5p6tV8xQ/x6khXvsBGDA6wJA +YxKy+SzYsJNV37yh5OEkwwa1xmNjAahTSW++R+vw5euWhZG2gxWKBsRctVu6USgb +kXVPCu1RkJ3P0eRkxjb4KerreMWFhgLwkkYacBD0JO4kzd3UKViBCLpRZHc0/e0Z +OFQxg76Kw6PGuZPnh3ECcnHUB3hob+NReaNI66PCmUX9PgGzbIBTfGCzUukcCnjg +4cAJvhvhRioWcYOE2tJAEcuoL6AloY5nQs0IYfeD07hzwrQ42zkzTDNa6wEhiLrY +NN3TliZJqpkXgmu8A7FpNYLvRmSZrgt6sjgaA26mlCCv50EVCGbp+3UAFQCJfwvC +Hoix4B+3lRqYXp/zdGwtxeQg+NvwNuZmXaFGX3QZPeCM11OEEKeXdhmkyaMHJzsq +//B9BiwVfAEaqlyqt+cBwkhPPV8HR+Cl/AJk49ePs6STS3F+VDfLAH8IZdmowYGh +D/RVPFN5NDmGB+mKTJvRYAg9OdawY74J8oDgTFMQjIkCPgQTAQIAKAIbAwYLCQgH +AwIGFQgCCQoLBBYCAwECHgECF4AFAln3aEYFCQ9LcGQACgkQtlv+VA3vhsCp5Q/+ +IDnqUcLSKrhLQ3SY4ytsMmfeRgPGvkhGQbToNcHnIKtza8YHAaeGzTeha0WI1dgI +sHOgih+NYYsnSDvLWpZWRAgp56zpVfBUuprd8mbUdO2bklxvfqvLyvIaJcAzLrC2 +pc2IOnNXjNcFiE6r7R/MFTvjEj4BXLh4wvW3eLMhM7tG75fJMSDDNRFaDFZ8weLG +0RheJYWVTNZHm4M4+vggDw/LedmZxSz7ROg40lufeM4pIo+Prn52EAosX/wOS0+o +mTN8nXEnC5gyuNHoB/VMT+faz8kUWLDCE/Oib/ZVN4ZRLhvoyHlF27mrgaBEKNOd +MjJ66jfN4tIAXHFs/ecYxRFzfpx7hyhr8L7aGprEdbdec2YtN2m7LEeoWGYYlBns +gwZyAcjacFtqZkvUZFRUmqbFdMb5mSHZNrNSs5hucV/Zi2/BHFiDdX5EbUDP2hbm +YC0toPV0oGd0pM3LJcqBxZ/aDL2sXDtVq1HN+oEz1++U3ZwITjzyWHUCbIdWVtjN +NDM/cBiPKBWJyXu/+D9mbp6xt7eEtI3tGc0bzBas3hMmuBMDfegD2nkjmReRLs9J +JVdcssXAZjkOglVDELER2Tk2BYRI0MdgX4SyZe5oSQWRkXqRpTt9vOsqXI5tqk1X +zQ0trLNRS3tUYjMUjedBtrlAqOfKEml0+BY9wJrLaAmJAj4EEwECACgCGwMGCwkI +BwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ2PnoBQkPLQIDAAoJELZb/lQN74bAljAQ +AIeTb4as5CDOCshMMdBw1tzDcWMtPNf+GTvo/bspSitqvw2XuKdb+l9kIwmRcmlJ +AnbY5JR4xplwHGYPqWvmS/5/EIvEiyFUjfACRtsz7fYA22AWByDLzzWBDRqy4jum +1QNK22LKxb0vQe+Lr8Mcdqxp2F2DYeBCDZnhQbt/9l34ZcYM6SL9pyRUxQztut0Z +bO4ZP2OMkXU77bPRUYbK6/CZTv2IPCsNGP+VhsTfcgEXlX5jfxA/fbvTUG0E137Z +GVA33/W5HrZtBv/bi1aO5zIkr/7WoZV75fIoQzpauKRnO+rhkQCp6v+wkYt+pl9E +A6HwXZcYJCa8HfGE96sK4Jcv3TfW/p6CDkRGd4nESnqt0YH+Hd2tuHAAf5nQVlBf +EoWS7sz0OFW8n0FXtnFTJ+Bw8vpI4B8zym6jxOvS0H2VvlP9AHfpxzAxIaDm1UKp +J14H8sjcJiRNUhgY8d3f4o+Uyq9rurT3nLsHPubGkKlgrlw6xY5oEAYfxEr38eO6 +Ifps7+UBIOIlBrxxqBakwVBkvjby3DOjMpI0egLE61y5FBC6me2Xfeo51cp8d9in +X2UQiX+Vs/grzEf0L10vASMe+1PTzyEMhLvQQNMIyRU/+7mIJ1uUmp/wtYpDexFE +BZHQR95JI8xYWWA7ZHUb1Y88APK7O7WQLFQ/Okj6BY2xiQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV/ZMPAUJDUpUVwAKCRC2W/5UDe+GwO5X +D/97ikPHHggkFcoOcFpItf9W1kV+t1cELotBC6JQElGCRwjvkdWaR3AORsNdHIAu +43ltdx9LeSI757dnaDmDXTLI2MTdiQ8b3NFA1J4+u/mCRWBg7CsA9VmZfy0dokEM +EE57sSWz6Fc5IbuSlCCcgz3l7cTJwVovF/Pc6Jd2+AEHC+pWaNEI3HkgZHhSXLhN +Mblir0HKpyK3IE3bBRFXdRs/e1wg902TBYo7wM+T9M3CXXHnACMFJ/doNSb1J7i7 +Uh/puFNCN96mqgkeafHDiPa0Qe+sgpZIBaur6wuW5/qRDyXUq6CygIrHmuagG4uz +9GIMTUePTYvkJgFXRL5Zl8FkhCmdihQf2v3acY7SYXpH/+nckmkgu+vc0uxLaG49 +F04fgfD/Pst9SkxTiH046tXJPRAo3p64Q6vquhkZDAYg0YjbEMSxL+sV8lbj2pqf +Y0sOBPsfBr3NqJy3DRlitm8uFVvufHP18ARAIJkXRKKsNdsU+YuSEyLEe2gaj/OY +JkYmhEYwkxQ29I/Kx7eYU2cO8avUoUWVQcjwQB84x+yCby0P5jODrDQfP2CWrHkB +sb2Mj+zAIN9X8AwNkXKUwmw5vrZ4wmaHpMcQYa7YTknJx2qbu/FqwHhvVJsnzapk +4JD10dYrkWYdJKvs91o5PMuXYZl2EUXtmzecehuF4M+P44kCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSlpUFCQtmnrAACgkQtlv+VA3vhsBA +mRAApZpdloMYR6Dh9euCYCYE9PadK0d9XTZN17orz2YpDmo025HMkYlxYk2aCzkc +di3AaSOf32Zpf7lbY7W7e4Q6v/GDABr1HwoClp7G0PmDsDSOXfE/OAbddlPJeXWG +/Fwfu7jC1VPWTt2ApVdZ/hkhNPNQ0W+h9jS8WeolitXDM9k/AVf3lods4K3L10PN +aWPKctKUO/CyaW3NYkaXY+W/Xe2ySUOgBS1hslqiLzZmALBiNEIf6bQukSJVzRTW +LzevO20f82pGBmI+U5mH4tDW2ZIeN/Bz5ouS+xMQlAu+LPRH6M9OAiE6kpldNYqf ++cOaREKPiA9/KGc4R89gGHrWwzJhmRr5p+V8Ad9yfdU/lPPeR0X43iDG7v3NE+t/ +E333C0iz1FNSm6V7R9EYViB7RuZfCSGDpfSLl74bsEAq4hnwQMBN/Et7LIDFwcJ8 +leWxmr6AVV7YgQFJejjUQJwJYLNU73RAgYwRlgzk/iz5xSfeJBLfy3UmHz4Cylax +gKFPqOSlsGAD7QkxNTc1YukQ+dDkepcc7l9gEaw8qOdiN4cnjBhNcNnvvMqotexU +JY6FqJ33SGvq2gwyd7+dEMQrZko14MB44ErcrTBWI0E0aFMZipRFmZCNlMsDiCm6 +16EthBTzLMHJ+xhqlViQJjtMOiA7yurWLL2i2M+nCfGRKvSJAj4EEwECACgFAlRY +QY0CGwMFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELZb/lQN74bA +IsMP/Ahx8PneGNWVA2eMNo8uQFwCG2o2Q4+r9ToK80Ordw58sQSqukP1dDCdF6V2 +rl6VpbSRT9M67okHMN+JV/opfVTeF44ilxl9fMkSy6x8TC0QLoRgx0npNfJaw8a8 +7HdtpZobU8iwIScpzTjGVlRv33TXdf7j8ojrt8ZgStzJWQpiuXpQVZYNf1jszz4j +khxOpieBn/W/0rXj2obZ9JH7+hbrR1zOAzE3CMalAhs6VygmzOzajnW7HQAIkr+r +Pg21yHzvhpigRGE8yuqg1lyp5YYLJ7h0zznP//ivjyp0cHJPWL6o8oKiKrdw7MHm +838v7qlDOqujE1+DauWgI2j4B7mbgoCtZY94yCZMGMT9Kd2lM2rW7u6RFYbvZl56 +4nQMB1C0BQ3ZR7KA1BKWzA5EZFHB9TcwrYBZJUk5gLjQ0lPZxyhNsotLcnXsN7jW +zmkkrbiN7cOAL5aAJNS1GfSGcr0jF9vtRK8xdPelKKTOp1Mc6dFqByzXKhv2aGT5 +anlfJnThANeS94TvqQAidvO4aVhIiE7YEW7lkIl/sdegW7tDY3gY1PXziY0cKQD1 +XLDFFgfXyJuiud+8j1eBO9N1zFLd940AO/oAOsDkC69CNY9xXPekb4W50/cMQHfG +s8b1Ve9uKSSdqJmylTRis+GOfBNGQroCehlvqgRUZUlMoF1ktCtUcmFtbWVsbCBI +dWRzb24gPHRyYW1tZWxsLmh1ZHNvbkBnbWFpbC5jb20+iQJVBBMBCgA/AhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJf +yiKBBQkVHiqcAAoJELZb/lQN74bAabsP/igzNaAbZRmyRNVSyI9XYq41iierDPu8 +CgU6IZLc7WAo7QRMtX2YuR+tnU+iNKem9yAKhjJQPS1rMxXx1aqKMqGkxPQV2Kdo +kwrD0fJ8/8OEu1DbRY6xr4KwgFxMRGTPbFfy08db+6rltRKtmj39A+wCUlRiL/YF +ynUEH3zoI8t/+8YXWYsCvpGNWAXbp2eVysFpbNWud1QJWrkLyHVD5lUMMQS++uwh +Rynhij7mB4XWgZogvqz5xJc1v6wTLgZ5t27rIcoEPMbmdMejTKB8/BCBMMMKLqq4 ++jF+9S8lTDBYf4b/HwzpwdgTy+tpGQm8dQ13ZIGB4DIOoWjKb2hi8ZEplX1nVCq4 +C20tnYA7tncPY4024QEKNzzzZw4Clyj+bOyNksnrF4dhuPcSoSstyWosSqUIpsIq +squSpGkc9qNJqS3B2UO/boJglHF0veuJVHLMI53glTLZDEoFttaAsxUDnFntCzhG +B+OpiOfDTQFe4dHT0P/3WllYWqKN+vKM9dyB02dwcggEKaEswMrMRd6EJlJNgXiR +i57GiDMdr/OIygibEiLK32SRM0UR//HNveatNh+qun0k90RHdAF7hCiwT1yVhJZX +eDyeboTDcqCDSMm8vVWxoNP6EUjIEv/9rLEkc3OwlnjH40hFmvuUeOvwam5Mb34c +LJMDSjBVab8FiQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYh +BKbHTjQQVKFpzlK+X7Zb/lQN74bABQJe4NqjBQkUNOLGAAoJELZb/lQN74bAdzcP +/1YJ/hmTnQraMkrM7QPcKuZ/2nCA/eBPAq4ahYOC4MNaovkUAPJmMHfki4epfZBe +xBSaEolagzAJGrcCW5eARjhJQYAhH5tWCfqumWvQr4P++4kvmEaxGpYycis7qL3C +vEPwwUr+ZeB28rYgHxlhk11GuTFVDVlQG7ubJI9EgHyvdU8SkqiK7PikyKtvVdKs +10YWm6Vtr/emT9FQaRQvfuSOzqe5mLMKok98evnjGAc2DQ7Sz3HadrIhNVa3R5hY +Zu2NuW/XcqJ8AZS6zGxvoD4TIYFOv79CG4gE5trnZ+ROf5AkhfkJ9ljf0lgTqlAf +AhzL1szT6EIjpWvst1sSmuJwEHkOHA9AWws1UVXfcQFP/Li/LkVhxu5n0lVwLOff +CTkT7JruI2GPavJlhv00wtP7oatLxIkmSKJiFvquG88uVTH2EdZGp7jheW0KaCN6 +2AQ7YGcMDdEMCy0MiNQseu8sGqVG48OptgpAtoCimvQiC6G1mFUnDro+XdEUq56x +inOVz1V5capGPNxgBGwIbc61VWs+J+X+XhMpBAEmAR4/lZfYBofabsCW2SybIY5o +nkeZC6lAujjumvn3ZXjFs2fVitXWW4jRPuyYBB2uYzbd/PdHRtCyyoq3N45QTxib +k6rNae1s13CqH2D8bXuc9RlYkBDYl/U7r23uYfCVKn3BiQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCW9tEWAUJES9McAAKCRC2W/5UDe+GwIZR +D/0dZTlWy/gAhPQ2OatwyAept9t4LwWKhxbAz+Ap6VsH9mIfs1+dOJNGbMh/osd5 +7c8AbE4gIbY+H6IKoLLMlri+vEX+z79erTtST0SlJrJ0YwVAUJ3Wcg1WTHWtxmBb +F6B/tFAS/8JqcJmbLj9wBX5nh+aMIJiidhFB5i4A2bKnmhWmpkaA6j+nx4nn3yk+ +k+2IOlecaC0aOYd0kY6mTx2ZdpB0RAKrzJ/Sy83fstiHJ/dGOVoejysURig+o1ly +LgmV1Zup930YSfAR7+GClqgk2+11prF60HIgr1vqKkT8dLroPe7B9q0Gh5bXyG46 +ATRx376+RQp/hXTHl0puJbAwS6Ow+SncnrWj/R2bvqIHwvA4hd13AU6cUcOYBJ87 +STY1Gg4rHjqMGtXR/O7sHnHmYLSNQO0WmuWFWtd1DNryh4oubxRUELWmAgiFJ7jC +ifWcZEzAVkVyKlA2cuKCA+7mzenX+9OT7WB94jgPqpOA9Mz0n/f5dmB49yIdtTJ+ +/+Nz6fQQUbhi2bnUO5qV2UgE3v/NpaPm6x7JTU2N0gooIXvV+sANpVQlgHRYJMtc +k48h64nAlAYgGtUWaZY4rfMeQ4cJfwhwJAJ9B6d5l+NrPtBZJndVy032sA8cPHEb +511+0Z2KZmkOzd4Hw5bBmORhGMIe8FEDKuD0dGugs868JYkCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAln3aEQFCQ9LcGQACgkQtlv+VA3vhsDK +eRAAgTPObrLuCqMtDpZqeJqcYFfEC5WIUEVUdRhAu9f9Preb1Xsm60NJHrD6K/U+ +JjpaMdTMOVDSAZMh07SLfWhy6ayfjczETpHzNWsT6In2FvrDjE90nkvyDiSjiJ5u +usFKh39mmsNOr/BSOFBy/hjArts7cyWHvglAArjmEscdaEcofrLybgEfmIVLEP7p +y6IegEP0Yqdt8NAPiKSYLb+WP+MkosRAXyAiWTTvKyJ2OngCt8domWX/JV+fJMyz +pJoimAVUbWQ3OHTjVu+98QdDW3bajr7LE++OW5zVRlJg1lRB/nsETDAatvEoN3Wm +GKVXS7wXEw+C5vHj9zA/gSOgjT6uaw9cRIEf2eW4DV6fDjVQjyODulyXZY08GnC9 +lt8KaIezgVsW7EI/MTAIHC/xnDIxgEDnid28hEcEuLSoR/b+L/tbhNwf+HC/j5MJ +4gOdjv/qzWDAyoj3bz20ljNrU3tQduuZpOXaref+TKUG4xEYl1INjh9wE/a47hS8 +0NLoDigqMdf8KT+PQjc5EAkwKRkCzjQnvJ/aONoL1813DaDTvF02x/+9OzaUYlDv +zeZ6v+Tkuhq02w4ciDEoC+AO81PblUHLWAXOdnarXCGzt3UN1CtRHvPfwQVYonn9 +Cyu/Zx4pmF+MayiEr1h+W3kAtNoppBZfR7fOIljIQQDddPGJAj4EEwECACgCGwMG +CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ2PnoBQkPLQIDAAoJELZb/lQN74bA +Y6sP/3gsjjmnq/GgdgOD8YQnk5zyG8uUYzJsGeii5XjjH7rPhUBh+lAJEu+4BXR+ +cMz0738YuKBZvxBTZ9S4C6uCrl/C9W08DNI7n3srgSHqirKH+OVK2g/Hulu2SAi5 +9aLOkDgDDXCf8ShIGDhxu36s8ATAATKKLHlWQg/j38gbNCE1B+S+DRD1+ObO0SIY +z35AMchE75r2SR3SXwhYvphHLNj/EXFDwNWDgPp+Qx5JsWKBvbZYwW7CAZYDQpz2 +0Dn8WPtQOTv7i2bOdO9A4s/+jTKCN3SeLmqAVrIRKAed0OshZSrdq60jGED7poHy +o20Zy6DrdHWlZ/zz3BjuJdTn1JnZOMdxyCxuxYynJwMprhp6E4iw+f0Kc7x4aTMZ +y3cauN2B7Y9LBB5JMZUHM4C5R0SfUpgJMoztSQBgyVadpEMUyhsCveetCZGg+dQC +8LrhZr2WnlHAY/VUr8nJweg++Fqnp4P4ZMzLZJfe2RE7wnvXG4EBpUIxDSftRI0Y +SaQbZ7mlAAcj1f0jcEJoBQHd6iD3zvj5Ajp+/mUHMr1Lg9fZiEHBRMtIdR3WjWFB +TTZ8pWuUv6vHb71YuHBbEuSzIsxbMxPlbr8tAeoruW6If1t+7S9CIcp6j+SymkhE +qo/QQ5pNpddjS7KxeiVon77q9zAyaeafs7HKVHkcoN+qszUiiQI+BBMBAgAoAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV/ZMOgUJDUpUVwAKCRC2W/5UDe+G +wOVoD/9k6DUhKtshVhbvuzYYjeXexvj4U0cwgOq9vYN6rhBMj4KPwsze6xoEe7bO +XB7A/H+3FiZRs1bksyMWnpfYGcSG+iXUEsC97bt+23V31bfGVW305tIN0yFFStEV +6eAvaokE1t5H7O4DDDtBpP4b75yssR4vJvV/CQFi6h1CiscF3gV7KZgFeKbOQ/Un +2sLjg4BUTvjptH/PeDG9f0gTRWe/7Yw+FTP/zziYsFjhpqebq0mPIRr8D+peHfU1 +VXsVehs3cbYvZUdyCZJbaiNwcXsOZCmGuM8QpXB0/CvogHiz2Q97k/97SnLLrd23 +X4yOVpcqde7SBm+a50MK3r30y36nf0cSU42r0lTBZxOwwktxHwkGN5dkBip6kcW2 +5M0T+ngclR0EDii3/2QRPbrCDc19NaBXy7tLmtptU0EZ/h4/ZCyBJNchtFiMEOOf +yZ4wSVImggNds2OkcfKm4t7Jqs1ETN7jsKXmPFRKZtSdpe7OXL7eDPMo0aB9KqDg +S9uryIYwgQfTot/a9Eko0sxHjxad+SscOhyZrhHcnq0i/Yt/OFbcd1brOlFa4gC1 +S7au27OQwFycuXidrytdC8+7LtmKdjubkOJaZtJ99UAhXNTgfR3cnjkG2btoItng +sBNb2Ujgf3aSkaETN840it4x4VsTVbnsLEtqEK0y1mqJaXVGmIkCPgQTAQIAKAIb +AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSlpgFCQtmnrAACgkQtlv+VA3v +hsD0Fg//YwhVLJK0aTIK5zN2KyT2BUGsj96xiPWEjAOKx9MRWU3kgCFEzO/ThM17 +rsMf1Ke5bHR/KU1efIo98o6xXMLMgd9wEx3KAB4YrwxrLQ9E7CydV8zxSKnvqa07 +D3qelLu5ARhmSsTkjSf4PHsafaaPElUyodHwhNpOt2N22QcL9HNMdaom4ZdNAdX3 +njloOysjo5+TrVJOM3ZnAuuLa3RR0SgE9Obvu39JCZUVjdB+BqpQrdove+MKfjlm +fvaASPy2vVPcfoCCBvQ5UJCMxQfdTyquCrYmsS6+0fkPt2BZFCcgJtECZ3HvvwHL +gALXxukeZYjDOHVVjw0hccBgeVROs56PXViW0FdzbDDr2p8usjwpRCe2njN3gjeg +qcTzHRoxOKJgJakskvNmaiPq7bO2ZmMBtQGkqrJX1noF28sN1lwTNd9dpjCAS6jA +vIIvdJZCaGpV3o4WbZHWxQ9s4UoPuCjEeo+1x6uP4vDZ/z5B01dBE8ovwSorpMOl +XVzUPxLlHb327224LJTASlDLFbe6oQAaGXkZBmRoOWUalOpcV7fwpf6HaCtEMM9P +uDnWpdyyyh76hi7lSJOS82uNKkFX5a+4W6J1oJ2pQDjSymx1ruO1Ag2g8fV4jOxG +bP+QrRXKTWKMV71utqrt4kLwlq9fu//c2irXMTsHBSkpLiayd/GJAj4EEwECACgF +AkyNK10CGwMFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELZb/lQN +74bAjwgP/iFz8JEb9peHoijEVX5aThYdNsb4+MgP+djI46aXd+trd7t5vq2xCM4q +n7tdOJx+lD1w2G8qIVvMB0J67MEJxXGsXqvkD1BmLVe9Smrqy8qQmIL7aFHDBYt7 +i78EZyyR+DiiRaRyM6yeV7jSfej6tLjMIitz7d9KESx5RrDO8V/CZXXDvsySppTp +V72oWwDY5Uy9i2qQHfz5qAJ7dcgJnaGnEkdWqcgFBSJ9iMhkGg5akYiMSXEKS+q5 +mv406UxIwuQ2xr4/Zx5UXBl4nSYyFg1JiN6GtX+FpjqFqkzhF0iaYs7+aeqSMkoj +SfYD2KClQpXr6VnOSwQqMMDEQbqDkDdViSwoSUVJWBvRS9qloHBYVgEf8N96lWCK ++wBT/CbQ2OalQmPlvjz7vSlE1gQfjCvVYNl3zmJepmK6XjFCCS9soZuiH5aVxEda +5HhBGCeojwVLGJuAmkeQzCQfKVzGb86CY9sAAfYAVuI0U23w07xThxYs4z9TkT7U +EY101MQV7NC2eG8N9mlfESfoUNyeeZd3huMhASqeklNJ6BWtWz1lWdwWxbQFczvO +IqOnNIqLMEuGolMNlAz9FIARCmI0iscLK6GwtXVREUC5tbCdlrEcder3WUaOnDvH +0dUzxG9Skx2AxyRaE1+dhsfS08DMom3tKnyTWLmFLaqMDcaZGMv7uQINBEyNK10B +EADdyPxj0hprJJpB/8BbUz/q6bf2n95JlJZCtqbfFTMhJYkkRQ1N9l3sBl536F7h +2iMKcOFkTq4gYSWsPIx/jG4QWWG6yUYWbXJZEG9KRyv5zq2lk7ajUq3aOGmkR2lM +7I2ZsmgFfR+mfUUV4/ov9Ap0T8upzMkMyasiDtmtSpMFbOVpRgJhRUrlUR2dz1Kk +5En2DN6H2DyooPx1X+llgoZxixgnaUyNwYReoLoy30/3zZ4vPZEbxcBw2BaLtyQO +IKsoptsnyGBNDTLa6SEyXTVzIXJiyqOZV++9B9OgCJJ4Fipk704jKt3SCNOzhzp6 +IetMnBN1q5HIIs3OArh/Ta5lwXuZO3kv8Pv4nHNSqcHL3m4TuJdSJkXIP9b4+AJt +/x3anBvSjjtR8/GPA4GkbF6KDmW8xIDSrJQDIMyjRZRCE+xoqGuHIUQ3ywtEf7sp +bONszvg34bmn0BWTtsf2ATw9gBhW6xI/OdizcYuAyoR/JvzE1UZ7+5b6YOruX3Fd +3kSNQCSdmETpUScx3S13lLlBk12O087luZA+8FbKG/G2GJNH1VEk0A9iUlt+J+Gi +ugsk8hYloeCFXKRDaVO+9iitM4LE0A1fgSA29By7b8fi4N6emMk2MmqGGM6d7ear ++VIretNEnbHYxBn33ClonSQqiJrM53/LVlu35gSxkgUHRQARAQABiQI8BBgBCgAm +AhsMFiEEpsdONBBUoWnOUr5ftlv+VA3vhsAFAl/KIrgFCRUeKtsACgkQtlv+VA3v +hsBvjA/+Owx98l/J369ZwyMMueXQabTpdizH8zEKEmPCEjcfVvNwXfNMo00mP8LM +1WNUi1w5coJo+FoIfjjzcKwe9zuPWuvvKlmAPoc4ZK9GGHyAboxBCO3KAdbUkmWA +xBkvSAmaeuACDe2qlk9g3WoaBK/lLYxUJcKmi8V7fETEnRd2tO/E7wRJOcwJ/p4P +RBABlix7MOwvSuZaX+hnWFJHSPKhtS+stKaremcabB+LwPaFcfEuEnM73LC046GJ +/BmMYZlFeq0u+zgZBZMM2ymj2UOEcbRZTRUXc6PgjC9PAm9pf5PCWLBHEcnctruw +6mW+bRuh88Qgd5T3aasCErYUJsgDVV+lljJsRWRJF62+SOONUZxr2V3AeBAISDeg +oEZ2XVud3patNiP73/g18c11rf7cYcXAdK+tCSdoS04YHQ5OR5Usk/xXAIZ/0wHh +WDI4f1IVQj4ZnFgWFhmO2gPr7dPrNGUCYGtdJZAfr7fe1P8YgWIKO44dYoRatS/Z +ikV0zyOprHAW/36O4OivqHb/MLm4xXSQoiUbkVGUJOBfu9oia0/wPxnQzv2smI8e +EzxHgpQNMPuQQUlp2gbfnzSQB4qDq/mSAG4MKxYjmIgN+8LWmHF9C05YAbidiGJT +axkq1GZtR8xYQGePwR/df1n3q79J54BuaHyAkcAIcryckibgxEy5AQ0EVGbZ+QEI +AOTTfksPR/69ixTlc+bJ3vQgqEynJEdJ3ou8093XGzBvHhe2k+Cuka+all/U2L37 +3HKZHcsxJUg0282mqZjCZuqB2AYxdYQzR7k1/6pjtVwPhnhRhFuftLdDlIOg9kvh +t25PCjcW5k+OjY62InNJ7Q1h9rG8JYxWUMlKgWbu4qVgcMOc83gNjotivVTysEYk +eJreLFgA+7FHTQPANaofmT45iz0BKoEWWJL/eTafDc4cCB5ebXjtTsPr8NbzJ/d/ +4dRAIIELPM7IKs90OU2mDGGO8mAbEaShuGY4pOCAzOm+2GsL9ClGZ2uvT8khaIhm +hQZCk1u4yDezIprlfMd3qYMAEQEAAYkDWwQYAQoAJgIbAhYhBKbHTjQQVKFpzlK+ +X7Zb/lQN74bABQJfyiK5BQkNRHw/ASnAXSAEGQECAAYFAlRm2fkACgkQD5SAUt3s +vmgOpwf/XrYcFM7kIbVlpht9KqJsOVKcwDk0PpZcjJWVxDu6NtsMh/liOwidVufz +SNEfobJsjc2yYJFBL4uoPDq24YY6qF6cDfLdy5E+AaCUyiol6Fco8hrXSaqxpLj8 +tdPiFRgw7b1Tuq2b3WUi1JdgJZruGoLv6Y9P/6f26m6N+fEhbgOm89GxUJ2MoVN2 +VN/Q+ySkgAIERVYEoTZdELwYD4UMFWvxqOm9UMbaYXiB5mYdkR0d35tTcPWg/O1h +3zoFQc5vI/u+cEAuYA57+SbxvPV6o404IvtG6N3MesFC66/UbIZd1BLNi+tdCRWx +kR7Pko2naJmjdl2Cge3tPBr/tO7FkwkQtlv+VA3vhsDGEw/9Geq2kQ5PArlBJ6Od +mme+bcz8hVmKl0kf2E7+2odVK2mbAAMLvQaYHm8MA/TP7AtPvLbRbOBnqf+LDH9k +ouhMqmarcj51PIIk9HEl2ESfKk9rxLU5lpTvib73ZcCyv8K7TdZn4LyveyQ20Xuf +WC1m0Wjex75uq+BBDmzD6CN491K10qBVAUJMadNXxOQo5r1w+U85/80wEBrOX+vl +WnEq4QOS5OZSzpAg+XlJb0uDtnDuee5pBtzNgKJ7Z9gUCUPxf9BnMjfYigigIg8S +uDLVAetW648vW46vZ0c+Sk7jFfJbRDjgKlO6Ok9536MAU++nKEFIzoL+Y6eM2FB/ +N/HdW2hRHwrzPSGs5vaNnW0dQtCzetS0rzwTQbckvmyVHw2vm8/1EqZuSNFOg1la +N1aKPblYAWBnqNEgwNwo7S3sn0RvA91+u9LaDxLF+l+sm5dlvRbYRVl0p98wAhOd +GVxTYhGb3hmlfg5+1ZdWEIYoVCz8TqqkAxmG33+qqrmKhl1tbMqewnHLFP4DP1vu +sVJnTClJVpU9+yV+iRf6/b1bE/PeiBDdbHLSWq99kN2AygMYATIi97ipHMX0b9xa ++HcgW/CazktiexpsAau/WHsSDwzNPf1cyd284seB3zR3jozTMtSnDXZ7LR/raKSl +eMsM1wlos97yDIqzrVJdmJcVlvq5AQ0EVGbaCwEIAKAwVQtsK9EcXd9KFCpzrmpf +7ODiGcOtLONKUqgRYA4tnrPHfoKQGmjnOjoTEd4zydJ2kyroT2k910YAropjf3NP +7+zUSJVhytpg4ipOJT+0pwvIrM5ob1ACkecawfxs+nQMhaFAFfxA0Rdg5NOt5SQ6 +k8MLNxFpbye41wh6SpMBU1oBsHrQ3WdTrNdWqkKMLXHNTCwBOyvTq1T4CxByrcLl +Ty6LUBlPSW2+qnVGxs1VLEV7yW7ayzAehDMDPbtyGoCRpBwOaYk2WNpZLErbzNvo +RSBU+UaOrW0xTaROkS0frIh8sXVrCvajy/t3TpdfDyElPSe+O7RUWLGj2RsvjOkA +EQEAAYkCPAQYAQoAJgIbDBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJfyiK5BQkN +RHwtAAoJELZb/lQN74bACTsP/jnRIV4TpVbGoS9kFcD8Ymg3BijJOmJ5ybBvPv/u +251SKjFy0nlg5dkHe+iyczvZBYZaR4dQow50ow2iretqV91kOYw9nWREi5NtuU9H +gBl29jJEG0J2z8bb768uniITaaOEJ+3ckROInJuhoS3BOozEQ3tyYrAs3ci+/588 +46ygjq7zsOYTxmdd/gqzB6X7j7CC3zSinEgVVIWo3Mhn65HpQblIZEipzAAYxn7w +M8wTXBxfPSnxi3XtOWl9xo9+UGSSsFVd12va9PLVUhIHx+lm3/ITZrJ2TxjMqsA4 +cxc9MUQ9XpvcK9ntPn0kvYEaUGZeplDaOiG/j3G5tfsnEsb+22cNvQsJG2BDvKM5 +0nJRuwWzrtzXuQBPLF1EXIZUEml4U/LFjZ7bR7XP/wKHJTXOeSJDOmJuXwa8sBn8 +F0vqg45T7vz6zDGFDzoxjEcW667yWhzX39a1XDUnNKY75PuGIlQK6aBUFfZ6kX9B +g90zZfNrZ+e0wj6SAB+QVfip7xhF4CgUsGRldcfUlQfi4SUFAnIJmuOSSo4K+3hR +Q1nyrwC7PV/wW80sqy69J1+1uEYFbaPlz3681e+mV8z6fsPeXdQz3CJL5G46dHnn +JQy38Iyhu6VLe2WQngaz1XRL0QNak7ZhIJBe6IHbKjgKLFpBAmCGUy76VesykAyT +R2MM +=rvrD +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_A766C89569895C0B86D598D09963C36AAC3B2B46.asc b/git_signing_keys/keys/key_A766C89569895C0B86D598D09963C36AAC3B2B46.asc new file mode 100644 index 00000000..a229dc12 --- /dev/null +++ b/git_signing_keys/keys/key_A766C89569895C0B86D598D09963C36AAC3B2B46.asc @@ -0,0 +1,52 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBF4qlhoBEADgl4uab157tPQOtWEBaEyHzMllmAumP+XQokz180AXQY8Pxrbx +Kqso4UTZYbGXza3AL9R0Trk5TJMmjRf3DJMBx79kbdVo1nF/jGihz0QJwjR+KI5S +SA+veuPGeSckF1Liv3cKkS+meiRdc+hsUzT4Qx7buQSj+1tTlG7WHanUTHJp9nE2 +iKnf5RSy4TeEcfJcBOZOkcjgAY5aHXbNITpfhRZAlhaXe+0uafumfMX9QYqOyv2D +FeT0xwQphBwe/UzEADZxXTcSSMlpA+AaRAHGYo8OucZBxIHxKPb/s5ISVf+tT3do +dDoxvODfOaprFMIuoxznpiARLYJARvvRIRypcL1ye9Lln4lKIgpk0iqXoG9swRrD +Vch81yPpw04YAtqXGdVZ4GhXpS2OOAAqXuF0lXU0kTcI6tSEDiuJy9NMQa1A10vf +HkaIL4BmdH9QZuBrym6KR+B9dkkobRie1AJuyM0V6kSbtN7C3+OABbyTUQ1IILDO +wPusTh+0moI8FoC3O17PoFP+cvoy7jB7oanicWZamg24jurVmF5Z2cs/+0zzrnyf +TCHP71IviWCodWR+qm0vbDbPzMfsGc8fmxpSiKL9x3xJgfeykkOfD1//gnuZw+2F +NaK14wJPs8UpxRPlCce3R0YnpEsBKI1vlpRXMgJPiTXGmC7tdwkx2CT9TQARAQAB +tC9NYWNpZWogUGlqYW5vd3NraSA8bWFjaWVqLnBpamFub3dza2lAM21kZWIuY29t +PokCTgQTAQgAOBYhBKdmyJVpiVwLhtWY0Jljw2qsOytGBQJeKpYaAhsDBQsJCAcC +BhUKCQgLAgQWAgMBAh4BAheAAAoJEJljw2qsOytGt+UP/0q68qgYQwilMM5v1Zte +Xovb8FRoYPEmH53XCUyOKWV4JgtAfm0SrxvZE+wTJYTrjwcm9NKpxdjRmPIkUcH3 +m0CJFUN71sez50OZbmNh/Yy1lu25Tst520RMEPXVv7IBmytL28rhUK47bIh9z+Mp +WxctGeB2SVIWJfNUOifI3k14YKiyEXoExGVLTH/QrMvTfCm9rkky3kid6OSrqqC9 +uVCO5R889g6jo7J3Gqe2IUxxIZ5BOyL/+Z8AMKIqWy8nmQ35wgy44f0jiFLUQNC2 +rdbS9/JEPZtQZjZ2TBCPsC8UQcAZLBT2iQYx9VD/2vr6aHQUTZ5qvmJKPMo96pP+ ++TKn8oClOqjmZfOdsh6zDTUnlENDCsbRHEJIWWzofywyOqDUhZXhCNbzE0fsMAt3 +rY4PbPnuD0dmcfbFeasltBjYS704e+Uig/o/UTcVAJmypreB68eJbLjGElGheGyY +FuluXi6VGM4uGNGElbl7lbKfKVml0sgULXl9f+4eML8TKOHKNUhMWqnkx5WSbOxO +BiSEW+gBFZHMrkhspP3RXj9ESYpJ2irxrJzPQCFMF7D5kXm9OSrBRDFA+yYxZSj0 +p6pFVBGDdIlZ/qJcfh5azoSNI0KKbUvGDJ0mnM7OmehAafGNo/eLwwQeAJOnw8yQ +nIDUutZHZ9Z1v3WBFtslO5i+uQINBF4qlhoBEACzCtn7Eh+SNFP5kQUI2QvyiIxL +plFtLYr8Mmnk+c/TyXIvyttmRRNqC1eo5jwui36HIlK/EVlQ3khNgm3FP9YbASbu ++eDXWGrXd6CkYWkmO8VdB1L8e9ml+tzqsKtm31vjxBrvV7RzzFumA14pOfuSkeZE +ZxZAy0fdjp5JeeiUd5LIdZrqZatKtGV4R2KBgfXE0LxHeSo6Q3PdJ2vmkGEL9AOV +ESP4e6KCj7NS7drzEvy5LqvqPt56qK+tlFzQEvNwObTXjF+DbNzf5ooyrcDl6xOq ++Xt0ReK0VPe/fVZ/gSFF2kwXt2LLOR/UFcKHS+pfEYwwy2kkfz8NLV/So8M0fk1Z +c82S8a8726WPQW23UKJz9UtVLG1V8tTVfavfl9pFW1KBkToexPruTsR9rxDB/BFS +7hYxcn70GqInWGPR8ca58m+8mtDJuPcE4u/UeQy1zj20Gb0fSXhgfUt0bKnYJPMQ +HAdtsEw9vWZswSUDpZvtvYjViRdBePfo+NPO2TLXA9l4ZYZM8d2lkvI+wz7HpvqS +VmQ/56/xvwBHHuckVJyeYbT02tLt2hyXoL5j5Ql7sBOHIeMvwJ8QJVTJXDXGXqM/ +9aSVGbnXROXetf4a8rmedxdruFReRffmPBiQhJYWNrJxfzhvS/gA17uKqfK2eCym +HVahCtIaZPCC5ZjOWQARAQABiQI2BBgBCAAgFiEEp2bIlWmJXAuG1ZjQmWPDaqw7 +K0YFAl4qlhoCGwwACgkQmWPDaqw7K0YgWQ/+OuLUmvZYQdRvIEpK4C95vJ1khVJQ +HtotKcRUbQpTrEtGxj8/he8L/La53/SsHhXuwNRw7imeyDHOlAUxN6CnQiwjI6FW +8ocb8GkPFw8fsZ9Lne4ZMr/y5WFM/iGleZtAl7Kul5ddVQMmGrqGPaD+ldY5B3NC +h8AmZSzeFzx6PO7eqUZ23yLvJOLkY7PauDmTMaXYy0JwndjhTiQKEkzSki9cOeC0 +5n+kWcLcA8i/WI7rMOYyR5+2yIcQF37fFr6nFSvWSDmklITQdSUOP39LSIkltDci +b2DNdCni+Vyz7T5rkQiX5k3HYeav/odiio3PhjtEDWNEhMtYHcmOpTftRRZasZPe +xAWzDg3VzEZqtdLi9nJB26mg+1CmU5v0VCCV37Q8zhAAFg134+7A5sItCkr46Hy8 +zNOWxcx+drgVDVmOqrvxQV24JXWFKhROPlMxXEcrdYwyEa62aAzTA6t/kQy1vSZS +RcdXXlQd49rtohphFcRgH7pXgOOClNy5X3mn2sYg4nfaxq88LPsjXsagf3nd0ZCS +KmjEiGJg5MzrsMYdfNdhm42QhhkgsvrVoUDO+1DwQqvUYPCdyRHyfWAEnKKHTuNK +1lYISSDrWxhhR0bmwki5Lz3NKC1jgXlOLZGF4GOR4+UZoRlUCJcx9hgyZll4XNRs +wMDsCZKkPKx8jYw= +=Nid0 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_AAFC4B34BBEBB31C.asc b/git_signing_keys/keys/key_AAFC4B34BBEBB31C.asc new file mode 100644 index 00000000..4591a6dd --- /dev/null +++ b/git_signing_keys/keys/key_AAFC4B34BBEBB31C.asc @@ -0,0 +1,39 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBEhFl0gRBADnC55j/M93jZGhge7kOULEp5omeegtKCjMXiGIHNIswiv5iPnV +mwxlnx9XOJ4ikHp/GBJ4233uaAQCkcG7g/4V74/i68X8fOoWQrHwutqyYcQ0BhXq +gNE39N2M9hjaQBzpKZ2OHQA2aPFLsbA1KArODbrQmDMzoN/9idk5J/6b7wCgkQiR +Yl6lZdr8wqcFjrbDZdZ+bz8D/2HOg/+BZ+eLetxTJOWQMHlnOON+0XH+Y5a4/74B +fFy0bCbJIoAOOXx008KL9ecTKB+rBbQYcw/yHm0ejC4VCXkulfQ1Fj3ae6UMsnf6 +uYRJVrEuoyUShpuMEycL5H51itpw2taMYvZDHWeJbSc3SeiuA5KnrdnDFY6Fr956 +ymRzBACOsGc8BkdzZvqEOfor+et1NbtCQYm4HMLy7OVaZsJY9NTutyInAH9PRR5o +nbCXwe7YGwbkb8UKsj9iS2D0pMAmOddXq/DucGd4BxqeVSnyuut3mCZuMH5oNP3p +IViehNkp2T1SUNwaP82+L/ar3abyUqY9mErnQDVlEuE1bkVWNLQwWW91bmVzcyBB +bGFvdWkgPGtha2Fyb3RvQGtha2Fyb3RvLmhvbWVsaW51eC5uZXQ+iGMEExECACMC +GwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAUCSjLlzQIZAQAKCRCq/Es0u+uzHHgD +AJ9sgx31yhPlbmQKugztTyveXit3AQCeN76Xq3tWZ/omPQXiJ4C3Nk/5jxmIYAQT +EQIAIAUCSEWZOAIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEKr8SzS767Mc +7U4An0pQBYfhY09kZUP+MzLQEaewr06PAJ0fnYZsmAl0FlWwt1qzDWZuWSxkirQl +WW91bmVzcyBBbGFvdWkgPGdrbHp5ZmZlQGhvdG1haWwuY29tPohgBBMRAgAgBQJJ +mu86AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQqvxLNLvrsxySpACdE5PU +hbI0iOJGoS5nsEsYVRTrdF0AoIDwmwbDgUSs8LyCh/OD6vPTs6ubtC9Zb3VuZXNz +IEFsYW91aSA8eW91bmVzcy5hbGFvdWlAY29sbGFib3JhLmNvLnVrPohgBDARAgAg +FiEEG1pCvEa8xzFj4QEhqvxLNLvrsxwFAlztaXoCHSAACgkQqvxLNLvrsxxNAQCf +R3boyJRiWiHRr5Y9AoV0ugO3ufwAn2N5HObRA+wgldGiFlun4uo30KFhiGAEExEC +ACAFAkhFmQ0CGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCq/Es0u+uzHNAA +AJ0ddcFFtYJWa5o9H3NeM8hs5Joi8ACgiJa3NI2qSBoJJreFyL+cN2sJ0va5Ag0E +SEWXXRAIAKRfpOq1rWkvW/jHahwGwl81z2AJaNMkVzeeiQAVagwbc01LBIqYCSCt +Q/rCBmqyMwvDMQOdFsQCSDA9Gepq8zIt+54Gi1jOMEKe+qPlQ7+XLZ8cVrn8nwkz +K/r96Q/cItH25ZnVRA6oY3v5GpxmrboHMBVqHTw+Q824iRPAjMJ3tyYxo7hyTznY +EkgL93enxPhDETbk3iWT7yFI2DCUw1M6pHbuRf3PX/UB2tfyz8P29MMBbxK7OVDn +vlCTCzGpecpa7afFc8MhTThMjkzVTbems8P4BtXx8ZYJMsPnEIMFJEJTdkllC/ya +cKUuaTxj9sRyluQvF0/tKaaSXBEbhIsAAwYIAJZrP+2SBCYKavIvR5WbnP+j6kk9 +zTSX79CIlV/CJtChNGm15/5e/ILGQVdwe+E/w3WEKk4P26CeebyRkUJmW5Qlbe4S +S3Jcys4XIBb0TdVwTfbxnuI1pLyI/aULDtlrgMWnTmxT037RMRmgJOJsjGnNjClB +GVEutU94JaM8ueOFzlBjYD2X4k244FcdYKkWBNLXfynO9xySImdwfZztqHjHBsE+ +Oi5f6w5Uqu6X+0cogcicAFxtV0kqoVgzxAzO27NH79+MFiivWt8TKJbI+FRqzm/F +GuXMXQJA4AmBRzLalY30EbKmUsfBStSv0UtQImtPoq/tKp1TRDDb7l4VCQSISQQY +EQIACQUCSEWXXQIbDAAKCRCq/Es0u+uzHBR/AJ0cp98z02z4nziKAHiBsWmeN1bQ +8gCeKZfr/GzGhoEPRWKtB8ZU3LQX3l8= +=c5AW +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_ACF4B7893D4D05C8F18069BAE7B4A71658E36A93.asc b/git_signing_keys/keys/key_ACF4B7893D4D05C8F18069BAE7B4A71658E36A93.asc new file mode 100644 index 00000000..de6e4fda --- /dev/null +++ b/git_signing_keys/keys/key_ACF4B7893D4D05C8F18069BAE7B4A71658E36A93.asc @@ -0,0 +1,525 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBF4KiXgBEACGl3FSLtnk2VmXhhdDweAERdgv1ogvLnda9HVGlLoi2cdWEibO +O4k149HV4Qxepu8VObKkDHiWeGAlXADVMOS+inSrFLL80WsdPE74hPYW2aEMqLFc +aZpilNbXVYWHEzdb7S1Ufpj7mSBlCZ3tW1cr3H6bEZYloOZTtJOjCUz5JMKEeRl8 +G+Yy5CE9Y8edLyQ9cPG5Q1Ezuqou0oytubmyGI87ZOPRNsLqZXlui3hfl8rY8kG+ +KNUvxOxlwnGRXG0Fnn2ht3hbyo9vPQyk6V9E05UdrLNZnIqmHU7YnnkMdk3B1+5e +4SX2iU4Op0aCvL0V6mgREMdmkLeHyDGY+QiOGkVGrgb1QK40CBfPiq6ZlChAuiCP +S5s9y9j55QhwyB+oTsJ4QX8oCaJJFHdzDsBQoY7vaIwCH1zqGPgRoONU/HDf1m+0 ++8IguciAGR/mf6P8Xq4mCo8oB4hMd/UaUAYsS6wLGXHOTeUWZtVfeiZszoFDKWM+ +URG9HfLrkf/so2CAwhv/qF/g2UAGfAfJHUL44Wjv4QiiRtcUJVPIn6OSj1S0S83B +MAr/WZX5+HlUOglWy70Mft+gmnavnY8glDT1ASfnLyv1hP2PNdWYu/75I2CDuFgc +rmr6WnEPSHGaXuy4pR85w/szElD/MEZIUw4pXHEoRWWio0ef3IST9S6VZwARAQAB +tERJbnN1cmdvIFRlY2hub2xvZ2llcyBMaWJyZXMgLyBPcGVuIFRlY2hub2xvZ2ll +cyA8aW5zdXJnb0ByaXNldXAubmV0PokCVAQTAQoAPhYhBKz0t4k9TQXI8YBpuue0 +pxZY42qTBQJeCol4AhsDBQkB4TOABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJ +EOe0pxZY42qTwCoP/2rl4W6h9CCIexWXCw4NvJb5IXopUIYpXX8WHoUYCr7/TuvJ +0vBCCpaRyjQCz7GdW077h4PFVDZPfTzu/YYH9tDxwZlmBKJ/w56qMaf4+nYFYHKo +c2U2qPry/WLvkJnB4B/L+JZCa5gr7VYmhs/I3CTHCZmlzWKlQm/D/epiuIRpHhie +SxZtrhciZXCnj7/mhCmJ2G6rQHhgkqT0ytUKiMwU9q9Ds7IIIHSnBN7InLrrieTc +6K/3Ow2dDbRH7cUUBFToYGj4cvGzl5AGhSzO9Uofh+oEH4JReXV/Q8qU5n2cPFdZ +pMi6uHrSBF/7d1lkA3UroNCM1Vtu7AdpPl7X73y6QLWT3jML5rdeJ74NQv2+VlS/ +07TqMFHalsj3ULx4x2SEkWzxO8zi7sxaXE6X08tU1Tw+uC0ZtJqpWxfQDtETalGs +KoeHfJvI8jI9qu9vQqnAjyDAJCpdPha7bHJ611sZZSANaHJVR7mH58av5Wy1NhDT +eNZW8Ukhy6ER92IzZXj9nyDbgRVEDVTuYIBETY4EqJq5++A9vz+vZy7HQbu1edIc +DBoQiLdAUD9yxgBcmwcuz+oVUqGASBR+amTUqaMOHtyA2+jEV2bHdqpyRPEsisT8 +FJWgKoIfXmBxm5g9Jb+k8d4hHqny4rqpXsjxcCkyLm2oQc9M4TzlHJEdvquEiQEz +BBMBCgAdFiEEokRNBtPK+pL2iiHmeceOZlnbZY8FAl4KnrIACgkQeceOZlnbZY8g +fwf9FO64s3d1ZXdPI3All6U7/mKo0W3r4MywCPlw7ZfkLCid1ZF5COf1Kr+gcQf0 ++vyvGCO8VLDM3PRzBUCDkkKIv0bAYFZWcXz9T7PzMmb9e+y03FeS2ZxdtUhUpGvH +JxX8I1apBvbe/Vg2qVf2EK4LeLMMRm1NBhPYYjP6NWr+3UoMXfkEOUaxzMj2ske9 +O9Qd/IKTfpWBuISUClQGM6/VHrVZQKghZ7Q4ghBdtVPaExcICy3mTJQPH/eVue0E +4bZeceqkCzlrCd7wlvRR2WLmM/vE8Rp1zdQkmt2h0xREEy97avCfo7GnkE24Q1K+ +EG1B2tMtrP+Wezzo3pT4sQWk1YkCVAQTAQoAPgIbAwULCQgHAgYVCgkICwIEFgID +AQIeAQIXgBYhBKz0t4k9TQXI8YBpuue0pxZY42qTBQJfBdM2BQkC3H0+AAoJEOe0 +pxZY42qTbpAP+wWj3YG+LYPzDa59obTfqN90nJztCFUrd95j1bgE8pkva5Ilfbjz +qs94n3vUn61bWWmZPi31rXk3zkq0PFl7p0GcQaN6nO/BjalhggUKaI4q82ZOUltT +FcMZgr4HKaNLGn+Blfyu5siqw27nRB4s/ALjKJOFrRRaAVUOnShpLTDLGfym17dv ++9gqssE/kG9Jc89kKcNI7oNqeaEvh1JueURniPQVIbuYFWPhhFrNu+2fr5NYp846 +C+33qXesZgoj2ga+0Zq6hkDdzusZ0Q6VAorq/0AKjJ8J3XkbEmIYWIgqqDxMmZTU +IfQtbbzbTlZOr51fQLA9BVx0J+VJOdHzATIsd37bYdHQqyEFjChd11YXcEsBKxI6 +1mo1RFzYfRT9Uh+YXhqCyBctWUED0TNbrHZ41B5UwnRyB44l+FUDxLD/ZNeVrXAL ++D97jWrrso/DUoIUGQaRBCzlSQOdKSTXUJeAeqm9eheDyTQXrELSXl+h9CiM+tL7 +EJgPhZClDUZ+GQU1ws+VOM8/GyL42z3tUh48VJSOlAaIlPJBNtVjMgPFwMkS1xB9 +t47jHNQsf56TlgTAdyOq4MzQU6VOPa2ybcH1Esbm4vQE/kDtBMNjN1mb5ySN5gG8 +BhxF7JH879c8I9VWzrzeRV+utHkfnDx8Zb8olA+s3ysJEvaX4agHpDWniQJUBBMB +CgA+AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEErPS3iT1NBcjxgGm657Sn +FljjapMFAl7OiDYFCQKlMj4ACgkQ57SnFljjapOIMA/7B2jeVCukULtkRR4dMWi4 +iZa43eVkTTeQz/qexvQKyw9kFeziJrXPAUgCq3Ao5dGzqAB9fXr8vqQlHBMiZeVD +WQIIhd9E/7jkLXw/v6dx/OVbNONPiuW5cBcWGvjF0+3w7DKibBYwT4PD5wP5d5PM +qi2ESpUBt33y1lQ6CsFotNAqUL/tmiiohLALv+HPBtIBMFio0tTIVDx5fZVkVR7q +fet43AZgsGbQ9wwCPPrioqQbg2EB5BFMdmiKiLT+yymDQ8VQXg057qu+U2uu/YEG +hik0dykNbsciFao1glo49QCsIKKq4UXlhK7abQNR0kj7+K6zIGS75gl26zcFJe0R +n8A9CTNWnxGsxD2gCNO3u/dybmCo/LLWxkUG1U37Mt8NeJcB6AAmcok2yLxg1NyK +m0dogkSG5eUW9rZp/L5d6FHEQBx6fcBxHfI5DfaQcezuARc74TWfUB4yDBWaQZf0 +o2BSuAkbpnD4t8d01Svx8Pj6TxjnR64eTSYtuZyyh9Wzxt2OjqV4Q/fYPxgPke5G +tf9U/+rb4PpHaC371XGEhOETFTpVMCzeQqfG9HoOJo/7TuBigGI2awv458zveuPV +MCqdMi4jV8jZOsr0zy9VrGQ9k4vr/3CrYdpLoByFLLSAvQ2zYc2LedIeqBlwHX48 +QhbmH4/3jUlIc+I31z3nkP2JAlQEEwEKAD4CGwMFCwkIBwIGFQoJCAsCBBYCAwEC +HgECF4AWIQSs9LeJPU0FyPGAabrntKcWWONqkwUCX61/KAUJA4QpMAAKCRDntKcW +WONqk02ND/9VMgc24rZt4VXV2OMJlx42U2enPIw4wR5QaDi3rEaVS9pGNhWZXWzR +D7m/kTwAnRK1hFLciySu2+8enX88hfG+WsSXeJ1BzJZ0nXgkE472lES+oPh4472W +xojgTZRa1UAJiZWqY09Yu2bwZ76VUkfFb/SmciaaTI3LI15RR2dIJ1E/+ChcimK2 +VIHUivfFHL5NSPSDcoQZm+akw7dEtynUCQxhyHxzmrBxX54Jb/LkiPn9yWV9sxtf +KlRAGOIhtDBJ6Y29i50TjP4sIqofTgHbvb+qnlT+fVtZMHs4DA5t8YdWYaabO9UX +uFRCp2IH3Mw94iuJsh986+ssAtqlyG5qfRzpLa22TlI5mcffyqUK0RxwVqkcFQ3s +WVNa4o5nwpJlf4YVSeMAUQW0D04z8CZ6YiVFcnhDaQIpylQ6dw2vOrUJZt6oJ6e0 +65ulxwLh6gQ/7Pn5K/sl3fdVuI7ZDtkFUpo8d5/bwtiJnfiY5V84cSaoOb31hg8U +ECc2cd3r0CK3f5g7mq2AaP7P3bBzVUKqhCH8ZcNro7LDOrRTniI9DS2TU/ommAaW +04OrU1yUoxAmZ37OdCeKgz5ykFxsxJ3PJ77eN/gsUTj80Kv8ZBkJ3be6NYbavE1F +b+sHqRzTaLl3Tnh3cItXJTiQHejPqYnWWXggvqVn1E3C+oV9dWgra4kCVAQTAQoA +PgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBKz0t4k9TQXI8YBpuue0pxZY +42qTBQJgyTlHBQkEn+NPAAoJEOe0pxZY42qTfXUP/2qhUMLB7pA4z3FzhFOjO8n/ +jSxAzPKzOGTCP3P5Wl8h4cxXw85K8w++Le27EEBLkzTszYQccWRNrgZ0y6xzqR0t +c9JlSw9Nwb25bDe+PfQLzEkSdzSYfAuiudojyZwR7PNXFjWNsmCNDP1CRhAYPqZY +TQccz+ur2POZHlYbXG+CXrsM0rwhTKtoB+ddrBOFHkseAdU2sj8zGES9G31Dwf1D +CRsC+vfnjIcS8bFwYeHLIn5V9uq+VkMhandPMKHK+t5Ggtt5rENd9t1h93peC8Q5 +KAA9QV6ubbqAiw6eoe6v34d1qKe4cwitUQVTsv0WDoqhYp3FN1Xss4bZkmzQkuKh +fc60Px4lDDF6+j7APAuY0UkRODsNYYl6jFAEOyhc0jZQF6rRn6ngb/Hs+BabNUG4 +Hh6Ka/uh08N/CNYja4kuafCIfEnILU24WsQZYf5GC9FhPAhwLGngsOcUnj9KFpph +B6b1uub8vv0q0bME2OCD90Pk9tv6FeSqjYOu6mGCsWO23mBX3CvsgXCI5ccLDLH8 +yY2OJP0v04OFM/NnNAAzqqJYrUwtfOT8uCmVdyScZWquJOHFlIHeRcyT1M2zp3/V +SJqmhwj2YVn1PZaBerMZ1XJadmELIXSPGBcyXgejlYEPiRMdKiDW1YB9GtgxW8pg +Xdjiovod/J/jsVhDsonxiQJUBBMBCgA+AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4B +AheAFiEErPS3iT1NBcjxgGm657SnFljjapMFAmRBSY0FCQgX85UACgkQ57SnFljj +apOnLxAAgWoiXl/RY0A8pujxZiW2Q6ZUqpT93TaXFRV+3WbvgP3++bagqNy4RFxe +Ghc5LsOcKeGC9TBT5lfxn2we3gsBWCoUBIMKd7nItDlUxYy9GiRJnlwdYqOkT4ql +BCPh89mR/KgKUjbmszlpMcDjmw/n9Ka9X4wCH7fGVifj9/v6woKyyCkzhqUgWCcN +uPgBtPGDwYFpBMqW2uFnAJ9rx7JUw7IVkP61UWN9SswQT9NA4ln7cbVEQROdUfkN +XTAI51+sux/i/PBrNC1s6mhNfR8fs2rtuz5rAajUZTaJF3TdKX24L1uWGsz/N7Pp +3+m+Ec8Jjoa2azBc87NZv1i9Iq/AdC/TmOyuM0YDH9/WBSAfQziTYq7S3Oq+oN/L +lHLIfMt2+4psOo2tqTdNl7q3r+kTDUMBkSzQ3+AcH86skyNyrn3zQwp+OsGCDaKh +m4NGr6qEYq4AulhIz+p9xb/CAO2ITMEm1GNS0fPcGBJs9dqLzZQqlUYh/otoVNYu +Ifmdk8vaG0p03wlwFqi0PrxObekkzAARnU8CwbFZ7FLkf6r9b2CtmMPzIhnbFMuD +39pliNwN2TXNbLHuUuMbR6am1/+gUC+aVeNjht6oVK6QvMYmssgs+vNqfllrUqMW +X0a8r0lm84rvvWKkgDlWpZ6Ch2fIS/yoxsvCdPoBX+jkiJT3s0GJAhwEEAEKAAYF +Al4fJEoACgkQWCftEwkh9dQbBA//Q8CLML4tzNDnXAOJ2Lj0vL2vzmlOV/chmP0K +qfbe3O5H5HpzUgD3Nya9l0nr3dqA52bda+xZZh8JBEjm45CO9rV+SB7wyVukRkSU +Hbm16VUfg0dEHR3YE58kXVCj+n3Pc69o+bMTPARoAw0vaUDicIxQGS9+4qYJ+ucl +eOqRblptZZUtn4FmizEMm8h8daDrgvrutrHgCOvCR8jhVM4PBBvTKi+vgcMluAHf +CfWKJrKTYjnfmEPdnXjyk/CSqyNb8iRmL6o7UXME2ay4hRUwTXrWkOHBdE57HAxR +TyYD0jUDYtmglHGAYifQwEfr8mTkpkwWRwUphRll7C4t3m38XkOWjw5IF9AFojo6 +sikB79JRH6Xg8PtYOmQwZqSpIWyaFZ1JjRH9Q9xhXMVI+rnqHTLsX8qLZe5H6P5X +JjYcx0Y2PuGVKvnnCFlI3a5tRgMCnMm16BrnQkD8r/CzbpaPx4bOj0y4y8cC/LF2 +8n1pyzbassXlz/qDp3nLXS8gw5RUEY3JSCWje0sVVETkoW5tqwvleU0XkiyDPCdw +O37055EKiFYd4F9JCd5uacaO1deYuLqQ2xxphuvqdMrkfaFJASVn12lnU6HuP7G/ +9P3DzSj5wZziPxrRH//zi5AOb8/qVyRQdNRtUkuvDma6ZjNA/8m8CZ0NMvP1z/xv +EYvCX7aJAhwEEAEKAAYFAl4kEWkACgkQWCftEwkh9dRUyQ//d171fTeS6/NXgqop +SennY74HSHNRO4ntRURGX+DWiRfdUc8XAK35vFeryH8O3zvC/UvS5XcJH6qQYhxy +giJZqDkMweX7EF94AeueMpiAA8trsldMlquu6MKPOupcU4avOlZAAWFvZup89hX0 +bl8nqz4RGr//PjBOSeM5A+p39SZ9vO9fbE6BaDTK5lJSRYO0DKf4GeZfPUYHT2Vk +240IuVeWT2z4faBHSRvpeLcBmeCJz4jN7XLE0t+esvLt8oNH3uPwnNG/++XUKp/4 +vDDMcFRyFt9INfqADhkflRnet8oxaxuqRS3gjfXdLXTIM2EFCRiMengHnY1N/bNF +9w+eczxR2TehI5E3A0QzKJO7dkxw/aqHRich2TE1htl4fRmelzMlnMVjGnt6wD6E +NDLBgrsRIADqLdXXVpgHF0shYeA35cuvA4PKs93gnshtVZxvxtt3/XZtpASUefuM +MPuwM2y0GQJWoAdT7BqF8VrOv1Zsre8fs32Ctdy0PcK6alxOcBOaLhD5P3lTPR6m +zbNtn5IbeyDNk//CNxI52t2V6eMJEHLeC+2MImo2daqRkQ5/LQeM74JJ2pinVVYP +3UeGZtyect3iKiVMihovvOgH7AbglgKtTjXXcRhRld9+9j3g2OdruTebAcPKQF/f +x8vSt0QB0+mmQzt5wmf+t/Cw+feJAlQEEwEKAD4CGwMFCwkIBwIGFQoJCAsCBBYC +AwECHgECF4AWIQSs9LeJPU0FyPGAabrntKcWWONqkwUCYmASSAUJBja8UAAKCRDn +tKcWWONqk98vD/9sVLi3YkK7h4OJb1NMRf+vtcTwrhME+ghpV/8SoEWFc5DE2v3M +j37pFmvD4q4tT54ogwvWxTZXKrWiR5z89LAcIeCRxLqDKkp5bGRhmbOpxSC8t2F+ +wFBBYR4AfIzUtzKVD3BwnYFekpcWxn4jZ+E2D36pzS37yUqirtHZqTdhw1IcB0ee +Ny34kULGOleNb/pJL9ssy5x96KJGxZ8R/mZiujcE/yi/85ygT60qAEwGyw3sTuF6 +m64+mkBxOnlKH6DeIdZ5Flqoim8TP8tNYhnwwoIoY9t8cvkYRFkzh0cKhCuEv1U/ +M7gdeOPgI4VxcrypQvZT7Go2d0OO9oFUZtmUyikzF6P7IbMafw0fuynQkI84Gcpl +M4ewdgW6aY2bTek0qgZqvtL3mq5bq1L1oue8YXvBQJbYH+9NU6XAyKVWBpswv0Rg +0YhUpUXbRhLfY+UlvXMtgY/1sVPAtkD+sGr9fpyETg9qXVH+bMRcBikVyuuwxLV5 +4diJW5It3pb3odhyrzBl35bN6Z/lTV9rxvlNUFJiD+xgfOk/giAz5YsJrphIcNBo +XeZl2Cac3gECvsW0coOXYLjEv4UnPqdRLxCLfYgXdGOJZlM8U2j1khkABnceQBus +zuImKIlLGbr+DkLoiwXxjc8xnYnWEFse7WuX9Uptreoql8gojEISgpG6DdH/AAAl +R/8AACVCARAAAQEAAAAAAAAAAAAAAAD/2P/gABBKRklGAAEBAAABAAEAAP/bAEMA +AwICAgICAwICAgMDAwMEBgQEBAQECAYGBQYJCAoKCQgJCQoMDwwKCw4LCQkNEQ0O +DxAQERAKDBITEhATDxAQEP/bAEMBAwMDBAMECAQECBALCQsQEBAQEBAQEBAQEBAQ +EBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEP/AABEIALQAtAMB +EQACEQEDEQH/xAAdAAEAAgIDAQEAAAAAAAAAAAAABQcGCAMECQIB/8QASxAAAQMD +AgMCDAIFCAgHAAAAAQIDBAAFBgcRCBIhEzEJFBciNkFRV3WVs9IyYRUjQoGiFiRi +Y4KRsrQZJXGho7HB0TRFUlNVc5P/xAAbAQEAAgMBAQAAAAAAAAAAAAAAAQIEBQYD +B//EADoRAAIBAgQEBAMFCAMAAwAAAAABAgMRBAUSIQYxQVETYXGxgZHBFCJiofAH +FTJSstHh8RZCciOiwv/aAAwDAQACEQMRAD8A8/Mo1T1Obya7to1GyhKUzpAAF4kA +AdoroPPrbqMbcjYqKIvyq6oe8jKfnEj76nTHsNK7Dyq6oe8jKfnEj76aY9hpXYeV +XVD3kZT84kffTTHsNK7Dyq6oe8jKfnEj76aY9hpXYeVXVD3kZT84kffTTHsNK7Dy +q6oe8jKfnEj76aY9hpXYeVXVD3kZT84kffTTHsNK7Dyq6oe8jKfnEj76aY9hpXYe +VXVD3kZT84kffTTHsNK7Dyq6oe8jKfnEj76aY9hpXYeVXVD3kZT84kffTTHsNK7D +yq6oe8jKfnEj76aY9hpXYeVXVD3kZT84kffTTHsNK7Dyq6oe8jKfnEj76aY9hpXY +eVXVD3kZT84kffTTHsNK7Dyq6oe8jKfnEj76aY9hpXYeVXVD3kZT84kffTTHsNK7 +Dyq6oe8jKfnEj76aY9hpXYeVXVD3kZT84kffTTHsNK7Dyq6oe8jKfnEj76aY9hpX +YeVXVD3kZT84kffTTHsNK7Dyq6oe8jKfnEj76aY9hpXYi8r9Kbx8QkfUVUrkSuRF +VYkUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQErlfpTePiEj6iqquRC5EVVi +RQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFASuV+lN4+ISPqKqq5ELkRVWJFA +KAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUBK5X6U3j4hI+oqqrkQuRFVYkUAoB +QCgFAKAUAoDu2azXTIrtEsVkhOzJ895MeMw2N1OOKOwA/wC56CvCvXp4alKtWdox +V230RSc404ucnZItbUDhQ1f04xVzML5b7fIt8YJVL8Slh1yKk7DmWkgbgEgEp5tu +/u61zeW8Y5XmmJ+y0W1J8rqyfp/m3zNfh82w2JqeHB79LrmU5XVmzFAKAUAoBQCg +FAKAUAoCVyv0pvHxCR9RVVXIhciKqxIoBQCgFAKAUAoC/wDh44aLNq9CXf8AIM4j +xobKyhdttziFzx12CnOYENA7bglKtx7K4riTiirk0/BoUW5P/tK+n4W5+e6saDNs +5ll8vDhDfu+Xw7/kZYrh1zvh+1EtGpmKw3MzsdnlF95mMgImtslJSoFrfzyEqOxR +v1G5CRWu/wCSYPiPA1MBiX4NSasm/wCG/Nb9N11+bMWOc4fM6EsPUeiUl15X9f7l +m6gcSOOaoYTeNPtKbLeshyK/wnbeYgt620xEOp5HHHlr2SkJCiN9yObbqB1rnst4 +Wr5Vi6eNzGcadKDUr6k9Vt0klu7+xg4bLauDrRr4uSjCLve/O3KxX2G8B78qwuyM +5zJUC7PN/wA3j29oPNRl/wBapW3adO9KeXY/tGt5jf2gKFZRwlLVBc23Zv0S5erv +6IysRxRGM7UYXj3e1/Tt+tjW7UTCHtPMsmYrIvdsuqoh/wDE298Otn8letCxtspJ +6g+3oT3WW49Zlho4iMHG/SSs/wDK7PqdHhMSsXSVVRav0f65eZjNbEyhQCgFAKAU +AoBQCgJXK/Sm8fEJH1FVVciFyIqrEigFAKAUAoBQG+3DXwdCJpg1n+ZWxar5kcft +obDgAMKEtPmb8/mAupPMrck8ikpHL+sSvCliI63HsampmlJVnSi725+v+Pc1g1jO +K6capPNaQXqZElWl1bUqRDeUllqSlWykMq6KKRtsrfcE7gbjqfSpQp4qm6deKlF9 +GrmfKnHEU9FWN0+jNoOFvWnLdUcfuzeYORnpVmcYaTKab7Nb4WlZ3WB5vMOXvSAO +vdXyfirI8NldaDwqdp3dudrW5devW5884jwNHLKsPB5Svt2tbkdrRSSG9VNX1DYc +95incf8A1uV555Tby/Ar8L90eWbVbYLCPvF+6Nf+IviB1GvGXX7Aod2NqstumPQi +1CJbckpSSkl1zfmIPXzRsnY7EHvrseG+HcDQw1PGTjqnJJ3e6XovrzOpyPKcNDD0 +8VJapSSe/T0X15llcJOlWmGf474/bGfG7oxvGvbEhSO2CXEq2SkqTyIQrzkgdQ6n +nSQClW3WVJaeZva9bwleRT/FRw+XDQTO24zDDiscvrapdofIVsANu0YJVueZHMk9 +6vNWjdRPNU0qiqIjDYmGJi3HmuZSle5lCgFAKAUAoBQCgJXK/Sm8fEJH1FVVciFy +IqrEigFAKAUAoC0OGPTFnWTX3CNOJbXaw7rdEKnNdQXIjKVPvoBBBBLTTgBHcTXj +Wn4cHI8a9R0qUprmvfoeqHH7qQvQzh8mz7KtMe/5FJbsVrfSAHGOdCy68nbZSSlp +C+Uj8Ky2a0+DpeJVu+hy2V5cp4nxZ7239X/vf4Hi/W+OvNreCZ/sbXln5yIn+F2v +n3GsNc6PpL6HzbjypoqUPSX0M90flcmpmqy9/wAd3in/AIa61Ob074HBr8L90abO +61svwL7xl7o1I1nVz6sZav23eSf4zX0PJlbL6K/CvY+m5E9WW0H+FexkHDPq4/op +rJj+ZLfWi1KkIhXlsE7OQHVAO7gd5SNnEj/1Np36b1nVoeJBx6mbiqCxFJ0315ep +6j+EG0WhZvwwZDeIcZtc/E1t5DCU3tsEIPK/1HensFOq27twD6t61GCm41rPqc5l +MJYfEtP/ALbP6fK35njLW9OrFAKAUAoBQCgFASuV+lN4+ISPqKqq5ELkRVWJFAKA +UAoBQG4PgqITM3i7tQdbC1M2W4rQdt+QlASVbdx81Su/fvrExe9L5GLi1qpNenuX +54alc6KNI7dsUQlqvzoHPuFrT4iBuO/cJVvvvt55AA2NeOBjbUeWCgo6jzCrYmeb +OcHj/Y23Jxvtu/F/wuVxPFkNU6Xo/ofKP2kVPDq4f0l7xM20plcmoupqt/xXWOf4 +F1rMzp3weFX4X7o0HEFbTlmXvvCXujVvVxXPqflC/bdJB/jNdvlStgqS/CvY+ucO +vVlOGf4I+xiNbI3R7/XCK/f+BSTNvbJcfn6TByShR3JU7Z93kkjoduY+ckD/AG1p +dNq3x+pp3TtW1Luvc8Aa3RuBQCgFAKAUAoBQErlfpTePiEj6iqquRC5EVViRQCgF +AKAUBsFwDaiw9MOLrTjI7m8lqDJuarPJUsgJSma0uMlSie5KVvIUT6gn2b14Vlqp +tHnVWqDPSbwvWkM7POHa3ag2iKt+VgF0EuSlI3IgSEhp5W3f5rgjqPsSlR9VYmFl +pnbuY9CVpWPFetkZhsVwpvhm35H173o3+FyuT4jhrnT9H9D4z+1Wp4dbC+kveJmO +mcrkz3URW/4rkwf4FVgZhTvhsOvJ/Q5viatbKMsfeEvdGtmqSufUbJF+25Pn+M11 +uXK2EpryR9s4XerJcK/wR9jm0l04ver2pmM6ZY60tc/JLkzAbKU79klavPdP9FCO +daj6kpNZcpKKcmbyT0q57m8d2XWXRjgqzeDFUlluVYkYlbGCd1OeNJEXkG/eUsqc +WfybNa2itVRGFTWqZ4CVtTPFAKAUAoBQCgFASuV+lN4+ISPqKqq5ELkRVWJFAKAU +AoBQH0ham1JWhZSpJBBB2IPtFCD3p4H+JHFuL7h+FhzBUa4ZNareLHl9sk7KMxCm +y2JJT+03IQFE9AAvtE9wBOqrU3SldGDUh4cro8weODgVzThdy2XkGPwJd301uMhS +7ZdUILhgBSjyxJZH4Vp7kuHzXBsRsrmSnNo1lUVupk06imrdTWO15Df7GlxFlvlw +t6XiC4IslbQWR3b8pG+25qalGnVt4kU/VXMfF5ZgswaeLoxqW5aoqVvS6djmjZbl +UJ+RJiZNdmHpaguQ43NcSp5Q7ishW6j19dRLD0ZJKUE0uWy2PKrkuW14Qp1cPCUY +K0U4RaiuyTW3wOvGjXvJrw1Ehx512utyfDbbTaVvyJLyzsEpA3UtRJ7huSa9Eowj +ZbJGdSpU8PTVOlFRitkkrJLsktkj2T8G1wITtALevWTVmA2nPbzF7CDblbLNkiL6 +qCj3eMODYK2/AnzN91LFYOIra/ux5HhWq6tlyNSvCp8V9u1p1IhaQ4HdkTMTwV5x +UqSyvmZn3YgoWpJHRSGU7tpUO9S3tt0lJr3w1PQtT5s9aMNKuzRKss9xQCgFAKAU +AoBQErlfpTePiEj6iqquRC5EVViRQCgFAKAUAoDOdGdadQ9A89g6jaZ3xduu0LdC +goc7EplRHOw+33ONq2G4PcQFAhQCh5zgpqzKyipKzPZfhw8I1w9cSVlaxHPpNvxD +KJrPi0yyX1aDAnFQ2Ulh9z9W4lXd2bnKs77BKgOY6+ph5091ujDnSlDdHFql4Kfh +O1Jmu3ix2i84RLkK7Rf8nZiURlk/1DyHG0D+i2ED/qjiakfMKvNFa2jwLOikeYly ++atZrNjAglqM3FjqP5c6m1/8qv8Aa5dEW+0S7GxeCaAcIXBRjz2YxLXj+LBhBS/k +l+mByYs7dUIeeO6SodOzZCQrp5pNeUp1KrsebnKo7GjPGv4VF3ObXP0s4anp1us8 +tKo9xyl1CmJMtojZTcRB89lCh3uKCXD3BKO85NHDW3me9OhbeR5s1mmSKAUAoBQC +gFAKAUBK5X6U3j4hI+oqqrkQuRFVYkUAoBQCgFAKAUAoCycB4ktftLozcDT/AFjy +6yQmhsiFGuz3iqem3RgqLf8ADXlKnGXNFHCMuaM3uHH1xi3OKiJJ1+yZDbaOzBjq +aYWR071toSonp3k7/n1NV8Gn2I8KHYprK81zLO7mb1nGXXrIriobGXdZ7st4j2c7 +qlK/316JKPJF0kuRCVckUAoBQCgFAKAUAoBQErlfpTePiEj6iqquRC5EVViTkaZd +fcDLDS3Fq7koBJP7hVG1FXZDaW7PqREkxFBEqO6yojcBxBSSPb1qIzjP+F3IUk+T +D0SVGShUmK80HBugrQUhX+zfv7xSM4yuosKSfJnw20684GmW1LWo7BKQSSfyFTKS +irtkt2V2fT8WTFWG5MdxlZG4S4gpJHt2NRGcZK8XchSUt0zmg2q6XRa0Wy3Spamx +uoMMqcKR7Tyg7VWpVp0lepJL1diJTjD+J2Ou42tlxTTrakLSdlJUNiD7CKummros +mnyOVy3z2WRIdhSENHYhamiE9e7r3VVVIN6U1cqpxbsmcbLD0hwMx2VuOK32ShJU +T6+4VaUlFXbsWbSV2fT0SXHcSzIiutOKAIQtBSTudugNRGcZK6d0Qmnumc36FvH/ +AMTM/wDwX/2qnj0v5l80R4kO6OoQQdiNiO8eyvUuflWB3odkvVxYXJgWibJZa6rc +ZYWtKR+ZA2Hca8J16VNqM5JPzaPOVWEHaTS+J0iCklKgQR0II7q9eZc/KsSd5yx3 +pmGLg7aJqIp7n1R1hs/2iNq8FXpSloUlftdXPNVYN6VJX9To17noKAUAoCVyv0pv +HxCR9RVVXIhciKqxJaXDCvk14xJfskvf5dyue4oWrKK68l7o03EEtGW1X5L3RYvH +c722omPq9llH13K0nAUNGCqf+vojVcH1PEwtR/i+iNl8l0+sGrGkNvxG+jk57bGc +iykpBXFfDQ5HE+32EesEjcb71w2Fx1bKMyliaP8AM7rur7r+3ZnIUs3nl+NlVh0b +uu6vyNM9KsQvmnvEnjmL5HG7GbAuqUq5TuhxPKopcQfWlQ2IP59djuK+nZti6OY5 +HVr0HeMo/LyfmjvswxtLGZRUxNF3i4/pPzRYXFzaWsq4iMNx96R2Dd0ttugrd/8A +bDs59BV+7m3rTcH1Hg8lr1kruMpO3pCLNZw3ivDyqtXW+lyfyimXTqjqNH4asQss +PBtNBOtSlONOqYUWWYoQE7F1aUK3WvmJ5ld/Kokk1y2V5W+JsTUnjK9p7Wvu3e/J +XWy8u6NDllJ5/Xn49a0vPdu/ZXWy+qNY+InXvFtaLfZP0PhhtlzjFTs+XIQ2p0nl +2Syh1PnLb6knmA6gbAbHfvOG+H8Rkk6niVdUX/Cle3q0+T9L+p2GTZVXy2U/Eqao +vkle3q10fpcvjXiRzcIkBvf/AMtsv/NmuRyCnbiSUvxVP/0cxk9bVnko+c/qa58J +i+z4gcVX7PHv8k/XbcXR1ZNWX/n+uJ1XEk/DyurL/wA/1Isbi5e7TiJw1fst1u/z +z9aThCGnJa6/FL+iJquGqmvKq0vOX9KL91+12l6LWi03SLj7V2NxkrjqQuSWeQJT +zbghKt647h/h6OdVJ05T06Vflf6o5zI8Cs4qThr06Vflf6mJakRcI1+4e5mpz+Nt +wLk3apNyivrSkyGHI3Pzt9oACtCi0pPUbEEHYHbbZ5Y8Xw/nMcBGpeLkotdGpWs7 +dGr3/Iy8Hia+T5qsDqutSTXR6rWduj3Kq4Q9DcfzBEnUTNYDc6FDkeLW+E8N2nXU +gFbjif2gndICT0J5t+4V0PGGeVsJbBYV2k1eTXNLol2v1fobjifPJ4KSwlB2k1dv +ql0SM3yrjlxnGb05YcOwY3a1wVdgJQmiK2sJ3B7JsNq8zu2JI3HqHfWowvAdfFUl +WxVXTN72tqfxd1v39zFw3C+IxFNVK9TTJ72tf5u63Kq4jtb9MdW7HansawxcXIS7 +2k2fIZS2602AR2XMg/rQSd91dwHQAqO3Q8NZFj8nqzVeren0indN97Pl8OfwNvku +V43L6klWqXh0S6+e/ItfQbS7AtI9ME6yahQWZFydhC5c77Yc8SYUN2kNIPTtVgp6 +9+6gkbdd+fz/ADPGZxj/AN2YN2inp221Pq2+y38rK5oc2zfEZjjv3fhHtfTt1fVv +yX0udaFx8WORehEuWnsuPaHFhCpSZ6XXko3/ABFnkAPT9kL9Xeamf7PqsaWqnWTn +2tZfO/52MqfCldU7wqpy7Wsvnf6ERxWaL4hIxNvWPTyHHjIIZdntREhLEmO9sESE +JHQK3UjfYAEK3PUEnL4TznExxDyzGtvmk3zTXNN/B27ciOHc7qvE/u/FO73SvzTX +NP8AP2NSK+jndCgFASuV+lN4+ISPqKqq5ELkRVWJLK4bl9nrbiy/ZId+g5Wj4ijf +LKq8l7o57iqWjJ68vJe6LB423u2z6xHfus4H/GcrU8GR0YSovxfRGj4AqeLgar/H +9EWxrTqHftOtLMGynHpHLIi3KAHGiTySGjCe52lj1pI/uIBGxANc/k+W0swx1ehW +WzUvVPUrNfryOa4fwtHNszxOFrcnGXqnrjZrzX+ORkUGPg+tv8kdXLK6GbhZpCXU +rABcSAP1sV7b1gq3HsOxHRR3xJ/asm8bL6m8Zr4eUl+vXdGvr4zGcPSr5XXV4yXw +8pL16/J7o1+4zZrzWrdmmRnlNusWKOttaDspKhJkEEH2g11vB9Jfu+cJLZzf9MTu +OA5KvllRS3Wtr/6xMtwzjPlQEM2PVHFZAktBLb82KAlSgR+JbC9tjtsTynY7nZI6 +CtdjODYzbq4Gpt0T+kl9V8TBx/BTq3rZbVVnyT9lJX/NerOHi006wiPisDUbGrXH +gTJExtl/xZvsm5LbqFKC1IGwCwUjrsCeY779Nr8K4/FOvLB15NxSbV92mmla/b9I +8uCs6xVbFzy/ES1JJtX3aaaVr9t/7GYavJfu/ChFEAduGrTaZB5PO/Vp7EqUNvUB +1P5A1rspSo5+3Pa8pr4u5rMlxUafE0oVHa86i+O9l9PUoPhShS5Gt1lmR2lKbt7M +t99QB8xBjuNgn+04kfvrrOKZRWWVIPrZL5p+yO24zxEKGT1FJ2cnFL11J+yZmnFP +Lbka/wCK8jgUpmDb0LA/ZPjjytj+5QP761vDFNwymsn1cv6Uang+blkdeb/mn/TE +vvWS46UKTj8DVa2eNxps4sQlr5+yZeI/EspUCE7bDfqPbsOtcnk9HME6k8BKzSu+ +V2vK6OKyKpmdTxZ5bKzjG8uV2vK6e5g3FTd8lxLS+LjuGWqJDxqTywZy46SFR2+9 +DSUAbIbVtsVf2enN12nC9Cjisc62Jk3UW6v1fV36tdvj0NxwZPD5jmMquKm3VW8U ++r6u/Vrt8eh2uFq4s3jQdyxQZQblMPTYjhB6tuObrSr29zif7qpxPRdPNVWktnpf +y2+h58Y1Hg86VSovutRa80tn7GrencTB7DqCu2azWuR+jIgfjymB2qVNSE9Bv2RC ++igR09vsruswliq+EU8tl952ae26+Ox9HzOrjMTgFVyiSc3Zp7bp+u3IuPiD0p0l +xfSqBmOA44Yb06XFLT5lyXCphxta9uV1wgb7J9W9c5kGZ5hicfLD4ud0k9rRW6aX +NJHI8MZ9mWOzSeDxs7qKldWit00uaSLJ1VS/nPDAFY7zSue1QJiUN9StDRbW4Nva +kJUSPakjvrS5XFYHPP8A5tvvSXzul8zQ5Rio4DiPw8S7felHfu7pfPb5mjbbbjri +Wmm1LWtQSlKRuVE9wA9tfUG0ldn2RtRTbexvFn6l4dwpmx39zsZbNhiW9TZO57dX +InkHt2O/7kk+qvmGAh9rz7xqW6c2/hvufHMrxKzHiXXh94ucpfBXd/13NGq+pH2U +UAoCVyv0pvHxCR9RVVXIhciKqxJl2lGU27CdQbNlN2S8qJAdWtwMp5lkFtSRsCRv +1UPXWvzPDTxmEnQhzff1RpOIcBWzPLK2Ew9tckrX2XNPz7GTcQepmP6oZNbbvjqJ +iGYkHxZYkthCuftFK6AE9NlCsPI8uq5bRlTq2u3fb0RqeDMkxeRYSpRxjWqUrqzv +tZLsuxkGs2tWJ59ppY8RsrVwTMt0qM86X2UpRytx3G1bEKO/VY9XtrEynKK2Bxk6 +9RqzTW3m0/oazhjhnMMozatjMS46JqSVm295JrouiMS0T1guGlGQKecS9Jss7ZM6 +Kgjfp+FxAJA5x/vG49hGdm+VQzOlZbTXJ/R+RvOKeHIcQYXTBqNWP8Lf5p+T/J7+ +TmtWdYcfyvVOxZ9YLUubGs8RhtUW4t8iXHG3nV7EJUennp/eOoI6HHyzKqmGwM8L +UlZyb3XZpL6Gv4c4bxeAyetl2LnplOTeqLvZOMV1S32fw6llP8RuiGXCPcs0wNxy +4xkjl8Yt7MopI/ZQ4TuRud+oA6d1aeOQZjhbww9X7r7Nr5o5NcF8SZc5UsBiFofa +Uo/Fq3P0bKw1012e1XVEtFrgOwbJAc7dDbxHavPbFIWsJJCdkkgAE/iV1O4A3OTZ +KssvUm7ze23JLsdhwnwo+H1KtiJKVWWztyS52V7N3e7bS5LbvPaNcS/8iLE3h2ZW +x+4WpgKTGfY5VOtIUerakKIC0dTt1BA6bEbAY2bcPfbKrxFB2k+afJ+fkzXcT8ET +zTEPHZfNQqPmndJtdU1dp/DfntvfNlcTukOJQZK8DwlaJckBam48FmE24v8ArFp6 +9N/UlX/Wtd/x3HYmSWJqbLu3J/C/90c7DgbP8xqRWY4haV1cpTaX4U9vzRrtds4u +eUZ6M4yR3tJDs1qQ6G09ENoUnZCAfUlIAG536dSTua6ulg4YbC/ZqK2s18+rPqOH +yqngMueAwvJRaV+rae79W7v8izeIbWrE9UrNaLfjrdwQ5Bkrec8ZZSgcpRsNtlGt +PkeUVstqTlVturbHJcF8M5hkNerUxjjaSSWlt9fRGQYvxIYZc9Mxgmp8C5y3jFMF +51lpLiXmgNkL3KgQ4AB1270hW/sxcRkGIp4z7Tg2lvdX6PquXL/RrMy4LzKhm37w +yeUVG+pJtqz6rk1pfs7FVaZ6r3bSPJZU7Hlmfa5KuyfjP7tiS0lR5F7AnkWATseu +3MR1rd5jllPNKKjW2kuTW9n19UdnnmQUuIsJGnifuVFumt9La3XS6+V7J7F1TtfO +H3K3BeMrwFb1xCUhRk2tl5atvVz83nAf0tun91c9TyTNMMvDoVbR8m1+R8/p8JcV +ZevAweISh5Tkl8rbfC5g+t/EBZtRcbjYdjOPPwrdGfbfDsjlQoBCVJShDaCQlOyv +b3AdBWxyfI54Cs8RWleTTW3n1uzouFOEMVk2JljsbVUptNWV3zabbbs29u3xOjox +xE3fTGKMcu0Jd0sXOVttpXyvRSo7q7MnoUk7nlO3U7gjrv6ZtkNPMZeNB6Z/k/X+ +5k8UcG089l9pw89Fbr/LLtfqn5q+21ntazm+IfQCBK/lDAwVSLqVFztWrNGRJ5z3 +kuc3ed+/mrTPIc0nHwp1fu9tTt8v8HHvg7imtH7NUxC8Ps6knG3pb6FNax6433Vq +SzFXGFus0NZcjw0r5ype23aOK2HMrYkAbbAEgb7knoMqyallack7zfN/Rfrc77hr +hahw9Bz1a6sucrW27JdF36v8is63Z1QoBQErlfpTePiEj6iqquRC5FmcNmDaT6gX +7JrVqlBy15u14zdsihqx+6RoZ/1fCflutOdvGf5u0SylCSOXlJJPN3V51HKKvEpN +uNrG0d/4CNHoVutN7x20ap3wz8Pi5LFscO5MG4Xt58Q+aNDcctqGQWEyluOdmZKi +hA3DSuh8VWlyduf66nmqr6iweD70Tvd/jQns4yiCqVacUnrsLstCrrAXc703BfLz +gheKqQltaggNuKWHUEqBRtudeS6d/YOq0iNs3Abo2/YbPfrNl+V6lm7QIk+PBxGZ +CjSH4cq5TmU3DlkNLLLTEePGEhlQUUPurSpxtIFT40r2exPiu/Y5b34O3ErLk3jl +mkZxm2Hs4k7cokixLjIdyS9pucmOIMB9bSm0nxVlMko5HllKHCnmSQRCrtrsyPFd +jvv+Dz0ibauP6FynKskDDUuVMkxbrBYZxZbLUdz9G3HkYfS7NV2ziRyrYbUWVBJK +jyU8eXX/AGPFZPyvBwaJRLvZLeHdU5sW5X2/2t6bDc7dtrxKbPjRm1lq1uIbLnir +HO4FuLBUsiPyEKTHjyt06frmR4sitdPeAey5zkGPsxG8sm2Rep9+w7JJ9pmR5bFu +tsTsBFeTITH5Ata3VJLik8qthshB3FXlWaXwuWdVr5FlWjwcfD4cVxvK8izXLoDF +wxhm+TRIvUaI2orgRpCnUuuW8htlC3nEKKEyUpARzuIWeSqePO7SRXxZbpHB/o39 +H7a3jIuw1ZkJu+RX61TZMRkq8XYhzJ7MVZaatzyEh1MWPusPLWS9zIYWg7oePLe1 +v18R4rNcbjw0YXj+T3my5flzlkiSdTmNP8emiezKjoYbfH6RnyHuzbS63HZdi78o +a3W/1CQgpr18RtbdrnprbWxf0XgI4d4FryDJ9Qr7n2DwMdTN54F9vUFuRKiMS4TK +Lw24zDc/mjglOBDYaUVONpSl0g81efjTvZWZTxJdDr3bgM4cY2MWnJI2e5zFx28Y +jJyFrMZg/wBXNOcyExlOx/EEgNqDiXVNolLeShKwUo81SirTvbqPFlexXq+GLQLD +9RdWdP8AOnc3vC9NcHtuYtzLBkMFtib2kS2KkMpW5CcCkl+4KU04Nh2aEghRPNVv +ElJJrq7Ftcmk11LIzXwfWk+LO3FdmsOq+Tu2+LBdYs9suMdudcUPqIdltKk21pvs +I3KjtAz4yneQ1u62Ao1VV5Pt+viVVVvsdXFeAHQO6z76q/ap5DBh2qwWO8SI0Y9t +Os/jdgnXF9UtKoSGnk9pER2SI7ildmlxKylakEHXl0X6uHVl0Pq3+Dv0ojRcbbkZ +dk+XP3z9HInzcXuUJMOywpIcV+nX+2ZK1QCkIIR5qhyOhToPKkvHk/L9ch4rMeg8 +AlhjGbkDln1Dy+xqxvGLlYImPOxWJWRPz4qHLhIiPOtLQY0VaklSQhagl5sKWNis +28Z8tupPivkZQrwd2jTV0g22yZzkOZWt3IbfbJuU2q7wo9ujpkX1NvXAS34u8VzW +2lpcVzOISStKkIcSFctfHlbdW/0R4rJxfg2tFRkGKWZE7UgsX7GE3hU0yCY6pq0R +uVlbybSpqOyC+tSnAuRypb/WBkefUePKze36+JHjSsect5gptd4nWxK0LESS6wFI +eS6khKiNwtIAWOn4gNj3istbmQdKrEkrlfpTePiEj6iqquRC5EVViRQCgFAKAUAo +BQCgFAci3nltIZW8sttblCColKd+/YerfaqWBx1cCgFAKAUAoBQCgFAKAUBK5X6U +3j4hI+oqqrkQuRFVYkUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQErlfpTeP +iEj6iqquRC5EVViRQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFASuV+lN4+IS +PqKqq5ELkRVWJFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUBK5X6U3j4hI+o +qqrkQuRFVYkUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQH//2YkCVAQTAQoA +PhYhBKz0t4k9TQXI8YBpuue0pxZY42qTBQJeCqAIAhsDBQkB4TOABQsJCAcCBhUK +CQgLAgQWAgMBAh4BAheAAAoJEOe0pxZY42qTAeIP/3CYVjTSywP70MksVp8m+rfK +Jr193X8o4+50CVPurQgH9ozfYqQii81G0QstuzOg32JL4BTLLTSV9B28W8iE1U+I +TI5nN30bcaclRM6xJ/0jxWPXLCFvF1aYDfaBFeCquleXFAHQxvXdi0wlfdvj+OLa +61fuUEhejlQ4gAOUCwcrbsRjquvAm7zqwPSFK/XnzcMdbzJMZ9GSrw2fyu1x9FkQ +Tin+Zkru6bRER7pDNZGn1nCZp4CX4e7kBx+6BQ0Xu/rrZRLArpF32F8dzYVOB0LV +x9oTrWneRAEQ7OXF56h8KXKLkdQiiLVf8gVKF7GqtLRdxXaMA7haCppxlViaZC8D +zDRro/TNQ7lhFJtC4VQjxmS5V+9Ropo89fXrhi6W+U7ethbKSTcocZWNPzxk1Kib +w4UpHlNvWaueYqw4DiLt1OaWa3OSXjt2gvheNhuF2XrfivW7E0JWzftUqdsM25QZ +Sfw7daM8x7u9vuu/pLFDNzFbbzlIzJxL+yGfO+C0DjXBIbl33o0/i/o2fkJGWAni +re2xI9woSVk9SGnDVAK+XSIBUZtrJsSfYOqaMgNQT+WA8CD7HGvaHQLSsJsbIA5O +kOmzHnKl97Dx7wK7fBU1P0BwQozZlt3PaAM1vIo8gLtUelsxcUgfNY06gDTjM6ah +gSIRj1jOcYD8LFPes3dRiQJUBBMBCgA+AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4B +AheAFiEErPS3iT1NBcjxgGm657SnFljjapMFAl8F0z8FCQLcfT4ACgkQ57SnFljj +apPuDw/+OkKZwyV2rLiAl9reKS1lq1UR8wK7rd4G3jlMa5t/bY0lQLKhDMWQOyHJ +JQ2sA9U3Xgwz3TaTkcLjgSVOLj84JB50e/hEQH9gWnRinvNstDoth6Gx2WuEE4bG +QxbP+mgW4ut3en8TYDloYVEbs+N3znNq+w6QG1BM+xabVy+QjK+ow4PouGvyLzsB +N4hneIexyUJQe0HX2DGGReD+vp02HPPUhirlc5+GST8QDtpiAdTcqNClbxR7BYMN +7Y2md2Gx7xeHBvtoLt6Qgh7El9NLpB/vEZIYmzG45O8vg7/MradNwyx9Y6UbTPXt +t1sdhjlTW2gFXp//BUeJmfukoZhxChUEEkOpBRAVm3Mkpb79OvwZbvh5YZV0Bw70 +pZlJRie/Qm6Yh4x1KEmNwtN0Ac5VGWWZhsQuEecljBNXDi0+FEOs87nWdufFUPmx +lRUDZLawbAjwwqEMmLW/UOjW1oBlTkhmmA6cfL3jhS5UqDVDUxryodpQ3O8c6xuc +FJdo+81Em4e8o4uDvEc4Ogi5NW2Vk12Nu0yQAs9ZZ4AEpAuWVJ8zbaqIMrSssVRk +6FoJ43lkWIxvt3SA0wJJX9Dy5eoj8XsyfoNycLgk+75MGyN/1124kp9wErxwMIAD +emKm/RlGhA8jrKJrMmXuqidee5k9lIvSiEIX/32GQnr38kEB6RuJAlQEEwEKAD4C +GwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQSs9LeJPU0FyPGAabrntKcWWONq +kwUCX61/LwUJA4QpMAAKCRDntKcWWONqk3WlD/0SpFFyRQxDLsPM0OsjPK93MHTI +GU7HH9UrPAPohadtqzyZlKZJ7MwSM9sj0in6Z8nusfh00R+rYXdFyX1rVVbZlV59 +qS9bxbGeh6YBV8/eQgn5WPUh2Tx5w+cvfhJuPn1Mk9ZzbDN8CylaGXBVcC7b1hQ4 +9XSelvzMHRCHzb7Zbkvwi9W2sjX46r2uS8zuTcbnBa+YrN/QC5w/6Wvcr9swcXCo +MwweU3l8G3g97i3u158fQyI/hiIqIYZeM080/PTYFzFKG2YawpyqaQjTmQYAQMa8 +VHsS/45XAeajE+yUfPu5trhoHGODPjFxAvji3TmPYmbJatM/mL1kQXc/atggf+e8 +PZhV3Z0hK54NYAP7l8plrc4H3B8tTe4TBC7FT4rp8R87xiwq9atpuMkAs2AuZeOR +c8umEZ75moLQpSJrVQH0cI+25cZwWf3KB3bTeqJkK6LsK1FcLd/3aNKgcsbHYuIx +zJpfHJ85m6OtuXjnj/pVfzbI1sBVJZjC4zGTn5sPFFnHRdp0KiTiQz180X1h+/Pk +5EmEyIJLYV/Fe1tZdFr5KTdnZWhgZ6h8qIS7z+/9Qrn9MRA3+5DEsEnsXnYPcrZH +v21s+59lrGNzLMpDMQOgAVLo7vcQMl1IVbBpoBBrsr3l671yAMIlssApPwcoJlWV +xcuumkwjV4NRmKLgf4kCVAQTAQoAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIX +gBYhBKz0t4k9TQXI8YBpuue0pxZY42qTBQJezog/BQkCpTI+AAoJEOe0pxZY42qT +XV8P/2ASOHoji62479LkNKXecddWa9vNIw+ube1OohWIY6LI/18OSdFpoOFEn6fN +8U8rl5j4ZKQCMdvPgp7iO84DPi5QCyLIMWFyLxjo6N+VNWUNTh5BRZNSKjkjZnVT +iaFCpuHlXJuKE3ZyLPxDEfjJEVw+wd0HNY5gpok/RHJyJ18ILnjCL+RyCFS0Hd7t +ogCQ3Ok1aNtICKV4TryfrvoTjEqNphc2fkAYUZRW78hr9k5mmXJrVc30bhIArcCx +bMJcO4CPN++O5rblorsz8IsbpM3nw8P3cY+p6QNVB1wVZYZ+uBTCxvcG2oG6zo/l +om8tS4a7bqw3XiiGFRewsSb/hu9eMDosUO5pBZqzfC3cHkvcTXMF6f7Gbktpu1ok +GzWVs+j6JY+DTY1UraF05UzJelsosTeFimjN0lWknD8rlGipxg+yq3iThYb7n72r +/iG6r66k3kGw4BPUnL2m15SLbyzj60Oe+jdWADAcjkbkBreHNW+omFY9dcAw05Fg +SZqyBQNVpG5UfwGLl7oRm3+g066Y8DE83CFmmdTHN47MG1uSn6cGtraLkNt+n2A+ +xtbB5wpSMuIAl77l8kzW+515Gzgn6Klzz9oLK0kboZe3d8LkZQC/m6B+zo4uYoxB +ZD2oGg3Fgxyj2GQOkFbc8ml0Dg1sOkTz34ULidrUHvSbeKdqiQJUBBMBCgA+AhsD +BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEErPS3iT1NBcjxgGm657SnFljjapMF +AmRBSZMFCQgX85UACgkQ57SnFljjapP7lg//ThHWXIijKazveBF0RxHjv/fDC4zP +UVImr9SyTgHLqdgIOnzEKJIAaMDjLCnFBhLIqCnHkRkxnX6L1AFA97YyIeAtFckK +1atU1rvIPtudxeGLArEOy0CyRCyHXlyPPEC2aGMKATk2yg/soUPMglFJba4raVV+ +TjbRqaU5bVcPFdqpdcJICjhDLRFrz1hJ/yuVxh3paPrQFtJ1sfTZltnGJ25km6zz +oLEGulJ4RxGt3HUundbX8Cd7/xX787TvRI2nr18aBpEGPBZw/MwheDXwkvQmuoHj +XKHYIzp90YPaO+b3KPj3E3r7PjXKFWLS/f6vhsDCAu3nDw8oFm8vaXg5KbtiEOkP +Pqvde81T+24W4Ij/DXHuIRrHIrjtHppaz2xDBaydZ/txv5LfRt0kEQESDP1DKFRh ++thFMTY4o0otdIseeVlJEutYyd8/Y2VmEDriUg6YojzZG5T6jMdBNCY4fT3sIZ/n +MwhfGpCcd0vQ73cJHMyNh4sgNPNBGJvIOKKDZ2nWF20pYPHWYI91ooBA9HDU4Rhn +conkM34jlBq6YcJHBlBc8HWTJUw8iLKrWA12ZjZiteVo+Ppu6WdfV9kRrDNIYb71 +Yi4VoDwQE3+nWA/Jrs1/94HS3AVbKlsBDrT/CGE4c6VQovBJs+dlLcEvJV24bkQm +wMLUB4QFGO2mxo65Ag0EXgqJeAEQAJTEnV7lVVhqtH5rE0shRX4Di2GCAMBdxEec +ECgRSqNoikXb9viltYKi9dSM6OGYnVRG+8HI5KA4x4xz+bl+RznOHJa1+DYEOCP9 +bsAGVj9PjUbvhEsgwdzhDGHL/vQDlDDW1GqXU6b7RwHWuaT0FNAN3d5a+DYfMvmz +Z7dtqJXT1uCHYDaKdo54DgPH/fRII93Vmk/6y5zuItGr3iaU8adhTDCNOFXd2Unu +v09jxC0yBS00tPcbNWZ31YfAYF2bvDygN4a/R5+WlT/aE76prvbspO7Zhlbi9Hx3 +g+7RciKkxN14MIUeiTztDf26wokyFch5GHdoxDZjRlj1gPj19gEsfDf4hLJOido/ +yfoK5RRjiJli2D1aOug2N7FRmvsy1UG+Y6h57INGSaOlzas1g9cmwDfGtVahMfVM +Hvodw9pX5rkACQ9FocBpzGj1BIdoTGj1Z80vgloJkm+JCDWYrr4tAwDW7m6/NRQ6 +0dqSX1H2dMu2akP6GpU/KERzurzI8bqLrCxQpsTGQ7YUD0y3amzX7bZFAZo4cRm2 +9AQHsqEE2K5GeGPL00EYf2RlNNncOIiq4EZalMihSaCAjRuE+a8SDKFKbG5EWGjB +p4jGsSLQoeolSVVB6UEVxcvCrIoMCLhkHP47NNtKOg/zVcR4y2Xud9QaRCdhaur+ +IUUOI6jdABEBAAGJAjwEGAEKACYWIQSs9LeJPU0FyPGAabrntKcWWONqkwUCXgqJ +eAIbIAUJAeEzgAAKCRDntKcWWONqk4QyEACArki2TQkAYM+H0zWSfScRd6hMRrin +s/yhoJdMoT360m8BIB2Qwoh8i1X9wly/ZfvC1ynKExCz33cm65f3wX5WpvJNZqkv +dYMHi2JhmkZnhTy31NUhJNZIAWSRx6XLlyh5oWwnOLRrbRL8fjXKL45wB3Uk8zbC +9AyVbEp9d+5zS9CWpHbYHAmWyhjio28X+Zt9D+MKvaDmU49dnwbWkHMwJSI4ucuM +a7JioyTl4mzQIlkRbwttimvTfiIsm2FbOEdomsbMjGHmyOhl7faYDqZa7COiO5// +ffyPX6TBhpelSKlLqerzIQTvj3/vLAEFdusl6vvqSftm5oDqs3ukTmTq2CXBhjsf +dvYyhexnrz7/gxuP4qmRdqmGd0Uoh7b9hevuMV4oO/j+PWh8QitoraYkBO94cn3n +IAq8e2UM/N9HEHKVdVq6OEKt1NEimQUPdnxeC3XCWpaJqEsXNlogFOJQ76ANA82f +54XNIzVD62JHCo/8b9AxjOB6ot50oMWV7Ysm8txIIFm4bn056fqu78/x2vZsFOT+ +sDnCUTn0B89+6cnNqnjnDAQO/28FydXxF5AtBKxE+Vyxb3yVpxYRCgIFmiswzsik +PLaNT89FVOGELB5JHfopobmZBdZQ4osLnBA11T6bunalFYUj0TvdWc72fiS4P8ZY +tBEy/BoaZMYKN4kCPAQYAQoAJgIbIBYhBKz0t4k9TQXI8YBpuue0pxZY42qTBQJe +zohGBQkCpTJOAAoJEOe0pxZY42qTnOUP/07EGSkpTxSlXtdrjtRxrNZ2L4cZU/d0 +5uMPj4zYERpBVhLfs3d4YgSOOXItXjQQ03wJtMBSvSOYctR9/3BOVvik7w7RFZ/k +MHqk5yuOAJVF4TjisKRPkW85kKxaiNJU9wwbGQLHnDg0Dfw02M3TI++vsl9TEN/Y +uD9V02mAW6IO/BJnf87Gd95qcmYoFVClSShUv98ILQciOrg+nvQBmYVsP+TBDvEw +4xMJI6BC3BDDZ3dsRlp86o55DOfT1H4Cc3bgOb6WIzTosYLpmtaxjajzLrUXtKwG +mJvPcghubhIetFOD9dugHqpd7slG+xDJ69xW1oz6fsrgElZLgxqFUopjFMy19JTF +QGZHUSIzsGZDWoFyMwxD96FAcPzMISPHx64ipl+Kcq46g4zHHWWARJBVnogZmUDH +2+DMRIR/UAZ+SG/WTOIQtX/VWnrWgnDe5AM4atwH+0v48A8OUD+orwweghlTBOPE +kMD1MwhjxVrxTDPs60zmGqapYT4zC5h+5QWhlZxp0gaJGP6sVIxHooJF3g67qX1g +f1wGMox0t71s+LzXOVGwavl0rWzcv1IsDRjIf6rnexIjoskat05Yg8MDYR+AtTiw +8BfS6GRADaUrPqTsri6ELBUolyiNtH3Tel9mOxbvsQZ2ChFaJx1ykG5H0NehgoIk +hSuZUgs0H2aXiQI8BBgBCgAmAhsgFiEErPS3iT1NBcjxgGm657SnFljjapMFAmDJ +OlAFCQSf5FgACgkQ57SnFljjapN+HQ/8DMR2tpAgZWPVkeswCPqlJxNTgnS+FHdc +/Fz6hy/0PAL2tGPlPPSPINHVTRsF4YSdwrySJjJyz1QZmYsIspfGN53mgcNriyGi +l8EOp70afc9wFywO448zNG6zcvOcrL5QlBY8pu2FryZ+mlL3kxOvoD2eGBH5umy1 +vpokP96B5Xhyuvn5CBh5iFZWUg09dOeiQxqIC8NsJBWkzSm4/e2qDostfisIkB7Y +dDFvCsJWaWZ8HaOz+1iPrut9Gy2pd7yDZ93QCgeQi7INI8XpOticy9VRrV+JDarE +t7mK1Ng7tJGHrU0tX+q2KpFihZ6abFRt0Hkdq3Jk2TxDsRLHk7a/N9nUcY+dh4z8 +ScLwpzpuBfB5MxcxE8cIJ5qXO3PS1qyIW4V+ToGSqjVEonFegyAiipslh5J2WE65 +MfIjP48NfwEUvxaTsFyXDZby5XPvtTdlz0m5IUCOmYKq4HU5MaXXvyNMBpRWR7g0 +FDG6kOEHMDnDchVbdv+DdOG8j3g7EnacKXLT75OXYPDVs8shnLpYzDhbVl7ue0g7 +u5zpKoF5UBBS3+BSrDkM0cbX59BHyDctlcaOU7O80tijOqIcNeZS6hCk5btvxZzh +zLUbrzPfQDQitnT7t35zB3hX/nZwl4dlxEVfDo8ewES3hU6tosUNkSLdCwjzNW7A +5iJpPVh13h6JAjwEGAEKACYCGyAWIQSs9LeJPU0FyPGAabrntKcWWONqkwUCYmAT +cgUJBja9egAKCRDntKcWWONqkzw5D/46wie5/Aveir90sxnZYglN3bNrFCHCaLZC +IYae0D+nvc7NDntrmsIgdloPXDzIDX560yaWw9TnDRdxY9WNOEQcYMM8vsEsCMSr +oMCtzDXuz2DySgoflJY7cNHVROSSypcxH8yzBC9cZ1+SJ7eTsem56xOM+GqEBlLf +n/Fmp39nod1tK0R8sf7dwGVzrdSClzZ1Drq7txN/iGEXoMw/3ItxNOs0OkaWBL3u +sW7h/oadtFo+dJaIr3SYeGpMji4gSna91FZQuMBU9F9EDGqnO2PIvD6jsQimNvwf +KeJn82aJKcnmy5BmBHRd9gBYUHxwFzVyvkB3ofe/vnhNdm2qYFUDfRUBxDZqxq4Y +h5N0Aytrxpl8pYkDQ1D7PnB6XazXOXPPFfViiRXpnvoEFgWjNJxwABAL5IdMu6RG +lkn2uqTxm7yJhOTRrjkvnnQZ/vcegAfl+Q6qEMbYbI7luosPPLCWSHjssJrlAhBX +ft6eqKX3iSHgNMJm9ASIG+2dJk3qttovsnwpG6CVsJYVbcXU98GmzGOZNJohZjB8 +pdS2n9sFubvotw0ZoeeHC52HCv67J6KozUmW3kLeulvomihoFcZeuxgeK9ZQadYn +5U7KUAUJo7czSMepzp3kevtO1B9+82VxB4bRQCBit4Pv9e2PmWEZYU2fRwgu9TNy +dcrpmufXXbkCDQReCol4ARAAjM2gGfZhoYbzNU8LTAdCgvaL3DiLV8XNjZAkeVOz +Rc8lN2reo+sg8+agsvSwE6gmL6gE5G4Q5QrlMvQGnK7XTsFkYI4/k7tyrBorK3Yp +L/QMspSwV+lJMRAWVL0dvjCI/zTBXDWqT1kWBJHhuQfO9sY48O7Qxc1n6W+uGZCe +DbnBDHA1c/HF9z1AOhNLYyIxmfK6syY4GEWvV59nMmpWhpkPa9XXajH0kW7RlrS0 +1tzvgZC0iB++EtPHCxmXtxvUG43ikxTqyEMkBY4zJNBZcfDdxEkuT7kqSJO6ivEs +AyxdYljlKuvQJOW5GQQKlvVzzxhGoMSnNujpGv7sLJUzCCoVTuDbQZJpeC5/Yos0 +rPNxcGQnxQtgzYgoriNorXRg4Pw3jGkT/MgKNdPgQ2QuLIrcXvcDQhIWmGXgE5/E +d21JVj55ZLhf2Sz92pWuIwF26xseK8HLsjxMBM4EryLtjKRWOVQ7t/MqUbrgWMkL +VxfVdUniLmyMooYhWts/ntT7O9l22cIiFja1aFhLDlmtpHbGujgL6BsyTjTg9g3B +2v5qBwrQkS2rYDZBqTkrduwLn5I5xdA/7I8Suc+Y3vnQYpjvl8KSZ6gYRhFXyGw9 +LR9HtXf+q4O72WbTZazC2b3oKX++ecI10mbx8x5T/pX/2gxQkyA+mrduf98v8vj5 +OVkAEQEAAYkCPAQYAQoAJhYhBKz0t4k9TQXI8YBpuue0pxZY42qTBQJeCol4AhsM +BQkB4TOAAAoJEOe0pxZY42qTydMP/i7LuVW/UGDqusW1fgdOcWLPOMy7wYnoPV4m +vU5IgC0Am7OEupdrd83S9h74yc9gKFKPTnQ5w0D8kyEnkKrkHu5q9+W8ZN6Kk8xU +kCW9E3T5YbY2/UAbxjkY6E1ovcGi74Ggc1OaVq+aZSRTiGmkMzjXPHP3hxbyG30S +JSwB3ckBl+JIaHEI+7o/z4BWQrrhqsTA+GZfHK0R4iFkkKdB43bLNUwQzbaTEbln +FZpr6aq1lqX8rSFht6gC+a5MxZ1oMyEgPm11sxLDNkqu8HJu1Wn9YRZlA4L1oQDG +ohT51+ggQvv+cbXrawLdFE8VEzcvvj4gKZaWxaV90HnuJfkDdbqyuCmYfZwrniui +5cU6cQ8+a9EwBSla7V5W8iCTGfEmjcrD4sp8VzHMpc1jn21KJkmJwl2k9XOIfm2K +QRGR1F8ZRRtGBExMsxiTH8vLEHx6cSxumpdbMbCRUd0T2q7bGrSyZVEnew3Ut4X1 +IR7fsLzHQnvMlf1Frs2rACp1Qq7KXnL3GCjn2gKy8RuYux8n6z1mh5vKd52m/S4C +pSvEX3k7XVDnd4HqWo0A4I193LcJ6rbdz8/FWYuH2x3N4lDWOevdIP1evTHA3csI +H1C3LNfUKxSyPToqCkKV+jZCWhA739eSNvLpRGwF36xA8l8pnr4RpNDduQg61IC/ +gA9E8V3oiQI8BBgBCgAmAhsMFiEErPS3iT1NBcjxgGm657SnFljjapMFAl7OiEsF +CQKlMlMACgkQ57SnFljjapM18A/+OekzdOQYn5u2a1Atee+lRR1yavcsx2duRcbY +mx4H91VU2MfkLueV83PfhIWH7+dFTa36PDydV2OusF54JejlDjvXWOE4kmSGdgzd +HPN00QjSKJ1rtQDHSuVB1HI7xSWLHyhKSj+uB6D7SnZjXuTLz86NKhH4TQteK7f4 +eP65dH18/mFievd+UXN8Odrtfzz515DUnPKaAvMmgg5jSfSSAvbjJ6OVX+F0qvcJ +xSE22G+kYk3ujczs1HbHIczsA+GQ83AH7UVSk97eh2wvizXJW+N2Xm3QLHe2SId3 ++1aIgJbnt+qZoeOrX2mhvBeVFkgbFuO3K/xJ4JOItKmfzJrPUMIJoL7gROuF3ba5 +QrEOG7B10S4gfukBdLT336sPao8Ugq0f/rBiW5/aeRh2D6EkOfBS+xQnGXgUqsXr +IdbrToI9mgp0591GxaUm09ltMoQILZ4UQu0hyRtZDoBSSa8PEiBNb2TYEDy1bHwY +fswVj/XAf7feyijO8kG4KDm8UnG8jIG+9ail+6uiL7Py+8yqOX0YPm6J7+R205Yi +2t6eKfDZYPt6rglAWjogMkzY1sBfe7FzO3eG/JsgqAiaiFvC/YmEmky6KXngNM6L +2S8M2NR/hKO5Fy3TKwQxvczDMzAIwTl/O7cIf14pckQ5VuIWGXS0AUDkBjx100YR +25qGWpCJAjwEGAEKACYCGwwWIQSs9LeJPU0FyPGAabrntKcWWONqkwUCYMk6VgUJ +BJ/kWAAKCRDntKcWWONqk8dVD/99qVwJXF/tielXZNLxav/U/6jlopm5xVVe2xis +pI1/tIh/om8Oq0n56INu0SgqdqLsIHTeURxlzMYsMFjunKneq4JxCaQ2wYFRTjud +af2/t2mGOBSiXwqKmJBie63ck/8OU5d2nYp06pRcDpS1gG7TAl9tzcG1YdloF5kp +pOnD+0fbsnruhasA8rb4Q/ti6Jp7D9uTPAwYFwI/zgOD55Qx2rX2SQFhd5jbRd88 +tD8L/z2rKBW7uEz9GPtmcooLL1y44920gZcOF/e1YpbuAWyoS21jA2pYgVRXFpoT +3eDjXMoiKTUlvfwhSx/DCRsY40tbTVSqokYree8VPHoEkZBGPKJ4anqqZrzGOsGL +tH4wBNWjJjc6HBZYa13qQRJlePqY1oV1RXEw/9wyxEXgFgz00zwa95xSzYW+C85I +BY26IfsYn7rkrCMl0FVvKHXf7t4FV/eknxyCp1Z6P9g6a3sMikqRvkWO6/6WGP4l +PI/+HG5A2gh9BR6XZPwYDRK/k19g7xR87664EewvyeKsfGY1jULHKzHPkdWLs12h +dHsFE5b06DpZKpSXYxd+NtdQ/ghxDEHb5YQOsHEgahnn3w1yoW41y1ayUAEmH7wz +HbR1IFBo6abJInxdhBo0TZZD+dFcqDvOKMMLmUKuLHulliGMCDglBZSoBmOVWOq/ +wjtFmokCPAQYAQoAJgIbDBYhBKz0t4k9TQXI8YBpuue0pxZY42qTBQJiYBN5BQkG +Nr16AAoJEOe0pxZY42qTS7QP/irmTexqwxwgT1s4tWDOWb3x+rASpoORbn8/xI/t +dik+2MOTrT4DnoYS3kURhhoqYHNKNW/4w8wlGc1wtGK3xCI78qTT9jzXMssIPoTW +Ph9KlmIeDCUe0AtcA5jKdPUo0TJweR8MWC7UM0b4qeDQmP8kPF5QvHfCmxe4K5F5 +lfeMx3qVT+SgcePFIf4JfsYij5cJ99T8XAbKDZ6jMrV/VdJ2J3FyMpZDyn4k+PKJ +5STu/ZRIC4jEwyqGSDcX0FZwy/Oi7kcY998FqPZxnFuz/lGab16J3QW0zXuRpsRb +FECCLAQJo+/VmDeo6uTb3oUzlZHVUT6RlFdiVDrQdKQBKORGMAQoDuk3GPaLInW9 +Jjhu9ROmg2GZZ0lsxO2AaJ+8FVVe2uV6DvJbKec6NEEQL5shiE0rXp7hF8EXYsC9 +ZydK6mxiGtSxkzIlYTRoH+k75MN+HNRMt7j1MHsXHLRCIW/rjt1s6JEbcp4RwCmM +WLNiVwgRmmn0V9B1p98Vzxs4eSyHJf0d54gLbG6EM7qOj/IwaDpS8R98mXDzgTcA +JYK3I1PIioWdXm/oaPZhN6jsAO9/P9w8J7qJL0CpVSKshFS7tEdjPvo/R4duqA9Z +yDDJdxw/8h833xsRHXHUkGHVgWLvzv51kdSubIQ6YXNo5mVQC52vP0jEiByO9mCg +g4LPiQI8BBgBCgAmAhsMFiEErPS3iT1NBcjxgGm657SnFljjapMFAmSVt4AFCQhs +YYgACgkQ57SnFljjapPZ5A//SBCl9CL+oI3lXRNlUv3cyS+/vBHA7n1bR67I6QfE +/J+NzPzBLdYa5H3W2EJOOno4IjhslktWwEDxpSMWMm7ORi5q5wTqqDklGynGuO3H +3ARcBmxmyd83IXUe/zgWw/69m1gotAZJFtO3YI8h4Ip+rtf8Qnj0//VulTnJ2rjg +/zluakmMc3uAhTrm7GHfCpGduGQZT54xHXXiL+hvo0e/ZajutU1XcsxVZN4tLDtT +WhjFJVVqqVlJ7q4NI/NvTZxQEDfwQ/VABHQ5XeIwfhquPcLdhFh+MVbjOhw8AHXw +QBtfY/OHP563V3D2RgOl9BQ7XJizcHYZHT38zOy8o3QF9IOd2RSP0dSM8IDgqJ+d +fNpjYSPfj56X1kdbJGwxPL07oAXXRIv0nN/03mXJSG4i/v0FsNetK4b/PcS+eahE +y2jI2ZqviU1aHgkRFS+5UPA0yQUUFuarr3t2B134cXdiXmjxPnECqeeyx2sWtio6 +DPb7X0kjp9Fl5NEuiICsJZ+ZIFGYW0CErd0s0jw0LeMBkD/TBDIOTL5w42AwTEYq +2jYtuQPqEQ4X7mYyd1cuaq7+DIaNeuWkrycnSOfJ6+E6uyofYtVuzuBaCKsJOCo9 +9MrXAnZQNhpqHXPlWZp7noWeTp6mPCO+ga8v8vc3aM8Y32V/G+ggnNNA6ncBcrEb +0C4= +=hQfb +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_B5690EEEBB952194.asc b/git_signing_keys/keys/key_B5690EEEBB952194.asc new file mode 100644 index 00000000..dc77d7ee --- /dev/null +++ b/git_signing_keys/keys/key_B5690EEEBB952194.asc @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGWmxXYBEACyN+4viFQM6QQoKr0A2W0rGdMobTJwOZso2QPpewbyBsuL3rNW +5OmHrWwXAhPKNqUIyOzdq8MoSxoTTuqLksoahixEL/X2nyhOBxR9GkYz/oI9R3nY +cLRaFQoSJoVfOt61opkLUzbWAehpbgT8EKln8JsENq0+0nDlWQi0h2Q9oGmqlgVz +skwmVZ8Leyv4Mg7hN6swyZ7moZfkkpD5+U7Z2XVurCzkSSfg4zb2lMRLJos2eCAc +749ECsX0t7OBftF+YqgjIXixXsm2RrUqvU47OkOtZeAhvAYenbC3pr9Fha5NxoBU +Ea+11MK9W6OcRhwvxVCUrMUR6FTSZyC//VpXTTtrRlOqpU5wGMbP3zpn9geqOXCl +8rF7+1gAPG/o+QFQTBsVEruwi4JWogiQuQyOwAIlFe/7dvaxWZGpv/yW2+L3guL7 +xaHKFVGsayhlitQQ5Xa+P1iSgKSXDyReCbWotfqAempPySI25LHh3ScXI6NgdHSr +SBaFojwAfgxbPTEQ6adIsKHCQofrnLrNa3UOeGDGiOOK0aYV3jiEDGAouatkNf2q +85Eosj1f9laCqAH3YLJD7dcSne1iChK5qRTByMvIyeSD0NbNnVMFOGpXySyWtKb2 +ldpu8AWBQJsJs9FmYBcWAGBA2pp+IxaCn6rBIHIsUVFRN8OVZKsEsBkWywARAQAB +tBtHaXRIdWIgPG5vcmVwbHlAZ2l0aHViLmNvbT6JAk4EEwEKADgWIQSWhHmhr/kn +430aVmu1aQ7uu5UhlAUCZabFdgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAK +CRC1aQ7uu5UhlIMuEAClvVwC+Neoiq0AdixJZsagKHpx1QrMJWrtMRi4eXVTTaeX ++P1unhC/AmSO4Xxd3uRoejHvfWh4F0gitUJ8XKgiejnmuGcq7Dbt5OoO1JuXGlW2 +BQ+MiGoYVw2B0sOhWDNrIBWOO/WL4LykcGnAtrRXwoS0Wx4MCydztXQY5lcnCWaW +8rvu7WmduoOikH4HI97rqN5896dc4iBKSx8LZf+46DRCCD/5SfACplBz4hs5zen8 +TL8zd+zxjFrXbzota0jSDEGK9WGO4z55S2xScC6zv6v3Bj1OR8Bs5aodGtmamHZ7 +sE9w0RJoCfNx+9cR/rE82SrOaBpVU7urLe4lg7zaaNhqDdNV8ymuXGmIJarDgrme +iB5bHS+dLFzLUkTgot4RFlPa9bFiJuJN6Tc9tMu5RJQ9l/zKmxDHIKWsAle5R65u +zEq04LugTQBdEorGxfQCsF2ga9ncKTDMiAThWTvZpOP3NJ/athZRmOBpG4B9iR6r +pRU8F/+MokG4fIMwnvtOhWQFiEzdTkJ7U5JAkPtTAmT3/mznwtPEU7DrFWSGAdqg +IMOlxNCBeGvjwLR0qGH7cB9qHDGNoDLkjaUFpu5tPv4/ivkQaHlHJxjT0ILM6jet +CAzKpKh48rm65tmrJX6KVpj0r2kKMscFf7s7XaPlCNCFds/YA+0puPbzJKWKfA== +=NRlX +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_B65BFE540DEF86C0.asc b/git_signing_keys/keys/key_B65BFE540DEF86C0.asc new file mode 100644 index 00000000..4bb0d0c8 --- /dev/null +++ b/git_signing_keys/keys/key_B65BFE540DEF86C0.asc @@ -0,0 +1,472 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBEyNK10BEACl4642TKimqqnfWHZFCpMSGW5F7cQ0PoIi6OfhHHLSBp9Un6NZ +dBN0jjo1Waa25OimEUU+jHi3FBu2hRAu1ZYj6uuWyarUy3ZthW1KXj29ABRZhJ7X +2DlrLt+fq3RoJkRIe41f313odqGICnN6N3wu5hpRmiQiODnLoYHPv7wjTMUNsXJ2 +BtWhFazZGxejevz7qbJH+X2QAcYiD+ymJRUk+voZJuaACCPyN8v/2DxCCbgc3WC5 +drMlS776jPYV8UeEenL5C1EUu7av5aBV//eSKm8BQZKNKuiYkKIn7UFQkbEDIhQO +HpOiV8Fw+3V7uXWfdApKF0xRp2i4Y1DrT7L+52Y13u+s+RRzIf2YKI6sNYaOU+lR +AYl/XWV7+xxKbrOqxktAbuqV9AzMwwDrHJif6kgwkfdt+2hlqvXBsbo6tfaYLAQD +d/rck8in/rgICrfMs1Mv86BWZq996qeV3YA9NUBoS6lsGhc1Zzrfe/xX41gckAHk +tn3RLSABVO8Vga71r0/pkOeYDfMWh1G0hZnKhGK+jV7LisroCTBqMu3h8BY8Um0E +/9ZqSGjVoNnOgJhW81L+96U3TxgYUP3xeUvjpYGLXx7w15GW5KlGwGVrnjYOrFmf +ioIp3uNTRpevlkbPvUnQyX3+8alotZdXxmE7DWLJdVYZiXbCs77YVJh12wARAQAB +tCdUcmFtbWVsbCBIdWRzb24gPGh1ZHNvbkBvc3Jlc2VhcmNoLm5ldD6JAlUEEwEK +AD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAFiEEpsdONBBUoWnOUr5ftlv+ +VA3vhsAFAl/KIoAFCRUeKpwACgkQtlv+VA3vhsAUfw//X01bslVPtrXKTEdgG9QB +eZ+L+TNfcTvo4Rcmabn09W33LHAXR++HG6V6T02heG5WvArOwBrvSmM5M+qICuwF +0gT5cQm270PHg4ivOB5qKFQq/34vjJ7pVJc1S1gi44YOwy+fIfSZJ1VXCUobblEq +G60Yux9AVy1/wlUBnvniJDACpDFGgK+0yKATw6Wv31JFtdR+ZTEQSs5DmZEZs0xc +1N4q44xZXK3StoBxC2VUztwj5V89Y3T26XI4AKQuoQXmHpEfCcJckN4w1R+NP3Bc +J77cVHhUYR6obCOZfomYfuMq0Ot+8Qvoz1KuuNvbzIs+y3r1CLB90EwjLwbHkTH8 +hgT7WQvnxKTp5ZaRBFqe8MNwD6vdC3K3pb7D8HSNzEGsDStmh1C1dxFnZKOayy8A +JWBmo0QTbI2f0Qx3bvSafb6FsvXOMhuexauZSoL0jGvSyYAPG2p2/KmwJjSZnSSa +olNmhj5Fz4pXJ0v5uS79F6pGDJIFG+2Ofk72tiX2gUqYzg411cZsgvfppiWAIFdL +DtlS2mc6vUiDyQsHS7AJlUJMZ2tRm8OmYCpfmW0riqEGnPtcXi0Fqvz1QOyz5cz2 +iG7MjpRK8n6YuAhpiQsxjXHpVmGQV4LNXE0cbdILWdZle2wqx7XvpUBCS7daLMDp +oNThuaPnUtOAF4Ol4b9J9bSJAlUEEwECAD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAFiEEpsdONBBUoWnOUr5ftlv+VA3vhsAFAl7g2qQFCRQ04sYACgkQtlv+ +VA3vhsDfng/6A2AsO7QMcWGvb0q+UQVXYiFJquiPj8Bik5jL4IULD0+qydKqEQCT +Uf1VIGY+gAE365ZwhdFrcou7xNrHtgbuuBHLicHkZAOpzZ4o5Ox3tRTZa5mAWTNO +PkPcF8VyxdUKKcD97KvAo5O/EV2RcYhzqLyRknWOcPixlr94N2eTEhKzzVH84+Eu +zD7h/9IAg+ITby++MYdE3ZeDQRSpMpCE0oSqvw0BvW+1ZuLZ8YZ0zEqerZNXpAST +KzqA+jCdJPOBIOzOfJ7ogWD9/JeRzXX/QX4vbMTuZSwmGWtgAlTy3A3XT/z45y8H +BlVDihi/9yYeS/n4+cPG6XgBtVq+9DjKNlmLb3pAMs+Ddlwd27bHkb9us2U3+cvl +L2ugLVr2JmSHIEkoe+B0g1PsjnNOe5CemmYvZZbv+Ql9LhEB5kf6YqDXcdem70V7 +rjZn33nAU/Kg8ML2v195riav0oWgq64Dw85W9pFlular6Fww6hmptDNv+z6ef4c/ ++mfRREYVstsdK7rktMsI5d28hdfJUw6BL9MRGgjn4wWleBZInt5uUqRrgKwv0pJL +7BuWK77pZ6L8KxVqBhj7pp06rZN3pQyUh9YYPdI0ibYruZjY5yOewHB+JX7qukw/ +XVmTlElF3lehb1vpmGu6PfToARhP3s/vWlQVSadwgSxdEuvPst9Xs2qJAj4EEwEC +ACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJb20RXBQkRL0xwAAoJELZb +/lQN74bAMyMQAJeXYwBjGC3SbwkTnDQZXADHpERdGQvpHjA7SxBHJYWsGKllrlrG +/dGMGKU/wUW6EpkFabZcHXJd3nA71pQ49jSfzxpMilLTEOZS918+2ylXU6X4y3gj +mcRTg33LL4QeT1TbIzUkV8uwcOUrQLyv1IvszIxRQ/snKJfZta+/Tso+3NtUUrWU +gQzMk6/uj4Wi2cSbWBjtXNlC7QX+X2adcgu0pXztX5UQQXB+e5WJ7HXHChyCdXKQ +FE78z72IDRDC2+9+fclnuvu6Y3IlXyO7TTgyqJ3ij5j7JdmZnzQgxY6WvMXjoK4t ++x9SMXJEWjTmcbDW49YWXhXDg+HrNCNZpBNWLPaugRlFNyp+be54+EOkjZLl7wws +nWf3NIGFXruu41qtCVnO/bRb79+gMQEcZiVtpbdsdpFbAhlAEhPfn11XPspgKsX6 +oPEeBACI0tB3xCrQnNVmHhOT9ubpmCyVARkDLzFNC1Oe5MS/OD5rJZxCHf3yEPay +XJ4WooZ9fcnHekWqcact+AsAWcxVtYQfundxkg8fhhf7F8hW+nDI/17vaH7RN+xm +DOZeV15Pj9ipFpwBTNIVuCxKU5vtWUAUnwfxdtZNgU3Yidse59SdVVurWmG5cSnN +chFsTvamTdRjshLuf/NQyB/DCwjCFEiQ9ljUIqlsTpM8dF1Qw4P5FFuHiQI+BBMB +AgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWfdoRgUJD0twZAAKCRC2 +W/5UDe+GwB1DEACNL57Zb+z0H5Cj2K1yEgUyrBQo0xw/NHuTGNORn8axsgj3sNZe +DwL9BpwlpbbMU+sBFLwcjcPf5gQUA1FDx9jdMiVKePYTUupgeyR6HnIqHKhzARD7 +Fvu7KHGsY66poDJ6yBPTXvzthjH38gCA9zd8hFnU69Wj51lcDJ75NGrPS0K9x6f3 +CREkDhm9Bl0O1wAAMQXhPA86h9yu8opAk/zTPoSYG0D6TnLc3MBfEPXG9r8rh+8l +m7paF44AW+QFiQ+usAQqwGTVOMAEC/j437afyVWuMfycJwR3gEjY5xrEK9Za4MUE +RWoHmDdAKN2A4Cj7j/I8OOURuQIZn/Sd8nJCHw4JDzewCRcAvzNKjBcGT6Ca2Tjp +yAID5yFHo4rrkN0H2RHyPxZVa+fLL0GcnI+GDVELAltLrhhR2IlxXNNTpQLd/Ul5 +fDdU2fJFGgb0EaC3Tb+vsBg7c426jJPA6R39mE40ut/iQ3CSEJ93bkfOMecBmOHf +RHBiR+cL2NWRIdt0v+0IGGyxFFaQzkmvqkHrtvrls6GUqk5Ac7wcMtPZr/LM9sPr +vRQdfFkew18zC8low8D2TEbeGFNA9S1aALriKm+IRk9HDPKzZYqAG+RsVVqQJUyd +7A04zunKDZCS1UJpcIIbZxZ1f9OJKode+btrBRTrX+mZJCcGs5+NY+ImTIkCPgQT +AQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlnY+eYFCQ8tAgMACgkQ +tlv+VA3vhsD1EQ//ULIT95cJnAzQcyNHhLFtiN//Tcd2BzSHejdLbhEieJ9eW0e7 +i030pi0irCHFZrp41PmOPDVMCZL5976lI3QceSj0h/VdRWqr4iOaEh1UWUVxuj+c +PXdgEmUVler1Gle355sSgRf8u4SYIPLTKyKv6GgMfS21amo52ysNv31nfy8THf/r +etgI/GCyjjVVyP1aVivMyuaWNbQ0qE1oH+aWovcBsdc+g3QR4qsLqwUXAZQhXfUY +mWsOAoU8qIhQ9Kz/N/Of7kQidDrVHouL2QZ62UTVwdTeK66BaJa159ru0X8lxh6Z +d0VBxLjVULinacn4eb/uEmQV6aqDeQhi2XpApG6i0TP4A1YF2Fkr7tQCv03TwiqZ +er+16POazfqzARJVjk+HnwpyYn4KLZ2Kf+ArVkORy5QWqpm0mA69jiuaBF4V/Ktr +mG57VuLwZxto49JygqsSIzv+rOKS7YtqLrmOVclzqsICqB6BQpvnTNMS0QrCW+9e +jDCiJnfh7pNE9GHAsc0yyanLT/Xik3WkPvqLewbOVQtX090uyN5K9lXOoA2O0OIp +q507zkgOr01eOeatktxA3Ae7v2HKrUD9ugu15i1N9ScVhZdj2JGACYtPhNycIUAX +9BYNexITCPBf8+Yb1VdVZXiCVfUudM8b3u4bgP1dtdCPxH/JPIbEKeB+iwWJAj4E +EwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJX9kw8BQkNSlRXAAoJ +ELZb/lQN74bA0iYQAKUckhPHU6kdxu1+2ZdHqU2ItTDgGSONOAgJ2Xv+vO2XmAo8 +pXQhG/k7MZtDbc1pjfe7kZbY9oi7701oMaZDbhaGyFIYf0GqF0Pjb7yh2xoogj2V +mqav9hVe5k/t0u9/7QbYINXCxfzLoNsNsCmSq/znM9z1G5e8pX+eQenuNXasv99A +oiazQzoMyDnaO7exzSwqNpvOcfka3spzWmEX885t+unVZGyWniruTPGv0Bl+/9Ka +PNqRsRg9SKBsnGW5yAzZI0rUSaJnVaJIUhLshBrAxgVAeaPl7X1+8yBAIatz0hNW +we5wDMmBE/YegoOJq2jjis/MDIIGgxktXX4Frh2W9Qi9gSsIGT4/1mKu99b7tXcl +yVp1Mb3ybmzuAyV0VWyBfA7kgBGF4/m8XvaSMpcH54ZJXY/Z7BnobVryFdSWCePz +M0xHrag4Ju0YhKAdo+iQHoOITCQ7I165S6ML4n7LryJt23YnAzlMWPDmoiYbP2rv +jmcHOw4RtCWk0RfGGZAkeI2/yedSv+tYxCAANpqvngTSxtwCaGQMfZD15ahAC4j2 +iER+yK4Eo/l3LeYsDYIR2xuXiW6TjA9OMrF9Kjo/PEgCNtroVLxX8wKPLudEQ7Oo +3lHrrFlOReuCLWtN1xCHE5u013+q3vnvO0uBMJcvaRRW8XZtzsGKnFDjIggZiQI+ +BBMBAgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVhKWlwUJC2aesAAK +CRC2W/5UDe+GwLbwD/9SnT0AVC80ojWciVNbEy1Oiw0+KcVUTRTOXxH1hFmh9MLT +7I+avn698GwPnJ3WSg/CvKO5TJCGwCoRHeOSPGS9+zM/GIyteBA7uM5pNs0J1T02 +3jMZEsa8zCiYgX6ivLVU3EnoBOoPYIXC2G1+H3CYEqpLBElv65YIRAVU3OZqBUSD +rHiuGarIsR4rASrYd+S4zY47yFinhqeTfrLMXdO1BrAk1Yq/eVUGjpBWo013xqix +VRhEFYOigjZ0Lutf/5szlNbiTzorQxW0gMK3MA0evKn64bjiK3N5frPLStrV3Vqd +UGD7qR1K8Nuv1L/cvDNUiUgHn/ifiUFTa8r/TgA/L7Oehfic37uMnYGhbzrdiBUl +bkUZBovfwNFr6QcPCeoen7JF01zhMsDfmEoEHbBPTMTcQdaMrFyTIWyBv9js0qWH +ecLHYbz4lDakAQwNQYJblgPIwkZIwjnPvTj4MEpx/7q5du0RH661MJb6Ums5sgL3 +aAA4Uvoefh5UYjPXOaM3e1w8dJEs62gSN8AdIdvDoY2lydLKuGaDzjc9WOOVPMmK +63NehfJ6E1sxNp/lljJ6O6hwbEyfSx5jNd4+yHNdxf9iP8LbVeaA1wU1Cr0sEuKi +Yu+eFruRiN0zPp2Pu0Wyvy7sGHB/3izTvTl5qi99aSeyc3baHutgpjEo4OZvPYkC +PgQTAQIAKAUCTVyR9QIbAwUJCWYBgAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA +CgkQtlv+VA3vhsBRzA//QibkWNpnMfCr1LfrFFb8MllksHiuGaOUPWyQf6zzi3XD +iOEmMXGoC8nUydifHzxZe4E+G/ZDXk3DT5mXAe72zeTcAMm2aecoQrP+IOb/YrYo +eup4Eoggb3vTv8jRS+NSCtk6EloWrVzKTMwOB+RbVXjx6HcZ/f6M2zEg/etqe//9 +jWxgjFZdnnRlvrJmQ6+AvmhzyLy90tgNEMMpZC58V+d7/7UkEQduqRLut0BXYlWM +t/vYdNFZII7blo+aBaV4spzQfQmk7OWQ/fm1u5ip7QNxbg1Us/lXZ4pevuN+1ae4 +TJGDgp1uJWp7GC/2A0nLzw8GA09nR6lnN420aYGlAMFN5ZLyKUL57cKUYPWOmQ0H +8eFh/0J9ae8BSyqAINHu3Q46qfRc/4M1rUwIf04R2S12h+rL8DFJkcbRQYgXVtKN +lf9+BSKwSabhc+DbvKKHSV+y3MuzgHHk0vl8BJGetEASpe/X1Wdz3c6egEbvOgoB +yBBxR9o0qyHSFKQ2N1oC+Pi5gTX7Vadnow+9AYLmC79rHWGfhXP7Od5i7t9pTviD +TzwmgYrQDt4aT5OySUmoEYX962V0JrzjiBHb7JdNy/Y6hgtg5Z3BUDcbHDRDZOp8 +L1zq58H6/1FGKdKdkj0bSKE/s53HJ9dblVrxLWpTEmESJOrbS3TWUTv9UZiRUqK0 +IVRyYW1tZWxsIEh1ZHNvbiA8aHVkc29uQHN3Y3AuY29tPokCVQQTAQoAPwIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AWIQSmx040EFShac5Svl+2W/5UDe+GwAUC +X8oieQUJFR4qnAAKCRC2W/5UDe+GwJ7dD/oDu5vgWf2HBj4KS9Or3Vf18Q5sXsAz +3Xn8awRGcodLbCFcRoP/H1cUTE5RYJ5hmxg2woPf3vQXB2RJyDa5vK7ua/bjX2sK +j/kRSRnoRb4KV7/gRks2kWjGE87bG3XisygzZvJAFTi9tA8MceRc6sNZYuT7dtGr +KELOpbiExrU6V8jPSiSvNq8TMRzMj4ddgwua/lJ2EL4/c/lmVKOVAbxd+C2DHjT7 +FpEFj7Ihiju7xBIVGRTelEPDPXmVfw8NzkxQTunWEio/sbyKgyV/ArhSJBr/1DSm +UzpNlzBY6FBcffkAM5eTX7BAIz3R0O5aQD0spHBd72dbrEIhgPAzHkIHhcdTwOZm +98ogn6Feay+2MjsDGv5jKVH3TyqR0pZvjcJXMwBnpoNM6m9husLbX0ab59L89V3g +t7oGpo8nOPI4p6N6QTDvDejAnqBIrvIFzI7O41hZjFhtB+BP+LWA+50inlmKZxDu +O70PkekyImHaqwLjj0tR2oQTlO7YiefykNITANHy/ZMTsmDn7raxc+Ti8eMsaRnE +ijqgL2VKLJw2xjSZyzkQ/BEelhWGP8mY+xo47kd1ouvvwITu9twG1Xx4y6uX6Ios +MmDlXAvxoIdr1jTd5dHZP+/3uQL8/SpXqx3KEzaIvLaipQnBNkKMNPbJnDR6S/Zt +JPwElrtuXmUsNokCVQQTAQIAPwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AW +IQSmx040EFShac5Svl+2W/5UDe+GwAUCXuDaowUJFDTixgAKCRC2W/5UDe+GwPxV +EACDjqYb6cDZlyZceSD8p9wBg3NL0gegfRGG443CND1qL53pHeafGYHpeSinaJWY +U+1J5CK3dCaxud/V6fR+7YM5nkLIzYMCXwBflXB3dkFCg2TSY4eaCsXq+BqrQ9UU +mQqvAcGMQed51Rulc4O5iySJyCjAhfGUKOt8Za7QFGQbxcKiOkTPPqRszEXWm/JZ +YLRvObMHw/cI/SWeh0NlfPibmOw5gOCKzwPv3FiCNMTJqh43DcE5pum4ZWDKOb7o +qLhp1nwHQsgpCDELXfifg6Z3EfJuGkeow1vTNJg47DdXAIGHiZmpeul8ZtN+ktvW +8ZJfkpoiMLqZji8dANZa8umWvz3Srsgc/kcyu/3/NNMoqH8BHrNfScTBQFw0NTHn +a6GOSQqeFcBvDyjtl2hJ2qVzkzgX5kAcAKdhlGZuvGheehly06YjSp8hAuFBj2/q +xoGbzl1Fv7SnfJsEPTbr9Ntnh+2b9Wrxx94y+4SY1eEHwmUfcHhFJXa3N4hgpjcs +mVrRD8bBFcgpTA37oVHx57X8dzZ/vq5w0uPJ39wjO6G47RHf75MYAWTOmjvUxsUL +5qkqoKaXPuc93IeOUki40kt1/usJ+FDV/hnjdwFGJsgiDL4ROHsBjZb8Zt8tr4O8 +FNrJnmVS6wKB2esfgeyaxyGitliF4rbjToSAx4hX8j6Q+YkCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlvbRFUFCREvTHAACgkQtlv+VA3vhsB2 ++g//f9aWmWOy9zI+CiTOwOn7ryBFPoVkf6sKTRX4P87PABmY2tg256h13kyx7Gji +5IKWsyzr4uT+Z5xmVvJev7m76cskXubTYfnp4C5rh8OAbvAqGtWTIudddCG7N8TI +e/TB8RBOGLsAOFHOEa2zIhyV5AYuFDL6iMkTQ2MIOjPwAYmv7KcH+ZuM9Tai4aJF +rwOEnkNScn6X5qf8lJmleoLNIuul/0FLJBG1EyvqVBY0OrX4VEzdv+9cwL3IXRn5 +Pk82xbNcRYl8RY56A4z7Q4RskMywEcuL5qk8VTrxBDDzCpHbBHaiEjIoeE11FPeL +lehLakHjSVEoYQ8zOaLiCbkK3fNdmDz/cBEF17Mb9revaaneDWfgOEsIB4OBz1A+ +eNkFU96upFiUAOg/fgogHXHcm2e6eaIGnzKnyBh0CT85REagPGUQTOnmjcK2DaHW +08owa1zJi/qO/mgFzEizrKYpOjhUYrmAHbIqXfbewTFlopwmnyK6TAd46cW24Rvu +8T/sGAk2DQXXYgbNtDGBrQU3tFat1mRhP/bdyw4dMSvq1zoBtWnaZK4rf+GxpaiD +CIq//S+Z4kuMFYmrAGCbz0l9rk7/vgIwi8aibJfKMfDlD8ci5pTXtYWRkFaoxgWo +X9x6dyMn1GdDbfUml/vS7Hc78i8wgy99+mo1NRonWBIvISuJAj4EEwECACgCGwMG +CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ92hHBQkPS3BkAAoJELZb/lQN74bA +S/QP/RnZKNb06T+3SWvsze+JOLR2bNQrIuIcF147IKuUMZX6SZc34uBO7B8PSdfX +nicoD2mGudHdGp7BqEVdDuzT4rWb4pxUrielZv1YLLWNKUep/AsbxI40yEclFoop +/kuqbf2zgYOegkzVPh9LaUr+/Pmg29cDmV+a5Ytqn0L6swMH1+LLzWu+awxQmbm0 +f/19IKLB9Ad6gFvUgmK2x5yfmCQxoVHopMMNEsKJqkdC54qp4w4H0eOCXT72d681 +2We+nZQInQp4ih7mSX6UGQPIzq4eOsB23ifwrIme9DxhzVHk/racqdq6mU9S8d+U +P3j5vfxlighZsSmXIass8MY1ooG+0Ezq15svQmH7RiIivFzw3hGaWNOsV80VzkM5 +5WHZfAzeaEkIGtzFRhj8mKp04hgttxwk+b/9cgyw0Toyg/ClvHBZl//MvNzHhYGj +SHR0IECOs3SgfDpd+8GE9dDXoMj9ggIts+JqUPw2Nd99IPq2viJ+4DTmxJ+fKJfl +i5WhvW75RO5xbshLPfuUlRVRLv/hle86eGPyIdcP9+rVtoSozLdtfbgjkmP80qcT +0+2su9gurjqMyUpHXkBdKumc5QcBeUeN+HltJnXInTMMAvmekOp9NYDTT8gcuAwa +m+ZA8j/oFTN1qyokqyMKnv79SqSZ3s4oPVRp3qLzuHjKR/DWiQI+BBMBAgAoAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWdj56AUJDy0CAwAKCRC2W/5UDe+G +wIBdD/9ulmYjyYQ1IEiji6yxdbpCAweINeOc1zZsnMk9hX1Nx0CWyxovixyEzjo4 +6jjZrjLV3h7ayGIeSHisP/XL6gMChb8xMlhv501YDH8BujhnykZIA8muJaYJB+vU +IXwcr6nx1iWVglkIc0NEsKe9Xe20efcXFdgGS6qoVquZfehvKv4LAttLndjfu+XG +L0AgeaAeHgB77PqrqWux6kwoyJKiemeIp31uHo4KF2jas863Rk5WPoIVTcf29mnS +XfX0C70HAkdQxXIZQdJz/HyL2srDDMDn2DVAEC+UixZo5Ib5Wz9YBE9OpTW91c5o +M0J2gvi9k9tnPhbNR4Y3k9P6REct18oyBzPzPr4tan58KkMaLlgjrXDmEV4+BJHP +qLgS+gIV4074oYG71tr3TOgVTtEBzruNnicz0LC3gR7FyKqt7mHjE4Zd645c1DL1 +gwzWjkXGyya006l8Yx6KpsovCFcP6Cx3oW/H4G+3S/Sk5d6ggCQ6Jx9xamc2akuP +enz/ltHt5C0Ted9OVXUrLXOugKc9demVLM/G0xd63P1TaywsmVcb7P66PkZ8G54Y +27h4LiMUVE8IO/1QJYLwKc5keSto3P0KqB5LNXShI4lMVpZMicVz/GSZS8KUqSFJ +Th+1CqvTkkkwCL3bPl69rxB0tQGKzPB/a+kfIMqDWX7kah9NNYkCPgQTAQIAKAIb +AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlf2TDwFCQ1KVFcACgkQtlv+VA3v +hsBVzw/+OmKnUJ5emY4mp4vN6ghUyZU071kT3m0rpOlB29LbyrPEI2J1boVgBOKk +xYtiGhMI12B2/cZuEtTM9EpnSxjQcw0Dzi7OtZzZh4KBrqOpC2E/j2YQCVtNuHaD +H/Ygj+4ybf00N62mw4uFPapzqMPw6CBIuOJ9dNDBKBSAGibNFvPqtZbU5MWnC5Q/ +kw0gKGpmG3ExusAgw2Kof5Szh0MEb6a90uckx9TdxDkqLCzaN3MNHTPR1INHZtec +/EAovxn7uAHnu+hG37+uuModqHpcYIgOxzVUkjw8DrxKBUBofoFp0eJO01aJ2+it +d7AbbngX/Iodv0yXee3v+fEMOBzbjj8p/n9TQy6zYC1MxLhp2u0uTOdmTYIono4L +VpxEnfvlRBLdMigcPagdicVZBU6QSWz6+6sxoQSyEBMfqCqK3kcbW2i0NRPnedg+ +9/qQI9BENZcz2deulEDhVaGP4K72knVlEPbPcUSaO/cGFDgVbMTF1jzusmSWeQQs +kO89hTeA1B47t1ne+Z4E3TzPRMF5rzOMnZh2lLFfvO8ze9ekpcwm3Oi4Kwg+pcCg +kW56DSaVHCG7W/YJleW0Fjnz3ORPutPkFMMYm1WW3HLtLWImjTEGeSuhB7JDc8Oc +YIpMz6gOFvBOV8sBJLjvT0Dux3AV3IRxSUKo8KWLxZhblHbc5yKJAj4EEwECACgC +GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJWEpaXBQkLZp6wAAoJELZb/lQN +74bAFXYP/jGedvt9gZDOaEyvYIi7U8JSqBjPdgsvHFmd9tah2VAjiLS+XzkkAL1r +vdFyDT7XEW+2K7XTOBa0tkzkt847zXytLAOqApWN8of3gHF3g9r8u7wMmOmvnAz9 +xK96wb9Kyj9U6kQ574gMv/fmGWVJsYP+FMXI7P4z/Jb+oweyCxYZ97wXBjhUAJ30 +EwkAkAdp0affmHNRfHlY4ciF9wP42iiIq0vceJ4vMOySAc154NBESLMKogC4lBRR +g2Lbu5xwBnjj5mFwIYoPcl6MpeFk1mhvsUScsTdA8PUvq6TDkBridx/62oejpu9J +nn2NQSDLq/npp0PjS1jGGdxiziGvE+IYasS76vNUEyAY2FA49AsjFxCSTV9hV52G +LZqJse0brhs0NiWGsY8fcm7apYa03GiZfX/xbZKGjC2PEdQYy2b14daVBq0jshh0 +VNzate+RhKozeWxn2ipeXIvys/XtQR8AmjZWqz8VJQIxipO4XcRnG18awt4SL7wO +NYUXY8nir+mlEQQKqemVvmr4WpxvgH0SmvFn6sDDjs7MlaHThlpExymAe5ZW5nkT +/WUXRQAtABZLv1HTByOBDmYWlaRR9xPcP814oyP5n9RT0uRXNjG7NdaDz5DzEUjs +tNu2ze5SrivOVzRjOw+1GlSMSheKSpSBn9curJ6RagnVRVs84T9RiQI+BBMBAgAo +BQJNX8OWAhsDBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRC2W/5U +De+GwNyED/4rz5FGWnRl6l5vOWvI1gTGMVjIoYVyCsFhHSWfzVwv/FGIjMdJiTB1 +xPiTqqsnY4BU+s5UDIj099I59OzA1Rv5eQNr6wRXYeAQ7offfpN7K9rg/Nx71xrG +k9kX57wZ8zkUMUsV1yE3d92SOybVz56XNKrDvqdJHcMe/3I+HU0Z9+akIqjUd3CV +wlZ0TVNAhlQA7nx1zZ3EQR3+Uf7cacfS1nZX3/88q8vGg3VqfaVpgrVpuyhZJAYN +hhXJ2SwnI/v2LUWkhgMjLi6QW/6G6d/pHiw1CTB4iYKwppmjYNO8wwK6Q4gSJrih +gaLsJmQ8c8knCyTgr+Dck88b62laNIcd/qHTiDm6r8UgNt7dKIewsbhVWtD5f70O +x7VEdkh/+AmrPPiNNsMl51eixxsZntMyzuCKXbunqqfLO9/oxeFEe6QXV8L36IQb +JmHyaAUxbo9feQGC3Udu6uNYnrSwpg9FeZXKvNcH3L7GtjsrmZbVF9hZpzkGP0rS +xLLBAUkGbQExcUeVNtjZ2oZXj+wQ8V17C1GinNhvIT3tcJTlH0/sZTYzUw+b+W+b +VS0yoqJjZ/zUEgQMvPvKxcPc57yoUpy/VZ44K6Pg/9kY/cKkK4NiJSeFT7EjHuLs +HfKUmStpRFoyI4HwRcgHaxDKGGxwTkwA9CZgQc1kQYSTKIC6rlUcBbQhVHJhbW1l +bGwgSHVkc29uIDxodWRzb25AdHJtbS5uZXQ+iQJVBBMBCgA/AhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJfyiKABQkV +HiqcAAoJELZb/lQN74bAAlUP/i2Nn/s8qMLqFIgFizQOCvEcn1MApu0i4iWjngKM +6W88lkh+9+odXexB2weXUV4qgnNPBzG1x3PyJHODe/jPcO4AqzvABrArYfhNQa5y +OE3PoTtXl6GctD/3V+nFWeZr4DATer/yHvWp2DhZ4Lw67hV/o9eC/OPp8rRya7sX +kcfbM+KaN16Vai75WJ+zCyRoEgYT/SJGljRs7+bd1cR26qWaRwwxjZvQBUy3k1Cw +DulpQq+Q2zV+2Zu4ruaIdzeKBfsvivLMbysOMly4eeWLgOVjDkIm3G8FkIxllnei +2QA5560DHdM/5+kKwZ/i/956kV2YOvQPVNhC6MMkNNxrmd42Y8wZ16pWjydo4+fn +nHOnIDiEBifxwSf5o7Bn8A8HY70D+hO5nf97J5U4GPlsvu8Xsc3Arq7RVenrCop6 +nMEd+cPQQC639IfXindixRQo9irk5K2xeas6pBaaCn8Br+Ib98Z/DZVkOIhEkb0S +BaHpoLg3C7/cJ4LuFNdMsSm6+ryVLQAYya3+4QdHovFCvo6/+jynPVTtGxmdxE0R +zuHztV8/2rmXSvk2DYKcllvWdWVmpjt3MEvtZqSRdiXQEPbHZ1mvz+3BxkcRNODR +rkydPXwbzepFVew70aZa/XkxpThOYvngMCCbesZAPwP7xyEd7RzKU1qBxiCUE8Ce +i9GeiQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQ +VKFpzlK+X7Zb/lQN74bABQJe4NqjBQkUNOLGAAoJELZb/lQN74bAH2UQAIQFer/n +N3L70iyQK3VkJdO0WHsRO7MQvm6hx43u6TwwQHNpN8kWED9eeJj9loB21dO2MVvN +ePjU4Jr8s4rHcMVGzFy+OqAjE9Y6ORXtgn4yjktLkNqxwpcmQs80Y9tLElyEYYoV +h1dLUy8dE/isYQT5t36hL34BxZHkxYBz83XKQxdRwlFBsiAyEGg0I2iA9UJOACR2 +6+wPlIWvCK/yYvuLdhmvwc6PgkfFJFn4OzMeYws0R1ZZbO2l/eUMdL0CrCWJ5k6x +IC2qR8YLpKArkGNWKtHkfgGuu5yTKWf0i3tkApSOgdaa0zhoMdy2BIwbZRia8/5y +86vdzK6y9KzhOe9/+hL9fauB8EctjnTo0hbHIF5lCPc4MozpQulO6EwMGn2yo5dK +F8RP5xSo0IbTQvDFudFbV9riVIxu+PQ9GsWW85D/5B9kannsTkZJX3Ec3uQtFrsj +6/WcFBcfoNkIrNY4qI+g69Z3IBfdeLNf/uqBArNH5lnmRJ0TQ8mtyEINzAP4EfNu +tPEd3rJblwZxqysVYI3S0WEoyDG4apH+6eCyrrFuhK5kilNTOZ3a0HDeREjr5Sq3 +nA+RpAaI+XtUXLF13Rp7hE6zOVT3cbT6+Nm/is8t62ewdYDjwuN9vpoPS3sMILhV +9dr7uHy3o3QeJ89Svk4tso3VR7T6ni2JRGMoiQJBBBMBAgArAhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgAUJES9McAUCW9tE/QIZAQAKCRC2W/5UDe+GwJSKD/0e +YxRacfK40TevILrKiRFOR7S/WOixGPqnf8MqHG+YiNAIAw5TomUq0BPMWegGLTfw +lviFRFiSkJ6S7lcuKFiPvJI7op3mR5fzN6frmmjrEuqQ37Anbv28O+BeD6VcrHxD +WjtSulEkmDnMrN8hwR1ZPq4xti/8bwrvJpbH8SRO5p6tV8xQ/x6khXvsBGDA6wJA +YxKy+SzYsJNV37yh5OEkwwa1xmNjAahTSW++R+vw5euWhZG2gxWKBsRctVu6USgb +kXVPCu1RkJ3P0eRkxjb4KerreMWFhgLwkkYacBD0JO4kzd3UKViBCLpRZHc0/e0Z +OFQxg76Kw6PGuZPnh3ECcnHUB3hob+NReaNI66PCmUX9PgGzbIBTfGCzUukcCnjg +4cAJvhvhRioWcYOE2tJAEcuoL6AloY5nQs0IYfeD07hzwrQ42zkzTDNa6wEhiLrY +NN3TliZJqpkXgmu8A7FpNYLvRmSZrgt6sjgaA26mlCCv50EVCGbp+3UAFQCJfwvC +Hoix4B+3lRqYXp/zdGwtxeQg+NvwNuZmXaFGX3QZPeCM11OEEKeXdhmkyaMHJzsq +//B9BiwVfAEaqlyqt+cBwkhPPV8HR+Cl/AJk49ePs6STS3F+VDfLAH8IZdmowYGh +D/RVPFN5NDmGB+mKTJvRYAg9OdawY74J8oDgTFMQjIkCPgQTAQIAKAIbAwYLCQgH +AwIGFQgCCQoLBBYCAwECHgECF4AFAln3aEYFCQ9LcGQACgkQtlv+VA3vhsCp5Q/+ +IDnqUcLSKrhLQ3SY4ytsMmfeRgPGvkhGQbToNcHnIKtza8YHAaeGzTeha0WI1dgI +sHOgih+NYYsnSDvLWpZWRAgp56zpVfBUuprd8mbUdO2bklxvfqvLyvIaJcAzLrC2 +pc2IOnNXjNcFiE6r7R/MFTvjEj4BXLh4wvW3eLMhM7tG75fJMSDDNRFaDFZ8weLG +0RheJYWVTNZHm4M4+vggDw/LedmZxSz7ROg40lufeM4pIo+Prn52EAosX/wOS0+o +mTN8nXEnC5gyuNHoB/VMT+faz8kUWLDCE/Oib/ZVN4ZRLhvoyHlF27mrgaBEKNOd +MjJ66jfN4tIAXHFs/ecYxRFzfpx7hyhr8L7aGprEdbdec2YtN2m7LEeoWGYYlBns +gwZyAcjacFtqZkvUZFRUmqbFdMb5mSHZNrNSs5hucV/Zi2/BHFiDdX5EbUDP2hbm +YC0toPV0oGd0pM3LJcqBxZ/aDL2sXDtVq1HN+oEz1++U3ZwITjzyWHUCbIdWVtjN +NDM/cBiPKBWJyXu/+D9mbp6xt7eEtI3tGc0bzBas3hMmuBMDfegD2nkjmReRLs9J +JVdcssXAZjkOglVDELER2Tk2BYRI0MdgX4SyZe5oSQWRkXqRpTt9vOsqXI5tqk1X +zQ0trLNRS3tUYjMUjedBtrlAqOfKEml0+BY9wJrLaAmJAj4EEwECACgCGwMGCwkI +BwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ2PnoBQkPLQIDAAoJELZb/lQN74bAljAQ +AIeTb4as5CDOCshMMdBw1tzDcWMtPNf+GTvo/bspSitqvw2XuKdb+l9kIwmRcmlJ +AnbY5JR4xplwHGYPqWvmS/5/EIvEiyFUjfACRtsz7fYA22AWByDLzzWBDRqy4jum +1QNK22LKxb0vQe+Lr8Mcdqxp2F2DYeBCDZnhQbt/9l34ZcYM6SL9pyRUxQztut0Z +bO4ZP2OMkXU77bPRUYbK6/CZTv2IPCsNGP+VhsTfcgEXlX5jfxA/fbvTUG0E137Z +GVA33/W5HrZtBv/bi1aO5zIkr/7WoZV75fIoQzpauKRnO+rhkQCp6v+wkYt+pl9E +A6HwXZcYJCa8HfGE96sK4Jcv3TfW/p6CDkRGd4nESnqt0YH+Hd2tuHAAf5nQVlBf +EoWS7sz0OFW8n0FXtnFTJ+Bw8vpI4B8zym6jxOvS0H2VvlP9AHfpxzAxIaDm1UKp +J14H8sjcJiRNUhgY8d3f4o+Uyq9rurT3nLsHPubGkKlgrlw6xY5oEAYfxEr38eO6 +Ifps7+UBIOIlBrxxqBakwVBkvjby3DOjMpI0egLE61y5FBC6me2Xfeo51cp8d9in +X2UQiX+Vs/grzEf0L10vASMe+1PTzyEMhLvQQNMIyRU/+7mIJ1uUmp/wtYpDexFE +BZHQR95JI8xYWWA7ZHUb1Y88APK7O7WQLFQ/Okj6BY2xiQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV/ZMPAUJDUpUVwAKCRC2W/5UDe+GwO5X +D/97ikPHHggkFcoOcFpItf9W1kV+t1cELotBC6JQElGCRwjvkdWaR3AORsNdHIAu +43ltdx9LeSI757dnaDmDXTLI2MTdiQ8b3NFA1J4+u/mCRWBg7CsA9VmZfy0dokEM +EE57sSWz6Fc5IbuSlCCcgz3l7cTJwVovF/Pc6Jd2+AEHC+pWaNEI3HkgZHhSXLhN +Mblir0HKpyK3IE3bBRFXdRs/e1wg902TBYo7wM+T9M3CXXHnACMFJ/doNSb1J7i7 +Uh/puFNCN96mqgkeafHDiPa0Qe+sgpZIBaur6wuW5/qRDyXUq6CygIrHmuagG4uz +9GIMTUePTYvkJgFXRL5Zl8FkhCmdihQf2v3acY7SYXpH/+nckmkgu+vc0uxLaG49 +F04fgfD/Pst9SkxTiH046tXJPRAo3p64Q6vquhkZDAYg0YjbEMSxL+sV8lbj2pqf +Y0sOBPsfBr3NqJy3DRlitm8uFVvufHP18ARAIJkXRKKsNdsU+YuSEyLEe2gaj/OY +JkYmhEYwkxQ29I/Kx7eYU2cO8avUoUWVQcjwQB84x+yCby0P5jODrDQfP2CWrHkB +sb2Mj+zAIN9X8AwNkXKUwmw5vrZ4wmaHpMcQYa7YTknJx2qbu/FqwHhvVJsnzapk +4JD10dYrkWYdJKvs91o5PMuXYZl2EUXtmzecehuF4M+P44kCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSlpUFCQtmnrAACgkQtlv+VA3vhsBA +mRAApZpdloMYR6Dh9euCYCYE9PadK0d9XTZN17orz2YpDmo025HMkYlxYk2aCzkc +di3AaSOf32Zpf7lbY7W7e4Q6v/GDABr1HwoClp7G0PmDsDSOXfE/OAbddlPJeXWG +/Fwfu7jC1VPWTt2ApVdZ/hkhNPNQ0W+h9jS8WeolitXDM9k/AVf3lods4K3L10PN +aWPKctKUO/CyaW3NYkaXY+W/Xe2ySUOgBS1hslqiLzZmALBiNEIf6bQukSJVzRTW +LzevO20f82pGBmI+U5mH4tDW2ZIeN/Bz5ouS+xMQlAu+LPRH6M9OAiE6kpldNYqf ++cOaREKPiA9/KGc4R89gGHrWwzJhmRr5p+V8Ad9yfdU/lPPeR0X43iDG7v3NE+t/ +E333C0iz1FNSm6V7R9EYViB7RuZfCSGDpfSLl74bsEAq4hnwQMBN/Et7LIDFwcJ8 +leWxmr6AVV7YgQFJejjUQJwJYLNU73RAgYwRlgzk/iz5xSfeJBLfy3UmHz4Cylax +gKFPqOSlsGAD7QkxNTc1YukQ+dDkepcc7l9gEaw8qOdiN4cnjBhNcNnvvMqotexU +JY6FqJ33SGvq2gwyd7+dEMQrZko14MB44ErcrTBWI0E0aFMZipRFmZCNlMsDiCm6 +16EthBTzLMHJ+xhqlViQJjtMOiA7yurWLL2i2M+nCfGRKvSJAj4EEwECACgFAlRY +QY0CGwMFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELZb/lQN74bA +IsMP/Ahx8PneGNWVA2eMNo8uQFwCG2o2Q4+r9ToK80Ordw58sQSqukP1dDCdF6V2 +rl6VpbSRT9M67okHMN+JV/opfVTeF44ilxl9fMkSy6x8TC0QLoRgx0npNfJaw8a8 +7HdtpZobU8iwIScpzTjGVlRv33TXdf7j8ojrt8ZgStzJWQpiuXpQVZYNf1jszz4j +khxOpieBn/W/0rXj2obZ9JH7+hbrR1zOAzE3CMalAhs6VygmzOzajnW7HQAIkr+r +Pg21yHzvhpigRGE8yuqg1lyp5YYLJ7h0zznP//ivjyp0cHJPWL6o8oKiKrdw7MHm +838v7qlDOqujE1+DauWgI2j4B7mbgoCtZY94yCZMGMT9Kd2lM2rW7u6RFYbvZl56 +4nQMB1C0BQ3ZR7KA1BKWzA5EZFHB9TcwrYBZJUk5gLjQ0lPZxyhNsotLcnXsN7jW +zmkkrbiN7cOAL5aAJNS1GfSGcr0jF9vtRK8xdPelKKTOp1Mc6dFqByzXKhv2aGT5 +anlfJnThANeS94TvqQAidvO4aVhIiE7YEW7lkIl/sdegW7tDY3gY1PXziY0cKQD1 +XLDFFgfXyJuiud+8j1eBO9N1zFLd940AO/oAOsDkC69CNY9xXPekb4W50/cMQHfG +s8b1Ve9uKSSdqJmylTRis+GOfBNGQroCehlvqgRUZUlMoF1ktCtUcmFtbWVsbCBI +dWRzb24gPHRyYW1tZWxsLmh1ZHNvbkBnbWFpbC5jb20+iQJVBBMBCgA/AhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJf +yiKBBQkVHiqcAAoJELZb/lQN74bAabsP/igzNaAbZRmyRNVSyI9XYq41iierDPu8 +CgU6IZLc7WAo7QRMtX2YuR+tnU+iNKem9yAKhjJQPS1rMxXx1aqKMqGkxPQV2Kdo +kwrD0fJ8/8OEu1DbRY6xr4KwgFxMRGTPbFfy08db+6rltRKtmj39A+wCUlRiL/YF +ynUEH3zoI8t/+8YXWYsCvpGNWAXbp2eVysFpbNWud1QJWrkLyHVD5lUMMQS++uwh +Rynhij7mB4XWgZogvqz5xJc1v6wTLgZ5t27rIcoEPMbmdMejTKB8/BCBMMMKLqq4 ++jF+9S8lTDBYf4b/HwzpwdgTy+tpGQm8dQ13ZIGB4DIOoWjKb2hi8ZEplX1nVCq4 +C20tnYA7tncPY4024QEKNzzzZw4Clyj+bOyNksnrF4dhuPcSoSstyWosSqUIpsIq +squSpGkc9qNJqS3B2UO/boJglHF0veuJVHLMI53glTLZDEoFttaAsxUDnFntCzhG +B+OpiOfDTQFe4dHT0P/3WllYWqKN+vKM9dyB02dwcggEKaEswMrMRd6EJlJNgXiR +i57GiDMdr/OIygibEiLK32SRM0UR//HNveatNh+qun0k90RHdAF7hCiwT1yVhJZX +eDyeboTDcqCDSMm8vVWxoNP6EUjIEv/9rLEkc3OwlnjH40hFmvuUeOvwam5Mb34c +LJMDSjBVab8FiQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYh +BKbHTjQQVKFpzlK+X7Zb/lQN74bABQJe4NqjBQkUNOLGAAoJELZb/lQN74bAdzcP +/1YJ/hmTnQraMkrM7QPcKuZ/2nCA/eBPAq4ahYOC4MNaovkUAPJmMHfki4epfZBe +xBSaEolagzAJGrcCW5eARjhJQYAhH5tWCfqumWvQr4P++4kvmEaxGpYycis7qL3C +vEPwwUr+ZeB28rYgHxlhk11GuTFVDVlQG7ubJI9EgHyvdU8SkqiK7PikyKtvVdKs +10YWm6Vtr/emT9FQaRQvfuSOzqe5mLMKok98evnjGAc2DQ7Sz3HadrIhNVa3R5hY +Zu2NuW/XcqJ8AZS6zGxvoD4TIYFOv79CG4gE5trnZ+ROf5AkhfkJ9ljf0lgTqlAf +AhzL1szT6EIjpWvst1sSmuJwEHkOHA9AWws1UVXfcQFP/Li/LkVhxu5n0lVwLOff +CTkT7JruI2GPavJlhv00wtP7oatLxIkmSKJiFvquG88uVTH2EdZGp7jheW0KaCN6 +2AQ7YGcMDdEMCy0MiNQseu8sGqVG48OptgpAtoCimvQiC6G1mFUnDro+XdEUq56x +inOVz1V5capGPNxgBGwIbc61VWs+J+X+XhMpBAEmAR4/lZfYBofabsCW2SybIY5o +nkeZC6lAujjumvn3ZXjFs2fVitXWW4jRPuyYBB2uYzbd/PdHRtCyyoq3N45QTxib +k6rNae1s13CqH2D8bXuc9RlYkBDYl/U7r23uYfCVKn3BiQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCW9tEWAUJES9McAAKCRC2W/5UDe+GwIZR +D/0dZTlWy/gAhPQ2OatwyAept9t4LwWKhxbAz+Ap6VsH9mIfs1+dOJNGbMh/osd5 +7c8AbE4gIbY+H6IKoLLMlri+vEX+z79erTtST0SlJrJ0YwVAUJ3Wcg1WTHWtxmBb +F6B/tFAS/8JqcJmbLj9wBX5nh+aMIJiidhFB5i4A2bKnmhWmpkaA6j+nx4nn3yk+ +k+2IOlecaC0aOYd0kY6mTx2ZdpB0RAKrzJ/Sy83fstiHJ/dGOVoejysURig+o1ly +LgmV1Zup930YSfAR7+GClqgk2+11prF60HIgr1vqKkT8dLroPe7B9q0Gh5bXyG46 +ATRx376+RQp/hXTHl0puJbAwS6Ow+SncnrWj/R2bvqIHwvA4hd13AU6cUcOYBJ87 +STY1Gg4rHjqMGtXR/O7sHnHmYLSNQO0WmuWFWtd1DNryh4oubxRUELWmAgiFJ7jC +ifWcZEzAVkVyKlA2cuKCA+7mzenX+9OT7WB94jgPqpOA9Mz0n/f5dmB49yIdtTJ+ +/+Nz6fQQUbhi2bnUO5qV2UgE3v/NpaPm6x7JTU2N0gooIXvV+sANpVQlgHRYJMtc +k48h64nAlAYgGtUWaZY4rfMeQ4cJfwhwJAJ9B6d5l+NrPtBZJndVy032sA8cPHEb +511+0Z2KZmkOzd4Hw5bBmORhGMIe8FEDKuD0dGugs868JYkCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAln3aEQFCQ9LcGQACgkQtlv+VA3vhsDK +eRAAgTPObrLuCqMtDpZqeJqcYFfEC5WIUEVUdRhAu9f9Preb1Xsm60NJHrD6K/U+ +JjpaMdTMOVDSAZMh07SLfWhy6ayfjczETpHzNWsT6In2FvrDjE90nkvyDiSjiJ5u +usFKh39mmsNOr/BSOFBy/hjArts7cyWHvglAArjmEscdaEcofrLybgEfmIVLEP7p +y6IegEP0Yqdt8NAPiKSYLb+WP+MkosRAXyAiWTTvKyJ2OngCt8domWX/JV+fJMyz +pJoimAVUbWQ3OHTjVu+98QdDW3bajr7LE++OW5zVRlJg1lRB/nsETDAatvEoN3Wm +GKVXS7wXEw+C5vHj9zA/gSOgjT6uaw9cRIEf2eW4DV6fDjVQjyODulyXZY08GnC9 +lt8KaIezgVsW7EI/MTAIHC/xnDIxgEDnid28hEcEuLSoR/b+L/tbhNwf+HC/j5MJ +4gOdjv/qzWDAyoj3bz20ljNrU3tQduuZpOXaref+TKUG4xEYl1INjh9wE/a47hS8 +0NLoDigqMdf8KT+PQjc5EAkwKRkCzjQnvJ/aONoL1813DaDTvF02x/+9OzaUYlDv +zeZ6v+Tkuhq02w4ciDEoC+AO81PblUHLWAXOdnarXCGzt3UN1CtRHvPfwQVYonn9 +Cyu/Zx4pmF+MayiEr1h+W3kAtNoppBZfR7fOIljIQQDddPGJAj4EEwECACgCGwMG +CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ2PnoBQkPLQIDAAoJELZb/lQN74bA +Y6sP/3gsjjmnq/GgdgOD8YQnk5zyG8uUYzJsGeii5XjjH7rPhUBh+lAJEu+4BXR+ +cMz0738YuKBZvxBTZ9S4C6uCrl/C9W08DNI7n3srgSHqirKH+OVK2g/Hulu2SAi5 +9aLOkDgDDXCf8ShIGDhxu36s8ATAATKKLHlWQg/j38gbNCE1B+S+DRD1+ObO0SIY +z35AMchE75r2SR3SXwhYvphHLNj/EXFDwNWDgPp+Qx5JsWKBvbZYwW7CAZYDQpz2 +0Dn8WPtQOTv7i2bOdO9A4s/+jTKCN3SeLmqAVrIRKAed0OshZSrdq60jGED7poHy +o20Zy6DrdHWlZ/zz3BjuJdTn1JnZOMdxyCxuxYynJwMprhp6E4iw+f0Kc7x4aTMZ +y3cauN2B7Y9LBB5JMZUHM4C5R0SfUpgJMoztSQBgyVadpEMUyhsCveetCZGg+dQC +8LrhZr2WnlHAY/VUr8nJweg++Fqnp4P4ZMzLZJfe2RE7wnvXG4EBpUIxDSftRI0Y +SaQbZ7mlAAcj1f0jcEJoBQHd6iD3zvj5Ajp+/mUHMr1Lg9fZiEHBRMtIdR3WjWFB +TTZ8pWuUv6vHb71YuHBbEuSzIsxbMxPlbr8tAeoruW6If1t+7S9CIcp6j+SymkhE +qo/QQ5pNpddjS7KxeiVon77q9zAyaeafs7HKVHkcoN+qszUiiQI+BBMBAgAoAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV/ZMOgUJDUpUVwAKCRC2W/5UDe+G +wOVoD/9k6DUhKtshVhbvuzYYjeXexvj4U0cwgOq9vYN6rhBMj4KPwsze6xoEe7bO +XB7A/H+3FiZRs1bksyMWnpfYGcSG+iXUEsC97bt+23V31bfGVW305tIN0yFFStEV +6eAvaokE1t5H7O4DDDtBpP4b75yssR4vJvV/CQFi6h1CiscF3gV7KZgFeKbOQ/Un +2sLjg4BUTvjptH/PeDG9f0gTRWe/7Yw+FTP/zziYsFjhpqebq0mPIRr8D+peHfU1 +VXsVehs3cbYvZUdyCZJbaiNwcXsOZCmGuM8QpXB0/CvogHiz2Q97k/97SnLLrd23 +X4yOVpcqde7SBm+a50MK3r30y36nf0cSU42r0lTBZxOwwktxHwkGN5dkBip6kcW2 +5M0T+ngclR0EDii3/2QRPbrCDc19NaBXy7tLmtptU0EZ/h4/ZCyBJNchtFiMEOOf +yZ4wSVImggNds2OkcfKm4t7Jqs1ETN7jsKXmPFRKZtSdpe7OXL7eDPMo0aB9KqDg +S9uryIYwgQfTot/a9Eko0sxHjxad+SscOhyZrhHcnq0i/Yt/OFbcd1brOlFa4gC1 +S7au27OQwFycuXidrytdC8+7LtmKdjubkOJaZtJ99UAhXNTgfR3cnjkG2btoItng +sBNb2Ujgf3aSkaETN840it4x4VsTVbnsLEtqEK0y1mqJaXVGmIkCPgQTAQIAKAIb +AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSlpgFCQtmnrAACgkQtlv+VA3v +hsD0Fg//YwhVLJK0aTIK5zN2KyT2BUGsj96xiPWEjAOKx9MRWU3kgCFEzO/ThM17 +rsMf1Ke5bHR/KU1efIo98o6xXMLMgd9wEx3KAB4YrwxrLQ9E7CydV8zxSKnvqa07 +D3qelLu5ARhmSsTkjSf4PHsafaaPElUyodHwhNpOt2N22QcL9HNMdaom4ZdNAdX3 +njloOysjo5+TrVJOM3ZnAuuLa3RR0SgE9Obvu39JCZUVjdB+BqpQrdove+MKfjlm +fvaASPy2vVPcfoCCBvQ5UJCMxQfdTyquCrYmsS6+0fkPt2BZFCcgJtECZ3HvvwHL +gALXxukeZYjDOHVVjw0hccBgeVROs56PXViW0FdzbDDr2p8usjwpRCe2njN3gjeg +qcTzHRoxOKJgJakskvNmaiPq7bO2ZmMBtQGkqrJX1noF28sN1lwTNd9dpjCAS6jA +vIIvdJZCaGpV3o4WbZHWxQ9s4UoPuCjEeo+1x6uP4vDZ/z5B01dBE8ovwSorpMOl +XVzUPxLlHb327224LJTASlDLFbe6oQAaGXkZBmRoOWUalOpcV7fwpf6HaCtEMM9P +uDnWpdyyyh76hi7lSJOS82uNKkFX5a+4W6J1oJ2pQDjSymx1ruO1Ag2g8fV4jOxG +bP+QrRXKTWKMV71utqrt4kLwlq9fu//c2irXMTsHBSkpLiayd/GJAj4EEwECACgF +AkyNK10CGwMFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELZb/lQN +74bAjwgP/iFz8JEb9peHoijEVX5aThYdNsb4+MgP+djI46aXd+trd7t5vq2xCM4q +n7tdOJx+lD1w2G8qIVvMB0J67MEJxXGsXqvkD1BmLVe9Smrqy8qQmIL7aFHDBYt7 +i78EZyyR+DiiRaRyM6yeV7jSfej6tLjMIitz7d9KESx5RrDO8V/CZXXDvsySppTp +V72oWwDY5Uy9i2qQHfz5qAJ7dcgJnaGnEkdWqcgFBSJ9iMhkGg5akYiMSXEKS+q5 +mv406UxIwuQ2xr4/Zx5UXBl4nSYyFg1JiN6GtX+FpjqFqkzhF0iaYs7+aeqSMkoj +SfYD2KClQpXr6VnOSwQqMMDEQbqDkDdViSwoSUVJWBvRS9qloHBYVgEf8N96lWCK ++wBT/CbQ2OalQmPlvjz7vSlE1gQfjCvVYNl3zmJepmK6XjFCCS9soZuiH5aVxEda +5HhBGCeojwVLGJuAmkeQzCQfKVzGb86CY9sAAfYAVuI0U23w07xThxYs4z9TkT7U +EY101MQV7NC2eG8N9mlfESfoUNyeeZd3huMhASqeklNJ6BWtWz1lWdwWxbQFczvO +IqOnNIqLMEuGolMNlAz9FIARCmI0iscLK6GwtXVREUC5tbCdlrEcder3WUaOnDvH +0dUzxG9Skx2AxyRaE1+dhsfS08DMom3tKnyTWLmFLaqMDcaZGMv7uQINBEyNK10B +EADdyPxj0hprJJpB/8BbUz/q6bf2n95JlJZCtqbfFTMhJYkkRQ1N9l3sBl536F7h +2iMKcOFkTq4gYSWsPIx/jG4QWWG6yUYWbXJZEG9KRyv5zq2lk7ajUq3aOGmkR2lM +7I2ZsmgFfR+mfUUV4/ov9Ap0T8upzMkMyasiDtmtSpMFbOVpRgJhRUrlUR2dz1Kk +5En2DN6H2DyooPx1X+llgoZxixgnaUyNwYReoLoy30/3zZ4vPZEbxcBw2BaLtyQO +IKsoptsnyGBNDTLa6SEyXTVzIXJiyqOZV++9B9OgCJJ4Fipk704jKt3SCNOzhzp6 +IetMnBN1q5HIIs3OArh/Ta5lwXuZO3kv8Pv4nHNSqcHL3m4TuJdSJkXIP9b4+AJt +/x3anBvSjjtR8/GPA4GkbF6KDmW8xIDSrJQDIMyjRZRCE+xoqGuHIUQ3ywtEf7sp +bONszvg34bmn0BWTtsf2ATw9gBhW6xI/OdizcYuAyoR/JvzE1UZ7+5b6YOruX3Fd +3kSNQCSdmETpUScx3S13lLlBk12O087luZA+8FbKG/G2GJNH1VEk0A9iUlt+J+Gi +ugsk8hYloeCFXKRDaVO+9iitM4LE0A1fgSA29By7b8fi4N6emMk2MmqGGM6d7ear ++VIretNEnbHYxBn33ClonSQqiJrM53/LVlu35gSxkgUHRQARAQABiQI8BBgBCgAm +AhsMFiEEpsdONBBUoWnOUr5ftlv+VA3vhsAFAl/KIrgFCRUeKtsACgkQtlv+VA3v +hsBvjA/+Owx98l/J369ZwyMMueXQabTpdizH8zEKEmPCEjcfVvNwXfNMo00mP8LM +1WNUi1w5coJo+FoIfjjzcKwe9zuPWuvvKlmAPoc4ZK9GGHyAboxBCO3KAdbUkmWA +xBkvSAmaeuACDe2qlk9g3WoaBK/lLYxUJcKmi8V7fETEnRd2tO/E7wRJOcwJ/p4P +RBABlix7MOwvSuZaX+hnWFJHSPKhtS+stKaremcabB+LwPaFcfEuEnM73LC046GJ +/BmMYZlFeq0u+zgZBZMM2ymj2UOEcbRZTRUXc6PgjC9PAm9pf5PCWLBHEcnctruw +6mW+bRuh88Qgd5T3aasCErYUJsgDVV+lljJsRWRJF62+SOONUZxr2V3AeBAISDeg +oEZ2XVud3patNiP73/g18c11rf7cYcXAdK+tCSdoS04YHQ5OR5Usk/xXAIZ/0wHh +WDI4f1IVQj4ZnFgWFhmO2gPr7dPrNGUCYGtdJZAfr7fe1P8YgWIKO44dYoRatS/Z +ikV0zyOprHAW/36O4OivqHb/MLm4xXSQoiUbkVGUJOBfu9oia0/wPxnQzv2smI8e +EzxHgpQNMPuQQUlp2gbfnzSQB4qDq/mSAG4MKxYjmIgN+8LWmHF9C05YAbidiGJT +axkq1GZtR8xYQGePwR/df1n3q79J54BuaHyAkcAIcryckibgxEy5AQ0EVGbZ+QEI +AOTTfksPR/69ixTlc+bJ3vQgqEynJEdJ3ou8093XGzBvHhe2k+Cuka+all/U2L37 +3HKZHcsxJUg0282mqZjCZuqB2AYxdYQzR7k1/6pjtVwPhnhRhFuftLdDlIOg9kvh +t25PCjcW5k+OjY62InNJ7Q1h9rG8JYxWUMlKgWbu4qVgcMOc83gNjotivVTysEYk +eJreLFgA+7FHTQPANaofmT45iz0BKoEWWJL/eTafDc4cCB5ebXjtTsPr8NbzJ/d/ +4dRAIIELPM7IKs90OU2mDGGO8mAbEaShuGY4pOCAzOm+2GsL9ClGZ2uvT8khaIhm +hQZCk1u4yDezIprlfMd3qYMAEQEAAYkDWwQYAQoAJgIbAhYhBKbHTjQQVKFpzlK+ +X7Zb/lQN74bABQJfyiK5BQkNRHw/ASnAXSAEGQECAAYFAlRm2fkACgkQD5SAUt3s +vmgOpwf/XrYcFM7kIbVlpht9KqJsOVKcwDk0PpZcjJWVxDu6NtsMh/liOwidVufz +SNEfobJsjc2yYJFBL4uoPDq24YY6qF6cDfLdy5E+AaCUyiol6Fco8hrXSaqxpLj8 +tdPiFRgw7b1Tuq2b3WUi1JdgJZruGoLv6Y9P/6f26m6N+fEhbgOm89GxUJ2MoVN2 +VN/Q+ySkgAIERVYEoTZdELwYD4UMFWvxqOm9UMbaYXiB5mYdkR0d35tTcPWg/O1h +3zoFQc5vI/u+cEAuYA57+SbxvPV6o404IvtG6N3MesFC66/UbIZd1BLNi+tdCRWx +kR7Pko2naJmjdl2Cge3tPBr/tO7FkwkQtlv+VA3vhsDGEw/9Geq2kQ5PArlBJ6Od +mme+bcz8hVmKl0kf2E7+2odVK2mbAAMLvQaYHm8MA/TP7AtPvLbRbOBnqf+LDH9k +ouhMqmarcj51PIIk9HEl2ESfKk9rxLU5lpTvib73ZcCyv8K7TdZn4LyveyQ20Xuf +WC1m0Wjex75uq+BBDmzD6CN491K10qBVAUJMadNXxOQo5r1w+U85/80wEBrOX+vl +WnEq4QOS5OZSzpAg+XlJb0uDtnDuee5pBtzNgKJ7Z9gUCUPxf9BnMjfYigigIg8S +uDLVAetW648vW46vZ0c+Sk7jFfJbRDjgKlO6Ok9536MAU++nKEFIzoL+Y6eM2FB/ +N/HdW2hRHwrzPSGs5vaNnW0dQtCzetS0rzwTQbckvmyVHw2vm8/1EqZuSNFOg1la +N1aKPblYAWBnqNEgwNwo7S3sn0RvA91+u9LaDxLF+l+sm5dlvRbYRVl0p98wAhOd +GVxTYhGb3hmlfg5+1ZdWEIYoVCz8TqqkAxmG33+qqrmKhl1tbMqewnHLFP4DP1vu +sVJnTClJVpU9+yV+iRf6/b1bE/PeiBDdbHLSWq99kN2AygMYATIi97ipHMX0b9xa ++HcgW/CazktiexpsAau/WHsSDwzNPf1cyd284seB3zR3jozTMtSnDXZ7LR/raKSl +eMsM1wlos97yDIqzrVJdmJcVlvq5AQ0EVGbaCwEIAKAwVQtsK9EcXd9KFCpzrmpf +7ODiGcOtLONKUqgRYA4tnrPHfoKQGmjnOjoTEd4zydJ2kyroT2k910YAropjf3NP +7+zUSJVhytpg4ipOJT+0pwvIrM5ob1ACkecawfxs+nQMhaFAFfxA0Rdg5NOt5SQ6 +k8MLNxFpbye41wh6SpMBU1oBsHrQ3WdTrNdWqkKMLXHNTCwBOyvTq1T4CxByrcLl +Ty6LUBlPSW2+qnVGxs1VLEV7yW7ayzAehDMDPbtyGoCRpBwOaYk2WNpZLErbzNvo +RSBU+UaOrW0xTaROkS0frIh8sXVrCvajy/t3TpdfDyElPSe+O7RUWLGj2RsvjOkA +EQEAAYkCPAQYAQoAJgIbDBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJfyiK5BQkN +RHwtAAoJELZb/lQN74bACTsP/jnRIV4TpVbGoS9kFcD8Ymg3BijJOmJ5ybBvPv/u +251SKjFy0nlg5dkHe+iyczvZBYZaR4dQow50ow2iretqV91kOYw9nWREi5NtuU9H +gBl29jJEG0J2z8bb768uniITaaOEJ+3ckROInJuhoS3BOozEQ3tyYrAs3ci+/588 +46ygjq7zsOYTxmdd/gqzB6X7j7CC3zSinEgVVIWo3Mhn65HpQblIZEipzAAYxn7w +M8wTXBxfPSnxi3XtOWl9xo9+UGSSsFVd12va9PLVUhIHx+lm3/ITZrJ2TxjMqsA4 +cxc9MUQ9XpvcK9ntPn0kvYEaUGZeplDaOiG/j3G5tfsnEsb+22cNvQsJG2BDvKM5 +0nJRuwWzrtzXuQBPLF1EXIZUEml4U/LFjZ7bR7XP/wKHJTXOeSJDOmJuXwa8sBn8 +F0vqg45T7vz6zDGFDzoxjEcW667yWhzX39a1XDUnNKY75PuGIlQK6aBUFfZ6kX9B +g90zZfNrZ+e0wj6SAB+QVfip7xhF4CgUsGRldcfUlQfi4SUFAnIJmuOSSo4K+3hR +Q1nyrwC7PV/wW80sqy69J1+1uEYFbaPlz3681e+mV8z6fsPeXdQz3CJL5G46dHnn +JQy38Iyhu6VLe2WQngaz1XRL0QNak7ZhIJBe6IHbKjgKLFpBAmCGUy76VesykAyT +R2MM +=rvrD +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_C7E32619E2F71736F5910BB144CB2D868DD16BDA.asc b/git_signing_keys/keys/key_C7E32619E2F71736F5910BB144CB2D868DD16BDA.asc new file mode 100644 index 00000000..938ac413 --- /dev/null +++ b/git_signing_keys/keys/key_C7E32619E2F71736F5910BB144CB2D868DD16BDA.asc @@ -0,0 +1,43 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEXtlg4hYJKwYBBAHaRw8BAQdAOrvLI+XaT0JpcDVWP+ck30aVyExe0FEXtSog +fzNMHnW0J01hcmt1cyBNZWlzc25lciA8bWVpc3NuZXJAbml0cm9rZXkuY29tPoiW +BBMWCAA+FiEEzHS3Egv6o2/0KGhyTBRJ8cmAQXYFAl85FFQCGwMFCQlmAYAFCwkI +BwIGFQoJCAsCBBYCAwECHgECF4AACgkQTBRJ8cmAQXae+gEA5v/DrQZ4Kx/p0toG +6mvV1Dy+SoaNHv1svRuv93U2xrEBAIl0guIODCIfHA73uqxp+pPqKczyFDvnCtMA +BRtl4DkOtCZNYXJrdXMgTWVpc3NuZXIgPGNvZGVyQHNhZmVtYWlsYm94LmRlPoiW +BBMWCAA+FiEEzHS3Egv6o2/0KGhyTBRJ8cmAQXYFAl7ZYOICGwMFCQlmAYAFCwkI +BwIGFQoJCAsCBBYCAwECHgECF4AACgkQTBRJ8cmAQXaBYQD9EqQYKOui0UOIFx/r +/cTl0/VPK02jmGHynlepSZAT39gA/0KjLnAXqH9XksSyfupGHGN/PXAZ5yZ9NUNk +vr0POccMuQINBGBBFaoBEACwrD0NCNCAEX9Xu5sgS+JEnjolxe8Iq0MWzQ3mpuBU +uZkMxemnwj5ry9m7eimyeTOXRpaxbxzU4v0MRG1EcrMWkpkubHzeQYk7VbdV4bXe +8HPS7rmp+V2f8zHe+VU7CbKbJ4p5CMqBFGQR5YjMJoFQ2rBZLudUkvC1xzmSAsdI +48ujq4mh4/aAQrHjfpwSPre8wPm66VFHU6EKZlR7zFg51RW8IjkuZ0oMfoYjUTLZ +FRFHQ96MMvgpPPnRSPi/Yr2NV3jsban7TzqiNxsfpYBl3rACdWGMts65ubl+LJIU +nAOmw7gTO6jLQV8+YJCeVhEU5IE9VJo1LJky4S21fU9BvRv3RBdMidMqwI2WHPeQ +6DtGWJb7JZYvy8JPA0TQDk30f3COuz2CsefyIVyGtVxeG/qzkXOnv7SHz2iRcuf/ +vzd5qTI63xMXHMl/dlbjocXUdREY9xDarbKuZiJyt6KoU8YQUMizRgVl1E1NhQee +efrune2LpCMKPHKeQAwZ2t6rOqOdiJWLWCJKS+hQF3HE+WkqmfRVKUYygHGrQ/m9 +WG8dDaHPOipXsAJaPwV+xQ5XtKNh33hWElQ251Kq7KRoflVtG7OYaAReQumgK2TZ +AY3GoELK6uKj+irOcJ68a/C7Npp85e7zBk7vETEKZotEF7ZJAVd2gaN2r/JsD+KR +EwARAQABiQKuBBgWCAAgFiEEzHS3Egv6o2/0KGhyTBRJ8cmAQXYFAmBBFaoCGwIC +QAkQTBRJ8cmAQXbBdCAEGQEIAB0WIQTH4yYZ4vcXNvWRC7FEyy2GjdFr2gUCYEEV +qgAKCRBEyy2GjdFr2qMND/4sx0UwlQmMUp67UZ4FtfpMKWqfG4n/fE1zgdwtlQkc +XaGH6P4mmcbmouIKxn+pqqxG0dXWJE7rGtKNXP5oKG7lVVN048cqxRYtfGjHUu9v +xdup7YQ69sElsFPfaR6XYfydQpLN4Z/ZdzocCJwmk+YNx7Y5gPRCph3WaNLZ7HXF +y6CB6kxFSyUc8R+SZlSHM50AistKzwV2RFVIruC77WODSFMTQV6UOYQ7ie+6dRO7 +WlysQTnZTx0y26klVa3/GMsX+T4xQVUt0/N7NDBxQv1AbHhlRV3QtF1tDIMMFKfR ++0sMX4njeoZuGKTB+9TpRu6RdbHmNT3tYlQwMHjidPcPgm78qFr5qcHwc+Cy6Vo1 +mAYyNFrdd4tUDEm8KiasQbmr/x2HacSz+zPKjHThoOnMFQ7w0kUvhT+0ddCnezEj +LWQXZ3gU+iCuDzKNVT8OrgB6CrHkcBXuJ1jDlI2u3J1dltfGm4hbqjJjqtgjgBxc +b4tZhWcAlQuG8il93fGLwJuhbXJur6AwyLut+1qVJzinpD0S7/+2BqzSHZ+dzQ0V +MZYD8FhjIWfw+6J4bmUxZPpqazmlaoWFNlS1WsPZe57xnRvu+ycefbNP6AqNhoTk +CLBdDfQxED41Exl/K9aZOdQEJeTxWbrg+BhEzqo3kLe4+ZrtnP0CJC1r1+l1bH/i +QWvmAQDDJ91rVmgdMHm4SQsTFDdNbZttIIG2xqTEtgCPHxkaRQEA32wtUyzZ65XL +0yB/E0YT/ZGOJjVVikQ3IZm98AfjWwq4OARe2WDiEgorBgEEAZdVAQUBAQdATyJb +y84Xm6VZr8HEvCefHnt0nQhTmtFHvyAM+B9OjEQDAQgHiH4EGBYIACYWIQTMdLcS +C/qjb/QoaHJMFEnxyYBBdgUCXtlg4gIbDAUJCWYBgAAKCRBMFEnxyYBBdmdWAQDH +CV9r+nPv2Q5Lrc6ZC3OiA/eQWm/FTAMXpMVwyobOoAD+KeEut8ItQVI1kmqZw5MM +2HRaA2rEK5k7KPKBz/84YgA= +=yRQN +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3.asc b/git_signing_keys/keys/key_D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3.asc new file mode 100644 index 00000000..032b5afe --- /dev/null +++ b/git_signing_keys/keys/key_D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3.asc @@ -0,0 +1,89 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFrVLusBEADSZahIUywCFk6qhjFeaLxMdhGIJSbZ0eVCbhtmiMVyRf9dgkMz +oGjdZv2SqmLghtfJd9SijPK7sdCNi0wGay3id03qwZvxQ+l1WPefjZPV0ExKA+0S +k53V6a/P1QyP9Iv6wZxm/aTiQ9v1EtPG5SHxykQEXJq7rjVFIRxn9cylO3aI2UYk +JEhT34TKmTQ4tvi49otJJ+tdleKg0+JQtNgemT5NMhaGYFd/6gYGIiPSpbl/7i/t +uOZHf0Fq8gMqGPaoVNStylG1VIRKr6Eb7amDHAg5Elr7heK1NFj7gxLI6AgtiigK +ZHMIMBtZHBEkItL5lvpzwCft9dpvK8/nyLEeS3meojh+zUQ1zzgxJyxUlWE4j726 +Hy/d1blmZ08mvddu0Axg+FGVHLUf7/8j/zff+rT678nI4Hi7luQ0PNdgcSLUkbXu +gIK///cVYaTbtgCML+peToMNSb9+Ggc8A+IpqUaCupY4Prn6tlhKAtg8FJRXU4QM +JSaZiE/4FZLCjXvgbPq4nqEh7H5Qc08Sn+lVyZHe+xa7Cg4Dh0gGtMNc4Qcl2Pz6 +DA94CC2w7jbV9bB/Nc0/okYxg6wUzro6yzZILaSvQxVFdd1crZEOq+XfB9uVv4/V +qs+Zr8Bry29GfeSHtoM5VjTLdxdSB6yG/TlXoeiU650AphoJwO2cIViy8wARAQAB +tBxBSiBKb3JkYW4gPGFsZXhAc3RydWdlZS5uZXQ+iQJUBBMBCAA+AhsDBQsJCAcD +BRUKCQgLBRYDAgEAAh4BAheAFiEE2CX9VNm5QP8P/7MapP23vhL2PsMFAlxcgVcF +CQJ0oGwACgkQpP23vhL2PsP4Fw/9GpV9FVXPvX3SkvDC5Uy6Q7cKTHBdF4m3RrtM +u9c7P74u8GamwMB2hxbO4Y3XLiOTirU3GlXYz7hII+XT0guoGZ14DxjYSwEPQYn0 +s5qYul+siPSPmxtL6nw5Ie3Gg8owjpL8NCMzNzwdhPWo/Xz7yC7AK98y0Xj9DZOZ +PuEllg/KEpmuldmUkdxv+XpjHydLNNcCtBDGj0QiHnVEWtEqbe7pv1ioORGetPma +iE0rC4GnAksuyeRhW1RnodvBpT2Hi8P0MRxPT9PoklWVixshEKvevNgpDl47rQyV +tWerRjrwQKwWDIVSGLJgNwO3n0EGateyED7lSd9jwT/hDqwJUfHYzLMmfE7ppXLu +y67rqlFRf9z/gUS1g1zWk5+1G1z0hZdRZHId9HQ4PMSTifk54Pq1/LCpcZVwM37Z +t8Y0NmAQROLTXBf94C56lzDAqh2QdFBFIlWiDQ8JatOxY3nbxXh9di61kwgZ6aJ3 +6gntx+EgvOgHZiZFdUMyO22jToIu7OvYaxTtmVCE1O2VYnh5scN3cpud18YQ6X2B +qnaNmKDktE+pG/25qxrbo+kMAHZoBhn+jtSqAEEMh5/u/MB1i2K9/BapXX8x1Pk1 +rddBTxw6/Lravd75wPJHknUX37aYDbaUYwYhS2EL5zxnZAOxNL68+AsMeO0N0DLq +ykA9mMyJAlQEEwEIAD4CGwMFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AWIQTYJf1U +2blA/w//sxqk/be+EvY+wwUCW+OrUgUJAYUjZwAKCRCk/be+EvY+w8WUD/9a55/K +evMQzubLBZrvL+ooQNU66WkgQMI4t3F9MTgaeiaFNWC+NgMn/ytTc/Be95GofM/I +WXNBNM8QXB+ItnEtA87AVVmvv9wXjqwoR/WGuxLzkhLKd+J1XjFBMuuem8hIVPAl +hKedvkuWXFilx283McCBl4FVJDGYp7A4PC7GwYgwvXG0f5BxNEzwK4w2CiCGzulA +XRrZpGTPRP3MK3t03zf75a4BTDiBrqQ98RVeSeSoV/d9XB/GkYEGN53HoAVGWKTn +po0b2idzbeTJmlR5AU1hmnzBF5F9rSata8C121rgV6IKChMdW3NAeQToCydLNpyS +JhiUEaaxsKczz6COYBYFL1k2Rymzg1ubeiGeSFGuf9w0whSRrYx0/rzIbu13epYy +0PhemwiJjfTA4F/LcW/DEg0l0vmngHRvb0m7V9BAF4cNjZHUekIJzMXHGRNjzMUM +rFYXGRY6Xzm2e8Q4h0xYtihDf6rdMHI4rBJasdj5Geq1EH0npYXenEEceXglcFlO +79G1Xr00rlLzb/gHQ9SLIs3fbGTMZCV7oQe6zt8HLOxJ76/YYrOTz/PkCcoPQZ5g +J3IP/kbHY4HBHeOxfe172YR3wI+rM6gQHMMUPxxGAOhIvwUTUfWfaBrooUZTIVp2 +/pytY2DsKNoQ5t350Rok4wvcyRZ+3XEgYTdllIkCVAQTAQgAPgIbAwULCQgHAwUV +CgkICwUWAwIBAAIeAQIXgBYhBNgl/VTZuUD/D/+zGqT9t74S9j7DBQJbTY7rBQkA +7wcAAAoJEKT9t74S9j7DXhsP/27bjPe6t9mA6+VcLnu54E6BVrDxqETl2iAr7ZMz +eOgCUPcjw5IrTj3GUPsRykExtLMFLb1G94T3BujB94caLnNRF45W98aDMaWvzvXk +OzZMMr3Ugd0GDzD8LQA5UHqbpCAiEkB2sevNRlAu1cABmZY993oj8XHl1eyy9ReZ +murv65c03713glZlBj1QiVnSnf89Ux8oJPs4mYak+mY4XyRcqeK55Ukz6klwLweB +cUUUY3txqQlQlAiHhsaiZPbkCaY1z0FQ7YZ4KeT41vCcW7/YME7EtOIsuU3BrER+ +cAssIE7eIrkF+vIgK8xH2WbzqRxdwYohZ2k3zO8QRISJ/X/iIFxTZiH+J9KRKlmJ +GEtCajWDM+of+bytz+o5S47YmA9DOLLzgp7p6FqNbHY12VWWrAy0x3IgU4srevj9 +35DfA2nVXuCjNHT+CqDqK+2xKxd7+6hyrqTf87BpBjGLLXa+Br6sLDun8e+kvPtp +9BhJFGhIhEpJHvBewEE0NHm73J8LM0m+2qDK5Gp/Hv/8xrcbwooouT4inqvEpoZB +kZmwtcCNHHrRozClVg6KbKXQHxDTGmXVI1jbFscGm3RiSO/l4yKl2QgumEA7jL2B +5z8CxFV/XXAMHVAom4AX79lrJxq+i+D6fbONNdrp/zNbDEaJddfmr+1g10h3Lp9p +ucV4iQJUBBMBCAA+FiEE2CX9VNm5QP8P/7MapP23vhL2PsMFAlrVLusCGwMFCQB2 +pwAFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AACgkQpP23vhL2PsM9OBAAp4xxJ/sj +s+SyBb3+Mpe3ALp1x+HVUPR7Wc3bYO+3e8REXtWTe3G0MnrZ2UoCrckiT+yS/jNr +jdhKIIgg3QgXYVi/hm50gt7DIJeoo5NYxIU0Z6xpnRRYge4lDI9e0bSqf2gmvrxQ +65VAwYCzi69XvRNqnBWNprnmEpkdolA6aX1KPC/271lCU5r1DoEov13WJslTw7Z6 +zZa199kLsId9bCXc8G5BwrpN4ZwdPPF0tx5CYqiAQIOTPH7lNBocJKdoGfxxYpQK +EWDSREV8Rq49csahdSwwPXi2y6F9K8iseCbmC/iRNxkL1fiXMWj7s/DBMKlvmujl +Lo79AFqhD/QErwC/q8c4EjWudN9t0Ppxw44qg8kIl19XNEf6roFuNGs/WimoPZId +gI0bwVKCWf/uf1AjgjP9vTmVqUP/UUT+bydrHRX6lhNVOwzsSfHyOVx3MgB+jj/w +kDDTX7lsnTA2Xk2nBvRVuptzYRlbCCdKzWAPeMr5vzJEaBUm2C0mJ+wS4EUxmmie +gNcxlxaL5sGOWB60KuRJQ5ojErNyRHuiomlR9zux4Y5YXoKSAmjH5OF5DvthEeXe +gBzexwUivRnUD3RJGTxRXfN5doIhw7njt3CFWe0RNxGdIyWAaUcMPR4o03gOORlv +1iOWQMt0GNyjxarGzcpKY9A6BkdaoJ5j6cy5Ag0EWtUu6wEQAJui3Ur7o4HZ77Uz +wwPYQ9fMZqnb8iERwMUxsJ8LlYRg/TfpS1aSp55J4oXnxNlJypVo8OGH3LvZsrZ9 +AJRo3qHldxM/BT4Aq91qXFNpvJ5J4Ak8g4+eRSmStafB8yANW4L/6B5PlSyV87rE +e+3APHOAf9G748cl1y/lvkKaT+aVIxIHObhpAOu1sfapgcUHkcHZn7fknVWxg25+ +zEvrrsnNoBSANv/55JpU4LApvtEYsSDtR7NUwaPRw/bNVLN/8aOZuRKwO+YHXm9p +zvzLszFrK/sY0fqg6cQbh4dmRVy0iC++Lp/xV1d/3X4RWmNdZcliLb1SmzygT8XH +N5cJ5yDTqN1BtaO0eJiJ8NcokZIxMYCApgswBv5nFCJelVsGltD+bGgL/vJuFjI/ +3yN7lFDeD03UN6dzgIzDWULLbyfo5sTjtkUl9BB8IYb0FmQcbeHsoaD21Eq9kyyX +cljkeGmG5PzqPNIYzf3XW6R+R9D3+F2dLS1SnK1V+y/zE2amsYuRSR0neTGX9ob8 +oCpPUaHE0PWWNDHZ2gjBsTXRlE2FLQ8N1EJd9JK3TLXjAqSFq0p/1a8IEtxjRqK/ +89mkG+FLXwav6fAJe0fQdXx0lRmT2cZ9hQR43t1/pNf+XjzDkYwzbvQRUlAIxDFi +3bzdoTksrOk7fxa98OpXbgwRe883ABEBAAGJAjwEGAEIACYCGwwWIQTYJf1U2blA +/w//sxqk/be+EvY+wwUCXFyBbwUJAnSghAAKCRCk/be+EvY+w0QcEADGXhBi2rtX +QbM+iZ346q7GFmx4MzuyExLKSzeO289nWp4ygbHgdNjxN7pEO2w1eTz0FL4T2DOn +/GRJ9ToHVQuWO8wHMCUBj1kH9mut+TrOwm3tXp/MK7BYrs5AsI4Yj1SZu0XLsRSE +L/ZeJEgwwAyL0ZuRFDAerW4T5C4dIxaAgw0Clspkky5u0KoRm5F80efrW3AbeLBY +eyx/RNnDT7/R6rSdrzmlC+2LnErf9TJms4+MOaTSURCIiPY1wFe0K01MWgfmrYNm +98aSqq+xy6odNwD3RvwVGYx8S4blb5nrJHwUoGshLKS5JnwDtdFSvkt/wx1SbKM4 +0MxnTJRQsdFJpOJdmh0Uf9DtSPnE+/J5g/KyqLNp4RhycOkSpXDtHcW8uYKOn/l3 +C2VK6VL3qpEw7rOoKIaMlow+9Dpl36J8mNSs1ru+5e9nvE+9trCiLAX9y7x7ywpS +Y7NROjZqJELC2k9U5Kym2oz8zCyTvLZeyE9E2wjkSgZ1/OqdKTbS3e3YXgrdQW3e +n932eKnA6B4YVZRWdmfKvR3yoGwasCXBZt2vXp0ORrT/2uMS4wLpNFW+P+b6kcOL +rcO/i8kpSn2l1N/iv1HIJQNzRYzhZXwzWcKorZwfHCfsUu9pJqXMMCsqDfVDLqHx +Hfs/iZeEcLZ3YpUy5hEwYKcywLue4uYMqw== +=sNbV +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_E157D2B23F605B99A3E297760F948052DDECBE68.asc b/git_signing_keys/keys/key_E157D2B23F605B99A3E297760F948052DDECBE68.asc new file mode 100644 index 00000000..4bb0d0c8 --- /dev/null +++ b/git_signing_keys/keys/key_E157D2B23F605B99A3E297760F948052DDECBE68.asc @@ -0,0 +1,472 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBEyNK10BEACl4642TKimqqnfWHZFCpMSGW5F7cQ0PoIi6OfhHHLSBp9Un6NZ +dBN0jjo1Waa25OimEUU+jHi3FBu2hRAu1ZYj6uuWyarUy3ZthW1KXj29ABRZhJ7X +2DlrLt+fq3RoJkRIe41f313odqGICnN6N3wu5hpRmiQiODnLoYHPv7wjTMUNsXJ2 +BtWhFazZGxejevz7qbJH+X2QAcYiD+ymJRUk+voZJuaACCPyN8v/2DxCCbgc3WC5 +drMlS776jPYV8UeEenL5C1EUu7av5aBV//eSKm8BQZKNKuiYkKIn7UFQkbEDIhQO +HpOiV8Fw+3V7uXWfdApKF0xRp2i4Y1DrT7L+52Y13u+s+RRzIf2YKI6sNYaOU+lR +AYl/XWV7+xxKbrOqxktAbuqV9AzMwwDrHJif6kgwkfdt+2hlqvXBsbo6tfaYLAQD +d/rck8in/rgICrfMs1Mv86BWZq996qeV3YA9NUBoS6lsGhc1Zzrfe/xX41gckAHk +tn3RLSABVO8Vga71r0/pkOeYDfMWh1G0hZnKhGK+jV7LisroCTBqMu3h8BY8Um0E +/9ZqSGjVoNnOgJhW81L+96U3TxgYUP3xeUvjpYGLXx7w15GW5KlGwGVrnjYOrFmf +ioIp3uNTRpevlkbPvUnQyX3+8alotZdXxmE7DWLJdVYZiXbCs77YVJh12wARAQAB +tCdUcmFtbWVsbCBIdWRzb24gPGh1ZHNvbkBvc3Jlc2VhcmNoLm5ldD6JAlUEEwEK +AD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAFiEEpsdONBBUoWnOUr5ftlv+ +VA3vhsAFAl/KIoAFCRUeKpwACgkQtlv+VA3vhsAUfw//X01bslVPtrXKTEdgG9QB +eZ+L+TNfcTvo4Rcmabn09W33LHAXR++HG6V6T02heG5WvArOwBrvSmM5M+qICuwF +0gT5cQm270PHg4ivOB5qKFQq/34vjJ7pVJc1S1gi44YOwy+fIfSZJ1VXCUobblEq +G60Yux9AVy1/wlUBnvniJDACpDFGgK+0yKATw6Wv31JFtdR+ZTEQSs5DmZEZs0xc +1N4q44xZXK3StoBxC2VUztwj5V89Y3T26XI4AKQuoQXmHpEfCcJckN4w1R+NP3Bc +J77cVHhUYR6obCOZfomYfuMq0Ot+8Qvoz1KuuNvbzIs+y3r1CLB90EwjLwbHkTH8 +hgT7WQvnxKTp5ZaRBFqe8MNwD6vdC3K3pb7D8HSNzEGsDStmh1C1dxFnZKOayy8A +JWBmo0QTbI2f0Qx3bvSafb6FsvXOMhuexauZSoL0jGvSyYAPG2p2/KmwJjSZnSSa +olNmhj5Fz4pXJ0v5uS79F6pGDJIFG+2Ofk72tiX2gUqYzg411cZsgvfppiWAIFdL +DtlS2mc6vUiDyQsHS7AJlUJMZ2tRm8OmYCpfmW0riqEGnPtcXi0Fqvz1QOyz5cz2 +iG7MjpRK8n6YuAhpiQsxjXHpVmGQV4LNXE0cbdILWdZle2wqx7XvpUBCS7daLMDp +oNThuaPnUtOAF4Ol4b9J9bSJAlUEEwECAD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAFiEEpsdONBBUoWnOUr5ftlv+VA3vhsAFAl7g2qQFCRQ04sYACgkQtlv+ +VA3vhsDfng/6A2AsO7QMcWGvb0q+UQVXYiFJquiPj8Bik5jL4IULD0+qydKqEQCT +Uf1VIGY+gAE365ZwhdFrcou7xNrHtgbuuBHLicHkZAOpzZ4o5Ox3tRTZa5mAWTNO +PkPcF8VyxdUKKcD97KvAo5O/EV2RcYhzqLyRknWOcPixlr94N2eTEhKzzVH84+Eu +zD7h/9IAg+ITby++MYdE3ZeDQRSpMpCE0oSqvw0BvW+1ZuLZ8YZ0zEqerZNXpAST +KzqA+jCdJPOBIOzOfJ7ogWD9/JeRzXX/QX4vbMTuZSwmGWtgAlTy3A3XT/z45y8H +BlVDihi/9yYeS/n4+cPG6XgBtVq+9DjKNlmLb3pAMs+Ddlwd27bHkb9us2U3+cvl +L2ugLVr2JmSHIEkoe+B0g1PsjnNOe5CemmYvZZbv+Ql9LhEB5kf6YqDXcdem70V7 +rjZn33nAU/Kg8ML2v195riav0oWgq64Dw85W9pFlular6Fww6hmptDNv+z6ef4c/ ++mfRREYVstsdK7rktMsI5d28hdfJUw6BL9MRGgjn4wWleBZInt5uUqRrgKwv0pJL +7BuWK77pZ6L8KxVqBhj7pp06rZN3pQyUh9YYPdI0ibYruZjY5yOewHB+JX7qukw/ +XVmTlElF3lehb1vpmGu6PfToARhP3s/vWlQVSadwgSxdEuvPst9Xs2qJAj4EEwEC +ACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJb20RXBQkRL0xwAAoJELZb +/lQN74bAMyMQAJeXYwBjGC3SbwkTnDQZXADHpERdGQvpHjA7SxBHJYWsGKllrlrG +/dGMGKU/wUW6EpkFabZcHXJd3nA71pQ49jSfzxpMilLTEOZS918+2ylXU6X4y3gj +mcRTg33LL4QeT1TbIzUkV8uwcOUrQLyv1IvszIxRQ/snKJfZta+/Tso+3NtUUrWU +gQzMk6/uj4Wi2cSbWBjtXNlC7QX+X2adcgu0pXztX5UQQXB+e5WJ7HXHChyCdXKQ +FE78z72IDRDC2+9+fclnuvu6Y3IlXyO7TTgyqJ3ij5j7JdmZnzQgxY6WvMXjoK4t ++x9SMXJEWjTmcbDW49YWXhXDg+HrNCNZpBNWLPaugRlFNyp+be54+EOkjZLl7wws +nWf3NIGFXruu41qtCVnO/bRb79+gMQEcZiVtpbdsdpFbAhlAEhPfn11XPspgKsX6 +oPEeBACI0tB3xCrQnNVmHhOT9ubpmCyVARkDLzFNC1Oe5MS/OD5rJZxCHf3yEPay +XJ4WooZ9fcnHekWqcact+AsAWcxVtYQfundxkg8fhhf7F8hW+nDI/17vaH7RN+xm +DOZeV15Pj9ipFpwBTNIVuCxKU5vtWUAUnwfxdtZNgU3Yidse59SdVVurWmG5cSnN +chFsTvamTdRjshLuf/NQyB/DCwjCFEiQ9ljUIqlsTpM8dF1Qw4P5FFuHiQI+BBMB +AgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWfdoRgUJD0twZAAKCRC2 +W/5UDe+GwB1DEACNL57Zb+z0H5Cj2K1yEgUyrBQo0xw/NHuTGNORn8axsgj3sNZe +DwL9BpwlpbbMU+sBFLwcjcPf5gQUA1FDx9jdMiVKePYTUupgeyR6HnIqHKhzARD7 +Fvu7KHGsY66poDJ6yBPTXvzthjH38gCA9zd8hFnU69Wj51lcDJ75NGrPS0K9x6f3 +CREkDhm9Bl0O1wAAMQXhPA86h9yu8opAk/zTPoSYG0D6TnLc3MBfEPXG9r8rh+8l +m7paF44AW+QFiQ+usAQqwGTVOMAEC/j437afyVWuMfycJwR3gEjY5xrEK9Za4MUE +RWoHmDdAKN2A4Cj7j/I8OOURuQIZn/Sd8nJCHw4JDzewCRcAvzNKjBcGT6Ca2Tjp +yAID5yFHo4rrkN0H2RHyPxZVa+fLL0GcnI+GDVELAltLrhhR2IlxXNNTpQLd/Ul5 +fDdU2fJFGgb0EaC3Tb+vsBg7c426jJPA6R39mE40ut/iQ3CSEJ93bkfOMecBmOHf +RHBiR+cL2NWRIdt0v+0IGGyxFFaQzkmvqkHrtvrls6GUqk5Ac7wcMtPZr/LM9sPr +vRQdfFkew18zC8low8D2TEbeGFNA9S1aALriKm+IRk9HDPKzZYqAG+RsVVqQJUyd +7A04zunKDZCS1UJpcIIbZxZ1f9OJKode+btrBRTrX+mZJCcGs5+NY+ImTIkCPgQT +AQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlnY+eYFCQ8tAgMACgkQ +tlv+VA3vhsD1EQ//ULIT95cJnAzQcyNHhLFtiN//Tcd2BzSHejdLbhEieJ9eW0e7 +i030pi0irCHFZrp41PmOPDVMCZL5976lI3QceSj0h/VdRWqr4iOaEh1UWUVxuj+c +PXdgEmUVler1Gle355sSgRf8u4SYIPLTKyKv6GgMfS21amo52ysNv31nfy8THf/r +etgI/GCyjjVVyP1aVivMyuaWNbQ0qE1oH+aWovcBsdc+g3QR4qsLqwUXAZQhXfUY +mWsOAoU8qIhQ9Kz/N/Of7kQidDrVHouL2QZ62UTVwdTeK66BaJa159ru0X8lxh6Z +d0VBxLjVULinacn4eb/uEmQV6aqDeQhi2XpApG6i0TP4A1YF2Fkr7tQCv03TwiqZ +er+16POazfqzARJVjk+HnwpyYn4KLZ2Kf+ArVkORy5QWqpm0mA69jiuaBF4V/Ktr +mG57VuLwZxto49JygqsSIzv+rOKS7YtqLrmOVclzqsICqB6BQpvnTNMS0QrCW+9e +jDCiJnfh7pNE9GHAsc0yyanLT/Xik3WkPvqLewbOVQtX090uyN5K9lXOoA2O0OIp +q507zkgOr01eOeatktxA3Ae7v2HKrUD9ugu15i1N9ScVhZdj2JGACYtPhNycIUAX +9BYNexITCPBf8+Yb1VdVZXiCVfUudM8b3u4bgP1dtdCPxH/JPIbEKeB+iwWJAj4E +EwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJX9kw8BQkNSlRXAAoJ +ELZb/lQN74bA0iYQAKUckhPHU6kdxu1+2ZdHqU2ItTDgGSONOAgJ2Xv+vO2XmAo8 +pXQhG/k7MZtDbc1pjfe7kZbY9oi7701oMaZDbhaGyFIYf0GqF0Pjb7yh2xoogj2V +mqav9hVe5k/t0u9/7QbYINXCxfzLoNsNsCmSq/znM9z1G5e8pX+eQenuNXasv99A +oiazQzoMyDnaO7exzSwqNpvOcfka3spzWmEX885t+unVZGyWniruTPGv0Bl+/9Ka +PNqRsRg9SKBsnGW5yAzZI0rUSaJnVaJIUhLshBrAxgVAeaPl7X1+8yBAIatz0hNW +we5wDMmBE/YegoOJq2jjis/MDIIGgxktXX4Frh2W9Qi9gSsIGT4/1mKu99b7tXcl +yVp1Mb3ybmzuAyV0VWyBfA7kgBGF4/m8XvaSMpcH54ZJXY/Z7BnobVryFdSWCePz +M0xHrag4Ju0YhKAdo+iQHoOITCQ7I165S6ML4n7LryJt23YnAzlMWPDmoiYbP2rv +jmcHOw4RtCWk0RfGGZAkeI2/yedSv+tYxCAANpqvngTSxtwCaGQMfZD15ahAC4j2 +iER+yK4Eo/l3LeYsDYIR2xuXiW6TjA9OMrF9Kjo/PEgCNtroVLxX8wKPLudEQ7Oo +3lHrrFlOReuCLWtN1xCHE5u013+q3vnvO0uBMJcvaRRW8XZtzsGKnFDjIggZiQI+ +BBMBAgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVhKWlwUJC2aesAAK +CRC2W/5UDe+GwLbwD/9SnT0AVC80ojWciVNbEy1Oiw0+KcVUTRTOXxH1hFmh9MLT +7I+avn698GwPnJ3WSg/CvKO5TJCGwCoRHeOSPGS9+zM/GIyteBA7uM5pNs0J1T02 +3jMZEsa8zCiYgX6ivLVU3EnoBOoPYIXC2G1+H3CYEqpLBElv65YIRAVU3OZqBUSD +rHiuGarIsR4rASrYd+S4zY47yFinhqeTfrLMXdO1BrAk1Yq/eVUGjpBWo013xqix +VRhEFYOigjZ0Lutf/5szlNbiTzorQxW0gMK3MA0evKn64bjiK3N5frPLStrV3Vqd +UGD7qR1K8Nuv1L/cvDNUiUgHn/ifiUFTa8r/TgA/L7Oehfic37uMnYGhbzrdiBUl +bkUZBovfwNFr6QcPCeoen7JF01zhMsDfmEoEHbBPTMTcQdaMrFyTIWyBv9js0qWH +ecLHYbz4lDakAQwNQYJblgPIwkZIwjnPvTj4MEpx/7q5du0RH661MJb6Ums5sgL3 +aAA4Uvoefh5UYjPXOaM3e1w8dJEs62gSN8AdIdvDoY2lydLKuGaDzjc9WOOVPMmK +63NehfJ6E1sxNp/lljJ6O6hwbEyfSx5jNd4+yHNdxf9iP8LbVeaA1wU1Cr0sEuKi +Yu+eFruRiN0zPp2Pu0Wyvy7sGHB/3izTvTl5qi99aSeyc3baHutgpjEo4OZvPYkC +PgQTAQIAKAUCTVyR9QIbAwUJCWYBgAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA +CgkQtlv+VA3vhsBRzA//QibkWNpnMfCr1LfrFFb8MllksHiuGaOUPWyQf6zzi3XD +iOEmMXGoC8nUydifHzxZe4E+G/ZDXk3DT5mXAe72zeTcAMm2aecoQrP+IOb/YrYo +eup4Eoggb3vTv8jRS+NSCtk6EloWrVzKTMwOB+RbVXjx6HcZ/f6M2zEg/etqe//9 +jWxgjFZdnnRlvrJmQ6+AvmhzyLy90tgNEMMpZC58V+d7/7UkEQduqRLut0BXYlWM +t/vYdNFZII7blo+aBaV4spzQfQmk7OWQ/fm1u5ip7QNxbg1Us/lXZ4pevuN+1ae4 +TJGDgp1uJWp7GC/2A0nLzw8GA09nR6lnN420aYGlAMFN5ZLyKUL57cKUYPWOmQ0H +8eFh/0J9ae8BSyqAINHu3Q46qfRc/4M1rUwIf04R2S12h+rL8DFJkcbRQYgXVtKN +lf9+BSKwSabhc+DbvKKHSV+y3MuzgHHk0vl8BJGetEASpe/X1Wdz3c6egEbvOgoB +yBBxR9o0qyHSFKQ2N1oC+Pi5gTX7Vadnow+9AYLmC79rHWGfhXP7Od5i7t9pTviD +TzwmgYrQDt4aT5OySUmoEYX962V0JrzjiBHb7JdNy/Y6hgtg5Z3BUDcbHDRDZOp8 +L1zq58H6/1FGKdKdkj0bSKE/s53HJ9dblVrxLWpTEmESJOrbS3TWUTv9UZiRUqK0 +IVRyYW1tZWxsIEh1ZHNvbiA8aHVkc29uQHN3Y3AuY29tPokCVQQTAQoAPwIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AWIQSmx040EFShac5Svl+2W/5UDe+GwAUC +X8oieQUJFR4qnAAKCRC2W/5UDe+GwJ7dD/oDu5vgWf2HBj4KS9Or3Vf18Q5sXsAz +3Xn8awRGcodLbCFcRoP/H1cUTE5RYJ5hmxg2woPf3vQXB2RJyDa5vK7ua/bjX2sK +j/kRSRnoRb4KV7/gRks2kWjGE87bG3XisygzZvJAFTi9tA8MceRc6sNZYuT7dtGr +KELOpbiExrU6V8jPSiSvNq8TMRzMj4ddgwua/lJ2EL4/c/lmVKOVAbxd+C2DHjT7 +FpEFj7Ihiju7xBIVGRTelEPDPXmVfw8NzkxQTunWEio/sbyKgyV/ArhSJBr/1DSm +UzpNlzBY6FBcffkAM5eTX7BAIz3R0O5aQD0spHBd72dbrEIhgPAzHkIHhcdTwOZm +98ogn6Feay+2MjsDGv5jKVH3TyqR0pZvjcJXMwBnpoNM6m9husLbX0ab59L89V3g +t7oGpo8nOPI4p6N6QTDvDejAnqBIrvIFzI7O41hZjFhtB+BP+LWA+50inlmKZxDu +O70PkekyImHaqwLjj0tR2oQTlO7YiefykNITANHy/ZMTsmDn7raxc+Ti8eMsaRnE +ijqgL2VKLJw2xjSZyzkQ/BEelhWGP8mY+xo47kd1ouvvwITu9twG1Xx4y6uX6Ios +MmDlXAvxoIdr1jTd5dHZP+/3uQL8/SpXqx3KEzaIvLaipQnBNkKMNPbJnDR6S/Zt +JPwElrtuXmUsNokCVQQTAQIAPwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AW +IQSmx040EFShac5Svl+2W/5UDe+GwAUCXuDaowUJFDTixgAKCRC2W/5UDe+GwPxV +EACDjqYb6cDZlyZceSD8p9wBg3NL0gegfRGG443CND1qL53pHeafGYHpeSinaJWY +U+1J5CK3dCaxud/V6fR+7YM5nkLIzYMCXwBflXB3dkFCg2TSY4eaCsXq+BqrQ9UU +mQqvAcGMQed51Rulc4O5iySJyCjAhfGUKOt8Za7QFGQbxcKiOkTPPqRszEXWm/JZ +YLRvObMHw/cI/SWeh0NlfPibmOw5gOCKzwPv3FiCNMTJqh43DcE5pum4ZWDKOb7o +qLhp1nwHQsgpCDELXfifg6Z3EfJuGkeow1vTNJg47DdXAIGHiZmpeul8ZtN+ktvW +8ZJfkpoiMLqZji8dANZa8umWvz3Srsgc/kcyu/3/NNMoqH8BHrNfScTBQFw0NTHn +a6GOSQqeFcBvDyjtl2hJ2qVzkzgX5kAcAKdhlGZuvGheehly06YjSp8hAuFBj2/q +xoGbzl1Fv7SnfJsEPTbr9Ntnh+2b9Wrxx94y+4SY1eEHwmUfcHhFJXa3N4hgpjcs +mVrRD8bBFcgpTA37oVHx57X8dzZ/vq5w0uPJ39wjO6G47RHf75MYAWTOmjvUxsUL +5qkqoKaXPuc93IeOUki40kt1/usJ+FDV/hnjdwFGJsgiDL4ROHsBjZb8Zt8tr4O8 +FNrJnmVS6wKB2esfgeyaxyGitliF4rbjToSAx4hX8j6Q+YkCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlvbRFUFCREvTHAACgkQtlv+VA3vhsB2 ++g//f9aWmWOy9zI+CiTOwOn7ryBFPoVkf6sKTRX4P87PABmY2tg256h13kyx7Gji +5IKWsyzr4uT+Z5xmVvJev7m76cskXubTYfnp4C5rh8OAbvAqGtWTIudddCG7N8TI +e/TB8RBOGLsAOFHOEa2zIhyV5AYuFDL6iMkTQ2MIOjPwAYmv7KcH+ZuM9Tai4aJF +rwOEnkNScn6X5qf8lJmleoLNIuul/0FLJBG1EyvqVBY0OrX4VEzdv+9cwL3IXRn5 +Pk82xbNcRYl8RY56A4z7Q4RskMywEcuL5qk8VTrxBDDzCpHbBHaiEjIoeE11FPeL +lehLakHjSVEoYQ8zOaLiCbkK3fNdmDz/cBEF17Mb9revaaneDWfgOEsIB4OBz1A+ +eNkFU96upFiUAOg/fgogHXHcm2e6eaIGnzKnyBh0CT85REagPGUQTOnmjcK2DaHW +08owa1zJi/qO/mgFzEizrKYpOjhUYrmAHbIqXfbewTFlopwmnyK6TAd46cW24Rvu +8T/sGAk2DQXXYgbNtDGBrQU3tFat1mRhP/bdyw4dMSvq1zoBtWnaZK4rf+GxpaiD +CIq//S+Z4kuMFYmrAGCbz0l9rk7/vgIwi8aibJfKMfDlD8ci5pTXtYWRkFaoxgWo +X9x6dyMn1GdDbfUml/vS7Hc78i8wgy99+mo1NRonWBIvISuJAj4EEwECACgCGwMG +CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ92hHBQkPS3BkAAoJELZb/lQN74bA +S/QP/RnZKNb06T+3SWvsze+JOLR2bNQrIuIcF147IKuUMZX6SZc34uBO7B8PSdfX +nicoD2mGudHdGp7BqEVdDuzT4rWb4pxUrielZv1YLLWNKUep/AsbxI40yEclFoop +/kuqbf2zgYOegkzVPh9LaUr+/Pmg29cDmV+a5Ytqn0L6swMH1+LLzWu+awxQmbm0 +f/19IKLB9Ad6gFvUgmK2x5yfmCQxoVHopMMNEsKJqkdC54qp4w4H0eOCXT72d681 +2We+nZQInQp4ih7mSX6UGQPIzq4eOsB23ifwrIme9DxhzVHk/racqdq6mU9S8d+U +P3j5vfxlighZsSmXIass8MY1ooG+0Ezq15svQmH7RiIivFzw3hGaWNOsV80VzkM5 +5WHZfAzeaEkIGtzFRhj8mKp04hgttxwk+b/9cgyw0Toyg/ClvHBZl//MvNzHhYGj +SHR0IECOs3SgfDpd+8GE9dDXoMj9ggIts+JqUPw2Nd99IPq2viJ+4DTmxJ+fKJfl +i5WhvW75RO5xbshLPfuUlRVRLv/hle86eGPyIdcP9+rVtoSozLdtfbgjkmP80qcT +0+2su9gurjqMyUpHXkBdKumc5QcBeUeN+HltJnXInTMMAvmekOp9NYDTT8gcuAwa +m+ZA8j/oFTN1qyokqyMKnv79SqSZ3s4oPVRp3qLzuHjKR/DWiQI+BBMBAgAoAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWdj56AUJDy0CAwAKCRC2W/5UDe+G +wIBdD/9ulmYjyYQ1IEiji6yxdbpCAweINeOc1zZsnMk9hX1Nx0CWyxovixyEzjo4 +6jjZrjLV3h7ayGIeSHisP/XL6gMChb8xMlhv501YDH8BujhnykZIA8muJaYJB+vU +IXwcr6nx1iWVglkIc0NEsKe9Xe20efcXFdgGS6qoVquZfehvKv4LAttLndjfu+XG +L0AgeaAeHgB77PqrqWux6kwoyJKiemeIp31uHo4KF2jas863Rk5WPoIVTcf29mnS +XfX0C70HAkdQxXIZQdJz/HyL2srDDMDn2DVAEC+UixZo5Ib5Wz9YBE9OpTW91c5o +M0J2gvi9k9tnPhbNR4Y3k9P6REct18oyBzPzPr4tan58KkMaLlgjrXDmEV4+BJHP +qLgS+gIV4074oYG71tr3TOgVTtEBzruNnicz0LC3gR7FyKqt7mHjE4Zd645c1DL1 +gwzWjkXGyya006l8Yx6KpsovCFcP6Cx3oW/H4G+3S/Sk5d6ggCQ6Jx9xamc2akuP +enz/ltHt5C0Ted9OVXUrLXOugKc9demVLM/G0xd63P1TaywsmVcb7P66PkZ8G54Y +27h4LiMUVE8IO/1QJYLwKc5keSto3P0KqB5LNXShI4lMVpZMicVz/GSZS8KUqSFJ +Th+1CqvTkkkwCL3bPl69rxB0tQGKzPB/a+kfIMqDWX7kah9NNYkCPgQTAQIAKAIb +AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlf2TDwFCQ1KVFcACgkQtlv+VA3v +hsBVzw/+OmKnUJ5emY4mp4vN6ghUyZU071kT3m0rpOlB29LbyrPEI2J1boVgBOKk +xYtiGhMI12B2/cZuEtTM9EpnSxjQcw0Dzi7OtZzZh4KBrqOpC2E/j2YQCVtNuHaD +H/Ygj+4ybf00N62mw4uFPapzqMPw6CBIuOJ9dNDBKBSAGibNFvPqtZbU5MWnC5Q/ +kw0gKGpmG3ExusAgw2Kof5Szh0MEb6a90uckx9TdxDkqLCzaN3MNHTPR1INHZtec +/EAovxn7uAHnu+hG37+uuModqHpcYIgOxzVUkjw8DrxKBUBofoFp0eJO01aJ2+it +d7AbbngX/Iodv0yXee3v+fEMOBzbjj8p/n9TQy6zYC1MxLhp2u0uTOdmTYIono4L +VpxEnfvlRBLdMigcPagdicVZBU6QSWz6+6sxoQSyEBMfqCqK3kcbW2i0NRPnedg+ +9/qQI9BENZcz2deulEDhVaGP4K72knVlEPbPcUSaO/cGFDgVbMTF1jzusmSWeQQs +kO89hTeA1B47t1ne+Z4E3TzPRMF5rzOMnZh2lLFfvO8ze9ekpcwm3Oi4Kwg+pcCg +kW56DSaVHCG7W/YJleW0Fjnz3ORPutPkFMMYm1WW3HLtLWImjTEGeSuhB7JDc8Oc +YIpMz6gOFvBOV8sBJLjvT0Dux3AV3IRxSUKo8KWLxZhblHbc5yKJAj4EEwECACgC +GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJWEpaXBQkLZp6wAAoJELZb/lQN +74bAFXYP/jGedvt9gZDOaEyvYIi7U8JSqBjPdgsvHFmd9tah2VAjiLS+XzkkAL1r +vdFyDT7XEW+2K7XTOBa0tkzkt847zXytLAOqApWN8of3gHF3g9r8u7wMmOmvnAz9 +xK96wb9Kyj9U6kQ574gMv/fmGWVJsYP+FMXI7P4z/Jb+oweyCxYZ97wXBjhUAJ30 +EwkAkAdp0affmHNRfHlY4ciF9wP42iiIq0vceJ4vMOySAc154NBESLMKogC4lBRR +g2Lbu5xwBnjj5mFwIYoPcl6MpeFk1mhvsUScsTdA8PUvq6TDkBridx/62oejpu9J +nn2NQSDLq/npp0PjS1jGGdxiziGvE+IYasS76vNUEyAY2FA49AsjFxCSTV9hV52G +LZqJse0brhs0NiWGsY8fcm7apYa03GiZfX/xbZKGjC2PEdQYy2b14daVBq0jshh0 +VNzate+RhKozeWxn2ipeXIvys/XtQR8AmjZWqz8VJQIxipO4XcRnG18awt4SL7wO +NYUXY8nir+mlEQQKqemVvmr4WpxvgH0SmvFn6sDDjs7MlaHThlpExymAe5ZW5nkT +/WUXRQAtABZLv1HTByOBDmYWlaRR9xPcP814oyP5n9RT0uRXNjG7NdaDz5DzEUjs +tNu2ze5SrivOVzRjOw+1GlSMSheKSpSBn9curJ6RagnVRVs84T9RiQI+BBMBAgAo +BQJNX8OWAhsDBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRC2W/5U +De+GwNyED/4rz5FGWnRl6l5vOWvI1gTGMVjIoYVyCsFhHSWfzVwv/FGIjMdJiTB1 +xPiTqqsnY4BU+s5UDIj099I59OzA1Rv5eQNr6wRXYeAQ7offfpN7K9rg/Nx71xrG +k9kX57wZ8zkUMUsV1yE3d92SOybVz56XNKrDvqdJHcMe/3I+HU0Z9+akIqjUd3CV +wlZ0TVNAhlQA7nx1zZ3EQR3+Uf7cacfS1nZX3/88q8vGg3VqfaVpgrVpuyhZJAYN +hhXJ2SwnI/v2LUWkhgMjLi6QW/6G6d/pHiw1CTB4iYKwppmjYNO8wwK6Q4gSJrih +gaLsJmQ8c8knCyTgr+Dck88b62laNIcd/qHTiDm6r8UgNt7dKIewsbhVWtD5f70O +x7VEdkh/+AmrPPiNNsMl51eixxsZntMyzuCKXbunqqfLO9/oxeFEe6QXV8L36IQb +JmHyaAUxbo9feQGC3Udu6uNYnrSwpg9FeZXKvNcH3L7GtjsrmZbVF9hZpzkGP0rS +xLLBAUkGbQExcUeVNtjZ2oZXj+wQ8V17C1GinNhvIT3tcJTlH0/sZTYzUw+b+W+b +VS0yoqJjZ/zUEgQMvPvKxcPc57yoUpy/VZ44K6Pg/9kY/cKkK4NiJSeFT7EjHuLs +HfKUmStpRFoyI4HwRcgHaxDKGGxwTkwA9CZgQc1kQYSTKIC6rlUcBbQhVHJhbW1l +bGwgSHVkc29uIDxodWRzb25AdHJtbS5uZXQ+iQJVBBMBCgA/AhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJfyiKABQkV +HiqcAAoJELZb/lQN74bAAlUP/i2Nn/s8qMLqFIgFizQOCvEcn1MApu0i4iWjngKM +6W88lkh+9+odXexB2weXUV4qgnNPBzG1x3PyJHODe/jPcO4AqzvABrArYfhNQa5y +OE3PoTtXl6GctD/3V+nFWeZr4DATer/yHvWp2DhZ4Lw67hV/o9eC/OPp8rRya7sX +kcfbM+KaN16Vai75WJ+zCyRoEgYT/SJGljRs7+bd1cR26qWaRwwxjZvQBUy3k1Cw +DulpQq+Q2zV+2Zu4ruaIdzeKBfsvivLMbysOMly4eeWLgOVjDkIm3G8FkIxllnei +2QA5560DHdM/5+kKwZ/i/956kV2YOvQPVNhC6MMkNNxrmd42Y8wZ16pWjydo4+fn +nHOnIDiEBifxwSf5o7Bn8A8HY70D+hO5nf97J5U4GPlsvu8Xsc3Arq7RVenrCop6 +nMEd+cPQQC639IfXindixRQo9irk5K2xeas6pBaaCn8Br+Ib98Z/DZVkOIhEkb0S +BaHpoLg3C7/cJ4LuFNdMsSm6+ryVLQAYya3+4QdHovFCvo6/+jynPVTtGxmdxE0R +zuHztV8/2rmXSvk2DYKcllvWdWVmpjt3MEvtZqSRdiXQEPbHZ1mvz+3BxkcRNODR +rkydPXwbzepFVew70aZa/XkxpThOYvngMCCbesZAPwP7xyEd7RzKU1qBxiCUE8Ce +i9GeiQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQ +VKFpzlK+X7Zb/lQN74bABQJe4NqjBQkUNOLGAAoJELZb/lQN74bAH2UQAIQFer/n +N3L70iyQK3VkJdO0WHsRO7MQvm6hx43u6TwwQHNpN8kWED9eeJj9loB21dO2MVvN +ePjU4Jr8s4rHcMVGzFy+OqAjE9Y6ORXtgn4yjktLkNqxwpcmQs80Y9tLElyEYYoV +h1dLUy8dE/isYQT5t36hL34BxZHkxYBz83XKQxdRwlFBsiAyEGg0I2iA9UJOACR2 +6+wPlIWvCK/yYvuLdhmvwc6PgkfFJFn4OzMeYws0R1ZZbO2l/eUMdL0CrCWJ5k6x +IC2qR8YLpKArkGNWKtHkfgGuu5yTKWf0i3tkApSOgdaa0zhoMdy2BIwbZRia8/5y +86vdzK6y9KzhOe9/+hL9fauB8EctjnTo0hbHIF5lCPc4MozpQulO6EwMGn2yo5dK +F8RP5xSo0IbTQvDFudFbV9riVIxu+PQ9GsWW85D/5B9kannsTkZJX3Ec3uQtFrsj +6/WcFBcfoNkIrNY4qI+g69Z3IBfdeLNf/uqBArNH5lnmRJ0TQ8mtyEINzAP4EfNu +tPEd3rJblwZxqysVYI3S0WEoyDG4apH+6eCyrrFuhK5kilNTOZ3a0HDeREjr5Sq3 +nA+RpAaI+XtUXLF13Rp7hE6zOVT3cbT6+Nm/is8t62ewdYDjwuN9vpoPS3sMILhV +9dr7uHy3o3QeJ89Svk4tso3VR7T6ni2JRGMoiQJBBBMBAgArAhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgAUJES9McAUCW9tE/QIZAQAKCRC2W/5UDe+GwJSKD/0e +YxRacfK40TevILrKiRFOR7S/WOixGPqnf8MqHG+YiNAIAw5TomUq0BPMWegGLTfw +lviFRFiSkJ6S7lcuKFiPvJI7op3mR5fzN6frmmjrEuqQ37Anbv28O+BeD6VcrHxD +WjtSulEkmDnMrN8hwR1ZPq4xti/8bwrvJpbH8SRO5p6tV8xQ/x6khXvsBGDA6wJA +YxKy+SzYsJNV37yh5OEkwwa1xmNjAahTSW++R+vw5euWhZG2gxWKBsRctVu6USgb +kXVPCu1RkJ3P0eRkxjb4KerreMWFhgLwkkYacBD0JO4kzd3UKViBCLpRZHc0/e0Z +OFQxg76Kw6PGuZPnh3ECcnHUB3hob+NReaNI66PCmUX9PgGzbIBTfGCzUukcCnjg +4cAJvhvhRioWcYOE2tJAEcuoL6AloY5nQs0IYfeD07hzwrQ42zkzTDNa6wEhiLrY +NN3TliZJqpkXgmu8A7FpNYLvRmSZrgt6sjgaA26mlCCv50EVCGbp+3UAFQCJfwvC +Hoix4B+3lRqYXp/zdGwtxeQg+NvwNuZmXaFGX3QZPeCM11OEEKeXdhmkyaMHJzsq +//B9BiwVfAEaqlyqt+cBwkhPPV8HR+Cl/AJk49ePs6STS3F+VDfLAH8IZdmowYGh +D/RVPFN5NDmGB+mKTJvRYAg9OdawY74J8oDgTFMQjIkCPgQTAQIAKAIbAwYLCQgH +AwIGFQgCCQoLBBYCAwECHgECF4AFAln3aEYFCQ9LcGQACgkQtlv+VA3vhsCp5Q/+ +IDnqUcLSKrhLQ3SY4ytsMmfeRgPGvkhGQbToNcHnIKtza8YHAaeGzTeha0WI1dgI +sHOgih+NYYsnSDvLWpZWRAgp56zpVfBUuprd8mbUdO2bklxvfqvLyvIaJcAzLrC2 +pc2IOnNXjNcFiE6r7R/MFTvjEj4BXLh4wvW3eLMhM7tG75fJMSDDNRFaDFZ8weLG +0RheJYWVTNZHm4M4+vggDw/LedmZxSz7ROg40lufeM4pIo+Prn52EAosX/wOS0+o +mTN8nXEnC5gyuNHoB/VMT+faz8kUWLDCE/Oib/ZVN4ZRLhvoyHlF27mrgaBEKNOd +MjJ66jfN4tIAXHFs/ecYxRFzfpx7hyhr8L7aGprEdbdec2YtN2m7LEeoWGYYlBns +gwZyAcjacFtqZkvUZFRUmqbFdMb5mSHZNrNSs5hucV/Zi2/BHFiDdX5EbUDP2hbm +YC0toPV0oGd0pM3LJcqBxZ/aDL2sXDtVq1HN+oEz1++U3ZwITjzyWHUCbIdWVtjN +NDM/cBiPKBWJyXu/+D9mbp6xt7eEtI3tGc0bzBas3hMmuBMDfegD2nkjmReRLs9J +JVdcssXAZjkOglVDELER2Tk2BYRI0MdgX4SyZe5oSQWRkXqRpTt9vOsqXI5tqk1X +zQ0trLNRS3tUYjMUjedBtrlAqOfKEml0+BY9wJrLaAmJAj4EEwECACgCGwMGCwkI +BwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ2PnoBQkPLQIDAAoJELZb/lQN74bAljAQ +AIeTb4as5CDOCshMMdBw1tzDcWMtPNf+GTvo/bspSitqvw2XuKdb+l9kIwmRcmlJ +AnbY5JR4xplwHGYPqWvmS/5/EIvEiyFUjfACRtsz7fYA22AWByDLzzWBDRqy4jum +1QNK22LKxb0vQe+Lr8Mcdqxp2F2DYeBCDZnhQbt/9l34ZcYM6SL9pyRUxQztut0Z +bO4ZP2OMkXU77bPRUYbK6/CZTv2IPCsNGP+VhsTfcgEXlX5jfxA/fbvTUG0E137Z +GVA33/W5HrZtBv/bi1aO5zIkr/7WoZV75fIoQzpauKRnO+rhkQCp6v+wkYt+pl9E +A6HwXZcYJCa8HfGE96sK4Jcv3TfW/p6CDkRGd4nESnqt0YH+Hd2tuHAAf5nQVlBf +EoWS7sz0OFW8n0FXtnFTJ+Bw8vpI4B8zym6jxOvS0H2VvlP9AHfpxzAxIaDm1UKp +J14H8sjcJiRNUhgY8d3f4o+Uyq9rurT3nLsHPubGkKlgrlw6xY5oEAYfxEr38eO6 +Ifps7+UBIOIlBrxxqBakwVBkvjby3DOjMpI0egLE61y5FBC6me2Xfeo51cp8d9in +X2UQiX+Vs/grzEf0L10vASMe+1PTzyEMhLvQQNMIyRU/+7mIJ1uUmp/wtYpDexFE +BZHQR95JI8xYWWA7ZHUb1Y88APK7O7WQLFQ/Okj6BY2xiQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV/ZMPAUJDUpUVwAKCRC2W/5UDe+GwO5X +D/97ikPHHggkFcoOcFpItf9W1kV+t1cELotBC6JQElGCRwjvkdWaR3AORsNdHIAu +43ltdx9LeSI757dnaDmDXTLI2MTdiQ8b3NFA1J4+u/mCRWBg7CsA9VmZfy0dokEM +EE57sSWz6Fc5IbuSlCCcgz3l7cTJwVovF/Pc6Jd2+AEHC+pWaNEI3HkgZHhSXLhN +Mblir0HKpyK3IE3bBRFXdRs/e1wg902TBYo7wM+T9M3CXXHnACMFJ/doNSb1J7i7 +Uh/puFNCN96mqgkeafHDiPa0Qe+sgpZIBaur6wuW5/qRDyXUq6CygIrHmuagG4uz +9GIMTUePTYvkJgFXRL5Zl8FkhCmdihQf2v3acY7SYXpH/+nckmkgu+vc0uxLaG49 +F04fgfD/Pst9SkxTiH046tXJPRAo3p64Q6vquhkZDAYg0YjbEMSxL+sV8lbj2pqf +Y0sOBPsfBr3NqJy3DRlitm8uFVvufHP18ARAIJkXRKKsNdsU+YuSEyLEe2gaj/OY +JkYmhEYwkxQ29I/Kx7eYU2cO8avUoUWVQcjwQB84x+yCby0P5jODrDQfP2CWrHkB +sb2Mj+zAIN9X8AwNkXKUwmw5vrZ4wmaHpMcQYa7YTknJx2qbu/FqwHhvVJsnzapk +4JD10dYrkWYdJKvs91o5PMuXYZl2EUXtmzecehuF4M+P44kCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSlpUFCQtmnrAACgkQtlv+VA3vhsBA +mRAApZpdloMYR6Dh9euCYCYE9PadK0d9XTZN17orz2YpDmo025HMkYlxYk2aCzkc +di3AaSOf32Zpf7lbY7W7e4Q6v/GDABr1HwoClp7G0PmDsDSOXfE/OAbddlPJeXWG +/Fwfu7jC1VPWTt2ApVdZ/hkhNPNQ0W+h9jS8WeolitXDM9k/AVf3lods4K3L10PN +aWPKctKUO/CyaW3NYkaXY+W/Xe2ySUOgBS1hslqiLzZmALBiNEIf6bQukSJVzRTW +LzevO20f82pGBmI+U5mH4tDW2ZIeN/Bz5ouS+xMQlAu+LPRH6M9OAiE6kpldNYqf ++cOaREKPiA9/KGc4R89gGHrWwzJhmRr5p+V8Ad9yfdU/lPPeR0X43iDG7v3NE+t/ +E333C0iz1FNSm6V7R9EYViB7RuZfCSGDpfSLl74bsEAq4hnwQMBN/Et7LIDFwcJ8 +leWxmr6AVV7YgQFJejjUQJwJYLNU73RAgYwRlgzk/iz5xSfeJBLfy3UmHz4Cylax +gKFPqOSlsGAD7QkxNTc1YukQ+dDkepcc7l9gEaw8qOdiN4cnjBhNcNnvvMqotexU +JY6FqJ33SGvq2gwyd7+dEMQrZko14MB44ErcrTBWI0E0aFMZipRFmZCNlMsDiCm6 +16EthBTzLMHJ+xhqlViQJjtMOiA7yurWLL2i2M+nCfGRKvSJAj4EEwECACgFAlRY +QY0CGwMFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELZb/lQN74bA +IsMP/Ahx8PneGNWVA2eMNo8uQFwCG2o2Q4+r9ToK80Ordw58sQSqukP1dDCdF6V2 +rl6VpbSRT9M67okHMN+JV/opfVTeF44ilxl9fMkSy6x8TC0QLoRgx0npNfJaw8a8 +7HdtpZobU8iwIScpzTjGVlRv33TXdf7j8ojrt8ZgStzJWQpiuXpQVZYNf1jszz4j +khxOpieBn/W/0rXj2obZ9JH7+hbrR1zOAzE3CMalAhs6VygmzOzajnW7HQAIkr+r +Pg21yHzvhpigRGE8yuqg1lyp5YYLJ7h0zznP//ivjyp0cHJPWL6o8oKiKrdw7MHm +838v7qlDOqujE1+DauWgI2j4B7mbgoCtZY94yCZMGMT9Kd2lM2rW7u6RFYbvZl56 +4nQMB1C0BQ3ZR7KA1BKWzA5EZFHB9TcwrYBZJUk5gLjQ0lPZxyhNsotLcnXsN7jW +zmkkrbiN7cOAL5aAJNS1GfSGcr0jF9vtRK8xdPelKKTOp1Mc6dFqByzXKhv2aGT5 +anlfJnThANeS94TvqQAidvO4aVhIiE7YEW7lkIl/sdegW7tDY3gY1PXziY0cKQD1 +XLDFFgfXyJuiud+8j1eBO9N1zFLd940AO/oAOsDkC69CNY9xXPekb4W50/cMQHfG +s8b1Ve9uKSSdqJmylTRis+GOfBNGQroCehlvqgRUZUlMoF1ktCtUcmFtbWVsbCBI +dWRzb24gPHRyYW1tZWxsLmh1ZHNvbkBnbWFpbC5jb20+iQJVBBMBCgA/AhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJf +yiKBBQkVHiqcAAoJELZb/lQN74bAabsP/igzNaAbZRmyRNVSyI9XYq41iierDPu8 +CgU6IZLc7WAo7QRMtX2YuR+tnU+iNKem9yAKhjJQPS1rMxXx1aqKMqGkxPQV2Kdo +kwrD0fJ8/8OEu1DbRY6xr4KwgFxMRGTPbFfy08db+6rltRKtmj39A+wCUlRiL/YF +ynUEH3zoI8t/+8YXWYsCvpGNWAXbp2eVysFpbNWud1QJWrkLyHVD5lUMMQS++uwh +Rynhij7mB4XWgZogvqz5xJc1v6wTLgZ5t27rIcoEPMbmdMejTKB8/BCBMMMKLqq4 ++jF+9S8lTDBYf4b/HwzpwdgTy+tpGQm8dQ13ZIGB4DIOoWjKb2hi8ZEplX1nVCq4 +C20tnYA7tncPY4024QEKNzzzZw4Clyj+bOyNksnrF4dhuPcSoSstyWosSqUIpsIq +squSpGkc9qNJqS3B2UO/boJglHF0veuJVHLMI53glTLZDEoFttaAsxUDnFntCzhG +B+OpiOfDTQFe4dHT0P/3WllYWqKN+vKM9dyB02dwcggEKaEswMrMRd6EJlJNgXiR +i57GiDMdr/OIygibEiLK32SRM0UR//HNveatNh+qun0k90RHdAF7hCiwT1yVhJZX +eDyeboTDcqCDSMm8vVWxoNP6EUjIEv/9rLEkc3OwlnjH40hFmvuUeOvwam5Mb34c +LJMDSjBVab8FiQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYh +BKbHTjQQVKFpzlK+X7Zb/lQN74bABQJe4NqjBQkUNOLGAAoJELZb/lQN74bAdzcP +/1YJ/hmTnQraMkrM7QPcKuZ/2nCA/eBPAq4ahYOC4MNaovkUAPJmMHfki4epfZBe +xBSaEolagzAJGrcCW5eARjhJQYAhH5tWCfqumWvQr4P++4kvmEaxGpYycis7qL3C +vEPwwUr+ZeB28rYgHxlhk11GuTFVDVlQG7ubJI9EgHyvdU8SkqiK7PikyKtvVdKs +10YWm6Vtr/emT9FQaRQvfuSOzqe5mLMKok98evnjGAc2DQ7Sz3HadrIhNVa3R5hY +Zu2NuW/XcqJ8AZS6zGxvoD4TIYFOv79CG4gE5trnZ+ROf5AkhfkJ9ljf0lgTqlAf +AhzL1szT6EIjpWvst1sSmuJwEHkOHA9AWws1UVXfcQFP/Li/LkVhxu5n0lVwLOff +CTkT7JruI2GPavJlhv00wtP7oatLxIkmSKJiFvquG88uVTH2EdZGp7jheW0KaCN6 +2AQ7YGcMDdEMCy0MiNQseu8sGqVG48OptgpAtoCimvQiC6G1mFUnDro+XdEUq56x +inOVz1V5capGPNxgBGwIbc61VWs+J+X+XhMpBAEmAR4/lZfYBofabsCW2SybIY5o +nkeZC6lAujjumvn3ZXjFs2fVitXWW4jRPuyYBB2uYzbd/PdHRtCyyoq3N45QTxib +k6rNae1s13CqH2D8bXuc9RlYkBDYl/U7r23uYfCVKn3BiQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCW9tEWAUJES9McAAKCRC2W/5UDe+GwIZR +D/0dZTlWy/gAhPQ2OatwyAept9t4LwWKhxbAz+Ap6VsH9mIfs1+dOJNGbMh/osd5 +7c8AbE4gIbY+H6IKoLLMlri+vEX+z79erTtST0SlJrJ0YwVAUJ3Wcg1WTHWtxmBb +F6B/tFAS/8JqcJmbLj9wBX5nh+aMIJiidhFB5i4A2bKnmhWmpkaA6j+nx4nn3yk+ +k+2IOlecaC0aOYd0kY6mTx2ZdpB0RAKrzJ/Sy83fstiHJ/dGOVoejysURig+o1ly +LgmV1Zup930YSfAR7+GClqgk2+11prF60HIgr1vqKkT8dLroPe7B9q0Gh5bXyG46 +ATRx376+RQp/hXTHl0puJbAwS6Ow+SncnrWj/R2bvqIHwvA4hd13AU6cUcOYBJ87 +STY1Gg4rHjqMGtXR/O7sHnHmYLSNQO0WmuWFWtd1DNryh4oubxRUELWmAgiFJ7jC +ifWcZEzAVkVyKlA2cuKCA+7mzenX+9OT7WB94jgPqpOA9Mz0n/f5dmB49yIdtTJ+ +/+Nz6fQQUbhi2bnUO5qV2UgE3v/NpaPm6x7JTU2N0gooIXvV+sANpVQlgHRYJMtc +k48h64nAlAYgGtUWaZY4rfMeQ4cJfwhwJAJ9B6d5l+NrPtBZJndVy032sA8cPHEb +511+0Z2KZmkOzd4Hw5bBmORhGMIe8FEDKuD0dGugs868JYkCPgQTAQIAKAIbAwYL +CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAln3aEQFCQ9LcGQACgkQtlv+VA3vhsDK +eRAAgTPObrLuCqMtDpZqeJqcYFfEC5WIUEVUdRhAu9f9Preb1Xsm60NJHrD6K/U+ +JjpaMdTMOVDSAZMh07SLfWhy6ayfjczETpHzNWsT6In2FvrDjE90nkvyDiSjiJ5u +usFKh39mmsNOr/BSOFBy/hjArts7cyWHvglAArjmEscdaEcofrLybgEfmIVLEP7p +y6IegEP0Yqdt8NAPiKSYLb+WP+MkosRAXyAiWTTvKyJ2OngCt8domWX/JV+fJMyz +pJoimAVUbWQ3OHTjVu+98QdDW3bajr7LE++OW5zVRlJg1lRB/nsETDAatvEoN3Wm +GKVXS7wXEw+C5vHj9zA/gSOgjT6uaw9cRIEf2eW4DV6fDjVQjyODulyXZY08GnC9 +lt8KaIezgVsW7EI/MTAIHC/xnDIxgEDnid28hEcEuLSoR/b+L/tbhNwf+HC/j5MJ +4gOdjv/qzWDAyoj3bz20ljNrU3tQduuZpOXaref+TKUG4xEYl1INjh9wE/a47hS8 +0NLoDigqMdf8KT+PQjc5EAkwKRkCzjQnvJ/aONoL1813DaDTvF02x/+9OzaUYlDv +zeZ6v+Tkuhq02w4ciDEoC+AO81PblUHLWAXOdnarXCGzt3UN1CtRHvPfwQVYonn9 +Cyu/Zx4pmF+MayiEr1h+W3kAtNoppBZfR7fOIljIQQDddPGJAj4EEwECACgCGwMG +CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ2PnoBQkPLQIDAAoJELZb/lQN74bA +Y6sP/3gsjjmnq/GgdgOD8YQnk5zyG8uUYzJsGeii5XjjH7rPhUBh+lAJEu+4BXR+ +cMz0738YuKBZvxBTZ9S4C6uCrl/C9W08DNI7n3srgSHqirKH+OVK2g/Hulu2SAi5 +9aLOkDgDDXCf8ShIGDhxu36s8ATAATKKLHlWQg/j38gbNCE1B+S+DRD1+ObO0SIY +z35AMchE75r2SR3SXwhYvphHLNj/EXFDwNWDgPp+Qx5JsWKBvbZYwW7CAZYDQpz2 +0Dn8WPtQOTv7i2bOdO9A4s/+jTKCN3SeLmqAVrIRKAed0OshZSrdq60jGED7poHy +o20Zy6DrdHWlZ/zz3BjuJdTn1JnZOMdxyCxuxYynJwMprhp6E4iw+f0Kc7x4aTMZ +y3cauN2B7Y9LBB5JMZUHM4C5R0SfUpgJMoztSQBgyVadpEMUyhsCveetCZGg+dQC +8LrhZr2WnlHAY/VUr8nJweg++Fqnp4P4ZMzLZJfe2RE7wnvXG4EBpUIxDSftRI0Y +SaQbZ7mlAAcj1f0jcEJoBQHd6iD3zvj5Ajp+/mUHMr1Lg9fZiEHBRMtIdR3WjWFB +TTZ8pWuUv6vHb71YuHBbEuSzIsxbMxPlbr8tAeoruW6If1t+7S9CIcp6j+SymkhE +qo/QQ5pNpddjS7KxeiVon77q9zAyaeafs7HKVHkcoN+qszUiiQI+BBMBAgAoAhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV/ZMOgUJDUpUVwAKCRC2W/5UDe+G +wOVoD/9k6DUhKtshVhbvuzYYjeXexvj4U0cwgOq9vYN6rhBMj4KPwsze6xoEe7bO +XB7A/H+3FiZRs1bksyMWnpfYGcSG+iXUEsC97bt+23V31bfGVW305tIN0yFFStEV +6eAvaokE1t5H7O4DDDtBpP4b75yssR4vJvV/CQFi6h1CiscF3gV7KZgFeKbOQ/Un +2sLjg4BUTvjptH/PeDG9f0gTRWe/7Yw+FTP/zziYsFjhpqebq0mPIRr8D+peHfU1 +VXsVehs3cbYvZUdyCZJbaiNwcXsOZCmGuM8QpXB0/CvogHiz2Q97k/97SnLLrd23 +X4yOVpcqde7SBm+a50MK3r30y36nf0cSU42r0lTBZxOwwktxHwkGN5dkBip6kcW2 +5M0T+ngclR0EDii3/2QRPbrCDc19NaBXy7tLmtptU0EZ/h4/ZCyBJNchtFiMEOOf +yZ4wSVImggNds2OkcfKm4t7Jqs1ETN7jsKXmPFRKZtSdpe7OXL7eDPMo0aB9KqDg +S9uryIYwgQfTot/a9Eko0sxHjxad+SscOhyZrhHcnq0i/Yt/OFbcd1brOlFa4gC1 +S7au27OQwFycuXidrytdC8+7LtmKdjubkOJaZtJ99UAhXNTgfR3cnjkG2btoItng +sBNb2Ujgf3aSkaETN840it4x4VsTVbnsLEtqEK0y1mqJaXVGmIkCPgQTAQIAKAIb +AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSlpgFCQtmnrAACgkQtlv+VA3v +hsD0Fg//YwhVLJK0aTIK5zN2KyT2BUGsj96xiPWEjAOKx9MRWU3kgCFEzO/ThM17 +rsMf1Ke5bHR/KU1efIo98o6xXMLMgd9wEx3KAB4YrwxrLQ9E7CydV8zxSKnvqa07 +D3qelLu5ARhmSsTkjSf4PHsafaaPElUyodHwhNpOt2N22QcL9HNMdaom4ZdNAdX3 +njloOysjo5+TrVJOM3ZnAuuLa3RR0SgE9Obvu39JCZUVjdB+BqpQrdove+MKfjlm +fvaASPy2vVPcfoCCBvQ5UJCMxQfdTyquCrYmsS6+0fkPt2BZFCcgJtECZ3HvvwHL +gALXxukeZYjDOHVVjw0hccBgeVROs56PXViW0FdzbDDr2p8usjwpRCe2njN3gjeg +qcTzHRoxOKJgJakskvNmaiPq7bO2ZmMBtQGkqrJX1noF28sN1lwTNd9dpjCAS6jA +vIIvdJZCaGpV3o4WbZHWxQ9s4UoPuCjEeo+1x6uP4vDZ/z5B01dBE8ovwSorpMOl +XVzUPxLlHb327224LJTASlDLFbe6oQAaGXkZBmRoOWUalOpcV7fwpf6HaCtEMM9P +uDnWpdyyyh76hi7lSJOS82uNKkFX5a+4W6J1oJ2pQDjSymx1ruO1Ag2g8fV4jOxG +bP+QrRXKTWKMV71utqrt4kLwlq9fu//c2irXMTsHBSkpLiayd/GJAj4EEwECACgF +AkyNK10CGwMFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELZb/lQN +74bAjwgP/iFz8JEb9peHoijEVX5aThYdNsb4+MgP+djI46aXd+trd7t5vq2xCM4q +n7tdOJx+lD1w2G8qIVvMB0J67MEJxXGsXqvkD1BmLVe9Smrqy8qQmIL7aFHDBYt7 +i78EZyyR+DiiRaRyM6yeV7jSfej6tLjMIitz7d9KESx5RrDO8V/CZXXDvsySppTp +V72oWwDY5Uy9i2qQHfz5qAJ7dcgJnaGnEkdWqcgFBSJ9iMhkGg5akYiMSXEKS+q5 +mv406UxIwuQ2xr4/Zx5UXBl4nSYyFg1JiN6GtX+FpjqFqkzhF0iaYs7+aeqSMkoj +SfYD2KClQpXr6VnOSwQqMMDEQbqDkDdViSwoSUVJWBvRS9qloHBYVgEf8N96lWCK ++wBT/CbQ2OalQmPlvjz7vSlE1gQfjCvVYNl3zmJepmK6XjFCCS9soZuiH5aVxEda +5HhBGCeojwVLGJuAmkeQzCQfKVzGb86CY9sAAfYAVuI0U23w07xThxYs4z9TkT7U +EY101MQV7NC2eG8N9mlfESfoUNyeeZd3huMhASqeklNJ6BWtWz1lWdwWxbQFczvO +IqOnNIqLMEuGolMNlAz9FIARCmI0iscLK6GwtXVREUC5tbCdlrEcder3WUaOnDvH +0dUzxG9Skx2AxyRaE1+dhsfS08DMom3tKnyTWLmFLaqMDcaZGMv7uQINBEyNK10B +EADdyPxj0hprJJpB/8BbUz/q6bf2n95JlJZCtqbfFTMhJYkkRQ1N9l3sBl536F7h +2iMKcOFkTq4gYSWsPIx/jG4QWWG6yUYWbXJZEG9KRyv5zq2lk7ajUq3aOGmkR2lM +7I2ZsmgFfR+mfUUV4/ov9Ap0T8upzMkMyasiDtmtSpMFbOVpRgJhRUrlUR2dz1Kk +5En2DN6H2DyooPx1X+llgoZxixgnaUyNwYReoLoy30/3zZ4vPZEbxcBw2BaLtyQO +IKsoptsnyGBNDTLa6SEyXTVzIXJiyqOZV++9B9OgCJJ4Fipk704jKt3SCNOzhzp6 +IetMnBN1q5HIIs3OArh/Ta5lwXuZO3kv8Pv4nHNSqcHL3m4TuJdSJkXIP9b4+AJt +/x3anBvSjjtR8/GPA4GkbF6KDmW8xIDSrJQDIMyjRZRCE+xoqGuHIUQ3ywtEf7sp +bONszvg34bmn0BWTtsf2ATw9gBhW6xI/OdizcYuAyoR/JvzE1UZ7+5b6YOruX3Fd +3kSNQCSdmETpUScx3S13lLlBk12O087luZA+8FbKG/G2GJNH1VEk0A9iUlt+J+Gi +ugsk8hYloeCFXKRDaVO+9iitM4LE0A1fgSA29By7b8fi4N6emMk2MmqGGM6d7ear ++VIretNEnbHYxBn33ClonSQqiJrM53/LVlu35gSxkgUHRQARAQABiQI8BBgBCgAm +AhsMFiEEpsdONBBUoWnOUr5ftlv+VA3vhsAFAl/KIrgFCRUeKtsACgkQtlv+VA3v +hsBvjA/+Owx98l/J369ZwyMMueXQabTpdizH8zEKEmPCEjcfVvNwXfNMo00mP8LM +1WNUi1w5coJo+FoIfjjzcKwe9zuPWuvvKlmAPoc4ZK9GGHyAboxBCO3KAdbUkmWA +xBkvSAmaeuACDe2qlk9g3WoaBK/lLYxUJcKmi8V7fETEnRd2tO/E7wRJOcwJ/p4P +RBABlix7MOwvSuZaX+hnWFJHSPKhtS+stKaremcabB+LwPaFcfEuEnM73LC046GJ +/BmMYZlFeq0u+zgZBZMM2ymj2UOEcbRZTRUXc6PgjC9PAm9pf5PCWLBHEcnctruw +6mW+bRuh88Qgd5T3aasCErYUJsgDVV+lljJsRWRJF62+SOONUZxr2V3AeBAISDeg +oEZ2XVud3patNiP73/g18c11rf7cYcXAdK+tCSdoS04YHQ5OR5Usk/xXAIZ/0wHh +WDI4f1IVQj4ZnFgWFhmO2gPr7dPrNGUCYGtdJZAfr7fe1P8YgWIKO44dYoRatS/Z +ikV0zyOprHAW/36O4OivqHb/MLm4xXSQoiUbkVGUJOBfu9oia0/wPxnQzv2smI8e +EzxHgpQNMPuQQUlp2gbfnzSQB4qDq/mSAG4MKxYjmIgN+8LWmHF9C05YAbidiGJT +axkq1GZtR8xYQGePwR/df1n3q79J54BuaHyAkcAIcryckibgxEy5AQ0EVGbZ+QEI +AOTTfksPR/69ixTlc+bJ3vQgqEynJEdJ3ou8093XGzBvHhe2k+Cuka+all/U2L37 +3HKZHcsxJUg0282mqZjCZuqB2AYxdYQzR7k1/6pjtVwPhnhRhFuftLdDlIOg9kvh +t25PCjcW5k+OjY62InNJ7Q1h9rG8JYxWUMlKgWbu4qVgcMOc83gNjotivVTysEYk +eJreLFgA+7FHTQPANaofmT45iz0BKoEWWJL/eTafDc4cCB5ebXjtTsPr8NbzJ/d/ +4dRAIIELPM7IKs90OU2mDGGO8mAbEaShuGY4pOCAzOm+2GsL9ClGZ2uvT8khaIhm +hQZCk1u4yDezIprlfMd3qYMAEQEAAYkDWwQYAQoAJgIbAhYhBKbHTjQQVKFpzlK+ +X7Zb/lQN74bABQJfyiK5BQkNRHw/ASnAXSAEGQECAAYFAlRm2fkACgkQD5SAUt3s +vmgOpwf/XrYcFM7kIbVlpht9KqJsOVKcwDk0PpZcjJWVxDu6NtsMh/liOwidVufz +SNEfobJsjc2yYJFBL4uoPDq24YY6qF6cDfLdy5E+AaCUyiol6Fco8hrXSaqxpLj8 +tdPiFRgw7b1Tuq2b3WUi1JdgJZruGoLv6Y9P/6f26m6N+fEhbgOm89GxUJ2MoVN2 +VN/Q+ySkgAIERVYEoTZdELwYD4UMFWvxqOm9UMbaYXiB5mYdkR0d35tTcPWg/O1h +3zoFQc5vI/u+cEAuYA57+SbxvPV6o404IvtG6N3MesFC66/UbIZd1BLNi+tdCRWx +kR7Pko2naJmjdl2Cge3tPBr/tO7FkwkQtlv+VA3vhsDGEw/9Geq2kQ5PArlBJ6Od +mme+bcz8hVmKl0kf2E7+2odVK2mbAAMLvQaYHm8MA/TP7AtPvLbRbOBnqf+LDH9k +ouhMqmarcj51PIIk9HEl2ESfKk9rxLU5lpTvib73ZcCyv8K7TdZn4LyveyQ20Xuf +WC1m0Wjex75uq+BBDmzD6CN491K10qBVAUJMadNXxOQo5r1w+U85/80wEBrOX+vl +WnEq4QOS5OZSzpAg+XlJb0uDtnDuee5pBtzNgKJ7Z9gUCUPxf9BnMjfYigigIg8S +uDLVAetW648vW46vZ0c+Sk7jFfJbRDjgKlO6Ok9536MAU++nKEFIzoL+Y6eM2FB/ +N/HdW2hRHwrzPSGs5vaNnW0dQtCzetS0rzwTQbckvmyVHw2vm8/1EqZuSNFOg1la +N1aKPblYAWBnqNEgwNwo7S3sn0RvA91+u9LaDxLF+l+sm5dlvRbYRVl0p98wAhOd +GVxTYhGb3hmlfg5+1ZdWEIYoVCz8TqqkAxmG33+qqrmKhl1tbMqewnHLFP4DP1vu +sVJnTClJVpU9+yV+iRf6/b1bE/PeiBDdbHLSWq99kN2AygMYATIi97ipHMX0b9xa ++HcgW/CazktiexpsAau/WHsSDwzNPf1cyd284seB3zR3jozTMtSnDXZ7LR/raKSl +eMsM1wlos97yDIqzrVJdmJcVlvq5AQ0EVGbaCwEIAKAwVQtsK9EcXd9KFCpzrmpf +7ODiGcOtLONKUqgRYA4tnrPHfoKQGmjnOjoTEd4zydJ2kyroT2k910YAropjf3NP +7+zUSJVhytpg4ipOJT+0pwvIrM5ob1ACkecawfxs+nQMhaFAFfxA0Rdg5NOt5SQ6 +k8MLNxFpbye41wh6SpMBU1oBsHrQ3WdTrNdWqkKMLXHNTCwBOyvTq1T4CxByrcLl +Ty6LUBlPSW2+qnVGxs1VLEV7yW7ayzAehDMDPbtyGoCRpBwOaYk2WNpZLErbzNvo +RSBU+UaOrW0xTaROkS0frIh8sXVrCvajy/t3TpdfDyElPSe+O7RUWLGj2RsvjOkA +EQEAAYkCPAQYAQoAJgIbDBYhBKbHTjQQVKFpzlK+X7Zb/lQN74bABQJfyiK5BQkN +RHwtAAoJELZb/lQN74bACTsP/jnRIV4TpVbGoS9kFcD8Ymg3BijJOmJ5ybBvPv/u +251SKjFy0nlg5dkHe+iyczvZBYZaR4dQow50ow2iretqV91kOYw9nWREi5NtuU9H +gBl29jJEG0J2z8bb768uniITaaOEJ+3ckROInJuhoS3BOozEQ3tyYrAs3ci+/588 +46ygjq7zsOYTxmdd/gqzB6X7j7CC3zSinEgVVIWo3Mhn65HpQblIZEipzAAYxn7w +M8wTXBxfPSnxi3XtOWl9xo9+UGSSsFVd12va9PLVUhIHx+lm3/ITZrJ2TxjMqsA4 +cxc9MUQ9XpvcK9ntPn0kvYEaUGZeplDaOiG/j3G5tfsnEsb+22cNvQsJG2BDvKM5 +0nJRuwWzrtzXuQBPLF1EXIZUEml4U/LFjZ7bR7XP/wKHJTXOeSJDOmJuXwa8sBn8 +F0vqg45T7vz6zDGFDzoxjEcW667yWhzX39a1XDUnNKY75PuGIlQK6aBUFfZ6kX9B +g90zZfNrZ+e0wj6SAB+QVfip7xhF4CgUsGRldcfUlQfi4SUFAnIJmuOSSo4K+3hR +Q1nyrwC7PV/wW80sqy69J1+1uEYFbaPlz3681e+mV8z6fsPeXdQz3CJL5G46dHnn +JQy38Iyhu6VLe2WQngaz1XRL0QNak7ZhIJBe6IHbKjgKLFpBAmCGUy76VesykAyT +R2MM +=rvrD +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_E8ACBC6CFCCA7A99779FB69127B829528903C906.asc b/git_signing_keys/keys/key_E8ACBC6CFCCA7A99779FB69127B829528903C906.asc new file mode 100644 index 00000000..f2d6d667 --- /dev/null +++ b/git_signing_keys/keys/key_E8ACBC6CFCCA7A99779FB69127B829528903C906.asc @@ -0,0 +1,54 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBF4aGugBEAChoIg0WAwtMRrfzj8cKkaWSSc1iBMFejEtGotpwaJRLYUZtTAB +WIHEx+uonSMB3UBcAAyLYGAcuC0UD8sZpVFB8uQc3gb82FGNW6qI13z0YqBSNH9y +A2VyL4qT6KkhFGu69HnAeU7bBILUdcK4xqJo1SH9CYwGdT0rQYrQXfppHMSDXjfQ +02gOueXdpcDePhGHE90S8AVcp+9dwZPJP2gFQ3tXypYWuai+15rxOEa7UDjpldWL +f2XaR6swMWbBw0yVW96K2uCO5Idzbp4CrmdoFCgjKoEP+07zsJbp8J4wb90HyiGU +JlwoCQI9kU+jV64Jm0Wr8zi1yzXU7GNED2MobSW/gjXfeMG9h3286wDvsc++6w1D +NbddJ/ODznatVxb/oXQ3qP5gj2em/fW/oy7c0GpccL7eDhHMQY1lSI9ec1aNJArZ +Vgw4yB19Hcarti+EvYBg1cybogs4AIceRFpFEV4uIeAs86EjgcBOETG4+HUOtitT +2E1OKiKv+ounn9TiRbIrdB4mao/aVLxDAgD9CoJns5+KImFRYEFJnE9++us49p93 +CPeFeyutdf3gG1+cHQq6AsD5QZkUd0K7a4zdERI5zPvZsCFyQw+2iQ3o7b6lRRee +bU28I2KVhO8F3wwz2mlfbxHNDankjYc6uFPWuIBbIBpymMD7VvcSkzrUdwARAQAB +tDJUaG9tYXMgQ2xhcmtlIChnaXQgc2lnbmluZyBrZXkpIDx0b251eEByaXNldXAu +bmV0PokCTgQTAQoAOBYhBOisvGz8ynqZd5+2kSe4KVKJA8kGBQJftcrjAhsDBQsJ +CAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJECe4KVKJA8kGWAgP/0eEDv6NPvkAxo3q +w4FU219ltNmgruf3jOG8C0G+Bf9kJGYKP6WPWoVD3XKgVHyRaSFinIzs1CK6kbFT +LJCZRvuJGAauYu/q3ZE4cTK3kYDim4l4V97twd+3KdJFKkDpFximguHw2tFZEmTy +M8xihqA0JzWsnZ3oKMf2MnpNCoRTuUhIGf5COk16r8FBtbU95XXnvTOtD8XBBcvm +VhhHLQUJFIDG01nKAzD9jaXMD5ZpXo5rNVCCK7jNOuohc9ZwBIwlG+gIk94j6PoU +/Fx8MG8elZfYadKB0x07EQXpx1HpLcvfem94D14T81Hc6D4Ou8xUKWsqukdc6Kzo +SHwdNg+jzJr6VULsd7Cz3LXaVE4oPoOtfLJ0Es3EF3odYKr8kjPL1w3zC9a45LLQ +8iw4xk0J+HneON/pjZOQrhmB+8AFRwc2fbxJ24Q9GMK8B3qcrGVZksGgEVDMfO1m +hZjpP/OnQTgmCyxwTPS/S7YPCk0i8NCcVGaZbvEQDjNR7H6+PxTHCaxL/hN9Qo40 +lqvGOms0qKf68Ke9xpqwov7MxcQcAfCDVsu1Axm4UBlpX3tPQuBSLgdBpp/tr2Vw +GRqG9rVNlac3DuZc2aEp2RlhvppZyQxCSSBmMjEXbfbHEKKFqWl4IYSiR6dpiNHa ++ukvZCk8x/3rOZc6UtGZvpNzGfNBtDZUaG9tYXMgQ2xhcmtlIChnaXQgc2lnbmlu +ZyBrZXkpIDx0aG9tYXNjNTk5QGdtYWlsLmNvbT6JAjYEMAEKACAWIQTorLxs/Mp6 +mXeftpEnuClSiQPJBgUCX7XLEAIdIAAKCRAnuClSiQPJBru2D/sHXvxvUY09GGzC +TkCau41YtwpCECWOGGgJIGDhjv6/2Ov206x8ml6hluYxefE0aZRm3LS7XOmYF8n3 +tCl2Y3+WLVSscQRUHTgr40HqVX/gFOcCQ5gwCzABB/RdNYnIzlI+n7XTMVm6aTdl +EjwggaePzz39/SDMdwuNXxsEOKYNUCNCeH7TGR0J/DdJdVB4Fj37mVflo063Sfya +ZINjIDNBWRd8TyGSnxS4mKdG8cQOXelHCbP77wfXcQneXK4RcQZE7e9iTexszbyn +21SKCWGorH3sgXozvzfT2hPlt5mMvnsCFFYQ5LTOzkFsvFxMQ5tFihwMaL6ml9JW +4mQAYehZ6RA2EK6mvqKUKdygv6xaUxIhLnpU6bNP/lergwpE+3FN32PwSXEaXwks +Ry7509FzgAFmP6+zRibKXvbk098prL0HZ6Ap0i7H2A151WCgpPnKXQLQV2/Pj2vV +KN/4v+7Ak+8YUlIMeYrwSTDOSKIx68WQJGDAlcrAqvouFVpO2tZqZ4aXv7DgmVmy +jsK5Kcs0oBMb/Z1OHSpXGDN0Yt/a6YJprA+G20v51OwWGcYRbxLIQyCvVbHRd5FX +hP8s/gVjHoixyi1T31GM7ts01RmJRch5EDGP5iUI6o9gxKjNw3+/GsBi6Bi6HFKl +3j8csAuMhYKuJVXyPFZ161G6cNllZ4kCTgQTAQoAOBYhBOisvGz8ynqZd5+2kSe4 +KVKJA8kGBQJeGhroAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJECe4KVKJ +A8kGHT4P/0jBa1eFInn9Bi3928CaDnD3YbIuWq+6iyoyAG9t0hTlEClLUVaG8+xe +mCPfkRreILVFkfrRv7BwxaH/gkS48G832lI9lQS2aQvmgOsqeOlQ+W4X888ShSsW +kh2edh6eC/JytdLB2BisZy1g69f1Mc7noPRNeSyGMYDqvrPE1qEd6Go9P+jf5rqZ +vvxGy2/gcbaw0SXNQgTs5Gxh2mSe8eV5jPMVhb5gYC+1Pvj5bi8c9d96D6Xn3TkB +SKMkakOFdrvKnPdd15A9/dFkgXFbz0n506QTqoHqPicWP+WuuLnIcQ9oE4ayaKp4 +0bQLTbU0lfzqvSMri2LbnOr3ADGk2Ru4g4/jGjYrcNeWFXhLRdw3VTUyeo6uHmQp +CJK6px8FaW16WcAM1t5EIZBgnced2uqPI/o3qk43/VlhZtAsdHfPq2sdSjPhB/pZ +nyAFx5YG6Sz2d+OrIjHaHJD3kQM9vedfL6ba8JqGi+QX94b3LBBLppQnGyYcfDQn +FRi22l1qi6a3RYsGd5hl8kiXy5P0JBoskck8gBjJGzEgxFknVgxL9gG31Ngx259L +zFnv7E04SqOAl9ulCVjYOIAOfG7Zaoy3fceDZC4dW3OyPvVFjL1gCPSpEyYgHi7q +yOjW654jsoXpKJPyZaH87M17UtJhD7y/WC9uLlHjyOpNY73ltgFF +=MW3I +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_F553996957F0D56EE54D6F72555577116BFA74B9.asc b/git_signing_keys/keys/key_F553996957F0D56EE54D6F72555577116BFA74B9.asc new file mode 100644 index 00000000..4e243de3 --- /dev/null +++ b/git_signing_keys/keys/key_F553996957F0D56EE54D6F72555577116BFA74B9.asc @@ -0,0 +1,101 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFpXytsBEADzwOwC4roVPhAA9Um9fhlj08iUfXRVmkke0nTIeGctj8iFiW/j +IgUdrXJesK+ww+pghJcOXc2geiaSQ70AF5R41Zgx8EQ5IoYSdHc4dAV7SKFqLtL1 +ioK62ofiDgQ5xAq98feFbeEtCu0F0xjNS1UV1tVQreALXomZmWrCUQAMTvPFfNEf +CWOTovAZWwWsyZURU3D6AN2zTYUwHjV8qq6tiNv8NpnsZBu9QFgG2xmzStHizJHU +OSp2bm31rhR1r96DWZZWeMbhmgyBxAu7hmNkcp2QiY4HHNMvvhFSGlHrJ4Ysccdo +cjakMq98Bde8auYdABsp5zUG+aEZEnR1ZOqS6JLx41/WZk9i7mwH7HMxn+oQ+RxJ +Sng3Fx9pyGUd1C2duM9cvyo1DvXUwf/0axQ2D9TAiptIlRiLDjJT7BBnF5Srhbuv +wLlbxQaDPHdDWsxXZmTU1BWHLFFYPC/bfPrU5CdCi4mXE9+2v28sCZvnZZBu6HcK +XWsc+qgRM3w4rglzd3914X88a0YN9HY1sSEDyMPsFktvPYvrBReDmu29rOEh8IV5 +juZ83nIwBT/I1SgAMCCxMQAC8789E/C1sKqYh1FYFzYsrNJMevcB8UTLzupmNvNp +klCTju8Ipw1pLwNS4FpfWPRgjnHg3M3LbVUWGX66N2M95xaX4KoWZVRrywARAQAB +tCFLeWxlIFJhbmtpbiA8a3lsZS5yYW5raW5AcHVyaS5zbT6JAk4EEwEKADgWIQR7 +hQlhjYIN9jkkG7a9g7krL0v9mQUCWlfTCwIbAwULCQgHAwUVCgkICwUWAgMBAAIe +AQIXgAAKCRC9g7krL0v9mQWCEADXpgmY+MSAkJMxMwOdGla7q/ed2kyDiRHyd8yM +sfJrFecbL1mpSlp3Gab5Sz6KXfMGBX9idj7FPSNQio4xfgnu/smCK+L4shu3ltVn +x1gPhN64CPS2x3Rrsi3Sw+bk8cNegTH/UEOQ+C5JsjhUz9ewdo/6sRO5KPW7VcxL +k7+/2fYBo974LIPHjzgpBml+zeamUBQqAcCFMk3X+YV6oIOZIV48t5d3wn/Y9BmZ +Ihqn3saFsgxoulUJNZEc0eH2HA+ZSruMt0eyytxl/tjAQDIrAbbgJi3Or/Gleocd +eUFPaWwHOolzTv3Sjl5jTJrqDggMEC+Nt/knUoIF93S6t0yKdMGiWtUpzfAqB+aZ +28SzlafUV7aYeM8P6eNwXLlueoFzscwT2NFMceE9h0nyS0jhTMp2hswXIQAl6PwZ +8wvrZY+GVzQzjCdMNi9h5wcY3QuYXWvvz3aujrYogT3iuSnr5CVoh5czYxGJPkeC +nqB2jr87/uQuq3V8cgopxoxzCx7Csbp+XhucicqyZoUjgazZn4gv5kBXMKdxYS2+ +mvdJqRoNWZB/ycjE8oybMVaeAhhm3MeDNLOzslI3lyjjtrZ+v2uLuYXEJD2iOtjV +EkuXxJgOFuT1DhFSzPV3mX9fvZJNwc7/eNOuGiReSvaTYnZ+MLNWSWp6mfq5wt6C +8YJGuLQfS3lsZSBSYW5raW4gPGt5bGVAZ3JlZW5mbHkubmV0PokCTgQTAQoAOBYh +BHuFCWGNgg32OSQbtr2DuSsvS/2ZBQJaV8rbAhsDBQsJCAcDBRUKCQgLBRYCAwEA +Ah4BAheAAAoJEL2DuSsvS/2ZlFEP/1tB7Ie9Re/9Iz7e++d3L7F1+TsThLdgoCwD +3klpnTzHel3C9pDYYDjTI6BIOMi6X78eYQHRMEej2bOdemfGL9cvinrwcI+HjnKc +fb008l13ac3UuOjNW2BdaQbnosLBqL5jaqGn2xs+krLG9Ktw1TN5ZOQfbV2aJmWv +uqA+s1Gr6IhWztE/G5k4UOjQOFlvhZUEQQZisIi6HAkvP3BRreTLN0h+CFcA6y63 +x/M5wjmGU+0pKKKYqD+PoXQnQPyR7bzaK61ycJt8Q53Il/En1hNA6i1PrdbUcpEY +v2JjRBT+oS/h5D6wNkj1VgmfeLi00AnDG+Y/W81LjfrdFPQCZq9s41e/zPraiJlC +9KUGAOdDujLXWk+3K5m7OdJ1XfjfdR880J3n7OjSN9P+kGKPxth89XK9ExZCY6EJ +9LXhzd8OrPDKGaaD22K5xIXS2M4C5EKy4g148V/Y75rqRSasAp+ZRW7umLayQJba +dVSERyn71ce7xJPnxTfP9DtvfBvSvlUR8dJirBs9Ko7Prj0bJtS5RRUMsg0Pqyp/ +3t28LyoxJsXawVjI9u91/UMgflxXNKtfgOvafHz4YlMGCrfX4ff/XHAU3IxopZTr +T7KG+9y2AzhmPx5fHg+eGvkPpmgTF51C7pazbURK+1xVN3Etljkl3nVcBNdpxOrK +UybvXnbjuQENBFpXz/4BCADGWaTbtI4mPwVX2MFjD9i53XUTxq+nFTU/QNZBfHoD +sYwCIotqsClrtwVy5EbovPDyANl+10D6BKhgj0Pih0KsLUaZit3vODKqXLTR3DaJ +umPSBc7FNBVG+vbulByV5MTdM0Ph0K5cEj+fh9gfxdgmazb1TY1La/MhG0VxUbvi +Qk4r58sAJW36nQXcOZAoeDOp0l0dgHnY44YYyl9u/8YG4fAgyBUE8P5CrEj4PI92 +DesAY6XDTtz7iS/nSuszd3m/KAxNCtnvPe5lU8jXtLcdBQinb41xBE/s2jEwNcct +n60zPMk7UIw9/AaP3E3JzG7xUxZ0v+jOD8JOrkfhRpYjABEBAAGJAjYEGAEKACAW +IQR7hQlhjYIN9jkkG7a9g7krL0v9mQUCWlfP/gIbIAAKCRC9g7krL0v9mVlcD/wP +eV6/WwmtXZSNc40PLqKqglfLKtmAglVkOXI2rcrI9c7bQK8ugIiqs1OKC4US/n9x +iZHBJJL2XV1EAANoM8cZ9vGzDfAduondD9zerGI3FI4JLP5vQCbFXVLU7HOnf04h +TgC3w19fgsItHshearHOFcntiLlSGph+xKxokdsQsAUsqh8yZ6tfpmNNORQ2tjZx +NBvKaasj1IDYGlIeMGZ5HckIaSo+rZvqcIG6wYG7Lbow4Hoz4Nh7hSshCAaXW/8q +fFzzHOQbkk3AfNvaeKVnGRsGL5kBchynHThX6tDhAIjo5Ka4SG++V9xiesU4HRwG +gC9bcOw8UBcDUKzZ5SJc/OAxvgO9cROPHq5vDh94YlJQX4FAGsAOjeE4ZF5va9Ml +Spj9Frh4euqZ7bjygBlwYe3WWIEnzAdimIM20GlLxWVq0VNRES7zJc0Fmx3F0cwZ +QQEmY1MNYCThGDBtrMzLPD5oJFArCeKdIpWtiN+n8ogo1OpCeDGRhCFsjv194mDt +q/HNltyPSa2oFa+foeILJHIimx6E6bm+mlAQBaz/34yJyZ75b859zzmHDpx8X+te +kUVkaNPLIQZ1ulqGZl4eBbgaNwB0qt/qu+FCZl/kzZd4vNxYhaTZOiLuaKwZj+DV +leI2PPA7h+rbk7pC02lVqhdJcSBNI/3drecYJo7EPbkBDQRaV843AQgA5F4P1n32 +NVKV8ACx1pTC7QkJ2c5NUrKW5W/YFM/pQIMl8SLEsDZFmf3unYaaYQzd9WihBQaC +5MWP0X2OLY4z+qe19z+t5e96EQjTu9DDtw9IftaOkyXJYMVg2mH7+ObB26fK4OiL +J/OPUsqSX1q/SMeLuqZwfQ6Pi6XTndvQf7xzjdQ1HUMOYGLHW7yqzmxzzPDm824I +9UMcAlW2byQw4j34Z2OjMcoWSIy5eYy9o2SjDutzQ3PMgkuhneNGLFpQUvzNxtVu +Wrj/j0m8C4t0MYOUDqBB1B1mN582bJdVGkGaPVZ8USlug9cMap4a5dFUNYLexy7t +nBA4TcBjVCrZmwARAQABiQI2BBgBCgAgFiEEe4UJYY2CDfY5JBu2vYO5Ky9L/ZkF +AlpXzjcCGwwACgkQvYO5Ky9L/ZlrkA/9H5Lkd4weueyqT8BSWuSl2Gsy+lyAacrX +tqPoD56DPKzEd1l4OpVuCVodHC+BNQtb57JOWHcI7QH4Qg85YalK4pbdtGKEXRnu +dFbJbQeWl5cSKvazoU4qIYV0EEgyO5dAQI8DSFH+lPzcDSllsyfUwX8hi/fWIBcb +bALYkxyoE07YwzViV1Sx7iiYpArb6CF8ix4W0la0jDETIrBUJEBHVNhEoXvUEHAE +TbYljuF1D63lR5t1X28xzeH+y2bRQB2HTdz2WCxWd63GAGuC2hSc9IM9AdxV8XaA +Vv8BwzGHbozNJq2d3RZCq6i6IAQsIXk6TfI4FKu01kzGCMP5nLonxEUi4w8eRgoM +lGjsV7hJOGiKS/WIpulD4xl7lb/XPV5KDeyosH1LVX1Fhb8ElZ56KhzhXTJRshQ9 +8SV7aN62CQwzMGAYA+pHt4/YVJNpSsWBpTcb1caIxmLD7OqF6u3MQ4oy00RfD4lM +OGvNL/H+IvRNkGaqOchQC0V/QaIwCJAADQzFI93708nU4/PWZbGYiZPDFa/67Ww7 +SodoRkJj9rSXr3WaXxL1DOpEMsjHG8ERjuQZc/LIVb7W1dg+fHp+Nf86w1svRgvJ +JBsks3G8bgGrjOiielgutRk97AmtjiQpGE13xOcitlXTXBuNdetci2NU/yOR0cJv +1BivCRvwMoq5AQ0EWlfM9wEIAL8kP1T5gC71bsZCB5QgL8Sd71sOBgpuFJb6PUu1 +1XswQJg73RrzpSYYVPYkZrBxeYIB9MnTG5RKoEiGEQJhg/NgtXuNxavde3VeO772 +z9FkIV5zF0igWLGqMS0vvlMS+DQqgphFnHOjEBCZCbstDSHjTTSfhuayiOK1iCyU +yStNpX47Pfc2HyTT/g9Y7He7a1klcZhp1+PW+tx+WJzy+x0N9wyBXEKRrsw8plDI +vJ/RtCyhBPDC0cB1iyFSo6YffZyX3bKUZm3RaFD88BTHkQJDdRwJ5m2DAXPo4yBV +nSg1O+8V18RxMeAGzXDvuS157HiMqqc5VBVsOLUxAQfXZdUAEQEAAYkDbAQYAQoA +IBYhBHuFCWGNgg32OSQbtr2DuSsvS/2ZBQJaV8z3AhsCAUAJEL2DuSsvS/2ZwHQg +BBkBCgAdFiEE9VOZaVfw1W7lTW9yVVV3EWv6dLkFAlpXzPcACgkQVVV3EWv6dLlG +yAf+M6ygH/cc3SdBg7DPUtS7ODOwhhmzrxiBJUYGbV+qA0/UbgUWghq1A6HWt333 +uX7wU+zg788A2Okla/UWX5MJhsIS/Q/MaQgnH4qKb4Lbg2ws+nir1ey7JHqq6d3Z +Rx2UpW34N4r4TY9fqSnVn6DOk9h1eseAhPtl+Bn48lT0KYj2kHRj9175Ds/nqQqw +5GUR6T96eco1sIzuY2f7QBfdXmHb32heBbz2NI+oybJcqB/6F3mzXkciK6dZlYe1 +UE4nX7ynFQxNrhSbTic1KCT6gYGRp3gH2att7daUiK2vkEu1Ak7t9Vhn+rDS8izQ +rYPzyfmTriRPvS90JY6dkG9y9XYZD/44JLWyyrdpRXCyHz+u1eD/0B/wbXiEQI+2 +gl/g06GF2YYGKnFGW48H/7JVN955RwIu0W3DB/ryaTjBQFh2czxThnF0oCZx13dW +dI+xEvVtOvH6S8AhzXlLumPTOizR0RW7ylZ28xuhQUwifbMCKYnpiIgqKyDa7k6o +fhtYR0SDJtjVXreHrZ09QF8IfqVqmqdOTmRFNca6HKMsIsamAYf55wpVJnGzaSjD +8i+9f3ZakPnW0MGe/5cq/MhRUctSUGUGtIppVTreMQrfHR7BWuK4EAJ/iMCtOxhc +w/G2RzvkpgHjTxG3ycqzoEm8nkhSxxkHLBvUxsJxQ1y/SJvlKbC9Jwcl5BspskOl +s/qc6kfIZadePtJiYuKiBAL97LMyieZukA/Ra5fzWK+9XEQO95M5Pm1G5BFBxl98 ++cr83x6ThGxS5xKFtKy/9wvdW5lAAJMerp/nzpN1XhWHwGqGFn1IWuq8jFXtlD4z +e8hcSzTzW66V5oqiX2yUN74hGlilAs2OYGF1fhkQQzfBeZ6Mowhy/+kPLxasurts +ntzUJJpAw/pNMCwQ2yhrWNmx3VCwL9DEzFtz5yuct9D+t/vX69N4Z2YLWcEmbjXv +CqDxv+6N+AQgIJAlWZIQsA5DfYvg6z1mi3gWbPuxRJl1E/3ySPq8+K9yGQ8zCcam +MenKCRloCg== +=zbCD +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/keys/key_FB1AB4639F52FF4B8E302151902C199C68C4B327.asc b/git_signing_keys/keys/key_FB1AB4639F52FF4B8E302151902C199C68C4B327.asc new file mode 100644 index 00000000..b6576c1b --- /dev/null +++ b/git_signing_keys/keys/key_FB1AB4639F52FF4B8E302151902C199C68C4B327.asc @@ -0,0 +1,41 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGKrfPwBDAC5o19Ltdi3pOKipV/Zg5j8+0ohN36mQkyNe3uZkvOLcd66AisM +oekJDgjXEAJyvNy3zsaHxsXMLtyiOu/FLXghw2cVUi1HyoTw5TDIpaW5LtccD782 +q5ghC2k7GTE8JUyinJtRtfmgyJyXMdFmmETsbJ5UluQc/wyrA/BDLFo1UBLPslB3 +3fYKCpQ8js8K0K/OB6I/ecLHMXl5pC1oNaT78a7LEZsEC7nR1YDukb5onC6gQuR7 +ve4G5g4ZjEpzctmNS8sQq4o2nGj9k+cpR0g2tLAzKuM8ygcfWyrrVDplI/cge6Qb ++N5gIltREinfutAxb5LkT63slHV65Dam3tUx6QN2/p03Oz5Yd5qLu6wwMw3x2t6k +CG/1N3pimtDyFn0krgy7dMA3UL1fgWIULrLz6kJg2D3mBvsDU+AxahFegfqiBUcJ +5yZ+wwBUe67Jh22KEixhTam9OxhaahshuwvbtoAcUUg/col8Jq+3inQB0XIPHPsQ +nAvOK4o0G32ehDUAEQEAAbQlRGFuaWVsIFBpbmVkYSA8ZGFuaWVsLnBpbmVkYUBw +dXJpLnNtPokB1AQTAQoAPhYhBPsatGOfUv9LjjAhUZAsGZxoxLMnBQJiq3z8AhsD +BQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEJAsGZxoxLMnDj4MAJ6G +NZmGmavjG2H9zShnvrZebup8CjAlrcweP1zqpN/NupwVA2X151C5R9FKQjRlvqC2 +BxMp0TruoM4J6piucGCKqM7PSnwVo/S3xud+PrNFhbWLRNjruwO8H+wZUoP38MBF +Yvt05swYJs0e3iOjWM2vUFMZSerpR/5m8+hhAL2rfdbfZOTYs/Av49169hXlfcef +mOaJc525bs0em9+ZOgF99chw7W0y9FGury9AQAn8DDXCZ490lRDEXeitePbrTxqb +KOyioEsNzp/mIGOkt++ouyJNVCaX0AagPVllim6rXeDIQonUrkVbyNIxMUqe3w3J +vdUFBCq4BAFsx1ryezF4AijNWdNkf5kAaZ/3uLiLraNjTnBAXbwJgIott62jUI+k +AwDZrXvGI0S1n5IS5/QVCjoIwIIgplz2xPHX9IF4vlouBwrwh1uM7YMy1Oh0l5YZ +vqQBO6dItuT1WFZQ/XJQ9R9Zts6wwtbDrWjkzeo3H1HXF/kFHBujLGD73rY+FbkB +jQRiq3z8AQwA2oMiy2ug3Mbgy+0eB8NgpsrmSPoqqg6gSmwl6MN8S0IQxcTlhzXX +Av9iikFLKjH9aA51fL0gpgg+kKCeSI3YVfoogwlHh/IV+V9srygiX+YPxVt9Yi8B +vIrUSZZvsr9U6wvnPT7w/qFtGGlGpm/wBxgsTltLhv1yrcoeVfhoIwfrqSk1BKAB +4hwRRGoOlKt1GG9JSeSPWye6POqmQfkY92QPhRx2HnPLgItWCh3epSwAaL8HfbCC +8Bfov4izSgFzUqythveU9ySlr6kGATn3lav14Zgs/PTvBZbGzlFpWdF4qKOP5vTu +TIxpF44UZaybovHmqA4cWqzRz/en1FJLMeY5UXAIlKYbXSrqfe/seBHfquzyqJwP +DG7EM59ov5/VeKyvBM0zXA5yAkuD1crT7k5PQZDR7hCdlJonV/XcZMnUD4XPLGsf +1po2kcZ2+g819hu+FaG4rRnDPAzGYidVHKjyyIEtYKyKMN6Anf/gSak7GtUqt8Rd +4IHzpNG8/vsvABEBAAGJAbwEGAEKACYWIQT7GrRjn1L/S44wIVGQLBmcaMSzJwUC +Yqt8/AIbDAUJA8JnAAAKCRCQLBmcaMSzJ73VC/9d5lfd7XJO5qSklmAGeUYoyjyk +hK2M2k5+UQO3+QtNhdvw6ECo7u9nk87Qm9EKiS2F0U1yqgscFSOyXPvttbvDYv7j +lpy6QB+Z27YkDO7nDYMMGY0bLJmO0A7Ds5oVc3gOGUQdKkd/qQCxGuF5sqHFyJR+ +mxhDTjGkBRqvimqZ2Vb3niGd9HuuspZGggofQ9yVq7IC8XWILiwqOIwnZU/Rtw3h +UNqtepbUhgL6TXUtec9nlh/Wo6DwBMl3tvjIhjhxK9lHhgKm/0W8CWcU84dIi//2 +qPsxtIny5JcaLk+sAFIgnm7PNNLzvKDfUlU+doWqP+i6RvzI/Ij6NTPELivBaNyY +AVYZP0uGMODD0PMiQpk3ehTUOVB4eUVgC8dxHFoqFzaD7wS5mRYIVCwOYZQZyiQp +9GNWABoqSEEWRjF9zEohGlzJBJu9+W+KJyc/hcKll1iF1Z1W1iYqTFcK0Xq6/ZUI +Iu8tlWdYD0KjU3/ad+EcRtB9WS4WWoGt1hh4WPg= +=IZn4 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/git_signing_keys/not_found_keys.txt b/git_signing_keys/not_found_keys.txt new file mode 100644 index 00000000..0762f3b7 --- /dev/null +++ b/git_signing_keys/not_found_keys.txt @@ -0,0 +1,10 @@ +Key 07609BDE4C8AEAB90F6EFCA94CA7B2A5D5C92A9C not found on any key server. +Key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 not found on any key server. +Key 1705719801234567 not found on any key server. +Key 3A07364F010D7C71552FAFA687F342A528DFD8E5 not found on any key server. +Key 3E3D140D4439F0659D4A8FED20C3618D656E7853 not found on any key server. +Key 48579AA47429663E not found on any key server. +Key 5FCA029DCAB21268 not found on any key server. +Key 687A5005935B1533 not found on any key server. +Key 924C1CD7C19D95FE7A577D2848579AA47429663E not found on any key server. +Key C7CFA251FF608213 not found on any key server. diff --git a/git_signing_keys/signatures.txt b/git_signing_keys/signatures.txt new file mode 100644 index 00000000..1f1a1f9b --- /dev/null +++ b/git_signing_keys/signatures.txt @@ -0,0 +1,40666 @@ +commit 3fef9e06c1bb9de81a170e747282ab5cea879360 +gpg: Signature made Mon 09 Sep 2024 10:46:32 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 66fd008089 faa77d4064 +Author: Jonathon Hall +Date: Mon Sep 9 10:46:26 2024 -0400 + + Merge remote-tracking branch 'github-tlaurion/dynamic_bootpart_detection' + + PR #1784 + +commit faa77d40643ec51f583c9edf5b1cd402f2443a3e +gpg: Signature made Mon 09 Sep 2024 10:45:28 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun Sep 8 13:37:33 2024 -0400 + + /etc/functions:mount_possible_boot_device; punch exclusion of mount attempt on partitions <2Mb (4096 sectors) + + Removes spurious errors thrown for exfat in dmesg in that function. Something better to propose? + + Signed-off-by: Thierry Laurion + +commit 3574e12be949b92806c478941703a1a5b634fadc +gpg: Signature made Mon 09 Sep 2024 10:35:03 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun Sep 8 10:22:44 2024 -0400 + + board configs: remove CONFIG_BOOT_DEV so detect_boot_device detects it prior of oem-factory-reset usage + + repro: + sed -i '/CONFIG_BOOT_DEV/d' boards/*/*.config unmaintained_boards/*/*.config + + qemu debug trace on preinstalled OS: + [ 3.999725] [U] hello world + [ 4.286215] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config) + [ 4.315239] TRACE: Under init + [ 4.369379] DEBUG: Applying panic_on_oom setting to sysctl + [ 4.588333] TRACE: /bin/cbfs-init(5): main + [ 4.728310] TRACE: /bin/cbfs-init(24): main + [ 4.867039] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/pubring.kbx + [ 4.946757] TRACE: /bin/tpmr(788): main + [ 5.006987] DEBUG: TPM: Extending PCR[7] with hash 7ccf4f64044946cf4e5b0efe3d959f00562227ae + [ 5.068692] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/pubring.kbx + [ 5.326365] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/pubring.kbx + [ 5.399511] TRACE: /bin/tpmr(788): main + [ 5.460618] DEBUG: TPM: Extending PCR[7] with hash 547ca343719d3aa62af4763357d8c10cb35eae55 + [ 5.524608] DEBUG: exec tpm extend -ix 7 -if /.gnupg/pubring.kbx + [ 5.752340] TRACE: /bin/cbfs-init(24): main + [ 5.908677] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/trustdb.gpg + [ 5.988169] TRACE: /bin/tpmr(788): main + [ 6.044996] DEBUG: TPM: Extending PCR[7] with hash 7236ea8e612c1435259a8a0f8e0a8f1f5dba7042 + [ 6.101604] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/trustdb.gpg + [ 6.371341] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/trustdb.gpg + [ 6.451878] TRACE: /bin/tpmr(788): main + [ 6.511948] DEBUG: TPM: Extending PCR[7] with hash 4697c489f359b40dd8aec55df52a33b1f580a3df + [ 6.572785] DEBUG: exec tpm extend -ix 7 -if /.gnupg/trustdb.gpg + [ 6.879519] TRACE: /bin/key-init(6): main + [ 8.239618] TRACE: Under /etc/ash_functions:combine_configs + [ 8.323781] TRACE: Under /etc/ash_functions:pause_recovery + !!! Hit enter to proceed to recovery shell !!! + [ 8.572855] TRACE: /bin/setconsolefont.sh(6): main + [ 8.631296] DEBUG: Board does not ship setfont, not checking console font + [ 8.887295] TRACE: /bin/gui-init(641): main + [ 8.920627] TRACE: /etc/functions(715): detect_boot_device + [ 9.251212] TRACE: /etc/functions(682): mount_possible_boot_device + [ 9.312602] TRACE: /etc/functions(642): is_gpt_bios_grub + [ 9.410830] TRACE: /dev/vda1 is partition 1 of vda + [ 9.540007] TRACE: /etc/functions(619): find_lvm_vg_name + [ 9.707187] TRACE: Try mounting /dev/vda1 as /boot + [ 9.766843] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null) + [ 9.825028] TRACE: /bin/gui-init(319): clean_boot_check + + Signed-off-by: Thierry Laurion + +commit 66fd008089f4a8e5a5ea96d3fd90c3463febae47 +gpg: Signature made Mon 09 Sep 2024 09:31:49 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: ebba590e63 0e90021931 +Author: Thierry Laurion +Date: Mon Sep 9 09:31:49 2024 -0400 + + Merge pull request #1789 from tlaurion/bug-remove_ash_function-TRACE_FUNC + + etc/ash_functions: remove TRACE_FUNC that cannot be used in ash, only under bash + +commit 0e900219311633f59b85c66b7d36e585423d5398 +gpg: Signature made Mon 09 Sep 2024 09:30:43 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Sep 9 09:30:43 2024 -0400 + + etc/ash_functions: remove TRACE_FUNC that cannot be used in ash, only under bash + + Signed-off-by: Thierry Laurion + +commit ebba590e630b356aa3a1269bd909e824ced9cb3c +gpg: Signature made Mon 09 Sep 2024 09:13:10 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: ca9bfb2e94 7f7bc7057c +Author: Thierry Laurion +Date: Mon Sep 9 09:13:10 2024 -0400 + + Merge pull request #1787 from tlaurion/fix-whiptail_not_whowing_if_not_called_from_gui-init + + init: add export BG_COLOR_MAIN_MENU="normal" so that media-scan, confiig-gui flash-gui etc can be called from Recovery shell + +commit 7f7bc7057ccb80f70a4fa238f373c7ab42b5e173 +gpg: Signature made Mon 09 Sep 2024 09:09:28 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sat Sep 7 16:19:17 2024 -0400 + + init: add export BG_COLOR_MAIN_MENU="normal" so that media-scan, config-gui and others can still be called from command line without passing from gui-init which was sole exporter of it + + Signed-off-by: Thierry Laurion + +commit ca9bfb2e9460115794749d924ebcfb7fac02e4a4 +gpg: Signature made Mon 09 Sep 2024 09:08:41 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 523649bb19 501419b2b7 +Author: Thierry Laurion +Date: Mon Sep 9 09:08:41 2024 -0400 + + Merge pull request #1786 from tlaurion/reenable-debug_qemu-coreboot-whiptail-tpm2 + + qemu-coreboot-whiptail-tpm2 board: reenable DEBUG + TRACING + +commit 501419b2b7f94ca5b3f48a486de14439c2f27333 +gpg: Signature made Mon 09 Sep 2024 09:06:37 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sat Sep 7 15:53:14 2024 -0400 + + qemu-coreboot-whiptail-tpm2 board: reenable DEBUG + TRACING + + Signed-off-by: Thierry Laurion + +commit 523649bb19a73836d333f0646ee979a83003fae3 +gpg: Signature made Fri 06 Sep 2024 05:30:52 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: b28c257b85 77d4be1dc6 +Author: Thierry Laurion +Date: Fri Sep 6 17:30:51 2024 -0400 + + Merge pull request #1758 from tlaurion/improve_tpm_basic_instrospection + + Improve TPM extend ops output in normal and DEBUG mode + +commit 77d4be1dc64c593bd06a19c0ab7f9c930bd021e7 +gpg: Signature made Fri 06 Sep 2024 05:15:55 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Sep 6 15:07:51 2024 -0400 + + TPM extend ops: Augment output of TPM1/TMP22 for filename and file content hash ops + + Debug logtrace, screenshots of non-debug will be added in PR #1758 + + TPM1: + [ 4.815559] [U] hello world + [ 5.099000] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config) + [ 5.122059] TRACE: Under init + [ 5.165917] DEBUG: Applying panic_on_oom setting to sysctl + [ 5.388757] TRACE: /bin/cbfs-init(5): main + [ 5.516637] TRACE: /bin/cbfs-init(24): main + [ 5.662271] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/pubring.kbx + [ 5.732223] TRACE: /bin/tpmr(790): main + [ 5.785372] DEBUG: TPM: Extending PCR[7] with hash 7ccf4f64044946cf4e5b0efe3d959f00562227ae + [ 5.838082] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/pubring.kbx + [ 6.081466] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/pubring.kbx + [ 6.147455] TRACE: /bin/tpmr(790): main + [ 6.196545] DEBUG: TPM: Extending PCR[7] with hash ee79223a3b9724ad1aab290a3785132805c79eae + [ 6.251251] DEBUG: exec tpm extend -ix 7 -if /.gnupg/pubring.kbx + [ 6.445119] TRACE: /bin/cbfs-init(24): main + [ 6.585854] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/trustdb.gpg + [ 6.659172] TRACE: /bin/tpmr(790): main + [ 6.707564] DEBUG: TPM: Extending PCR[7] with hash 7236ea8e612c1435259a8a0f8e0a8f1f5dba7042 + [ 6.757645] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/trustdb.gpg + [ 7.013547] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/trustdb.gpg + [ 7.082863] TRACE: /bin/tpmr(790): main + [ 7.131022] DEBUG: TPM: Extending PCR[7] with hash ca8898407cacd96d6f2de90ae90825351be81c62 + [ 7.183344] DEBUG: exec tpm extend -ix 7 -if /.gnupg/trustdb.gpg + [ 7.413787] TRACE: /bin/key-init(6): main + [ 8.718367] TRACE: Under /etc/ash_functions:combine_configs + [ 8.803914] TRACE: Under /etc/ash_functions:pause_recovery + !!! Hit enter to proceed to recovery shell !!! + [ 9.045341] TRACE: /bin/setconsolefont.sh(6): main + [ 9.096853] DEBUG: Board does not ship setfont, not checking console font + [ 9.320494] TRACE: /bin/gui-init(641): main + [ 9.356729] TRACE: Under /etc/ash_functions:enable_usb + [ 9.445981] TRACE: /sbin/insmod(9): main + [ 9.609464] TRACE: /sbin/insmod(53): main + [ 9.660145] DEBUG: No module parameters, extending only with the module's content + [ 9.791896] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ehci-hcd.ko + [ 9.860477] TRACE: /bin/tpmr(790): main + [ 9.914849] DEBUG: TPM: Extending PCR[5] with hash bc9ff28a99e314cda69695ba34b26ed0d8b1e4ed + [ 9.976867] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ehci-hcd.ko + [ 10.146966] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod + [ 10.184086] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver + [ 10.276564] TRACE: /sbin/insmod(9): main + [ 10.433503] TRACE: /sbin/insmod(53): main + [ 10.486272] DEBUG: No module parameters, extending only with the module's content + [ 10.620200] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/uhci-hcd.ko + [ 10.698710] TRACE: /bin/tpmr(790): main + [ 10.750637] DEBUG: TPM: Extending PCR[5] with hash bcb2f15c7eb52484072a76fc8a0d7399f6cf2189 + [ 10.808379] DEBUG: exec tpm extend -ix 5 -if /lib/modules/uhci-hcd.ko + [ 10.996254] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod + [ 11.026108] uhci_hcd: USB Universal Host Controller Interface driver + [ 11.040703] uhci_hcd 0000:00:1d.0: UHCI Host Controller + [ 11.053129] uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1 + [ 11.061568] uhci_hcd 0000:00:1d.0: detected 2 ports + [ 11.070973] uhci_hcd 0000:00:1d.0: irq 16, io base 0x0000ff00 + [ 11.089004] hub 1-0:1.0: USB hub found + [ 11.097535] hub 1-0:1.0: 2 ports detected + [ 11.114890] uhci_hcd 0000:00:1d.1: UHCI Host Controller + [ 11.123848] uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2 + [ 11.134989] uhci_hcd 0000:00:1d.1: detected 2 ports + [ 11.142404] uhci_hcd 0000:00:1d.1: irq 17, io base 0x0000fee0 + [ 11.153338] hub 2-0:1.0: USB hub found + [ 11.160572] hub 2-0:1.0: 2 ports detected + [ 11.176481] uhci_hcd 0000:00:1d.2: UHCI Host Controller + [ 11.183898] uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3 + [ 11.193509] uhci_hcd 0000:00:1d.2: detected 2 ports + [ 11.201574] uhci_hcd 0000:00:1d.2: irq 18, io base 0x0000fec0 + [ 11.211182] hub 3-0:1.0: USB hub found + [ 11.219256] hub 3-0:1.0: 2 ports detected + [ 11.314467] TRACE: /sbin/insmod(9): main + [ 11.468430] TRACE: /sbin/insmod(53): main + [ 11.521914] DEBUG: No module parameters, extending only with the module's content + [ 11.656647] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ohci-hcd.ko + [ 11.726721] TRACE: /bin/tpmr(790): main + [ 11.778253] DEBUG: TPM: Extending PCR[5] with hash f563e46fbbed46423a1e10219953233d310792f5 + [ 11.831718] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ohci-hcd.ko + [ 12.010752] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod + [ 12.044192] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver + [ 12.136462] TRACE: /sbin/insmod(9): main + [ 12.293409] TRACE: /sbin/insmod(53): main + [ 12.345947] DEBUG: No module parameters, extending only with the module's content + [ 12.481562] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ohci-pci.ko + [ 12.547754] TRACE: /bin/tpmr(790): main + [ 12.604827] DEBUG: TPM: Extending PCR[5] with hash a24699fdaac9976cc9447fd0cd444a469299ad2f + [ 12.661256] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ohci-pci.ko + [ 12.847247] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod + [ 12.870986] ohci-pci: OHCI PCI platform driver + [ 12.959387] TRACE: /sbin/insmod(9): main + [ 13.112275] TRACE: /sbin/insmod(53): main + [ 13.163112] DEBUG: No module parameters, extending only with the module's content + [ 13.291360] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ehci-pci.ko + [ 13.364853] TRACE: /bin/tpmr(790): main + [ 13.438536] DEBUG: TPM: Extending PCR[5] with hash b80a90e11a01eba40bb7e566f3374d0aad326acb + [ 13.505500] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ehci-pci.ko + [ 13.679865] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod + [ 13.704539] ehci-pci: EHCI PCI platform driver + [ 13.725570] ehci-pci 0000:00:1d.7: EHCI Host Controller + [ 13.735562] ehci-pci 0000:00:1d.7: new USB bus registered, assigned bus number 4 + [ 13.745092] ehci-pci 0000:00:1d.7: irq 19, io mem 0xfcf80000 + [ 13.773286] ehci-pci 0000:00:1d.7: USB 2.0 started, EHCI 1.00 + [ 13.783544] hub 4-0:1.0: USB hub found + [ 13.791110] hub 4-0:1.0: 6 ports detected + [ 13.800844] hub 1-0:1.0: USB hub found + [ 13.807808] hub 1-0:1.0: 2 ports detected + [ 13.823094] hub 2-0:1.0: USB hub found + [ 13.829910] hub 2-0:1.0: 2 ports detected + [ 13.839182] hub 3-0:1.0: USB hub found + [ 13.846231] hub 3-0:1.0: 2 ports detected + [ 13.946297] TRACE: /sbin/insmod(9): main + [ 14.099143] TRACE: /sbin/insmod(53): main + [ 14.149765] DEBUG: No module parameters, extending only with the module's content + [ 14.291413] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/xhci-hcd.ko + [ 14.372815] TRACE: /bin/tpmr(790): main + [ 14.426919] DEBUG: TPM: Extending PCR[5] with hash 1fc55e846b9d5c93e58c6c8b6f867e744fa694bc + [ 14.482815] DEBUG: exec tpm extend -ix 5 -if /lib/modules/xhci-hcd.ko + [ 14.670419] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod + [ 14.783374] TRACE: /sbin/insmod(9): main + [ 14.939364] TRACE: /sbin/insmod(53): main + [ 14.995136] DEBUG: No module parameters, extending only with the module's content + [ 15.135482] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/xhci-pci.ko + [ 15.204263] TRACE: /bin/tpmr(790): main + [ 15.255478] DEBUG: TPM: Extending PCR[5] with hash bbdd85242570aa438b908420a43b8d7042db8b4f + [ 15.305598] DEBUG: exec tpm extend -ix 5 -if /lib/modules/xhci-pci.ko + [ 15.480844] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod + [ 15.512476] xhci_hcd 0000:00:04.0: xHCI Host Controller + [ 15.528230] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 5 + [ 15.540456] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010 + [ 15.554225] hub 5-0:1.0: USB hub found + [ 15.562061] hub 5-0:1.0: 4 ports detected + [ 15.572058] xhci_hcd 0000:00:04.0: xHCI Host Controller + [ 15.589966] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 6 + [ 15.598116] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed + [ 15.606150] usb usb6: We don't know the algorithms for LPM for this host, disabling LPM. + [ 15.616354] hub 6-0:1.0: USB hub found + [ 15.623767] hub 6-0:1.0: 4 ports detected + [ 15.909854] usb 5-1: new high-speed USB device number 2 using xhci_hcd + [ 16.193548] usb 6-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd + [ 16.345381] usb 5-3: new full-speed USB device number 3 using xhci_hcd + [ 17.674973] TRACE: /etc/functions(715): detect_boot_device + [ 17.718114] TRACE: /etc/functions(682): mount_possible_boot_device + [ 17.759829] TRACE: /etc/functions(642): is_gpt_bios_grub + [ 17.833271] TRACE: /dev/vda1 is partition 1 of vda + [ 17.925490] TRACE: /etc/functions(619): find_lvm_vg_name + [ 18.068352] TRACE: Try mounting /dev/vda1 as /boot + [ 18.114444] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null) + [ 18.158648] TRACE: /bin/gui-init(319): clean_boot_check + [ 18.247883] TRACE: /bin/gui-init(348): check_gpg_key + [ 18.338052] TRACE: /bin/gui-init(185): update_totp + [ 18.419286] TRACE: /bin/unseal-totp(8): main + [ 18.511352] TRACE: /bin/tpmr(614): tpm1_unseal + [ 18.624811] DEBUG: Running at_exit handlers + [ 18.661992] TRACE: /bin/tpmr(390): cleanup_shred + [ 18.692897] !!! ERROR: Unable to unseal TOTP secret !!! + [ 21.295284] TRACE: /bin/unseal-totp(8): main + [ 21.386377] TRACE: /bin/tpmr(614): tpm1_unseal + [ 21.496183] DEBUG: Running at_exit handlers + [ 21.527060] TRACE: /bin/tpmr(390): cleanup_shred + [ 21.558625] !!! ERROR: Unable to unseal TOTP secret !!! + [ 24.162881] TRACE: /bin/unseal-totp(8): main + [ 24.249549] TRACE: /bin/tpmr(614): tpm1_unseal + [ 24.362331] DEBUG: Running at_exit handlers + [ 24.394154] TRACE: /bin/tpmr(390): cleanup_shred + [ 24.427400] !!! ERROR: Unable to unseal TOTP secret !!! + [ 26.475340] DEBUG: CONFIG_TPM: y + [ 26.521538] DEBUG: CONFIG_TPM2_TOOLS: + [ 26.578490] DEBUG: Show PCRs + [ 26.730805] DEBUG: PCR-00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + [ 26.751488] PCR-01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + [ 26.778571] PCR-02: C0 A9 54 C8 45 5C 78 49 80 EC 1C DB D8 E8 9B CC 65 11 58 BF + [ 26.808771] PCR-03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + [ 26.830508] PCR-04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + [ 26.849538] PCR-05: 2C 3A 40 05 70 DB 21 89 4F CD C2 F8 D6 AE 40 DA 56 E1 B6 74 + [ 26.878951] PCR-06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + [ 26.895421] PCR-07: 7A 8A 4C E6 BA B0 AA 26 22 B1 26 A2 F6 36 BD F3 86 23 50 B6 + + TPM2: + [ 5.305235] [U] hello world + [ 5.591175] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config) + [ 5.615802] TRACE: Under init + [ 5.657823] DEBUG: Applying panic_on_oom setting to sysctl + [ 5.831457] TRACE: /bin/tpmr(349): tpm2_startsession + [ 6.567984] TRACE: /bin/cbfs-init(5): main + [ 6.695758] TRACE: /bin/cbfs-init(24): main + [ 6.811665] TRACE: /bin/tpmr(832): main + [ 6.870411] DEBUG: TPM: Extending PCR[7] with /.gnupg/pubring.kbx + [ 6.907262] TRACE: /bin/tpmr(234): tpm2_extend + [ 6.983504] TRACE: /bin/tpmr(247): tpm2_extend + [ 7.037543] DEBUG: TPM: Will extend PCR[7] with hash of string /.gnupg/pubring.kbx + [ 7.192665] TRACE: /bin/tpmr(265): tpm2_extend + [ 7.246318] DEBUG: TPM: Extended PCR[7] with hash 96ab5053e4630a040d55549ba73cff2178d401d763147776771f9774597b86a1 + [ 7.355327] TRACE: /bin/tpmr(832): main + [ 7.409042] DEBUG: TPM: Extending PCR[7] with /.gnupg/pubring.kbx + [ 7.446920] TRACE: /bin/tpmr(234): tpm2_extend + [ 7.485782] TRACE: /bin/tpmr(252): tpm2_extend + [ 7.540496] DEBUG: TPM: Will extend PCR[7] with hash of file content /.gnupg/pubring.kbx + [ 7.759033] TRACE: /bin/tpmr(265): tpm2_extend + [ 7.811693] DEBUG: TPM: Extended PCR[7] with hash f196f9cae98362568d31638e7522eee5042286b2c18627b06b30a0275207872e + [ 7.903033] TRACE: /bin/cbfs-init(24): main + [ 8.026099] TRACE: /bin/tpmr(832): main + [ 8.077074] DEBUG: TPM: Extending PCR[7] with /.gnupg/trustdb.gpg + [ 8.108061] TRACE: /bin/tpmr(234): tpm2_extend + [ 8.180580] TRACE: /bin/tpmr(247): tpm2_extend + [ 8.234748] DEBUG: TPM: Will extend PCR[7] with hash of string /.gnupg/trustdb.gpg + [ 8.412522] TRACE: /bin/tpmr(265): tpm2_extend + [ 8.469868] DEBUG: TPM: Extended PCR[7] with hash 53b843fe9bb52894d3a7d00197c776d56f3059f6a285124c7916724cd5013b0b + [ 8.596316] TRACE: /bin/tpmr(832): main + [ 8.655651] DEBUG: TPM: Extending PCR[7] with /.gnupg/trustdb.gpg + [ 8.690508] TRACE: /bin/tpmr(234): tpm2_extend + [ 8.723206] TRACE: /bin/tpmr(252): tpm2_extend + [ 8.782554] DEBUG: TPM: Will extend PCR[7] with hash of file content /.gnupg/trustdb.gpg + [ 8.999969] TRACE: /bin/tpmr(265): tpm2_extend + [ 9.066744] DEBUG: TPM: Extended PCR[7] with hash abf745ef9f960af5d8b19a1acd4bc0a19da056f607b06cce6b920eab83cbbdec + [ 9.215143] TRACE: /bin/key-init(6): main + [ 10.661503] TRACE: Under /etc/ash_functions:combine_configs + [ 10.749050] TRACE: Under /etc/ash_functions:pause_recovery + !!! Hit enter to proceed to recovery shell !!! + [ 10.998267] TRACE: /bin/setconsolefont.sh(6): main + [ 11.059640] DEBUG: Board does not ship setfont, not checking console font + [ 11.303012] TRACE: /bin/gui-init(641): main + [ 11.334099] TRACE: Under /etc/ash_functions:enable_usb + [ 11.421487] TRACE: /sbin/insmod(9): main + [ 11.578754] TRACE: /sbin/insmod(53): main + [ 11.630500] DEBUG: No module parameters, extending only with the module's content + [ 11.741780] TRACE: /bin/tpmr(832): main + [ 11.789365] DEBUG: TPM: Extending PCR[5] with /lib/modules/ehci-hcd.ko + [ 11.823496] TRACE: /bin/tpmr(234): tpm2_extend + [ 11.862739] TRACE: /bin/tpmr(252): tpm2_extend + [ 11.920404] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ehci-hcd.ko + [ 12.123507] TRACE: /bin/tpmr(265): tpm2_extend + [ 12.175292] DEBUG: TPM: Extended PCR[5] with hash 40c5206f06702e45d8e6632632255258af433be0641c96f514ea75ac14523a30 + [ 12.234130] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod + [ 12.278479] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver + [ 12.371875] TRACE: /sbin/insmod(9): main + [ 12.523874] TRACE: /sbin/insmod(53): main + [ 12.578418] DEBUG: No module parameters, extending only with the module's content + [ 12.697785] TRACE: /bin/tpmr(832): main + [ 12.753607] DEBUG: TPM: Extending PCR[5] with /lib/modules/uhci-hcd.ko + [ 12.786940] TRACE: /bin/tpmr(234): tpm2_extend + [ 12.819199] TRACE: /bin/tpmr(252): tpm2_extend + [ 12.879805] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/uhci-hcd.ko + [ 13.088925] TRACE: /bin/tpmr(265): tpm2_extend + [ 13.158660] DEBUG: TPM: Extended PCR[5] with hash 1877332107fb8737a5636da26d4db2c10ffe4d1db2bcbde30b47774cdf05e02f + [ 13.223888] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod + [ 13.253700] uhci_hcd: USB Universal Host Controller Interface driver + [ 13.269580] uhci_hcd 0000:00:1d.0: UHCI Host Controller + [ 13.278675] uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1 + [ 13.287280] uhci_hcd 0000:00:1d.0: detected 2 ports + [ 13.296481] uhci_hcd 0000:00:1d.0: irq 16, io base 0x0000ff00 + [ 13.314557] hub 1-0:1.0: USB hub found + [ 13.332614] hub 1-0:1.0: 2 ports detected + [ 13.352400] uhci_hcd 0000:00:1d.1: UHCI Host Controller + [ 13.361016] uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2 + [ 13.368653] uhci_hcd 0000:00:1d.1: detected 2 ports + [ 13.376700] uhci_hcd 0000:00:1d.1: irq 17, io base 0x0000fee0 + [ 13.395046] hub 2-0:1.0: USB hub found + [ 13.403107] hub 2-0:1.0: 2 ports detected + [ 13.418573] uhci_hcd 0000:00:1d.2: UHCI Host Controller + [ 13.426975] uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3 + [ 13.434733] uhci_hcd 0000:00:1d.2: detected 2 ports + [ 13.442497] uhci_hcd 0000:00:1d.2: irq 18, io base 0x0000fec0 + [ 13.460237] hub 3-0:1.0: USB hub found + [ 13.467466] hub 3-0:1.0: 2 ports detected + [ 13.579102] TRACE: /sbin/insmod(9): main + [ 13.730892] TRACE: /sbin/insmod(53): main + [ 13.781345] DEBUG: No module parameters, extending only with the module's content + [ 13.891152] TRACE: /bin/tpmr(832): main + [ 13.954015] DEBUG: TPM: Extending PCR[5] with /lib/modules/ohci-hcd.ko + [ 13.995207] TRACE: /bin/tpmr(234): tpm2_extend + [ 14.031074] TRACE: /bin/tpmr(252): tpm2_extend + [ 14.095694] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ohci-hcd.ko + [ 14.315253] TRACE: /bin/tpmr(265): tpm2_extend + [ 14.369608] DEBUG: TPM: Extended PCR[5] with hash 8a12ce4abfc87f11a023d4f1c26c225f5cffae248f9dad1fd30e78022996df02 + [ 14.425800] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod + [ 14.455207] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver + [ 14.548050] TRACE: /sbin/insmod(9): main + [ 14.693175] TRACE: /sbin/insmod(53): main + [ 14.742761] DEBUG: No module parameters, extending only with the module's content + [ 14.855233] TRACE: /bin/tpmr(832): main + [ 14.908035] DEBUG: TPM: Extending PCR[5] with /lib/modules/ohci-pci.ko + [ 14.940321] TRACE: /bin/tpmr(234): tpm2_extend + [ 14.970307] TRACE: /bin/tpmr(252): tpm2_extend + [ 15.018421] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ohci-pci.ko + [ 15.226408] TRACE: /bin/tpmr(265): tpm2_extend + [ 15.279951] DEBUG: TPM: Extended PCR[5] with hash 2065ee6544d78a5d31e67983166a9b8cf60dbe61bf0ee99c39e92816cc3a98db + [ 15.335930] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod + [ 15.360537] ohci-pci: OHCI PCI platform driver + [ 15.446600] TRACE: /sbin/insmod(9): main + [ 15.597149] TRACE: /sbin/insmod(53): main + [ 15.649850] DEBUG: No module parameters, extending only with the module's content + [ 15.753738] TRACE: /bin/tpmr(832): main + [ 15.809086] DEBUG: TPM: Extending PCR[5] with /lib/modules/ehci-pci.ko + [ 15.847559] TRACE: /bin/tpmr(234): tpm2_extend + [ 15.878030] TRACE: /bin/tpmr(252): tpm2_extend + [ 15.930320] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ehci-pci.ko + [ 16.131948] TRACE: /bin/tpmr(265): tpm2_extend + [ 16.190395] DEBUG: TPM: Extended PCR[5] with hash 116145df2c495dfd58354025799fe5bb9b4d8e078960e8d0d7ceda746e4f2d06 + [ 16.247675] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod + [ 16.275465] ehci-pci: EHCI PCI platform driver + [ 16.296704] ehci-pci 0000:00:1d.7: EHCI Host Controller + [ 16.306151] ehci-pci 0000:00:1d.7: new USB bus registered, assigned bus number 4 + [ 16.316293] ehci-pci 0000:00:1d.7: irq 19, io mem 0xfcf80000 + [ 16.340527] ehci-pci 0000:00:1d.7: USB 2.0 started, EHCI 1.00 + [ 16.357688] hub 4-0:1.0: USB hub found + [ 16.365707] hub 4-0:1.0: 6 ports detected + [ 16.376687] hub 1-0:1.0: USB hub found + [ 16.384573] hub 1-0:1.0: 2 ports detected + [ 16.393986] hub 2-0:1.0: USB hub found + [ 16.401424] hub 2-0:1.0: 2 ports detected + [ 16.410387] hub 3-0:1.0: USB hub found + [ 16.418087] hub 3-0:1.0: 2 ports detected + [ 16.513839] TRACE: /sbin/insmod(9): main + [ 16.670778] TRACE: /sbin/insmod(53): main + [ 16.721953] DEBUG: No module parameters, extending only with the module's content + [ 16.835964] TRACE: /bin/tpmr(832): main + [ 16.888003] DEBUG: TPM: Extending PCR[5] with /lib/modules/xhci-hcd.ko + [ 16.919798] TRACE: /bin/tpmr(234): tpm2_extend + [ 16.957470] TRACE: /bin/tpmr(252): tpm2_extend + [ 17.013535] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/xhci-hcd.ko + [ 17.225097] TRACE: /bin/tpmr(265): tpm2_extend + [ 17.281099] DEBUG: TPM: Extended PCR[5] with hash 7f5a6bd0f7de6104e49374e1e5ce421e11795fcc4f53014ef9259d630d7876bc + [ 17.337551] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod + [ 17.448660] TRACE: /sbin/insmod(9): main + [ 17.595458] TRACE: /sbin/insmod(53): main + [ 17.653305] DEBUG: No module parameters, extending only with the module's content + [ 17.763612] TRACE: /bin/tpmr(832): main + [ 17.817350] DEBUG: TPM: Extending PCR[5] with /lib/modules/xhci-pci.ko + [ 17.849196] TRACE: /bin/tpmr(234): tpm2_extend + [ 17.879069] TRACE: /bin/tpmr(252): tpm2_extend + [ 17.927859] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/xhci-pci.ko + [ 18.126778] TRACE: /bin/tpmr(265): tpm2_extend + [ 18.188056] DEBUG: TPM: Extended PCR[5] with hash 5502fa8c101f7e509145b9826094f06dd0e225c2311a14edc9ae9c812518a250 + [ 18.247945] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod + [ 18.286509] xhci_hcd 0000:00:04.0: xHCI Host Controller + [ 18.294553] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 5 + [ 18.308276] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010 + [ 18.320288] hub 5-0:1.0: USB hub found + [ 18.328425] hub 5-0:1.0: 4 ports detected + [ 18.337635] xhci_hcd 0000:00:04.0: xHCI Host Controller + [ 18.344430] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 6 + [ 18.351769] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed + [ 18.360900] usb usb6: We don't know the algorithms for LPM for this host, disabling LPM. + [ 18.371095] hub 6-0:1.0: USB hub found + [ 18.378046] hub 6-0:1.0: 4 ports detected + [ 18.673695] usb 5-1: new high-speed USB device number 2 using xhci_hcd + [ 18.960744] usb 6-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd + [ 19.112485] usb 5-3: new full-speed USB device number 3 using xhci_hcd + [ 20.433294] TRACE: /etc/functions(715): detect_boot_device + [ 20.489580] TRACE: /etc/functions(682): mount_possible_boot_device + [ 20.546126] TRACE: /etc/functions(642): is_gpt_bios_grub + [ 20.653417] TRACE: /dev/vda1 is partition 1 of vda + [ 20.777737] TRACE: /etc/functions(619): find_lvm_vg_name + [ 20.946450] TRACE: Try mounting /dev/vda1 as /boot + [ 20.997145] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null) + [ 21.053058] TRACE: /bin/gui-init(319): clean_boot_check + [ 21.157752] TRACE: /bin/gui-init(348): check_gpg_key + [ 21.260339] TRACE: /bin/gui-init(185): update_totp + [ 21.376906] TRACE: /bin/unseal-totp(8): main + [ 21.497372] TRACE: /bin/tpmr(569): tpm2_unseal + [ 21.574501] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass= + [ 22.212056] DEBUG: Running at_exit handlers + [ 22.247818] TRACE: /bin/tpmr(374): cleanup_session + [ 22.301292] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session + [ 22.423005] !!! ERROR: Unable to unseal TOTP secret !!! + [ 25.058227] TRACE: /bin/unseal-totp(8): main + [ 25.205031] TRACE: /bin/tpmr(569): tpm2_unseal + [ 25.284388] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass= + [ 25.914243] DEBUG: Running at_exit handlers + [ 25.947988] TRACE: /bin/tpmr(374): cleanup_session + [ 26.001694] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session + [ 26.126464] !!! ERROR: Unable to unseal TOTP secret !!! + [ 28.766165] TRACE: /bin/unseal-totp(8): main + [ 28.898452] TRACE: /bin/tpmr(569): tpm2_unseal + [ 28.982708] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass= + [ 29.609216] DEBUG: Running at_exit handlers + [ 29.643372] TRACE: /bin/tpmr(374): cleanup_session + [ 29.696741] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session + [ 29.822748] !!! ERROR: Unable to unseal TOTP secret !!! + [ 31.890980] DEBUG: CONFIG_TPM: y + [ 31.945147] DEBUG: CONFIG_TPM2_TOOLS: y + [ 31.999643] DEBUG: Show PCRs + [ 32.157607] DEBUG: sha256: + [ 32.190288] 0 : 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.221302] 1 : 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.251240] 2 : 0x9FC171D45D54BDD49D40E8438BCF15808427BA72B11EC2DF1ACE877CA0CF4F14 + [ 32.282127] 3 : 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.315382] 4 : 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.345767] 5 : 0xD76470232B7C3FD7D18D4DF3B77DACAFFDB876DBF3E84C996D74F7ECFA0FF60F + [ 32.379099] 6 : 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.409630] 7 : 0x2E3147A8ADA1FEBEB2D32D7F50F25DC10F47D7CD48DF1D61A2D6BF958114A231 + [ 32.439780] 8 : 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.508514] 9 : 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.537395] 10: 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.583510] 11: 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.622661] 12: 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.651831] 13: 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.687298] 14: 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.721766] 15: 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.751345] 16: 0x0000000000000000000000000000000000000000000000000000000000000000 + [ 32.782919] 17: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF + [ 32.813071] 18: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF + [ 32.841994] 19: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF + [ 32.869358] 20: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF + [ 32.907215] 21: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF + [ 32.937346] 22: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF + [ 32.967810] 23: 0x0000000000000000000000000000000000000000000000000000000000000000 + + Signed-off-by: Thierry Laurion + +commit de7902f5b905626e42e670e60ac1ceca1692fa58 +gpg: Signature made Fri 06 Sep 2024 09:43:14 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Jonathon Hall +Date: Thu Sep 5 14:00:58 2024 -0400 + + cbfs-init, insmod: Bring back params/filenames into PCR measurements + + cbfs-init used to measure filenames as well as the data in the files, + but after refactoring it only measures file data. This means files + could be renamed, or contents pivoted, without affecting the PCR + measurements. Bring back the filename measurement. + + Similarly, insmod used to measure module parameters, but no longer + does. Though we don't currently insert any modules with parameters, + there's no reason to leave this open to break later, bring back the + measurement. + + Signed-off-by: Jonathon Hall + +commit 250a144d670d5aea56413a08adc18ca4b634a0dd +gpg: Signature made Fri 06 Sep 2024 09:43:03 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Merge: 7ca8d42cde b28c257b85 +Author: Thierry Laurion +Date: Fri Sep 6 09:43:02 2024 -0400 + + Merge remote-tracking branch 'osresearch/master' into HEAD + +commit b28c257b851c880f5dc2c4adf0c47377026529cb +gpg: Signature made Fri 06 Sep 2024 09:36:16 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 9bb6605945 62c8366d20 +Author: Jonathon Hall +Date: Fri Sep 6 09:36:10 2024 -0400 + + Merge remote-tracking branch 'github-tlaurion/key-init_fix-time_give-warning-on-gpg-errors' + + PR #1776 + +commit 62c8366d2029cd1f9fe7dbf069b7e9dfb2773949 +gpg: Signature made Fri 06 Sep 2024 09:27:37 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Jonathon Hall +Date: Fri Sep 6 08:44:11 2024 -0400 + + key-init: If time resets, tell user to set it, but allow skipping + + The 'warn' message was not very effective, because change-time.sh + clears the screen right after. Prompt with whiptail instead, which + also lets the user know what's happening before we drop them into a + series of prompts. + + Let the user skip changing time if they really want to. While they + usually should set the time, it's rather frustrating if Heads forces + them to go through these prompts when they don't want to. + + Signed-off-by: Jonathon Hall + Signed-off-by: Thierry Laurion + +commit cbd1f285c6d1cb2aa2481e4a85bce4dd1d887433 +gpg: Signature made Fri 06 Sep 2024 09:27:25 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Merge: 9633d6bfb1 9bb6605945 +Author: Thierry Laurion +Date: Fri Sep 6 09:27:23 2024 -0400 + + Merge remote-tracking branch 'osresearch/master' into key-init_fix-time_give-warning-on-gpg-errors + +commit 9bb66059454a4aa4c305c6a1af9b8ee564f13a67 +gpg: Signature made Fri 06 Sep 2024 09:07:57 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: c0762aa5e7 d66f476d28 +Author: Thierry Laurion +Date: Fri Sep 6 09:07:57 2024 -0400 + + Merge pull request #1781 from JonathonHall-Purism/librem_11_fix_add_ci + + Librem 11: Fix build, add to CI + +commit d66f476d283126a7c45feaef6d2050dd555c36f4 +gpg: Signature made Thu 05 Sep 2024 02:27:48 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Sep 5 14:27:30 2024 -0400 + + .circleci/config.yml: Add Librem 11 + + We didn't notice the breakage for Librem 11 because it wasn't in CI. + Add it. + + Signed-off-by: Jonathon Hall + +commit e1bcf65998defaf69482648f415d95457851f92f +gpg: Signature made Thu 05 Sep 2024 02:26:58 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Sep 5 14:23:50 2024 -0400 + + config/coreboot-librem_11.config: Fix build, restore Wi-Fi coreboot cfg + + a9e6dfe8 ("config/coreboot-*: Turn off WIFI support in coreboot. If + regression, will turn on case by case") broke builds for Librem 11. + CONFIG_DRIVER_WIFI_GENERIC is required for Librem 11 as it describes + its built-in Wi-Fi card in the device tree. + + The CONFIG_DRIVER_INTEL_WIFI driver does not actually seem to be + needed directly, but this is the only way to bring in the generic + driver, which is not selectable itself. + + Signed-off-by: Jonathon Hall + +commit c0762aa5e7af5c5c1bbb9d69411bcb108309f9c6 +gpg: Signature made Thu 05 Sep 2024 10:01:00 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: b2264534a0 32bb2e59eb +Author: Jonathon Hall +Date: Thu Sep 5 10:00:55 2024 -0400 + + Merge remote-tracking branch 'github-tlaurion/automatic_boot_newline' + + PR #1779 + +commit b2264534a033cb938ccf4745511e027d4c97cb08 +gpg: Signature made Wed 04 Sep 2024 03:16:41 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 3b22ae68e5 3c76bdc510 +Author: Thierry Laurion +Date: Wed Sep 4 15:16:41 2024 -0400 + + Merge pull request #1778 from tlaurion/fix_whiptail_color_output_remnants_bug + + oem-factory-reset gui-init: fix whiptail_error segfaulting because selfcalling itself; fix typo in gui-init + +commit 32bb2e59eb2586abfafe130953cafc453842be5f +gpg: Signature made Wed 04 Sep 2024 02:55:21 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Sep 4 14:43:28 2024 -0400 + + gui_functions: add newline after message telling user that automatic boot will happen unless interrupted + + Signed-off-by: Thierry Laurion + +commit 3c76bdc510d239422fdf0188b1d974eb46caddd3 +gpg: Signature made Wed 04 Sep 2024 02:27:18 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Sep 4 14:26:42 2024 -0400 + + oem-factory-reset gui-init: fix whiptail_error segfaulting because selfcalling itself, fix typo in gui-init + + fix bugs introduced by #1698 + + Signed-off-by: Thierry Laurion + +commit 9633d6bfb12317c37cbb93508a2dfec9ea654bfa +gpg: Signature made Tue 03 Sep 2024 03:25:06 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Sep 3 14:49:42 2024 -0400 + + key-init: only attempt to import individual user keys if legacy dir exists, skip otherwise + + Signed-off-by: Thierry Laurion + +commit ebb4d7ab69f83b4e4f0a807440daee8e4f87faf3 +gpg: Signature made Tue 03 Sep 2024 02:28:46 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Sep 3 14:28:45 2024 -0400 + + key-init: force user to change time if <2024, give warnings on errors + + Signed-off-by: Thierry Laurion + +commit 3b22ae68e5626f4991ff7dabd2cd9c484a78ff20 +gpg: Signature made Mon 02 Sep 2024 01:51:30 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 38dd863458 f06867306e +Author: Thierry Laurion +Date: Mon Sep 2 13:51:30 2024 -0400 + + Merge pull request #1772 from tlaurion/fix_config_user_reproducibility_for_undoing + + init: make sure config.user is overriden only with new values so that going DEBUG/undoing can work reproducibly + +commit 38dd863458d318071881d4887d37ce686635ee43 +gpg: Signature made Mon 02 Sep 2024 01:48:48 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 51ade5bd10 9c898a7b67 +Author: Thierry Laurion +Date: Mon Sep 2 13:48:48 2024 -0400 + + Merge pull request #1768 from JonathonHall-Purism/seed-mirror-script + + bin/seed_package_mirror.sh: Script to seed a package mirror + +commit f06867306e43d6f2e7ca07553361722a60395d79 +gpg: Signature made Sun 01 Sep 2024 09:01:04 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun Sep 1 21:01:04 2024 -0400 + + init: make sure config.user is overriden only with new values so that going DEBUG/undoing can work reproducibly + + Signed-off-by: Thierry Laurion + +commit 9c898a7b676b12a7bf6a6428f0e076fbbd818a93 +gpg: Signature made Fri 30 Aug 2024 01:50:28 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 30 13:50:01 2024 -0400 + + bin/seed_package_mirror.sh: Script to seed a package mirror + + Run this to download all the needed package artifacts for a mirror. + + Signed-off-by: Jonathon Hall + +commit 7ca8d42cde0cf41591e2e1d757a779cde3a656b4 +gpg: Signature made Wed 28 Aug 2024 02:51:47 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Aug 28 14:09:18 2024 -0400 + + tpmr : match desc of function in comment + + Co-authored-by: JonathonHall-Purism <109107914+JonathonHall-Purism@users.noreply.github.com> + Signed-off-by: Thierry Laurion + +commit 51ade5bd10f6866f5a1afc5442ac5d2bc3aa7a20 +gpg: Signature made Tue 27 Aug 2024 09:21:21 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 1c21f9cb34 ef6cbe551b +Author: Thierry Laurion +Date: Tue Aug 27 09:21:21 2024 -0400 + + Merge pull request #1760 from tlaurion/mrothfuss-d16_ram_init_fixes_coreboot411 + + coreboot-4.11: add fixes to KGPE-D16 raminit + +commit 1c21f9cb343f3d093d045402b00e6810839ac7bc +gpg: Signature made Mon 26 Aug 2024 01:36:16 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: eb88b189e7 9918f6275a +Author: Thierry Laurion +Date: Mon Aug 26 13:36:16 2024 -0400 + + Merge pull request #1761 from tlaurion/arhabd_signed_commits-vikings_not_viking + + Add Vikings HCL to boards D16 board configs + +commit 9918f6275a1349b75c5dd0237bcc6af8bd16dfc3 +gpg: Signature made Mon 26 Aug 2024 08:04:32 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: arhabd +Date: Sat Aug 24 21:31:15 2024 +0000 + + Update coreboot-kgpe-d16_server-whiptail.config + + add vikings HCL to server-whiptail + + Signed-off-by: Thierry Laurion + +commit 4dfdc67174897b910b08beb5ca98d23d25e862c4 +gpg: Signature made Mon 26 Aug 2024 08:04:16 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: arhabd +Date: Sat Aug 24 21:30:43 2024 +0000 + + Update coreboot-kgpe-d16_server.config + + add vikings HCL to server + + Signed-off-by: Thierry Laurion + +commit c154866ee81ce5cb78b0e5a2e309b1e944e52d04 +gpg: Signature made Mon 26 Aug 2024 08:03:59 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: arhabd +Date: Sat Aug 24 21:30:05 2024 +0000 + + Update coreboot-kgpe-d16_workstation-usb_keyboard.config + + add vikings HCL to workstation-usb_keyboard + + Signed-off-by: Thierry Laurion + +commit c02b235ebea6f9e798f578e618cb19ad21f659a2 +gpg: Signature made Mon 26 Aug 2024 08:03:42 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: arhabd +Date: Sat Aug 24 21:29:21 2024 +0000 + + Update coreboot-kgpe-d16_workstation.config + + add vikings hcl to workstation + + Signed-off-by: Thierry Laurion + +commit ef6cbe551b68b632dc44500bc963285a22ca4570 +gpg: Signature made Mon 26 Aug 2024 07:46:55 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Mike Rothfuss <6182328+mrothfuss@users.noreply.github.com> +Date: Fri Aug 23 20:10:30 2024 -0600 + + coreboot-4.11: add fixes to KGPE-D16 raminit + + The added patches fix bugs in fam15h ram DQS timing and configure the motherboard to restart + gracefully if raminit fails instead of booting into an unstable state and/or crashing. + + Signed-off-by: Thierry Laurion + +commit 52992664ea72ffb85714b395e7ac57dc7c1e5ab2 +gpg: Signature made Sat 24 Aug 2024 03:34:35 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sat Aug 24 12:49:10 2024 -0400 + + Improve TPM Extend infor in normal and DEBUG mode + + cbfs-init: remove temp files, measure direct cbfs output, extend PCR with proper introspection tracing + flash.sh: do not die but go to recovery if flashrom fails, cosmetic fix for warning given to user + kexec-insert-key: extend PCR with proper introspection tracing + kexec-select-boot: extend PCR with proper introspection tracing + kexec-measure-luks: extend PCR with proper introspection tracing + tpmr: Add missing TRACE_FUNC, fix comments, extend give hash that was extended to tpm call in DEBUG, fix TPM startsession unsuppressed output still present + ash_functions: extend PCR with proper introspection tracing + insmod: DEBUG info more pertinent, extend PCR with proper introspection tracing + + Signed-off-by: Thierry Laurion + +commit eb88b189e744be6287bb89b64fe0bf364f3c0a4f +gpg: Signature made Fri 23 Aug 2024 01:10:20 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: e64685beee 87213c503b +Author: Thierry Laurion +Date: Fri Aug 23 13:10:20 2024 -0400 + + Merge pull request #1756 from tlaurion/add_warn_prior_flashrom_call + + flash.sh: Add warning to remind user to not interfere with flashrom operations that will follow + +commit 87213c503b443a11cb26ceb329dac7dff7134f7f +gpg: Signature made Fri 23 Aug 2024 01:01:36 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Aug 23 13:00:29 2024 -0400 + + flash.sh: Add warning to remind user to not interfere with flashrom operations that will follow + + Signed-off-by: Thierry Laurion + +commit e64685beeeb6fe8461909297ed4c9e2abd145a3b +gpg: Signature made Fri 23 Aug 2024 09:52:34 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: d9e5087caa 1e03e8c646 +Author: Thierry Laurion +Date: Fri Aug 23 09:52:34 2024 -0400 + + Merge pull request #1755 from tlaurion/drop_flashrom_inhouse_progress_output + + flash.sh: drop inhouse progress output on console when flashing with flashrom + +commit 1e03e8c64656513136b3031263795cf65ce27758 +gpg: Signature made Fri 23 Aug 2024 08:21:55 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Aug 23 08:21:05 2024 -0400 + + flash.sh: drop inhouse progress output on console when flashing with flashrom + + Signed-off-by: Thierry Laurion + +commit d9e5087caa06ab2ba3464b09c905ad7ef89b710b +gpg: Signature made Wed 07 Aug 2024 11:17:27 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: ece6b846d1 e32a417ed1 +Author: Thierry Laurion +Date: Wed Aug 7 11:17:27 2024 -0400 + + Merge pull request #1745 from JonathonHall-Purism/swtpm_setup_skip_if_exist + + targets/qemu.mk: Fix skip-if-exist in swtpm_setup + +commit ece6b846d13cfc3c2976965f1fda7e1eae12fbf2 +gpg: Signature made Wed 07 Aug 2024 09:30:02 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: c5e449ddf9 39be8303d7 +Author: Thierry Laurion +Date: Wed Aug 7 09:30:02 2024 -0400 + + Merge pull request #1750 from gaspar-ilom/move-w541-to-tested + + move w541 back to tested + +commit 39be8303d76afd00e52eb224c97d326f172d8feb +Author: gaspar-ilom +Date: Tue Aug 6 23:36:26 2024 +0200 + + move w541 back to tested + + Signed-off-by: gaspar-ilom + +commit c5e449ddf95d207d146059fbeb4fcb4caa8fcc26 +gpg: Signature made Tue 06 Aug 2024 02:27:12 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: dd15322683 05b3d85c93 +Author: Thierry Laurion +Date: Tue Aug 6 14:27:12 2024 -0400 + + Merge pull request #1748 from JonathonHall-Purism/change-time-improvements + + Alexgithublab: change time, 3.0 (supersedes #1737) + +commit 05b3d85c93e40da92cc2979ce2137c5b63fb4b30 +gpg: Signature made Tue 06 Aug 2024 02:02:25 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 14:01:49 2024 -0400 + + change-time.sh: Remind of the system time when beginning + + Show the system time when starting to change the time. + + Signed-off-by: Jonathon Hall + +commit c51643b65abb6422f9ae7da808109319dae749f9 +gpg: Signature made Tue 06 Aug 2024 12:44:33 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 12:44:04 2024 -0400 + + gui-init: Remove unneeded UTC time zone indication from current time + + The time zone in Heads is always UTC and we mentioned that in the text. + Don't repeat it. + + Signed-off-by: Jonathon Hall + +commit 3a0df1bd4b7b17b05a5b58a573787174c6038103 +gpg: Signature made Tue 06 Aug 2024 12:43:55 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 12:43:20 2024 -0400 + + change-time.sh: Fix input of 08 and 09 + + printf was interpreting these as invalid octal numbers, they're + decimal. + + Signed-off-by: Jonathon Hall + +commit 05ce2cd0a61900ea6fae277656f2c674a5e3c6ba +gpg: Signature made Tue 06 Aug 2024 10:03:30 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 10:01:34 2024 -0400 + + gui-init: Improve wording of TOTP/HOTP mismatch change-time question + + This was a yes/no prompt but didn't actually have a question in it, + ask if the user wants to change the time. + + Include the current time so the user can tell if it's correct. + Mention that if it's incorrect they should change the time and check + again. + + The first line was too long for fbwhiptail by a few characters, trim it + a little. + + Signed-off-by: Jonathon Hall + +commit 6eab9ddd90c390f5df22ca0f1c93f4024e10eff2 +gpg: Signature made Tue 06 Aug 2024 10:03:30 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 09:49:49 2024 -0400 + + change-time: Add .sh + + We're trying to move all shell scripts to including '.sh' to + differentiate them from functions. While it's not 100% consistent yet, + do it for new scripts. + + Signed-off-by: Jonathon Hall + +commit 653542870dcbdf735f14824f546d00f371f48e15 +gpg: Signature made Tue 06 Aug 2024 10:03:30 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 09:46:47 2024 -0400 + + change-time: Improve prompt wording + + Adjust prompt wording when entering fields. Technically the desired + value isn't always between min/max, because min and max are also + acceptable :) + + No need to repeat an incorrect value, it is right there on the screen + and it dilutes the important point describing what value is needed. + + Signed-off-by: Jonathon Hall + +commit 355b7bc3028b7b346e7e6114f0db9cbb39578778 +gpg: Signature made Tue 06 Aug 2024 10:03:29 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 09:38:01 2024 -0400 + + change-time: Ask whether to retry, don't say "any key", loop instead of recurse + + Ask whether to retry instead of always retrying, so users can escape + if there is a problem setting the date instead of being forced to enter + values until it works. + + Ask to press Enter instead of "any key". "Any key" prompts are + generally misleading, because there are usually keys that won't + actually work (e.g. Ctrl, Caps Lock, Shift). + + Loop to retry if setting the date fails instead of recursing. + + Signed-off-by: Jonathon Hall + +commit 234595df4a057fce60aaddc7194ee4f27ebeece6 +gpg: Signature made Tue 06 Aug 2024 10:03:29 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 09:30:38 2024 -0400 + + change-time: Infer value digits automatically + + Infer digits from the length of the maximum value. + + Signed-off-by: Jonathon Hall + +commit b908e0b8bd3059aceb1cc69ff95e2ade695a76d7 +gpg: Signature made Tue 06 Aug 2024 10:03:29 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 09:26:36 2024 -0400 + + change-time: Don't offer minimum field value as default + + There's little value to offering the minimum field value as a default + IMO: + * it's rarely accurate (e.g. minute 00 is only accuate 1/60 of the time) + * it's very obvious to just press '0' instead (and no longer + needs to be '00') + * it eliminates a lot of wordiness you otherwise have to read (or more + likely, ignore) + + Signed-off-by: Jonathon Hall + +commit a1343666d55bd044204e756dddd89f26bf2afc41 +gpg: Signature made Tue 06 Aug 2024 09:23:20 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 09:22:59 2024 -0400 + + change-time: Test date exit status directly + + There's no need to try to parse stdout/stderr to figure out if date + succeeded, just check if it was successful directly. + + Signed-off-by: Jonathon Hall + +commit 770815cba89deb66331984c2d669c5a294fa81bd +gpg: Signature made Tue 06 Aug 2024 09:17:42 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 09:12:03 2024 -0400 + + change-time: Complete input with Enter, allow Backspace, don't require leading zeroes + + Allow Backspace in input. It's really frustrating otherwise if a typo + cannot be corrected, and worse, the backspace key actually produces a + character that becomes part of the input. + + Complete input with Enter. It is surprising when the script just + moves on right away once a fourth/second digit is entered, and worse, + users expecting to press Enter could reasonably press it before + realizing the script did not require it, which then skips the _next_ + prompt inadvertently. Users with imperfect typing might double a + digit unintentionally, do not force them to proceed with an incorrect + value. + + Removing '-n $digits' from read does both of those. Add '-r' so + backslashes do not have unexpected behavior. + + Don't require leading zeroes, zero-pad automatically. + + Signed-off-by: Jonathon Hall + +commit dd153226839b20a12ebdf7b49a48bc5b41821e44 +gpg: Signature made Tue 06 Aug 2024 09:10:56 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: de0bc7517e a7fb7c83ab +Author: Thierry Laurion +Date: Tue Aug 6 09:10:56 2024 -0400 + + Merge pull request #1746 from JonathonHall-Purism/remove_pureos_key + + keys: Remove PureOS signing key + +commit a7fb7c83ab19b6971a1d3f20a1350db70d0fe571 +gpg: Signature made Tue 06 Aug 2024 09:08:20 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 09:07:53 2024 -0400 + + keys: Remove PureOS signing key + + PureOS ISOs still are not detach-signed and it is misleading that there + is a key here. Remove it, we'll add it when the ISOs are signed. + + Signed-off-by: Jonathon Hall + +commit e32a417ed1dbe290e9e56d10e0dde0adae957242 +gpg: Signature made Tue 06 Aug 2024 08:59:21 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 08:57:37 2024 -0400 + + targets/qemu.mk: Fix skip-if-exist in swtpm_setup + + Commit 46cad549 ("WiP flake.nix: make docker image usable for...") + added 'root' to the swtpm_setup call, but broke skip-if-exist because + the flags are supposed to be comma-separated. swtpm_setup was ignoring + skip-if-exist and would fail if the config files exist. + + Put a comma there so it works again. + + Signed-off-by: Jonathon Hall + +commit 16f07936481278e0eeaa2739cde808861efbdb87 +gpg: Signature made Tue 06 Aug 2024 08:57:27 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 6 08:49:30 2024 -0400 + + initrd/bin/change-time: Label parameters of get_date + + Use local named variables instead of $1-$4 throughout the function. + This makes the implementation clearer and documents the usage. + + Signed-off-by: Jonathon Hall + +commit de0bc7517ece85e41385f81f9b41677f11e27db0 +gpg: Signature made Mon 05 Aug 2024 01:38:34 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 27d09d4a23 e6382176a0 +Author: Thierry Laurion +Date: Mon Aug 5 13:38:34 2024 -0400 + + Merge pull request #1743 from tlaurion/fix_top_down_allocation_up_to_haswell + + coreboot 24.02.04: Fix top down allocation for platforms up to Haswell + +commit e6382176a018d4f0f2fa9b13c11eaa5ad7f2659a +gpg: Signature made Mon 05 Aug 2024 05:42:12 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Aug 5 05:37:37 2024 -0400 + + coreboot 24.02.01: redo save in oldconfig with patch for sandy/ivy/haswell: configs updated + + repro saving all boards configs to oldconfig + grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place > /dev/null 2>&1; then echo $board failed;fi; done + + Signed-off-by: Thierry Laurion + +commit db9eed7ac51772a25ab434cd0628a178ef048bc9 +gpg: Signature made Mon 05 Aug 2024 05:42:04 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Aug 5 05:23:23 2024 -0400 + + coreboot 24.02.01: add upstream patch for Intel CONFIG_DOMAIN_RESOURCE_32BIT_LIMIT to fix CONFIG_RESOURCE_ALLOCATION_TOP_DOWN peripherals disappearing + + repro: + git fetch https://review.coreboot.org/coreboot refs/changes/07/80207/3 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-24.02.01/0003-CONFIG_RESOURCE_ALLOCATION_TOP_DOWN-CONFIG_DOMAIN_RESOURCE_32BIT_LIMIT.patch + docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=x230-maximized real.remove_canary_files-extract_patch_rebuild_what_changed + grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place > /dev/null 2>&1; then echo $board failed;fi; done + + Signed-off-by: Thierry Laurion + +commit 27d09d4a2397bc068262fedd17ac3fe7d0fa4b2a +gpg: Signature made Tue 30 Jul 2024 01:24:08 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 2ea14bcbeb 211aeabf35 +Author: Thierry Laurion +Date: Tue Jul 30 13:24:08 2024 -0400 + + Merge pull request #1738 from tlaurion/arhabd_patch-1 + + kgpe-d16: add nvme support under linux kernel configs - PR superseeding #1727 + +commit 211aeabf3523615f4637abfa77a8ae3cc759c92c +gpg: Signature made Mon 29 Jul 2024 11:38:06 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 29 11:36:28 2024 -0400 + + kgpe-d16 linux configs: generalize nvme support + + Repro applying patch of past commit on other linux configs of kgpe-d16: + git diff osresearch/master > patch + find config/linux-kgpe* | while read config; do sudo patch $config patch; done + git status | grep modified | awk -F ":" {'print $2'}| xargs git add + git commit --signoff -m "kgpe-d16 linux configs: generalize nvme support" + + Signed-off-by: Thierry Laurion + +commit 439eb35816eca66513471b39e650b8e68e02a633 +gpg: Signature made Mon 29 Jul 2024 11:26:03 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Merge: 3b66c538ac 2ea14bcbeb +Author: Thierry Laurion +Date: Mon Jul 29 11:26:02 2024 -0400 + + Merge remote-tracking branch 'osresearch/master' into HEAD + +commit 3b66c538ac208860a3107f590826c17f8c9317a3 +gpg: Signature made Mon 29 Jul 2024 11:25:52 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: arhabd +Date: Mon Jul 22 14:35:57 2024 +0000 + + add nvme support + + add nvme support works as boot device hopefully + + Signed-off-by: Thierry Laurion + +commit f4ce04716778dbb2cfdda2d9dab67f8c4a81b7d6 +gpg: Signature made Mon 29 Jul 2024 10:32:49 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 29 09:59:38 2024 -0400 + + gui-init: put change-time under TOTP mismatch where it should be, remove unneeded duplicate menu options to change system time + + Signed-off-by: Thierry Laurion + +commit a99298acb25ee471d2420a88ca1117fa6503040e +gpg: Signature made Mon 29 Jul 2024 10:12:20 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 29 09:41:27 2024 -0400 + + change-time script: syntax, spcaing, wording and typo fixes + Signed-off-by: Thierry Laurion + + Signed-off-by: Thierry Laurion + +commit 07a6b7819a62429f71a54db693a9a206db59573c +gpg: Signature made Mon 29 Jul 2024 10:12:14 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: alexgithublab +Date: Thu Jul 25 12:21:54 2024 +0200 + + UTC statment + menu order + + Signed-off-by: Thierry Laurion + +commit a3b9a1d9e9a6a61d9490abcb1b8163af0ddbb5af +gpg: Signature made Mon 29 Jul 2024 10:12:08 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: alexgithublab +Date: Thu Jul 25 10:06:40 2024 +0200 + + chmod + + Signed-off-by: Thierry Laurion + +commit ff9dd5f667181fccee16d2444515524e6fcf50e1 +gpg: Signature made Mon 29 Jul 2024 10:12:03 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: alexgithublab +Date: Wed Jul 24 14:09:40 2024 +0200 + + change system time feature + + Signed-off-by: Thierry Laurion + +commit 2ea14bcbeb6ed6d5ddba7429a2260f8c1417c243 +gpg: Signature made Mon 29 Jul 2024 08:52:53 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 1516320960 9f8aee7ed8 +Author: Thierry Laurion +Date: Mon Jul 29 08:52:53 2024 -0400 + + Merge pull request #1719 from tlaurion/Guidelines-code_of_conduct_and_contributing_md + + Guidelines for contributing under CONTRIBUTING.md + +commit 9f8aee7ed8bfcff24c91d41930fd3d278e7736b7 +gpg: Signature made Mon 29 Jul 2024 08:50:22 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 29 08:50:22 2024 -0400 + + CONTRIBUTING.md: signing notes formatting fix + + Signed-off-by: Thierry Laurion + +commit 1d9ecf620b621de8bfb15e6bb469c772217481e5 +gpg: Signature made Mon 29 Jul 2024 08:37:29 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 29 08:37:29 2024 -0400 + + CONTRIBUTING.md: add notes in case users won't use GitHub + + Signed-off-by: Thierry Laurion + +commit ddfcd86cd3d9df2ddfbf3767a6c1a6e071d0120b +gpg: Signature made Mon 29 Jul 2024 08:24:47 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 29 07:57:44 2024 -0400 + + Update CONTRIBUTING.md + + Add suggestion for signing/review process + + Co-authored-by: SergiiDmytruk + Signed-off-by: Thierry Laurion + +commit 95cd57891565d2985b615e0791afa23d34165d63 +gpg: Signature made Mon 29 Jul 2024 08:24:31 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 29 07:55:13 2024 -0400 + + Update CONTRIBUTING.md + + Add pinging suggestions + + Co-authored-by: SergiiDmytruk + Signed-off-by: Thierry Laurion + +commit 05f49932576bfe8e738753b6128e1836780bee8e +gpg: Signature made Mon 29 Jul 2024 08:24:11 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 29 07:54:44 2024 -0400 + + Update CONTRIBUTING.md + + Fix wording to ease contribution acceptance + + Co-authored-by: SergiiDmytruk + Signed-off-by: Thierry Laurion + +commit e2e4d3deacb322849ed3f677720ee9dc5896d94f +gpg: Signature made Mon 29 Jul 2024 08:23:39 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 12 09:52:31 2024 -0400 + + CONTRIBUTING.md: add baselines and refer in README.md + + Signed-off-by: Thierry Laurion + +commit 1516320960b6d6699641961ae476e46a3f9de0f2 +gpg: Signature made Fri 26 Jul 2024 10:34:19 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: e313c18e00 3b436e53ea +Author: Thierry Laurion +Date: Fri Jul 26 22:34:19 2024 -0400 + + Merge pull request #1735 from tlaurion/fix_fsp_error_wifi_generic_nv41_ns50 + + nitropad-nv41/ns50: readd Intel WIFI otherwise fsp error to fix previous PR regression (preventing master to build) + +commit 3b436e53ea3bc12357812918461c6336c25a21a1 +gpg: Signature made Fri 26 Jul 2024 10:31:30 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 26 22:24:57 2024 -0400 + + nitropad-nv41/ns50: readd Intel WIFI otherwise fsp error + + Enabling CONFIG_DRIVERS_INTEL_WIFI=y in turn enables CONFIG_DRIVERS_WIFI_GENERIC=y which is needed. + + Bugfix, pushed on master without review: this is regression preventing master to report succcess for last master commit. + + nv41: + CC generated/ramstage.o + /home/user/heads/build/x86/coreboot-dasharo/util/crossgcc/xgcc/bin/i386-elf-ld.bfd: nitropad-nv41/romstage/soc/intel/alderlake/romstage/fsp_params.o: in function `fill_fspm_misc_params': + /home/user/heads/build/x86/coreboot-dasharo/src/soc/intel/alderlake/romstage/fsp_params.c:235: undefined reference to `wifi_generic_cnvi_ddr_rfim_enabled' + make[1]: *** [src/arch/x86/Makefile.inc:196: nitropad-nv41/cbfs/fallback/romstage.debug] Error 1 + + ns50: + CC generated/ramstage.o + /home/user/heads/build/x86/coreboot-dasharo/util/crossgcc/xgcc/bin/i386-elf-ld.bfd: nitropad-ns50/romstage/soc/intel/alderlake/romstage/fsp_params.o: in function `fill_fspm_misc_params': + /home/user/heads/build/x86/coreboot-dasharo/src/soc/intel/alderlake/romstage/fsp_params.c:235: undefined reference to `wifi_generic_cnvi_ddr_rfim_enabled' + + Signed-off-by: Thierry Laurion + +commit e313c18e00a6b4dd46d0a24db79cd07bf2d1819c +gpg: Signature made Fri 26 Jul 2024 05:51:57 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 60ec2b9b45 a9e6dfe851 +Author: Thierry Laurion +Date: Fri Jul 26 17:51:57 2024 -0400 + + Merge pull request #1723 from tlaurion/ivy_coreboot_2402-defconfig_unification_to_oldconfig + + xx20/xx30/qemu q35/xx4x : coreboot 4.22.01 -> 24.02.01 VERSION BUMP + defconfig unification to oldconfig + +commit a9e6dfe851db9101496328f8963391dea77fb987 +gpg: Signature made Fri 26 Jul 2024 05:39:18 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 26 17:39:18 2024 -0400 + + config/coreboot-*: Turn off WIFI support in coreboot. If regression, will turn on case by case. + + Signed-off-by: Thierry Laurion + +commit d0b0eef84427aaa782951a99d7413b420dc481c9 +gpg: Signature made Fri 26 Jul 2024 04:51:31 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 26 16:51:31 2024 -0400 + + boards/UNTESTED_w541-hotp-maximized/UNTESTED_w541-hotp-maximized.config: Path is hardcoded to non hotp variant inclusion... + + Signed-off-by: Thierry Laurion + +commit 1b6d26a888614adb7917d0a2191cc319d92daf18 +gpg: Signature made Fri 26 Jul 2024 03:48:47 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 26 15:45:26 2024 -0400 + + w541: rename/move board flavors to UNTESTED since untested for coreboot 24.02.01 version bumped and no news from expected board testers in time for merge + + Replication notes: + - w541-hotp-maximized is a makefile inclusion of w541-maximized so order of ops is important + + docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.1 -- make -d BOARD=w541-hotp-maximized board.move_tested_to_untested + time docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.1 -- make -d BOARD=w541-maximized board.move_tested_to_untested + git status + git add boards/UNTESTED_w541-hotp-maximized/UNTESTED_w541-hotp-maximized.config boards/UNTESTED_w541-maximized/UNTESTED_w541-maximized.config boards/w541-hotp-maximized/w541-hotp-maximized.config boards/w541-maximized/w541-maximized.config .circleci/config.yml + git commit --signoff + + Signed-off-by: Thierry Laurion + +commit cf9d10adebf489fc0cf459d7734ba8fe7183c061 +gpg: Signature made Fri 26 Jul 2024 03:40:09 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 22 15:07:15 2024 -0400 + + t530(-hotp)-maximized: move+ rename to boards/* + unify with x230-maximized boards for 24.02.01 + add Makefile helper + add back to CircleCI + + Signed-off-by: Thierry Laurion + +commit 549c2e45042a013743555fd73d52e9c48f43234e +gpg: Signature made Fri 26 Jul 2024 03:40:03 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Jul 22 08:41:49 2024 -0400 + + BOARD_TESTERS.md: Add known board owners with external programmer (testers) + + Those are currently known to be willing testers of coreboot/linux version bumps PRs to not cause bricks under Heads master + + Signed-off-by: Thierry Laurion + +commit acc64934920432a1a52a86bddc04b26465256acf +gpg: Signature made Fri 26 Jul 2024 03:39:58 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 19 17:44:30 2024 -0400 + + coreboot configs: unify turning CONFIG_USBDEBUG off + + sed -i '$a CONFIG_USBDEBUG=n' config/coreboot-*.config + grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place > /dev/null 2>&1; then echo $board failed;fi; done + + Note: + Boards that are unmaintained accumulates settings addition per the sed call. + + Why deactivate: + - Well, this is equivalent of cbmem -c which gives way too much information from attacker. + + TODO: add an helper later on so that builds aimed at testing coreboot version bump pass to release mode or something. + + As of this commit, we accept that bricks might happen and that troubleshooting will be made in a case basis?! + + Signed-off-by: Thierry Laurion + +commit d20333f08118ce6c221ce92dfbb93187f6893332 +gpg: Signature made Fri 26 Jul 2024 03:39:52 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Jonathon Hall +Date: Fri Jul 19 09:27:11 2024 -0400 + + modules/coreboot: Reuse 24.02.01 toolchain for coreboot-purism + + Reuse the toolchain from coreboot-24.02.01 for coreboot-purism (based + on 24.02.01) instead of compiling a separate toolchain. + + Signed-off-by: Jonathon Hall + +commit 2253f6f3a39d261f5b4dc03ab182a72866005098 +gpg: Signature made Fri 26 Jul 2024 03:39:46 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 19 12:18:25 2024 -0400 + + nv41/ns50 coreboot configs: unset 'CONFIG_RESOURCE_ALLOCATION_TOP_DOWN=y': turns nv41 into a brick under current used coreboot Dasharo fork + + Signed-off-by: Thierry Laurion + +commit df1e6d7540e841aa53b2bdb1661dfec1949e68e2 +gpg: Signature made Fri 26 Jul 2024 03:39:40 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 17 14:10:11 2024 -0400 + + coreboot configs: put back all maintained boards (boards/*)'s coreboot configs in oldconfig format + + Signed-off-by: Thierry Laurion + +commit 296772a62828a1ba660cf1927d3c00490458d227 +gpg: Signature made Fri 26 Jul 2024 03:39:34 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 17 14:04:25 2024 -0400 + + coreboot configs: add CONFIG_DRIVERS_INTEL_WIFI + + This is needed so that ACPI tables are generated from coreboot for final OS to not apply quirks to support wifi cards + + TODO: bluethooth not activated here, maybe we should. + + sed -i '/# CONFIG_DRIVERS_INTEL_WIFI is not set/d' config/coreboot-*.config + + Signed-off-by: Thierry Laurion + +commit 446c98a3f887347718d8ddcb1128a7429eb74646 +gpg: Signature made Fri 26 Jul 2024 03:39:28 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 17 13:52:24 2024 -0400 + + coreboot configs: add CONFIG_USBDEBUG + + sed -i '$a CONFIG_USBDEBUG=y' config/coreboot-*.config + grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_defconfig_format_in_place > /dev/null 2>&1; then echo $board failed;fi; done + + Signed-off-by: Thierry Laurion + +commit d44fe537313266427ab9d5994b72df561a42831b +gpg: Signature made Fri 26 Jul 2024 03:39:22 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 17 13:45:50 2024 -0400 + + coreboot configs: add CONFIG_RESOURCE_ALLOCATION_TOP_DOWN + + sed -i '/# CONFIG_RESOURCE_ALLOCATION_TOP_DOWN is not set/d' config/*.config + + Signed-off-by: Thierry Laurion + +commit 38bd342475acb81ffc36aeeeefeddbb8d638d2e1 +gpg: Signature made Fri 26 Jul 2024 03:39:16 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 17 13:40:38 2024 -0400 + + coreboot configs: add CONFIG_COLLECT_TIMESTAMPS + + sed -i '/# CONFIG_COLLECT_TIMESTAMPS is not set/d' config/*.config + + Signed-off-by: Thierry Laurion + +commit 88cec3ab871419eb0679177191e9a1e717cff35f +gpg: Signature made Fri 26 Jul 2024 03:39:10 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 17 13:34:48 2024 -0400 + + coreboot configs: put in defconfig to ease comparison and unification of configs + + Signed-off-by: Thierry Laurion + +commit b8a87ff579f381791fa5b782dc9c592bd869aea4 +gpg: Signature made Fri 26 Jul 2024 03:38:57 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 26 15:38:53 2024 -0400 + + CircleCI: modify comments/cache relative to version bump 4.22.01->24.02.01 + + Signed-off-by: Thierry Laurion + +commit 6e237d9edd9b0c23336e87141c23a40667fd7345 +gpg: Signature made Fri 26 Jul 2024 03:36:02 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 10 12:21:36 2024 -0400 + + config/coreboot*: save new coreboot 24.02.01 coreboot configs in oldconfig (see new defaults from 4.22.01) + + grep -R 24.02.01 boards/ | awk -F "/" {'print $2'} | while read board; do sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place; done + + Signed-off-by: Thierry Laurion + +commit 646db06eb67a525c1e41be305fabd61bb11d4c76 +gpg: Signature made Fri 26 Jul 2024 03:35:56 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 10 12:17:41 2024 -0400 + + boards/*/*.config: bump coreboot 4.22.01 boards config to use 24.02.01 + + Signed-off-by: Thierry Laurion + +commit f29c16d97716fe8f693c97404a4ab7cedbc9b101 +gpg: Signature made Fri 26 Jul 2024 03:35:50 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jul 10 12:14:14 2024 -0400 + + modules/coreboot: add 24.02.01 version + + Signed-off-by: Thierry Laurion + +commit 119cebc44f51b0d69069bf37e9817156b96df09c +gpg: Signature made Fri 26 Jul 2024 03:35:44 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Jul 16 09:44:38 2024 -0400 + + coreboot 24.02.01: add upstream pending patches for heap allocation failure on bootsplash and defaulting to 4mb of heap when bootsplash + + Add upstreeam patches to downstream: + git fetch https://review.coreboot.org/coreboot refs/changes/75/83475/1 && git format-patch -1 --stdout FETCH_HEAD > 0001-prevent_bootsplash_heap_allocation_failure_to_booting.patch + git fetch https://review.coreboot.org/coreboot refs/changes/76/83476/2 && git format-patch -1 --stdout FETCH_HEAD > 0002-increase_heap_from1mb_to4mb_when_bootpslash_enabled.patch + + Rebuilding coreboot version with patches applied: + docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.0 -- make BOARD=qemu-coreboot-whiptail-tpm1 real.remove_canary_files-extract_patch_rebuild_what_changed + Remove file added by patch when patching fails: + sudo rm build/x86/libgpg-error-1.46/src/syscfg/lock-obj-pub.powerpc64le-unknown-linux-musl.h + + Applying patches touching coreboot version 24.02.01 defiend in board config to all boards: + grep -R 24.02.01 boards/ | awk -F "/" {'print $2'} | while read board; do sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place; done + + Adding added/modified files to git tracked files for commit: + git status | grep -e modified -e added | awk -F ":" {'print $2'}| xargs git add + + Signed-off-by: Thierry Laurion + +commit 60ec2b9b45388c5b3b2221d551d95a94ae387da0 +gpg: Signature made Fri 26 Jul 2024 03:29:32 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 0b494fea09 f0c951fa91 +Author: Thierry Laurion +Date: Fri Jul 26 15:29:32 2024 -0400 + + Merge pull request #1734 from tlaurion/JonathonHall-Purism-module_checkout_submodules-flake_moreutils_for_timestamps_CircleCI_intermediary_arch_musl-cross-make_step + + Fix master's CircleCI builds (Bandwidth throttling making all boards depending on coreboot forks to exceed 1h step's max build time) + +commit f0c951fa915faf2253d65bd5179438f9db6f4204 +gpg: Signature made Fri 26 Jul 2024 02:16:37 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jul 26 14:16:37 2024 -0400 + + CircleCI: fix naming of cache: coreboot-nitrokey -> coreboot-dasharo + + Signed-off-by: Thierry Laurion + +commit 43f35702883e73bb12d9d584833239400df861b7 +gpg: Signature made Fri 26 Jul 2024 12:14:09 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Jul 25 12:23:16 2024 -0400 + + CircleCI: add CircleCI intermediary musl-cross build step per arch, cleanup + + Signed-off-by: Thierry Laurion + +commit 8ff19d17bc6318378e8f434845981edb1d84e903 +gpg: Signature made Fri 26 Jul 2024 11:44:33 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Jul 25 09:29:28 2024 -0400 + + Bump nix develop based docker image to tlaurion/heads-dev-env:v0.2.1: include moreutils to be able to use 'ts' in CircleCI builds ('make BOARD=xyz V=1 | ts') to give timestamps of each make step + + Signed-off-by: Thierry Laurion + +commit 1e54152f30fdfb9ad7417753740c7aef71bd6ce5 +gpg: Signature made Fri 26 Jul 2024 11:44:27 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Jonathon Hall +Date: Fri Jul 26 11:09:29 2024 -0400 + + Makefile: Don't check out submodules when cloning a git module + + Checking out submodules was much worse for coreboot, it has many + submodules and only a subset of them are actually used. coreboot knows + to sync the needed submodules during its build. + + Instead, just remove the errant command that did not actually work. + + Signed-off-by: Jonathon Hall + Signed-off-by: Thierry Laurion + +commit a2876a26a1bd34eaa90cb0266de9aac8d1ac8f71 +gpg: Signature made Wed 24 Jul 2024 03:56:29 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jul 24 15:54:18 2024 -0400 + + Makefile: When cloning a repo from Git, update submodules correctly + + When cloning a repo from Git, actually change to the repo directory to + check out the submodules as well. Without the -C , the submodule + checkout happened in the Heads repo itself, which has no submodules. + + This is important for coreboot being built in CI. Without this, the + coreboot submodules will be checked out automatically by the coreboot + build system during the build, meaning they will not be in the + prepped module cache. + + A trade-off though is that at this point, we don't know what submodules + are actually needed - we will clone some that are not needed. coreboot + knows to skip some submodules during the build if they are not needed. + + Signed-off-by: Jonathon Hall + +commit 0b494fea0955b38efdca6dc26076d467a1f2537f +gpg: Signature made Mon 22 Jul 2024 03:28:41 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: ebd9fbadb6 fa42c7a224 +Author: Thierry Laurion +Date: Mon Jul 22 15:28:41 2024 -0400 + + Merge pull request #1728 from tlaurion/fhvyhjriur_UNMAINTAINED_READMEmd + + Update README.md : cherry-pick of PR #1696's commit with me signing. + +commit fa42c7a224c247ec76d52f272f987d636c44e821 +gpg: Signature made Mon 22 Jul 2024 03:22:39 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: fhvyhjriur <75321183+fhvyhjriur@users.noreply.github.com> +Date: Mon Jun 3 15:50:05 2024 +0000 + + Update README.md : cherry-pick of PR #1696's commit with me signing. + + Discussion about this here: + https://github.com/linuxboot/heads/issues/1682 + + Signed-off-by: Thierry Laurion + +commit ebd9fbadb63ae9f43e8497a2d0aebbed169f1767 +gpg: Signature made Tue 16 Jul 2024 11:02:51 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 75968382fc ff9adad7d2 +Author: Thierry Laurion +Date: Tue Jul 16 11:02:51 2024 -0400 + + Merge pull request #1721 from JonathonHall-Purism/purism_24.02.01_fixed + + Update Librem devices coreboot to 24.02.01-Purism-1 plus bootsplash fix + +commit ff9adad7d2b0b49f966d408db3bc8b7e9aab831a +gpg: Signature made Mon 15 Jul 2024 04:56:12 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jul 15 16:55:34 2024 -0400 + + modules/coreboot: Update Purism to 24.02.01-Purism-1 w/bootsplash fix + + Increases coreboot heap size to accommodate Heads bootsplash. + + Signed-off-by: Jonathon Hall + +commit 265b1da92010ad8b28924f2a8aecf3623405f1b8 +gpg: Signature made Mon 15 Jul 2024 04:54:01 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jul 15 16:53:59 2024 -0400 + + Revert "Merge pull request #1713 from tlaurion/interim_fix_1712" + + This reverts commit c43b6fc05fe44770c06667eb93361903d993a0d6, reversing + changes made to fb9c558ba4ed4d6a581b05d7e47b883e0f79c04a. + + Signed-off-by: Jonathon Hall + +commit 75968382fc2cf17001546e8a9237a62a8822b4e6 +gpg: Signature made Tue 09 Jul 2024 12:32:22 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: c43b6fc05f 1519bd74fe +Author: Jonathon Hall +Date: Tue Jul 9 12:32:15 2024 -0400 + + Merge remote-tracking branch 'github-tlaurion/more_verbose_docker_build' + + PR #1714 + +commit 1519bd74fe5aa16bb930165a8649cdfe45b8f6dc +gpg: Signature made Tue 09 Jul 2024 11:40:10 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Jul 9 11:18:11 2024 -0400 + + README.md: Make docker image build more verbose on console, unify + + Signed-off-by: Thierry Laurion + +commit c43b6fc05fe44770c06667eb93361903d993a0d6 +gpg: Signature made Tue 09 Jul 2024 11:04:34 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: fb9c558ba4 b20cde8c61 +Author: Thierry Laurion +Date: Tue Jul 9 11:04:34 2024 -0400 + + Merge pull request #1713 from tlaurion/interim_fix_1712 + + Revert "Merge pull request #1703 from JonathonHall-Purism/purism_coreboot_24.02.01" + +commit b20cde8c61ebe542f96e076ca273bd999f52e9c4 +gpg: Signature made Tue 09 Jul 2024 09:29:39 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Jul 9 09:29:37 2024 -0400 + + Revert "Merge pull request #1703 from JonathonHall-Purism/purism_coreboot_24.02.01" + + This reverts commit 70250317020ec5365925556df18e288a661f3bf6, reversing + changes made to 156d2c80dd540b1c73c2754fa751cf9ad2f7c0b4. + + Signed-off-by: Thierry Laurion + +commit fb9c558ba4ed4d6a581b05d7e47b883e0f79c04a +gpg: Signature made Fri 28 Jun 2024 05:07:23 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: e471a4ae65 2f8c1a51df +Author: Jonathon Hall +Date: Fri Jun 28 17:07:10 2024 -0400 + + Merge branch 'newt_colors' of github.com:mdrobnak/heads + + PR 1698 + +commit 2f8c1a51df9aed48d3d77cd80fb627f032820020 +gpg: Signature made Tue 25 Jun 2024 01:26:18 PM EDT +gpg: using RSA key 3E3D140D4439F0659D4A8FED20C3618D656E7853 +gpg: issuer "matthew@drobnak.com" +gpg: Can't check signature: No public key +Author: Matthew Drobnak +Date: Tue Jun 11 05:02:48 2024 +0000 + + Build ncurses for terminfo definitions. + + Signed-off-by: Matthew Drobnak + +commit 6e148cb7f287e11f96bed59de2e2af71d0f4a958 +gpg: Signature made Tue 25 Jun 2024 01:26:18 PM EDT +gpg: using RSA key 3E3D140D4439F0659D4A8FED20C3618D656E7853 +gpg: issuer "matthew@drobnak.com" +gpg: Can't check signature: No public key +Author: Matthew Drobnak +Date: Wed Jun 12 13:42:17 2024 +0000 + + Makefile changes to support putting data into the initrd, such as terminfo. + + Signed-off-by: Matthew Drobnak + +commit 19a705c17904c2390334c979097c4643963bd811 +gpg: Signature made Tue 25 Jun 2024 01:26:14 PM EDT +gpg: using RSA key 3E3D140D4439F0659D4A8FED20C3618D656E7853 +gpg: issuer "matthew@drobnak.com" +gpg: Can't check signature: No public key +Author: Matthew Drobnak +Date: Thu Jun 6 22:59:13 2024 +0000 + + Add functions to handle normal, warning, and error for whiptail and fbwhiptail. + + Signed-off-by: Matthew Drobnak + +commit e471a4ae652c7ff05d1be1b11346ecb36a2095df +gpg: Signature made Fri 21 Jun 2024 11:44:15 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 96b619b5fd 2cd5b0960a +Author: Thierry Laurion +Date: Fri Jun 21 11:44:15 2024 -0400 + + Merge pull request #1707 from Dasharo/nitropad-drop-iotools + + boards, module and Makefile: drop iotools + +commit 2cd5b0960aabf248a46c0f8c0479731033fd27ba +gpg: Signature made Fri 21 Jun 2024 11:08:15 AM EDT +gpg: using RSA key A766C89569895C0B86D598D09963C36AAC3B2B46 +gpg: issuer "maciej.pijanowski@3mdeb.com" +gpg: Good signature from "Maciej Pijanowski " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A766 C895 6989 5C0B 86D5 98D0 9963 C36A AC3B 2B46 +Author: Maciej Pijanowski +Date: Fri Jun 21 16:44:50 2024 +0200 + + modules: drop iotools + + As discussed in: linuxboot#1704 + there is no need to include iotools module for nitropads. + + Since there is no board using it, and we see no reason to use + it in the future (the EC udpate will not require it, as update + will be server by coreboot in the future), drop the module as well. + + Signed-off-by: Maciej Pijanowski + +commit 96b619b5fd98abb01e641df9c5213de5cc378f49 +gpg: Signature made Fri 21 Jun 2024 10:24:45 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 7025031702 fd98c8d0d9 +Author: Thierry Laurion +Date: Fri Jun 21 10:24:45 2024 -0400 + + Merge pull request #1704 from Dasharo/nitropad-shutdown + + nitropad-nx: use standard shutdown/reboot commands + +commit 70250317020ec5365925556df18e288a661f3bf6 +gpg: Signature made Thu 20 Jun 2024 02:11:30 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 156d2c80dd 80284ff246 +Author: Thierry Laurion +Date: Thu Jun 20 14:11:30 2024 -0400 + + Merge pull request #1703 from JonathonHall-Purism/purism_coreboot_24.02.01 + + modules/coreboot: 24.02.01-Purism-1, remove CFLAGS overrides, needs nss + +commit 80284ff246aa8eeea7f0440381c88f585cc76aa9 +gpg: Signature made Thu 20 Jun 2024 01:54:20 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Thierry Laurion +Date: Thu Jun 20 10:51:50 2024 -0400 + + .circleci/config.yml: bump to v0.2.0 docker image based on flake.nix's new nss inclusion required for coreboot 24.02+ + + Signed-off-by: Thierry Laurion + +commit fd98c8d0d9f64e8ef37e45afe9edf4c3b8e0fe8d +gpg: Signature made Thu 20 Jun 2024 12:27:05 PM EDT +gpg: using RSA key A766C89569895C0B86D598D09963C36AAC3B2B46 +gpg: issuer "maciej.pijanowski@3mdeb.com" +gpg: Good signature from "Maciej Pijanowski " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A766 C895 6989 5C0B 86D5 98D0 9963 C36A AC3B 2B46 +Author: Maciej Pijanowski +Date: Thu Jun 20 16:25:09 2024 +0200 + + nitropad-nx: use standard shutdown/reboot commands + + This commit effectively reverts commits a1c13ff and 902866cc. There is + no need for this special EC-based poweroff command. See more details in + issue linked below. + + Fixes: https://github.com/Dasharo/dasharo-issues/issues/711 + + Signed-off-by: Maciej Pijanowski + +commit 2ba56d130472cad3d14f9424a1b2f7dbe3f5a3e8 +gpg: Signature made Wed 19 Jun 2024 12:39:21 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jun 18 16:42:31 2024 -0400 + + modules/coreboot: 24.02.01-Purism-1, remove CFLAGS overrides, needs nss + + Update Purism coreboot to 24.02.01-Purism-1. + + Remove CFLAGS overrides when building coreboot. These overrides break + 24.02.01, which added (and needs) --param=min-pagesize=1024. This has + happened repeatedly in the past since Heads has to duplicate coreboot's + CFLAGS if it overrides them. + + Specifically, the build fails with this error: + src/commonlib/include/commonlib/endian.h:27:26: error: array subscript 1 is outside array bounds of 'void[0]' [-Werror=array-bounds=] + 27 | *(uint8_t *)dest = val; + | ~~~~~~~~~~~~~~~~~^~~~~ + In function 'setup_default_ebda': + cc1: note: source object is likely at address zero + + That's because coreboot is attempting to write to EBDA at physical + address 0x40e, just above 1024. That is a valid address for x86, but + it's too close to 0 by default for GCC, --param-min-pagesize=1024 + allows writes to physical addresses above 1024. + + coreboot shouldn't need any of the usual Heads CFLAGS overrides for + reproducibility; it is already reproducible. + + Fix indentation in modules/coreboot. Make accepted it before because + the indented lines followed a variable assignment, so they couldn't + be part of a recipe. That assignment is now gone, so they're now + interprted as part of a recipe for the `.configured` target just above, + they should not be indented. + + Add nss to flake.nix, needed as of 24.02.01. + + Update Librem coreboot configs for 24.02.01-Purism-1. Notably, the + board Kconfig changed for Mini v2 in coreboot, so this is needed for + correct builds. + + Signed-off-by: Jonathon Hall + +commit 156d2c80dd540b1c73c2754fa751cf9ad2f7c0b4 +gpg: Signature made Wed 19 Jun 2024 09:05:55 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: d9a0caca13 b0b3449367 +Author: Thierry Laurion +Date: Wed Jun 19 09:05:55 2024 -0400 + + Merge pull request #1702 from JonathonHall-Purism/librem_l1um_ci + + circleci: Add Librem L1UM to CI, in front of unmaintained 4.11 boards + +commit b0b34493675b76983f92cfa523749c7ec5021784 +gpg: Signature made Tue 18 Jun 2024 04:34:51 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jun 18 16:34:33 2024 -0400 + + circleci: Add Librem L1UM to CI, in front of unmaintained 4.11 boards + + Signed-off-by: Jonathon Hall + +commit d9a0caca13dbe2c4de49f965b404859f2db6ffaf +gpg: Signature made Thu 13 Jun 2024 11:15:40 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 64730d9507 a15f77e336 +Author: Thierry Laurion +Date: Thu Jun 13 11:15:40 2024 -0400 + + Merge pull request #1700 from JonathonHall-Purism/coreboot_purism_4.22.01-Purism-1 + + Update Purism coreboot to 4.22.01-Purism-1 + +commit a15f77e3361d5baeb7500e75d749b92f0d1e9e0e +gpg: Signature made Tue 11 Jun 2024 01:02:03 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Feb 9 15:20:50 2024 -0500 + + config/coreboot-librem_11.config: intel_iommu=igfx_off on Heads cmdline + + intel_iommu=igfx_off is needed on the Heads kernel command line for + memtest86+ to work. Without this parameter, the screen blanks when + memtest86+ starts testing. + + This is unique to Librem 11, probably because it is the only device + using FSP GOP for graphics init in coreboot. (libgfxinit does not yet + support Jasper Lake.) + + Signed-off-by: Jonathon Hall + +commit 65ca94b1843d370f5f4a1008f2e001815b05236d +gpg: Signature made Tue 11 Jun 2024 01:01:57 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Oct 11 09:06:06 2023 -0400 + + modules/coreboot: Update Purism coreboot to 4.22.01-Purism-1 + + Update Purism coreboot to 4.22.01-Purism-1. + + Signed-off-by: Jonathon Hall + +commit 64730d9507d4d0cf0cc5f455865dea41fc97ab58 +gpg: Signature made Fri 07 Jun 2024 12:38:38 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 868abb75ba 6ac7e5d789 +Author: Thierry Laurion +Date: Fri Jun 7 12:38:38 2024 -0400 + + Merge pull request #1688 from 123ahaha/updated-instruction-ptrace_scope + + Updated README.md for kernel.yama.ptrace_scope issues + +commit 868abb75ba9477ac98f63fd4e004e5caa211e5dc +gpg: Signature made Fri 07 Jun 2024 09:28:31 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 34c7bb5a83 c7a5fbd66f +Author: Thierry Laurion +Date: Fri Jun 7 09:28:31 2024 -0400 + + Merge pull request #1697 from mdrobnak/issue_1692 + + 1692 Update text for TPM Primary Handle error with correct remediation steps. + +commit c7a5fbd66fefc5853ec8e9128bf5d3304b45e85f +gpg: Signature made Tue 04 Jun 2024 11:59:42 PM EDT +gpg: using RSA key 3E3D140D4439F0659D4A8FED20C3618D656E7853 +gpg: issuer "matthew@drobnak.com" +gpg: Can't check signature: No public key +Author: Matthew Drobnak +Date: Mon Jun 3 16:07:08 2024 -0600 + + 1692 Update text for TPM Primary Handle error with correct remediation steps. + + Signed-off-by: Matthew Drobnak + +commit 34c7bb5a83ccc3b47d16f5b393717c01ab5b6b83 +gpg: Signature made Thu 30 May 2024 05:29:08 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: a8adfb5089 edd4378b60 +Author: Thierry Laurion +Date: Thu May 30 17:29:08 2024 -0400 + + Merge pull request #1687 from tlaurion/use_nixos-unstable_prebuild_qemu-canokey + + Use nixos-unstable channel's prebuilt qemu_full with canokey support builtin from nix cache + +commit edd4378b60f281c32ff0cf689a40fb1cbc8a0305 +gpg: Signature made Thu 30 May 2024 05:05:29 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu May 30 17:05:29 2024 -0400 + + flake.nix: remove commented material, add some more comments where needed + + Signed-off-by: Thierry Laurion + +commit a8adfb50894bd4614a61695a2b7530b4fcf0f761 +gpg: Signature made Thu 30 May 2024 03:37:56 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: fc146681f7 ea05b1ed45 +Author: Thierry Laurion +Date: Thu May 30 15:37:56 2024 -0400 + + Merge pull request #1684 from Nitrokey/hotp-version-v1.6 + + Hotp version v1.6 + +commit fc146681f7edb8dc54e4da003c9024269df5dece +gpg: Signature made Wed 29 May 2024 06:55:07 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: cf080564df 1035a93e79 +Author: Thierry Laurion +Date: Wed May 29 18:55:07 2024 -0400 + + Merge pull request #1673 from tlaurion/build-UNMAINTAINED_t530-maximized + + Build unmaintained t530 maximized + +commit c7d1495a0a1478c872ad62e3cd9c9d14d96043ff +gpg: Signature made Sat 25 May 2024 12:56:17 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu May 23 11:34:09 2024 -0400 + + Use nixos-unstable channel's prebuilt qemu_full with canokey support builtin, downloaded from nix cache + + - flake.lock: bumps lcoekd package list to latest packages list through 'nix flake update' + - flake.nix : comment out customizations of derivatives, removing canokey-qemu lib since qemu_full depends on qemu which depends on canokey-qemu by default now + - flake.nux: add 'less' so that 'git log' is usable + - circleci/config.yml: use docker v0.1.9 + - README.md : update docker image maintainer notes to ease upstreaming of docker images and for others to play around, requiring dockerhub account + + For testing iterations of this, I used: + docker_version="v0.1.9" && docker_hub_repo="tlaurion/heads-dev-env" && sed "s@\(image: \)\(.*\):\(v[0-9]*\.[0-9]*\.[0-9]*\)@\1\2:$docker_version@" -i .circleci/config.yml && nix --print-build-logs --verbose develop --ignore-environment --command true && nix build .#dockerImage && docker load < result && docker tag linuxboot/heads:dev-env "$docker_hub_repo:$docker_version" && docker push "$docker_hub_repo:$docker_version" + Then added final commit, and pushed. + + Signed-off-by: Thierry Laurion + +commit 6ac7e5d789b3799ae216bc6d904f02c3b1ca3e99 +Author: Antoine Luciani +Date: Fri May 24 13:29:13 2024 +0200 + + README.md updated in build instructions and in particular an error encountered because of kernel.yama.ptrace_scope during docker image build + + Signed-off-by: Antoine Luciani + +commit ea05b1ed4528f754abe14fcf11118426909ae82f +No signature +Author: nestire +Date: Tue May 21 13:34:00 2024 +0200 + + extent hotp error message for nitrokeys + + Signed-off-by: nestire + +commit 8bea5697d4462f325e2b15274e1c9dc97f1351b7 +No signature +Author: nestire +Date: Tue May 21 13:24:36 2024 +0200 + + bump hotp version to 1.6 + + Signed-off-by: nestire + +commit cf080564df86a0d7afbee4a6bca54b0ef4e370b6 +gpg: Signature made Fri 17 May 2024 03:05:59 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 59df86fbd0 74b1e2f7c1 +Author: Thierry Laurion +Date: Fri May 17 15:05:59 2024 -0400 + + Merge pull request #1680 from tlaurion/fix_openssl_output_on_console_for_internal_hack + + modules/openssl: remove hack, silence error on console when openssl is included for builds (affects tpm2 boards builds) + +commit 74b1e2f7c1228c55a3fd37728196e00fd84eb2c0 +gpg: Signature made Fri 17 May 2024 02:56:19 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 17 12:41:52 2024 -0400 + + modules/openssl: remove hack: silences error on console when openssl is included for builds (affects tpm2 boards builds) + + Signed-off-by: Thierry Laurion + +commit 59df86fbd0c36448314f1200ab336c0a37c6c91d +gpg: Signature made Fri 17 May 2024 01:22:32 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: b80aa87077 37f04e2855 +Author: Thierry Laurion +Date: Fri May 17 13:22:32 2024 -0400 + + Merge pull request #1677 from tlaurion/fix_key_to_card + + Revert gpg version bump and unify key to card code to properly create bug upstream + +commit 37f04e28556f7ec89ab10eabbfaf3a4820c30a62 +gpg: Signature made Fri 17 May 2024 09:27:54 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue May 14 12:44:11 2024 -0400 + + Fix key to card failing with invalid time when moving keys to smartcard on master (Opt: Authenticated Heads) + + - Revert gnupg toolstack version bump to prior of #1661 merge (2.4.2 -> 2.4.0). Version bump not needed for reproducibility. + - Investigation and upstream discussions will take their time resolving invalid time issue introduced by between 2.4.0 and latest gnupg, fix regression first under master) + + - oem-factory-reset + - Adding DO_WITH_DEBUG to oem-factory-reset for all its gpg calls. If failing in debug mode, /tmp/debug.txt contains calls and errors + - Wipe keyrings only (*.gpg, *.kbx) not conf files under gpg homedir (keep initrd/.gnupg/*.conf) + + - flake.nix + - switch build derivative from qemu and qemu_kvm to qemu_full to have qemu-img tool which was missing to run qemu boards (v0.1.8 docker) + - add gnupg so that qemu boards can call inject_gpg to inject public key in absence of flashrom+pflash support for internal flashing + + - flake.lock: Updated nix pinned package list under flake.lock with 'nix flake update' so qemu_full builds + + - README.md: have consistent docker testing + release (push) notes + + - .circleci/config.yml: depend on docker v0.1.8 (qemu_full built with canokey-qemu lib support, diffoscopeMinimal and gnupg for proper qemu testing) + + TODO: + - some fd2 instead of fd1?! + - oem-factory-resest has whiptail_or_die which sets whiptail box to HEIGHT 0. This doesn't show a scrolling window on gpg errors which is problematic with fbwhiptail, not whiptail + + Signed-off-by: Thierry Laurion + +commit b80aa8707717ba5dc4723e75e068125d4b3c2af1 +gpg: Signature made Wed 15 May 2024 12:43:41 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: c91731c956 a51a7afefe +Author: Thierry Laurion +Date: Wed May 15 12:43:41 2024 -0400 + + Merge pull request #1662 from tlaurion/nitrokey_board_unification_clean-enable_htop_validated_autoboot-novacustom_coreboot_version_bump + + Nitrokey boards coreboot version bump to match Dasharo+Heads heads+ coreboot version used in their v0.9.0 - 2024-02-29 BOM + +commit a51a7afefef2eec2e061576ab9f4ad4fc093b9bf +gpg: Signature made Tue 14 May 2024 12:11:16 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue May 14 12:09:22 2024 -0400 + + patches/coreboot-dasharo-unreleased : keep track of patches per upsream dasharo+heads unreleased patches to apply on top of last release + + PR numbers being numerical and hopefully not conflicting with each other, keeping track of commits per their upstream PR should make sure they can be applied cleanly on top of each other + as opposed to commit id related patches that git apply will apply in random order. + + Signed-off-by: Thierry Laurion + +commit 49d993715e37c7a32f8397051e973503de076d95 +gpg: Signature made Mon 13 May 2024 09:48:20 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Merge: 85bd68fee0 c91731c956 +Author: Thierry Laurion +Date: Mon May 13 21:48:19 2024 -0400 + + Merge remote-tracking branch 'osresearch/master' into nitrokey_board_unification_clean-enable_htop_validated_autoboot-novacustom_coreboot_version_bump + +commit c91731c95613b63f6578118725f88987de76bec1 +gpg: Signature made Mon 13 May 2024 09:47:50 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: ede404c881 2784128b17 +Author: Thierry Laurion +Date: Mon May 13 21:47:50 2024 -0400 + + Merge pull request #1676 from tlaurion/update_issues_templates-reflect_forks-reflect_usb_dongles_fix + + Issue template: Version information aimed to be hidden was visible + typo fix + +commit 2784128b176aaec33711f14fab2a50de6a77796f +gpg: Signature made Mon 13 May 2024 09:46:20 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon May 13 21:45:34 2024 -0400 + + Issue template: Version information aimed to be hidden was visible + + Also fix gPU -> GPU + Signed-off-by: Thierry Laurion + +commit 85bd68fee0f9e8c0b25628185239fa746539f3bb +gpg: Signature made Mon 13 May 2024 08:57:47 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Merge: 41d55bf2fc ede404c881 +Author: Thierry Laurion +Date: Mon May 13 20:57:45 2024 -0400 + + Merge remote-tracking branch 'osresearch/master' into nitrokey_board_unification_clean-enable_htop_validated_autoboot-novacustom_coreboot_version_bump + +commit ede404c881bf5c90e5eee603843248e3c4a8f9b6 +gpg: Signature made Mon 13 May 2024 08:57:02 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 70b3272b32 03347ea6dc +Author: Thierry Laurion +Date: Mon May 13 20:57:02 2024 -0400 + + Merge pull request #1675 from tlaurion/update_issues_templates-reflect_forks-reflect_usb_dongles + + Update issue templates to reflect current realities of forks and security Dongles in the field + +commit 03347ea6dc495786d67f296286f2b74c313dec67 +gpg: Signature made Mon 13 May 2024 08:56:01 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon May 13 20:46:26 2024 -0400 + + Update issue templates to reflect current realities of forks and security Dongles Being used out there + + Signed-off-by: Thierry Laurion + +commit 1035a93e79866b5483c5a35c3697d08fee4f8970 +gpg: Signature made Mon 13 May 2024 12:15:08 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon May 13 11:12:27 2024 -0400 + + Build UNMAINTAINED_t530-maximized as requested under #1672 + + Signed-off-by: Thierry Laurion + +commit 41d55bf2fcf9337da5dac240050b54c3583584a7 +gpg: Signature made Mon 13 May 2024 11:03:23 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon May 13 11:03:23 2024 -0400 + + coreboot + patches/coreboot-dasharo-unreleased: Add b35dc4a4f25497acfbe159d6abd057d885661a02.patch for TPM IRQ Kconfig missing + + Signed-off-by: Thierry Laurion + +commit b163c389fe170ff8ff6ad88eff28b4060cc27148 +gpg: Signature made Mon 13 May 2024 11:01:13 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Merge: 3a7292018e 70b3272b32 +Author: Thierry Laurion +Date: Mon May 13 11:01:11 2024 -0400 + + Merge remote-tracking branch 'osresearch/master' into nitrokey_board_unification_clean-enable_htop_validated_autoboot-novacustom_coreboot_version_bump + +commit 70b3272b32375c291b3f59403c07643744475ff0 +gpg: Signature made Mon 13 May 2024 10:56:53 AM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 1e583e01a0 c73692e4f3 +Author: Thierry Laurion +Date: Mon May 13 10:56:53 2024 -0400 + + Merge pull request #1671 from tlaurion/nix_qemu-canokey_derivate + + flake.nix + qemu.mk : add working qemu-canokey usable from all qemu boards by default + +commit 3a7292018efddbd8fa59a7a16b80c1f6bb2b341b +gpg: Signature made Mon 13 May 2024 09:23:21 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Merge: 81cc5263a0 1e583e01a0 +Author: Thierry Laurion +Date: Mon May 13 09:23:20 2024 -0400 + + Merge remote-tracking branch 'osresearch/master' into pr/tlaurion/1662 + +commit c73692e4f3ec204ae2fe179d63017040e081fee2 +gpg: Signature made Sun 12 May 2024 01:51:59 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun May 12 12:57:19 2024 -0400 + + flake.nix + qemu.mk : add working qemu-canokey usable from all qemu boards by default + flake.nix: add canokey-qemu lib, derivate qemu on tope of it and have qemu_kvm depend on qemu derivative + targets/qemu.mk: modified to had canokey support by default if no "USB_TOKEN=" specified on make run call + + CircleCI: base docker image pull on v0.1.6 containing the newly added derivatives + Signed-off-by: Thierry Laurion + +commit 1e583e01a07e7254fc1bbcc57d7a30317b62315d +gpg: Signature made Fri 10 May 2024 04:05:34 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 77f1e346d0 ecbfdbc57b +Author: Thierry Laurion +Date: Fri May 10 16:05:34 2024 -0400 + + Merge pull request #1661 from tlaurion/wip-nix-for-build + + Move to nix buildstack (and nix develop produced docker image used under CircleCI) + +commit ecbfdbc57b23ef0b884b394e1ad97491b8d2f8b6 +gpg: Signature made Fri 10 May 2024 04:01:16 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 10 15:44:34 2024 -0400 + + README.md Simplify Setup of Nix and flakes and docker image creation instructions + + Signed-off-by: Thierry Laurion + +commit c52fd428027fe4850dc77ad4eb2f90a66c1549f3 +gpg: Signature made Fri 10 May 2024 03:36:56 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Merge: 181ce621bb 77f1e346d0 +Author: Thierry Laurion +Date: Fri May 10 15:36:54 2024 -0400 + + Merge remote-tracking branch 'osresearch/master' into pr/tlaurion/1661 + +commit 81cc5263a0898c36777eb0572d7816096466f66b +gpg: Signature made Fri 10 May 2024 03:02:30 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun May 5 13:48:11 2024 -0400 + + nv41/ns50 coreboot configs: save configs with make BOARD=nitropad-n[v41|s50] coreboot.modify_and_save_oldconfig_in_place + + removes a comment: + -# CONFIG_DASHARO_FIRMWARE_UPDATE_MODE is not set + - Unify ns50/nv41 + - CONFIG_TPM_PIRQ=0x27 in both nv41/ns50 as per https://github.com/linuxboot/heads/pull/1662#issuecomment-2100820944 + NOTE that this doesn't stick when calling + make[1]: Leaving directory '/home/user/heads/build/x86/coreboot-dasharo' + user@heads-tests-deb12:~/heads$ git diff + diff --git a/config/coreboot-nitropad-nv41.config b/config/coreboot-nitropad-nv41.config + index 9484aaf5122..ddd4e5d7c56 100644 + --- a/config/coreboot-nitropad-nv41.config + +++ b/config/coreboot-nitropad-nv41.config + @@ -143,7 +143,7 @@ CONFIG_BOARD_CLEVO_NV40PZ_BASE=y + CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NV41" + CONFIG_CONSOLE_POST=y + # CONFIG_USE_PM_ACPI_TIMER is not set + -CONFIG_TPM_PIRQ=0x27 + +CONFIG_TPM_PIRQ=0x0 + # CONFIG_SOC_INTEL_CSE_SEND_EOP_EARLY is not set + CONFIG_VBOOT_FWID_VERSION="$(CONFIG_LOCALVERSION)" + CONFIG_EC_SYSTEM76_EC_BAT_THRESHOLDS=y + + Also note that CONFIG_EC_SYSTEM76_EC_DGPU=y is not present on ns50 as opposed to nv41, whatever that does. + user@heads-tests-deb12:~/heads$ diff -u config/coreboot-nitropad-nv41.config config/coreboot-nitropad-ns50.config + --- config/coreboot-nitropad-nv41.config 2024-05-10 14:59:42.156754718 -0400 + +++ config/coreboot-nitropad-ns50.config 2024-05-10 14:55:37.699761391 -0400 + @@ -110,7 +110,7 @@ + # CONFIG_VENDOR_TI is not set + # CONFIG_VENDOR_UP is not set + CONFIG_MAINBOARD_FAMILY="Not Applicable" + -CONFIG_MAINBOARD_PART_NUMBER="nv40pz" + +CONFIG_MAINBOARD_PART_NUMBER="ns50pu" + CONFIG_MAINBOARD_VERSION="v2.1" + CONFIG_MAINBOARD_DIR="clevo/adl-p" + CONFIG_DIMM_MAX=4 + @@ -128,7 +128,7 @@ + CONFIG_DEVICETREE="devicetree.cb" + # CONFIG_VBOOT is not set + CONFIG_VBOOT_VBNV_OFFSET=0x28 + -CONFIG_VARIANT_DIR="nv40pz" + +CONFIG_VARIANT_DIR="ns50pu" + CONFIG_OVERRIDE_DEVICETREE="variants/$(CONFIG_VARIANT_DIR)/overridetree.cb" + # CONFIG_VGA_BIOS is not set + CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="Nitrokey" + @@ -139,8 +139,8 @@ + CONFIG_CMOS_LAYOUT_FILE="src/mainboard/$(MAINBOARDDIR)/cmos.layout" + CONFIG_BOOT_DEVICE_SPI_FLASH_BUS=0 + CONFIG_BOARD_CLEVO_ADLP_COMMON=y + -CONFIG_BOARD_CLEVO_NV40PZ_BASE=y + -CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NV41" + +CONFIG_BOARD_CLEVO_NS50PU_BASE=y + +CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NS51" + CONFIG_CONSOLE_POST=y + # CONFIG_USE_PM_ACPI_TIMER is not set + CONFIG_TPM_PIRQ=0x27 + @@ -158,8 +158,8 @@ + CONFIG_HAVE_INTEL_FIRMWARE=y + CONFIG_MRC_SETTINGS_CACHE_SIZE=0x10000 + CONFIG_DRIVERS_INTEL_WIFI=y + -CONFIG_IFD_BIN_PATH="3rdparty/dasharo-blobs/novacustom/nv4x_adl/descriptor.bin" + -CONFIG_ME_BIN_PATH="3rdparty/dasharo-blobs/novacustom/nv4x_adl/me.bin" + +CONFIG_IFD_BIN_PATH="3rdparty/dasharo-blobs/novacustom/ns5x_adl/descriptor.bin" + +CONFIG_ME_BIN_PATH="3rdparty/dasharo-blobs/novacustom/ns5x_adl/me.bin" + CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x20000 + CONFIG_VBT_DATA_SIZE_KB=9 + CONFIG_CARDBUS_PLUGIN_SUPPORT=y + @@ -176,8 +176,8 @@ + # + # Alder Lake P (2022) + # + -# CONFIG_BOARD_NOVACUSTOM_NS5X_ADLP is not set + -CONFIG_BOARD_NOVACUSTOM_NV4X_ADLP=y + +CONFIG_BOARD_NOVACUSTOM_NS5X_ADLP=y + +# CONFIG_BOARD_NOVACUSTOM_NV4X_ADLP is not set + + # + # Tiger Lake U (2021) + @@ -503,7 +503,6 @@ + # + CONFIG_EC_ACPI=y + CONFIG_EC_SYSTEM76_EC=y + -CONFIG_EC_SYSTEM76_EC_DGPU=y + + # + # Intel Firmware + + Signed-off-by: Thierry Laurion + +commit f6f216c5b88b7911b2d852f4598afb1fcce7d6d4 +gpg: Signature made Fri 10 May 2024 02:50:37 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Kopeć +Date: Wed Feb 14 16:57:05 2024 +0100 + + Use single coreboot rev for MSI and NCM + + Signed-off-by: Michał Kopeć + Signed-off-by: Thierry Laurion + +commit 443955e0862528de8f584b1fe720e02d3ebb6a4e +gpg: Signature made Fri 10 May 2024 02:50:31 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun May 5 12:16:23 2024 -0400 + + nv41/ns50 board config: Add note referring that those boards FB are GOP enabled just like the librem_11 for reference + + Signed-off-by: Thierry Laurion + +commit eb2d8da9833bf77862a9da2444feb8a645315b0c +gpg: Signature made Fri 10 May 2024 02:50:27 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun May 5 12:14:27 2024 -0400 + + nv41/ns50 coreboot config: apply 4cf15f2586c55d7c2f2c5136f08e7670eebc5012 also to ns50. Note: SMMSTORE and top-down resource allocation diff between ns50/nv41 + + Signed-off-by: Thierry Laurion + +commit 7e31b204e13fb80dc956222345a8c47161586178 +gpg: Signature made Fri 10 May 2024 02:50:22 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun May 5 11:25:46 2024 -0400 + + nv41/ns50 coreboot config: make sure everything is saved with make BOARD=nitropad-n*** coreboot.modify_and_save_oldconfig_in_place + + Signed-off-by: Thierry Laurion + +commit 23976461d81b973896f15fa8b5d810fb95bd7ee4 +gpg: Signature made Fri 10 May 2024 02:40:26 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Żygowski +Date: Fri Feb 16 15:25:54 2024 +0100 + + modules/coreboot: Avoid double quotes in LOCALVERSION + + Signed-off-by: Michał Żygowski + Signed-off-by: Thierry Laurion + +commit 83f96aae5c2ed9edabbd54898f5bda0c4f6f728f +gpg: Signature made Fri 10 May 2024 02:40:21 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Żygowski +Date: Fri Feb 16 14:01:09 2024 +0100 + + modules/coreboot: Remove the lines with config values before overriding them + + Signed-off-by: Michał Żygowski + Signed-off-by: Thierry Laurion + +commit 1eef518daa92d81ee5368ae1ed6262936d93426e +gpg: Signature made Fri 10 May 2024 02:40:16 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Kopeć +Date: Tue Feb 13 17:29:46 2024 +0100 + + modules/coreboot: don't touch DMI vendor name if unspecified + + Signed-off-by: Michał Kopeć + Signed-off-by: Thierry Laurion + +commit 3cfa4e91aed9dcabbedbcec85be3fc1535a9ebaf +gpg: Signature made Fri 10 May 2024 02:40:11 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Kopeć +Date: Tue Feb 13 15:21:49 2024 +0100 + + Allow overriding DMI manufacturer name + + Signed-off-by: Michał Kopeć + Signed-off-by: Thierry Laurion + +commit 3102666c91c985cdca3482eac6bb1a8daf5607d4 +gpg: Signature made Fri 10 May 2024 02:40:07 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Kopeć +Date: Mon Feb 12 18:19:20 2024 +0100 + + coreboot-nitropad-nv41.config: disable RESOURCE_ALLOCATION_TOP_DOWN + + Also disable bootsplash resizing to center the logo in the middle of + the screen. + + Signed-off-by: Michał Kopeć + Signed-off-by: Thierry Laurion + +commit acc8044766334757543772ce9516ea0523d873b9 +gpg: Signature made Fri 10 May 2024 02:40:02 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Żygowski +Date: Fri Feb 9 10:50:33 2024 +0100 + + modules/coreboot: Allow overriding LOCALVERSION and SMBIOS_PRODUCT_NAME + + Signed-off-by: Michał Żygowski + Signed-off-by: Thierry Laurion + +commit c7dc6a8064ce0ec85fa5e4224423b1afecf01463 +gpg: Signature made Fri 10 May 2024 02:39:57 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Żygowski +Date: Tue Feb 6 17:33:52 2024 +0100 + + patches: Remove obsolete patches for nitropad builds + + Signed-off-by: Michał Żygowski + Signed-off-by: Thierry Laurion + +commit 8e7e18920d34c024b4ae4f5633010596575f3be0 +gpg: Signature made Fri 10 May 2024 02:39:53 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Żygowski +Date: Tue Feb 6 17:01:56 2024 +0100 + + modules/nitrokey-blobs,boards/nitropad: Remove obsolete blobs module + + Signed-off-by: Michał Żygowski + Signed-off-by: Thierry Laurion + +commit 6a64144e97286482b69dc21a25e03e986998bcad +gpg: Signature made Fri 10 May 2024 02:39:48 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Michał Żygowski +Date: Tue Feb 6 17:01:35 2024 +0100 + + modules/coreboot,config/coreboot-nitropad: Update to the newest revision + + Signed-off-by: Michał Żygowski + Signed-off-by: Thierry Laurion + +commit 77f1e346d02925704ab74846d58dc0e38bac8b59 +gpg: Signature made Fri 10 May 2024 02:20:16 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 165f90a8cf b65e8bf66d +Author: Thierry Laurion +Date: Fri May 10 14:20:16 2024 -0400 + + Merge pull request #1640 from tlaurion/nitrokey_board_unification_clean-enable_htop_validated_autoboot + + Nitrokey board cleaning+ unification cleanup (enable htop validated autoboot + tethering) + +commit 181ce621bb913d3fd8ed8f9c13222850555f6615 +gpg: Signature made Fri 10 May 2024 12:05:24 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 10 11:37:05 2024 -0400 + + README.md Makefile: address comments in PR review for daily/non-daily Nix users, remove NIX_REPRO_NOTES, Makefile dev helpers self-explain themselves + + Signed-off-by: Thierry Laurion + +commit c7f652bf897faf2e4110806efd28d15e8a37d53c +gpg: Signature made Thu 09 May 2024 07:44:10 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Jonathon Hall +Date: Thu May 9 17:00:38 2024 -0400 + + Makefile: Use relative paths in configs generated from templates + + Use relative paths in configs generated from templates, so the final + build doesn't depend on the absolute location of the repository. The + coreboot config is part of the final ROM. + + Signed-off-by: Jonathon Hall + Signed-off-by: Thierry Laurion + +commit 6ce3d21e4c4f90452396882654a4f00662fae663 +gpg: Signature made Thu 09 May 2024 12:20:18 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Jonathon Hall +Date: Thu May 9 10:40:21 2024 -0400 + + modules/flashrom: Remove LIBS_BASE to stop linking in RPATH. + + Specifying LIBS_BASE causes flashrom's Makefile to link in an RPATH, + using the Heads workspace path, which is not what we want. It does + other things too, but we already pass the parts we need to the make + invocation for flashrom. + + Signed-off-by: Jonathon Hall + Signed-off-by: Thierry Laurion + +commit e4976e7882992c6b5182d2593f5d34bd4028e229 +gpg: Signature made Wed 08 May 2024 03:36:29 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 8 15:25:57 2024 -0400 + + Re-add kgpe-d16 as UNMAINTAINED_* boards, still built by CircleCI (since cosntant interest in the builds) + + Modify .circleci/config.yml to also not reuse past caches if CircleCI config changes as part of calculated hashes for the 3 layers + Signed-off-by: Thierry Laurion + +commit b4936ea42c7d0acea797fafaa26347fc8ab610fc +gpg: Signature made Wed 08 May 2024 11:35:49 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 8 11:35:13 2024 -0400 + + CircleCI: use v.0.1.4 produced with latest flake.nix which includes qemu_kvm for kvm testing in docker image + + Signed-off-by: Thierry Laurion + +commit 1bef1083e047c8f78b47ae8fd8eed33eea770d39 +gpg: Signature made Wed 08 May 2024 11:30:24 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 8 11:26:34 2024 -0400 + + README.md: update repro notes. flake.nix: qemu_kvm was not included for native kvm support: added + + Signed-off-by: Thierry Laurion + +commit 03e861ea489e2dd7531946d4b945339b3ae7bc85 +gpg: Signature made Tue 07 May 2024 12:09:40 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue May 7 11:58:06 2024 -0400 + + README.md: Add docs refs to setup docker and nix persistence over QubesOS Template/AppVM for usage. Expand on nix repro instructions fro NIX_REPRO_NOTES for review + + Signed-off-by: Thierry Laurion + +commit f4db4b791c7abfd049835cf9487c56152e825976 +gpg: Signature made Mon 06 May 2024 03:22:12 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon May 6 14:12:05 2024 -0400 + + README.md qemu.md + CircleCI: point to images for building and using nix developed created docker image + + - push v0.1.3 and have latest point to the same image, add repro notes inside of README.md + - modify qemu.md to also refer to using docker images + + TODO: remove NIX_REPRO_NOTES prior of merging + + Signed-off-by: Thierry Laurion + +commit 2b2356e87e3df9569e74dd45f4bf79dd14f21287 +gpg: Signature made Fri 03 May 2024 03:07:38 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 3 15:00:26 2024 -0400 + + CircleCI: use tlaurion/heads-dev-env:v0.1.1 which reverts nix attempt of garbage collection inside of nix prior of making the docker + + Signed-off-by: Thierry Laurion + +commit 0b7ce534a8f662d31fc4cd494a216e08551b5509 +gpg: Signature made Fri 03 May 2024 02:16:48 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 3 14:13:39 2024 -0400 + + WiP: revert garbage collector within nix environment. Doesn;t help and makes the docker image bigger + + TODO: push v0.1.2 with those changes pointing circleci to use it + Signed-off-by: Thierry Laurion + +commit b65e8bf66d02055703b63dd04de5701c4d6f204c +gpg: Signature made Fri 03 May 2024 01:54:27 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 3 13:53:13 2024 -0400 + + nv41/ns50 shared linux config: reenable I2C, not even sure if needed + + git difftool -d HEAD^ to check config against previous version (librem shared config), noticed I2C options being maybe relevant, added them back in + + Then saved with make BOARD=nitropad-ns50 linux.modify_and_save_oldconfig_in_place + + Signed-off-by: Thierry Laurion + +commit 862f58f0da7d8cf1f11bd5730c072fc2edd87e52 +gpg: Signature made Fri 03 May 2024 01:43:54 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 3 13:43:23 2024 -0400 + + config/linux-nitropad-x.config: bring par with librem_11 shared linux config (GOP compliant) + + TODO: next, readd what might have been pertinent + + Signed-off-by: Thierry Laurion + +commit 8cace179404ce990008de4119867254fc51767e0 +gpg: Signature made Fri 03 May 2024 01:36:24 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 3 13:35:39 2024 -0400 + + nv41/ns50: coreboot configs saved in oldconfig + + Result of: + make BOARD=nitropad-nv41 coreboot.save_in_oldconfig_format_in_place + make BOARD=nitropad-ns50 coreboot.save_in_oldconfig_format_in_place + + No change, was applied like this anyway at compilation. + + Signed-off-by: Thierry Laurion + +commit 0f412ed3ce54141d2e963f88c559a88793554ef5 +gpg: Signature made Fri 03 May 2024 01:30:37 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 16 13:01:30 2024 -0400 + + config/linux-nitropad-x.config: Add Tethering requirements + + TODO: fix discrepencies in kernel config to limit technological debt in later commit in this PR + Signed-off-by: Thierry Laurion + +commit 60e0d6017fad0dfbd8d5bbe8a39ec08e71fde5c4 +gpg: Signature made Fri 03 May 2024 01:30:05 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 16 12:43:51 2024 -0400 + + boards: uniformize nitropad boards with qemu-coreboot boards and against each other + + - Add tethering in board configs + - Add autoboot after 5 seconds if HOTP remote attestation is successful + + Signed-off-by: Thierry Laurion + +commit 865a0c6a2b84cb095432b46138030c6d3f647cec +gpg: Signature made Fri 03 May 2024 12:30:20 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 16 11:40:45 2024 -0400 + + WiP: Boards configuration unification between x230-hotp-maximized and nitrokey boards: enable Automatic boot when HOTP valid after 5 seconds + + Signed-off-by: Thierry Laurion + +commit 3d0991f6c148c77d141d3bf747d1bde485e86d48 +gpg: Signature made Fri 03 May 2024 10:13:09 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 3 10:13:09 2024 -0400 + + flake.nix: revert to mmlb state and testing + + Signed-off-by: Thierry Laurion + +commit 973e905ef6d4cadeae0f71f9edab9f99a7abbf12 +gpg: Signature made Fri 03 May 2024 10:06:16 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri May 3 10:06:16 2024 -0400 + + flake.lock: revert to old package pinning + + Signed-off-by: Thierry Laurion + +commit 46cad549ef5b1de40dd36c61b824735d4217f8a1 +gpg: Signature made Thu 02 May 2024 08:51:45 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu May 2 14:57:05 2024 -0400 + + WiP flake.nix: make docker image usable for testing as well, target: qemu-coreboot-whiptail-tpm2 with swtpm and canokey for smartcard + + - include nix tools inside of the docker to be able to call the garbage collector prior of creating docker. + - protect roots from garbage collection (WiP) + - Requires external preparation call so that nix (the binary) is not wiped as well. See NIX_REPRO_NOTES at the end of the file for repro notes + - Could probably be improved. Works as of now and created a 4Gb vs 3.02Gb docker image I'm uploading now. + - CircleCI bumped to use v0.0.9 version including this + - CircleCI now depending on flake.lock for all cache layers. Will rebuild clean once again + + So now we have qemu with canokey support in image, nix basic tools inside of container. Possible to call docker with DISPLAY, see NIX_REPRO_NOTES as of now. + That feels nice. No need of USB security dongle to have TPM based TPMTOTP nor detach sign? Not tested but feature is there + + TODO: + - make docker creating nicer in the Nix way. + - Add canokey support under targets/qemu.mk + - add canokey board version + + At least we have reproducible stack and testing stack being in same docker image. Docker image moved from 991.18MB (v0.0.8) to 1.18GB (v0.0.9) + - And I tried to clean binaries of symbols here! Seems like I do not know enough of the Nix way here. + + Signed-off-by: Thierry Laurion + +commit 6070d8f6f0319ead8de3f3b676c137f6ade0236c +gpg: Signature made Thu 02 May 2024 01:03:09 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu May 2 11:09:11 2024 -0400 + + CircleCI: use tlaurion/heads-dev-env:v0.0.8 which includes AC_LOCAL export of develop env into the docker image. Works locally for talos-2 board build. + + Signed-off-by: Thierry Laurion + +commit 19bccf0cbd12382903f8feaa98cad9d848bf515d +gpg: Signature made Thu 02 May 2024 01:03:04 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu May 2 09:56:55 2024 -0400 + + Revert "modules/tpm2-tss: just remove LT_LIB_DLLOAD from aclocal generated file since there is no easy way of fixing this" + + This reverts commit 6a1791112de451509d81e03bce5bdd6b1a49a79f. + + Signed-off-by: Thierry Laurion + +commit 5b2b4dc0fd0b81c0fc6996328643b176ae23e949 +gpg: Signature made Thu 02 May 2024 01:03:00 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu May 2 09:54:14 2024 -0400 + + flake.nix: add exporting of AC_LOCAL which was not exported in deveenv.sh. + + Was causing another ac macro misbehavior since host ac was not considered by aclocal and autoreconf + + TODO: Might want to revert 6a1791112de451509d81e03bce5bdd6b1a49a79f if talos-2 board is able to build 3rdparty/sb-sign-tool + + Signed-off-by: Thierry Laurion + +commit 50ab1c5b88982afef283df9d54a3d78051bedb81 +gpg: Signature made Thu 02 May 2024 01:02:55 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 16:22:01 2024 -0400 + + modules/patches slang: bump to version 2.3.3 so we can disable termcap without hacking around + + Signed-off-by: Thierry Laurion + +commit 9a72d9545ae2578549de057e3fbcf98c6d63d679 +gpg: Signature made Thu 02 May 2024 01:02:50 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 14:47:03 2024 -0400 + + CircleCI: use tlaurion/heads-dev-env:v0.0.7 which includes openssl in flake.nix for talos-2 board's linux config + + Signed-off-by: Thierry Laurion + +commit 89181181df52312230bad64f8a4f76acbd90ada1 +gpg: Signature made Thu 02 May 2024 01:02:45 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 14:30:41 2024 -0400 + + flake.nix: add openssl requirement to build talos-2 board's kernel + + Signed-off-by: Thierry Laurion + +commit 35530f9115e9bbe3afbe04890af3dd3598b832ac +gpg: Signature made Thu 02 May 2024 01:02:41 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 14:30:03 2024 -0400 + + modules/msrtools : add missing MAKE_JOBS for parallel builds + + Signed-off-by: Thierry Laurion + +commit fa60bf7dfb31c6440473d7c4a91dc701b12604bc +gpg: Signature made Thu 02 May 2024 01:02:36 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 13:23:10 2024 -0400 + + modules/tpm2-tss: just remove LT_LIB_DLLOAD from aclocal generated file since there is no easy way of fixing this + + nix doesn't provide an equivalent of libltdl-dev, so just wipe the remnant of old ages if present + https://github.com/tpm2-software/tpm2-tss/issues/2161 + + Signed-off-by: Thierry Laurion + +commit 76c20847da66ead24659bcf56b5aec98cdb23bfb +gpg: Signature made Thu 02 May 2024 01:02:31 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 12:10:14 2024 -0400 + + CircleCI: add CircleCI step to source manually /devenv.sh in build_board additional step + + Signed-off-by: Thierry Laurion + +commit 70a9f93ddf2ef429a6724097cafe58faf109f466 +gpg: Signature made Thu 02 May 2024 01:02:26 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 12:39:41 2024 -0400 + + Revert "CirlceCI: use docker v0.0.6 which flake.nix jumped from zlib/zlib.dev to zlib-ng" + + This reverts commit 9052d2b562162183fa201ebf89c75be904d87281. + + Signed-off-by: Thierry Laurion + +commit f676405ae16d725042444409bd827a80ba98e96a +gpg: Signature made Thu 02 May 2024 01:02:22 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 12:39:06 2024 -0400 + + Revert "flake.nix: change zlib and zlib.dev for zlib-ng? https://app.circleci.com/pipelines/github/tlaurion/heads/2500/workflows/23674215-8b22-4852-adf4-2a6df9e44353/jobs/45080?invite=true#step-102-16530_106 zlib-dev not found on coreboot buildstack buildstep..." + + This reverts commit d6c499676ed07037bcb4ca66db3d3876a87de23b. + + Signed-off-by: Thierry Laurion + +commit 53ca8d3554e493b5cb5c5271417cae889f6f865a +gpg: Signature made Thu 02 May 2024 01:02:17 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 11:22:56 2024 -0400 + + CirlceCI: use docker v0.0.6 which flake.nix jumped from zlib/zlib.dev to zlib-ng + + Signed-off-by: Thierry Laurion + +commit 32e7082f094c5eb01bba7fe58ab0fadc4245e7b2 +gpg: Signature made Thu 02 May 2024 01:02:12 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed May 1 11:09:38 2024 -0400 + + flake.nix: change zlib and zlib.dev for zlib-ng? https://app.circleci.com/pipelines/github/tlaurion/heads/2500/workflows/23674215-8b22-4852-adf4-2a6df9e44353/jobs/45080?invite=true#step-102-16530_106 zlib-dev not found on coreboot buildstack buildstep... + + Signed-off-by: Thierry Laurion + +commit b45fc960cf47c879e51fb5f8c3193f5d55fafc35 +gpg: Signature made Thu 02 May 2024 01:02:07 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 30 15:20:38 2024 -0400 + + CircleCI: Test tlaurion/heads-dev-env:v.0.0.5 (created from flake develop) which fails at tpm2-tss + - switch cache to nix-docker-heads to not interfere with nixos develop layer on same PR + - remove nix develop calls; replace by direct script calls and make calls + - make sure save/restore/root is ~/heads + + Signed-off-by: Thierry Laurion + + Signed-off-by: Thierry Laurion + +commit 093fc4a73ee5b001de2ce5a8309d08f795d5bb6f +gpg: Signature made Thu 02 May 2024 01:02:03 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Apr 24 14:49:13 2024 -0400 + + Makefile: reduce dependencies on external tools for dynamic MAKE_JOBS creation. Cleaner NIX_REPRO_NOTES + + Signed-off-by: Thierry Laurion + +commit c197d6193aae4162ab3003066f70a26dbf5e87aa +gpg: Signature made Thu 02 May 2024 01:01:58 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 20:25:21 2024 -0400 + + NIX_REPRO_NOTES: Add notes to help repro and go farther faster without loosing traces of reproduction notes + + Signed-off-by: Thierry Laurion + +commit 975a2424cddbaa18ba2cab676b36c143ec2c2955 +gpg: Signature made Thu 02 May 2024 01:01:53 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 19:34:32 2024 -0400 + + Makefile: add yet another helper real.remove_canary_files-extract_patch_rebuild_what_changed: reextract packages, repatch sources (might fail, easy to fix) and rebuild only what changed (not a lot) + if patch fails to apply, its because patch file creates a file and doesn't expect it to exist. + just call rm on the file reported to exist, and relaunch build. + + Deletes ./install/*/* and permits to rebuild all dependencies in order, just based on freshly extracted and patched code. + Bonus, this saves your SDD from unneeded wear and rebuilds faster then all other Mafile helpers. + + That's my favorite. + + Signed-off-by: Thierry Laurion + +commit a29f92a26d8e3ca9b1b1e392948fc8603821219f +gpg: Signature made Thu 02 May 2024 01:01:48 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 19:14:31 2024 -0400 + + modules/* : WiP for tpm2-* while having added MAKE_JOBS to modules that were missing it to propogate build optimizations per module, while still impossible to call make -j 12 on main make call + + Signed-off-by: Thierry Laurion + +commit e841f9bc0d0587ed84b4dc7463febeba9e0d7abb +gpg: Signature made Thu 02 May 2024 01:01:43 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 17:56:24 2024 -0400 + + modules/* : Make sure MAKE_JOBS is passed down + + Signed-off-by: Thierry Laurion + +commit 05223ca6a37075553f9f52ffcdff39a01287fc01 +gpg: Signature made Thu 02 May 2024 01:01:38 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 14:31:54 2024 -0400 + + CircleCI + Makefile: remove limitation to loadavg of 16 in Makefile, test CPUS=8 to maximize loadavg on CircleCI with 4 CPUs & 8GB ram + + See first lines of output of any make command. Change aimed to be respectful of CI resource (8GB ram 4CPUs) + + With CPUS=8 AVAILABLE_MEM_GB=4, CircleCI outputs: + !!!!!! BUILD SYSTEM INFO !!!!!! + System CPUS: 36 + System Available Memory: 4 GB + System Load Average: 12.99 + ---------------------------------------------------------------------- + Used **CPUS**: 8 + Used **LOADAVG**: 8 + Used **AVAILABLE_MEM_GB**: 4 GB + ---------------------------------------------------------------------- + **MAKE_JOBS**: -j8 --max-load 8 + + Variables available for override (use 'make VAR_NAME=value'): + **CPUS** (default: number of processors, e.g., 'make CPUS=4') + **LOADAVG** (default: same as CPUS, e.g., 'make LOADAVG=4') + **AVAILABLE_MEM_GB** (default: memory available on the system in GB, e.g., 'make AVAILABLE_MEM_GB=4') + **MEM_PER_JOB_GB** (default: 1GB per job, e.g., 'make MEM_PER_JOB_GB=2') + ---------------------------------------------------------------------- + + Let's try without any limitation... + + Signed-off-by: Thierry Laurion + +commit cbf984ad7c7e18fb542dcc8b74388c1cf30aadc0 +gpg: Signature made Thu 02 May 2024 01:01:34 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 13:37:17 2024 -0400 + + WiP modules/tpm2* : removed Makefile build instructions too quick + + /nix/store/5lr5n3qa4day8l1ivbwlcby2nknczqkq-bash-5.2p26/bin/bash ./libtool --tag=CC --mode=link /home/user/heads/crossgcc/x86/bin/x86_64-linux-musl-gcc -fdebug-prefix-map=/home/user/heads=heads -gno-record-gcc-switches -D__MUSL__ --sysroot /home/user/heads/install/x86 -isystem /home/user/heads/install/x86/include -L/home/user/heads/install/x86/lib -I./tools -I./lib -Wall -Wextra -Wformat -Wformat-security -Wstack-protector -fstack-protector-all -Wstrict-overflow=5 -O2 -fPIC -fPIE -D_GNU_SOURCE -std=gnu99 -Wstringop-overflow=4 -Wstringop-truncation -Wduplicated-branches -Wduplicated-cond -Wbool-compare -fdata-sections -ffunction-sections -I/home/user/heads/install/x86/include -I/home/user/heads/install/x86//include -I/home/user/heads/install/x86//include/tss2 -I/home/user/heads/install/x86/nix/store/yg75achq89wgqn2fi3gglgsd77kjpi03-openssl-3.0.13-dev/include -I/home/user/heads/install/x86//include -I/home/user/heads/install/x86//include/tss2 -I/home/user/heads/install/x86//include -I/home/user/heads/install/x86//include/tss2 -I/home/user/heads/install/x86//include -I/home/user/heads/install/x86//include/tss2 -DTPM2_TOOLS_MAX="101" -fdebug-prefix-map=/home/user/heads/install/x86=. -shared -pie -Wl,-z,relro -Wl,-z,now -Wl,--gc-sections -o tools/tpm2 tools/tpm2-tpm2_tool.o tools/misc/tpm2-tpm2_certifyX509certutil.o tools/misc/tpm2-tpm2_checkquote.o tools/misc/tpm2-tpm2_encodeobject.o tools/misc/tpm2-tpm2_eventlog.o tools/misc/tpm2-tpm2_print.o tools/misc/tpm2-tpm2_rc_decode.o tools/misc/tpm2-tpm2_tr_encode.o tools/tpm2-tpm2_activatecredential.o tools/tpm2-tpm2_certify.o tools/tpm2-tpm2_changeauth.o tools/tpm2-tpm2_changeeps.o tools/tpm2-tpm2_changepps.o tools/tpm2-tpm2_clear.o tools/tpm2-tpm2_clearcontrol.o tools/tpm2-tpm2_clockrateadjust.o tools/tpm2-tpm2_create.o tools/tpm2-tpm2_createak.o tools/tpm2-tpm2_createek.o tools/tpm2-tpm2_createpolicy.o tools/tpm2-tpm2_setprimarypolicy.o tools/tpm2-tpm2_createprimary.o tools/tpm2-tpm2_dictionarylockout.o tools/tpm2-tpm2_duplicate.o tools/tpm2-tpm2_getcap.o tools/tpm2-tpm2_gettestresult.o tools/tpm2-tpm2_encryptdecrypt.o tools/tpm2-tpm2_evictcontrol.o tools/tpm2-tpm2_flushcontext.o tools/tpm2-tpm2_getrandom.o tools/tpm2-tpm2_gettime.o tools/tpm2-tpm2_hash.o tools/tpm2-tpm2_hierarchycontrol.o tools/tpm2-tpm2_hmac.o tools/tpm2-tpm2_import.o tools/tpm2-tpm2_incrementalselftest.o tools/tpm2-tpm2_load.o tools/tpm2-tpm2_loadexternal.o tools/tpm2-tpm2_makecredential.o tools/tpm2-tpm2_nvdefine.o tools/tpm2-tpm2_nvextend.o tools/tpm2-tpm2_nvincrement.o tools/tpm2-tpm2_nvreadpublic.o tools/tpm2-tpm2_nvread.o tools/tpm2-tpm2_nvreadlock.o tools/tpm2-tpm2_nvundefine.o tools/tpm2-tpm2_nvwrite.o tools/tpm2-tpm2_nvwritelock.o tools/tpm2-tpm2_nvsetbits.o tools/tpm2-tpm2_pcrallocate.o tools/tpm2-tpm2_pcrevent.o tools/tpm2-tpm2_pcrextend.o tools/tpm2-tpm2_pcrread.o tools/tpm2-tpm2_pcrreset.o tools/tpm2-tpm2_policypcr.o tools/tpm2-tpm2_policyauthorize.o tools/tpm2-tpm2_policyauthorizenv.o tools/tpm2-tpm2_policynv.o tools/tpm2-tpm2_policycountertimer.o tools/tpm2-tpm2_policyor.o tools/tpm2-tpm2_policynamehash.o tools/tpm2-tpm2_policytemplate.o tools/tpm2-tpm2_policycphash.o tools/tpm2-tpm2_policypassword.o tools/tpm2-tpm2_policysigned.o tools/tpm2-tpm2_policyticket.o tools/tpm2-tpm2_policyauthvalue.o tools/tpm2-tpm2_policysecret.o tools/tpm2-tpm2_policyrestart.o tools/tpm2-tpm2_policycommandcode.o tools/tpm2-tpm2_policynvwritten.o tools/tpm2-tpm2_policyduplicationselect.o tools/tpm2-tpm2_policylocality.o tools/tpm2-tpm2_quote.o tools/tpm2-tpm2_readclock.o tools/tpm2-tpm2_readpublic.o tools/tpm2-tpm2_rsadecrypt.o tools/tpm2-tpm2_rsaencrypt.o tools/tpm2-tpm2_send.o tools/tpm2-tpm2_selftest.o tools/tpm2-tpm2_setclock.o tools/tpm2-tpm2_shutdown.o tools/tpm2-tpm2_sign.o tools/tpm2-tpm2_certifycreation.o tools/tpm2-tpm2_nvcertify.o tools/tpm2-tpm2_startauthsession.o tools/tpm2-tpm2_startup.o tools/tpm2-tpm2_stirrandom.o tools/tpm2-tpm2_testparms.o tools/tpm2-tpm2_unseal.o tools/tpm2-tpm2_verifysignature.o tools/tpm2-tpm2_setcommandauditstatus.o tools/tpm2-tpm2_getcommandauditdigest.o tools/tpm2-tpm2_getsessionauditdigest.o tools/tpm2-tpm2_geteccparameters.o tools/tpm2-tpm2_ecephemeral.o tools/tpm2-tpm2_commit.o tools/tpm2-tpm2_ecdhkeygen.o tools/tpm2-tpm2_ecdhzgen.o tools/tpm2-tpm2_zgen2phase.o tools/tpm2-tpm2_sessionconfig.o tools/tpm2-tpm2_getpolicydigest.o lib/libcommon.a -ltss2-esys -L/home/user/heads/install/x86/lib -L/home/user/heads/install/x86//lib -ltss2-mu -L/home/user/heads/install/x86/nix/store/7nmrrad8skxr47f9hfl3xc0pfqmwq51b-openssl-3.0.13/lib -lcrypto -L/home/user/heads/install/x86//lib -ltss2-tctildr -L/home/user/heads/install/x86//lib -ltss2-rc -L/home/user/heads/install/x86//lib -ltss2-sys + libtool: error: cannot find the library '//lib/libtss2-sys.la' or unhandled argument '//lib/libtss2-sys.la' + make[1]: *** [Makefile:2478: tools/tpm2] Error 1 + make[1]: Leaving directory '/home/user/heads/build/x86/tpm2-tools-5.6' + make: *** [Makefile:521: /home/user/heads/build/x86/tpm2-tools-5.6/.build] Error 1 + + Signed-off-by: Thierry Laurion + +commit 9ab5260871d2b9c6b4fd58053f3b59ff9dc7ef54 +gpg: Signature made Thu 02 May 2024 01:01:29 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 11:58:33 2024 -0400 + + Makefile: add yet another developer helper: real.gitclean_keep_packages to not delete already downloaded packages to economize bandwidth + + Signed-off-by: Thierry Laurion + +commit 75a5c2f1e65277d8b6333243036e8b59d5b2a6ec +gpg: Signature made Thu 02 May 2024 01:01:24 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 10:46:24 2024 -0400 + + tpm2 modules: remove sysroot and unneeded duplicated Makefile tweaks now passed from golbal Makefile sysroot (TODO: generalize) + + Signed-off-by: Thierry Laurion + +commit e5c55d79e36d18db97ac0486581951cc916d027b +gpg: Signature made Thu 02 May 2024 01:01:19 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 23 10:41:36 2024 -0400 + + CircleCI: have nitropad-nv41 build on top of prep_env, not x230-hotp-maximized + + Signed-off-by: Thierry Laurion + +commit 1174282bc46688c495d6aa8fb57d12b1121594ab +gpg: Signature made Thu 02 May 2024 01:01:15 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun Jul 2 12:23:49 2023 -0400 + + ci: Prepend nix- to save and restore cache statements + + Until nix PR is merged to not interfere with master/other pr caches + + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 7169fab81bfd43b4235dd5cff30128a70ae9261d +gpg: Signature made Thu 02 May 2024 01:01:10 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Manuel Mendez +Date: Fri Jan 6 12:04:50 2023 -0500 + + ci: Switch image from debian to nix + + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 2824f48f9e99a94d230e2cd76cc784d8ba6a0d28 +gpg: Signature made Thu 02 May 2024 01:01:05 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Manuel Mendez +Date: Thu Oct 20 22:32:02 2022 -0400 + + Add nix files + + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit de3f4ec2a329a1506f6ce491eb433a68b7084145 +gpg: Signature made Thu 02 May 2024 01:01:01 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Manuel Mendez +Date: Wed Mar 27 15:29:09 2024 -0400 + + ci: Replace while loop with tail of multiple files + + Gives the exact same output: + + ``` + docker run --rm -ti debian:11 bash -c ' + mkdir -p build/subdir1/ build/subdir2 + echo "subdir1 error" >build/subdir1/fail.log + echo "subdir2 error" >build/subdir2/fail.log + find build -type f -name "*.log" -exec tail -n +1 "{}" + + ' + ==> build/subdir1/fail.log <== + subdir1 error + + ==> build/subdir2/fail.log <== + subdir2 error + ``` + + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 713eadc1293b76d74b9f3037a163e28a6d1dab0b +gpg: Signature made Thu 02 May 2024 01:00:56 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Manuel Mendez +Date: Wed Mar 27 15:19:37 2024 -0400 + + ci: Simple/mechanical tweaks to config file + + Got rid of long lines in favor of more lines for readability. Cleaned up + some comments/typos and unnecessary cruft*. Finally ran prettier on the + file for its automatic formatting, including whitespace clean ups. + + cruft: + + - && when already set -e + - run commands with trailing \ + - deleted commented out "OLD STUFF" + - sorted listy looking things because unsorted stuff bothers me :) (I + held back on sorting the board build definitions though, thats + probably too much). + + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 87ec2ca043845445b1977a702ea2262f5913dbe4 +gpg: Signature made Thu 02 May 2024 01:00:51 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Manuel Mendez +Date: Wed Feb 28 19:03:30 2024 -0500 + + blobs: Ignore build generated binaries + + These are generated during the build process so should be ignored. + + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 43d806f20528101e251d9d446eac694fe38c202f +gpg: Signature made Thu 02 May 2024 01:00:46 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sun Jul 2 14:21:11 2023 -0400 + + modules/tpm2-tools: add with-sysroot, TSS2_ESYS_3_0_LIBS to configure args + + Thanks to @JonathonHall-Purism, that pointed to me that sysroot was + neglected in tpm2-tools configure step. + + I wonder why this is not respected if not forced with --with-sysroot and + TSS2_ESYS_3_0_LIBS="-ltss2-esys -L$(INSTALL)/lib"? + + Signed-off-by: Thierry Laurion + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit fcb9596f7e6edececc5ed385ecaf4554c46d1bd5 +gpg: Signature made Thu 02 May 2024 01:00:41 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Jan 25 21:47:37 2024 -0500 + + modules/tpm2-tss: Add with-sysroot to configure args + + Thanks to @JonathonHall-Purism, that pointed to me that sysroot was + neglected in tpm2-tools configure step. + + Signed-off-by: Thierry Laurion + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 236f9b117cf3fcc7424bbe2d6f38dbc06d7663ca +gpg: Signature made Thu 02 May 2024 01:00:37 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jun 30 14:20:23 2023 -0400 + + modules/gpg2: Bump version 2.4.0 -> 2.4.2 + + More pending work needed to fix fragility of buildsystem and fix nix + build issues as well like: + + https://app.circleci.com/pipelines/github/mmlb/osresearch-heads/11/workflows/32cc883c-5074-4f28-94b8-a83a2ec44414/jobs/252 + https://app.circleci.com/pipelines/github/mmlb/osresearch-heads/11/workflows/32cc883c-5074-4f28-94b8-a83a2ec44414/jobs/221 + https://app.circleci.com/pipelines/github/tlaurion/heads/1781/workflows/ee402ead-6739-4549-88ae-105b695fb3cd + https://app.circleci.com/pipelines/github/tlaurion/heads/1783/workflows/2b35826c-aff4-4f48-8809-4e66259f9aa4/jobs/25877/parallel-runs/0/steps/0-103 + + Signed-off-by: Thierry Laurion + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 67e5973b5db5e0e54480368665c3253d6d42db95 +gpg: Signature made Thu 02 May 2024 01:00:32 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jan 24 12:01:01 2024 -0500 + + modules: Remove unrecognized configure options + + Signed-off-by: Thierry Laurion + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit a4ba76fd90f04c1ddb95a4cc045b56b9b6df22c6 +gpg: Signature made Thu 02 May 2024 01:00:27 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Manuel Mendez +Date: Sun Jan 28 22:55:11 2024 -0500 + + modules: minor refactor/tweaks + + Just some minor clean ups like fixing whitespace and sorting things. I + added (bash)/removed (libusb) white space in order to look like the + other modules. + + I sorted the --enable/--disable/--with blocks so that common stuff + looked similar which should aid in comparing modules. I also removed a + couple of duplicate config options (--disable-fallback-curses & + --disable-regex). + + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit d396236a833cd08b18e30069c227ec71d3803b78 +gpg: Signature made Thu 02 May 2024 01:00:22 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Manuel Mendez +Date: Wed Jun 7 15:49:13 2023 -0400 + + Remove hard coded paths in shebang lines + + Remove hard coded paths from shebangs and other references because they + do not play well in nix-land. Either use /usr/bin/env to do runtime PATH + based lookup or avoid absolute paths so PATH look up happens instead. + + Signed-off-by: Thierry Laurion + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 4f3d210f89cbe9e3fa30736a3f329a888c8a5665 +gpg: Signature made Thu 02 May 2024 01:00:18 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Manuel Mendez +Date: Sun Jan 28 23:12:48 2024 -0500 + + Sort .gitignore + + Noticed a couple of dupes (gz and rom) so I figured I should sort it now + to hopefully avoid another one in the future. + + Signed-off-by: Manuel Mendez + Signed-off-by: Thierry Laurion + +commit 165f90a8cf881aabf7e7481f699833ec9f497437 +gpg: Signature made Fri 26 Apr 2024 12:27:01 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: b2629f8d4d 60d9aa4d5a +Author: Jonathon Hall +Date: Fri Apr 26 12:26:55 2024 -0400 + + Merge remote-tracking branch 'github-tlaurion/reproducible_openssl_libtss2_tpm2' + + PR #1630 + +commit 60d9aa4d5a54d1ef7e2878299f2c78a3ace3a4ce +gpg: Signature made Fri 26 Apr 2024 11:14:14 AM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Apr 25 20:23:28 2024 -0400 + + tpmr: remove warning "Warn: check public portion of the tpmkey manually" + + Discussed under https://github.com/linuxboot/heads/pull/1630#issuecomment-2075120429 + + TODO added in code. + + Signed-off-by: Thierry Laurion + +commit b2629f8d4d16245c553478916b01f09dfa754dbf +gpg: Signature made Thu 25 Apr 2024 04:39:41 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: ba63b1823f fb5cbf41a1 +Author: Thierry Laurion +Date: Thu Apr 25 16:39:41 2024 -0400 + + Merge pull request #1625 from tlaurion:LUKS_header_change_validation_upon_sealing_and_unsealing + + LUKS header change validation upon sealing and unsealing ops + +commit ba63b1823f1d3852192938299c89434b4427db9c +gpg: Signature made Wed 24 Apr 2024 06:33:39 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 1ae4c19f9a 019098c821 +Author: Thierry Laurion +Date: Wed Apr 24 18:33:39 2024 -0400 + + Merge pull request #1654 from Dasharo/fix_nitropad_pwr_state + + config/coreboot-nitropad-*.config: disable power on AC + +commit 019098c82119adc48496616480b1c0c0d39fea6d +gpg: Signature made Wed 24 Apr 2024 06:50:05 AM EDT +gpg: using RSA key 3A07364F010D7C71552FAFA687F342A528DFD8E5 +gpg: issuer "michal.kopec@3mdeb.com" +gpg: Can't check signature: No public key +Author: Michał Kopeć +Date: Wed Apr 24 10:53:13 2024 +0200 + + config/coreboot-nitropad-*.config: disable power on AC + + The coreboot power failure state Kconfig options are wired up to the + Power on AC feature on Clevo mainboards. Set the power failure state to + 0 to prevent these boards from powering on or waking up with AC attach. + + Signed-off-by: Michał Kopeć + +commit 1ae4c19f9a95dd46b8fb8b2ee76648163a3dc9fa +gpg: Signature made Tue 23 Apr 2024 08:33:36 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: d8a6502d69 b6bd682cb3 +Author: Jonathon Hall +Date: Tue Apr 23 08:33:30 2024 -0400 + + Merge remote-tracking branch 'github-tlaurion/fix_hotp_increment_counter_after_detection-oem-factory-reset_loop_3x_hotp_detect' + + PR #1650 + +commit d8a6502d69f3322975cb21bd1b3ff8f87f302da1 +gpg: Signature made Mon 22 Apr 2024 08:27:46 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 609a9db9eb cb03ec5584 +Author: Thierry Laurion +Date: Mon Apr 22 20:27:46 2024 -0400 + + Merge pull request #1646 from UndeadDevel/better_PIN_question_default + + Address inconsistency between docs and OEM factory reset User GPG PIN minimum length requirement + +commit cb03ec5584edddcdf3e4a5701bcee80ab72ef951 +gpg: Signature made Mon 22 Apr 2024 07:11:00 PM EDT +gpg: using RSA key 0A52DFD7727000734B9A53BD365ED1E014824647 +gpg: Good signature from "Christian Foerster " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A19E F1FB D725 BE29 FAA6 1BF7 C3FB A366 C908 8D96 + Subkey fingerprint: 0A52 DFD7 7270 0073 4B9A 53BD 365E D1E0 1482 4647 +Author: Christian Foerster +Date: Tue Apr 23 01:10:53 2024 +0200 + + change correct PIN minimum + + Signed-off-by: Christian Foerster + +commit b6bd682cb3ff4143dea8e1ba0a0b742ae68d4aa4 +gpg: Signature made Mon 22 Apr 2024 05:24:21 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Apr 22 17:24:21 2024 -0400 + + Fix HOTP verification logic (and counter increment) in gui-init and oem-factory-reset scripts + + Signed-off-by: Thierry Laurion + +commit 70e9c663bcca20a41b29353828ce217302ada7cc +gpg: Signature made Mon 22 Apr 2024 04:56:15 PM EDT +gpg: using RSA key 0A52DFD7727000734B9A53BD365ED1E014824647 +gpg: Good signature from "Christian Foerster " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A19E F1FB D725 BE29 FAA6 1BF7 C3FB A366 C908 8D96 + Subkey fingerprint: 0A52 DFD7 7270 0073 4B9A 53BD 365E D1E0 1482 4647 +Author: Christian Foerster +Date: Mon Apr 22 22:56:13 2024 +0200 + + only change user PIN minimum requirement to 6 + + Signed-off-by: Christian Foerster + +commit 408524fb31d26e4c65d02bfaa744aed4617e4400 +gpg: Signature made Mon 22 Apr 2024 04:51:31 PM EDT +gpg: using RSA key 0A52DFD7727000734B9A53BD365ED1E014824647 +gpg: Good signature from "Christian Foerster " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A19E F1FB D725 BE29 FAA6 1BF7 C3FB A366 C908 8D96 + Subkey fingerprint: 0A52 DFD7 7270 0073 4B9A 53BD 365E D1E0 1482 4647 +Author: Christian Foerster +Date: Mon Apr 22 22:51:25 2024 +0200 + + Revert "UX improvements PIN questions" + + This reverts commit ba20d98bdd8c39ad506ef4a2a3e1f51bc84db9f8. + + Signed-off-by: Christian Foerster + +commit 0854f2ce802d8a3891318f4b807d4c57e677ae24 +gpg: Signature made Mon 22 Apr 2024 04:51:25 PM EDT +gpg: using RSA key 0A52DFD7727000734B9A53BD365ED1E014824647 +gpg: Good signature from "Christian Foerster " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A19E F1FB D725 BE29 FAA6 1BF7 C3FB A366 C908 8D96 + Subkey fingerprint: 0A52 DFD7 7270 0073 4B9A 53BD 365E D1E0 1482 4647 +Author: Christian Foerster +Date: Mon Apr 22 22:51:17 2024 +0200 + + Revert "fix small incongruency with previous commit" + + This reverts commit be65c4be5b5fbeca9cdb97268135507252efe171. + + Signed-off-by: Christian Foerster + +commit 2828e2ca60a698c69749dd4b0b37a1593b73601b +gpg: Signature made Mon 22 Apr 2024 04:51:17 PM EDT +gpg: using RSA key 0A52DFD7727000734B9A53BD365ED1E014824647 +gpg: Good signature from "Christian Foerster " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A19E F1FB D725 BE29 FAA6 1BF7 C3FB A366 C908 8D96 + Subkey fingerprint: 0A52 DFD7 7270 0073 4B9A 53BD 365E D1E0 1482 4647 +Author: Christian Foerster +Date: Mon Apr 22 22:50:34 2024 +0200 + + Revert "fix another small incongruency with previous commit" + + This reverts commit cc70e772f8a0dcdb319d4d06e27af227a5cae51e. + + Signed-off-by: Christian Foerster + +commit cc70e772f8a0dcdb319d4d06e27af227a5cae51e +gpg: Signature made Sun 21 Apr 2024 01:00:32 PM EDT +gpg: using RSA key 0A52DFD7727000734B9A53BD365ED1E014824647 +gpg: Good signature from "Christian Foerster " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A19E F1FB D725 BE29 FAA6 1BF7 C3FB A366 C908 8D96 + Subkey fingerprint: 0A52 DFD7 7270 0073 4B9A 53BD 365E D1E0 1482 4647 +Author: Christian Foerster +Date: Sun Apr 21 19:00:29 2024 +0200 + + fix another small incongruency with previous commit + + Signed-off-by: Christian Foerster + +commit be65c4be5b5fbeca9cdb97268135507252efe171 +gpg: Signature made Sun 21 Apr 2024 12:42:58 PM EDT +gpg: using RSA key 0A52DFD7727000734B9A53BD365ED1E014824647 +gpg: Good signature from "Christian Foerster " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A19E F1FB D725 BE29 FAA6 1BF7 C3FB A366 C908 8D96 + Subkey fingerprint: 0A52 DFD7 7270 0073 4B9A 53BD 365E D1E0 1482 4647 +Author: Christian Foerster +Date: Sun Apr 21 18:42:52 2024 +0200 + + fix small incongruency with previous commit + + Signed-off-by: Christian Foerster + +commit ba20d98bdd8c39ad506ef4a2a3e1f51bc84db9f8 +gpg: Signature made Sun 21 Apr 2024 12:31:51 PM EDT +gpg: using RSA key 0A52DFD7727000734B9A53BD365ED1E014824647 +gpg: Good signature from "Christian Foerster " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: A19E F1FB D725 BE29 FAA6 1BF7 C3FB A366 C908 8D96 + Subkey fingerprint: 0A52 DFD7 7270 0073 4B9A 53BD 365E D1E0 1482 4647 +Author: Christian Foerster +Date: Sun Apr 21 18:31:43 2024 +0200 + + UX improvements PIN questions + + Signed-off-by: Christian Foerster + +commit 609a9db9eb1c37296f0b618667cd7ee748e804be +gpg: Signature made Fri 19 Apr 2024 04:50:54 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 82179e4e98 89a0c103ae +Author: Thierry Laurion +Date: Fri Apr 19 16:50:54 2024 -0400 + + Merge pull request #1642 from tlaurion/improve_debug_with_output_of_do_with_debug + + Improve DEBUG and DO_WITH_DEBUG output handling to also keep output of DO_WITH_DEBUG commands + +commit 89a0c103aea946b56326b13c4ebacdd052e811fa +gpg: Signature made Fri 19 Apr 2024 03:52:52 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Apr 19 15:13:38 2024 -0400 + + QEMU/KVM board configs: logical reorganization of requirements for board configs. Next step is creating fbwhiptail/whiptail/tpm1/tpm2 mk files and include them in all boards + + Signed-off-by: Thierry Laurion + +commit fc874728f6878994066ac1ed8d8635939f60dacf +gpg: Signature made Fri 19 Apr 2024 02:30:55 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Apr 19 14:30:55 2024 -0400 + + oem-factory-reset + seal-hotpkey: Give debug output to underatand in what state is the USB Security dongle + + Signed-off-by: Thierry Laurion + +commit 00ce2f4d1c1b378c4125c4efd84b096929aebaca +gpg: Signature made Fri 19 Apr 2024 02:17:36 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Apr 19 14:16:41 2024 -0400 + + ash_functions: Log board and version when entering recovery shell + + Log the board and version when entering the recovery shell. Extract + the firmware version logic from init. + + Currently this is the only way to get the debug log. If we add a way + from the GUI, we may want to log the board and version somewhere else + too. + + Signed-off-by: Jonathon Hall + +commit a767347afd77771697cbccdbed7d32e567ac0d65 +gpg: Signature made Fri 19 Apr 2024 02:16:28 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Apr 19 14:14:54 2024 -0400 + + kexec-boot: Only capture kexec -d output to log, not console/kmsg + + LOG() is added to log to the log only (not kmsg, more verbose than + TRACE). + + DO_WITH_DEBUG only captures stdout/stderr to the log with LOG(). + + kexec-boot silences stderr from kexec, we don't want it on the console. + + No need to repeat the kexec command when asking in debug to continue + boot, it's no longer hidden behind verbose output from kexec. + + Signed-off-by: Jonathon Hall + +commit d3656bbe65c4ac71a0d6ac205cedce071b768788 +gpg: Signature made Fri 19 Apr 2024 01:48:27 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Apr 19 13:35:17 2024 -0400 + + kexec-boot, functions: Restore eval and DO_WITH_DEBUG that were deleted + + `eval "$kexeccmd"` should become `DO_WITH_DEBUG eval "$kexeccmd"` when + adding DO_WITH_DEBUG, command invocation is still the same, still needs + eval. + + Restore DO_WITH_DEBUG in front of kexec-parse-boot that had been + removed. + + Signed-off-by: Jonathon Hall + +commit d8810b7032d4803c9eda2af509032e569868721c +gpg: Signature made Fri 19 Apr 2024 01:32:17 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Apr 19 13:31:29 2024 -0400 + + functions: DO_WITH_DEBUG: Label stderr/stdout more clearly + + "$1 err:" looked like an error, but often there's output on stderr + that's diagnostic (like kexec -d). "$1 stderr:" is clearer. + + Signed-off-by: Jonathon Hall + +commit 015af7e6c7befe9835dfa542e73f05bb5ca538db +gpg: Signature made Fri 19 Apr 2024 10:29:44 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Apr 19 09:45:39 2024 -0400 + + functions: Add visibility to DO_WITH_DEBUG without affecting command + + DO_WITH_DEBUG traces command exit status (if failed), stdout/stderr (if + not empty), and PATH (if command was not found). The caller still + observes the exit status, and stdout/stderr still go to the caller as + well. + + This way, DO_WITH_DEBUG can be inserted anywhere with minimal spam in + the logs and without affecting the script. + + Signed-off-by: Jonathon Hall + +commit ae5f9c5416dda4493c8196ff8eedd969b6b1d41c +gpg: Signature made Thu 18 Apr 2024 04:30:18 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Apr 18 12:21:27 2024 -0400 + + Improve DEBUG and DO_WITH_DEBUG output handling to also keep output of kexec -l when BOARD is in DEBUG+TRACE mode (configuration settings menu + flash) + + Signed-off-by: Thierry Laurion + +commit 82179e4e9894c5cb503f85522ff57088bdd444dc +gpg: Signature made Mon 15 Apr 2024 05:55:57 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: ee1978ffc0 67f1dae840 +Author: Thierry Laurion +Date: Mon Apr 15 17:55:57 2024 -0400 + + Merge pull request #1638 from tlaurion/move_sleep_for_proper_dongle_detection + + BUGFIX: ash_functions: move sleep 2 after all usb modules being loaded + +commit 67f1dae840446b32d323248c614ac84ee90c880f +gpg: Signature made Fri 12 Apr 2024 05:05:29 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Apr 12 13:56:41 2024 -0400 + + ash_functions: move sleep 2 after all usb modules being loaded + + Otherwise we get ehci-pci and xhci_hcd kernel messages in dmesg debug AFTER "Verifying presence of GPG card" which explains why dongle might not be found in time and fails in oem-factory-reset + + Fixes https://github.com/Nitrokey/heads/issues/48 + + Signed-off-by: Thierry Laurion + +commit fb5cbf41a13c900072e88e9c7a9f24842c8d5fde +gpg: Signature made Thu 11 Apr 2024 02:51:53 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Apr 8 16:22:57 2024 -0400 + + kexec-insert-key: refactor tampering check for encrypted disk keys prior of TPM unsealing ops + + move code from kexec-unseal-key to kexec-insert-key, address code review and apply verbiage suggestion changes + + Signed-off-by: Thierry Laurion + +commit f6232aa70f7d16fd637e8974228451b61b2cd45e +gpg: Signature made Thu 11 Apr 2024 02:44:13 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Mar 27 10:04:10 2024 -0400 + + Change disk encryption -> LUKS Disk Key and other relative/relative verbiage, remove irrelevant DEBUG trace under kexec-unseal-key + + TODO: + - $(pcrs) call sometimes fail in DEBUG call, outputting too many chars to be inserted in kmesg. Call removed here since redundant (PCR6 already extended with LUKS header) + - Notes added for TPM2 simplification over TPM1 in code as TODO + + Signed-off-by: Thierry Laurion + +commit adda59c6752719bb4cbbbfcd5268bff00df5bbdf +gpg: Signature made Thu 11 Apr 2024 02:44:07 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Mar 26 14:20:48 2024 -0400 + + LUKS header change validation at both sealing and unsealing of TPM Disk Unlock Key. + + Fixes linuxboot#1092. + Supersedes linuxboot#1093 + + - Cherry-picks ed1c23a (credit to @hardened-vault) thank you!) + - Addresses and correct self-review under linuxboot#1093 (@hardened-vault: you don't answer often here!) + - kexec-unseal-key: Warn a user who attempts to default boot while his Disk Unlock Key passphrase fails to unseal because LUKS headers changed. + (linuxboot#1093 (comment)) + - kexec-seal-key: Identical as in ed1c23a + - kexec-add-key: Tell the user that the Headers did not change when changing TPM released Disk Unlock Key + (Through changing default boot at Options->Boot Options -> Show OS boot options: select a new boot option + and set a Disk Unlock Key in TPM, accept to modify disk and sign /boot options) + - Here, we cancel the diff output shown on screen linuxboot#1093 (comment) + - And we change the warning given to the user to past tense "Headers of LUKS containers to be unlocked via TPM Disk Unlock Key passphrase did not change." + + Signed-off-by: Thierry Laurion + +commit 8fcf1ddba8d1dd56332a5b156591574e69b6d3ab +gpg: Signature made Thu 11 Apr 2024 02:39:11 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 2 17:06:12 2024 -0400 + + Makefile: add real.gitclean target which calls 'git clean -fxd' + Ease cleaning up everything. IMOH better then real.clean target + + Signed-off-by: Thierry Laurion + +commit be714301677a366ec4c812ac801cd852cf1e65ef +gpg: Signature made Tue 09 Apr 2024 12:39:22 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 9 12:36:03 2024 -0400 + + modules/tpm2-tools: Add TODO to uniformize live patching through sed calls as opposed to patch version specific autotools/configure scripts to force reproducible builds + + Signed-off-by: Thierry Laurion + +commit ee1978ffc0afa4db1b0a46517aff946912cdca14 +gpg: Signature made Thu 04 Apr 2024 02:45:15 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: a36070343f f525b9337d +Author: Thierry Laurion +Date: Thu Apr 4 14:45:15 2024 -0400 + + Merge pull request #1631 from 0xF4CED/tails-key-2024 + + Update tails.key + +commit a36070343ffda3745817e82040e90b2b74760b11 +gpg: Signature made Thu 04 Apr 2024 10:08:29 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 05289c0989 c73687a232 +Author: Jonathon Hall +Date: Thu Apr 4 10:08:21 2024 -0400 + + Merge remote-tracking branch 'github-tlaurion/heads_panic_on_oom' + + PR #1626 + +commit f525b9337d5b5a95287ed7bdca78cbf8b746dcd3 +Author: 0xF4CED <24809481+0xF4CED@users.noreply.github.com> +Date: Thu Apr 4 00:15:52 2024 +0200 + + Update tails.key + + Key expired: 2024-01-04 + Replace with clean export of updated [Tails](https://tails.net/tails-signing.key) signing key. + + Signed-off-by: 0xF4CED <24809481+0xF4CED@users.noreply.github.com> + +commit 8208c86efefa5df2e28f63417fba86b8e09ff8c1 +gpg: Signature made Wed 03 Apr 2024 01:48:58 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 2 16:02:13 2024 -0400 + + modules/tpm2-tss: sed configure script to remove hardcoding of libs, move patch 3.2.0->3.2.2 + disable static lib builds + + Signed-off-by: Thierry Laurion + +commit ddef2337083206a2811cc20bf98afc4145a55988 +gpg: Signature made Wed 03 Apr 2024 01:48:52 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 2 12:18:39 2024 -0400 + + modules-tpm2-tools: bump from 5.2->5.6 (removes need to hack around PACKAGE_VERSION string which configure.ac points to ./VERSION already + tpm2-tools-5.6 patch: comment out git versioning output under ./VERSION; module: output current version under ./VERSION instead. Document under module + + Signed-off-by: Thierry Laurion + +commit d7915e16391216f27175bfd15d8d1d2dd838101f +gpg: Signature made Wed 03 Apr 2024 01:48:47 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Mar 27 16:14:31 2024 -0400 + + OpenSSL (libcrypto): patch so that crypto/buildinfo.h generated by perl script contains reproducible date and fake compiler_flags + hardcode VERSION='reproducible_build' into generated configure script to get rid of generate random git abbrev 8/12 chars (could not find source) + patches/openssl-3.0.8.patch: clean up + + tpm2-tools/tpm2-tss: + hack configure scripts to not contain hardcoded libs and other rpath related strings, using sed instead of patching configure script like cryptsetup2 patch + Will be clened up in other commits. Leaving here as trace for autotools sed patching for reproducible builds. + + CircleCI: change working dir from project->heads so that CircleCI and local builds are from heads directory, helping reproducible builds + + TODO: change other patches a well and generalize to gpg toolstack, removing patches that are a maintainership burden. + + Signed-off-by: Thierry Laurion + +commit 18e7be8ab7d5110577d97d1b4d1e24cc11082fe7 +gpg: Signature made Wed 03 Apr 2024 01:48:42 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Apr 2 17:06:12 2024 -0400 + + Makefile: add real.gitclean target which calls 'git clean -fxd' + Ease cleaning up everything. IMOH better then real.clean target + + Signed-off-by: Thierry Laurion + +commit c73687a2327416a64c39e3fb7623c5b9eb2c91e3 +gpg: Signature made Tue 02 Apr 2024 05:17:11 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Apr 1 15:20:49 2024 -0400 + + init: Adding checks for sysfs and runtime panic_on_oom=1 + + Signed-off-by: Thierry Laurion + +commit a051483c79229a1cbb64f6b0ba8c058d60c18aab +gpg: Signature made Mon 01 Apr 2024 04:16:16 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Apr 1 14:43:16 2024 -0400 + + linux configs: align with purism; remove TMPFS, add sysctl requirements + + Signed-off-by: Thierry Laurion + +commit 05289c0989b4ded7accd197be53b123b5467d959 +gpg: Signature made Mon 25 Mar 2024 09:36:33 PM EDT +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: ebdcc8523c 7fe2f9dcb2 +Author: Thierry Laurion +Date: Mon Mar 25 21:36:33 2024 -0400 + + Merge pull request #1604 from tlaurion/422_fhd + + 4.22.01 fhd patch merged upstream (4.24) + bump all 4.19 boards to 4.22.01 + +commit 7fe2f9dcb2ba6a57f4794ee1a3a010a7f8a39bd6 +gpg: Signature made Mon 25 Mar 2024 04:40:21 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Mar 25 16:40:21 2024 -0400 + + CircleCI: save_cache depends on librem_14 instead of nitropad-nv41 (so more boards can be built reusing cache and where nv41 will be rebuilt if coreboot level cache was not saved) + + Signed-off-by: Thierry Laurion + +commit 9fcd5f8fe488389734423e8d15606b433d675c10 +gpg: Signature made Mon 25 Mar 2024 04:06:21 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Mar 25 16:05:27 2024 -0400 + + Move boards/UNTESTED_* boards to untested_boards/UNMAINTAINED_*, remove them from CircleCI, add Makefile helper and document untested_boards/README.md + + Signed-off-by: Thierry Laurion + +commit b91eaeda97c107b594b2e23ef1a69b35b6128d53 +gpg: Signature made Mon 25 Mar 2024 03:16:03 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Feb 19 13:18:51 2024 -0500 + + boards aimed to bump at coreboot 4.22.01: switch TPM event log format to TCG + + Signed-off-by: Thierry Laurion + +commit 6d8939924ed2a0725722d021c5e42a088bcbc0a1 +gpg: Signature made Mon 25 Mar 2024 03:15:58 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Feb 19 11:57:10 2024 -0500 + + patches/coreboot-4.22.01/0001-x230-fhd-variant.patch: adapt patch for Makefile.inc (Makefile.mk doesn't exist under 4.22) + + Signed-off-by: Thierry Laurion + +commit 673b2f1340dd633656dc82d6ec0a1c86772c2cf3 +gpg: Signature made Mon 25 Mar 2024 03:15:52 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Feb 19 11:43:41 2024 -0500 + + modules/coreboot CircleCI: adapt to coreboot version bumps + + Signed-off-by: Thierry Laurion + +commit f37b010ab115734ee389d00c6b80fd4242d6e8af +gpg: Signature made Mon 25 Mar 2024 03:15:47 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Feb 19 11:42:56 2024 -0500 + + patches/coreboot-4.22.01/0001-x230-fhd-variant.patch: update to upstream merged state + + git fetch https://review.coreboot.org/coreboot refs/changes/50/28950/27 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-4.22.01/0001-x230-fhd-variant.patch + + Signed-off-by: Thierry Laurion + +commit fb616f416a1b82d57b1c1fe90c1f5d1e2f3c1f14 +gpg: Signature made Mon 25 Mar 2024 03:14:42 PM EDT +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Mon Feb 5 11:06:11 2024 -0500 + + WiP 4.22.01 fhd patch test + bump all 4.19 boards to 4.22.01 + + - patches/coreboot-4.22.01/0001-x230-fhd-variant.patch created per + - git fetch https://review.coreboot.org/coreboot refs/changes/50/28950/23 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-4.22.01/0001-x230-fhd-variant.patch + - all boards configs bumped with: + - grep -Rn 4.22 boards/ | awk -F "/" {'print $2'}| while read line; do make BOARD=$line coreboot.save_in_oldconfig_format_in_place ; done + + Signed-off-by: Thierry Laurion + +commit ebdcc8523c77c9230764d500cdb61087f1baeaa9 +gpg: Signature made Fri 23 Feb 2024 01:22:39 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 9d0431999f a6228b9843 +Author: Jonathon Hall +Date: Fri Feb 23 13:22:33 2024 -0500 + + Merge branch 'silence-exfat-errors-for-iso9660' + + PR #1602 + +commit 9d0431999f854ab25d3b18cd8fa66048b1b260eb +gpg: Signature made Fri 23 Feb 2024 01:12:54 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 95f9636a1a ebe9db4350 +Author: Jonathon Hall +Date: Fri Feb 23 13:12:48 2024 -0500 + + Merge remote-tracking branch 'github-tlaurion/xx20_xx30_kernel_510_bump-tether' + + PR #1384 + +commit ebe9db435043d916f412b219c6d3cca7cb109871 +gpg: Signature made Fri 23 Feb 2024 12:17:47 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Feb 23 12:17:47 2024 -0500 + + initrd/bin/network-init-recovery: kill dropbear unconditionally prior of starting it + + Signed-off-by: Thierry Laurion + +commit 2aeab5edbb4090f176e918e460ab7e6d02effb40 +gpg: Signature made Fri 23 Feb 2024 09:46:38 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Feb 23 09:44:40 2024 -0500 + + initrd/etc/ash_functions: ehci_pci/xhci-* aren't companion controllers + + All boards with CONFIG_LINUX_USB=y ship ehci-* and xhci-*, they are + not controlled by CONFIG_LINUX_USB_COMPANION_CONTROLLER. Always + insert them when initializing USB. Fixes commit 35de2348 + + Signed-off-by: Jonathon Hall + +commit 031f885aaa8431c21341b45557cfa386c7b3c1f4 +gpg: Signature made Fri 23 Feb 2024 09:44:00 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Feb 23 09:43:50 2024 -0500 + + initrd/bin/network-init-recovery: Trivial indentation fix + + Signed-off-by: Jonathon Hall + +commit a5ab32b761afc51f4aa4e0219ff844df0caf52dc +gpg: Signature made Fri 23 Feb 2024 01:29:55 AM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Feb 22 16:20:14 2024 -0500 + + insmod: uniformize module name and lsmod output prior of comapring if module already insmodded (ehci-hcd.ko module name is ehci_hcd...) + + Signed-off-by: Thierry Laurion + +commit 5f8cb5a15921494decd1ff2403a30cec638971dc +gpg: Signature made Fri 23 Feb 2024 01:29:47 AM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Feb 22 15:03:12 2024 -0500 + + initrd/bin/network-init-recovery: put usb tethering and ethernet activation in functions and ask user prior of using each mode + + Also remove output of attempted module loading since DEBUG will show if needed + Remove timeout after 30 seconds to unify UX and block + Change UX wording + + Should address all PR review comments + + Signed-off-by: Thierry Laurion + +commit 35de23483ac99707e6486206ccb5c8f020ae3e68 +gpg: Signature made Thu 22 Feb 2024 03:29:40 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Feb 22 14:35:26 2024 -0500 + + etc/ash_functions: remove redundant lsmod prior of insmod + + Signed-off-by: Thierry Laurion + +commit bec25456887fb201e4aa186f8ea044aa77b9dc16 +gpg: Signature made Thu 22 Feb 2024 02:15:11 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Feb 22 13:36:25 2024 -0500 + + insmod: check if module already loaded and if so exit early + + Signed-off-by: Thierry Laurion + +commit 65f0b905f6e4d9a0ee6c3609b44009867cf906f4 +gpg: Signature made Thu 22 Feb 2024 12:35:41 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Jonathon Hall +Date: Thu Feb 22 10:11:21 2024 -0500 + + boards/librem*, config/linux-librem*: Enable mobile tethering + + Enable mobile tethering on all Librem boards. + + Signed-off-by: Jonathon Hall + +commit 9b69f1b66a29ea90045eabe1d679994810beb17a +gpg: Signature made Wed 21 Feb 2024 01:50:28 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Feb 21 11:55:23 2024 -0500 + + boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config: unify with x230-hotp-maximized + + Signed-off-by: Thierry Laurion + +commit 7cbcdd8ed7041132b78589588034208c944ac1dd +gpg: Signature made Wed 21 Feb 2024 01:50:19 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sat Nov 25 14:50:32 2023 -0500 + + Tethering refresh for CDC NCM/CDC EEM mobile phones (tested on GrapheneOS Pixel 6a, no more RNDIS support) + + - Add additional requirements to linux config + - Add additional CONFIG_MOBILE_TETHERING=y to all maximized board configs + - Fix issue under network-recovery-init to NTP sync against NTP server pool + - Extend network-recovery-init to first try NTP sync against DNS server returned by DHCP answer + - Remove network-recovery-init earlytty and tty0 redirection (console should be setuped properly by init in all cases) + - If CONFIG_MOBILE_TETHERING=y added to board config and network-recovery-init called, wait to user input on instructions and warning 30 secs before proceeding (non-blocking) + - Machines having STATIC_IP under board config won't benefit of autoatic NTP sync + + Since network-recovery-init can only be called from recovery shell now, and recovery shell can be guarded by GPG auth, this is PoC code to be used to complement TOTP being out of sync + + TODO(Future PR): + - Refactor into functions and reuse into TOTP/HOTP being out of sync automatically. + + Signed-off-by: Thierry Laurion + +commit 95f9636a1adb26fc061228443ec6910ffe39c02b +gpg: Signature made Fri 16 Feb 2024 01:32:34 PM EST +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 5bff51952d 4af780864f +Author: Thierry Laurion +Date: Fri Feb 16 13:32:34 2024 -0500 + + Merge pull request #1614 from Dasharo/fix_openssl_compilation + + modules/openssl: remove libgcc path hack + +commit 4af780864fcca6364afc8ec038787541193326f4 +gpg: Signature made Fri 16 Feb 2024 02:20:14 AM EST +gpg: using RSA key 3A07364F010D7C71552FAFA687F342A528DFD8E5 +gpg: issuer "michal.kopec@3mdeb.com" +gpg: Can't check signature: No public key +Author: Michał Kopeć +Date: Fri Feb 16 08:18:38 2024 +0100 + + modules/openssl: remove libgcc path hack + + Passing the path to libgcc in LDFLAGS appears to no longer be needed. + Removing this fixes compilation on a freshly cloned repo. + + Fixes #1507 + + Signed-off-by: Michał Kopeć + +commit a6228b9843348beb09ac77cf066682e74253a3bd +gpg: Signature made Fri 02 Feb 2024 05:15:16 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Feb 2 16:42:33 2024 -0500 + + functions: Improve detect_boot_device to silence exFAT errors + + When testing a possible boot device, detect its partition type and + skip grub, LUKS, and LVM partitions. These aren't mountable as /boot, + this silences spurious exFAT errors. + + In detect_boot_device, skip testing CONFIG_BOOT_DEV a second time if it + is found as a block device. This avoids doubling any errors shown from + checking this device, no sense trying it twice. + + Refactor some logic to avoid duplication - extract + device_has_partitions and use it in detect_boot_device, extract + mount_possible_boot_device and use it instead of duplicating the logic. + + Move find_lvm_vg_name() to /etc/functions. + + Avoid mixing up similarly-named devices like 'nvme0n1'/'nvme0n10' or + 'sda'/'sdaa' - it's probably unlikely that many devices will appear, + but looking for partitions in '/sys/class/block//' instead of + '/dev/' would avoid any collisions. + + Signed-off-by: Jonathon Hall + +commit 8233c6f44244e03f33efd791880aed05cb0f1a20 +gpg: Signature made Fri 02 Feb 2024 01:45:59 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Feb 2 13:24:34 2024 -0500 + + init: Silence exFAT errors when mounting iso9660; reorder exfat last + + Since exFAT support was enabled, mounting an iso9660 filesystem prints + spurious exFAT errors to the console. That is because busybox mount + tries all filesystems in the order listed, and exfat precedes iso9660 + (those are the last two in our config). Most filesystems are silent + when used on the wrong type of filesystem, but exFAT logs errors, which + appear on the console. + + Move exFAT after iso9660, so iso9660 filesystems won't show these + errors. The errors will still appear if the filesystem is actually + exFAT but cannot be mounted. + + There's no significant risk of misdetecting a remnant iso9660 + superblock here either. Although an iso9660 superblock could fall in + the unused space between the exFAT boot region and the FAT itself, + mkfs.exfat does zero this space so it is unlikely such a remnant + superblock would exist. + + Signed-off-by: Jonathon Hall + +commit 5bff51952d0bf8888b7b171ed14ac052ca33f597 +gpg: Signature made Thu 01 Feb 2024 04:13:45 PM EST +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 5a75e6bffa 40c34453df +Author: tlaurion +Date: Thu Feb 1 16:13:45 2024 -0500 + + Merge pull request #1601 from tlaurion/switch_TRACE_to_TRACE_FUNC_everywhere_possible + + all scripts: replace TRACE manual strings with dynamic tracing by bash debug + +commit 40c34453dfee83b05ff25badf9c430ba73f458c5 +gpg: Signature made Thu 01 Feb 2024 03:49:08 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Feb 1 14:30:31 2024 -0500 + + all scripts: replace TRACE manual strings with dynamic tracing by bash debug + + Exception: scripts sourcing/calls within etc/ash_functions continues to use old TRACE functions until we switch to bash completely getting rid of ash. + This would mean getting rid of legacy boards (flash + legacy boards which do not have enough space for bash in flash boards) once and for all. + + Signed-off-by: Thierry Laurion + +commit 5a75e6bffa29f661dc5397f7c8b3707d58341ccb +gpg: Signature made Thu 01 Feb 2024 02:25:48 PM EST +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: cc918059c9 84040176fa +Author: tlaurion +Date: Thu Feb 1 14:25:48 2024 -0500 + + Merge pull request #1586 from JonathonHall-Purism/root-file-hash-qubes + + Root file hashing: support Qubes default partition layout (+ tracing helpers) + +commit cc918059c97085b0c587b025330643d611fe2789 +gpg: Signature made Thu 01 Feb 2024 11:53:30 AM EST +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 4aed2a3318 d22cf5ec7b +Author: tlaurion +Date: Thu Feb 1 11:53:30 2024 -0500 + + Merge pull request #1583 from JonathonHall-Purism/laptops-optional-usb-keyboard + + Allow laptops to include optional USB keyboard support + +commit 4aed2a331893bf94aa63c195bc3d843f30fb1647 +gpg: Signature made Wed 31 Jan 2024 04:56:42 PM EST +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: 25066e5fad 2b41a740c4 +Author: tlaurion +Date: Wed Jan 31 16:56:42 2024 -0500 + + Merge pull request #1590 from JonathonHall-Purism/librem-kernel-6.1.8-reconfig + + config/linux-librem_common-6.1.8: Rebuild starting with 5.10 config + +commit d22cf5ec7b45f4e9d43becc336f73715a017eb4d +gpg: Signature made Wed 31 Jan 2024 10:48:26 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 9b4eb8df71 25066e5fad +Author: Jonathon Hall +Date: Wed Jan 31 10:48:24 2024 -0500 + + Merge remote-tracking branch 'github-heads/master' into laptops-optional-usb-keyboard + +commit 9b4eb8df716e91a904b0a1ac8b33c33fb4dd191e +gpg: Signature made Wed 31 Jan 2024 09:59:33 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 31 09:58:35 2024 -0500 + + config-gui.sh: Reword USB keyboard notice, show on enable only + + Reword the notice shown when enabling USB keyboards based on feedback. + Remove the notice when disabling USB keyboard support, show it only + when enabling. + + Signed-off-by: Jonathon Hall + +commit 25066e5fad756a871bdd1bf60acd9d644ef3b447 +gpg: Signature made Mon 22 Jan 2024 02:02:38 PM EST +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: bd9125fe1c 55e3a192be +Author: tlaurion +Date: Mon Jan 22 14:02:38 2024 -0500 + + Merge pull request #1596 from Nitrokey/up-v2.4.1 + + coreboot-nitrokey: hard-code ME state during boot + +commit bd9125fe1cc1d5338e4c07aed36ee4d726f2c3a8 +gpg: Signature made Mon 22 Jan 2024 02:02:08 PM EST +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: f877739095 4f2b1b68b0 +Author: tlaurion +Date: Mon Jan 22 14:02:08 2024 -0500 + + Merge pull request #1595 from tlaurion/fix_tpm_duk_retry + + Fix TPM DUK retry loop (bogus), uniformize related vocabulary + +commit 55e3a192be1425ac406d356e1a3d52f3a27915a9 +gpg: Signature made Mon 22 Jan 2024 09:46:34 AM EST +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Mon Jan 22 14:16:27 2024 +0100 + + coreboot-nitrokey: hard-code ME state during boot, fixes Nitrokey/heads#39 + + Signed-off-by: Markus Meissner + +commit 4f2b1b68b0081c9e37526a8f8359d1a762a7c2ba +gpg: Signature made Sat 20 Jan 2024 11:48:04 AM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jan 19 12:34:37 2024 -0500 + + initrd/bin/kexec-unseal-key: never show final PCRs content but in DEBUG mode/Recovery Shell + + Next steps on this is introspection and PCRs reconstruction helpers, which will output in DEBUG and be usable from recovery shell. + We have to keep in mind that providing those tools is useful in DEBUG mode and for users having access to Recovery Shell. + But currently, having access to cbmem -L output and final PCRs content is making it too easy for Evil Maid to know what needs to be hardcoded to pass measured boot. + + Signed-off-by: Thierry Laurion + +commit 6db03b0bdd4263127694652a2584429656f9bf9f +gpg: Signature made Sat 20 Jan 2024 11:47:41 AM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jan 19 12:32:04 2024 -0500 + + Uniformize vocabulary: LUKS TPM Disk Unlock Key & LUKS Disk Recovery Key + + When playing with long fbwhiptail/whiptail messages, this commit played around the long string using fold. + + ''' + echo -e "This will replace the encrypted container content and its LUKS Disk Recovery Key.\n\nThe passphrase associated with this key will be asked from the user under the following conditions:\n 1-Every boot if no Disk Unlock Key was added to the TPM\n 2-If the TPM fails (hardware failure)\n 3-If the firmware has been tampered with/modified by the user\n\nThis process requires you to type the current LUKS Disk Recovery Key passphrase and will delete the LUKS TPM Disk Unlock Key slot, if set up, by setting a default boot LUKS key slot (1) if present.\n\nAt the next prompt, you may be asked to select which file corresponds to the LUKS device container.\n\nHit Enter to continue." | fold -w 70 -s + ''' + + Which gave the exact output of what will be inside of the fbwhiptail prompt, fixed to 70 chars width: + + ''' + This will replace the encrypted container content and its LUKS Disk + Recovery Key. + + The passphrase associated with this key will be asked from the user + under the following conditions: + 1-Every boot if no Disk Unlock Key was added to the TPM + 2-If the TPM fails (hardware failure) + 3-If the firmware has been tampered with/modified by the user + + This process requires you to type the current LUKS Disk Recovery Key + passphrase and will delete the LUKS TPM Disk Unlock Key slot, if set + up, by setting a default boot LUKS key slot (1) if present. + + At the next prompt, you may be asked to select which file corresponds + to the LUKS device container. + + Hit Enter to continue. + ''' + + Therefore, for long prompts in the future, one can just deal with "\n 1-" alignments to be respected in prompts and have fold deal with cutting the length of strings properly. + + Signed-off-by: Thierry Laurion + +commit 4bc284e7fb54ca1424e77ea2428ead3a6ae8be1b +gpg: Signature made Fri 19 Jan 2024 02:44:50 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Jan 19 11:51:20 2024 -0500 + + TPM DUK: Fix passphrase retry and code to support both LUKSv1/LUKSv2 output to check active keyslot 1 is not the only one existing + + Signed-off-by: Thierry Laurion + +commit f877739095280d6baee0cefe3410ee805c2f0c53 +gpg: Signature made Fri 19 Jan 2024 10:37:48 AM EST +gpg: using RSA key B5690EEEBB952194 +gpg: Good signature from "GitHub " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 +Merge: cb518e4f1b cb61739139 +Author: tlaurion +Date: Fri Jan 19 10:37:48 2024 -0500 + + Merge pull request #1594 from JonathonHall-Purism/blob_jail_warn + + initrd/bin/inject_firmware.sh: Fix warning command + +commit cb617391397e968b79197ac57e423db8f0e55664 +gpg: Signature made Fri 19 Jan 2024 09:53:53 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 22 09:42:54 2023 -0400 + + initrd/bin/inject_firmware.sh: Fix warning command + + The function is 'warn', not 'WARN'. + + Signed-off-by: Jonathon Hall + +commit 84040176faa142438608f42c71109bbdc8b0379b +gpg: Signature made Wed 17 Jan 2024 04:34:48 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 17 16:30:31 2024 -0500 + + modules/bash: Enable readline + + Restores autocomplete and makes bash more usable as an interactive + shell. Added 106 KB to compressed initrd (checked librem_14). + + Signed-off-by: Jonathon Hall + +commit ae29ddbc78cb7004bb27a57c986dd949da24ec1f +gpg: Signature made Wed 17 Jan 2024 04:34:48 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 17 16:29:50 2024 -0500 + + initrd/bin/root-hashes-gui.sh: Remove debug statement for non-LVM-PV + + This statement was confusing and should be clear from tracing anyway. + + Signed-off-by: Jonathon Hall + +commit 80b57eb60dbaf3fc64ecf6723940aa3167d5c71e +gpg: Signature made Wed 17 Jan 2024 04:34:47 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 10 17:13:44 2024 -0500 + + initrd/bin/root-hashes-gui.sh: Qubes support, faster hash creation + + Don't spew the root hashes to the console when creating the hash file. + This speeds up hash creation significantly. A basic Qubes install on a + cheap (slow) SATA SSD reduced from about 1.5 minutes to just under 1 + minute, and a PureOS install on a fast NVMe disk reduced from 2.5 + minutes to 1 minute. + + Support opening LVM volume groups to find the root disk. If an LVM PV + is found, its group is opened and the 'root' volume is used. There is + no way to set the volume name in this iteration; this is the default + name used by Qubes and probably common to many LVM OS installations. + LUKS and LVM can be mixed. Tested LUKS (PureOS) and LUKS+LVM (Qubes). + + Always cd to "$ROOT_MOUNT" in a subshell, improves robustness of + scripts (previously some functions only worked if they were called + after another function had cd'd to "$ROOT_MOUNT"). + + Signed-off-by: Jonathon Hall + +commit 70d249ae4651753776798f429c050bf618038a03 +gpg: Signature made Wed 17 Jan 2024 04:34:47 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 10 17:09:57 2024 -0500 + + intird/bin/config-gui.sh: Clarify root hash menu item, minor cleanup + + Say the action to take in the menu (enable or disable) instead of just + "Check root hashes at boot". + + Clean up some use of load_config_value, set_config, combine_configs. + Get config values from the environment directly. set_user_config does + set_config and combine_configs. + + Signed-off-by: Jonathon Hall + +commit de1592e2f52ef08f4f0a6be40d3fc7f346973048 +gpg: Signature made Wed 17 Jan 2024 04:34:47 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 10 17:08:23 2024 -0500 + + lvm2: Support LVM2 thin provisioned volumes + + Support LVM2 thin-provisioned volumes. LVM2 wants the thin_check + utility by default, but it has multiple dependencies we do not + currently ship (boost, libexpat, others), so disable it. + + Signed-off-by: Jonathon Hall + +commit e0b46d086ac18826979b03e67a4405275801e1a0 +gpg: Signature made Wed 17 Jan 2024 04:32:37 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 10 17:04:21 2024 -0500 + + functions: TRACE_FUNC and DEBUG_STACK + + Add TRACE_FUNC to trace the file, line, and name of the calling + function. File and function names don't have to be duplicated in a + TRACE statement with this (they tend to become inaccurate as functions + are renamed and the TRACE statement is forgotten). + + Add DEBUG_STACK to dump the bash stack to debug output. + + Configure bash with --enable-debugger. Bash doesn't actually include + the entire debugger, this is just some supporting variables for it. + Evidently, BASH_SOURCE[n] is only set within a function if this is + enabled. I couldn't find this indicated in any documentation, but it + happened in practice. + + Compressed initrd size only increased by 2560 bytes for librem_mini_v2, + I think that is fine. This also gives us BASH_ARGC/BASH_ARGV which + might be useful for diagnostics. + + Signed-off-by: Jonathon Hall + +commit 2b41a740c4ee95ba7dafcea2f99e736785f93e37 +gpg: Signature made Wed 17 Jan 2024 04:12:16 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 17 16:10:03 2024 -0500 + + config/linux-librem_common-6.1.8: Rebuild starting with 5.10 config + + Rebuild the kernel 6.1.8 config for Librem devices starting from the + current 5.10 config as a base. The current 5.10 config had cleaned up + some unneeded options, but that hadn't been carried over to the 6.1.8 + config. + + Graphics init still uses EFIFB in the 6.1.8 kernel. 5.10 keeps DRM+ast + to support librem_l1um (the only board still using it). + + Signed-off-by: Jonathon Hall + +commit cb518e4f1b3450531b701d0af6a7a95d185a4dbc +gpg: Signature made Thu 11 Jan 2024 09:58:44 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: de7dad25d7 a42812d60c +Author: tlaurion +Date: Thu Jan 11 09:58:44 2024 -0500 + + Merge pull request #1584 from tlaurion/ppc64le_cross_build_changes + + ppc64le builder required changes + +commit a42812d60c9282f051c5b887c7b1b6819f82c067 +gpg: Signature made Wed 10 Jan 2024 06:28:47 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Wed Jan 10 17:46:28 2024 -0500 + + ppc64le builder required changes + + popt: too old to have a working config.guess + libusb-compat: not needed for gpg2 + gpg2: depend on libusb not libusb-compat + + Signed-off-by: Thierry Laurion + +commit 0a823cb491be440570726269960ea9e1a56009f6 +gpg: Signature made Wed 10 Jan 2024 03:38:06 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jan 9 09:43:28 2024 -0500 + + Allow laptops to include optional USB keyboard support + + Laptops can include optional USB keyboard support (default off unless + the board also sets the default to 'y'). The setting is in the + configuration GUI. + + CONFIG_USER_USB_KEYBOARD is now the user-controlled setting on those + boards. 'CONFIG_USB_KEYBOARD' is no longer used to avoid any conflict + with prior releases that expect this to be a compile-time setting only + (conflicts risk total lock out requiring hardware flash, so some + caution is justified IMO). + + Boards previously exporting CONFIG_USB_KEYBOARD now export + CONFIG_USB_KEYBOARD_REQUIRED. Those boards don't have built-in + keyboards, USB keyboard is always enabled. (librem_mini, + librem_mini_v2, librem_11, librem_l1um, librem_l1um_v2, talos-2, + kgpe-d16_workstation-usb_keyboard, x230-hotp-maximized_usb-kb). + + Librem laptops now export CONFIG_SUPPORT_USB_KEYBOARD to enable + optional support. The default is still 'off'. + + Signed-off-by: Jonathon Hall + +commit de7dad25d7238d5e0ae554b7fdacfa6b04310bde +gpg: Signature made Wed 10 Jan 2024 03:07:12 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: be1835b9ad ff1d606be6 +Author: tlaurion +Date: Wed Jan 10 15:07:12 2024 -0500 + + Merge pull request #1582 from JonathonHall-Purism/coreboot_dep_ln_fix + + bin/fetch_coreboot_crossgcc_archive.sh: ln -s again if link exists + +commit be1835b9ad9bfa05eebcdd9956e8859208656a6e +gpg: Signature made Wed 10 Jan 2024 03:05:51 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 90d1c2e9e3 905d40bd9b +Author: tlaurion +Date: Wed Jan 10 15:05:51 2024 -0500 + + Merge pull request #1581 from JonathonHall-Purism/flash-gui-errors + + Show error messages for various media errors in flash-gui.sh + +commit ff1d606be669b045e74bf472224dbdaf1273e6ac +gpg: Signature made Wed 10 Jan 2024 01:26:55 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 10 13:24:34 2024 -0500 + + bin/fetch_coreboot_crossgcc_archive.sh: ln -s again if link exists + + Changes in things like modules/coreboot will check the coreboot + toolchain archives again. We reuse the cached archive already, but the + final ln -s may fail if the link already exists. Remove it first and + link again. + + Signed-off-by: Jonathon Hall + +commit 905d40bd9b4a9cbbd7ad7b009f770ce54ebcfddd +gpg: Signature made Tue 09 Jan 2024 03:15:24 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jan 9 13:11:01 2024 -0500 + + initrd/bin/flash-gui.sh: Show error if find fails due to I/O error + + 'find' may fail if I/O errors occur (medium faulty or removed, + filesystem corruption, etc.) Show a message if this occurs rather than + just dying and returning to the main menu. + + Signed-off-by: Jonathon Hall + +commit 40e96c7daec69082ef0110cb04db74d32f65fc2a +gpg: Signature made Tue 09 Jan 2024 03:15:24 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jan 8 16:50:40 2024 -0500 + + initrd/bin/flash-gui.sh: Show message if plain ROM is unreadable + + If the user selects a plain ROM, but that file can't be read, show a + message and exit rather than dying. Copy the ROM to RAM before doing + anything with it in case the media fails later. + + Signed-off-by: Jonathon Hall + +commit 7e57ce181b37692be59ddfb626e0b949247bd2c3 +gpg: Signature made Tue 09 Jan 2024 03:15:24 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jan 8 16:32:20 2024 -0500 + + initrd/bin/flash-gui.sh: Fix indentation + + Signed-off-by: Jonathon Hall + +commit 90d1c2e9e30c7b2d56ff19970e14236fe3af2763 +gpg: Signature made Tue 09 Jan 2024 03:12:03 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8e1e402dac a2ebf251e0 +Author: tlaurion +Date: Tue Jan 9 15:12:03 2024 -0500 + + Merge pull request #1578 from JonathonHall-Purism/config-automatic-boot-delay + + initrd/bin/config-gui.sh: Allow configuring automatic boot + +commit a2ebf251e0780d6b92e2d87e30a958d892c4ca49 +gpg: Signature made Tue 09 Jan 2024 03:06:04 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Thierry Laurion +Date: Tue Jan 9 14:33:23 2024 -0500 + + hotp boards: enable autoboot after 5 seconds if reverse HOTP against USB Security Dongle is successful by default + + Signed-off-by: Thierry Laurion + +commit 8e1e402dac1cf80bfabdd33997fc3c45cd7a508a +gpg: Signature made Tue 09 Jan 2024 03:03:17 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4ece1a1fe4 012400af1b +Author: tlaurion +Date: Tue Jan 9 15:03:17 2024 -0500 + + Merge pull request #1580 from tlaurion/force_absence_dirmngr + + gpg2: make sure dirmngr is not spawn to refresh keys under initrd/.gnupg/gpg.conf + +commit 4ece1a1fe4f6324f5ff18590b4117ed10a7238f5 +gpg: Signature made Tue 09 Jan 2024 02:49:15 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 025b4d0dfc 5a00bfc035 +Author: tlaurion +Date: Tue Jan 9 14:49:15 2024 -0500 + + Merge pull request #1579 from JonathonHall-Purism/seal-hotpkey-error + + initrd/bin/seal-hotpkey: Show error if /boot can't be mounted + +commit 012400af1b5893f64831a2443b9f0c85948cd69b +gpg: Signature made Tue 09 Jan 2024 12:53:57 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Jan 9 12:53:20 2024 -0500 + + gpg2: make sure dirmngr is not spawn to refresh keys under initrd/.gnupg/gpg.conf + + Signed-off-by: Thierry Laurion + +commit 5a00bfc035ca92d4275555350f21062f8014a365 +gpg: Signature made Tue 09 Jan 2024 12:27:59 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jan 8 15:41:59 2024 -0500 + + initrd/bin/seal-hotpkey: Show error if /boot can't be mounted + + If we can't mount /boot, show a meaningful error rather than dropping + to a recovery shell. + + Dropping to a recovery shell should be a last resort. Users that know + how to use the recovery shell know how to get there. Users that don't + know how to use it can be completely stuck and may not know how to get + back to the menu or even how to turn off the device. + + Signed-off-by: Jonathon Hall + +commit 025b4d0dfcaf1bf2c23b6e8024a6aa60de890683 +gpg: Signature made Tue 09 Jan 2024 12:21:30 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c9e067c721 93ccf25d24 +Author: tlaurion +Date: Tue Jan 9 12:21:30 2024 -0500 + + Merge pull request #1576 from JonathonHall-Purism/package-mirrors + + Makefile: Support mirrors for dependency source packages + +commit 25b977d1e50fb320edf08cdd4ffd2fbb291e18c0 +gpg: Signature made Tue 09 Jan 2024 10:12:22 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jan 5 16:45:48 2024 -0500 + + initrd/bin/config-gui.sh: Allow configuring automatic boot + + Automatic boot can be configured in the configuration GUI. Options are + disable, 1 second, 5 seconds, or 10 seconds. + + Signed-off-by: Jonathon Hall + +commit 93ccf25d24bb73c89ff51e17d847bccc78bc61e2 +gpg: Signature made Tue 09 Jan 2024 10:04:15 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jan 9 10:03:51 2024 -0500 + + bin/fetch_coreboot_crossgcc_archive.sh: Symlink archives into coreboot + + Symlink the source archives into coreboot's crossgcc build rather than + copying them. + + Signed-off-by: Jonathon Hall + +commit e3805392027e2834a0db4dc9ab3478214ab6b7d8 +gpg: Signature made Mon 08 Jan 2024 03:38:46 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jan 5 15:11:21 2024 -0500 + + modules/coreboot: Disable Ada compiler for coreboot 4.11 + + Disable the Ada compiler, as it no longer compiles on Debian 12 and is + not needed. + + The Ada compiler is only used for libgfxinit - Intel native graphics + initialization. Neither of the boards on coreboot 4.11 uses this; + Aspeed graphics initialization is written in C (but is not used yet as + it only supports text mode in 4.11). + + Signed-off-by: Jonathon Hall + +commit f632897bb5b433797dc4112e8ef96e888479455b +gpg: Signature made Mon 08 Jan 2024 03:10:56 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jan 8 14:05:03 2024 -0500 + + modules/coreboot: Cache coreboot toolchain archives and use mirrors + + Download coreboot toolchain archives into packages/ before + coreboot tries to download them. This allows us to use mirrors to get + the archives. We could also update the primary source this way if it + goes down instead of patching coreboot itself (has happened for IASL). + + The archive versions and digests are retrieved from the coreboot + module, so there isn't another copy of that info to maintain. That is + done in bin/fetch_coreboot_crossgcc_archive.sh, which uses the + existing fetch script to do the actual download, leveraging mirrors. + + bin/fetch_source_archive.sh supports using a SHA-1 digest instead of + SHA-256, since coreboot has SHA-1 digests. It also checks if the file + already exists (deleting the coreboot directory will cause it to be + re-run, but the packages are already there and can be used from cache). + + The coreboot-4.11 IASL patch is updated to delete the outdated acpica + archive digest (it already added the new one, but the old one was still + there). bin/fetch_coreboot_crossgcc_archive.sh finds the archive + version and digest from the digest files, so only one acpica file must + be present. + + Signed-off-by: Jonathon Hall + +commit 29203782f617233e7c92535086a9da3af2f6f9e3 +gpg: Signature made Fri 05 Jan 2024 01:17:49 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jan 5 13:17:01 2024 -0500 + + bin/fetch_source_archive.sh: Use Heads package names when they differ + + Use the Heads name for a package when it differs from the primary + source. E.g. musl-cross-make's archive is just .tar.gz, which + makes little sense out of context. musl-cross-.tar.gz makes + more sense for a mirror. + + Signed-off-by: Jonathon Hall + +commit 3a93b30d5b767b0ec5546d0241581be1701aabb6 +gpg: Signature made Fri 05 Jan 2024 12:54:58 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jan 5 12:49:36 2024 -0500 + + Makefile: Support mirrors for dependency source packages + + Try to download dependency source packages from mirrors if the primary + source fails or the archive has changed. + + Move the download and verify logic to bin/fetch_source_archive.sh. The + mirror list is here, currently only + https://storage.puri.sm/heads-packages/, but others can be added. The + mirror list is randomized to load each mirror equally. + + The verify logic is moved to this script too so it can fail over to a + mirror (or another mirror) if a mismatched archive is served, not just + for a failure. Makefile no longer needs to verify separately and there + are no separate .*-_verify files any more, the archive is only moved to + its final place once verified. + + Add `packages` target to just fetch all needed packages for a board, + facilitates seeding a mirror. + + Signed-off-by: Jonathon Hall + +commit c9e067c72199dbc90b5e26240317d38a82d9fe1c +gpg: Signature made Thu 04 Jan 2024 10:13:08 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ea0a599dec fbbdc94634 +Author: tlaurion +Date: Thu Jan 4 22:13:08 2024 -0500 + + Merge pull request #1575 from tlaurion/revert_waybackmachine_usage_for_circleci + + switch back from web.archive.org to cairographics.org (CircleCI is rate limited) + +commit fbbdc94634f064ffd0450d59aea2492ceba1c173 +gpg: Signature made Thu 04 Jan 2024 09:33:34 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Jan 4 21:32:08 2024 -0500 + + switch back from web.archive.org to cairographics.org (CircleCI is rate limited over web.archive.org:not a solution.... + + Adds up to https://github.com/linuxboot/heads/issues/1198 + + Signed-off-by: Thierry Laurion + +commit ea0a599dec10e03ae1434c2213bdcd2422355c7a +gpg: Signature made Thu 04 Jan 2024 05:12:12 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 449977b617 77f9933538 +Author: tlaurion +Date: Thu Jan 4 17:12:12 2024 -0500 + + Merge pull request #1570 from tlaurion/automate_blobs_download_xx30_xx20 + + Automate blobs download for xx30 xx20 boards + +commit 77f9933538fe00d9cbf1ed0887c4758f9b10bb77 +gpg: Signature made Thu 04 Jan 2024 03:33:21 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Jan 4 13:48:52 2024 -0500 + + xx20/xx30 blob based boards: move ME blobs target outside of board configs (targets/xx*_blobs.mk) + Makefile: have inclusion of all defined $BOARD BOARD_TARGETS (me, split_8mb4mb, ...) + + TODO: VBIOS scripts for W530/T530 need way more work. To be done later. + + Signed-off-by: Thierry Laurion + +commit d7c2bda11200e9f9caed10d5f030ccfcd083b30b +gpg: Signature made Thu 04 Jan 2024 02:21:13 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Jan 4 13:22:41 2024 -0500 + + blobs/xx20/download_parse_me.sh: cleanup and don't continue if hash is good + + Signed-off-by: Thierry Laurion + +commit f2079dbe4435f9130242996057fa51b1a534e70b +gpg: Signature made Thu 04 Jan 2024 02:21:11 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Thu Jan 4 13:10:57 2024 -0500 + + blobs/xx30 scripts: cleanup and don't continue if hash is good + + Signed-off-by: Thierry Laurion + +commit de951f7156b6cdf17cdbfe49a5c04ea52ccb75b7 +gpg: Signature made Thu 04 Jan 2024 02:21:10 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Jan 2 18:46:34 2024 -0500 + + CircleCI : readd blobs cache in prep step to download once and pass through workspace cache + + Signed-off-by: Thierry Laurion + +commit 197914b396694356108d5db10c52f47d843588cc +gpg: Signature made Thu 04 Jan 2024 02:21:08 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Jan 2 13:23:33 2024 -0500 + + xx20 boards and circleci: Have boards download extract and neuter me by board config + + Fix https://github.com/linuxboot/heads/issues/1569 part of error linked to me not being available in blobs/xx20/me.bin + + Signed-off-by: Thierry Laurion + +commit 753aa3950380559bd9e293c985e4b798f6871201 +gpg: Signature made Thu 04 Jan 2024 02:21:06 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Nov 10 15:04:48 2023 -0500 + + CircleCI: test commit to have all boards download their own blobs + + Signed-off-by: Thierry Laurion + +commit 24571d91bcb4aa93c4ef8e08d095c6d45e7995ce +gpg: Signature made Thu 04 Jan 2024 02:21:05 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Nov 10 15:03:46 2023 -0500 + + CircleCI: readd xx30 call to have ME downloaded for all boards. Next commit will remove all those to test boards downloading of all blobs, but this is not desirable for CI where we want blobs to be downloaded once in prep step not from each board. + + Signed-off-by: Thierry Laurion + +commit 0d6cba852b0b048189d09cd799cb9f1d39ac14e4 +gpg: Signature made Thu 04 Jan 2024 02:21:03 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Nov 10 15:00:55 2023 -0500 + + w530-dgpu K2000 boards : have the boards call vbios download script automatically. Breaks on debian-12 as of now but should work on debian-11 for others, gems say deprecated calls.... + + Signed-off-by: Thierry Laurion + +commit 1fea3e446316e5e6857eddb161e221f7f13551d1 +gpg: Signature made Thu 04 Jan 2024 02:21:01 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Nov 10 14:51:59 2023 -0500 + + t530-dgpu boards : have the boards call vbios download script automatically. Breaks on debian-12 as of now but should work on debian-11 for others, gems say deprecated calls.... + + Signed-off-by: Thierry Laurion + +commit 43d1b4ed81910b0b93557595e340a25dfe37492c +gpg: Signature made Thu 04 Jan 2024 02:21:00 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Nov 10 14:48:06 2023 -0500 + + xx30: have all xx30 download me automatically. + + Signed-off-by: Thierry Laurion + +commit 449977b617647b6d4db6eb1d410251c21b07a315 +gpg: Signature made Wed 03 Jan 2024 03:49:55 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 07db2ddb6c 5e43bcd2f4 +Author: tlaurion +Date: Wed Jan 3 15:49:55 2024 -0500 + + Merge pull request #1561 from Nitrokey/up-v2.4 + + Bump Dasharo Coreboot / hotp-verification; fix nitropad-nxx ec-powerdown + +commit 07db2ddb6ca5484ea967a32d9639ad36b920a246 +gpg: Signature made Tue 02 Jan 2024 04:20:31 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 65036f2ef7 2b65211fac +Author: tlaurion +Date: Tue Jan 2 16:20:31 2024 -0500 + + Merge pull request #1573 from tlaurion/cairo_use_waybackmachine + + modules/cairo: www.cairographics.org down again. Use web.archive.org archive + +commit 2b65211fac400d7c8edb4230a104fb1e7c633f45 +gpg: Signature made Tue 02 Jan 2024 04:18:47 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Jan 2 16:18:30 2024 -0500 + + modules/cairo: www.cairographics.org down again. Use web.archive.org archive + + Signed-off-by: Thierry Laurion + +commit 65036f2ef789fdbbf4f0a9e625c640e394198b70 +gpg: Signature made Tue 02 Jan 2024 03:15:10 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 54e96ad00d 98e68366ea +Author: tlaurion +Date: Tue Jan 2 15:15:10 2024 -0500 + + Merge pull request #1571 from tlaurion/pixman_use_waybackmachine + + modules/pixman: www.cairographics.org down again. Use web.archive.org archive. + +commit 98e68366ead8a0046a492fd7f96961ec951fca34 +gpg: Signature made Tue 02 Jan 2024 03:13:46 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Tue Jan 2 15:12:06 2024 -0500 + + modules/pixman: www.cairographics.org down again. Use web.archive.org archive. + + Haven't found same archive elsewhere with same hash. + Adds up to https://github.com/linuxboot/heads/issues/1198 + + Signed-off-by: Thierry Laurion + +commit 54e96ad00d2e3ca7b39a0c26b741492472518073 +gpg: Signature made Sat 30 Dec 2023 10:10:07 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 129a772455 718a831481 +Author: tlaurion +Date: Sat Dec 30 22:10:07 2023 -0500 + + Merge pull request #1567 from tlaurion/Makefile_helpers_to_ease_moving_untested_boards + + Makefile helpers to ease moving untested boards (and move tested t420 and w530 boards) + +commit 718a8314817cd45f6446979f66c36d9f79fbe035 +gpg: Signature made Sat 30 Dec 2023 01:37:02 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sat Dec 30 13:33:50 2023 -0500 + + Board configs: move t420-hotp-maximized t420-maximized w530-maximized w530-hotp-maximized away from UNTESTED_ boards + + Signed-off-by: Thierry Laurion + +commit e81f59eac248c7c8aa41293f54eafe2432846eca +gpg: Signature made Sat 30 Dec 2023 01:32:39 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Sat Dec 30 13:29:16 2023 -0500 + + Makefile: Add basic helpers permitting to move boards from/to UNTESTED_ + + Adds two golbal helpers in Makefile: + - board.move_untested_to_tested + - board.move_tested_to_untested + + Which can be called by: + - make BOARD=UNTESTED_t420-maximized board.move_untested_to_tested + - make BOARD=x230-legacy board.move_tested_to_untested + + Signed-off-by: Thierry Laurion + +commit 129a772455e253775c42cb5592182f3fac2ea698 +gpg: Signature made Fri 29 Dec 2023 03:47:46 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 25d7b06063 b4068e61fa +Author: tlaurion +Date: Fri Dec 29 15:47:46 2023 -0500 + + Merge pull request #1566 from tlaurion/TPM_DUK_reuse_tpm_owner_pass + + tpmr: fix TPM Disk Unlock Key which was not using proper cached TPM owner passphrase. + +commit b4068e61fa7fd0c782b8ca37347f4d9b8db38463 +gpg: Signature made Fri 29 Dec 2023 03:22:32 PM EST +gpg: using RSA key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 +gpg: Good signature from "Insurgo Open Technologies/Technologies Libres (With key material backup) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0ACC B2B6 64EE 17E0 54B0 5E0B 4A38 DA8B EB9C 8396 + Subkey fingerprint: 575F 80D1 599E A6D2 C70A A9A1 9A53 E1BB 3FF0 0461 +Author: Thierry Laurion +Date: Fri Dec 29 14:38:21 2023 -0500 + + tpmr: fix TPM Disk Unlock Key which was not using proper cached passphrase. + + Add debugging that was needed to spot the issue + + Signed-off-by: Thierry Laurion + +commit 5e43bcd2f4db917598968db1a13ec93ac790392d +gpg: Signature made Fri 22 Dec 2023 10:14:42 AM EST +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Wed Dec 20 11:58:09 2023 +0100 + + hotp-verification: adapt to nk3 v1.6 security model + + * overwriting a hotp secret is not possible anymore + * make sure to delete the hotp secret before setting a new one + * requires one additional user presence check during HOTP setup + * bump to v1.5 + + Signed-off-by: Markus Meissner + +commit a1c13ff13224fae4e367270b2b6c1069facd584f +Author: Markus Meissner +Date: Mon Dec 18 22:29:15 2023 +0100 + + nitropad-nx: fix EC-based poweroff/reboot + + Signed-off-by: Markus Meissner + +commit 65abba9946991f80515261e68bca3bb42ae80deb +Author: Markus Meissner +Date: Mon Dec 18 20:43:17 2023 +0100 + + coreboot-nitrokey: update dasharo to v1.7.2 + + * remove all previous coreboot patches (as they are already included) + * to be investigated: linux trampoline patch + * add new patch to hardcode sleep configuration + * activate smmstore as dasharo vendor code requires it + + Signed-off-by: Markus Meissner + +commit 25d7b0606348c84824c691e0014805130e5f070c +gpg: Signature made Tue 19 Dec 2023 08:07:28 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fa2d4e8c87 ab97b242b4 +Author: tlaurion +Date: Wed Dec 20 01:07:28 2023 +0000 + + Merge pull request #1556 from JonathonHall-Purism/site-local-config + + Makefile: Allow downstreams to put local customizations in site-local/config + +commit ab97b242b4a82e0a1fb20e0a6ee8fe7632daa8dc +gpg: Signature made Tue 19 Dec 2023 02:14:27 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 0cb6d9154f fa2d4e8c87 +Author: Jonathon Hall +Date: Tue Dec 19 14:14:25 2023 -0500 + + Merge remote-tracking branch 'github-heads/master' into site-local-config + +commit fa2d4e8c87bf87717e8e61806c039c2c503ee524 +gpg: Signature made Tue 19 Dec 2023 01:32:57 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1915862e69 61843d890b +Author: tlaurion +Date: Tue Dec 19 18:32:57 2023 +0000 + + Merge pull request #1554 from tlaurion/ease_rebranding + + WiP: Ease cohesion of Heads expected features and rebranding + +commit 61843d890b52f056c3655c1e6c6197c1b127f63d +gpg: Signature made Tue 19 Dec 2023 01:06:39 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Dec 19 13:05:46 2023 -0500 + + Unify upstream board config defaults + + - Upstream boards will not deactivate TPM DUK + - Upstream will not force BRAND_NAME which currently defaults to Heads + - Upstream will not deactivate Qr code on screen output on HOTP sealing + - Upstream will not offer OEM reset defaults (deprecated and now default anyway) + + Signed-off-by: Thierry Laurion + +commit 1915862e692c005ad762bfe43d257c85e7178a51 +gpg: Signature made Mon 18 Dec 2023 04:50:02 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4a57c615e9 0308513c6c +Author: tlaurion +Date: Mon Dec 18 21:50:02 2023 +0000 + + Merge pull request #1553 from tlaurion/librems-enforce_heads_branding_bootsplash_upstream + + Librems : enforce upstream Heads branding bootsplash + +commit 0cb6d9154f5eba228ec04bb8f7afbdc526edefd7 +gpg: Signature made Mon 18 Dec 2023 04:49:52 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Dec 18 13:34:55 2023 -0500 + + Makefile: Allow downstream config in site-local/config + + Allow downstreams to add config to site-local/config, which can set + config options, including overriding board config and exporting config + to /etc/config. + + The intent of site-local is exactly the same as in coreboot - it is a + place for downstreams to add customizations that are included at well- + defined points in the build. site-local should never appear in the + upstream repository. coreboot's documentation explains this as well: + https://doc.coreboot.org/tutorial/managing_local_additions.html + + Move definitions of ROM artifacts later, so site config can override + BRAND_NAME (and still is included after board config to override it as + well). + + Signed-off-by: Jonathon Hall + +commit 12a099ad8e416da884403b103ea5dfcb67ff7de1 +gpg: Signature made Mon 18 Dec 2023 04:49:52 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Dec 18 16:45:46 2023 -0500 + + talos-2: Move PPC-style tgz update package targets to targets/ + + Move the targets generating talos-2's tgz update package to targets. + + While this wasn't duplicated, it breaks a cyclic dependency between + board config and BRAND_NAME by moving the ROM output name dependencies + later. The logic probably would be shared with similar boards if any + were supported, so it is in the spirit of the other targets/ shared + target Makefiles. + + Signed-off-by: Jonathon Hall + +commit 8ce9c9d438edabde15670bf37d5b58a8e16a9203 +gpg: Signature made Mon 18 Dec 2023 04:49:52 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Dec 18 16:44:59 2023 -0500 + + *-legacy-flash: Deduplicate generation of "top" ROM + + Move Makefile target for the "top" ROM to targets/legacy_flash.mk. + + Signed-off-by: Jonathon Hall + +commit d512cd4ad241beaf606d09e31b2f263bfffdea76 +gpg: Signature made Mon 18 Dec 2023 04:49:52 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Dec 18 16:44:00 2023 -0500 + + 12MB boards: Deduplicate generation of 8MB/4MB split ROMs + + Move Makefile targets for split ROMs to targets/split_8mb4mb.mk. + + Signed-off-by: Jonathon Hall + +commit c8e114166c1f2d1a68aae55ee3024025554da923 +gpg: Signature made Mon 18 Dec 2023 04:49:42 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Dec 18 15:24:21 2023 -0500 + + qemu: Deduplicate Qemu targets/documentation, extract from boards + + The 8 qemu-* targets all contained nearly-identical copies of the + targets to prepare the TPM/disk/etc. and then run Qemu. The only + significant differences were for TPM1/TPM2 (extra swtpm_setup step, + addition of --tpm2 to swtpm_setup and swtpm). ROOT_DISK_IMG used := or + = differently in some boards, := was kept. + + targets/qemu.mk now defines all Qemu targets and is included only for + qemu-* boards (by defining BOARD_TARGETS in each of those boards). + + The documentation was moved from qemu-coreboot-fbwhiptail-tpm1-hotp/ + qemu-coreboot-fbwhiptail-tpm1-htop.md to targets/qemu.md. The other 7 + qemu boards' symlinks to that file were removed. + + Signed-off-by: Jonathon Hall + +commit b8a06c5351e2dcd3369c27acd073358979b0a41f +gpg: Signature made Sat 16 Dec 2023 01:15:14 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Dec 16 13:15:14 2023 -0500 + + Librems/Nitropad: enable QR code printed on screen at TOTP/HOTP Generation + + Signed-off-by: Thierry Laurion + +commit d8f098cd5332d454fd9c3aeac4d45b1345f89258 +gpg: Signature made Sat 16 Dec 2023 12:56:58 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Dec 16 12:56:58 2023 -0500 + + All board configs: first line now BRAND_NAME=Heads to ease rebranding with sed scripts for downstream projects/forks + + Signed-off-by: Thierry Laurion + +commit bac35e3b3e6b8aadf531c139d3fa60c66657965d +gpg: Signature made Sat 16 Dec 2023 12:52:19 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Dec 16 12:52:19 2023 -0500 + + Librems/Nitropad: enable TPM DUK under Heads branding (CONFIG_TPM_NO_LUKS_DISK_UNLOCK=n) + + Signed-off-by: Thierry Laurion + +commit 0308513c6c3a9ad0146f98dea3b4b20858ed4dba +gpg: Signature made Fri 15 Dec 2023 11:39:00 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Dec 15 11:33:27 2023 -0500 + + Librem boards: add Heads bootsplash pointing to branding dir in attempt to fix #1552 + + commands used to do this semi-automatically: + meld config/coreboot-librem_14.config config/coreboot-x230-maximized.config + make BOARD=librem_14 coreboot.save_in_oldconfig_format_in_place + git diff > bootsplash + git reset --hard + find config/coreboot-librem* | while read config; do patch $config bootsplash; done + find config/coreboot-libre* | while read coreboot; do grep -Rn $coreboot boards/ ;done | awk -F "/" {'print $2'} | while read board; do make BOARD=$board coreboot.save_in_oldconfig_format_in_place; done + find ./config/ -name "*.rej" -o -name *.orig | xargs rm + git status |grep modified | awk -F ":" {'print $2'}| xargs git add + git commit --signoff + + Signed-off-by: Thierry Laurion + +commit c8804be5caa9d5e482390ddb0bdf6111630dd6d3 +gpg: Signature made Fri 15 Dec 2023 11:27:32 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Dec 15 11:27:05 2023 -0500 + + Librems boards: pass coreboot configs from defconfig to oldconfig + + Done with: + find config/coreboot-libre* | while read coreboot; do grep -Rn $coreboot boards/ ;done | awk -F "/" {'print $2'} | while read board; do make BOARD=$board coreboot.save_in_oldconfig_format_in_place + + Signed-off-by: Thierry Laurion + +commit 4a57c615e972149eefd52d95ba919ff54d53bb0a +gpg: Signature made Tue 12 Dec 2023 01:04:58 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6b936e76aa e0fabb1534 +Author: tlaurion +Date: Tue Dec 12 13:04:58 2023 -0500 + + Merge pull request #1522 from tlaurion/efifb_next_step_related_cleanups + + WiP: FB_EFI (EFIFB kernel module's framebuffer on top of libgfxinit or GOP) next steps related cleanups + +commit e0fabb1534040f7571a9e60c5defdc75a47dba27 +gpg: Signature made Tue 12 Dec 2023 11:33:56 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Dec 12 11:30:02 2023 -0500 + + NV41: adapt board config to remove CONFIG_BOOT_KERNEL_ADD=intel_iommu=igfx_off equally as for NS50 under 2fcef4a979a7b4c2173fd7f63e08e7a55b593934 and tested for NS50 at https://github.com/linuxboot/heads/pull/1522#issuecomment-1822489517 + + Signed-off-by: Thierry Laurion + +commit 0dbbae5dbc432ad5300f02c1943b516e18d3c892 +gpg: Signature made Mon 11 Dec 2023 04:07:02 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Dec 11 14:42:05 2023 -0500 + + Move t530, p8z77 and t420 boards to be prefixed with UNTESTED as per https://github.com/linuxboot/heads/pull/1522#issuecomment-1850734068. Note that w530 was already marked as UNTESTED, look for commit having moved this board as untested. + + Signed-off-by: Thierry Laurion + +commit 6b936e76aa941841148d34b1626c5fd2dd259617 +gpg: Signature made Wed 06 Dec 2023 10:59:42 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 851cc7f80c d640c3be28 +Author: tlaurion +Date: Wed Dec 6 22:59:42 2023 -0500 + + Merge pull request #1542 from UndeadDevel/luks_reencrypt_text_patch + + Luks functions text patch & change order of reencrypt and passphrase change + +commit 851cc7f80c729f543cd1acfc932fe62eba8732bd +gpg: Signature made Wed 06 Dec 2023 10:57:12 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9afe235a6b ce2abd4f29 +Author: tlaurion +Date: Wed Dec 6 22:57:12 2023 -0500 + + Merge pull request #1543 from UndeadDevel/UndeadDevel-patch-secrets-window-width + + Use a wider window to show the secrets + +commit d640c3be2819a9c7524ee8d5978433a69276cc9e +Author: UndeadDevel <30495439+UndeadDevel@users.noreply.github.com> +Date: Fri Dec 1 22:04:34 2023 +0000 + + Update oem-factory-reset + + Change order if user chooses both reencrypt and change passphrase, so that passphrase is changed first. + + Signed-off-by: Christian Foerster + +commit 920f871f9f39403ab7453c87ca159b305eaa6ceb +Author: UndeadDevel <30495439+UndeadDevel@users.noreply.github.com> +Date: Fri Dec 1 22:00:52 2023 +0000 + + Update luks-functions texts & reencrypt new pw use + + Removed all mentions of a "Recovery Disk Key" and replaced with "Disk Recovery Key". + + Fixed some grammatical errors. + + Added check for new passphrase in reencrypt function to accommodate switching of reencrypt and new passphrase setting order in oem-factory-reset. + + Signed-off-by: Christian Foerster + +commit ce2abd4f29ba1b583e04ddd1146067862b9480b2 +Author: Christian Foerster +Date: Wed Dec 6 14:53:15 2023 +0100 + + Apply suggestion + + Signed-off-by: Christian Foerster + +commit e98b26c32aa6aa1f7013db73541400d9b449ef37 +Author: UndeadDevel <30495439+UndeadDevel@users.noreply.github.com> +Date: Sun Dec 3 17:43:49 2023 +0000 + + Use better suggested solution (fold) + + Uses fold on the entire passphrase string now; tested in recovery shell of NK Heads 2.1. + Reverted change of WIDTH parameter (first commit of this PR). + + Signed-off-by: Christian Foerster + +commit 85e6f60438b5129994edcf100bd08e29317d6c38 +Author: UndeadDevel <30495439+UndeadDevel@users.noreply.github.com> +Date: Fri Dec 1 22:23:55 2023 +0000 + + Update oem-factory-reset - wider window to show secrets + + This partially fixes #1537, but while the increased width wouldn't be a problem on the NV41 AFAICT, I don't know about other machines. + + I don't know what @tlaurion means with "busybox's folding", which may be a better solution. + + Signed-off-by: Christian Foerster + +commit 9afe235a6bb4746ff6646f15fc266bb055925f72 +gpg: Signature made Sun 26 Nov 2023 11:58:49 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Sun Nov 26 11:58:49 2023 -0500 + + Update qemu-coreboot-fbwhiptail-tpm1-hotp.md + + Add bookworm swtpm installation instructions + +commit f2f0831a930c1d305709b711811b44dc734998ae +gpg: Signature made Wed 22 Nov 2023 12:33:48 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1f39d16c25 397a46203b +Author: tlaurion +Date: Wed Nov 22 12:33:48 2023 -0500 + + Merge pull request #1535 from Nitrokey/nk-storage-wa + + oem-factory-reset: kill scdaemon after aes regenerate on nk storage + +commit 397a46203bedcb77aeac24917e7fe254465128fb +Author: Markus Meissner +Date: Wed Nov 8 12:10:47 2023 +0100 + + oem-factory-reset: kill scdaemon after aes regenerate on nk storage + + The call to `hotp_verification regenerate` seems to leave the + communication in a bad state, thus the following `gpg` calls fail. With + this workaround `scdaemon` will resart with the next `gpg` call. + + Signed-off-by: Markus Meissner + +commit a7fe2840f0fad8bc84f3bd4f80ff598b6cf9551d +gpg: Signature made Tue 21 Nov 2023 02:34:43 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Nov 21 14:34:43 2023 -0500 + + nv41/nv51: add patch for efifb being able to drive libgfxinit/gop driven fb + + Signed-off-by: Thierry Laurion + +commit 664603cf8cb5fdaf10be576a7382c6b4c80a0b44 +gpg: Signature made Mon 20 Nov 2023 11:17:38 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 20 11:17:38 2023 -0500 + + Changeset based on nitrokey 2.3 release to understand what is attempted here. i915 is still under linux config on 2.3 release. coreboot is on gop, not libgfxinit. This is to open discussion. + + Signed-off-by: Thierry Laurion + +commit 0e42833ada7fcf875de4cb74d7ddc0ba12f641e9 +gpg: Signature made Mon 20 Nov 2023 09:42:28 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 10 10:59:52 2023 -0500 + + x230-legacy-flash board: fixup pointing to x230 as opposed to t430. Fix coreboot config path to bootsplash + + Signed-off-by: Thierry Laurion + +commit b1f1484ae2805579359d286828d639474f80b9d6 +gpg: Signature made Mon 20 Nov 2023 09:42:25 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 9 13:35:52 2023 -0500 + + linux config: oldconfig for all, make sure BRAND_NAME is there to be overriden + + TODO: linuxboot still not touched... + Signed-off-by: Thierry Laurion + +commit 7433920dee1be4428705ad5d5fce76524eeaa1e6 +gpg: Signature made Mon 20 Nov 2023 09:40:55 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 9 11:26:38 2023 -0500 + + coreboot configs: unify linux console output to 'quiet loglevel=2' but for qemu/flash boards + + Signed-off-by: Thierry Laurion + +commit 0f0cb99a02b6eb7e8f8a7a8cf4031bb23be9aff6 +gpg: Signature made Mon 20 Nov 2023 09:40:52 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 9 09:45:06 2023 -0500 + + Adapt NV41/NS50 changes, unify bootsplash file usage for branding + Taken from : https://github.com/Nitrokey/heads/tree/temp-release-v2.3 + + - Move branding/Heads/bootsplash-1024x768.jpg -> branding/Heads/bootsplash.jpg (We don't care about the size. Make filename generic) + - Adapt all coreboot configs so bootsplash is adapted by BRAND_NAME CONFIG_BOOTSPLASH_FILE="@BRAND_DIR@/bootsplash.jpg" + - Reminders : + - Makefile changes Heads to defined BRAND_NAME in board config + - Makefile changes -e 's!@BRAND_DIR@!$(pwd)/branding/$(BRAND_NAME)!g' + - nv41/nv50 + - coreboot oldefconfigs adapted by: + - make BOARD=nitropad-ns50 coreboot.modify_and_save_oldconfig_in_place + - make BOARD=nitropad-nv41 coreboot.modify_and_save_oldconfig_in_place + - linux oldefconfigs adapted by + - make BOARD=nitropad-nv41 linux.modify_and_save_oldconfig_in_place + - since this is shared config across nv41/ns50: it only needs to be done for a single board + + Signed-off-by: Thierry Laurion + +commit 6f276a391ba5d35a1aaf4df346cbbbfda32ed5b2 +gpg: Signature made Mon 20 Nov 2023 09:40:49 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 8 12:45:17 2023 -0500 + + kgpe-d16 linux configs: remove Intel related stuff, enable AMD related IOMMU settings + + Signed-off-by: Thierry Laurion + +commit 72e8c3936114d6a817d4055f8d3c1d72053fe0db +gpg: Signature made Mon 20 Nov 2023 09:40:45 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 8 12:29:10 2023 -0500 + + FB_EFI next step: make sure CONFIG_INTEL_IOMMU_DEFAULT_ON=y is on on all intel boards touched in past commit + + Touches c216, x230-flash, x230-legacy and x230-maximized. + TODO: Other boards, including AMD ones (qemu/kgpe) have this ON, including nv41/ns50 (which uses i915drm which most probably causes problems) + Note that qemu boards use q35 in config, but were made to have both i440fx and q35, where q35 is tested, which explains why its on by default there. + + Signed-off-by: Thierry Laurion + +commit f4a5a7cc10dc23ee7a6b5d400077be93ac411d00 +gpg: Signature made Mon 20 Nov 2023 09:40:42 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 8 11:53:54 2023 -0500 + + FB_EFI next step: remove coreboot's Heads linux intel_iommu statements. TODO: check linux config to see if enabling automatically works as expected. + + Signed-off-by: Thierry Laurion + +commit 2fcef4a979a7b4c2173fd7f63e08e7a55b593934 +gpg: Signature made Mon 20 Nov 2023 09:40:39 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 8 11:47:18 2023 -0500 + + FB_EFI next step: remove CONFIG_BOOT_KERNEL_ADD=intel_iommu=on intel_iommu=igfx_off, add CONFIG_BOOT_KERNEL_REMOVE=intel_iommu=on intel_iommu=igfx_off, remove quiet removal from CONFIG_BOOT_KERNEL_REMOVE. TLDR: do not interfere with OS setting its own boot policies + + Signed-off-by: Thierry Laurion + +commit 1f39d16c25b426b176cefe4f8ef786c8743aed3d +gpg: Signature made Fri 17 Nov 2023 12:50:49 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f5377b3bd5 9d808b0347 +Author: tlaurion +Date: Fri Nov 17 12:50:49 2023 -0500 + + Merge pull request #1530 from tlaurion/talos-2_fix-regressions + + Talos-2: bring changes to a working state outside of usage of GPG key material backup as of now + +commit 9d808b0347d76183f0b147a39750b869212a172f +gpg: Signature made Fri 17 Nov 2023 10:26:11 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 16 16:36:16 2023 -0500 + + Talos-2: bring changes to a working state outside of usage of GPG key material backup as of now + + - Closes https://github.com/linuxboot/heads/pull/1452 + - coreboot: Take Talos II 0.7 release coreboot config file that was inside of cbfs and use it as a base upstream. + - linux: Readd sysctl and proc requirements for cbmem to work. + + TODO: fix gpg2 module so that the following doesn't happen (a ppc64 thing. Can't figure out why): + + ``` + Adding generated key to current firmware and re-flashing... + + Board talos-2 detected, continuing... + 37281653053696daf2e40a8efe9451b557d9d6ab586830dc85f814bf2e03a05f /tmp/talos-2.rom + Initializing Flash Programmer + Reading old flash contents. Please wait... + Flashing: [##################################################\] (100%) + Verifying flash contents. Please wait... + The flash contents were verified and the image was flashed correctly. + + Signing boot files and generating checksums... + + 180726119: 000E452213510000005A + gpg: error running '//bin/dirmngr': probably not installed + gpg: failed to start dirmngr '//bin/dirmngr': Configuration error + gpg: can't connect to the dirmngr: Configuration error + gpg: no default secret key: No dirmngr + gpg: signing failed: No dirmngr + ``` + dirmngr is deactivated per configure statement --disable-dirmngr, and works as expected on x86 + + Signed-off-by: Thierry Laurion + +commit f5377b3bd5f70321e0efdf26b34fc4edd7c3ac7b +gpg: Signature made Fri 17 Nov 2023 10:21:44 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 133da0e48e 6873df60c1 +Author: JonathonHall-Purism <109107914+JonathonHall-Purism@users.noreply.github.com> +Date: Fri Nov 17 10:21:44 2023 -0500 + + Merge pull request #1526 from JonathonHall-Purism/zip_updates + + flash-gui.sh: Extend NPF archive format to ZIP, improve workflow + +commit 6873df60c1c965ac812a49d9d245f338d8a3b128 +gpg: Signature made Thu 16 Nov 2023 08:59:07 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Nov 16 08:58:38 2023 -0500 + + Remove CONFIG_BRAND_UPDATE_PKG_EXT, use zip everywhere + + Nitrokey is going to switch from npf to zip per discussion. Remove + this config. + + Signed-off-by: Jonathon Hall + +commit 56d38e112c6d4077ef2bac23a4b17b7549344462 +gpg: Signature made Thu 16 Nov 2023 08:44:39 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Thierry Laurion +Date: Wed Nov 15 10:00:37 2023 -0500 + + Talos-2 fixes to comply with hashing file standard. Bypass flash-gui.sh prompt when talos-2 ato validate hashes against hashes provided under tgz through flash.sh validation (still offer zip and tgz, which tgz might change to zip later but only tgz offered through builds) + + Attempt to address https://github.com/linuxboot/heads/pull/1526#issuecomment-1811185197 + + Signed-off-by: Thierry Laurion + +commit 6ef5298d20b824e5178ca6b9401c4936394c5a97 +gpg: Signature made Tue 14 Nov 2023 04:50:17 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Nov 14 14:44:36 2023 -0500 + + Makefile: Don't build ZIP update package for talos-2 + + talos-2 builds its own tgz update package that is not currently + integrated with the zip method. While the zip method right now would + theoretically if the tgz was inside it, this would have to be hooked + up for talos-2 specifically. + + Signed-off-by: Jonathon Hall + +commit 51e2d789b4040c40fc1b27fecc78965672320aff +gpg: Signature made Tue 14 Nov 2023 01:26:52 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Nov 14 13:26:18 2023 -0500 + + Makefile: Only add update package to all if it's actually built + + Only add the update package to all if it is actually being built, fixes + default target with CONFIG_LEGACY_FLASH=y. + + Signed-off-by: Jonathon Hall + +commit bb7294476d7d62e6a2d8c2f2e4b05aee2048fc99 +gpg: Signature made Tue 14 Nov 2023 12:16:37 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Nov 14 12:14:18 2023 -0500 + + Makefile: Don't generate update package for legacy flash boards + + The only purpose of legacy flash boards is to be flashed over vendor + firmware using an exploit, to then flash non-maximized Heads firmware. + + They are never upgraded to another legacy flash build, and they move + the coreboot ROM from the build directory, so don't build an update + package for those boards. + + Signed-off-by: Jonathon Hall + +commit 6ca1d670f4f173098c6ea745e28d41c1e077e45b +gpg: Signature made Tue 14 Nov 2023 08:21:25 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Nov 14 08:21:13 2023 -0500 + + CircleCI: Install 'zip' dependency + + Signed-off-by: Jonathon Hall + +commit 7b2b95cb94c2de6e69845b0210e31e914cfb5599 +gpg: Signature made Mon 13 Nov 2023 05:19:00 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Nov 13 17:17:07 2023 -0500 + + flash-gui.sh: Show .rom or .tgz in UI, not both + + talos-2 (only) uses .tgz instead of .rom for updates. Currently, both + are treated as alternatives to a ZIP-format update archive with + SHA-256 integrity check, extend that to the prompts to reduce clutter. + + Reflow the "You will need ... your BIOS image" prompt to fit on + fbwhiptail. + + The .tgz format could be better integrated with the ZIP updates, but + this needs more work specific to talos-2. + + Signed-off-by: Jonathon Hall + +commit 5bd50652a09ee7129f130318016a59397c76ee07 +gpg: Signature made Mon 13 Nov 2023 04:54:27 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Nov 13 16:42:05 2023 -0500 + + flash-gui.sh: Extend NPF archive format to ZIP, improve workflow + + Allow configuring the ZIP-format update file extension with + CONFIG_BRAND_UPDATE_PKG_EXT in board config. Default is 'zip'. + + Create update package in the default Makefile target. Delete + create_npf.sh. + + Do not require /tmp/verified_rom in the update file package's + sha256sum.txt (but allow it for backward compatibility). + + Show the integrity error if unzip fails instead of dying (which returns + to main menu with no explanation, error is left on recovery console). + This is the most likely way corruption would be detected as ZIP has + CRCs. The sha256sum is still present for more robust detection. + + Don't require the ROM to be the first file in sha256sum.txt since it + raises complexity of adding more files to the update archive in the + future. Instead require that the package contains exactly one file + matching '*.rom'. + + Restore confirmation prompt for the update-package flow, at some point + this was lost. + + Signed-off-by: Jonathon Hall + +commit 133da0e48e2996674f60f186c520cfad0d4848d0 +gpg: Signature made Mon 13 Nov 2023 04:05:26 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: bd0ebc4975 97d903f22a +Author: tlaurion +Date: Mon Nov 13 16:05:26 2023 -0500 + + Merge pull request #1515 from tlaurion/inmemory_keygen-gpg_backup_usable_for_RSA_only-copy_to_card_working_for_RSA_only-gpg_auth_for_recovery_and_sub_boot + + GPG User Authentication: In-memory gpg keygen + keytocard and GPG key material backup enabling (plus a lot of code cleanup and UX improvements) + +commit 97d903f22a7ab1b4abb3eca09dbf7db165cb065b +gpg: Signature made Mon 13 Nov 2023 02:53:07 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Nov 13 14:52:09 2023 -0500 + + oem-factory-reset: Don't repeat "insert flash drive" message + + Don't repeat this message if the user says "no" to the confirmation + prompt. Go directly to the menu. + + Signed-off-by: Jonathon Hall + +commit d39fc26dd95ae4b7a82376ede49e9a2612cafa36 +gpg: Signature made Mon 13 Nov 2023 02:39:33 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Nov 13 14:37:19 2023 -0500 + + oem-factory-reset: Move format confirmation before resetting anything + + Move confirmation of formatting flash drive with LUKS percentage + selection before any reset actions have been taken, so aborting does + not result in a half-reset system. Combine with the more basic + "confirm" prompt that existed after selecting the device (but did not + include the LUKS size information). + + Split up prepare_flash_drive into interactive_prepare_flash_drive (both + prompts and formats as before), confirm_thumb_drive_format (just + confirms the selections), and prepare_thumb_drive (now noninteractive). + + Signed-off-by: Jonathon Hall + +commit a925219efb526188780ecba8d3fc8c8961405816 +gpg: Signature made Mon 13 Nov 2023 01:59:20 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Nov 13 13:54:37 2023 -0500 + + oem-factory-reset: Improve prompt flow formatting flash drive + + Combine prompt to disconnect other devices with prompt to connect the + desired device. + + Show block device sizes in MB/GB when selecting device so it is easier + to select. file_selector now supports --show-size to include block + device sizes in menu. + + Rework file_selector so menu options can contain spaces (use bash + array) and to simplify logic. + + Prompt to select flash drive and LUKS percentage in OEM reset before + actually taking any actions, so aborting doesn't half-reset the system. + + Abort OEM reset if user aborts the flash drive selection instead of + looping forever. (Canceling the confirmation still loops to retry but + it is possible to exit by aborting the repeated menu.) + + Signed-off-by: Jonathon Hall + +commit e924a8afcac004d5e9f4dc882ace7093c2b75b2e +gpg: Signature made Thu 09 Nov 2023 05:05:03 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 9 17:01:35 2023 -0500 + + oem-factory-reset : Prompt user for any connected block device, give storage size and loop until none is connected to exit loop. + Warn user if connected usb block device is less then 128mb, since creating LUKS container of less then 8mb might cause issues. + + Signed-off-by: Thierry Laurion + +commit 23c967f26d6ff7e3d850458b0fa7305e06970780 +gpg: Signature made Thu 09 Nov 2023 01:58:39 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 9 13:57:07 2023 -0500 + + nv41/ns50/librem linux: Add EXFAT fs support (mandatory). + config/linux-librem_common-6.1.8.config: passed to oldconfig format through 'make BOARD=librem_14 linux.modify_and_save_oldconfig_in_place' + + Signed-off-by: Thierry Laurion + +commit 37872937f022a4c17d4865f087e23426d7bbf9e4 +gpg: Signature made Tue 07 Nov 2023 02:34:55 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Nov 7 13:20:31 2023 -0500 + + oem-factory-reset: unify booleen y/n variable usage and double check logic. Also move USB Security dongle capability detection under code already checking for USB Security Dongle's smartcard presence. + + Signed-off-by: Thierry Laurion + +commit 160367d065167ed2c296fde54f7201fa7356c951 +gpg: Signature made Mon 06 Nov 2023 04:05:08 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 6 16:05:08 2023 -0500 + + oem-factory-reset: normal output to inform user of consequences of generating keys on smartcard without backup, not a wanring anymore + + Signed-off-by: Thierry Laurion + +commit 659de631804794476962d627da3039bfdf854b0a +gpg: Signature made Mon 06 Nov 2023 04:02:39 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 6 16:02:19 2023 -0500 + + oem-factory-reset: fix typo : Same a GPG Admin PIN + + Signed-off-by: Thierry Laurion + +commit 388ee5198b47678febd7ea94b765dc82e68a16c8 +gpg: Signature made Mon 06 Nov 2023 03:53:17 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 6 15:53:17 2023 -0500 + + All TPM Extend additional context passed from console echo output to DEBUG. Put back console output as of master. TODO: decide what we do with tpmr extend output for the future. Hint: forward sealing of next flashed firmware measurements. + + Signed-off-by: Thierry Laurion + +commit fd6a947cb35ff970b6d04230e31e4e597add289f +gpg: Signature made Mon 06 Nov 2023 03:20:29 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Jonathon Hall +Date: Mon Nov 6 10:31:50 2023 -0500 + + tpmr: Move last TPM owner password prompt/shred into tpmr + + Prompt for TPM owner password internally within tpm2_counter_create. + Add tpm1_counter_create to prompt for password internally. Wipe the + cache in either if the operation fails, in case the password was + incorrect. + + Signed-off-by: Jonathon Hall + +commit 9e0491e9dbd68ffdd6d15aa398addd16738fcfd9 +gpg: Signature made Mon 06 Nov 2023 11:27:53 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 6 10:34:28 2023 -0500 + + oem-factory-reset/librem boards: remove CONFIG_OEMRESET_OFFER_DEFAULTS=y and checks for it; the default of oem-factory-reset is now to propose user to use defaults first for simplicity of most common use case without allianating advanced users which can simply not accept the default and answer questionnaire + + Signed-off-by: Thierry Laurion + +commit 00421638617a75b8f45d15296a14ca1db9275de1 +gpg: Signature made Mon 06 Nov 2023 10:32:02 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 6 10:07:50 2023 -0500 + + kexec-seal-key: remove non-needed shred of file cached /tmp/secret/tpm_owner_password (done when sealing fails under tpmr) + + - document why shred is still called under functions:check_tpm_counter for safety and add TODO there + + Signed-off-by: Thierry Laurion + +commit 923b4e1fe9e6754e40be35274f79d88d9aac3e2a +gpg: Signature made Mon 06 Nov 2023 10:06:19 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 6 10:06:19 2023 -0500 + + ash_functions:confirm_gpg_card: loop gpg_admin_pin prompt until non-empty + + Signed-off-by: Thierry Laurion + +commit 8d7efa021d9c1796c0ee697763138fc77a379b01 +gpg: Signature made Mon 06 Nov 2023 10:04:51 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 6 10:04:51 2023 -0500 + + media-scan: die if gpg_auth fails (should loop and never exit anyway) + + Signed-off-by: Thierry Laurion + +commit bfc877c49c2a2521aff1d1c507f11350805159e0 +gpg: Signature made Mon 06 Nov 2023 10:03:14 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 6 10:03:14 2023 -0500 + + kexec-select-boot/kexec-insert-key: add info message explaining why PCR 4 is extended + + Signed-off-by: Thierry Laurion + +commit 504f0336ac46e0a6d20440d5805d07604d22f7aa +gpg: Signature made Fri 03 Nov 2023 04:41:36 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 16:40:06 2023 -0400 + + init: add early boot 'o' option to jump directly to oem-factory-reset for OEM provisioning of secret prior of shipping products, once OS is installed and after MRC training happened on first boot. + + Signed-off-by: Thierry Laurion + +commit eee913d8d2957c6c51eeeab160f0a52653c14367 +gpg: Signature made Fri 03 Nov 2023 04:41:33 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 16:38:41 2023 -0400 + + oem-factory-reset: add rudimentary mount_boot function so that oem-factory-reset can be called early at boot without /boot previously mounted. Also fix logic so that GPG User PIN is showed as configured when keytocard or smartcard only is configured. + + Signed-off-by: Thierry Laurion + +commit c064b78ef658418d190e041bac33a6f90da84f43 +gpg: Signature made Fri 03 Nov 2023 04:41:30 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 16:36:19 2023 -0400 + + gui-init: fix TRACE: clean_check_boot stating mount_boot instead of clean_boot_check + + Signed-off-by: Thierry Laurion + +commit 4e10740453c06c43dce8ec765a354c3ac0c876ed +gpg: Signature made Fri 03 Nov 2023 04:41:27 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 14:34:40 2023 -0400 + + oem-factory-reset/ash_functions/luks-functions: replace provisioning with configuring keywords. Tweak oem-factory-reset flow and questionnaire. Now first prompt is to ask if user wants to go advanced or use defaults. + + Signed-off-by: Thierry Laurion + +commit cd3ce6999c07ad1c32e20c9c9bcd16da3ed0b0cc +gpg: Signature made Fri 03 Nov 2023 01:53:47 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 13:53:47 2023 -0400 + + tpmr/kexec-seal-key/functions: end refactoring of tpmr being in carge of wiping /tmp/secret/tpm_owner_password if invalid + + Signed-off-by: Thierry Laurion + +commit afb817ca4884e56286a086ca7c88d3fc35349716 +gpg: Signature made Fri 03 Nov 2023 11:07:36 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 11:07:36 2023 -0400 + + tpmr: give users better error/DEBUG messages in regard of TPM errors + + Signed-off-by: Thierry Laurion + +commit 84374dfbcdfbbef3f5038a5b2b1bcd134effcaa5 +gpg: Signature made Fri 03 Nov 2023 10:54:16 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 10:54:16 2023 -0400 + + kexec-seal-key/seal-totp/tpmr/functions: move wiping of tpm_owner_password to tpmr calls directly + + Signed-off-by: Thierry Laurion + +commit e2985d386ef588b9a5fefbdb30bd4422052a3a69 +gpg: Signature made Fri 03 Nov 2023 10:15:59 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 10:15:37 2023 -0400 + + seal-totp/tpmr: differenciate die messages to show which between tpm1_seal/tpm2_seal or check_tpm_counter fails to seal as first step to possible refactor + + Signed-off-by: Thierry Laurion + +commit 51caab8ea4d766955f29e4b6069e0c97d3f13b47 +gpg: Signature made Fri 03 Nov 2023 10:10:05 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 10:10:05 2023 -0400 + + functions: check_tpm_counter; add shred call to wipe tpm_owner_password if creating counter fails with cached tpm owner password so prompt_tpm_owner_password asks for it again on next run + + Signed-off-by: Thierry Laurion + +commit 9523b4fee22f936f940198fee25ab67af401e180 +gpg: Signature made Fri 03 Nov 2023 09:31:44 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 3 09:31:44 2023 -0400 + + unseal-totp: fix indentation + + Signed-off-by: Thierry Laurion + +commit 6d7f9be41439097aad14d1adbd146ef888f23962 +gpg: Signature made Thu 02 Nov 2023 02:17:52 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 2 14:17:38 2023 -0400 + + TPM2: add DEBUG and fix path for TPM2 primary key handle hash. + + Signed-off-by: Thierry Laurion + +commit 19c5d16e4038fb8b5687d00d7a179ac712aa7728 +gpg: Signature made Thu 02 Nov 2023 12:58:19 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 2 12:58:19 2023 -0400 + + functions: guide user torward resetting TPM more directly if counter_increment fails. + + Signed-off-by: Thierry Laurion + +commit 644a59ab602e65b75a226167eab6b289246cee1a +gpg: Signature made Thu 02 Nov 2023 12:55:05 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 2 12:49:13 2023 -0400 + + oem-factory-reset: simplify first question for users to have a GPG key material backup and enable GPG Authentication + + Signed-off-by: Thierry Laurion + +commit 85266452fa932cf1a49b9d1114f56d86a961bb94 +gpg: Signature made Thu 02 Nov 2023 12:54:41 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 2 12:08:52 2023 -0400 + + oem-factory-reset ash_functions: fix USB Security Dongle' smartcard -> USB Security Dongle's smartcard + + Signed-off-by: Thierry Laurion + +commit 48c446cd7d85c7e4f87c20acd42e67ccf6286788 +gpg: Signature made Thu 02 Nov 2023 11:45:05 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 2 11:38:50 2023 -0400 + + functions: prompt_tpm_owner_password only reuses /tmp/secret/tpm_owner_password if already created by seal functions or itself. Sealing ops not being able to reuse the file shred it (kexec-seal-key and seal-totp) + + Signed-off-by: Thierry Laurion + +commit 921acd0f6f60b0cb217555976b079071cfc5b1ac +gpg: Signature made Thu 02 Nov 2023 11:45:02 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 2 11:30:59 2023 -0400 + + tpmr: move TPM2 related secrets artifacts to /tmp/secret to be autowiped when recovery shell is accessed. If you want to see those, use qemu and have main console launching qemu under recovery shell prior of doing ops you want to see /tmp/secret/ artifacts before being deleted. We still have pcap under /tmp which is as expected + + Signed-off-by: Thierry Laurion + +commit af3287c00141b9bf53fb478ceff3ccd1e6cee3c4 +gpg: Signature made Wed 01 Nov 2023 03:07:36 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 1 15:07:02 2023 -0400 + + luks_functions: fix width of whiptail messages with newlines so its not cut in the middle + + Signed-off-by: Thierry Laurion + +commit 2942d660dec087f25c55fc6f5ff1c07027de3e62 +gpg: Signature made Wed 01 Nov 2023 02:27:22 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 1 14:10:42 2023 -0400 + + oem-factory-reset: prmompt only for GPG User PIN when needed, warn users when no backup/when having only in-memory keygen backup without smartcard. + + Signed-off-by: Thierry Laurion + +commit c2c32c425b239fb15a39a7921490271883676304 +gpg: Signature made Wed 01 Nov 2023 02:27:19 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 1 13:15:44 2023 -0400 + + ash_functions: have gpg_auth calls to confirm_gpg_card in subshell loop to force successful authentication + + Signed-off-by: Thierry Laurion + +commit bd0ebc4975c981d44a81de58b6fc0262d54b9cd9 +gpg: Signature made Wed 01 Nov 2023 10:48:34 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Wed Nov 1 10:48:34 2023 -0400 + + Create FUNDING.yml + + Refer tlaurion for github sponsor and Insurgo for Insurgo Initiative at OpenCollective + +commit f5dc5ef5cd0026c45772ac7d8beffc7793d49e1b +gpg: Signature made Wed 01 Nov 2023 10:08:35 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 1 10:01:00 2023 -0400 + + qemu boards: Put back DEBUG and TRACE on + + Signed-off-by: Thierry Laurion + +commit 584c964064dc7bfb77fa9f8e0b48a480bc91aac4 +gpg: Signature made Wed 01 Nov 2023 10:08:32 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 31 16:32:12 2023 -0400 + + oem-factory-reset: now permits to generate in-memory key, backuped to encrypted disk without copy to card from questionnaire. Can be tested out of the box on Qemu without modification from end of wizard's reboot call, prompting for gpg_auth when in debug mode. + + Signed-off-by: Thierry Laurion + +commit 2aa9cfafb5d71c649c68f3acb3b1e4c605e7e382 +gpg: Signature made Wed 01 Nov 2023 10:08:29 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 31 13:05:36 2023 -0400 + + luks-functions: cleanup code of luks containers reported + + Signed-off-by: Thierry Laurion + +commit 4d72eb3120404df939a2fba65d9daeebfa011a20 +gpg: Signature made Wed 01 Nov 2023 10:08:26 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 31 11:45:06 2023 -0400 + + oem-factory-reset: typo correction past tense + + Signed-off-by: Thierry Laurion + +commit 2a04fb565097a234f526cb1d24a3ec11cb6f78e7 +gpg: Signature made Wed 01 Nov 2023 10:08:22 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 31 11:42:57 2023 -0400 + + oem-factory-reset: RSA default should be 3072, not 3076. squash + + Signed-off-by: Thierry Laurion + +commit a3086e9a1c6d98667417f90640e771d955eede90 +gpg: Signature made Wed 01 Nov 2023 10:08:19 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 30 14:01:37 2023 -0400 + + Remove TODO in code that were not relevant prior of first review + + Signed-off-by: Thierry Laurion + +commit ad1bff6b230eb2992483cc85856412a0470d63b4 +gpg: Signature made Wed 01 Nov 2023 10:08:16 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 30 13:57:02 2023 -0400 + + oem-factory-reset: make initial questionnaire more concise + + Signed-off-by: Thierry Laurion + +commit 38fc09797675bdadc5e9fee52c76bd827e99c149 +gpg: Signature made Wed 01 Nov 2023 10:08:13 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 30 13:19:27 2023 -0400 + + Squash: revert testing changes for RSA and unify once more USB Security dongle's usage + + Signed-off-by: Thierry Laurion + +commit 867fb8d023895e22150c170a1fc62d8eb2d879d3 +gpg: Signature made Wed 01 Nov 2023 10:08:09 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 30 12:56:27 2023 -0400 + + RSA keygen adaptation testing with rsa 2048 in memory keygen and key to card missing pieces + + Signed-off-by: Thierry Laurion + +commit e6eeb571b06f4aadceb776104f3da612ac21ef39 +gpg: Signature made Wed 01 Nov 2023 10:08:06 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 30 12:31:31 2023 -0400 + + oem-factory-reset: simplify provisioned secret output at end of wizard, including GPG key material output passphrase (uses strings+=string) + + Signed-off-by: Thierry Laurion + +commit c3a5359a85835f870025c89565b45d38295a8a1d +gpg: Signature made Wed 01 Nov 2023 10:08:03 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 30 11:43:44 2023 -0400 + + Squash: remove DEBUG that were TODO for removal + + Signed-off-by: Thierry Laurion + +commit 8a8634f6a3abb999b63f1e5754cee913c83b3ad9 +gpg: Signature made Wed 01 Nov 2023 10:08:00 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 30 11:37:31 2023 -0400 + + oem-factory-reset seal-hotpkey: unify prompts and vocabulary + + oem-factory-reset: bugfix, keytocard inverts prompts. First is keyring then smartcard. + Signed-off-by: Thierry Laurion + +commit 7cd44b6dc4e56e0732569975d02c51f712848866 +gpg: Signature made Wed 01 Nov 2023 10:07:56 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Oct 27 11:18:20 2023 -0400 + + oem-factory-reset: further cleaning of code for proper validation and consistency checks for passphrases. Also skip flashing code on qemu boards with short explanation + + Signed-off-by: Thierry Laurion + +commit 9c3fb353585bab66729894b762a2cc4aaab1dd69 +gpg: Signature made Wed 01 Nov 2023 10:07:53 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Oct 27 11:15:48 2023 -0400 + + initrd/bin/reboot: BugFix in nv41/ns50 condition check to call nitropad-shutdown.sh (otherwise output error on console for improper condition in ash + + Signed-off-by: Thierry Laurion + +commit 7f5d9700b7c99b464156ed2e080fbf9a063e8e82 +gpg: Signature made Wed 01 Nov 2023 10:07:50 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Oct 26 16:52:38 2023 -0400 + + gpg_auth function was not failing properly on failing, die instead + + Signed-off-by: Thierry Laurion + +commit 05fc4c1747e190c59d4a514f0bf039419453f058 +gpg: Signature made Wed 01 Nov 2023 10:07:47 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Oct 26 16:51:58 2023 -0400 + + PCR extend ops inform users on what happens, otherwise we tpm commands output on screen without context + + Signed-off-by: Thierry Laurion + +commit 9e838ad615209441985b1de1c07048456d926acc +gpg: Signature made Wed 01 Nov 2023 10:07:43 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Oct 26 16:50:10 2023 -0400 + + oem-factory-reset: make passphrases variables able to contain strings and validate things more solidly + + Signed-off-by: Thierry Laurion + +commit 56b602974bb36d87360b2c77de62b4ed13a57fde +gpg: Signature made Wed 01 Nov 2023 10:07:40 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Oct 25 17:01:01 2023 -0400 + + WiP: NK3 with p256 ECC algo supported for in-memory keygen and key-to-card op. With this commit, one can provision NK3 with thumb drive backup which enables authenticated recovery shell and USB boot. + + Signed-off-by: Thierry Laurion + +commit 2b21623bc6794309a509e58d590ceec413a35e55 +gpg: Signature made Wed 01 Nov 2023 10:07:37 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 24 13:16:16 2023 -0400 + + qemu doc: add modify list/mount instructions to use losetup to map partitions to loop0pX and mount them to get public key + + Signed-off-by: Thierry Laurion + +commit b2cb9b49974086e600b44ef166a3b30cec2f8873 +gpg: Signature made Wed 01 Nov 2023 10:07:34 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 24 13:14:39 2023 -0400 + + .ash_history: add history command for manual detached signed integrity validation + + Signed-off-by: Thierry Laurion + +commit cf065eeba2c2cf0dd97ebe5ace7001ebc80fa073 +gpg: Signature made Wed 01 Nov 2023 10:07:30 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 24 13:13:47 2023 -0400 + + bin/reboot: fix parameter order so that we pause when in DEBUG before rebooting + + Signed-off-by: Thierry Laurion + +commit 27c457f04b566891bd8468d929e1dafd04585ba6 +gpg: Signature made Wed 01 Nov 2023 10:07:27 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 24 11:19:49 2023 -0400 + + TPM2 DUK and TOTP/HOTP reseal fix, refactoring and ifferenciating tpm_password into tpm_owner_password and reusing correctly + i + TODO: fix all TODO in PR prior of review + squash + + Signed-off-by: Thierry Laurion + +commit 729f2b17b822097a1a87fed034347cb21d68d65a +gpg: Signature made Wed 01 Nov 2023 10:07:24 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 23 17:23:38 2023 -0400 + + WiP to be squashed: we need to refactor prompt_tpm_password which is used both for TPM Owner Password prompt and caching reused for TPM disk unlock key passphrase which of course fails + + Signed-off-by: Thierry Laurion + +commit 15f1d0b77acf253d26ddcd5b028d86d4e99a60b0 +gpg: Signature made Wed 01 Nov 2023 10:07:21 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 23 15:57:12 2023 -0400 + + To Squash: changes to reboot were not ash compliant + + Signed-off-by: Thierry Laurion + +commit 3fb84f0b425d75ff05b78c810b07aee111ac458c +gpg: Signature made Wed 01 Nov 2023 10:07:17 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 23 15:18:28 2023 -0400 + + WiP: Clean cached /tmp/secret/tpm_password when sealing fails, otherwise reuse it on TPM Reset/TOTP+HOTP Sealing once for TPM1/TPM2+TPM Disk Unlock Key + gui-init: make sure that reseal_tpm_disk_decryption_key happens only on successful TOTP/HOTP sealing, reusing cached TPM Owner password + + Signed-off-by: Thierry Laurion + +commit 911eb07565f5fefa5c8aa3b038a9c22833a46240 +gpg: Signature made Wed 01 Nov 2023 10:07:14 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 23 13:13:39 2023 -0400 + + TPM1/TPM2: unify wording for TPM Owner Password and cache it externally to /tmp/secret/tpm_password to be reused in a boot session until recovery shell access or reboot + + TODO: Why two functions prompt_tpm_password and prompt_new_owner_password + Signed-off-by: Thierry Laurion + +commit 754e3c916514b2ce13d7a61c4975448b97307b99 +gpg: Signature made Wed 01 Nov 2023 10:07:11 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 23 13:11:49 2023 -0400 + + bin/reboot: intercept reboot call when in DEBUG mode to type 'r' to go to recovery shell instead of rebooting + + Signed-off-by: Thierry Laurion + +commit 2ea62ff17e2b989fca4cb1fc215de9da8c02823d +gpg: Signature made Wed 01 Nov 2023 10:07:08 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 23 12:06:27 2023 -0400 + + /etc/functions: add missing TRACE traces to get where TPM passphrase should be written to file and reused since not all in same functions/files for TPM2 + + Signed-off-by: Thierry Laurion + +commit 2ae94405adb989f85bad447496366aa97fa7231d +gpg: Signature made Wed 01 Nov 2023 10:07:04 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 23 11:54:14 2023 -0400 + + WiP: add export CONFIG_HAVE_GPG_KEY_BACKUP=y so whiptail-tpm2 can be used with GPG key material thumb drive backup + + Signed-off-by: Thierry Laurion + +commit 88d00dfcb29135887fce558fdb798292851b4a8a +gpg: Signature made Wed 01 Nov 2023 10:07:01 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Oct 23 11:52:44 2023 -0400 + + scripts: unify luks in text/prompts/messages to LUKS + + Signed-off-by: Thierry Laurion + +commit 2697a6ad1f887e2d86804b99db473217132a15e6 +gpg: Signature made Wed 01 Nov 2023 10:06:58 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Oct 20 16:39:23 2023 -0400 + + WiP: further removal of unecessary debug messages + + Signed-off-by: Thierry Laurion + +commit 1f28c7144756f4a6a8c2b4ac830939306b16157d +gpg: Signature made Wed 01 Nov 2023 10:06:55 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Oct 20 16:20:17 2023 -0400 + + WiP: adapt dmesg in function of CONFIG_DEBUG_OUTPUT being enabled or not so and adapt further troubleshooting notes in code when keys cannot be accessed on media for whatever cause so user can understand what is happening when accessing GPG material on backup thumb drive + + Signed-off-by: Thierry Laurion + +commit eceb97aa4de5f4a1277bc5c659b5802063ce9a51 +gpg: Signature made Wed 01 Nov 2023 10:06:51 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Oct 20 14:12:16 2023 -0400 + + WiP: provide proper info/warn/die messages explaining causes of errors linked to detach signing errors + + Signed-off-by: Thierry Laurion + +commit 2c55338be5caf94c290d714c9f1e3fbd141886ae +gpg: Signature made Wed 01 Nov 2023 10:06:48 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Oct 19 15:42:27 2023 -0400 + + Wip: now supports both backup and copy to card and gpg_auth when backup exists. Might want to discuss that implementation. Some functions needed to be moved from functions to ash_functions so that gpg_auth can be called from recovery function. That might need to be discussed as well, recovery could be moved from ash_functions to functions instead. + + Signed-off-by: Thierry Laurion + +commit b1e5c638cdd824718415b211b22caaf5fbe8ab3a +gpg: Signature made Wed 01 Nov 2023 10:06:45 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Oct 18 13:15:48 2023 -0400 + + WiP + + Signed-off-by: Thierry Laurion + +commit bcd269318ffbe85cae9c9831b8c287feaef59aaa +gpg: Signature made Tue 31 Oct 2023 04:48:27 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f540f2a335 c0cf446034 +Author: tlaurion +Date: Tue Oct 31 16:48:27 2023 -0400 + + Merge pull request #1514 from tlaurion/confirm_rom_hash_before_flashing + + bin/flash-gui.sh & initrd/bin/flash.sh: Show SHA256SUM for manual verification prior of flashing + +commit c0cf446034edf89bba749b87c8c1b844ba02d226 +gpg: Signature made Tue 31 Oct 2023 09:47:48 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 31 09:38:44 2023 -0400 + + flash-gui.sh: add proper checks and cleanup in case of npf rom archive + +commit eb1032a55de97779b48d1a68014a1e60718ae812 +gpg: Signature made Tue 31 Oct 2023 09:34:30 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 31 09:25:47 2023 -0400 + + flash-gui.sh: Add SHA256SUM and rom name in non npf rom prompt for manual hash verification + +commit f540f2a3358059c9a3103b57c9c690140e3833d9 +gpg: Signature made Mon 30 Oct 2023 03:41:14 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1733552fe7 2e8239c5e7 +Author: tlaurion +Date: Mon Oct 30 15:41:14 2023 -0400 + + Merge pull request #1430 from gaspar-ilom/w541-support + + Support Thinkpad W541 + +commit 1733552fe76244ff63d3d7678d04c40e780ef757 +gpg: Signature made Mon 30 Oct 2023 03:38:02 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e1d972be37 c859c28b88 +Author: tlaurion +Date: Mon Oct 30 15:38:02 2023 -0400 + + Merge pull request #1505 from JonathonHall-Purism/upstream_28.1_librem_11 + + Add support for Librem 11 + +commit 2e8239c5e725f4d15bf191b4a71e8ba22b43e014 +Author: gaspar-ilom +Date: Tue Jul 4 22:53:52 2023 +0200 + + add configuration for w541 + + closes #1389 + +commit e1d972be3753f129b8063af045e2c251e0dfdd12 +gpg: Signature made Sat 21 Oct 2023 02:39:08 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9e55e08ac0 139f77113c +Author: tlaurion +Date: Sat Oct 21 14:39:08 2023 -0400 + + Merge pull request #1517 from tlaurion/pass_debug_call_output_to_kmsg_one_line_at_a_time + + BugFix: Pass debug call output to kmsg one line at a time + +commit 139f77113cec007036b7ec3361a56fbc97ad86c1 +gpg: Signature made Sat 21 Oct 2023 02:37:31 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Oct 21 14:30:23 2023 -0400 + + ash_functions: make DEBUG call pass multiline messages one at a time to /tmp/debug.log and kmsg + +commit 9e55e08ac01228e6b17e02bbd4286c43f53636fa +gpg: Signature made Wed 18 Oct 2023 02:11:54 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5002198bb1 576e2a8fff +Author: tlaurion +Date: Wed Oct 18 14:11:54 2023 -0400 + + Merge pull request #1512 from tlaurion/update_qubes_release_signing_keys + + qubes release signing keys: move qubes-4.key to qubes-4.1.key, add qubes-4.2.key + +commit 576e2a8fff61c1d4e0d619be395e79cab28116b3 +gpg: Signature made Wed 18 Oct 2023 01:37:22 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Oct 18 13:37:22 2023 -0400 + + qubes release signing keys: move qubes-4.key to qubes-4.1.key, add qubes-4.2.key + +commit 5002198bb104bc97c5b3a34d2e13c36e18f88233 +gpg: Signature made Tue 17 Oct 2023 05:56:52 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f78786705e 44fa663d60 +Author: tlaurion +Date: Tue Oct 17 17:56:52 2023 -0400 + + Merge pull request #1510 from tlaurion/debian-11_dependencies_fix_for_openssl_module_build + + CircleCI: fix debian-11 packages dependencies (#1507) + +commit f78786705e17d8705e851b41cd4f8ccd35d4bfc8 +gpg: Signature made Tue 17 Oct 2023 01:30:48 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: bd2a8eb96e 498a78af57 +Author: tlaurion +Date: Tue Oct 17 13:30:47 2023 -0400 + + Merge pull request #1509 from tlaurion/whiptail_respect_lowercase_uppercase_choices + + newt(whiptail): fix code that was doing toupper of input + +commit 44fa663d60f746cbee9458d3bc1bf1c7c5c2be06 +gpg: Signature made Tue 17 Oct 2023 09:40:57 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 17 09:40:57 2023 -0400 + + CircleCI: fix debian-11 packages dependencies (#1507) + +commit c859c28b88b7bc197c16b473a92bf45ece09bcd5 +gpg: Signature made Thu 12 Oct 2023 01:35:33 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Oct 12 13:35:26 2023 -0400 + + blobs/librem_jail/README: Fix spelling + + Signed-off-by: Jonathon Hall + +commit e6272b70fb0825693456d1c73be6bb24da715e37 +gpg: Signature made Thu 12 Oct 2023 01:26:46 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Oct 12 13:24:49 2023 -0400 + + initrd/.ash_history: Add comments after reboot/poweroff + + Add comments after reboot/poweroff to clarify what they do. These + commands are here partly for discoverability by users who might not + know what to do in a recovery shell, so clarifying their purpose helps + those users figure out what to do. + + Signed-off-by: Jonathon Hall + +commit 498a78af57cf6a6d52b2ad52435e44dbd4f86c16 +gpg: Signature made Wed 11 Oct 2023 03:47:53 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Oct 11 15:47:53 2023 -0400 + + newt(whiptail): fix code that was doing toupper of input + +commit bd2a8eb96e5b3499709bf4eb4333cc172763b045 +gpg: Signature made Tue 10 Oct 2023 02:23:47 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f640fb70ba 9addb3b6b0 +Author: tlaurion +Date: Tue Oct 10 14:23:47 2023 -0400 + + Merge pull request #1478 from tlaurion/stenghten_entropy_sources_with_jitter_and_TPM + + Have CRNG avail early on boot and maximize ligcrypt entropy sources/efficiency + +commit 9addb3b6b002d64eff4a875b35eb001a3dc67a87 +gpg: Signature made Tue 10 Oct 2023 12:30:41 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 10 12:30:41 2023 -0400 + + qemu board doc: add Nitrokey3NFC in md doc + +commit 65e5286b5aeeaafbdfafa68ae5e3606af6c9b848 +gpg: Signature made Tue 10 Oct 2023 12:29:45 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 10 12:28:52 2023 -0400 + + init: enable cttyhack so that init launches BOOTSCRIPT in a controlled terminal. DEBUG/TRACE now output on /dev/kmsg and console. + +commit 0416896b823ca0f2314e1d0bd89f708d34ac00eb +gpg: Signature made Tue 10 Oct 2023 12:28:15 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 10 12:28:15 2023 -0400 + + etc/ash_function's warn/die/TRACE/DEBUG now output also under /dev/kmsg when DEBUG is enabled + +commit 4ff955918fcd8a50d787603d109a4fccb2adfd88 +gpg: Signature made Tue 10 Oct 2023 12:17:22 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 10 12:14:28 2023 -0400 + + x230-maximized board configs: add DEBUG/TRACE board config in comment + + Enabling DEBUG/TRACE options from board config vs from configuration menu is different. + + When enabled in board config, /etc/config is from ROM, and sourced early and make TRACE/DEBUG calls appear early. + If added through configuration menu, those are /etc/config.user overrides extracted from CBFS and then sourced after combine_configs call + + If for whatever reason early DEBUG is needed on a platform, enabling in board config is needed. + For runtime debugging, enabling Debug output from configuration menu is enough + +commit 84899cf631614e5f82c849e10ea6b5ccbff499db +gpg: Signature made Tue 10 Oct 2023 12:08:10 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 10 12:06:18 2023 -0400 + + libgcrypt module: remove disable-asm + + As on master otherwise with --disable-asm: + + config.status: executing gcrypt-conf commands + + Libgcrypt v1.10.1 has been configured as follows: + + Platform: GNU/Linux (x86_64-pc-linux-musl) + Hardware detection module: none + Enabled cipher algorithms: arcfour blowfish cast5 des aes twofish + serpent rfc2268 seed camellia idea salsa20 + gost28147 chacha20 sm4 + Enabled digest algorithms: crc gostr3411-94 md4 md5 rmd160 sha1 + sha256 sha512 sha3 tiger whirlpool stribog + blake2 sm3 + Enabled kdf algorithms: s2k pkdf2 scrypt + Enabled pubkey algorithms: dsa elgamal rsa ecc + Random number generator: default + Try using jitter entropy: yes + Using linux capabilities: no + FIPS module version: + Try using Padlock crypto: n/a + Try using AES-NI crypto: n/a + Try using Intel SHAEXT: n/a + Try using Intel PCLMUL: n/a + Try using Intel SSE4.1: n/a + Try using DRNG (RDRAND): n/a + Try using Intel AVX: n/a + Try using Intel AVX2: n/a + Try using ARM NEON: n/a + Try using ARMv8 crypto: n/a + Try using PPC crypto: n/a + + By disabling --disable-asm in libgcrypt 1.10.1: + + config.status: executing gcrypt-conf commands + + Libgcrypt v1.10.1 has been configured as follows: + + Platform: GNU/Linux (x86_64-pc-linux-musl) + Hardware detection module: libgcrypt_la-hwf-x86 + Enabled cipher algorithms: arcfour blowfish cast5 des aes twofish + serpent rfc2268 seed camellia idea salsa20 + gost28147 chacha20 sm4 + Enabled digest algorithms: crc gostr3411-94 md4 md5 rmd160 sha1 + sha256 sha512 sha3 tiger whirlpool stribog + blake2 sm3 + Enabled kdf algorithms: s2k pkdf2 scrypt + Enabled pubkey algorithms: dsa elgamal rsa ecc + Random number generator: default + Enabled digest algorithms: crc gostr3411-94 md4 md5 rmd160 sha1 + sha256 sha512 sha3 tiger whirlpool stribog + blake2 sm3 + Enabled kdf algorithms: s2k pkdf2 scrypt + Enabled pubkey algorithms: dsa elgamal rsa ecc + Random number generator: default + Try using jitter entropy: yes + Using linux capabilities: no + FIPS module version: + Try using Padlock crypto: yes + Try using AES-NI crypto: yes + Try using Intel SHAEXT: yes + Try using Intel PCLMUL: yes + Try using Intel SSE4.1: yes + Try using DRNG (RDRAND): yes + Try using Intel AVX: yes + Try using Intel AVX2: yes + Try using ARM NEON: n/a + Try using ARMv8 crypto: n/a + Try using PPC crypto: n/a + + To support PPC crypto, it seems we will need yasm. + To support linux capabilities, libcap would be required as well later on. :/ another point for rng-tools (which also depends on libcap-ng) + +commit 0100f7b970b006ce5c28e3623ef50e279185abaa +gpg: Signature made Tue 10 Oct 2023 12:03:58 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 10 12:03:58 2023 -0400 + + linux configs: unify CONFIG_UNIX98_PTYS=y, CONFIG_HW_RANDOM_TPM=n, # CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER is not set, CONFIG_RANDOM_TRUST_CPU=y, CONFIG_PROC_SYSCTL is not set + +commit d3ec6ac11fa2b68a41fc1d572a998337054b3c66 +gpg: Signature made Tue 10 Oct 2023 11:55:24 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 10 11:55:24 2023 -0400 + + busybox: add clear reset and cttyhack to better deal with terminal mishaps + +commit 5f38c715ce06335716cc5a2a00d5a1495360aa60 +gpg: Signature made Tue 10 Oct 2023 11:53:35 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Oct 10 11:53:35 2023 -0400 + + coreboot config: unify quiet loglevel=2 for boards not defining default loglevel + +commit f640fb70bafbb4d2a91e92f0bdbe8b1620e94595 +gpg: Signature made Fri 06 Oct 2023 05:10:35 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 97bb0a82cb 2bfa1737f8 +Author: tlaurion +Date: Fri Oct 6 17:10:35 2023 -0400 + + Merge pull request #1506 from tlaurion/branding_proposition + + Branding proposition + d-wid logo/bootsplash + +commit 2bfa1737f8ef63840ff07d0722a29052ed61c124 +gpg: Signature made Fri 06 Oct 2023 05:09:24 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: d-wid <65876951+d-wid@users.noreply.github.com> +Date: Thu Sep 14 02:16:52 2023 +0200 + + Support branding under branding subdirectories + + Squash of #1502 + moving logo/bootsplash files under branding/Heads + + - Move logos and bootsplashes from blobs to branding/Heads/ + - Makefile: add support for BRAND_DIR which depends on BRAND_NAME which defaults to Heads if no branding + - Boards coreboot configs: change bootsplash directory to depend on BRAND_DIR (instead of BLOBS_DIR) in bootsplash enabled configs + - Branding/Heads/bootsplash-1024x768.jpg points to branding/Heads/d-wid-ThePlexus_coreboot-linuxboot-heads_background-plain_DonateQrCode.jpg + - xcf file deleted. Original still under #1502 to reuse for modification without recompressing (blobs/heads.xcf) + - CREDITS file created to point to original authors, remixers (Open for details) + - Thanks to: @d-wid for remixing Bing's AI generated Janus logo, @ThePlexus for Qubes Box concept and @ThrillerAtPlay for its matrix background + +commit af5eb2edf950fff056e34cdb863c9a35c7565b73 +gpg: Signature made Fri 29 Sep 2023 03:36:31 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Sep 19 10:36:37 2023 -0400 + + Blob jail: Make device firmware available during initrd + + Some device firmware, such as the graphics microcontroller, is needed + during the initrd - i915 is often loaded in the initrd, and this is the + only chance to load GuC firmware. + + Device firmware must still be available after the real root is mounted + too, so update the custom firmware path in the kernel when the firmware + is moved to /run. + + Signed-off-by: Jonathon Hall + +commit 439aba5f059f5e33a2e7860a1704000252f121f3 +gpg: Signature made Fri 29 Sep 2023 03:36:31 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Sep 14 15:36:58 2023 -0400 + + Blob jail: Add Librem 11 device firmware + + Add firmware for Librem 11 Wi-Fi, Bluetooth, and DMC. + + Signed-off-by: Jonathon Hall + +commit 55155f65588dc878c01760f4081479f22c7d47f0 +gpg: Signature made Fri 29 Sep 2023 03:36:30 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 23 12:24:22 2023 -0400 + + boards/librem_11: Add Librem 11 + + Add Librem 11 board. + + Librem 11 uses coreboot graphics init, which is done with FSP GOP. + + Set a custom keymap for the volume/power keys. Configure the volume + keys as up/down arrows (for navigation in fbwhiptail, and for shell + history in the Linux console). Configure the power key as Enter. + + Signed-off-by: Jonathon Hall + +commit 5021bec3cd47b3745d5b9b27b4aa13faa3ca765a +gpg: Signature made Fri 29 Sep 2023 03:29:19 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 23 16:08:58 2023 -0400 + + librem_11: Add loadkeys (from kbd), optionally enabled + + Allow boards to optionally include loadkeys to set a custom keymap. + showkey and dumpkeys (normally only needed for development) can also be + optionally included. + + Remove *.map from .gitignore; this was probably intended for build + artifacts that are now excluded via the build/ directory. + + Add reboot and poweroff to shell history, which is useful for devices + lacking full hardware keyboards to escape the recovery shell with just + "up" and "enter". + + Signed-off-by: Jonathon Hall + +commit be9051e322c0dd68b071ca1c4465732be8ffbbdd +gpg: Signature made Fri 29 Sep 2023 03:29:18 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Jul 6 13:46:35 2023 -0400 + + Blob jail: Move firmware to board-specific subdirectories + + Move firmware binaries into board subdirectories, so boards can have + different firmware binaries. + + Remove *.bin from .gitignore. This was probably meant for build + artifacts, which are excluded via build/ now. + + Signed-off-by: Jonathon Hall + +commit 010bd718aadc24592685b1c79f2a82abe5066bab +gpg: Signature made Fri 29 Sep 2023 03:29:18 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Sep 14 15:27:26 2023 -0400 + + modules/coreboot: Update Purism branch to 4.21-Purism-2 + + Includes support for Librem 11. + + Signed-off-by: Jonathon Hall + +commit 35c99fa93bc7ed0d3806840cdda98cb328cf9561 +gpg: Signature made Fri 29 Sep 2023 03:29:18 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Sep 14 15:24:05 2023 -0400 + + modules/fbwhiptail: Update to 1.3 + + Update to 1.3. Includes navigation improvements for devices with just + up/down/Enter keys, for Librem 11. + + Signed-off-by: Jonathon Hall + +commit 97bb0a82cb0ff07f341ccb1228911b748ee1281d +gpg: Signature made Thu 07 Sep 2023 04:29:12 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 35f3b2218b cba8c4542c +Author: tlaurion +Date: Thu Sep 7 16:29:12 2023 -0400 + + Merge pull request #1498 from tlaurion/oem-factory-reset_fix-mount-usb + + oem-factory-reset: fix call to mount-usb --mode rw + +commit cba8c4542cb4d0806f21be2e0a68c40777d6776e +gpg: Signature made Thu 07 Sep 2023 04:27:54 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Sep 7 16:27:14 2023 -0400 + + oem-factory-reset: fix call to mount-usb --mode rw (fix #1497) + +commit 35f3b2218b7ce366e3eab4219b2aad5438ca1a38 +gpg: Signature made Wed 06 Sep 2023 11:07:43 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9849b99717 fab9124f00 +Author: tlaurion +Date: Wed Sep 6 11:07:43 2023 -0400 + + Merge pull request #1492 from JonathonHall-Purism/librem_linux_6.1_efifb + + librem_* (except L1UM): Linux 6.1, coreboot gfx init with efifb + +commit fab9124f001f7e66085a9c0cccdab47b7aa89cbb +gpg: Signature made Wed 06 Sep 2023 10:37:05 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 29 14:01:27 2023 -0400 + + librem_* (except L1UM): Linux 6.1, coreboot gfx init with efifb + + Update all Librems except L1UM (but including L1UM v2) to Linux 6.1.8. + + Use coreboot native graphics init. Raise maximum framebuffer size for + laptops to 3840x2160 (desktops default to this, but laptops default + to a lower value). Remove DRM modules from Linux 6.1.8 and add EFIFB. + + Remove Heads kernel command line options relating to IOMMU and i915, + which are no longer needed. Remove OS kernel options relating to + IOMMU. + + For Librem 13/15/14/Mini, this fixes issues booting with 4K displays + attached, which were resulting in crashes due to the framebuffer memory + not being reserved properly. memtest86+ now passes with a 4K display + attached. + + For Librem L1UM v2, framebuffer boot now works. + + Librem L1UM remains on Linux 5.10 with Heads kernel graphic init + (framebuffer boot still does not work). coreboot 4.11 has native + graphics init for Aspeed, but only in text mode. Backporting the + linear framebuffer support appears to be possible - the patch applied + cleanly - but it did not work initially and will need more + investigation. + + Signed-off-by: Jonathon Hall + +commit 9849b99717b90f3b8352e57350a7422dec73895e +gpg: Signature made Wed 06 Sep 2023 10:24:09 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8bd82a6e10 8342603993 +Author: tlaurion +Date: Wed Sep 6 10:24:09 2023 -0400 + + Merge pull request #1495 from JonathonHall-Purism/improve_flash_sh + + initrd/bin/flash.sh: Improve speed and reliability + +commit 8bd82a6e108a55cb78d7daabee97b34c119412c4 +gpg: Signature made Wed 06 Sep 2023 10:19:55 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2c3987f9a3 eed8adeb49 +Author: tlaurion +Date: Wed Sep 6 10:19:55 2023 -0400 + + Merge pull request #1494 from JonathonHall-Purism/coreboot_purism_4.21 + + modules/coreboot: Update Purism coreboot to 24e2f7e4 + +commit 2c3987f9a3e71368029fd13aac19c41e97897baf +gpg: Signature made Wed 06 Sep 2023 10:15:17 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 54bce87691 2cc7164a99 +Author: tlaurion +Date: Wed Sep 6 10:15:17 2023 -0400 + + Merge pull request #1485 from Nitrokey/nx-nitropad + + add Nitropad NV41/NS50 TPM2 boards (2nd) + +commit 54bce87691b35c87266844580c0023723bd715f7 +gpg: Signature made Tue 05 Sep 2023 04:24:56 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 446b45e4f0 4d7c1cb388 +Author: tlaurion +Date: Tue Sep 5 16:24:56 2023 -0400 + + Merge pull request #1496 from JonathonHall-Purism/unseal-hotp-die-on-error + + initrd/bin/unseal-hotp: Prevent script errors if unseal fails + +commit 446b45e4f043af73af5e4da065b38e7cf619764f +gpg: Signature made Tue 05 Sep 2023 04:24:21 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8272d33e7c 003bec4fd4 +Author: tlaurion +Date: Tue Sep 5 16:24:21 2023 -0400 + + Merge pull request #1493 from JonathonHall-Purism/flash_gui_sh_exit + + initrd/bin/flash-gui.sh: Exit instead of errant return + +commit 4d7c1cb3887787b3f7c8a9ebbe38a7f2d677be60 +gpg: Signature made Tue 05 Sep 2023 04:12:57 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 31 17:15:24 2023 -0400 + + initrd/bin/unseal-hotp: Prevent script errors if unseal fails + + If the secret can't be unsealed, die immediately rather than continuing + on to generate errors. + + Signed-off-by: Jonathon Hall + +commit 83426039932418f408863aa6526c310da37fe3fc +gpg: Signature made Tue 05 Sep 2023 04:05:55 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 31 17:11:45 2023 -0400 + + initrd/bin/flash.sh: Improve speed and reliability + + Improve speed by pre-filtering only for lines containing any tokens of + interest to flashrom_progress_tokenize(). + + Improve reliability by avoiding dropping tokens that cross a stream + buffer boundary. Occasionally, a token could be missed if it crosses a + stream buffer boundary, due to read timing out too quickly before the + next buffer is flushed. If this was a state-changing token, + flashrom_progress() would hang forever. + + Signed-off-by: Jonathon Hall + +commit eed8adeb49897d89f49d9ac0e096f6e0299d0101 +gpg: Signature made Tue 05 Sep 2023 04:03:10 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 29 15:55:20 2023 -0400 + + librem_mini,librem_mini_v2: Enable CMOS layout, update CMOS checksum + + Enable the coreboot CMOS option table, which initializes CMOS if the + checksum is not valid. + + There is now a checksum in the CMOS layout since 4.21, update it when + updating the Mini v1/v2 EC power-on setting. + + coreboot 4.21 will reset the CMOS settings during the first boot, since + there was no checksum in prior releases. Heads will restore the + automatic power-on setting during init based on config.user. + + Signed-off-by: Jonathon Hall + +commit bde945ea57bcaec78ff03116737011ef39e3192e +gpg: Signature made Tue 05 Sep 2023 03:59:50 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 31 17:16:19 2023 -0400 + + modules/coreboot: Update Purism coreboot to 24e2f7e4 + + This is 4.21-Purism-1 plus a fix for native graphics init on Mini + v1/v2: HDMI1 is enabled so passive DisplayPort to DVI/HDMI adapters + will work. + + Signed-off-by: Jonathon Hall + +commit 003bec4fd491b97fcaf5dfb14ceb4191d7a31084 +gpg: Signature made Tue 05 Sep 2023 03:57:13 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Aug 30 16:19:40 2023 -0400 + + initrd/bin/flash-gui.sh: Exit instead of errant return + + Return is not valid outside of a function - exit instead. + + Signed-off-by: Jonathon Hall + +commit 8272d33e7caed6af99ece5783dee92e5a1b07c12 +gpg: Signature made Tue 05 Sep 2023 11:48:50 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 94c36b9c8e 47eba7d80b +Author: tlaurion +Date: Tue Sep 5 11:48:50 2023 -0400 + + Merge pull request #1482 from tlaurion/ease_tpm_disk_unlock_key_resealing_after_totp_mismatch-warn_and_die_changes + + Ease TPM Disk Unlock Key sealing/resealing after TOTP mismatch (firmware upgrade) + warn and die changes + +commit 2cc7164a990f02c10967cde9c86a697abadfc228 +gpg: Signature made Tue 05 Sep 2023 11:13:56 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Thierry Laurion +Date: Fri Aug 18 11:39:48 2023 -0400 + + nv41/ns50: coreboot+coreboot patch+CircleCI config: adapt to have nv41/ns50 build on top of #1417 and #1462 + +commit a00aed50d769d58444accef9cd0821772298ba20 +gpg: Signature made Tue 05 Sep 2023 11:13:56 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Tue May 23 14:25:03 2023 +0200 + + reboot/poweroff: run nitropad-shutdown.sh for required boards + +commit fabddb4f7addc20ec146f5f7fada9d2b92f80a0a +gpg: Signature made Tue 05 Sep 2023 11:13:56 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Sat Dec 11 15:33:02 2021 +0100 + + flash-gui.sh: add .npf handling; add create-npf.sh + +commit d01c3ab7c9f663c24e373bf682018fa4303d15d8 +gpg: Signature made Tue 05 Sep 2023 11:13:56 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Mon May 22 12:57:18 2023 +0200 + + boards: add nitropad-nv41 + nitropad-ns50 + +commit 902866cc296118a4f0f4d94f3a0d4684bb3bd757 +gpg: Signature made Tue 05 Sep 2023 11:13:56 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Tue Apr 25 14:53:11 2023 +0200 + + add nitropad-shutdown.sh for EC based poweroff + +commit 033333f288736656741915e9d149a3399a9c09b1 +gpg: Signature made Tue 05 Sep 2023 11:13:56 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Mon May 22 14:41:09 2023 +0200 + + modules/nitrokey-blobs: add + +commit 7da9a7e136d53c2b3d4cc6bff0ff4541c0df933c +gpg: Signature made Tue 05 Sep 2023 11:13:56 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Wed Apr 19 10:24:54 2023 +0200 + + modules/iotools: add as binary + +commit 94c36b9c8efecea3b9e7e5621f9fc6dee9c71462 +gpg: Signature made Tue 05 Sep 2023 10:52:04 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 45a4f9d0f3 b47da0be89 +Author: tlaurion +Date: Tue Sep 5 10:52:04 2023 -0400 + + Merge pull request #1483 from Nitrokey/nk3-support + + Nitrokey 3 support + +commit b47da0be89909b5aad64e075d144c138b345bade +gpg: Signature made Tue 05 Sep 2023 06:32:54 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Tue Sep 5 12:32:22 2023 +0200 + + boards/qemu-*: update allowed usb-token comments + +commit 075d40950b2d1aab607712d0cd920f5582b391f7 +gpg: Signature made Tue 05 Sep 2023 06:32:10 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Tue Sep 5 12:28:52 2023 +0200 + + oem-factory-reset: introduce GPG_ALGO + + * use GPG_ALGO as gpg key generation algorithm + * determine GPG_ALGO during runtime like this: + * if CONFIG_GPG_ALGO is set, use as preference + * adapt based on usb-token capabilities (currently only Nitrokey 3) + +commit 47eba7d80b49a3cec2c41a048acd30fc5a394056 +gpg: Signature made Sat 02 Sep 2023 11:49:57 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Sep 2 11:49:57 2023 -0400 + + kexec-save-default: Fix multiple LUKS/LVM+LUKS suggestion + other working uniformization for DUK + +commit e291797e655b524db27f69bba34a6b6d8048fcd3 +gpg: Signature made Sat 02 Sep 2023 04:21:08 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Sep 2 04:21:08 2023 -0400 + + kexec-save-default : Finally fix #1474 under #1482 + +commit 8b0fc0f1296e26e3c36095adc0657caa62a6edbf +gpg: Signature made Sat 02 Sep 2023 04:20:09 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Sep 2 04:17:50 2023 -0400 + + kexec-seal/save-key /etc/functions : some more uniformisation of TPM DUK verbiage + +commit 51b1ad39c33eefc6c496f80e259d7afe9b65f473 +gpg: Signature made Sat 02 Sep 2023 04:16:16 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Sep 2 04:16:16 2023 -0400 + + sbin/insmod wrapper: Add TRACE and DEBUG traces + +commit 52947e276713ebea357388d06a91ea222092c5b5 +gpg: Signature made Sat 02 Sep 2023 01:53:31 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Sep 2 01:53:31 2023 -0400 + + WiP TPM DUK cleanup + +commit e9dbce2adfda6306b6496b8d83d4c2aa513a38ff +gpg: Signature made Sat 02 Sep 2023 01:51:50 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Sep 2 01:51:50 2023 -0400 + + bin/unpack_initramfs.sh: Add TRACE and DEBUG traces + +commit 0ba10e5174ab9b5f71dc8cc30420740ca384746c +gpg: Signature made Fri 01 Sep 2023 06:19:29 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Sep 1 18:19:29 2023 -0400 + + path substitution still not working. This is PoC to be tested. Had to go + +commit a2a30020c093b12801b1744e67db1487e5e26eb3 +gpg: Signature made Fri 01 Sep 2023 04:28:53 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Sep 1 16:28:53 2023 -0400 + + TPM Disk Unlock Key setup: use unpack_initrd.sh, replace none with /secret.key. Still no joy + +commit 4a7e23b4c62e5f1bd2d5b213db86238fe975cf9d +gpg: Signature made Fri 01 Sep 2023 03:18:36 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Sep 1 15:18:36 2023 -0400 + + Address review for: first set up of TPM DUK and renewal after firmware upg + +commit 64ad01f3338652a10132a9ff2873e4cf2aeaf0c6 +gpg: Signature made Thu 31 Aug 2023 02:36:30 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Aug 31 12:07:39 2023 -0400 + + WiP: Staging commit to facilitate review, will squash into previous commits once confirmed good + +commit 03d8f93c9517230adabaaa1cb9b3fcf53dd50af5 +gpg: Signature made Thu 31 Aug 2023 11:21:14 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Aug 31 11:14:33 2023 -0400 + + modules/zstd: now included by default. Deactivated under legacy-flash boards + + Rationale: + cpio -t alone cannot extract initrd past early cpio (microcode) in most packed initrd. + unpack_initramfs.sh already under master comes to the rescue, but its usage up to today was limited to pass firmware blobs to final OS under boards/librem_mini_v2 + + Debian OSes (and probably others) need to have cryptroot/crypttab overriden directly, otherwise generic generation of crypttab is not enough. + Extracting crypttab and overriding directly what is desired by final OS and exposed into /boot/initrd is the way to go otherwise hacking on top of hacks. + + This brings default packed modules under Heads to 5 modules, which needs to be deactivate in board configs if undesired: + user@heads-tests-deb12:~/heads$ grep -Rn "?= y" modules/ | grep -v MUSL + modules/zlib:1:CONFIG_ZLIB ?= y + modules/zstd:3:CONFIG_ZSTD ?= y + modules/exfatprogs:2:CONFIG_EXFATPROGS ?= y + modules/busybox:2:CONFIG_BUSYBOX ?= y + modules/e2fsprogs:2:CONFIG_E2FSPROGS ?= y + +commit 67c865d151cffe15d4179fd68fdc48c2eac78d54 +gpg: Signature made Wed 30 Aug 2023 06:07:22 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Aug 30 16:49:39 2023 -0400 + + TPM DISK Unlock Key : add cryptroot/crypttab to fix #1474 + + Tested working on both TPM1/TPM2 under debian bookwork, standard encrypted TLVM setup + +commit 4910c1188fc9c5f1db839a8bfd52dcf980e3b25c +gpg: Signature made Wed 30 Aug 2023 06:06:31 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Aug 22 14:34:29 2023 -0400 + + TPM Disk Unlock Key sealing/renewal cleanup (Triggered automatically when resealing TOTP) + + Changes: + - As per master: when TOTP cannot unseal TOTP, user is prompted to either reset or regenerate TOTP + - Now, when either is done and a previous TPM Disk Unlock Key was setuped, the user is guided into: + - Regenerating checksums and signing them + - Regenerating TPM disk Unlock Key and resealing TPM disk Unlock Key with passphrase into TPM + - LUKS header being modified, user is asked to resign kexec.sig one last time prior of being able to default boot + - When no previous Disk Unlock Key was setuped, the user is guided into: + - The above, plus + - Detection of LUKS containers,suggesting only relevant partitions + + - Addition of TRACE and DEBUG statements to troubleshoot actual vs expected behavior while coding + - Were missing under TPM Disk Unlock Key setup codepaths + + - Fixes for #645 : We now check if only one slots exists and we do not use it if its slot1. + - Also shows in DEBUG traces now + + Unrelated staged changes + - ash_functions: warn and die now contains proper spacing and eye attaction + - all warn and die calls modified if containing warnings and too much punctuation + - unify usage of term TPM Disk Unlock Key and Disk Recovery Key + +commit 8922c6e32b2bcd8fe43782838ac5c59d5006820b +gpg: Signature made Wed 30 Aug 2023 05:16:26 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Mon May 8 22:17:15 2023 +0200 + + modules/hotp-verification: update to v1.4 + + * add Nitrokey 3 support + * corrected UI issues, when PIN is not set + * add serial number getter + * improve HID calls speed + * Full changelogs to be found here: https://github.com/Nitrokey/nitrokey-hotp-verification/releases + +commit 45a4f9d0f3edc0e9fbf232402eb9e357f5a5c6e5 +gpg: Signature made Mon 28 Aug 2023 04:29:51 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d853f62445 d5aa0c874e +Author: tlaurion +Date: Mon Aug 28 16:29:51 2023 -0400 + + Merge pull request #1446 from tlaurion/Add_secure_thumb_drive_premisses + + Add secure thumb drive creation premisses + +commit d5aa0c874e1b9306cb8a119474d9222bf0010840 +gpg: Signature made Mon 28 Aug 2023 04:24:14 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Aug 28 13:53:03 2023 -0400 + + boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.md was invalid symlink + +commit 106a9bf5430653da19ad7547595905994670125a +gpg: Signature made Mon 28 Aug 2023 04:24:11 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Aug 28 13:52:08 2023 -0400 + + qemu boards: change default creation size of USB_FD_IMG from 128MB to 256MB + + Otherwise 10% of 128mb (12mb) is not enough to create a LUKS container + +commit f6eed4220861bece9c09b6fe8f3feef4f236364c +gpg: Signature made Mon 28 Aug 2023 04:23:49 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jul 19 18:48:03 2023 -0400 + + Add external/usb disk encryption (adds exfatprogs and e2fsprogs) + prepare_thumb_drive: default to creating 10% LUKS container on usb drive, prompts for passphrase is not provided and scan drives if no --device specified + + NOTE: qemu usb_thumb drive of 128 mb are not big enough so that 10% of it (12mb) can be used to create thumb drive. + + Adds: + - e2fsprogs to support ext4 filesystem creation through mke2fs + - add /etc/mke2fs.conf so that mke2fs knows how to handle ext2/ext3/ext4 + - removes mke2fs support from busybox + - bump busybox to latest version which adds cpu accelerated hash functions (not needed per se here) + - Adds exfatprogs to have mkfs.exfat and fsck.exfat + - Adds prepare_thumb_drive /etc/luks-functions to be able to prepare a thumb drive with percentage of drive assigned to LUKS, rest to exfat + - Modify most board configs to test space requirements failing + - Talos2 linux config: add staging Exfat support + - Make e2fsprogs and exfatprogs included by default unless explicitely deactivate in board configs + - Change cryptsetup calls : luksOpen to open and luksClose to close to addresss review + - etc/luks_functions: cleanup + + GOAL here is to have secure thumb drive creation which Heads will be able to use to backup/restore/use generated GPG key material in the future (next PR) + +commit d853f62445a0164e451b8671e238ba99b27c5c6b +gpg: Signature made Fri 25 Aug 2023 02:30:17 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d8a9a1e77e 0b154aaee1 +Author: tlaurion +Date: Fri Aug 25 14:30:17 2023 -0400 + + Merge pull request #1479 from tlaurion/add_tracing_debuggin_config_toggle + + config-gui.sh: Add option to toggle DEBUG and TRACE output from Configuration Settings + +commit 0b154aaee1896bcf625c528512cc6ba2d41badc3 +gpg: Signature made Fri 25 Aug 2023 02:28:01 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Aug 25 13:39:04 2023 -0400 + + config-gui.sh: Add option to toggle DEBUG and TRACE output from Configuration Settings menu + +commit d8a9a1e77e1731302e5b464b789c872a78e738c4 +gpg: Signature made Tue 22 Aug 2023 12:02:36 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6e31163121 5bf14d27de +Author: tlaurion +Date: Tue Aug 22 12:02:36 2023 -0400 + + Merge pull request #1473 from tlaurion/aes_support_x230i_under_x230_maximized + + linux-x230-maximized: readd CONFIG_CRYPTO_AES for x230i since i3 doesn't have INTEL AES NI cpu acceleration. + +commit 5bf14d27de1fb4dd9d2660c159ef11c7c32dac24 +gpg: Signature made Tue 22 Aug 2023 08:56:53 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Aug 22 08:56:53 2023 -0400 + + linux-x230-maximized: readd CONFIG_CRYPTO_AES for x230i since i3 doesn't have INTEL AES NI cpu acceleration. + +commit 6e31163121d1d600047df859844ab8408cc53d2a +gpg: Signature made Wed 16 Aug 2023 03:06:44 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fbc0993084 97f39a8b1f +Author: tlaurion +Date: Wed Aug 16 15:06:44 2023 -0400 + + Merge pull request #1403 from tlaurion/libgfxinit-or-native-gfx-init_simplefb_linuxboot_splashscreen + + libgfxinit/nativegfx init: efifb enforced fb (+coreboot ramstage enabled bootsplash) + +commit 97f39a8b1fa7e7957c257007fcbbecd371fff715 +gpg: Signature made Wed 16 Aug 2023 02:54:12 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Aug 16 14:54:12 2023 -0400 + + t430-maximized/t430-hotp-maximized: move from untested to tested boards, other t430 boards still untested + +commit e5b64f8c48f711aa5d300e966da12e335633b7ec +gpg: Signature made Wed 16 Aug 2023 01:29:09 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Aug 16 13:20:25 2023 -0400 + + t430/x230 legacy flash boards: unify so they specify coreboot config files as all other boards + + (Otherwise, renaming board requires to rename coreboot config file as well since BOARD is used to pick corresponding one when undefined) + +commit 294a6bed941b21ce6902a7f2bfe2e4b519895464 +gpg: Signature made Wed 16 Aug 2023 12:35:52 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Aug 16 12:35:52 2023 -0400 + + t430 boards: moved to untested until reported tested as per #1421 + +commit 572573ff404b86a4703ffb0edaa0b25efb6f510a +gpg: Signature made Wed 16 Aug 2023 09:44:44 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Aug 11 09:57:23 2023 -0400 + + x220 board: this is maximized coreboot config, legacy linux config + +commit 107855f53a16848e5df671d30279bf01a46685f6 +gpg: Signature made Wed 16 Aug 2023 09:44:41 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Aug 15 17:23:06 2023 -0400 + + p8z77-m_pro-tpm1: bring back boards as tested platforms. + +commit 8c366ef61d5da55814a1b59e0de1b6b2fcc9f353 +gpg: Signature made Wed 16 Aug 2023 09:44:38 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jul 13 14:03:40 2023 -0400 + + coreboot configs: changeset needed to use efifb + + - intel igpu related - remove i915drmfb hacks and use simplefb and libgfxinit enabled fb + - coreboot 4.19: add patch to fix https://ticket.coreboot.org/issues/500. fbwhiptail still tears screen if in native 1366x769 though + - coreboot 4.19: add patch to enable linux tampoline handle coreboot framebuffer (merged https://review.coreboot.org/c/coreboot/+/76431) + - coreboot 4.19: add patch to enable coreboot to apply jpeg voodoo to create bootsplash.jpeg injected in cbfs at build time + CircleCI apt imagemagick + - (Thanks Nico Huber @icon again for above patches!) + - coreboot configs: adapt VESAFB/LIBGFXINIT to use maximum fb height/width + - coreboot configs for iGPU only: CONFIG_LINEAR_FRAMEBUFFER_MAX_HEIGHT CONFIG_LINEAR_FRAMEBUFFER_MAX_WIDTH to native size + - coreboot configs for dGPU based on Optional VBIOS injected: VESAFB set to 1280x1024 (maximum possible). + + Details: + coreboot configs: remove CONFIG_LINUX_COMMAND_LINE="drm_kms_helper.drm_leak_fbdev_smem=1 i915.enable_fbc=0" + - Those were needed to expose i915drmfb driver prior of efifb working. + +commit d3ea60f69ec12b4fa265922e14cf595a15f21add +gpg: Signature made Tue 15 Aug 2023 05:24:34 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jul 13 13:59:41 2023 -0400 + + linux configs: adapt to use efifb driver (Intel iGPU/qemu with bochs native gfxinit) + +commit fbc0993084d2b0c0e2ad9b617b8555059956e075 +gpg: Signature made Tue 15 Aug 2023 04:27:20 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 59972f3972 a5689c44a9 +Author: tlaurion +Date: Tue Aug 15 16:27:20 2023 -0400 + + Merge pull request #1462 from JonathonHall-Purism/reuse-toolchains + + Enable reusing coreboot release toolchains for forks + +commit 59972f39728a95fc2926c598d7356a0aea092884 +gpg: Signature made Fri 11 Aug 2023 02:53:04 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f42070a51d 98fc0cb81a +Author: tlaurion +Date: Fri Aug 11 14:53:04 2023 -0400 + + Merge pull request #1459 from JonathonHall-Purism/hires_scale + + Scale fbwhiptail and console font for high resolution displays + +commit a5689c44a96098b6990b2265f68807fd9379c2b3 +gpg: Signature made Fri 11 Aug 2023 02:48:51 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 11 14:48:19 2023 -0400 + + modules/coreboot: Don't try to share toolchain for purism yet + + Nothing else shares the 4.20.1 toolchain yet, and upcoming forks are + based on older releases. We'll share it when other boards update to + 4.20.1. + + Signed-off-by: Jonathon Hall + +commit 98fc0cb81a7b5bd8074041d674ebe3da9f9a2d8e +gpg: Signature made Fri 11 Aug 2023 02:40:11 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 11 13:16:00 2023 -0400 + + initrd/bin/setconsolefont.sh: Reduce threshold for 2x console to 1350 + + Based on feedback, 1440p displays can benefit from 2x console as well. + Err toward a font too large rather than too small and lower the + threshold to 1350, which is the threshold fbwhiptail uses for 1.5x. + + Signed-off-by: Jonathon Hall + +commit 4d613dacbbac0ecf4d125ffb2ab98af46d8234b5 +gpg: Signature made Fri 11 Aug 2023 02:40:10 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 10 09:05:24 2023 -0400 + + fbwhiptail: Update to hires_scale based on 1.2 release + + hires_scale was rebased on 1.2. + + Signed-off-by: Jonathon Hall + +commit 57f9d1635b32ffba858c9f30782e25042ce8a454 +gpg: Signature made Fri 11 Aug 2023 02:40:10 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Aug 9 16:11:57 2023 -0400 + + x230-*-fhd_edp: Include kbd to set console font size + + Include the kbd module to set the console font size based on the + display resolution. + + Signed-off-by: Jonathon Hall + +commit d0d2ea9a779a0b83e0ad991e73f5ec5665153727 +gpg: Signature made Fri 11 Aug 2023 02:40:09 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Aug 9 16:11:10 2023 -0400 + + librem_mini{,_v2}: Include kbd to set console font size + + Include the kbd module to enlarge the console font size based on the + display resolution. + + Signed-off-by: Jonathon Hall + +commit ef859731098d4e4da0e4a9614e56fd0b1ce69a0c +gpg: Signature made Fri 11 Aug 2023 02:40:09 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Aug 9 16:10:02 2023 -0400 + + librem_15v4: Include kbd, don't force eDP resolution in Heads kernel + + Include kbd so the console font can be enlarged based on the display + resolution. + + Don't force 1080p on the eDP output in Heads. + + Signed-off-by: Jonathon Hall + +commit a3798713b2ff20f9dd4db4dbaa3ae4cebb779428 +gpg: Signature made Fri 11 Aug 2023 02:40:08 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Aug 9 16:08:10 2023 -0400 + + fbwhiptail: Update to hires_scale branch + + fbwhiptail scales its UI based on the display size. FBWHIPTAIL_SCALE + can set a specific scale factor for testing. + + fbwhiptail no longer looks for a 1080p mode when the default mode is + 2160p. + + Signed-off-by: Jonathon Hall + +commit 2f329d90071befc27fa18da8d7440fe7ae631b3f +gpg: Signature made Fri 11 Aug 2023 02:40:04 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Aug 9 16:06:08 2023 -0400 + + kbd: Add setfont from kbd to set large console font on large displays + + Build kbd and ship setfont if enabled with CONFIG_KBD. + + When CONFIG_KBD is enabled, setconsolefont.sh will double the console + font size on large displays (>1600 lines tall as a heuristic). + + Signed-off-by: Jonathon Hall + +commit f42070a51dbf3fc645dc6564cee7e997efe57794 +gpg: Signature made Fri 11 Aug 2023 02:29:57 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 68f707baad 2965cf69cc +Author: tlaurion +Date: Fri Aug 11 14:29:57 2023 -0400 + + Merge pull request #1457 from tlaurion/archlinux_distro_pukey_update + + Archlinux distro signing public key update to (expires 2037-10-27) + +commit 38e9d47bfd1dbf0b60047e8a9d848cc9c763c975 +gpg: Signature made Fri 11 Aug 2023 01:05:14 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 11 13:03:58 2023 -0400 + + modules/coreboot: Clarify PPC64 toolchain comments + + CROSS= is needed for skiboot on PPC64 due to different endianness + relative to coreboot. + + The talos_2 fork doesn't share the toolchain because it is the only + _fork_, not board, to be precise. We could add more boards using that + fork without having to create a shared toolchain, it only matters if we + add another fork or start building boards from the upstream release + too. + + Signed-off-by: Jonathon Hall + +commit c2df9f39420070c5162967c19f1cbe9eff63a166 +gpg: Signature made Fri 11 Aug 2023 12:44:40 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 11 10:51:59 2023 -0400 + + fixup modules/coreboot: Fix purism-blobs dependency for librem_l1um + + Two := assignments were factored out together, the second overwrote the + first. Fix to +=, and remove the nitrokey assignment since it came + from a branch. + + Signed-off-by: Jonathon Hall + +commit d8a89e7e12154d5ee804e2f1052de07f9ff2461a +gpg: Signature made Fri 11 Aug 2023 12:44:40 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 11 10:50:12 2023 -0400 + + modules/coreboot: Remove errant _depend variable + + This was spelled wrong - it's actually '_depends'. 'initrd' isn't a + module any more so the value doesn't make sense, remove it. + + Signed-off-by: Jonathon Hall + +commit 555dde0b4304bbeadd77de2292ec40ff3f7c76ea +gpg: Signature made Fri 11 Aug 2023 12:44:39 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 11 10:48:31 2023 -0400 + + boards/librem_* (except l1um): Remove CONFIG_PURISM_BLOBS=y + + These boards get purism-blobs as a submodule of the purism coreboot + fork. modules/coreboot used to skip the purism-blobs dependency for + this fork, but the module is not needed at all for these boards. + + librem_l1um keeps CONFIG_PURISM_BLOBS=y since it is built from patched + coreboot 4.11. + + Signed-off-by: Jonathon Hall + +commit c12b8cec4b5705504e9016259b1ff69a76ef08d5 +gpg: Signature made Fri 11 Aug 2023 12:44:39 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 11 10:02:03 2023 -0400 + + Makefile: Don't double version number in patches for versioned modules + + Default the patch version to empty if the module name already includes + the version. Fixes application of coreboot patches. + + Signed-off-by: Jonathon Hall + +commit 1b81fb2d80c8844210e215f300ade68edacca63b +gpg: Signature made Fri 11 Aug 2023 12:44:35 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Aug 11 09:32:30 2023 -0400 + + modules/coreboot: Don't try to share toolchain for talos_2 fork + + The skiboot build fails to find the toolchain when it's not in the + default location. There is only one ppc64 board anyway, so there's no + point trying to share a toolchain for now. + + Signed-off-by: Jonathon Hall + +commit 8f95d0b65b21f073d42313ed83744538b1d244e4 +gpg: Signature made Fri 11 Aug 2023 12:43:04 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 10 17:14:42 2023 -0400 + + modules/coreboot: Use a specific file to mark the toolchain build + + Use .heads-toolchain to mark that the toolchain was built rather than + .xcompile. coreboot doesn't generate .xcompile until the build step, + so all modules had to build successfully before we would stop trying to + to rebuild the toolchain. Build steps should generally produce the + indicated outputs too, which was not occurring here. + + Signed-off-by: Jonathon Hall + +commit 0c024b14e881cb4739f80017ac4c100941eb6faa +gpg: Signature made Fri 11 Aug 2023 12:42:42 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 10 16:49:58 2023 -0400 + + modules/coreboot: Reuse release toolchain for fork builds + + Reuse the toolchain from a coreboot release for fork builds. Either + the fork or the release can be built first, in either case the + release's toolchain is built at the default location and reused for + later builds. + + Signed-off-by: Jonathon Hall + +commit 786cf09ec7b402c86f88fe574cba3151ddf7c89b +gpg: Signature made Fri 11 Aug 2023 12:41:59 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 10 16:48:05 2023 -0400 + + modules/coreboot: Define each coreboot version as a separate module + + Define a separate module for each coreboot version, so the module used + to build the ROM will optionally be able to reference the toolchain + from a different module. + + This will allow coreboot fork builds to use the toolchain from the + corresponding release. + + Signed-off-by: Jonathon Hall + +commit cd73574f719c61f967b37b1e5b9379032834394a +gpg: Signature made Fri 11 Aug 2023 12:41:59 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 10 14:08:22 2023 -0400 + + patches/coreboot-*: Remove unused patches + + Remove patches for coreboot 4.8.1, 4.13, 4.14, and 4.17, which are no + longer used. + + Signed-off-by: Jonathon Hall + +commit 36954895891a692d98f844d80c73ece355076335 +gpg: Signature made Fri 11 Aug 2023 12:41:59 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 10 14:01:02 2023 -0400 + + modules/coreboot: Delete unused remnants of using musl toolchain + + At one time coreboot was built using Heads' musl toolchain, but this + was later reverted. coreboot builds with its own toolchain again. + + CROSS= has no effect on coreboot proper (only exception is PPC64 + skiboot payload). It was added to coreboot by a patch that was deleted + in 8e44853. COREBOOT_IASL was set to the default, that was only needed + when the toolchain was being overridden to override iasl back to the + coreboot one. + + ppc64 still specifies CROSS= since skiboot is unable to find coreboot's + toolchain from XGCCPATH but checks CROSS. This builds skiboot with the + Heads toolchain as before. + + Signed-off-by: Jonathon Hall + +commit fb6b81119d228d7453d7a776a0cb101e8415f972 +gpg: Signature made Fri 11 Aug 2023 12:35:55 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Aug 10 13:35:04 2023 -0400 + + modules/coreboot: Clean up module, don't share git build directories + + Remove coreboot 4.8.1, 4.13, and 4.17, which were all unused. + + Remove extra copies of EXTRA_FLAGS which duplicated the common + definition. The only difference was + -Wno-error=address-of-packed-member, the warning is now disabled + entirely everywhere with -Wno-address-of-packed-member. + + Use separate coreboot_version values for talos_2, nitrokey, and purism, + which gives each a separate build directory. + + Move conditional blob definitions out of each coreboot version. + + Fix condition for coreboot-blobs - whether a module is a git clone + actually depends on non-empty _repo, not _version==git. + Fix the test so git versions of coreboot can have arbitrary names. + + Signed-off-by: Jonathon Hall + +commit 68f707baadc202b2f23d9b2e97880908d27a87e3 +gpg: Signature made Fri 11 Aug 2023 12:17:13 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a276b05a44 6f9409be81 +Author: tlaurion +Date: Fri Aug 11 12:17:13 2023 -0400 + + Merge pull request #1464 from tlaurion/ioport_url_change_to_debian_https + + ioport: changing url to debian https server, same hash. First need to go into #1198 direction + +commit 6f9409be81cb3180e4c4d5ca4ae339743ec04c08 +gpg: Signature made Fri 11 Aug 2023 12:15:59 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Merge: 02c3a1f9ee 3c920dd082 +Author: tlaurion +Date: Fri Aug 11 12:06:26 2023 -0400 + + Merge pull request #1463 from tlaurion/ioport_url_change_to_debian + + ioport: changing url to debian https server, same hash. First need to go into #1198 direction + +commit a276b05a445dc9cec03cd2e88d3e82e30e6a8556 +gpg: Signature made Fri 11 Aug 2023 12:06:26 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 02c3a1f9ee 3c920dd082 +Author: tlaurion +Date: Fri Aug 11 12:06:26 2023 -0400 + + Merge pull request #1463 from tlaurion/ioport_url_change_to_debian + + ioport: changing url to debian, same hash. First need to go into #1198 direction + +commit 3c920dd0826eeabe938fc6973dc5dcf2b8d470ba +gpg: Signature made Fri 11 Aug 2023 12:05:16 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Aug 11 11:55:05 2023 -0400 + + ioport: changing url to debian, same hash. First need to go into #1198 direction + +commit 2965cf69cc955e3458e09c7e7db5ba243445326b +gpg: Signature made Tue 08 Aug 2023 12:55:23 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Aug 8 12:53:25 2023 -0400 + + Archlinux distro signing public key update to (expires 2037-10-27) + +commit 02c3a1f9ee270403a962fd826ade28d642a232fb +gpg: Signature made Wed 02 Aug 2023 05:55:33 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 06b1b0948d 447f8addc7 +Author: tlaurion +Date: Wed Aug 2 17:55:33 2023 -0400 + + Merge pull request #1448 from tlaurion/remove_x230-edp_from_untested + + Rename UNTESTED_x230-maximized-fhd_edp and UNTESTED_x230-hotp-maximized-fhd_edp to normal names + +commit 447f8addc70daac713cce2df6e70c8d52fdfb5d5 +gpg: Signature made Wed 02 Aug 2023 02:37:02 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Aug 2 14:37:02 2023 -0400 + + Rename UNTESTED_x230-maximized-fhd_edp and UNTESTED_x230-hotp-maximized-fhd_edp to normal names + +commit 06b1b0948d911ab1ee15d08cc4776e41889349cd +gpg: Signature made Mon 24 Jul 2023 06:27:17 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f47b3bc126 4d157493a3 +Author: tlaurion +Date: Mon Jul 24 18:27:17 2023 -0400 + + Merge pull request #1399 from d-wid/z220 + + Add HP Z220 CMT + +commit f47b3bc1264bba08cd093457f1a6d4ffa0aa1c36 +gpg: Signature made Mon 24 Jul 2023 06:17:24 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d7b4a47cfe 1781d3de25 +Author: tlaurion +Date: Mon Jul 24 18:17:24 2023 -0400 + + Merge pull request #1445 from tlaurion/add_donation_qrcode_link_by_default + + Add bootsplash with donation link in Qrcode form. Make it default. + +commit 1781d3de2583b79e21c3539a3cd75899d6ddaca9 +gpg: Signature made Mon 24 Jul 2023 05:50:57 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jul 21 18:47:01 2023 -0400 + + Add bootsplash with donation link in Qrcode and make it default (Centered) + +commit 4d157493a3863193f0b77ef4794d8bb89364e513 +Author: d-wid <65876951+d-wid@users.noreply.github.com> +Date: Sun Jul 9 07:11:00 2023 +0200 + + Add HP Z220 CMT + +commit d7b4a47cfe26f7e40cd995267298f5db57bfe120 +gpg: Signature made Mon 17 Jul 2023 02:08:22 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 92411be10b c419cf7e2b +Author: tlaurion +Date: Mon Jul 17 14:08:22 2023 -0400 + + Merge pull request #1442 from tlaurion/qemu_basic_boot_example_in_board_config + + Qemu boards: typo correction in comment to manually enable Basic Boot mode + +commit 92411be10b0b5080845ffae8c9559a4c9476f12d +gpg: Signature made Mon 17 Jul 2023 02:06:18 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: edf200e791 f4a8ae925f +Author: tlaurion +Date: Mon Jul 17 14:06:18 2023 -0400 + + Merge pull request #1443 from tlaurion/move_UNTESTED_t530_non-dgpu + + non-dgpu t530-hotp-mazimized was reported working + +commit f4a8ae925fe7d1abcf37228583cb2817ac6ef40d +gpg: Signature made Mon 17 Jul 2023 12:49:32 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jul 17 12:49:32 2023 -0400 + + non-dgpu t530 was reported working (t530-hotp-maximized-v0.2.0-1705-gedf200e.rom) + +commit c419cf7e2b8116f6fc36ac01bba6ae0be275740d +gpg: Signature made Mon 17 Jul 2023 12:32:27 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jul 17 12:31:25 2023 -0400 + + Qemu boards: typo in comment to manually enable Basic Boot mode : (was CONFIG_BASIC_BOOT where CONFIG_BASIC expected) + +commit edf200e7913c62975a424cfb9dbd579747d0665c +gpg: Signature made Wed 12 Jul 2023 03:36:34 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3c492f94c1 45245fe417 +Author: tlaurion +Date: Wed Jul 12 15:36:34 2023 -0400 + + Merge pull request #1419 from JonathonHall-Purism/pureboot-27-heads-upstream + + Upstream PureBoot 27 + +commit 45245fe4174c0e4797e88c32d3d8e72766b110e6 +gpg: Signature made Wed 12 Jul 2023 02:18:36 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jul 12 14:17:43 2023 -0400 + + qemu-*: Show how to enable restricted/basic in board config + + For iterating, enabling these in the board config is easiest. It's + also possible to manually inject config.user ahead of time, or enable + at runtime without flashing, but the normal enable/flash/reboot path + does not work in qemu since it is unable to flash. + + Signed-off-by: Jonathon Hall + +commit 47e9e4cf45d9e6b12bd0f3d724c93fe564d4fbcb +gpg: Signature made Wed 12 Jul 2023 02:14:18 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 440dc5b61c 3c492f94c1 +Author: Jonathon Hall +Date: Wed Jul 12 14:14:17 2023 -0400 + + Merge remote-tracking branch 'github-heads/master' into pureboot-27-heads-upstream + +commit 3c492f94c1a22d1fc6a0073777095baed10525f3 +gpg: Signature made Wed 12 Jul 2023 02:11:32 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2ad457bc65 77eb9536d6 +Author: tlaurion +Date: Wed Jul 12 14:11:32 2023 -0400 + + Merge pull request #1428 from Dasharo/replay_pcrs_from_cbmem + + initrd/bin/tpmr: replay PCR values from event log + +commit 77eb9536d62bca322524f639e807f57e268b149d +gpg: Signature made Wed 12 Jul 2023 08:57:50 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Mon Jul 10 23:52:15 2023 +0200 + + initrd/bin/tpmr: add debug for replay_pcr() + + It also includes instructions for introspecting the replayed values + manually. + + Signed-off-by: Krystian Hebel + +commit f7066d020d3b8fb5da0fcb2787e2b66f49fbd1ed +gpg: Signature made Wed 12 Jul 2023 08:52:07 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Mon Jul 10 17:53:32 2023 +0200 + + initrd/bin/gui-init: retry TOTP in case of error + + On platforms using CONFIG_BOOT_EXTRA_TTYS multiple processes may try to + access TPM at the same time, failing with EBUSY. The order of execution + is unpredictable, so the error may appear on main console, secondary one, + or neither of them if the calls are sufficiently staggered. Try up to + three times (including previous one) with small delays in case of error, + instead of immediately scaring users with "you've been pwned" message. + + Signed-off-by: Krystian Hebel + +commit 9a727496759351fd6e2ee52a95e144b473129463 +gpg: Signature made Wed 12 Jul 2023 08:52:07 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Tue Jul 4 11:02:51 2023 +0200 + + initrd/bin/talos-init: remove alias for cbmem and bump coreboot revision + + Updated cbmem searches for CBMEM exposed by kernel in sysfs before + trying to read it from memory directly. As such, there is no need for + pointing to that file explicitly. + + New coreboot revision also fixes output of 'cbmem -t' caused by wrong + endianness. + + Signed-off-by: Krystian Hebel + +commit d1a18f1f83b348493df908b321dddeeb2c093120 +gpg: Signature made Wed 12 Jul 2023 08:50:53 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Fri Jun 30 18:33:09 2023 +0200 + + initrd/bin/tpmr: replay PCR values from event log instead of assumming their values + + Signed-off-by: Krystian Hebel + +commit 38dfa73f7c8797e5addc9557d3acb89f71497569 +gpg: Signature made Wed 12 Jul 2023 08:50:41 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Thierry Laurion +Date: Wed Jul 5 11:28:27 2023 -0400 + + config/linux-talos-2.config: Disable CONFIG_XZ_DEC for archs other then POWERPC + +commit 5272bf7e73fa7814f6a2da216484339bac754ac4 +gpg: Signature made Wed 12 Jul 2023 08:50:41 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Thierry Laurion +Date: Wed Jul 5 11:25:13 2023 -0400 + + config/linux-talos-2.config: Enable POWER9 CPU + +commit f980a4e2fa8a625006589a83718eab0c3542df37 +gpg: Signature made Wed 12 Jul 2023 08:50:41 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Thierry Laurion +Date: Wed Jul 5 11:23:16 2023 -0400 + + config/linux-talos-2.config: add PPC accelerated crypto options + +commit 22609a7730c25a8208e5d1807bc4a6f955a75173 +gpg: Signature made Wed 12 Jul 2023 08:50:40 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Thierry Laurion +Date: Wed Jul 5 11:15:41 2023 -0400 + + config/linux-talos-2.config: add x230-maximized crypto modules equivalents + +commit 650090acdca10aaf0fde5ea4e74730faee397993 +gpg: Signature made Wed 12 Jul 2023 08:50:40 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Thierry Laurion +Date: Wed Jul 5 11:10:28 2023 -0400 + + config/linux-talos-2.config: fix LOCALVERSION for reproducibility + +commit 6ce1fb622fb26a1de4c293a98e80893ddf8be6cd +gpg: Signature made Wed 12 Jul 2023 08:50:37 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Thierry Laurion +Date: Wed Jul 5 11:08:10 2023 -0400 + + config/linux-talos-2.config: saved in oldconfig format, no change + +commit 2ad457bc65bba0f57ef8d62e28c7670492879015 +gpg: Signature made Tue 11 Jul 2023 05:59:14 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8d7d07a802 c3a2bc5578 +Author: tlaurion +Date: Tue Jul 11 17:59:14 2023 -0400 + + Merge pull request #1439 from tlaurion/coreboot_411-fix_acpica_download_link_same_hash + + coreboot 4.11 needs acpica which moved from acpica.org to intel. + +commit 440dc5b61c3bb94df8cab0e2bb3a1944800a2aba +gpg: Signature made Tue 11 Jul 2023 04:42:58 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 718be739eb 8d7d07a802 +Author: Jonathon Hall +Date: Tue Jul 11 16:42:54 2023 -0400 + + Merge remote-tracking branch 'github-heads/master' into pureboot-27-heads-upstream + +commit 718be739eb65d5f5bf7ab0e93d3e1b327d28f02d +gpg: Signature made Tue 11 Jul 2023 04:42:43 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jul 11 15:58:57 2023 -0400 + + config-gui.sh: Reword Restricted Boot prompts + + Simplify "enable" prompt a bit, clarify that firmware updating is + blocked, and remove mention of "failsafe boot mode". Reword "disable" + prompt similarly. + + Signed-off-by: Jonathon Hall + +commit 61609ff7098761edf0349253941980383d377b10 +gpg: Signature made Tue 11 Jul 2023 04:42:39 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jul 11 10:20:56 2023 -0400 + + initrd/init: Prevent Restricted Boot bypass + + The early recovery shell ("hold R") and serial recovery both could + bypass Restricted Boot since they occurred before config.user was + loaded. Load config.user earlier before these recovery methods. + + Executing a shell directly (if recovery failed) also would bypass + Restricted Boot, additionally leaking /tmp/secret. Remove this from + the early recovery shell logic. Also remove the final failsafe exec + and move the "just in case" recovery from normal boot here instead, in + case the regular init script fails. + + Signed-off-by: Jonathon Hall + +commit c3a2bc557877db41be8f572c1dffcba0b4da13cc +gpg: Signature made Tue 11 Jul 2023 04:16:01 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jul 11 12:53:38 2023 -0400 + + coreboot 4.11 needs acpica which moved from acpica.org to intel. Download from distfiles.macports.org instead, same hash. + + kgpe-d16 and librem-l1um depend on 4.11 still today in tree, even though building is successful only on debian-10. + Fixing so people building 4.11 today are still successful. + + 4.19+ already depends on github.com releases tarballs. + REF: https://review.coreboot.org/c/coreboot/+/76399 + +commit 8d7d07a802eaead7db9be978cfddf43275841d86 +gpg: Signature made Tue 11 Jul 2023 04:14:27 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 473c235fba 5c12c4d03b +Author: tlaurion +Date: Tue Jul 11 16:14:27 2023 -0400 + + Merge pull request #1440 from JonathonHall-Purism/acpi-unix2-20220331-mirror + + Use Intel mirror for acpi-unix2 20220331 + +commit 5c12c4d03b98b4a1e94c58387f0bc48ad7ac41e5 +gpg: Signature made Tue 11 Jul 2023 03:03:49 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jul 11 15:03:36 2023 -0400 + + coreboot-talos_2: Patch acpi-unix2 mirror to Intel + + acpica.org now redirects to Intel and all links are broken. Use + Intel's mirror of this archive. + + Signed-off-by: Jonathon Hall + +commit 17c71ebd1e2956fa39717f099c834c19893d6cd2 +gpg: Signature made Tue 11 Jul 2023 03:03:06 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jul 11 15:02:18 2023 -0400 + + coreboot-4.17: Patch acpi-unix2 mirror to Intel + + acpica.org now redirects to Intel and all links are broken. Use + Intel's mirror of this archive. + + Signed-off-by: Jonathon Hall + +commit e0234485f7980f08106563b1d0de55ddbfbad8f5 +gpg: Signature made Mon 10 Jul 2023 09:11:41 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jul 10 09:10:52 2023 -0400 + + initrd/bin/flash.sh: Remove -s vestiges + + The -s mode was removed, remove it from usage. Remove the test to skip + checking for board flashrom options with -s mode. + + Signed-off-by: Jonathon Hall + +commit 473c235fbaf56698aa9beefd2684fbf7d4499809 +gpg: Signature made Fri 07 Jul 2023 05:07:12 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3747d58510 a324724172 +Author: tlaurion +Date: Fri Jul 7 17:07:12 2023 -0400 + + Merge pull request #1436 from tlaurion/kexec_cosmetic_fixes + + Kexec cosmetic fixes + +commit 19610748d348b4655eb497977614fb55b33fe1c9 +gpg: Signature made Fri 07 Jul 2023 04:40:51 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jul 7 16:39:55 2023 -0400 + + config-gui.sh: Fix truncated restricted boot prompt + + The "disable restricted boot" prompt got slightly too long when fixing + the TPM wording. Re-wrap that line to match the others. Wrapping + could use some general cleanup but this is sufficient so the text isn't + truncated. + + Signed-off-by: Jonathon Hall + +commit 157efc6b03e32bd1cedfa961ffbd3c3ce835dc6e +gpg: Signature made Fri 07 Jul 2023 03:57:45 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jul 7 14:34:05 2023 -0400 + + kexec-select-boot: Fix test for basic mode + + The CONFIG_BASIC test was backwards, as a result it skipped the + LUKS disk unlock logic if basic mode was _not_ enabled. This wasn't + observed in the PureBoot distribution because we disable the LUKS disk + unlock feature. + + CONFIG_BOOT_REQ_ROLLBACK and CONFIG_BOOT_REQ_HASH logic was also + skipped incorrectly, though neither of these are enabled on any board + so this had no effect in the PureBoot distribution either. + + Test basic with each bit of logic to eliminate duplication of the + kexec-boot call and fix the LUKS disk unlock feature. + + Signed-off-by: Jonathon Hall + +commit 252efc6945137597d5c8ead57b408d4af8312409 +gpg: Signature made Fri 07 Jul 2023 03:57:35 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: f089ca20af 3747d58510 +Author: Jonathon Hall +Date: Fri Jul 7 13:58:07 2023 -0400 + + Merge remote-tracking branch 'github-heads/master' into pureboot-27-heads-upstream + +commit a3247241722f684b1774c9a03fa93f17dd399fa9 +gpg: Signature made Fri 07 Jul 2023 03:33:02 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jul 7 14:19:47 2023 -0400 + + kexec-2.0.26.patch: report to user in non-debug context that unsupported fb/drm driver is needed on OS initrd + +commit f289b112900aac82012316c618bcdf6e54dd3b33 +gpg: Signature made Fri 07 Jul 2023 03:32:59 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jul 7 14:17:55 2023 -0400 + + kexec-insert-key: have output line for Building initrd on a new line + +commit d9a2b17dec11011e84086aaed913d058c408c337 +gpg: Signature made Fri 07 Jul 2023 03:32:44 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jul 7 14:16:46 2023 -0400 + + kexec-boot: display kexec command to be executed in DEBUG mode and permit to abort call. + +commit 3747d58510c7dde30a75cef4aba7977c4cbbfa7b +gpg: Signature made Thu 06 Jul 2023 04:00:00 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 41216d7795 4f367d90e6 +Author: tlaurion +Date: Thu Jul 6 16:00:00 2023 -0400 + + Merge pull request #1434 from tlaurion/non-intel_readd-AES-for-cryptsetup + + Non-Intel linux configs: make sure AES is enabled (CONFIG_CRYPTO_AES_NI_INTEL won't work there) + +commit 4f367d90e6a49f5ced60015bd61d4c8f867f8312 +gpg: Signature made Thu 06 Jul 2023 03:36:03 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jul 6 11:06:27 2023 -0400 + + Non-Intel linux configs: make sure AES is enabled (CONFIG_CRYPTO_AES_NI_INTEL won't work there) + kgpe-d16 linux configs: disable CONFIG_CRYPTO_AES_NI_INTEL (not avail on AMD) + + This applied to Q35 qemu board which is AMD, not intel. + generic AES needs to be enabled on non-intel boards, otherwise cryptsetup doesn't know how to deal with xts-plain + + Then saved back with linux.save_in_oldconfig_format_in_place + +commit f089ca20afe74b06b8d5c84b62ddf501d0f6cc47 +gpg: Signature made Thu 06 Jul 2023 01:25:04 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Jul 6 13:24:32 2023 -0400 + + .circleci/config.yml: Persist build/x86/coreboot-git in cache + + Librem boards now use Purism's coreboot distribution cloned from git, + persist it in CI cache. + + Signed-off-by: Jonathon Hall + +commit 99673d373d1353ed785874735741568aadf0a175 +gpg: Signature made Thu 06 Jul 2023 01:24:18 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Jul 6 13:22:40 2023 -0400 + + seal-hotpkey: Try default PIN only for 1 month and if >=3 attempts left + + Only try the default PIN automatically for 1 month after key creation. + This simplifies initial ownership but still encourages changing the + PIN. + + Never enter a PIN automatically if fewer than 3 attempts remain, to + avoid causing lockout if the PIN has been changed. + + Remind what the default PIN was if it is not attempted for either + reason. + + Signed-off-by: Jonathon Hall + +commit 4c8e445dcdfac9778b14435c481288740358a188 +gpg: Signature made Wed 05 Jul 2023 02:32:18 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 9458ec8771 b049686757 +Author: Jonathon Hall +Date: Wed Jul 5 14:32:16 2023 -0400 + + Merge remote-tracking branch 'github-heads/master' into pureboot-27-heads-upstream + + Signed-off-by: Jonathon Hall + +commit 9458ec8771b51eb1c421b110d137aedaf7c94c92 +gpg: Signature made Wed 05 Jul 2023 02:21:13 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jul 5 14:20:38 2023 -0400 + + modules/fbwhiptail: Update to 99fe815f (AVX fast copy branch) + + Uses AVX for fast copy instead of AVX2, enabling fast copy on + Sandy/Ivy Bridge. + + Signed-off-by: Jonathon Hall + +commit 41216d77953b0d36992d02936be43b2c769d6f63 +gpg: Signature made Wed 05 Jul 2023 02:14:43 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b049686757 17724f9baa +Author: tlaurion +Date: Wed Jul 5 14:14:43 2023 -0400 + + Merge pull request #1433 from JonathonHall-Purism/fix-qemu-documentation + + qemu-coreboot-fbwhiptail-tpm1-hotp: Fix truncated documentation lines + +commit 17724f9baaa545a035e3d87e883a35d2c4421733 +gpg: Signature made Wed 05 Jul 2023 02:11:36 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jul 5 14:09:57 2023 -0400 + + qemu-coreboot-fbwhiptail-tpm1-hotp: Fix truncated documentation lines + + A few lines in the documentation got truncated somehow. Restored the + swtpm instructions from some notes and rewrote the others. + + Signed-off-by: Jonathon Hall + +commit b049686757d94dba17ca1ca1538911b7340e0631 +gpg: Signature made Wed 05 Jul 2023 11:46:46 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: dba8f6a994 5db4165652 +Author: tlaurion +Date: Wed Jul 5 11:46:46 2023 -0400 + + Merge pull request #1432 from tlaurion/rename_t420-maximized_boards + + Remove t420-maximized and t420-hotp-maximized as untested boards + +commit 5db4165652777a41229d859fbb86f278065b55a7 +gpg: Signature made Wed 05 Jul 2023 10:39:16 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jul 5 10:37:09 2023 -0400 + + Rename UNTESTED_t420-maximized and UNTESTED_t420-hotp-maximized back to maximized board names. + +commit 0a35ef912f4afe723c97003161b7c74d5a8babc5 +gpg: Signature made Wed 05 Jul 2023 10:22:12 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jul 5 10:18:06 2023 -0400 + + Use 160 bits of ROM hash for TPM-less HOTP secret (up from 80) + + HOTP/TOTP secrets don't have to be printable. Use binary data to + include 160 bits of entropy instead of just 80. + + The secret is still limited to 20 bytes. Most keys now support up to + 40 bytes, but tpmtotp is still limited to 20 bytes. + + Move the truncation to 20 bytes a bit later, for future improvements to + detect the key's actual limit. + + Signed-off-by: Jonathon Hall + +commit 75cb8a070fe28162bd2ffa5884f8c82d6ddf8c6b +gpg: Signature made Wed 05 Jul 2023 10:17:32 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jul 3 16:59:23 2023 -0400 + + initrd/bin/flash.sh: Remove '-s' "SHA-256" mode + + flash.sh had a special mode to read (like -r) and then sha256sum the + resulting file. This is no different from just a read followed by a + sha256sum, and the only caller also had logic to sha256sum a cached + file anyway. + + Just use flash.sh -r and sha256sum the result. + + Signed-off-by: Jonathon Hall + +commit dba8f6a994aae81948fa88c758c0410e13dd51ba +gpg: Signature made Tue 04 Jul 2023 06:56:46 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 91f65bed79 f8cb3db775 +Author: tlaurion +Date: Tue Jul 4 18:56:46 2023 -0400 + + Merge pull request #1398 from tlaurion/staging_all + +commit f8cb3db775059132f468f612ec095b5fc4980f01 +gpg: Signature made Tue 04 Jul 2023 06:00:32 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jul 4 14:43:28 2023 -0400 + + untested boards: move and rename untested boards, while still building them with CircleCI if they were currently built. + Non-impactful action, first step for #1421 based on participation in testing of #1398 and prior non-tested PRs. + + EDIT: last minute readd of x220-maximized boards (x220-maximized and x220-hotp-maximized boards). + x220 is still UNTESTED (legacy, manually extracting ifs, me and gbe). + + EDIT: last minute readd of t440p-maximized boards (t440p-maximized and t440p-hotp-maximized boards). + + Thanks to @srgrint for lat minute report that t440p and x220 were tested + ---- + + Traces of commands used: + ls qemu-linuxboot* leopard* r630* s2600wf* tioga* winterfell* t420* t520* t440p* w530* kgpe* p8z77* x220* x230-maximized-fhd_edp* | grep ":" | awk -F ":" {'print $1'}| while read board; do mv $board/$board.config $board/UNTESTED_$board.config; done + ls qemu-linuxboot* leopard* r630* s2600wf* tioga* winterfell* t420* t520* t440p* w530* kgpe* p8z77* x220* x230-maximized-fhd_edp* | grep ":" | awk -F ":" {'print $1'}| while read dir; do mv $dir UNTESTED_$dir; done + ls UNTESTED* | grep ":" | awk -F ":" {'print $1'}| awk -F "UNTESTED_" {'print $2'} | while read line; do sed 's/'"$line"'/UNTESTED_'"$line"'/g' ../.circleci/config.yml -i ; done + + quick fix of circleci: + sed -i 's/UNTESTED_UNTESTED/UNTESTED/g' ../.circleci/config.yml + sed -i 's/UNTESTED_UNTESTED/UNTESTED/g' ../.circleci/config.yml + sed -i 's/UNTESTED_UNTESTED/UNTESTED/g' ../.circleci/config.yml + + Modify p8z77-m_pro-tpm1 hotp board config to include to their maximized counterpart + +commit 048bec6ebb169348717b59202f26e1635f4c4b4a +gpg: Signature made Mon 03 Jul 2023 04:38:07 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Jul 3 16:35:38 2023 -0400 + + modules/busybox: Enable truncate + + Enable the truncate coreutil. + + CONFIG_BASE64 and CONFIG_BASH_IS_NONE just changed =n vs. not-set by + menuconfig, meaning is still the same. + + initrd.cpio.xz went up by 512 bytes on Librem Mini v2 (probably the + minimum xz increment). busybox stripped binary did not change size. + + Signed-off-by: Jonathon Hall + +commit 84569e37388ca0759e0a2134b67dee1072c11911 +gpg: Signature made Fri 30 Jun 2023 02:39:34 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 30 14:37:38 2023 -0400 + + kexec-save-default: Don't seal LUKS disk unlock key in basic mode + + Basic mode allows (but does not require) setting a default boot option. + Don't seal disk unlock keys in Basic mode. + + Signed-off-by: Jonathon Hall + +commit 6618dd652cb29d6aa00f741d3e8d07e5c9610b91 +gpg: Signature made Fri 30 Jun 2023 02:32:35 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 30 14:31:53 2023 -0400 + + Restricted boot: Fix wording of 'disable' prompt, does not reset TPM + + This was changed to just erase the TOTP/HOTP secret, not reset the TPM. + Update the prompt. + + Signed-off-by: Jonathon Hall + +commit e0c03be341afe15a3671ce6ed18ba407ff7bccd8 +gpg: Signature made Fri 30 Jun 2023 02:22:03 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 30 14:21:11 2023 -0400 + + Change '16 60'-sized whiptail prompts to '0 80' + + Some prompts were missed when changing to 0 80 the first time around, + and some new ones were added thinking that size was intentional. + + Replace '16 60' with '0 80' globally. + + Signed-off-by: Jonathon Hall + +commit 09d8bf9930dc3507fcc8f1b9b126e2db1d2cddca +gpg: Signature made Fri 30 Jun 2023 01:42:48 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 30 13:41:07 2023 -0400 + + media-scan: Simplify implementation and improve RB message + + Since 'standard boot' was removed, empty "$option" only occurs due to + error now. Die with a specific error. + + Now, we only proceed past ISO boot if no ISOs were present, meaning the + disk might be a plain bootable medium. Present a specific error for + restricted boot in that case. + + Signed-off-by: Jonathon Hall + +commit 0378d62d4974d260964a5650fe85a23fd1e9d352 +gpg: Signature made Fri 30 Jun 2023 01:40:38 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 30 13:36:33 2023 -0400 + + media-scan: Fix up whiptail prompt, remove errant "s for standard boot" + + The whiptail prompt text was copied from the 'read' prompt but did not + actually have the Abort option. Add it. + + The "s for standard boot" option was missing from whiptail. For plain + 'read' it does not appear to revert to a normal boot, it actually went + on to try plain bootable USB on the same medium. It's not realistic + for a disk to be both directly bootable and contain ISOs, and this + option does not appear to have been missed since it was missing from + the whiptail/fbwhiptail version, which almost all boards use. Remove + it. + + Handle canceling fbwhiptail with esc-esc the same as Abort. + + Signed-off-by: Jonathon Hall + +commit 09f66e93df4b32681d28f5957824dc6a32907f62 +gpg: Signature made Fri 30 Jun 2023 01:14:24 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 30 13:13:48 2023 -0400 + + Root hashes: enable even if there is no TPM + + This feature doesn't require a TPM. The configuration GUI appears + either way, but the actual check was silently skipped on TPM-less + devices. Enable it even if there is no TPM. + + Signed-off-by: Jonathon Hall + +commit 23a086dbf726abb438875a62e45b103bdbda0890 +gpg: Signature made Fri 30 Jun 2023 12:49:28 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 30 12:45:06 2023 -0400 + + config-gui.sh: Simplify root hash device prompt + + If we're removing leading slashes anyway, don't complicate the prompt + with more requirements. + + Signed-off-by: Jonathon Hall + +commit 33c2cfb9b1ff782927056c4d0b9873a587ef4f8c +gpg: Signature made Fri 30 Jun 2023 10:02:01 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 30 09:50:10 2023 -0400 + + Root hash: Allow configuring from unset defaults + + Allow configuring the root hash feature when the variables are not set + initially. This worked on Librem boards because the boards all have + defaults for these variables, but didn't work when those defaults were + not present. + + Fix set_config function to put quotes around an added variable's value. + + Change load_config_value function to default to empty, so it can be + used with non-boolean variables. None of the existing callers cared + about the 'n' default (boolean variables should always be tested ="y" + or !="y" anyway). + + Use load_config_value in config-gui.sh for boot device and the root + hash parameters, so unset defaults do not cause a failure. Improve the + prompts so the "current value" text only appears if there is a current + value. Use set_config instead of replace_config so the variables will + be added if needed. + + Prevent enabling the root hash feature if it hasn't been configured + yet. + + Signed-off-by: Jonathon Hall + +commit 92e29c48914219ea99f99e408d7bbcca2ee55f95 +gpg: Signature made Wed 28 Jun 2023 12:47:12 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Merge: 30cc112193 979c9dd318 +Author: Thierry Laurion +Date: Wed Jun 28 12:47:11 2023 -0400 + + Merge branch 'upstream_flashrom_13' into staging_all + +commit 30cc1121935ae6a68b204780b10e3b03bca0ea14 +gpg: Signature made Wed 28 Jun 2023 12:47:02 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Merge: 08d865ec6c 58d5a295a1 +Author: Thierry Laurion +Date: Wed Jun 28 12:47:01 2023 -0400 + + Merge branch 'saper_gnupg-2.4.0-update_reduce_size_some_more' into staging_all + +commit 08d865ec6cdda51dbb273b690cf3bf3a70b624cf +gpg: Signature made Wed 28 Jun 2023 12:46:16 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jun 27 16:53:35 2023 -0400 + + config/linux-*: remove CPU_ISOLATION since no observable gains as is without dynticks and isolcpus + +commit 861529cf69d7cbc259a5843bb7cfd2ae7a9882d4 +gpg: Signature made Tue 27 Jun 2023 01:21:21 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: 8289d1bb29 91f65bed79 +Author: Jonathon Hall +Date: Tue Jun 27 13:20:55 2023 -0400 + + Merge remote-tracking branch 'github-heads/master' into pureboot-27-heads-upstream + +commit 979c9dd3187e25df9777be5cf4dd8f258eaa91b1 +gpg: Signature made Tue 27 Jun 2023 12:23:47 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jun 26 09:29:13 2023 -0400 + + flashrom: remove DUMMY and AST1100 by default on both x86/ppc64, leave MTD only for ppc64, have AST1100 enablement configurable for kgpe-d16 (patch not in) + +commit a1be4e44674b1366622d9f773ebce315676404ea +gpg: Signature made Tue 27 Jun 2023 12:23:44 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Jonathon Hall +Date: Fri Jun 23 12:21:49 2023 -0400 + + modules/flashrom: Update to 1776bb46 + + Update flashrom - in particular, this includes support for new chipsets + like Jasper Lake. + + CONFIG_INTERAL_X86 was created so CONFIG_INTERNAL could apply to other + platforms, enable it for x86. + + The default build target now requires sphinx, just build flashrom + itself. + + Update flashrom_progress - filter out noise in newer flashrom that + chokes the progress bar implementation, make size detection more + robust, improve progress bar implementation slightly. + + Signed-off-by: Jonathon Hall + Co-signed by: Thierry Laurion " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jun 26 08:46:30 2023 -0400 + + libassuan: build with --disable-doc + +commit e14b869f90c32b7c9ba9a65a04cd4aedf2425074 +gpg: Signature made Tue 27 Jun 2023 11:40:05 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jun 26 08:45:21 2023 -0400 + + gpg2: remove tools/gpg-connect-agent bin, build with --disable-libdns option + +commit b849cc022e7b6a4380dcc73d954539421318cb59 +gpg: Signature made Tue 27 Jun 2023 11:40:02 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Marcin Cieślak +Date: Fri Apr 7 01:51:44 2023 +0200 + + With gpg 2.3+ user name can be empty + +commit c20c2bc580f5c76cf04e43cc3c872c3b6d1b01c1 +gpg: Signature made Tue 27 Jun 2023 11:39:59 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Mar 28 15:49:44 2023 -0400 + + oem-factory-reset needed changes to comply with gpg 2.4 toolstack changes + +commit 74e60fb277cf253dbb54a2b9ac1d4e8741aceca7 +gpg: Signature made Tue 27 Jun 2023 11:39:56 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Marcin Cieślak +Date: Sun Mar 26 20:35:49 2023 +0200 + + libgcrypt: disconnect tests from the build + + Tests require libgpg-error library built for the host machine + which we do not nessarily have in the build environment. + +commit fda88486ee0584a0d3fb2a5c4881e8ecd4c364b8 +gpg: Signature made Tue 27 Jun 2023 11:39:52 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Marcin Cieślak +Date: Fri Mar 24 04:17:21 2023 +0100 + + Do not start second scdaemon for /etc/distro + +commit d4ade892d523e904a6ea501799c5b7b6e7d85983 +gpg: Signature made Tue 27 Jun 2023 11:39:49 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Marcin Cieślak +Date: Fri Mar 24 03:33:16 2023 +0100 + + gnupg 2.2.21 -> 2.4.0 + + 830.63 -> 917.89 kB + +commit 15182922fd0a1fb2b238bd753587e10bfccf72ba +gpg: Signature made Tue 27 Jun 2023 11:39:46 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Marcin Cieślak +Date: Fri Mar 24 02:03:03 2023 +0100 + + libgcrypt 1.8.6 -> 1.10.1 + + 562.01 -> 783.14 kB + +commit b97f34ecc36a6d877c7c253b5a971d414e49c554 +gpg: Signature made Tue 27 Jun 2023 11:39:43 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Marcin Cieślak +Date: Fri Mar 24 01:45:26 2023 +0100 + + libassuan 2.5.3 -> 2.5.5 + + 741.81 -> 502.42 kB + +commit 7c5111620968750fe732585bd94aad346f1f0d0e +gpg: Signature made Tue 27 Jun 2023 11:39:39 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Marcin Cieślak +Date: Fri Mar 24 01:32:53 2023 +0100 + + libksba 1.4.0 -> 1.6.3 + + 676.03 -> 408.95 kB \o/ + +commit 7cef74bb06ea445eb58816a3fb8abc1c78e39c2b +gpg: Signature made Tue 27 Jun 2023 11:39:36 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Marcin Cieślak +Date: Fri Mar 24 01:04:02 2023 +0100 + + libgpg-error 1.46 + + 198.15 -> 277.69 kB + +commit 6245339200d79ebcdb63d1518cb5143c371267a5 +gpg: Signature made Tue 27 Jun 2023 11:21:45 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jun 26 12:37:39 2023 -0400 + + linux-x230-legacy.config: Disable network related option while leaving CONFIG_NET active (crypto need) + Since legacy boards do not have e1000e as opposed to maximized builds (no network), we also deactivate: + +# CONFIG_INET is not set + +# CONFIG_ETHTOOL_NETLINK is not set + +# CONFIG_NETDEVICES is not set + + This makes gpg24 and newer flashrom bump possible + +commit 14e7a76aaa10dc172632e09c2cbd313902c0a588 +gpg: Signature made Tue 27 Jun 2023 11:21:41 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jun 26 11:23:12 2023 -0400 + + coreboot config: correct CONFIG_INTEL_CHIPSET_LOCKDOWN behavior to make sure none locks + +commit a4f59651836b7fc742867450750265342f39f5a2 +gpg: Signature made Tue 27 Jun 2023 11:21:38 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jun 23 14:00:02 2023 -0400 + + Makefile: point default board to qemu-coreboot-fbwhiptail-tpm1 so autocompletion still works + + removal of qemu-coreboot board made autocomplete apparition of modules helpers vanish + +commit 4d7585536a0551c4966bd773db2e19caa18762d2 +gpg: Signature made Tue 27 Jun 2023 11:21:35 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jun 22 11:29:41 2023 -0400 + + WiP: linux config global tweaks overhaul, unifying kernel configs and keeping important board related perks + + CONFIG_PREEMPT_NONE=y: Remove preemptiveness for servers. Under heads, we are single tasking. No point having this big thing in kernel https://lwn.net/Articles/746780/ + IO scheduler: only enable CONFIG_MQ_IOSCHED_DEADLINE=y since we want maximum throughput and do not have concurrent tasks + CONFIG_CPU_ISOLATION=y : Enable CPU Isolation accross all boards: this permits to make sure that the kernel tasks running on a CPU are not distrurbed bu user tasks + CONFIG_MULTIUSER not defined: Removing cluttering since we are single root user under Heads anyway + CONFIG_IO_URING=y : limit number of copy operations between kernel and user space from apps + CONFIG_ZONE_DMA not defined: relevant for older hardware (less then 32bit addressing space) + CONFIG_X86_MPPARSE not defined: relevant for older smp systems + CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is enabled and SCHEDUTIL is disabled: we want performance with CPU sched with deadline IO. + CONFIG_PERF_EVENTS_INTEL_UNCORE and CONFIG_PERF_EVENTS_INTEL_CSTATE not defined: we want max perf on Heads + CONFIG_X86_VSYSCALL_EMULATION not defined: no need for syscall emulation under Heads + CONFIG_SECCOMP not defined : usefull if BPF is enabled and used. + CONFIG_ACPI_SPCR_TABLE=y : usefull for serial redirection table and earlycon + CONFIG_PCI_MMCONFIG CONFIG_MMCONF_FAM10H unset but for kgpe-d16 which is either fam10h of fam15h + CONFIG_DM_SNAPSHOT=y CONFIG_DM_THIN_PROVISIONING=y so that recovery shell can provide LVM/DM functionality in later PR. + CONFIG_EXFAT_FS=y so that exfat preformated thumb drives can work out of the box + Adjust CONFIG_HW_RANDOM per platform, removing CONFIG_HW_RANDOM_TIMERIOMEM + Only support processor family needed per board (AMD only AMD, Intel only Intel, removing CONFIG_CPU_SUP_HYGON CONFIG_CPU_SUP_HYGON CONFIG_CPU_SUP_CENTAUR CONFIG_CPU_SUP_ZHAOXIN CONFIG_CPU_SUP_ZHAOXIN everywhere + qemu: support both AMD and INTEL as an exception for the above. + + Removed unused compiled modules unpacked under modules.cpio + Removed not needed crypto modules compiled in or as modules, reviewed from https://github.com/osresearch/heads/issues/1396#issuecomment-1538780319 : + CONFIG_CRYPTO=y + CONFIG_CRYPTO_ALGAPI=y + CONFIG_CRYPTO_ALGAPI2=y + CONFIG_CRYPTO_AEAD=y + CONFIG_CRYPTO_AEAD2=y + CONFIG_CRYPTO_SKCIPHER=y + CONFIG_CRYPTO_SKCIPHER2=y + CONFIG_CRYPTO_HASH=y + CONFIG_CRYPTO_HASH2=y + CONFIG_CRYPTO_RNG=y + CONFIG_CRYPTO_RNG2=y + CONFIG_CRYPTO_AKCIPHER2=y + CONFIG_CRYPTO_KPP2=y + CONFIG_CRYPTO_ACOMP2=y + CONFIG_CRYPTO_MANAGER=y + CONFIG_CRYPTO_MANAGER2=y + CONFIG_CRYPTO_USER=y + CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y + CONFIG_CRYPTO_NULL=y + CONFIG_CRYPTO_NULL2=y + CONFIG_CRYPTO_CRYPTD=y + CONFIG_CRYPTO_AUTHENC=y + CONFIG_CRYPTO_SIMD=y + CONFIG_CRYPTO_GLUE_HELPER_X86=y + CONFIG_CRYPTO_CBC=y + CONFIG_CRYPTO_ECB=y + CONFIG_CRYPTO_XTS=y + CONFIG_CRYPTO_ESSIV=y + CONFIG_CRYPTO_HMAC=y + CONFIG_CRYPTO_CRC32C=y + CONFIG_CRYPTO_CRC32C_INTEL=y + CONFIG_CRYPTO_MD5=y + CONFIG_CRYPTO_SHA1=y + CONFIG_CRYPTO_SHA1_SSSE3=y + CONFIG_CRYPTO_SHA256_SSSE3=y + CONFIG_CRYPTO_SHA512_SSSE3=y + CONFIG_CRYPTO_SHA256=y + CONFIG_CRYPTO_SHA512=y + CONFIG_CRYPTO_AES_NI_INTEL=y + CONFIG_CRYPTO_USER_API=y + CONFIG_CRYPTO_USER_API_HASH=y + CONFIG_CRYPTO_USER_API_SKCIPHER=y + CONFIG_CRYPTO_USER_API_RNG=y + CONFIG_CRYPTO_USER_API_AEAD=y + CONFIG_CRYPTO_HASH_INFO=y + CONFIG_CRYPTO_LIB_AES=y + CONFIG_CRYPTO_LIB_SHA256=y + +commit 252c9df50538c6dde7f3063270085d1ba191fb93 +gpg: Signature made Tue 27 Jun 2023 11:21:32 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 21 16:33:03 2023 -0400 + + CircleCI config: remove generic qemu-coreboot/qemu-coreboot-fbwhiptail and reorgagnize per coreboot ver + add coreboot 4.19 builddir into save_cache + +commit da4c306d917e9ede2610389781c1806ca1ed78c3 +gpg: Signature made Tue 27 Jun 2023 11:21:28 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 21 15:42:23 2023 -0400 + + t440p p8z77-m_pro: pass to coreboot 4.19 and with comparable lockdown config to x230 + fix vbt path + +commit 5710eafde4d57cc5bbca337c2da86cb45e399b8e +gpg: Signature made Tue 27 Jun 2023 11:21:25 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 21 14:14:47 2023 -0400 + + coreboot configs: sandy/ivy/haswell : readd libgfxinit and bootsplash requirements + + Remove CONFIG_NO_GFX_INIT from configs having CONFIG_NORTHBRIDGE_INTEL_SANDYBRIDGE=y + Add CONFIG_BOOTSPLASH_IMAGE from configs having CONFIG_NORTHBRIDGE_INTEL_SANDYBRIDGE=y + Add CONFIG_LINEAR_FRAMEBUFFER from configs having CONFIG_NORTHBRIDGE_INTEL_SANDYBRIDGE=y + Set BOOTSPLASH parameters to match bootsplash and jpeg requirements + +CONFIG_LINEAR_FRAMEBUFFER_MAX_HEIGHT=768 + +CONFIG_LINEAR_FRAMEBUFFER_MAX_WIDTH=1024 + +CONFIG_BOOTSPLASH=y + + Others paramaters defined per board default setting with coreboot.save_oldconfig_in_place helper + +commit cdd0c6f46f0e7cdc79f683176bd161b1c2dd10c7 +gpg: Signature made Tue 27 Jun 2023 11:21:22 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri May 19 10:57:17 2023 -0400 + + Adding bootspashes by @ThePlexus and @d-dwid posted under https://github.com/osresearch/heads/issues/1402 + + Selects blobs/ThePlexus-bootsplash-1024x768.jpg under blobs/bootsplash-1024x768.jpg (symlink used in coreboot configs) + +commit 00e715660a7a85662e6df3b272ac939461082cce +gpg: Signature made Tue 27 Jun 2023 11:21:18 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 21 13:28:11 2023 -0400 + + linux configs for intel: select proper CPU and trust CPU randomization + CONFIG_MCORE2=y + CONFIG_RANDOM_TRUST_CPU=y + +commit cc9a4828ef8fdb2d34776231457b018f6b7eb92c +gpg: Signature made Tue 27 Jun 2023 11:21:15 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 21 13:25:39 2023 -0400 + + Remove qemu-coreboot and qemu-coreboot-fbwhiptail board+coreboot configs + + qemu-coreboot-*-tpm* boards are way more feature rich to test/develops Heads + +commit dbc931e20e92a1eb56a0488db90715d4a16b6814 +gpg: Signature made Tue 27 Jun 2023 11:21:12 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 23 11:08:13 2023 -0400 + + config/linux* saved in oldconfig format to ease boards comparison for same kernel versions and across versions + kgpe-d16 linux configs: converted to oldconfig as well + TODO: talos-2 + +commit f34d2dd7d7ec3bcee4fce0b6cd2d8e136ae58d9e +gpg: Signature made Tue 27 Jun 2023 11:21:09 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 23 10:37:16 2023 -0400 + + bump qemu-tpm boards to coreboot 4.19 + +commit e02228407f17272ac08efcdf70016e5e4a5f229c +gpg: Signature made Tue 27 Jun 2023 11:21:06 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 23 10:29:11 2023 -0400 + + boards: bump non-tpm qemu*, xx20 and xx30 boards to use linux kernel 5.10.5 + +commit e8bc003a569a3665496a50cf7e3c113b6911e438 +gpg: Signature made Tue 27 Jun 2023 11:21:02 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 19 10:53:52 2023 -0400 + + boards/p8z77-m_pro-tpm1-maximized: bump linux from 4.14 to 5.10 + +commit 13daaa12037515e13cda3d23bae409e4958abdc6 +gpg: Signature made Tue 27 Jun 2023 11:20:59 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 19 10:04:53 2023 -0400 + + modules/ coreboot+linux: add helpers to edit config in place + save in oldconfig/defconfig formats + + both linux/coreboot: + - save_in_defconfig_format_in_place : takes whatever coreboot config file for a make BOARD=xyz statement and saves it in defconfig + - save_in_oldefconfig_format_in_place : takes whatever coreboot config file for a make BOARD=xyz statement and saves it in oldefconfig + + linux: + - linux.prompt_for_new_config_options_for_kernel_version_bump: + - The most useful helper as of now when doing kernel version bump. + - Requires to save current kernel config in oldconfig (make BOARD=xyz linux.save_in_oldefconfig_format_in_place) first, then bump kernel version in board config and then use that helper to review new options and save in tree. + +commit c84a0f7e9c23a5f5822b5a2fedfb011ffe59b104 +gpg: Signature made Tue 27 Jun 2023 11:20:56 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 7 17:23:00 2023 -0400 + + config/coreboot-qemu-fbwhiptail: extend CBFS_SIZE to 0x7E7FFF to accomodate additioaally added DRM+FB for testing + +commit f2d0a6a9c6cc75e456c1dbc8e071014554b53d26 +gpg: Signature made Tue 27 Jun 2023 11:20:52 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 19 10:58:07 2023 -0400 + + config/coreboot-* : adapt i915drmfb driven boards framebuffer requirements + - add additional kernel boot params for i915 where needed: + - adds : drm_kms_helper.drm_leak_fbdev_smem=1 i915.enable_fbc=0 ( to permit kexec into vesa fb of kexec'ed kernel for i915 driven gpus without framebuffer compression, leaking smem fbdev address for kexec to pickup ) + +commit 5fce7bf715a88239e6c49c578d6c2c8c6b584920 +gpg: Signature made Tue 27 Jun 2023 11:20:49 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Apr 20 10:18:46 2023 -0400 + + config/linux-qemu.config : add CONFIG_DRM_BOCHS=y and CONFIG_FB_SIMPLE=y for basic qemu-coreboot board config + + advanced qemu-coreboot-*-tpm*-* boards enables virtio qemu/kvm through command line option. + qemu-coreboot-* (whiptail or fbwhiptail) basic boards are using bochs gpu emulation, provided through qemu + + linux-qemu.config, if shared as of now, needs to provide both virtio (no need of FB_SIMPLE because DRM) and BOCHS+SIMPLE_FB + +commit e14d7c363fe4eaa97974651fe7974e3232f4f424 +gpg: Signature made Tue 27 Jun 2023 11:20:46 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 7 16:54:59 2023 -0400 + + config/linux-t440p.config : bump to 5.10.5 + +commit 7e6987aea03b3e799b650106ae247417fcdc5582 +gpg: Signature made Tue 27 Jun 2023 11:20:43 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 19 10:56:25 2023 -0400 + + config/linux-x230-*: migrate from 4.14 to 5.10 + add CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM=y + + It was impossible to use directly 4.14 defconfig and apply it to 5.10. + Saving 4.14 in oldconfig, then editing in 5.10 was necessary. + - E1000E module (as kernel module support...) was lost in conversion and needed to be added back. + + Also tuned things up: + - legacy-flash has no RETPOLINE, no security policy at all. Has expected usb controllers modules, exFAT and bare minimal support for flashrom. + - IMPORTANT: CONFIG_X86_IOPL_IOPERM kernel option is required by flashrom + - legacy adds sata, retpoline, additional modules (ethernet), security policy related material on top of legacy-flash config + - maximized adds MMC card support, mousedev+synaptic (to report presence through oem-system-info-xx30), thin provisioning+snapshot support + - tuned with linux.prompt_for_new_config_options_for_kernel_version_bump + + Current storage format is oldconfig from now on for proper analysis. If needed, once can save back in defconfig prior of bumping to newer version. + +commit 91f65bed793c0165203b1cbb9ac4f390f15ffa0e +gpg: Signature made Tue 27 Jun 2023 11:12:16 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ce00b750f9 3bab585bc0 +Author: tlaurion +Date: Tue Jun 27 11:12:16 2023 -0400 + + Merge pull request #1425 from tlaurion/circleci_keep_sizes_forever + + CircleCI: have sizes output kept in CircleCI forever just as hashes + +commit 3bab585bc01ba45c13ff4f1b694440216ed2c6b3 +gpg: Signature made Tue 27 Jun 2023 11:05:17 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jun 27 11:05:17 2023 -0400 + + CircleCI: have sizes output kept in CircleCI forever just as hashes + +commit ce00b750f9c06d32f07fdf81ada1654618501df1 +gpg: Signature made Tue 27 Jun 2023 10:55:34 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: db20f78357 f13432cca7 +Author: tlaurion +Date: Tue Jun 27 10:55:34 2023 -0400 + + Merge pull request #1424 from tlaurion/add_packed_size_report_into_sizestxt + + Makefile: have sizes report output on screen and into sizes.txt + +commit f13432cca7c414e27b643e48288bc0a69c55e4ac +gpg: Signature made Tue 27 Jun 2023 10:42:35 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jun 27 10:01:01 2023 -0400 + + Makefile+ modules/linux: have sizes report output on screen and into sizes.txt + Basically a duplicate of HASHES related Makefile statements + +commit 8289d1bb29d1d8899a7076bf1f2ac21d2e2a7d90 +gpg: Signature made Fri 23 Jun 2023 08:20:44 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 23 08:20:21 2023 -0400 + + oem-factory-reset: Offer to use all defaults on Librem boards only + + Introduce CONFIG_OEMRESET_OFFER_DEFAULTS and enable it on Librem + boards. + + Signed-off-by: Jonathon Hall + +commit f6134e9c35b2494c2087fe32f8a0ff4c4ebec055 +gpg: Signature made Fri 23 Jun 2023 08:19:29 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Jun 23 08:18:59 2023 -0400 + + gui-init: Opt into skipping QR code scan for Librem boards only + + Introduce CONFIG_TOTP_SKIP_QRCODE to skip this step and enable it on + Librem boards. + + Signed-off-by: Jonathon Hall + +commit 71243c1a138639f17550a7bffe25d656735367a8 +gpg: Signature made Wed 21 Jun 2023 03:36:24 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jun 21 15:36:04 2023 -0400 + + config-gui.sh,gui-init: Fix whiptail message box sizes to 16 60 + + Signed-off-by: Jonathon Hall + +commit 89858f52a9b08faacf981556ce2b2a22d0318c29 +gpg: Signature made Wed 21 Jun 2023 03:15:25 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Merge: c5183253a6 db20f78357 +Author: Jonathon Hall +Date: Wed Jun 21 15:15:23 2023 -0400 + + Merge remote-tracking branch 'github-heads/master' into pureboot-27-heads-upstream + + Signed-off-by: Jonathon Hall + +commit c5183253a62057de3a6a88cf8e33c003a8f0508e +gpg: Signature made Wed 21 Jun 2023 02:48:00 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jun 21 14:19:41 2023 -0400 + + Add CONFIG_BRAND_NAME and allow overriding in Makefile with BRAND_NAME + + Use CONFIG_BRAND_NAME to control the brand name displayed in the UI. + Override by setting BRAND_NAME when building, either in the Makefile or + on the command line. + + Signed-off-by: Jonathon Hall + +commit 3c4a9fcf0d0acaa8dd54b1a90f518a5eaf62c200 +gpg: Signature made Wed 21 Jun 2023 02:42:48 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jun 21 14:36:28 2023 -0400 + + Rename CONFIG_PUREBOOT_BASIC to CONFIG_BASIC + + Remove brand name from this configuration variable. For backward + compatibility, update config.user in init if the branded variable is + present. + + Signed-off-by: Jonathon Hall + +commit 1bf8331ffb768190ccb1f97b15a9d31f894a23ac +gpg: Signature made Wed 21 Jun 2023 01:26:50 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jun 20 15:29:10 2023 -0400 + + Blob jail: Add zstd-decompress, decompress more complex archives + + Debian 12's initrd by default now consists of an uncompressed cpio + archive containing microcode, followed by a zstd-compressed cpio + archive. inject_firmware.sh only supported gzip-compressed cpio, so it + could not extract /init from this archive. + + Add zstd-decompress to decompress zstd streams (uncompressed size is + about 180 KB). + + Add unpack_initramfs.sh which is able to decompress uncompressed, gzip, + or zstd archives, with multiple segments, much like the Linux kernel + itself does. + + Use unpack_initramfs.sh to extract /init for blob jail. + + Don't compress the new archive segment containing firmware and the + updated /init. + + Signed-off-by: Jonathon Hall + +commit 3e6eac9ffd2ad70a7af714ad14c186c83bf72858 +gpg: Signature made Wed 21 Jun 2023 01:26:50 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jun 14 10:10:25 2023 -0400 + + modules/coreboot,purism-blobs: Update to 4.20.1-Purism-1 + + Signed-off-by: Jonathon Hall + +commit 6b111d813f99b47e251c261bf281ce32ba992496 +gpg: Signature made Wed 21 Jun 2023 01:26:50 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Apr 10 15:51:10 2023 -0400 + + Add new board: Librem L1UM v2 + + Add Linux 6.1.8 configuration, used by Librem L1UM v2 + + Add coreboot configuration for Librem L1UM v2 + + Add Librem L1UM v2 board configuration + + Signed-off-by: Jonathon Hall + +commit be133892fd8efd12ab388a1d1014ff5d2ee4e458 +gpg: Signature made Wed 21 Jun 2023 01:26:49 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Apr 7 16:43:17 2023 -0400 + + modules/fbwhiptail: Update to 1.1 + + These changes primarily improve server boards using BMC video. The + correct DRI card is selected even if it isn't the first one, and + performance is greatly improved on non-UMA cards. + + Signed-off-by: Jonathon Hall + +commit 12c7dfdadc02f9fe36c058c175a9c7a726b43932 +gpg: Signature made Wed 21 Jun 2023 01:26:49 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Apr 7 16:22:22 2023 -0400 + + modules/linux: Support building with Linux 6.1.8. + + This is particularly beneficial for servers with Aspeed BMC video, + because it introduces framebuffer console acceleration. The + framebuffer console is much more responsive. + + Patches were ported from 5.10.5: + + 0001-fake-acpi.patch: This may not be needed any more, but it applies + cleanly and I don't think it would harm anything. + + 0002-nmi-squelch.patch: The comment mentions qemu but I see this + message on physical machines occasionally, so I think this is needed. + + 0003-fake-trampoline.patch: This patch does not apply cleanly. It + could be ported, but I don't think it's needed, I dropped it. Dates + back to a very old commit where Linux was being embedded into a vendor + UEFI firmware: a4d7654b1eee65a104053c0a2b2b882fa1ec9e44. + + 0010-winterfell-ahci.patch: Minor change of %x to %lx in context. + + Signed-off-by: Jonathon Hall + +commit e9a5b27e6c78b0f70413e337553445fe953964a9 +gpg: Signature made Wed 21 Jun 2023 01:26:49 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Sat Mar 25 10:49:15 2023 -0400 + + librem_mini,librem_mini_v2: Don't use three values for auto poweron + + PureBoot doesn't have any other three-valued settings and this doesn't + present very well in the config UI. + + Instead make this a two-valued setting; drop the mode that forces the + EC setting to "stay off" at every boot because this is the default. + + When disabling automatic power-on, disable the EC BRAM setting too. + + Signed-off-by: Jonathon Hall + +commit 5e555359a45165340036fd53b92189a894a6d11c +gpg: Signature made Wed 21 Jun 2023 01:26:48 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Sat Mar 25 10:29:12 2023 -0400 + + config-gui.sh: Fix refactors, simplify implementation more + + Stop manually loading config values, just update config in environment. + + Never test values against "n", since many default to empty. Always + test ="y" or !="y", any other value is off. + + Add set_user_config() function to set a value in config.user, + combine configs, and update config in environment. Use it in setting + implementations. + + Remove toggle_config, it wasn't very useful because the settings still + test y/n in order to show specific confirmation and success messages. + + Signed-off-by: Jonathon Hall + +commit 01594a823bac0cb1c03862d5d24826a69e2cce83 +gpg: Signature made Wed 21 Jun 2023 01:26:48 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Jun 13 12:34:17 2023 -0400 + + config-gui.sh: Update sizes of whiptail prompts + + Signed-off-by: Jonathon Hall + +commit f6cc806738e23c461773e48bd1b4f7d9d29d299f +gpg: Signature made Wed 21 Jun 2023 01:26:48 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Fri Jan 7 14:25:32 2022 -0600 + + blobs: Add WiFi, BT driver blobs + + Add driver blobs needed for Intel AX200 WiFi/BT, as well as + Atheros ar3k BT. + + Signed-off-by: Matt DeVillier + +commit 87eff7b7751d9872303f665330df3f7e6bd59b37 +gpg: Signature made Wed 21 Jun 2023 01:26:47 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Fri Jan 7 13:30:57 2022 -0600 + + gui-init: Implement blob jail feature + + Blob jail provides device firmware blobs to the OS, so the OS does not + have to ship them. The firmware is passed through the initrd to + /run/firmware, so it works with both installed and live OSes, and there + are no race conditions between firmware load and firmware availability. + + The injection method in the initrd is specific to the style of init + script used by PureOS, since it must add a copy command to copy the + firmware from the initrd to /run. If the init script is not of this + type, boot proceeds without device firmware. + + This feature can be enabled or disabled from the config GUI. + + Blob jail is enabled automatically if the Intel AX200 Wi-Fi module is + installed and the feature hasn't been explicitly configured. + + Signed-off-by: Matt DeVillier + +commit 2d3ecfa41e9ddb5f2f398ae0c48cb4ae789a97eb +gpg: Signature made Wed 21 Jun 2023 01:26:47 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Nov 28 15:17:02 2022 -0500 + + librem_mini/librem_mini_v2: Add automatic power-on setting + + Mini v1/v2's EC can automatically power on the system when power is + applied, based on a value in EC BRAM. Add a configuration setting to + optionally set this value. + + Signed-off-by: Jonathon Hall + +commit d148d3136ad22b78ba17cf2791e882943a6c244f +gpg: Signature made Wed 21 Jun 2023 01:26:47 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Nov 28 15:15:38 2022 -0500 + + init: Add optional board-specific init script + + Boards can place a file in $(board)/initrd/bin/board-init.sh to perform + board-specific initialization. + + If present, the board's $(board)/initrd directory is included in the + initrd via board.initrd. + + Signed-off-by: Jonathon Hall + +commit 6e0d241913b81d04684b5ad60a4554f9e9178855 +gpg: Signature made Wed 21 Jun 2023 01:26:46 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Nov 28 15:06:16 2022 -0500 + + ioport: Add ioport module (inb, outb) + + Add ioport module, enable for librem_mini_v2. Only inb and outb are + included, inw/outw/inl/outl aren't needed. + + Signed-off-by: Jonathon Hall + +commit 206d59dc71a3878dfc6f2a9debe9740e69c55112 +gpg: Signature made Wed 21 Jun 2023 01:26:46 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Nov 9 15:03:53 2022 -0500 + + Add USB autoboot feature to PureBoot Basic + + USB autoboot automatically boots to a USB flash drive if one is present + during boot. This is intended for headless deployments as a method to + recover the installed operating system from USB without needing to + attach a display and keyboard. + + USB autoboot can be controlled in config.user and the config GUI. + + Signed-off-by: Jonathon Hall + +commit b0e0a91c9718476e497d3892c7f44ed164ecbbbf +gpg: Signature made Wed 21 Jun 2023 01:26:46 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Nov 2 10:25:40 2022 -0400 + + Add PureOS signing key + + Add the PureOS archive signing key to the keys accepted for signed + ISOs. + + Signed-off-by: Jonathon Hall + +commit 79da79a5e488e2db692376be9ba0faa659f2baa8 +gpg: Signature made Wed 21 Jun 2023 01:26:45 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Kyle Rankin +Date: Tue Oct 25 15:09:15 2022 -0700 + + Implement Restricted Boot Mode + + Restricted Boot mode only allows booting from signed files, whether that + is signed kernels in /boot or signed ISOs on mounted USB disks. This + disables booting from abitrary USB disks as well as the forced "unsafe" + boot mode. This also disables the recovery console so you can't bypass + this mode simply by running kexec manually. + + Signed-off-by: Jonathon Hall + +commit 4bc6159ab6277d47af77ea7d8d77496ddbc27978 +gpg: Signature made Wed 21 Jun 2023 01:26:45 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Tue Mar 15 12:05:04 2022 -0500 + + Add PureBoot Basic Mode + + PureBoot Basic mode provides the full Linux userspace in firmware from + Heads without requiring verified boot or a Librem Key. Basic and + verified boot can be switched freely without changing firmware, such as + if a Librem Key is lost. + + PureBoot Basic can apply firmware updates from a USB flash drive, and + having a complete Linux userspace enables more sophisticated recovery + options. + + Basic mode boots to the first boot option by default, setting a default + is not required. This can be configured in the config GUI. + + Signed-off-by: Jonathon Hall + +commit a5238b582360b3fc92a0c7ae4b8160051cd91bf7 +gpg: Signature made Wed 21 Jun 2023 01:26:45 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Tue Feb 22 17:59:11 2022 -0600 + + config/coreboot.{librem_14,mini_v2}: enlarge CBFS for blob jail + + Signed-off-by: Matt DeVillier + +commit 468643ee829ac40dd900258235dac1e02cdfd27a +gpg: Signature made Wed 21 Jun 2023 01:26:44 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 24 17:30:27 2023 -0400 + + functions: Add toggle_config function for use in config GUI + + toggle_config() toggles the value of a config. + + Signed-off-by: Jonathon Hall + +commit 39c655ae1d6b9cbd713aebc6eb77d8535f5d3971 +gpg: Signature made Wed 21 Jun 2023 01:26:44 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Nov 10 13:53:56 2022 -0500 + + Add load_config_value() and get_config_display_action() + + Add these two functions for use in config-gui.sh for future toggles. + + load_config_value() obtains the value of a config setting, defaulting + to 'n'. get_config_display_action() displays 'Enable' or 'Disable' + depending on the current value. + + Signed-off-by: Jonathon Hall + +commit 606c29f0ecf20c53a3e8572b9ea7086fd7824a13 +gpg: Signature made Wed 21 Jun 2023 01:26:44 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Nov 9 14:02:03 2022 -0500 + + Extract enable_usb_storage() from mount-usb + + enable_usb_storage() inserts usb-storage.ko if not already loaded, then + waits for USB storage devices to appear. + + Signed-off-by: Jonathon Hall + +commit b365f1324a03f3cb8c95e3a7bc99fccba3c8d93b +gpg: Signature made Wed 21 Jun 2023 01:26:43 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Nov 9 14:00:53 2022 -0500 + + Extract pause_automatic_boot() from gui-init to gui_functions + + pause_automatic_boot() prompts that an automatic boot is about to occur + and allows the user to interrupt it. + + Signed-off-by: Jonathon Hall + +commit 5d7afa2e02247fd87f5b1a0e6f8d1501802d396f +gpg: Signature made Wed 21 Jun 2023 01:26:43 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Nov 16 14:24:28 2022 -0500 + + kexec-select-boot: Extract boot menu scanning logic + + Move boot menu scanning logic to scan_boot_options() in /etc/functions + + Signed-off-by: Jonathon Hall + +commit 3a917bb90b250217e65dabe0d7a5755f09026e20 +gpg: Signature made Wed 21 Jun 2023 01:26:43 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Nov 3 14:13:16 2022 -0400 + + config-gui.sh: Extract utilities from config-gui.sh + + Extract utilities from config-gui.sh for use in additional config + settings. read_rom() reads the current ROM with a message for failure. + replace_rom_file() replaces a CBFS file in a ROM. set_config() sets a + configuration variable in a file. + + Signed-off-by: Jonathon Hall + +commit 14a5d19f1f2b11dd284d77a56cc52461a469b45b +gpg: Signature made Wed 21 Jun 2023 01:26:42 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Tue Mar 15 11:58:46 2022 -0500 + + Move show_system_info() from gui-init to gui-functions + + Signed-off-by: Matt DeVillier + +commit 0967fe3201fd33f54cfc6f3f3f1dc56571c9373d +gpg: Signature made Wed 21 Jun 2023 01:26:42 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Fri Jan 7 13:26:21 2022 -0600 + + configs/busybox: enable lzma (de)compression + + Signed-off-by: Matt DeVillier + +commit 3191bfbdaf9dfa1aa8871ab1e09e64e4dbe20225 +gpg: Signature made Wed 21 Jun 2023 01:26:42 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Fri Apr 29 16:01:21 2022 -0500 + + oem-factory-reset: Add 'use defaults' prompt to simplify user options + + Signed-off-by: Matt DeVillier + +commit 3766d32034c1ede103c7d14a5174c672a73d451b +gpg: Signature made Wed 21 Jun 2023 01:26:41 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Mon Mar 29 14:41:19 2021 -0500 + + board/librem_{13/14/15/mini}: Use Purism repo for coreboot + + Use Purism's repo for all Librem boards other than the Librem Server L1UM. + + Signed-off-by: Matt DeVillier + +commit 1ea5f3bd6b128fd889c9f72977170cb2b535fd7e +gpg: Signature made Wed 21 Jun 2023 01:26:41 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Thu Mar 25 11:58:02 2021 -0500 + + modules/coreboot: Allow building from Purism's coreboot git repo + + Use commit hash from 4.16-Purism-1 tag. + + Signed-off-by: Matt DeVillier + +commit efc49c74258e8bf765bbda6f27f2fb3a9d9962a6 +gpg: Signature made Wed 21 Jun 2023 01:26:37 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Kyle Rankin +Date: Fri Sep 3 14:20:46 2021 -0700 + + Add Root file hash feature + + Currently Heads will check files in /boot for tampering before booting + into a system. It would be nice if you could use the trusted environment + within Heads and extend this to check files in / itself. This new script + adds that functionality, however due to the length of time it takes to + perform these kinds of checks, it doesn't run automatically (yet). + + This feature can be configured from the config GUI - the root device/ + directories to check can be set, and it can be configured to run during + boot. + + To make this a bit easier to use, I added a feature to detect whether + the hash file exists and if not, to display a more limited menu to the + user guiding them to create the initial hash file. Otherwise it will + display the date the file was last modified, which can be useful to + determine how stale it is. + +commit db20f78357c9d206d59d0add2e306319962d7d21 +gpg: Signature made Wed 21 Jun 2023 12:40:04 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6ec0c81443 2dcf7fbd77 +Author: tlaurion +Date: Wed Jun 21 12:40:04 2023 -0400 + + Merge pull request #1418 from tlaurion/qemu-coreboot-tpm1_config-fix + +commit 2dcf7fbd775859092f7840df5bb4cb3d9546aac9 +gpg: Signature made Wed 21 Jun 2023 11:44:08 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 21 11:19:43 2023 -0400 + + coreboot-qemu-tpm1.config: TPM1 coreboot activation got lost in last commit. Sorry + +commit 6ec0c814430c5ad0df54f834c89ee72a904466b2 +gpg: Signature made Tue 20 Jun 2023 08:02:34 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3b3c49b026 995a6931f1 +Author: tlaurion +Date: Tue Jun 20 20:02:34 2023 -0400 + + Merge pull request #1373 from tlaurion/io386_remake + +commit 995a6931f1471565b293bf1799c7ff91fd310ee3 +gpg: Signature made Tue 20 Jun 2023 12:42:12 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Jun 18 17:08:45 2023 -0400 + + config-gui.sh: permit io386 platform locking to be dynamically disabled at runtime + ash_functions: make sure /tmp/config is sourced before going to recovery shell + TODO: revisit https://source.puri.sm/firmware/pureboot/-/blob/Release-27/initrd/bin/config-gui.sh#L33 to have proper config store later on + +commit 39bb6ea313b37e182635c5010b15c69d91d74c08 +gpg: Signature made Tue 20 Jun 2023 12:41:35 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jun 20 12:40:00 2023 -0400 + + lock_chip: parametrize locking in function of board config exported config option + kexec-boot: depend on io386 presence and board config option to call lock_chip + +commit 9830c6c4ed14dcfc161517c8dae6310284c32860 +gpg: Signature made Tue 20 Jun 2023 12:36:48 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 12 15:08:49 2023 -0400 + + io386 platform lockdown: enable on sandy/ivy/haswell maximized board configs + +commit d094dcd346ac5d6d3e3a203eae5d026cfa01adb9 +gpg: Signature made Wed 14 Jun 2023 09:58:35 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Wed Aug 21 15:40:36 2019 -0500 + + gui-init/seal-libremkey: reduce friction when generating new secret + + Reduce friction when generating a new TOTP/HOTP secret by eliminating + an unnecessary 'press enter to continue' prompt following QR code + generation, and by attempting to use the default admin PIN set by + the OEM factory reset function. Fall back to prompting the user + if the default PIN fails. + + Also, ensure error messages are visible to users before being returned + back to the GUI menu from which they came by wrapping existing calls to die() + + Signed-off-by: Matt DeVillier + +commit d937426306e8eed47544a7212f1978736bf52b48 +gpg: Signature made Wed 14 Jun 2023 09:58:34 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Kyle Rankin +Date: Mon Nov 25 12:25:11 2019 -0600 + + Use the Librem Key as a TPM work-alike in the absence of a TPM + + On machines without a TPM, we'd still like some way for the BIOS to + attest that it has not been modified. With a Librem Key, we can have the + BIOS use its own ROM measurement converted to a SHA256sum and truncated + so it fits within an HOTP secret. Like with a TPM, a malicious BIOS with + access to the correct measurements can send pre-known good measurements + to the Librem Key. + + This approach provides one big drawback in that we have to truncate the + SHA256sum to 20 characters so that it fits within the limitations of + HOTP secrets. This means the possibility of collisions is much higher + but again, an attacker could also capture and spoof an existing ROM's + measurements if they have prior access to it, either with this approach + or with a TPM. + + Signed-off-by: Kyle Rankin + +commit a598ba6e57e22ae60773b69ca745440f06e1be51 +gpg: Signature made Mon 12 Jun 2023 01:51:58 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Apr 13 09:21:26 2023 -0400 + + modules/io386: fixate to latest commit id and optimize for space + +commit 699a9613818932669330af842457352b2e6ef97b +gpg: Signature made Mon 12 Jun 2023 01:51:38 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 12 15:04:05 2023 -0400 + + io386: replace check for io386 to call lock_chip by a single common call from kexec-boot prior of real kexec + +commit 3f1c76ce116a283850cde032711a7b76bcad69bb +gpg: Signature made Mon 12 Jun 2023 01:05:56 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: persmule +Date: Wed Jan 17 16:16:18 2018 +0800 + + Introduce io386 to heads and use it to finalize chipset at runtime + + On some newer platforms of intel (confirmed on nehalem, sandy/ivy + bridge), coreboot after commit [2ac149d294af795710eb4bb20f093e9920604abd](https://review.coreboot.org/cgit/coreboot.git/commit/?id=2ac149d294af795710eb4bb20f093e9920604abd) + registers an SMI to lockdown some registers on the chipset, as well + as access to the SPI flash, optionally. The SMI will always be triggered + by coreboot during S3 resume, but can be triggered by either coreboot + or the payload during normal boot path. + + Enabling lockdown access to SPI flash will effectly write-protect it, + but there is no runtime option for coreboot to control it, so letting + coreboot to trigger such SMI will leave the owner of the machine lost + any possibility to program the SPI flash with its own OS, and becomes + a nightmare if the machine is uneasy to disassemble, so a scheme could + be implement, in which the SMI to lockdown chipset and SPI flash is left + for a payload to trigger, and temporarily disabling such triggering in + order to program the SPI flash needs authentication. + + I have implemented a passcode-protected runtime-disableable lockdown + with grub, described [here](https://github.com/hardenedlinux/Debian-GNU-Linux-Profiles/blob/master/docs/hardened_boot/grub-for-coreboot.md#update-for-coreboot-after-commit-2ac149d294af795710eb4bb20f093e9920604abd). In order to implement a similar scheme for + Heads, I wrote [io386](https://github.com/hardenedlinux/io386). + + With this commit, io386 will be called before entering boot routine + to trigger the SMI to finalize the chipset and write protect the SPI + flash at the same time. Entering recovery shell will leave the flash + writable. + + (The authentication routine implemented in previous revisions has been + split as an independent commit.) + + Originally proposed under PR#326 + +commit 3b3c49b026ec8f01861f34c93d771650e02029c4 +gpg: Signature made Fri 09 Jun 2023 05:07:55 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 21b87ff7d2 b9d2c1a612 +Author: tlaurion +Date: Fri Jun 9 17:07:55 2023 -0400 + + Merge pull request #1411 from Dasharo/fix-tpm + + Talos-II vs. TPM + +commit b9d2c1a6126c40efcd167111016b742d92988ddd +gpg: Signature made Fri 09 Jun 2023 02:26:55 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Fri Jun 9 21:25:49 2023 +0300 + + Patch coreboot to use /usr/bin/env in skiboot for Talos-II board + + Signed-off-by: Sergii Dmytruk + +commit 0a1e47f58581ae533b246ffc7cbc4fef26f7ca99 +gpg: Signature made Fri 09 Jun 2023 02:25:08 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Fri Jun 2 00:36:16 2023 +0300 + + Makefile: autoupdate and checkout git clones of modules + + Signed-off-by: Sergii Dmytruk + +commit abd99a0f2806e79d7214897cfecf195ceded02a2 +gpg: Signature made Tue 06 Jun 2023 06:10:14 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Tue Jun 6 00:54:50 2023 +0300 + + initrd/bin/talos-init: disable fast-reset + + Signed-off-by: Sergii Dmytruk + +commit 71b0f8dac93ad2eed8c2d87ebd9595b0b0a5276b +gpg: Signature made Tue 06 Jun 2023 06:10:14 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Tue Jun 6 00:54:24 2023 +0300 + + boards/talos-2/talos-2.config: enable powerpc-utils + + Signed-off-by: Sergii Dmytruk + +commit 62e189936730a8ebcc598a1c0cc9188837efa24e +gpg: Signature made Tue 06 Jun 2023 06:10:13 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Tue Jun 6 00:53:18 2023 +0300 + + modules/powerpc-utils: add + + This provides nvram tool that allows manipulating configuration of + skiboot. + + Signed-off-by: Sergii Dmytruk + +commit 3df4a45477cd8b6280d5a937dee1058e544ce152 +gpg: Signature made Tue 06 Jun 2023 06:10:13 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Thu May 25 01:07:29 2023 +0300 + + modules/coreboot: update coreboot + + * Properly initialize sensor IDs of 2nd CPU to fix fan control. + * Use 2s delay for I2C communications with TPM in OPAL (configured in + device tree). + * Stop building unused parts of skiboot using host GCC. + + Signed-off-by: Sergii Dmytruk + +commit 17f652da3bd7a72655b3621ac1f2807a23d99c24 +gpg: Signature made Mon 05 Jun 2023 05:49:07 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Thu Jun 1 15:53:07 2023 +0300 + + config/linux-talos-2.config: don't enable IMA + + It only extends PCR10 and logs it separately. + + Added entries are to compensate disabling IMA which selects those config + options. + + Signed-off-by: Sergii Dmytruk + +commit 7b949a1a44eced0e90199eb6bd4e01513234f081 +gpg: Signature made Sun 04 Jun 2023 01:20:46 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Thierry Laurion +Date: Thu May 25 14:05:40 2023 -0400 + + initrd/bin/seal-totp: PCR0-4 cannot be expected to be 0 on PPC64. + + Seal with extended PCR values, expected to be the same at unseal-totp operation + +commit 92cddb315f8068d5f59eebbfe2dcdecab8122f0a +gpg: Signature made Sun 04 Jun 2023 01:20:46 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Thierry Laurion +Date: Thu May 25 14:03:11 2023 -0400 + + boards/talos-2/talos-2.config : sda1 will never be a boot device + /dev/nvme0n1p2 expected to contain /boot/grub dir + +commit 21b87ff7d2fec4418a1ab3019c0eebc93dacc856 +gpg: Signature made Wed 24 May 2023 01:56:01 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b70547f188 d917ca1c96 +Author: tlaurion +Date: Wed May 24 13:56:01 2023 -0400 + + Merge pull request #1410 from tlaurion/QubesOS_update_weekly_ISO_signing_keys + + Qubes weekly signing key has changed. Removed testing and replaced. + +commit d917ca1c968b4042edb851300c69009d1c26d240 +gpg: Signature made Wed 24 May 2023 12:13:07 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 9 11:42:15 2023 -0400 + + Qubes weekly signing key has changed. Removed testing and replaced. + Already minimized and cleaned upstream, taken from https://qubes.notset.fr/iso/ today + +commit b70547f18824561b4f6ffe74fa98c493a36e8692 +gpg: Signature made Tue 09 May 2023 02:09:11 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: bc148f1341 3ea82ec31e +Author: tlaurion +Date: Tue May 9 14:09:11 2023 -0400 + + Merge pull request #1401 from daringer/fix-makefile + + Makefile: adapt cleaning targets for arch directory + +commit 3ea82ec31ee978a15e538d61e0fc283097311049 +gpg: Signature made Tue 09 May 2023 11:50:50 AM EDT +gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA +gpg: Good signature from "Markus Meissner " [unknown] +gpg: aka "Markus Meissner " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176 + Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA +Author: Markus Meissner +Date: Tue May 9 13:52:51 2023 +0200 + + Makefile: adapt cleaning targets for arch directory + +commit bc148f1341331ba9241676a7ded6d55e47c57fc4 +gpg: Signature made Sat 06 May 2023 11:08:29 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3c98f080e4 ca00952048 +Author: tlaurion +Date: Sat May 6 11:08:29 2023 -0400 + + Merge pull request #1397 from danielp96/fbwhiptail-reproducibility + +commit ca0095204811cc660f0a5db945093b2eb9cc1509 +gpg: Signature made Thu 04 May 2023 03:19:52 PM EDT +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Thu May 4 13:14:26 2023 -0600 + + modules/fbwhiptail: Update for reproducibility + + Updated to reproducible version of fbwhiptail. + Added flags to remove debug info. + Updated url to current one instead of going through redirect. + + Signed-off-by: Daniel Pineda + +commit 3c98f080e42b0061a1e1c87c9beb81d9fc5043f7 +gpg: Signature made Wed 03 May 2023 10:52:41 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 87871ad18d 09f3984020 +Author: tlaurion +Date: Wed May 3 10:52:41 2023 -0400 + + Merge pull request #1394 from srgrint/linux_4.14_patch_for_use_after_free_realloc + + backport upstream patch for 4.14.62. Allows building on debian 12 + +commit 09f3984020c0f97509c9a186567e2c04b3936614 +Author: srgrint +Date: Tue May 2 20:49:34 2023 +0100 + + backport upstream patch for 4.14.62. Allows building on debian 12 + +commit 87871ad18d632086750368573d83c1e24057fac3 +gpg: Signature made Tue 02 May 2023 01:02:26 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ab1faf5389 e8bc15ee60 +Author: tlaurion +Date: Tue May 2 13:02:26 2023 -0400 + + Merge pull request #1393 from tlaurion/linux_5.10.5_patch_for_use_after_free_realloc + +commit e8bc15ee602f4f728332e7bab5a1a3fde5a90f89 +gpg: Signature made Tue 02 May 2023 10:30:44 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon May 1 17:12:28 2023 -0400 + + linux 5.10.5: backporting linux upstream patch for 5.10.5 (libsubcmd fix use after free for realloc) + Permits building on top of debian-12 (testing), which fails to build since detecting bug. + +commit ab1faf5389dbfbc174e3cbf6cdec0be1cba14772 +gpg: Signature made Fri 28 Apr 2023 05:34:32 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: bdcc556e2b 6d0cd94ba8 +Author: tlaurion +Date: Fri Apr 28 17:34:32 2023 -0400 + + Merge pull request #1378 from JonathonHall-Purism/kexec-framebuffer-graphics + +commit bdcc556e2b4f41d114e8c067b1e25f091234dd2d +gpg: Signature made Fri 28 Apr 2023 04:56:21 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a7777a7dce 40872d8b31 +Author: tlaurion +Date: Fri Apr 28 16:56:21 2023 -0400 + + Merge pull request #1377 from tlaurion/iso_boot_debugging_and_fixes + +commit a7777a7dce32edafd5ef6331d90d30a1ae942fbb +gpg: Signature made Fri 28 Apr 2023 01:42:41 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3a38ac02e3 1aa216773a +Author: tlaurion +Date: Fri Apr 28 13:42:41 2023 -0400 + + Merge pull request #1390 from danielp96/bash-reproducibility + + Bash reproducibility + +commit 1aa216773adcddcd39e51d72442366e82f42cbaf +gpg: Signature made Thu 27 Apr 2023 01:51:33 PM EDT +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Tue Apr 25 14:32:25 2023 -0600 + + patches/bash-5.1.16.patch: Do not increment build number + + Bash uses .build to keep count of the build number, which conflicts + with heads build system usage of .build to keep track of built modules. + + If .build already exists when bash/configure is run it will increment by 1 + the build number. This is configurable on the call to the support script + support/mkversion.sh, which is called from the bash/Makefile. + + Patching the Makefile template used during bash configuration allows + disabling the build number increment. + + Signed-off-by: Daniel Pineda + +commit 6d0cd94ba8d0cc96dd0e62b907f38071d7c22324 +gpg: Signature made Thu 27 Apr 2023 12:52:02 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Apr 27 12:50:29 2023 -0400 + + Enable CONFIG_NO_GFX_INIT in coreboot on i915 boards with Linux 5.10 + + We don't need coreboot to initialize graphics on this boards, this + eliminates some unneeded code and the gnat dependency for them. + + Coreboot was using libgfxinit, but it was initializing in text mode. + Heads' kernel will then switch to graphics mode, and we hand that + framebuffer from i915 to the target kernel during kexec. + + Signed-off-by: Jonathon Hall + +commit 3a38ac02e3dbd4de911307a3183c811c8a49611e +gpg: Signature made Mon 24 Apr 2023 07:21:18 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 060c979e4b 6300dd178a +Author: tlaurion +Date: Mon Apr 24 19:21:18 2023 -0400 + + Merge pull request #1312 from tlaurion/coreboot-4.13_coreboot-4.19_version_bump + + Bump boards depending on coreboot 4.13 to 4.19 + +commit 060c979e4b5dfd3e096e3f0624868c73319a759e +gpg: Signature made Mon 24 Apr 2023 07:14:12 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 77b593301a 2901d29e24 +Author: tlaurion +Date: Mon Apr 24 19:14:12 2023 -0400 + + Merge pull request #1382 from tlaurion/coreboot_xcompile_fixed_location + + coreboot: output xcompile into old shared location for all coreboot versions to prevent buildstack rebuild + +commit 2901d29e2410b042db4df99c5cafc28b095b9b4c +gpg: Signature made Fri 21 Apr 2023 04:54:49 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Apr 21 16:54:48 2023 -0400 + + coreboot: output xcompile into old shared location for all coreboot versions (prevents rebuild of buildstack) + +commit 77b593301a78631be5c5e1187472dd5a54dde9b1 +gpg: Signature made Thu 20 Apr 2023 02:13:02 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8ff4b9a51b a29c277849 +Author: tlaurion +Date: Thu Apr 20 14:13:02 2023 -0400 + + Merge pull request #1380 from tlaurion/coreboot+linux_helpers_for_version_bump + + coreboot+linux modules: add helpers to edit config, save in oldconfig/defconfig + +commit a29c277849fa034738b17475ced7bedec83bac65 +gpg: Signature made Thu 20 Apr 2023 02:11:44 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 19 10:04:53 2023 -0400 + + coreboot+linux modules: add modules target helpers to edit configs (oldconfig/defconfig) + + Most useful to me are: + coreboot.modify_and_save_defconfig_in_place + coreboot.modify_and_save_oldconfig_in_place + linux.modify_and_save_oldconfig_in_place + linux.modify_and_save_defconfig_in_place + Which permit to take current in tree configs and translate them into other format. + This is useful when trying to version bump and build. + + Also add helpers to save in versioned version to facilitate change tracking: + linux.generate_and_save-versioned-oldconfig + linux.regenerate_and_save_versioned_defconfig + +commit 31e122443c41eaeb706bcc90d43de8937075b278 +gpg: Signature made Thu 20 Apr 2023 12:46:18 PM EDT +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Thu Apr 20 10:44:34 2023 -0600 + + modules/bash: Remove debug info from binary + + Add -g0 to CFLAGS + Add -s to LDFLAGS + + Signed-off-by: Daniel Pineda + +commit 353e836dc131b89d3fd7c635993e22a014d3e3e5 +gpg: Signature made Wed 19 Apr 2023 02:17:44 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Apr 19 14:16:38 2023 -0400 + + kexec: Update to 2.0.26, add framebuffer tracing + + Update kexec to 2.0.26. Add tracing to framebuffer initialization. In + particular, the driver name is traced if not recognized, and messages + about kernel config are shown if the kernel doesn't provide the + framebuffer pointer. + + Signed-off-by: Jonathon Hall + +commit a75ecdfc8d89be7fff1789b2d51158533b4c81a0 +gpg: Signature made Wed 19 Apr 2023 10:35:14 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Apr 19 10:34:29 2023 -0400 + + t440p: Enable i915 kexec framebuffer fixes + + Add CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM and related kernel parameters to + t440p. This board is already on kernel 5.10 and uses i915 graphics. + + Signed-off-by: Jonathon Hall + +commit cd4c1a0fdb6417b1724f4bd908c63cce9d62af88 +gpg: Signature made Wed 19 Apr 2023 10:34:11 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Apr 19 10:32:23 2023 -0400 + + coreboot-librem*: Set framebuffer kernel params for Librems except L1UM + + Allow leaking the DRM framebuffer pointer to userspace, and disable + framebuffer compression, like librem_15v4. + + Tested booting memtest86+ and Debian netinstaller on Mini v2. + + Do not enable this for L1UM, it uses Aspeed graphics which still don't + work. qemu uses virtio graphics, which also are not working. + + Signed-off-by: Jonathon Hall + +commit 2a2279b587d83de9ce085a5cef275238ba78acaa +gpg: Signature made Tue 18 Apr 2023 05:02:22 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Apr 18 17:00:03 2023 -0400 + + librem_15v4: Disable i915 compressed framebuffer + + Compressed framebuffer requires the driver to track updates to the + framebuffer from the CPU and update the compressed framebuffer. This + doesn't work if we kexec into an OS that will use the linear + framebuffer, so disable it. (The OS kernel can still use compressed + framebuffer if it has i915.) + + Linux 5.8 enabled compressed framebuffer on more chipsets using i915, + which is why this stopped working. + + memtest86+ and Debian (manually blacklisted i915, comparable to + netinst) now boot correctly on Librem 15v4. This will need to be + enabled for other boards too. + + Signed-off-by: Jonathon Hall + +commit 13a3cee0e5f24990a8c6e769d7bd7aac0cd80150 +gpg: Signature made Tue 18 Apr 2023 01:30:47 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Apr 18 13:29:38 2023 -0400 + + kexec: Add new i915 driver ID + + The i915 driver's ID changed again, now to i915drmfb. + + It's unclear why kexec checks this, it seems it could populate the + target kernel's framebuffer info as long as it knows enough about the + host kernel's framebuffer, which it already checks. Maybe we could + improve this, for now just add the new ID again. + + Signed-off-by: Jonathon Hall + +commit abbc1b5dd8aa0ebb52149ecfc8ae74605a383a1a +gpg: Signature made Tue 18 Apr 2023 01:23:56 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Apr 18 13:17:18 2023 -0400 + + linux: Allow kexec in userspace to get framebuffer address + + kexec(8) needs to get the framebuffer address in order to set up the + new kernel's boot parameters. This is one of the reasons that using a + >4.20 kernel in Heads prevents framebuffer graphics from working in the + OS kernel. + + Linux 4.20 started hiding this address from userspace, because + userspace is not supposed to need physical memory addresses. A + workaround was added to keep leaking the address, apparently for some + proprietary userspace OpenGL drivers. This requires both a Kconfig and + a kernel parameter. + + This commit enables the Kconfig on the librem_common config, and the + kernel parameter on the librem_15v4 (where I'm testing this). We will + need to enable it on other >4.20 configs/boards as well. + + Signed-off-by: Jonathon Hall + +commit 40872d8b31471ec5ac694afb1419ab5f0bee3ce7 +gpg: Signature made Mon 17 Apr 2023 04:19:08 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Apr 17 16:19:08 2023 -0400 + + kexec-parse-boot: fix isolinux iso booting + +commit 7ec658ffdf850f0f4c4fc08430eb70e4a128d6a4 +gpg: Signature made Mon 17 Apr 2023 04:18:22 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Apr 17 16:18:22 2023 -0400 + + kexec-iso-init: add TinyCore iso boot logic (Based on https://github.com/u-root/webboot/) + +commit 4a782255487c153aeabb6595d20b137211f409ba +gpg: Signature made Mon 17 Apr 2023 04:17:56 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Apr 17 16:11:59 2023 -0400 + + media-scan/usb-init: add debugging info + +commit 8ff4b9a51b896f6a014228070093d4cfd9a73d7a +gpg: Signature made Wed 12 Apr 2023 12:36:46 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 26d936b934 f0dc3541f5 +Author: tlaurion +Date: Wed Apr 12 12:36:46 2023 -0400 + + Merge pull request #1319 from danielp96/master + + Update busybox 1.32.0 to 1.33.2 + +commit 26d936b934555e759a9985c0121ff558f2aea3be +gpg: Signature made Wed 12 Apr 2023 11:19:18 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e32fc91baf 1217cffbc1 +Author: tlaurion +Date: Wed Apr 12 11:19:18 2023 -0400 + + Merge pull request #1372 from JonathonHall-Purism/fix-benign-script-errors + + Fix benign script errors + +commit 1217cffbc158ce6e411454acdb3890c5557c572c +gpg: Signature made Wed 12 Apr 2023 09:12:14 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Sat Mar 25 17:06:47 2023 -0400 + + kexec-select-boot: Fix errant continue + + This isn't in a loop, continue makes no sense. ash had silently + ignored it. Proceeding to the do_boot below is the correct behavior. + + Signed-off-by: Jonathon Hall + +commit f1708bf3a7812e6857b72118f39f1a8de864fd12 +gpg: Signature made Wed 12 Apr 2023 09:12:10 AM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Sat Mar 25 17:06:12 2023 -0400 + + mount-usb: Fix word splitting in test for USB devices + + For partitioned media or when more than one device is present, this + fixes a benign script error that ash had apparently ignored. + + Signed-off-by: Jonathon Hall + +commit e32fc91baf2e707f0ef24fed2812786a7dcdb79f +gpg: Signature made Tue 11 Apr 2023 06:59:52 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5b9d9529ba b64077fac6 +Author: tlaurion +Date: Tue Apr 11 18:59:52 2023 -0400 + + Merge pull request #1358 from ThePlexus/p8z77-m_pro + +commit 5b9d9529ba116da6537326c8ea9148b120c0d18b +gpg: Signature made Tue 11 Apr 2023 10:42:00 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1cf7158e8e 46aa2535ba +Author: tlaurion +Date: Tue Apr 11 10:42:00 2023 -0400 + + Merge pull request #1367 from danielp96/libjson-reproducibility + + modules/json-c: set cmake build type as minsizerel + +commit b64077fac673ead82013277fc64a4cc81eded50a +Author: ThePlexus <31340423+ThePlexus@users.noreply.github.com> +Date: Mon Apr 10 13:43:54 2023 +0100 + + Incorporate COREBOOT_DIr mod and VSCC optioanl setting + +commit 46aa2535ba953d8abe3ef8548f0b7f419baa3743 +gpg: Signature made Thu 06 Apr 2023 02:17:42 PM EDT +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Thu Apr 6 12:13:26 2023 -0600 + + modules/json-c: set cmake build type as minsizerel + + By default json-c builds as debug instead of release. + + Adding CMAKE_BUILD_TYPE=minsizerel ensures it does not + add debug info and also optimizes for file size. + + Signed-off-by: Daniel Pineda + +commit 1cf7158e8e0f76630d47de81e5f93913a4c73668 +gpg: Signature made Tue 04 Apr 2023 01:38:22 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a447674a89 a475ecef24 +Author: tlaurion +Date: Tue Apr 4 13:38:22 2023 -0400 + + Merge pull request #1365 from tlaurion/move_tpm2_board_pcap_to_debug_section + +commit 668d7739cee6c0b4832aaddf0e8e47b6d3aab6f4 +gpg: Signature made Tue 04 Apr 2023 11:13:19 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: ThePlexus <31340423+ThePlexus@users.noreply.github.com> +Date: Tue Apr 4 16:13:19 2023 +0100 + + change default loglevel + +commit a475ecef2465271e2ec877bd345a694b7e6657e6 +gpg: Signature made Tue 04 Apr 2023 09:36:31 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Apr 4 09:36:31 2023 -0400 + + qemu-coreboot-*whiptail-tpm2-* boards: move TPM2 debug PCAP variable to debug section for clarity + +commit a447674a893156a21407c6a2dc31c7e877292942 +gpg: Signature made Mon 03 Apr 2023 07:40:39 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3b56c0cf53 1a69b1dd07 +Author: tlaurion +Date: Mon Apr 3 19:40:38 2023 -0400 + + Merge pull request #1313 from Dasharo/talos_fan_speed + +commit 3b56c0cf5395065ba68faca6a52ae1093cad4ed2 +gpg: Signature made Mon 03 Apr 2023 02:34:03 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1617b6ccba 8dbe85ddaf +Author: tlaurion +Date: Mon Apr 3 14:34:03 2023 -0400 + + Merge pull request #1362 from tlaurion/fix_usb_keyboard_at_init + + Fix usb keyboard at init + +commit 8dbe85ddaf746241b1c53be726c3749d297c3c3f +gpg: Signature made Mon 03 Apr 2023 02:31:21 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Mar 31 15:43:33 2023 -0400 + + Fix 'Tracing...' text output still stating functions instead of ash_functions where they are called from + +commit 429d8bbeaddf29f0a6463e53bb31f22ed1276dd7 +gpg: Signature made Mon 03 Apr 2023 02:31:09 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Mar 31 13:08:23 2023 -0400 + + move enable_usb from /etc/functions to /etc/ash_functions so that usb keyboard can be enabled from init + + Reminder: insmod is a bash script and will fail on legacy-flash boards (which should not enable USB_KEYBOARD anyway) + +commit 1761505d879eba46cebf4e5f877e13a570ebaf46 +Author: ThePlexus <31340423+ThePlexus@users.noreply.github.com> +Date: Fri Mar 31 17:37:02 2023 +0100 + + Autoboot not needed in this board + +commit 5496138f2c5585b7a3c2f2c5e053e68beac47781 +gpg: Signature made Fri 31 Mar 2023 11:33:11 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c67cf7c47e 1617b6ccba +Author: ThePlexus <31340423+ThePlexus@users.noreply.github.com> +Date: Fri Mar 31 16:33:11 2023 +0100 + + Merge branch 'osresearch:master' into p8z77-m_pro + +commit 1a69b1dd079933f093140ef0e952dfd55d11fe90 +gpg: Signature made Thu 30 Mar 2023 03:04:02 PM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Thu Mar 30 17:12:40 2023 +0200 + + initrd/bin/talos-init: add alias for cbmem + + Signed-off-by: Krystian Hebel + +commit 9550d2b541cb42ad292ff14761d9305f93baa412 +gpg: Signature made Thu 30 Mar 2023 03:04:02 PM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Wed Feb 15 21:26:45 2023 +0100 + + initrd/bin/talos-init: send IPL complete message to BMC + + BMC awaits this message before it takes control over CPU fans speed. + + Signed-off-by: Krystian Hebel + +commit 3c6efd1f47905ed529a86e6f8de1e07d4074c905 +gpg: Signature made Thu 30 Mar 2023 03:04:01 PM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Thu Mar 30 17:16:53 2023 +0200 + + config/coreboot-talos-2.config: update for new tree + + Signed-off-by: Krystian Hebel + +commit 4edd71c5aaedb1ad027f92c8cc94893c01cbf880 +gpg: Signature made Thu 30 Mar 2023 03:04:01 PM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Thu Mar 30 20:28:06 2023 +0200 + + modules/coreboot: bump commit hash for Talos + + Signed-off-by: Krystian Hebel + +commit a76e8e58c0b1d7c570dffec53f7abee650faf6b6 +gpg: Signature made Thu 30 Mar 2023 03:04:01 PM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Thu Mar 30 21:00:24 2023 +0200 + + config/linux-talos-2.config: enable coreboot drivers and convert to defconfig + + Signed-off-by: Krystian Hebel + +commit d1fd05671a0f423a245ecd070d3cb2d1f8c59575 +gpg: Signature made Thu 30 Mar 2023 03:03:27 PM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Mon Mar 6 18:35:08 2023 +0100 + + patches/linux-5.5-openpower/0011: patch to expose CBMEM as file + + Signed-off-by: Krystian Hebel + +commit 06b52583fa541bc782f6cf2e43dd4aab464cf56c +gpg: Signature made Thu 30 Mar 2023 03:03:26 PM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Wed Mar 8 14:09:29 2023 +0100 + + patches/linux-5.5-openpower/0010: new patch for enabling Google coreboot drivers + + Signed-off-by: Krystian Hebel + +commit 1617b6ccbaf3f3885416a518e69853f3d7ab06ad +gpg: Signature made Thu 30 Mar 2023 02:04:57 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 0be5b1b000 e7997abdcc +Author: tlaurion +Date: Thu Mar 30 14:04:57 2023 -0400 + + Merge pull request #1352 from Dasharo/linux_target_arch + +commit 0be5b1b0003ae209fa55676054faef89dd5c86e7 +gpg: Signature made Thu 30 Mar 2023 01:16:15 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b48b9edcbc 65b81e6702 +Author: tlaurion +Date: Thu Mar 30 13:16:15 2023 -0400 + + Merge pull request #1356 from tlaurion/oem-factory-reset_clean + + oem-factory-reset: remove duplicates and add proper error redirection to file + +commit 65b81e6702dfcfd191d178e29d7ffd80180641d2 +gpg: Signature made Thu 30 Mar 2023 01:12:24 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Mar 28 15:51:45 2023 -0400 + + oem-factory-reset: remove duplicates and add proper error redirection to file + + - Trace calls need to happen after sourcing /etc/functions not before + - Move sourcing of external files at beginning of file, remove /etc/functions sourcing duplicate + - gpg error redirection was sent to /dev/null where expected to be added to whiptail in case of error (2>&1 instead and redirection to file) + +commit b48b9edcbc5c67c418beaf0c1fac09c9439b6705 +gpg: Signature made Thu 30 Mar 2023 01:10:10 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7f9ee89781 277465b347 +Author: tlaurion +Date: Thu Mar 30 13:10:10 2023 -0400 + + Merge pull request #1357 from ThePlexus/patch-1 + + fix broken OEM re-ownership process + +commit c67cf7c47e000616f63837460b863a2677d9243d +Author: ThePlexus <31340423+ThePlexus@users.noreply.github.com> +Date: Thu Mar 30 10:28:40 2023 +0100 + + Add ASUS P8Z77-M Pro board + +commit 277465b347130e3745b81d7eb1d66a45965eea4c +gpg: Signature made Wed 29 Mar 2023 04:05:52 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: ThePlexus <31340423+ThePlexus@users.noreply.github.com> +Date: Wed Mar 29 21:05:52 2023 +0100 + + fix broken OEM re-ownership process + + Problem + When using a custom password for TPM, the OEM re-ownership process is broken + + Impact + The OEM re-ownership process breaks for any user setting a custom password and not just using 12345678 + + First appeared + https://github.com/osresearch/heads/commit/6923fb5e20cfb662b76c1d1fa48e245ecd8d79fb + + Detail + on line 498, if blank, the TPM custom password is overwritten with TPM_PASS_DEF (eg, when no custom password is set by the user installing) + + ``` + if [ "$TPM_PASS" == "" ]; then TPM_PASS=$TPM_PASS_DEF; fi + ``` + so far so good. $TPM_PASS should be used for all TPM interaction from this point. $TMP_PASS_DEF is now a disposed of variable. + + we see that happens when resetting the TPM on line 712 (generate_checksums) is that $TPM_PASS is used (correctly) + + ```## reset TPM and set password + if [ "$CONFIG_TPM" = "y" ]; then + echo -e "\nResetting TPM...\n" + tpmr reset "$TPM_PASS" >/dev/null 2>/tmp/error + ---SNIP + ``` + The TPM now has either the custom password of the user, or the default of 12345678 depending on user selection. + + On line 712, we duck into the generate_checksums sub, which for some reason reverts to TPM_PASS_DEF + + ``` + # create Heads TPM counter + if [ "$CONFIG_TPM" = "y" ];then + if [ "$CONFIG_IGNORE_ROLLBACK" != "y" ]; then + tpmr counter_create \ + -pwdo "$TPM_PASS_DEF" \ + --SNIP + ``` + + This then, rightly, fails due to + ``` + Authentication failed (Incorrect Password) (ox1) from TPM_CreateCounter + ``` + +commit 7f9ee897812c9a51cf280e20c6857edd17a44199 +gpg: Signature made Tue 28 Mar 2023 11:09:21 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1ecc78560b eaa17681dc +Author: tlaurion +Date: Tue Mar 28 11:09:21 2023 -0400 + + Merge pull request #1353 from tlaurion/revert_agetty_accidental_removal + + Makefile: readd util-linux dependency check to add agetty when needed + +commit 1ecc78560bbbaa393aeb039a12daac3dd63d78a1 +gpg: Signature made Tue 28 Mar 2023 09:26:14 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2995376cda 5cbe27d00f +Author: tlaurion +Date: Tue Mar 28 09:26:14 2023 -0400 + + Merge pull request #1349 from saper/find-me-cleaner + + download_clean_me.sh: Find me_cleaner in tree + +commit eaa17681dcc83fcd93078fd53d06467803c3324d +gpg: Signature made Fri 24 Mar 2023 04:42:59 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Mar 24 16:41:39 2023 -0400 + + Makefile: readd util-linux dependency check to add agetty when needed + + Removed accidentally under https://github.com/osresearch/heads/commit/6923fb5e20cfb662b76c1d1fa48e245ecd8d79fb + +commit e7997abdcc7f351b1fe8ee488a9eec98a674dafb +gpg: Signature made Fri 24 Mar 2023 10:26:34 AM EDT +gpg: using RSA key 7C75583D172140AF4A6B10186CD35B07297B3CF9 +gpg: Good signature from "Krystian Hebel " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 7C75 583D 1721 40AF 4A6B 1018 6CD3 5B07 297B 3CF9 +Author: Krystian Hebel +Date: Fri Mar 24 15:19:28 2023 +0100 + + modules/linux: fix linux.*config targets for non-x86 architectures + + This patch adds ARCH="$(LINUX_ARCH)" to Linux targets working on config + files. Without it, the architecture defaults to that of host, which for + cross-compilation isn't right. + + Signed-off-by: Krystian Hebel + +commit 5cbe27d00fe8eeebf21fc765c1854e510f34787d +Author: Marcin Cieślak +Date: Thu Mar 23 23:53:02 2023 +0100 + + download_clean_me.sh: Find me_cleaner in tree + +commit 2995376cdaffae4457f3042bfdbd33414b475086 +gpg: Signature made Mon 20 Mar 2023 02:46:38 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 96440b928a 445ca053fb +Author: tlaurion +Date: Mon Mar 20 14:46:38 2023 -0400 + + Merge pull request #1339 from tlaurion/single_talos_2_board + + Talos II - Have single board config + +commit 96440b928acb06de5b925ea12014c9c280b23165 +gpg: Signature made Tue 14 Mar 2023 12:53:58 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6ee4b1cbe1 718520fe5e +Author: tlaurion +Date: Tue Mar 14 12:53:58 2023 -0400 + + Merge pull request #1342 from tlaurion/qemu-coreboot-whiptail-tpm2-hotp_adds-hotp + + qemu-coreboot-whiptail-tpm2-hotp : add missing HOTP board requirements + +commit 718520fe5ecb6d71eca44d436c4e93fbdb64ff65 +gpg: Signature made Tue 14 Mar 2023 11:40:06 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Mar 14 11:39:47 2023 -0400 + + qemu-coreboot-whiptail-tpm2-hotp : add missing HOTP board requirements + +commit 6ee4b1cbe1076737d2ad36e75478fc83258d359a +gpg: Signature made Tue 14 Mar 2023 10:54:16 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d24def4b59 ab16b3b26f +Author: tlaurion +Date: Tue Mar 14 10:54:16 2023 -0400 + + Merge pull request #1341 from tlaurion/fix_kexec-save-default_initrd_removal + + ikexec-save-default: fix case when no crypttab found in initrd + +commit ab16b3b26f7bdf1e0f617e97e9cb5408afe10756 +gpg: Signature made Tue 14 Mar 2023 10:44:28 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Mar 14 10:42:21 2023 -0400 + + ikexec-save-default: fix case when no crypttab found in initrd + + - /tmp/initrd_extract was attempted to be deleted while under that directory when no crypptab found. + - changing of directory to / is non-conditional prior of deletion: move to cleaning step + - Clarity on message displayed to user when a generic crypttab will be generated in case of no OS override + +commit d24def4b594e92c432d3ec84f995bfabb137d6c0 +gpg: Signature made Mon 13 Mar 2023 04:22:13 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6300e30504 4754a754dc +Author: tlaurion +Date: Mon Mar 13 16:22:13 2023 -0400 + + Merge pull request #1292 from tlaurion/tpm2_retry + + TPM2/TPM1 support (testing and bug fixes needed through qemu-(fb)whiptail-tpm[1,2](-hotp) testing boards! + +commit 445ca053fbf26c7d19baa956e741e61444d55029 +gpg: Signature made Mon 13 Mar 2023 02:33:03 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Mar 2 11:12:56 2023 -0500 + + Talos II - Have single board config + - Based on initial server board + - Uses whiptail as opposed to fbwhiptail (was slow and output fuzzy) + - Simple fix to have dual KVM(BMC) and vga output for consoles + + Reasoning for dropping fbwhiptail support is that: + - it is impossible to output framebuffer content through remote BMC console. + - A workstation board config could output to fbwhiptail for VGA and give remote recovery shell access through BMC + - If someone shows interest for that, qemu-coreboot-tpm boards can be used as reference. + - slowness/fuzzyness of fbwhiptail output through AST would still need to be fixed in kernel drivers. Not a priority here. + + Limitation: + - Since whiptail is sent to both consoles: + - If one console goes to recovery shell, recovery shell access invalidate TPM PCR4 measurements. + - The other console won't be aware that TPM measurements were invalidated, and will consequently: + - not be able to unseal TOTP if refreshed + - not be able to unseal TPM disk unlock key on default boot + - A reboot will fix this. + +commit 4754a754dcbaf80e02c342481775659908dd298a +gpg: Signature made Mon 13 Mar 2023 02:27:21 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Mar 13 14:26:25 2023 -0400 + + .circleci/config.yml: Add qemu TPM2 representative board + + No other TPM2 boards exist yet, so add a qemu TPM2 board as a build + test for TPM2. + + Signed-off-by: Jonathon Hall + +commit 6a9e7e293eabc4117fe8fe23de4bd8394c48a30b +gpg: Signature made Mon 13 Mar 2023 02:11:19 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Mar 13 14:11:02 2023 -0400 + + fstab, init: Remove securityfs mount + + This is unused, remove it. + + Signed-off-by: Jonathon Hall + +commit 1f8c88a7eb4135e7c40ae862b05054db73f36ea7 +gpg: Signature made Mon 13 Mar 2023 01:34:46 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Mar 13 13:33:30 2023 -0400 + + gui-init, tpm-reset: Enforce TPM password maximum length + + TPM password must be 1-32 characters. Loop if the password is not + valid or the repeated password doesn't match, so the user can try + again. + + Move prompt_new_owner_password to functions and use in both gui-init + and tpm-reset. + + Fixes #1336 + + Signed-off-by: Jonathon Hall + +commit 30963e121fc172f82fa1b490f2713ab22d29a44f +gpg: Signature made Mon 13 Mar 2023 01:23:53 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Mar 13 13:21:29 2023 -0400 + + Combine t430-flash.init, x23-flash.init, fix insmod + + They're the same other than a TRACE, combine them. Use busybox + insmod since the insmod script uses bash, we don't need the TPM PCRs on + legacy-flash-boards. + + Remove PCR4 extend, these boards lack TPM configuration. Update ROM + example name. + + Signed-off-by: Jonathon Hall + +commit ea5b8dc30f174237a485887c50726a25cb806007 +gpg: Signature made Mon 13 Mar 2023 01:10:45 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Mar 13 13:10:24 2023 -0400 + + tpmr: Provide startsession for TPM1 and TPM2 + + It's a no-op on TPM1, but provide it so init doesn't have to + distinguish TPM1/TPM2. + + Signed-off-by: Jonathon Hall + +commit 5c33130ddc1d2006be79c51222378a0abb7fbc4b +gpg: Signature made Mon 13 Mar 2023 12:52:33 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Mar 13 12:52:06 2023 -0400 + + init: Fixes for legacy-flash boards + + Fix `[ -a` to POSIX `[ -e`. Only run cbfs-init, key-init on normal + boards with bash. + + Signed-off-by: Jonathon Hall + +commit 0c4fdf343b3c51800b646ceebb358c9094177034 +gpg: Signature made Mon 13 Mar 2023 12:51:54 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Mar 13 12:51:42 2023 -0400 + + poweroff, reboot: Do not use bash + + These need to work on legacy-flash boards. + + Signed-off-by: Jonathon Hall + +commit 0760b6f237449febb56225a42c258c6d43282024 +gpg: Signature made Mon 13 Mar 2023 12:27:08 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Mar 13 12:26:41 2023 -0400 + + init: Use busybox ash + + init must use busybox ash because it is used on legacy-flash boards. + Change shebang, move needed functions to ash_functions. + + Signed-off-by: Jonathon Hall + +commit 55b3fcfe1a23b9bb17d91bc004ed3b101921f4e5 +gpg: Signature made Fri 10 Mar 2023 05:52:13 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 17:50:43 2023 -0500 + + tpmr: Use at_exit for cleanup traps + + Multiple traps overwrite each other. While no tpmr functions have more + than one trap right now, it is fragile, and the quoting is complex due + to double expansion. Use at_exit to add exit handlers that accumulate + and do not require special quoting. + + Signed-off-by: Jonathon Hall + +commit decd45f3612ce5075789f1df5a52e2b73eb634db +gpg: Signature made Fri 10 Mar 2023 05:09:09 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 17:07:00 2023 -0500 + + openssl: Trim optional algorithms + + Disable all optional algorithms except SM3. (SHA and AES are not + optional.) tpm2-tss uses SHA, AES, and SM3. Reduces size of libcrypto + by almost 1 MB, saves about 140 KB in ROM. + + Signed-off-by: Jonathon Hall + +commit b21d8f7a94ad130296decc7704e9265885a9fff6 +gpg: Signature made Fri 10 Mar 2023 03:46:03 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 15:45:02 2023 -0500 + + oem-factory-reset: Use tpmr reset + + tpm-reset is just a prompt for the password followed by tpmr reset. + oem-factory-reset already bypasses the prompt, just call tpmr reset + directly. + + Signed-off-by: Jonathon Hall + +commit ff481b98fbf7550cfe0ac6cbcd5a11467ce88b7d +gpg: Signature made Fri 10 Mar 2023 03:42:29 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 15:42:19 2023 -0500 + + gui-init: Fix spelling of generate_totp_hotp() + + Signed-off-by: Jonathon Hall + +commit a0272270fe1afadef95426a08f8384f78571ac2b +gpg: Signature made Fri 10 Mar 2023 03:40:34 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 15:39:54 2023 -0500 + + gui-init, kexec-unseal-key: Move PCR debugging output to DEBUG calls + + These were still writing some debugging output containing flags and + PCRs even when debug was not enabled. Use DEBUG. + + Signed-off-by: Jonathon Hall + +commit 698fc8304690f68e8fe4036f08d014c380fc0bcc +gpg: Signature made Fri 10 Mar 2023 03:39:43 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 15:36:24 2023 -0500 + + gui-init: Eliminate extra TPM owner password prompts in TPM reset + + We just set the TPM owner password, so there's no need to make the user + enter it again. Eliminates some failure modes if the user mistypes it + or enters the wrong password. + + Allow optionally passing in the TPM owner password in tpmr seal, + check_tpm_counter(), seal-totp, and generate_totp_htop(). The user is + still prompted if the password is needed but was not provided, so + existing uses in other contexts continue to work unchanged. + + Prompt for the password in reset_tpm() and pass it down to each of the + above. + + Signed-off-by: Jonathon Hall + +commit 48421ada1e8920d13e065c0c7ba9fda7053990d4 +gpg: Signature made Fri 10 Mar 2023 03:10:04 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 15:09:46 2023 -0500 + + tpmtotp: Update to osresearch merged commit + + osresearch has merged support for tpm pcrread. + + Signed-off-by: Jonathon Hall + +commit 9d34dd6687c5db6a541c79b63b16a1154e0d2a01 +gpg: Signature made Fri 10 Mar 2023 03:09:39 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 15:09:09 2023 -0500 + + tpmr: Apply owner password to endorsement hierarchy + + Heads doesn't use the endorsement hierarchy, but we shouldn't leave it + with an empty password following a tpm2 clear. + + Signed-off-by: Jonathon Hall + +commit 67f3ac5103397806eabbceaa048fdd82b6138136 +gpg: Signature made Fri 10 Mar 2023 03:08:50 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 15:07:44 2023 -0500 + + tpmr: Provide reset for both TPM1 and TPM2 + + tpmr reset now works for both TPM1 and TPM2; bring in TPM1 logic from + tpm-reset. + + Signed-off-by: Jonathon Hall + +commit a2e4392497ac6e297f9fefee94c6f6bb58bda258 +gpg: Signature made Fri 10 Mar 2023 02:46:37 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Mar 10 14:19:43 2023 -0500 + + tpmr: Do not hash sealing passwords, always pass passwords as hex + + Don't hash password used to seal an object. This limits the password + to 32-characters but avoids obfuscating the usage of the password. The + 32-character limit is considered acceptable because password limits are + lower already (GPG token limits to 25 chars). We may allow >32 char + passwords in the future by hashing only if the password is >32 chars. + + Always pass passwords as hex to tpm2-tools to avoid possible ambiguity + if the password begins with a control prefix like 'hex:' or 'file:'. + + Signed-off-by: Jonathon Hall + +commit 298cde26abbbb78155c9d4b08266f41ca08f6923 +gpg: Signature made Fri 10 Mar 2023 12:25:08 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Jonathon Hall +Date: Fri Mar 10 11:16:34 2023 -0500 + + tpmr: Set dictionary lockout parameters and auth when resetting TPM2 + + Set consistent dictionary lockout parameters suited to Heads. Disable + lockout reset by setting a random password. + + Signed-off-by: Jonathon Hall + +commit 536f4a1623bbd9842885bc17800098d844c5bab3 +gpg: Signature made Fri 10 Mar 2023 12:12:01 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Mar 9 13:28:04 2023 -0500 + + Small cosmetic/typo related changes, ccache enablement for coreboot and reduction of unseal attempts + + gui-init: do not consume two unseal attempt to unseal both totp and hotp + cosmetic changes (slow down TPM DA lockout) + kexec-seal-key: Add DEBUG statement for PCR precalc + seal-totp: add DEBUG statements regarding skipping of PCR5 and PCR6 involvement into TOTP/HOTP sealing ops + seal-hotpkey: Add DEBUG statements related to reuse of TOTP sealed secret + tpmr: add DO_WITH_DEBUG calls to output pcrread and extend calls + tpmr: typo correction stating TRACE calls for tpm2 where it was for tpm1 + tpmr: add DO_WITH_DEBUG calls for calcfuturepcr + functions: Cosmetic fix on pause_recovery asking user to press Enter to go to recovery shell on host console when board defines CONFIG_BOOT_RECOVERY_SERIAL + + Not so related but part of output review and corrections: + kexec-insert-key: cosmetic changes prepending "+++" to disk related changes + kexec-save-default: cosmetic changes prepending "+++" to disk related changes + config/coreboot-qemu-tpm*.config: add ccache support for faster coreboot rebuild times + +commit 6300e3050435ed61af68f803e9c10584bf507683 +gpg: Signature made Fri 10 Mar 2023 09:47:59 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b2dcebb50a dcf65ea892 +Author: tlaurion +Date: Fri Mar 10 09:47:59 2023 -0500 + + Merge pull request #1333 from tlaurion/flashtools_version_bump_to_master + + modules/flashtools : version bump back to osresearch/flashtools + +commit dcf65ea892544646f7b91ab0ca4977587a2a639b +gpg: Signature made Fri 10 Mar 2023 09:32:03 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Mar 10 09:31:22 2023 -0500 + + modules/flashtools : version bump back to osresearch/flashtools + + Changes to support ppc64 were merged upstream + +commit 77060b00318e679b1d2bb80ee10ba99a21a935b5 +gpg: Signature made Wed 08 Mar 2023 05:18:46 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 17:18:11 2023 -0500 + + tpmr: Delete outdated TODO in tpm2_seal + + The sealing password is now hashed, so there's no length limit. + + Signed-off-by: Jonathon Hall + +commit 733fea8e2df5df8c6d1b7715ad4ff535cfe4277c +gpg: Signature made Wed 08 Mar 2023 05:17:16 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 17:17:01 2023 -0500 + + tpmr: Add TRACE to cleanup functions + + Add TRACE to cleanup_shred, cleanup_session + + Signed-off-by: Jonathon Hall + +commit ebabcffbdc0495d24ac76f56c49cb695b340d761 +gpg: Signature made Wed 08 Mar 2023 05:07:45 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 17:07:00 2023 -0500 + + tpmr: Use existing HMAC session in tpm2_unseal + + We already have HMAC sessions for encryption and decryption, there's no + need to create an ad-hoc session in tpm2_unseal. + + Signed-off-by: Jonathon Hall + +commit 8d834f649da82bb0e46c936cf2ba48d664d0630c +gpg: Signature made Wed 08 Mar 2023 05:06:47 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 17:06:31 2023 -0500 + + tpmr: Add missing traces to tpm2_kexec_finalize, tpm2_shutdown + + Signed-off-by: Jonathon Hall + +commit c62b96b4a6183d55a95a90a7d342f845087d0d94 +gpg: Signature made Wed 08 Mar 2023 04:45:09 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 16:44:47 2023 -0500 + + tpmr: Move tpm1_unseal next to tpm2_unseal + + All the other tpm2/tpm1 corresponding wrappers are next to each other, + do the same for unseal. + + Signed-off-by: Jonathon Hall + +commit d88fcca2f2ff1897f7b00a9e72ff2e326215ca0a +gpg: Signature made Wed 08 Mar 2023 04:42:40 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 16:42:19 2023 -0500 + + kexec-seal-key, seal-totp: Silence dd status when setting up PCRs + + Add status=none to dd invocations building PCR data. + + Signed-off-by: Jonathon Hall + +commit 50daa904f975304a2cf0e7db57ec2b918598ef20 +gpg: Signature made Wed 08 Mar 2023 04:35:57 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 16:34:45 2023 -0500 + + tpmr: Capture TPM2 pcaps in qemu TPM2 boards + + tpm2-tools is able to log pcap files of TPM2 commands, which can be + inspected with wireshark. Add CONFIG_TPM2_CAPTURE_PCAP to capture + these from the tpmr wrapper, and enable for qemu TPM2 boards. + + Signed-off-by: Jonathon Hall + +commit 215ff2a397dbf6e5a2dc3e2183d7308a60248d47 +gpg: Signature made Wed 08 Mar 2023 04:23:13 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 16:20:21 2023 -0500 + + reboot, poweroff: Prepare TPM2 for shutdown + + TPM2 must be prepared for shutdown, or it may track an auth failure for + dictionary attack prevention (per the spec, to prevent an attack by + attempting to authenticate and then powering off the TPM before it can + update the nonvolatile counter). + + Add tpmr shutdown to prepare for shutdown (no-op on TPM1). Invoke it + from poweroff and reboot. + + Signed-off-by: Jonathon Hall + +commit c7d0f7969ece9695e5cf88b5b21f92ab1a31ba15 +gpg: Signature made Wed 08 Mar 2023 04:19:56 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 16:19:37 2023 -0500 + + kexec-seal-key: Fix masked parameter position in tpmr seal + + The password was moved to parameter 7 in an earlier commit. + + Signed-off-by: Jonathon Hall + +commit 7b8824adf1ab6dc4ca916a6cc368cc28aebfbbb1 +gpg: Signature made Wed 08 Mar 2023 12:45:57 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 12:39:06 2023 -0500 + + seal-totp, kexec-seal-key: Use common logic for TPM1 and TPM2 + + Provide tpmr commands pcrread, pcrsize, calcfuturepcr, and seal for + both TPM1 and TPM2. + + Combine seal logic for TPM1/TPM2 in seal-totp, kexec-seal-key. This is + essentially the TPM2 logic now that tpmr provides the same wrapped + commands for both TPM1 and TPM2. + + Remove algorithm prefix from PCR list in tpmr unseal for consistency + with tpmr seal. + + Signed-off-by: Jonathon Hall + +commit e2c2f2d4e03420015a3ce7f63844cea6b7bcfd12 +gpg: Signature made Wed 08 Mar 2023 12:45:56 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Mar 8 12:37:42 2023 -0500 + + tpmtotp: Update to branch including tpm pcrread + + Update to branch including tpm pcrread until it is merged upstream. tpm + pcrread allows us to use the same logical flow for TPM1 and TPM2 in + seal operations. + + Signed-off-by: Jonathon Hall + +commit 641bea4d469e1f6eae7579e47017b2735db73876 +gpg: Signature made Wed 08 Mar 2023 12:45:56 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 16:35:22 2023 -0500 + + tpmr: Don't add newline when extending PCR with literal data + + tpmr extend with -ic (extend with literal data) was adding a newline, + use echo -n so it only includes the data given in the hash. + + Signed-off-by: Jonathon Hall + +commit 809b55666bcf61e27970b505703e6ad31c3449c9 +gpg: Signature made Wed 08 Mar 2023 12:45:56 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 16:21:31 2023 -0500 + + kexec-seal-key: Clean up TODOs and TPM2 seal + + Clean up TODO comments. + + Clean up redirections for tpm2 pcrread, use bash redirect to command. + + Use DO_WITH_DEBUG --mask-position to trace tpmr seal for TPM2 and hide + the password. + + Signed-off-by: Jonathon Hall + +commit 719dc5797008d339ae45f988abe81e9125bdc31a +gpg: Signature made Wed 08 Mar 2023 12:45:55 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 16:20:23 2023 -0500 + + init: Always create symlinks for bash + + No need to test whether bash is a symlink, bash ships on all boards + using the normal init script now. + + Signed-off-by: Jonathon Hall + +commit 5588a47d568ffd9d70cdd2db3b1c7a3836c09c9e +gpg: Signature made Wed 08 Mar 2023 12:45:55 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 15:41:42 2023 -0500 + + modules/openssl: Update to 3.0.8, reduce size + + Update OpenSSL to 3.0.8. Build with -Os. Install only libcrypto, + libssl is not currently needed. Don't buid tests. + + Signed-off-by: Jonathon Hall + +commit 92a6b5410d85c6da3870c56d1e97bcadd2c78559 +gpg: Signature made Wed 08 Mar 2023 12:45:55 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 14:00:57 2023 -0500 + + tpmr: Improve debug output, hide secrets, trim extend output more + + Provide mask_param() function to uniformly mask secret parameters, + while still indicating whether they are empty. + + Extend DO_WITH_DEBUG to allow masking a password parameter by position, + using mask_param(). Move from ash_functions to functions (isn't used + by ash scripts). + + Mask password parameters in kexec-unseal-key and tpmr seal. Use + mask_param() on existing masked params in tpmr. + + Trim more troubleshooting output from tpm2_extend() in tpmr. + + Clarify tpmr kexec_finalize echo; it's the TPM's platform heirarchy, + users might not know what this was referring to. + + Signed-off-by: Jonathon Hall + +commit 93459563d0dbcccd46e103953ee9b7e4448761c0 +gpg: Signature made Wed 08 Mar 2023 12:45:54 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 13:18:38 2023 -0500 + + tpmr: Delete unimplemented nvram commands + + nv_definespace, nv_writevalue, and nv_readvalue were never actually + implemented, remove them. + + Signed-off-by: Jonathon Hall + +commit 7afb1e474f1cf5ab38f92818cda07de03feea049 +gpg: Signature made Wed 08 Mar 2023 12:45:54 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 11:21:45 2023 -0500 + + tpmr: Provide HMAC session when unsealing with policy + + Provide an HMAC session to tpm2 when unsealing with an auth policy. + The HMAC session is used for transport encryption. + + This allows transport encryption to work when unsealing. + + Signed-off-by: Jonathon Hall + +commit 58c0b7c979752faed3cfd7981eca138ed3d2d659 +gpg: Signature made Wed 08 Mar 2023 12:45:54 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 11:18:47 2023 -0500 + + tpmr: Remove PCR debug dump, silence nonsense unseal errors for new TPM + + Remove dump of all PCRs from tpm2_extend, it was causing other errors + to roll off the screen before they could be inspected, and it's no + longer needed now that TPM2 is working. + + Silence nonsense errors from unseal if TPM2 hasn't been reset. tpm2 -S + with a file that doesn't exist would complain that the parameter format + was not understood (looks like a script error), when the actual problem + was that the file doesn't exist yet. We can't try to unseal anyway + without a primary handle, so just exit unsuccessfully in that case. + + Signed-off-by: Jonathon Hall + +commit b5985fef03884596dc1d7e2bc3dbc0d9040731da +gpg: Signature made Wed 08 Mar 2023 12:45:53 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 10:18:56 2023 -0500 + + kexec-seal-key: Reset PCR 23 before precomputing with it + + Precomputation relies on PCR 23 being 0 initially, so reset it in case + it isn't. + + Signed-off-by: Jonathon Hall + +commit eda24d85bf4680344430b6cdf5af4d4bdd50821d +gpg: Signature made Wed 08 Mar 2023 12:45:53 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 10:10:32 2023 -0500 + + *-flash.init: Use busybox ash + + Busybox no longer has CONFIG_BASH since we are deploying bash on most + boards. We also should clearly indicate which scripts cannot use + bashisms. + + Change shebang in x230-flash.init, t430-flash.init, flash.sh to + /bin/ash. Execute /bin/sh for interactive shells. + + Move key functions needed by those scripts to initrd/etc/ash_functions. + Source ash_functions instead of functions in those scripts, so any + bashisms in other functions won't break parsing of the script in ash. + + Signed-off-by: Jonathon Hall + +commit 4b5878806376acc875ae11fb4e50ac00b6210048 +gpg: Signature made Wed 08 Mar 2023 12:45:53 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 10:05:27 2023 -0500 + + init: Execute /bin/sh for interactive shell, not /bin/bash + + bash will not be the default interactive shell since readline support + increases the binary size significantly. Use /bin/sh (busybox ash) for + that. + + Signed-off-by: Jonathon Hall + +commit c2a4d84dfdf0a04249a88b26511725e4c12832b3 +gpg: Signature made Wed 08 Mar 2023 12:45:52 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Mar 7 11:02:45 2023 -0500 + + Makefile: Bring back bash in bin_modules + + bash was accidentally dropped from bin_modules when reintroducing + CONFIG_BASH, put it back and depend on CONFIG_MODULES now. + + Signed-off-by: Jonathon Hall + +commit d549229bfcc6076adad1ca6a878d0ccf91cb3048 +gpg: Signature made Wed 08 Mar 2023 12:45:52 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Thierry Laurion +Date: Wed Mar 1 16:07:03 2023 -0500 + + modules/bash: enabled by default, disabled in legacy-flash boards + - legacy-flash boards have a single purpose: to flash BIOS region through flashrom. + - They do not need bash nor have space for it in their 4mb defined coreboot CBFS region + + Test build to have legacy boards builds under osresearch#1292 + +commit c9df49ad20ee840b42094b25fb25400760601fb6 +gpg: Signature made Wed 08 Mar 2023 12:45:52 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 28 15:39:32 2023 -0500 + + modules/bash: Include bash in all builds, remove CONFIG_BASH + + Include bash in all builds. Remove CONFIG_BASH. + + Remove CONFIG_BASH_IS_ASH from busybox configuration and clean up hacks + in modules/bash. + + Signed-off-by: Jonathon Hall + +commit d59ffe07b82a60e42c0ac4c4426321141baa0c6a +gpg: Signature made Wed 08 Mar 2023 12:45:51 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 28 15:36:50 2023 -0500 + + modules/bash: Disable readline, enable -Os + + Disable readline features for interactive shell. This significantly + reduces the size of bash and doesn't affect scripting features. The + interactive shell still functions, but there is no history or command + line editing (backspace works, but arrows do not move cursor). + + Enable -Os on bash for more size reduction. + + This saves about 180KiB from the compressed initrd for + qemu-coreboot-fbwhiptail-tpm2-hotp, almost half the cost of adding + bash. + + Signed-off-by: Jonathon Hall + +commit c98ae5b53dc26278fe1c7b039784a2108480ee77 +gpg: Signature made Wed 08 Mar 2023 12:45:51 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 28 15:35:44 2023 -0500 + + recovery, passwd: Use /bin/sh for interactive shells + + Use /bin/sh (ash in busybox builds) for interactive shells, not bash. + Preparation for trimming interactive features from bash to reduce size. + + Signed-off-by: Jonathon Hall + +commit 7ab5e5c3e3aa982765000d4dd5c3bdd43ebcd181 +gpg: Signature made Wed 08 Mar 2023 12:45:51 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 28 13:55:00 2023 -0500 + + tpmr: Clean up TODOs about size parameter to tpm2_unseal + + The size parameter is actually the size of the sealed secret to TPM1, + not the unsealed data size. TPM2 does not observe the sealed secret, + so just ignore that parameter. + + Signed-off-by: Jonathon Hall + +commit 0a38717e20b18b5eab60875d4e5e0313464a6073 +gpg: Signature made Wed 08 Mar 2023 12:45:50 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 28 13:36:11 2023 -0500 + + tpmr: Wrap TPM1 and TPM2 unseal actions so scripts can invoke either + + Provide tpmr unseal to unseal a file with TPM1 or TPM2. For TPM1, it + wraps tpm nv_readvalue and tpm unsealfile. For TPM2, it wraps tpm2 + unseal. + + kexec-unseal-key, seal-hotpkey, unseal-hotp, and unseal-totp no longer + need to differentiate TPM1/TPM2. + + Fixes spurious shred errors on TPM2 that only apply to TPM1 (temporary + sealed secret file and shred are now internal to tpmr). + + Fixes TPM1 disk unlock key unsealing due to logic errors relating to + exit status of tpmr unseal or tpm unsealfile (now always uses status of + tpmr unseal). + + Signed-off-by: Jonathon Hall + +commit 660a5fe71e3d8c829f44fe77ec193ed47b8238d4 +gpg: Signature made Wed 08 Mar 2023 12:45:50 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 28 13:10:12 2023 -0500 + + qemu-*: Add CONFIG_BASH=y to TPM1 boards + + Enable bash on qemu TPM1 boards to use arrays in tpmr's TPM1 wrappers. + + Signed-off-by: Jonathon Hall + +commit 55e5a41ecaaaf993678ecdbedf3950cd913e10da +gpg: Signature made Wed 08 Mar 2023 12:45:49 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Feb 27 16:42:01 2023 -0500 + + tpmr: Add kexec_finalize command to finalize TPM before boot + + TPM2 locks the platform heirarchy, flushes transient objects, and + flushes sessions. (This now cleans up sessions created during + startsession that previously were not cleaned up, although the OS might + flush all sessions as well.) + + TPM1 currently does not do anything, but the command is accepted so + kexec-boot does not need to differentiate TPM1/2. + + Signed-off-by: Jonathon Hall + +commit f324b72be6b089f85ed1c6c9df73e40da877a101 +gpg: Signature made Wed 08 Mar 2023 12:45:49 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Feb 27 10:09:52 2023 -0500 + + tpmr: Seal/unseal using sha256 of password + + TPM2 is only required to support password lengths up to its longest + hash size (32 chars for sha256). Pass the sha256 of the password + instead of the actual password so the password can be arbitrarily long. + + Signed-off-by: Jonathon Hall + +commit 6efabeb520e85ccb2e371dee28768a01c34e9bfe +gpg: Signature made Wed 08 Mar 2023 12:45:49 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Mon Feb 27 09:49:43 2023 -0500 + + tpmr: Set flags properly on sealed file + + Set flags 'fixedtpm|fixedparent|adminwithpolicy'. Plain password auth + is no longer allowed. For objects sealed with a password, the password + is part of the auth policy, so both PCRs and password must be satisfied + to unseal. + + Tested by manually attempting to unseal disk unlock key with password: + tpm2 unseal -c 0x81000003 -p "" + + This now correctly returns an error indicating this auth method is not + allowed. + + Relative to the documented default flags for tpm2_create: + + * sign, decrypt: Not applicable to a sealed object, tpm2_create + automatically removed these from the defaults. + * fixedtpm, fixedparent: Kept + * sensitivedataorigin: Not applicable an object where the sensitive + data is not generated by the TPM. + * userwithauth: Removed this, "user" actions must satisfy auth policy. + * adminwithpolicy: Added this, "admin" actions must satisfy auth + policy. + + Signed-off-by: Jonathon Hall + +commit bc736450cb8e7ba190d84117b17bba4b37912783 +gpg: Signature made Wed 08 Mar 2023 12:45:48 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Feb 24 16:47:07 2023 -0500 + + kexec-select-boot: For debug inspection, drop to recovery + + After saving a disk unlock key, if debug output is enabled, drop to + a recovery shell to allow inspection of debug output. + + The script isn't intended to return from this point after sealing a + key - returning attempts to boot, which can't unseal the key. + + Signed-off-by: Jonathon Hall + +commit 8bf5415e79dfcb04592c5c17450488c4e672b018 +gpg: Signature made Wed 08 Mar 2023 12:45:48 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Feb 24 16:45:41 2023 -0500 + + tpmr: Add seal/unseal debug tracing + + Trace parameters to seal/unseal and some key tpm2 invocations. Trace + invocation of tpmr seal/unseal for disk unlock key. + + Add DO_WITH_DEBUG() to trace a command and parameters, then execute it. + + Signed-off-by: Jonathon Hall + +commit e6acaad215b33d92c203bd35f1cc6a927744be98 +gpg: Signature made Wed 08 Mar 2023 12:45:48 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Fri Feb 24 15:52:10 2023 -0500 + + tpmr: Fix sealing/unsealing file with both PCRs and passwords + + When sealing/unsealing with a password, use a policy including both the + specified PCRs and the object password. Fixes sealing and unsealing + disk unlock key. + + tpm2 seems to have a bug in parameter decryption when using a policy + session and password in this way, disable encryption in the policy + session as a workaround. + + Flags still need to be set on the sealed object correctly, as the + password is normally allowed on its own as an alternative to policy + auth. + + Add -Q to some tpm2 invocations to silence diagnostics on stdout. + + Pass filename for unsealed secret rather than capturing from stdout + for robustness against tpm2 diagnostics on stdout. + + Fix unseal result check in kexec-unseal-key. + + Signed-off-by: Jonathon Hall + +commit 1e5544b9349b63d314bad27c99e5faf8f847325a +gpg: Signature made Wed 08 Mar 2023 12:45:47 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Thierry Laurion +Date: Thu Feb 23 17:05:15 2023 -0500 + + Add DEBUG traces and have TPM2 boards enable TRACE and DEBUG calls + - /tmp/debug.log is created and appended by all TRACE and DEBUG calls in code + - fix some logic errors seen when no DEBUG entry were outputted in /tmp/debug.log + +commit 79e10ee1357658cbd63af2a518924aaa3db35c32 +gpg: Signature made Wed 08 Mar 2023 12:45:47 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Feb 23 10:14:32 2023 -0500 + + kexec-unseal-key, tpmr: Deduplicate TPM1/2 code and always use stdin pass + + Always send password via stdin to tpm2 create, tpm2 unseal. The password + could being with things like 'file:', 'str:', 'pcr:' that would be + interpreted by tpm2. + + Deduplicate the TPM1/2 code in kexec-unseal-key. The TPM2 code was not + actually prompting for the password or sending it to tpmr unseal. + + Password is still not working yet though. + + Signed-off-by: Jonathon Hall + +commit 2c6caa18a7d042bcf962127226b2b69281e22cbe +gpg: Signature made Wed 08 Mar 2023 12:45:47 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Feb 23 09:15:00 2023 -0500 + + kexec-(un)seal-key: Delete CONFIG_AUTO_UNLOCK logic + + CONFIG_AUTO_UNLOCK does not exist in Heads. + + Signed-off-by: Jonathon Hall + +commit b5005053123bc234d4481f96475cd6e89e71778b +gpg: Signature made Wed 08 Mar 2023 12:45:46 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Feb 22 16:30:07 2023 -0500 + + tpm2-tools: Change sense of CONFIG_TPM to mean any TPM, not just TPM1. + + Most logic throughout Heads doesn't need to know TPM1 versus TPM2 (and + shouldn't, the differences should be localized). Some checks were + incorrect and are fixed by this change. Most checks are now unchanged + relative to master. + + There are not that many places outside of tpmr that need to + differentiate TPM1 and TPM2. Some of those are duplicate code that + should be consolidated (seal-hotpkey, unseal-totp, unseal-hotp), and + some more are probably good candidates for abstracting in tpmr so the + business logic doesn't have to know TPM1 vs. TPM2. + + Previously, CONFIG_TPM could be variously 'y', 'n', or empty. Now it + is always 'y' or 'n', and 'y' means "any TPM". Board configs are + unchanged, setting CONFIG_TPM2_TOOLS=y implies CONFIG_TPM=y so this + doesn't have to be duplicated and can't be mistakenly mismatched. + + There were a few checks for CONFIG_TPM = n that only coincidentally + worked for TPM2 because CONFIG_TPM was empty (not 'n'). This test is + now OK, but the checks were also cleaned up to '!= "y"' for robustness. + + Signed-off-by: Jonathon Hall + +commit d51993b6a9ee54dea53d3fc5677826dca0d4ff4e +gpg: Signature made Wed 08 Mar 2023 12:45:46 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Feb 22 16:26:53 2023 -0500 + + tpm-reset: Reduce duplication with tpmr reset + + Use common password prompt logic in tpm-reset rather than duplicating + in tpmr reset. + + Use common logic in config-gui.sh to reset the TPM. + + Use common logic in oem-factory-reset to reset TPM. Fixes extra + prompts for TPM2 owner password even when choosing to use a common + password. Fix sense of "NO TPM" check in TOTP generation (which only + happened to work because CONFIG_TPM is empty for TPM2). + + Signed-off-by: Jonathon Hall + +commit ab57cd0b9aea3f456ea87e17bf894e0693ab0662 +gpg: Signature made Wed 08 Mar 2023 12:45:46 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Feb 22 14:24:49 2023 -0500 + + tpmr: Fix wording of owner password prompt in tpm2_sealfile() + + It's asking for the existing password, not a new password. + + Signed-off-by: Jonathon Hall + +commit cf3ee1979519ddb0cf2755d657541e25e0e6ce27 +gpg: Signature made Wed 08 Mar 2023 12:45:45 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Feb 22 13:31:15 2023 -0500 + + seal-hotpkey: Fix quoting in CONFIG_TPM test + + $CONFIG_TPM needs to be quoted, or [ syntax is incorrect when it's + empty. Fixes errors in console with TPM2 (but behavior was correct due + to [ still returning false as expected). + + Signed-off-by: Jonathon Hall + +commit 55a41c3fdb83964bd9967c189d879d8418fe6c0f +gpg: Signature made Wed 08 Mar 2023 12:45:45 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Feb 22 10:47:01 2023 -0500 + + kexec-save-default: Always update TPM2 primary object handle hash + + Resetting the TPM creates a new primary object, and there is no reason + for kexec-save-default to sign an old hash. Always update the hash + instead of creating it only if it doesn't exist. + + Signed-off-by: Jonathon Hall + +commit ff8ec2fd5b769a5289665030dc366059af257952 +gpg: Signature made Wed 08 Mar 2023 12:45:45 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Feb 22 10:42:32 2023 -0500 + + qemu*tpm2*: Manufacture TPM2 + + Invoke swtpm_setup --create-config-files skip-if-exist to create local + CA files under the current user account, so user does not need + read/write access to /var/lib/swtpm-localca. + + Pass --tpm2 to manufacture a TPM2 instead of TPM1.2. + + Signed-off-by: Jonathon Hall + +commit 7ea606524b9131c99ac5a7a0f04be9a81fe7d252 +gpg: Signature made Wed 08 Mar 2023 12:45:44 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 21 17:16:11 2023 -0500 + + gui-init: Remove TPM2 primary handle hash when resetting TPM + + Resetting the TPM invalidates the primary handle hash, and + kexec-save-default only generates a hash if none exists. Remove the + hash file when it is invalidated. + + OEM reset and "Reset Configuration" both already remove all kexec + files. + + Signed-off-by: Jonathon Hall + +commit 4e375ad7ca9e0676e04ebbe0c0a64e3071b88f73 +gpg: Signature made Wed 08 Mar 2023 12:45:44 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 21 17:15:09 2023 -0500 + + tpm2-tools: Remove curl dependency + + The actual use of curl was already removed, update tpm2-tools patch to + also remove the check for curl. Remove the curl module and + CONFIG_CURL. + + Signed-off-by: Jonathon Hall + +commit 8da5d5d723aff8d8e7c4156688cb30b374e6132b +gpg: Signature made Wed 08 Mar 2023 12:45:44 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Thierry Laurion +Date: Wed Feb 8 16:01:48 2023 -0500 + + Add dual support for real bash and busybox's bash(ash) + - modify bash to have it configured with -Os + +commit 6923fb5e20cfb662b76c1d1fa48e245ecd8d79fb +gpg: Signature made Wed 08 Mar 2023 12:45:43 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Thierry Laurion +Date: Thu Aug 25 14:43:31 2022 -0400 + + Addition of qemu-(fb)whiptail-tpm2(-hotp) boards + -coreboot support of TPM v2.0 (shared config for TPM2 support across all 4 previous variations) + -swtpm set to be launched under TPM v2.0 mode under board config + -Documentation file under each board.md softlinks to qemu-coreboot-fbwhiptail-tpm1.md (which has been generalized) + This is skeleton for TPM v2 integration under Heads + + ------------- + WiP + + TODO: + - libcurl cannot be built as a tpm2-tools dependency as of now not sure why. curl currently needs to be added in board config to be built + - Note: tpm-reset (master and here) needs some review, no handle of no tpm use case. Caller is responsible to not call it otherwise does nothing + - init tries to bind fd and fails currently + - Note: Check if whiptail is different of fbwhiptail in clearing screen. As of now every clear seems to be removed, still whiptail clears previous console output + - When no OS' /boot can be mounted, do not try to TPM reset (will fail) + + - seal-hotpkey is not working properly + - setting disk unlock key asks for TPM ownership passphrase (sealing in NV requires ownership, but text is misleading user as if reowning TPM) + - We should cache input, feed tpm behind the scene and wipe passphrase and state clearly that this is TPM disk unlock kye passphrase. + - primary key from TPM2 is invalid most of the time from kexec-select-boot and verifying global hashes but is setuped correctly at disk unlock key setup + - would be nice to take advantage of bash function tracing to understand where we are for debugging purposes, code takes ash in consideration only + - tpmr says it implements nv calls but actually doesn't. Removing those falsely wrapped functions would help. + - Implementing them would be better + - REVIEW TODOS IN CODE + - READD CIRCLECI CONFIG + + Current state: + - TPM unseal works without disk unlock key and generates TOTP properly (was missing die condition at unseal to not produce always good TOTP even if invalid) + - TPM disk encryption key fails. Hypothesis is that sealing with USB drivers loaded and measures in inconsistent with sealed with/without. + - TPM disk unsealing happens without USB modules being loaded in non-HOTP setup. This fails. + + - Current tests are with fbwhiptail (no clear called so having traces on command line of what happens) + - Testing with HOTP implementation for sealing/unsealing since that forces USB module loads on each boot to remove this from failing possibilities + +commit b2dcebb50a41c92f6c948ec67adedb967a8145dd +gpg: Signature made Wed 08 Mar 2023 08:37:59 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 15e9d0b6f3 907e906f01 +Author: tlaurion +Date: Wed Mar 8 08:37:59 2023 -0500 + + Merge pull request #1121 from tlaurion/pass_O2_to_Os + +commit 907e906f019f70579698896b0fd5f547e274b2d7 +gpg: Signature made Tue 07 Mar 2023 06:05:42 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Mar 1 11:12:46 2023 -0500 + + Pass -O3 and -O2 (optimize for speed) to -Os (Optimize for space) + Adresses @easrentai suggestion to pass modules build optimization for space here: #590 (comment) + + - Uniformized module's $(CROSS_TOOLS) being passed as environment variable, prior of ./configure call + + Doesn't work for: + - busybox (HOSTCXXFLAGS="-Os" attempted prior of ./configure call) + - zlib (CFLAGS="-Os" attempted prior of ./configure call) + - npth (CFLAGS="-Os" attempted prior of ./configure call) + +commit 15e9d0b6f3932514f7cdc88dea06e8cae6097c0a +gpg: Signature made Tue 07 Mar 2023 04:07:10 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 96a20a7456 47bd80a0ec +Author: tlaurion +Date: Tue Mar 7 16:07:09 2023 -0500 + + Merge pull request #1330 from tlaurion/coreboot_do_not_rebuild_builstack_at_each_make + + modules/coreboot: do not rebuild version specific coreboot's builstack at each board's make + +commit 47bd80a0ec5de61a5e14b6653fb9b12bfe5ee10f +gpg: Signature made Tue 07 Mar 2023 03:39:33 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Mar 7 15:38:44 2023 -0500 + + modules/coreboot: Do not rebuild coreboot buildstack when built + .xcompile was not found because it was quoted and shouldn't in coreboot module's makefile + + Prior: + stat("\"/home/user/heads/build/x86/coreboot-4.13/.xcompile\"", 0x7ffe56e6cfd0) = -1 ENOENT (No such file or directory) + pipe([3, 4]) = 0 + fcntl(4, F_GETFD) = 0 + fcntl(4, F_SETFD, FD_CLOEXEC) = 0 + fcntl(3, F_GETFD) = 0 + fcntl(3, F_SETFD, FD_CLOEXEC) = 0 + prlimit64(0, RLIMIT_NOFILE, NULL, {rlim_cur=1024, rlim_max=1024*1024}) = 0 + prlimit64(0, RLIMIT_NOFILE, NULL, {rlim_cur=1024, rlim_max=1024*1024}) = 0 + stat("/usr/bin/env", {st_mode=S_IFREG|0755, st_size=48480, ...}) = 0 + geteuid() = 1000 + getegid() = 1000 + getuid() = 1000 + getgid() = 1000 + access("/usr/bin/env", X_OK) = 0 + mmap(NULL, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ce2be6fd000 + rt_sigprocmask(SIG_BLOCK, ~[], [CHLD], 8) = 0 + clone(child_stack=0x7ce2be705ff0, flags=CLONE_VM|CLONE_VFORK|SIGCHLD) = 305342 + munmap(0x7ce2be6fd000, 36864) = 0 + rt_sigprocmask(SIG_SETMASK, [CHLD], NULL, 8) = 0 + close(4) = 0 + read(3, "2\n", 200) = 2 + read(3, "", 198) = 0 + close(3) = 0 + wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 305342 + fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...}) = 0 + write(1, "make -C \"/home/user/heads/build/"..., 74make -C "/home/user/heads/build/x86/coreboot-4.13" CPUS=2 "crossgcc-i386" + ) = 74 + rt_sigprocmask(SIG_BLOCK, [HUP INT QUIT TERM XCPU XFSZ], NULL, 8) = 0 + stat("/usr/bin/env", {st_mode=S_IFREG|0755, st_size=48480, ...}) = 0 + geteuid() = 1000 + getegid() = 1000 + getuid() = 1000 + getgid() = 1000 + access("/usr/bin/env", X_OK) = 0 + mmap(NULL, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ce2be6fd000 + rt_sigprocmask(SIG_BLOCK, ~[], [HUP INT QUIT TERM CHLD XCPU XFSZ], 8) = 0 + clone(child_stack=0x7ce2be705ff0, flags=CLONE_VM|CLONE_VFORK|SIGCHLD) = 305343 + munmap(0x7ce2be6fd000, 36864) = 0 + rt_sigprocmask(SIG_SETMASK, [HUP INT QUIT TERM CHLD XCPU XFSZ], NULL, 8) = 0 + rt_sigprocmask(SIG_UNBLOCK, [HUP INT QUIT TERM XCPU XFSZ], NULL, 8) = 0 + wait4(-1, make[1]: Entering directory '/home/user/heads/build/x86/coreboot-4.13' + Welcome to the coreboot cross toolchain builder v () + + Building toolchain using 2 thread(s). + + Target architecture is i386-elf + + Found compatible Ada compiler, enabling Ada support by default. + + Downloading and verifying tarballs ... + * gmp-6.2.0.tar.xz (cached)... hash verified (052a5411dc74054240eec58132d2cf41211d0ff6) + * mpfr-4.1.0.tar.xz (cached)... hash verified (159c3a58705662bfde4dc93f2617f3660855ead6) + * mpc-1.2.0.tar.gz (cached)... hash verified (0abdc94acab0c9bfdaa391347cdfd7bbdb1cf017) + * binutils-2.35.tar.xz (cached)... hash verified (6bdd090ce268b6d6c3442516021c4e4b5019e303) + * gcc-8.3.0.tar.xz (cached)... hash verified (c27f4499dd263fe4fb01bcc5565917f3698583b2) + Downloaded tarballs ... ok + Unpacking and patching ... + * gmp-6.2.0.tar.xz + o gmp-6.2.0_generic-build.patch + * mpfr-4.1.0.tar.xz + ^C0x7ffe56e6ef40, 0, NULL) = ? ERESTARTSYS (To be restarted if SA_RESTART is set) + strace: Process 305153 detached + + After: + stat("/home/user/heads/build/x86/coreboot-4.13/.xcompile", 0x7ffd0303c7f0) = -1 ENOENT (No such file or directory) + pipe([3, 4]) = 0 + fcntl(4, F_GETFD) = 0 + fcntl(4, F_SETFD, FD_CLOEXEC) = 0 + fcntl(3, F_GETFD) = 0 + fcntl(3, F_SETFD, FD_CLOEXEC) = 0 + prlimit64(0, RLIMIT_NOFILE, NULL, {rlim_cur=1024, rlim_max=1024*1024}) = 0 + prlimit64(0, RLIMIT_NOFILE, NULL, {rlim_cur=1024, rlim_max=1024*1024}) = 0 + stat("/usr/bin/env", {st_mode=S_IFREG|0755, st_size=48480, ...}) = 0 + geteuid() = 1000 + getegid() = 1000 + getuid() = 1000 + getgid() = 1000 + access("/usr/bin/env", X_OK) = 0 + mmap(NULL, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x740f6e370000 + rt_sigprocmask(SIG_BLOCK, ~[], [CHLD], 8) = 0 + clone(child_stack=0x740f6e378ff0, flags=CLONE_VM|CLONE_VFORK|SIGCHLD) = 306024 + munmap(0x740f6e370000, 36864) = 0 + rt_sigprocmask(SIG_SETMASK, [CHLD], NULL, 8) = 0 + close(4) = 0 + read(3, "2\n", 200) = 2 + read(3, "", 198) = 0 + close(3) = 0 + wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 306024 + fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...}) = 0 + write(1, "make -C \"/home/user/heads/build/"..., 74make -C "/home/user/heads/build/x86/coreboot-4.13" CPUS=2 "crossgcc-i386" + ) = 74 + rt_sigprocmask(SIG_BLOCK, [HUP INT QUIT TERM XCPU XFSZ], NULL, 8) = 0 + stat("/usr/bin/env", {st_mode=S_IFREG|0755, st_size=48480, ...}) = 0 + geteuid() = 1000 + getegid() = 1000 + getuid() = 1000 + getgid() = 1000 + access("/usr/bin/env", X_OK) = 0 + mmap(NULL, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x740f6e370000 + rt_sigprocmask(SIG_BLOCK, ~[], [HUP INT QUIT TERM CHLD XCPU XFSZ], 8) = 0 + clone(child_stack=0x740f6e378ff0, flags=CLONE_VM|CLONE_VFORK|SIGCHLD) = 306025 + munmap(0x740f6e370000, 36864) = 0 + rt_sigprocmask(SIG_SETMASK, [HUP INT QUIT TERM CHLD XCPU XFSZ], NULL, 8) = 0 + rt_sigprocmask(SIG_UNBLOCK, [HUP INT QUIT TERM XCPU XFSZ], NULL, 8) = 0 + wait4(-1, make[1]: Entering directory '/home/user/heads/build/x86/coreboot-4.13' + Welcome to the coreboot cross toolchain builder v () + + Building toolchain using 2 thread(s). + + Target architecture is i386-elf + + Found compatible Ada compiler, enabling Ada support by default. + + Downloading and verifying tarballs ... + * gmp-6.2.0.tar.xz (cached)... hash verified (052a5411dc74054240eec58132d2cf41211d0ff6) + * mpfr-4.1.0.tar.xz (cached)... hash verified (159c3a58705662bfde4dc93f2617f3660855ead6) + * mpc-1.2.0.tar.gz (cached)... hash verified (0abdc94acab0c9bfdaa391347cdfd7bbdb1cf017) + * binutils-2.35.tar.xz (cached)... hash verified (6bdd090ce268b6d6c3442516021c4e4b5019e303) + * gcc-8.3.0.tar.xz (cached)... hash verified (c27f4499dd263fe4fb01bcc5565917f3698583b2) + Downloaded tarballs ... ok + Unpacking and patching ... + * mpfr-4.1.0.tar.xz + * mpc-1.2.0.tar.gz + * binutils-2.35.tar.xz + ^C0x7ffd0303e760, 0, NULL) = ? ERESTARTSYS (To be restarted if SA_RESTART is set) + strace: Process 305835 detached + + So coreboot buildstack is built once per version and then reused on next board builds. + Saves precious CI and local builds when developing with qemu/kvm. + +commit 96a20a7456946053cde037b5d19b06ae315b3993 +gpg: Signature made Tue 07 Mar 2023 11:17:14 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3ac896bb67 c323fb4d8b +Author: tlaurion +Date: Tue Mar 7 11:17:14 2023 -0500 + + Merge pull request #1329 from tlaurion/repro_fix-util-linux + + Fix util-linux reproducibility issue (libblkid.so.1) + +commit c323fb4d8bd6953355a59f8fb7498202f9bce026 +gpg: Signature made Tue 07 Mar 2023 11:02:43 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Feb 27 09:53:30 2023 -0500 + + patches/util-linux: patch configure script so that all hardcode_into_libs=yes -> hardcode_into_libs=no + +commit 3ac896bb6730358e35cd292dd093d3ae37c99011 +gpg: Signature made Tue 28 Feb 2023 03:23:16 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c4b964c80f 1dd9c266a8 +Author: tlaurion +Date: Tue Feb 28 15:23:16 2023 -0500 + + Merge pull request #1282 from rbreslow/rb/support-t440p + +commit 1dd9c266a8df506d615b9f663475b3a80920805a +gpg: Signature made Tue 28 Feb 2023 02:15:01 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Feb 28 14:11:03 2023 -0500 + + CircleCI: Make the T440p depend on Librem boards + + This change will improve build times by allowing the T440p to share the + Coreboot 4.17 cache with the Librem boards. Once we update the other + ThinkPad boards to use Coreboot 4.19, we'll make the T440p depend on the + X230 again. + + Co-authored-by: Thierry Laurion + +commit e4a09e81bbdba07c07f0747a0408f6230a3765b8 +gpg: Signature made Tue 28 Feb 2023 11:58:34 AM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Feb 28 11:46:36 2023 -0500 + + Add T440p blobs documentation + +commit 63eab714e53565a2b8e36108f91dd54b30f4a914 +gpg: Signature made Tue 28 Feb 2023 11:58:34 AM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Feb 28 11:44:48 2023 -0500 + + Make T440p scripts work with relative paths + + Because we're using pushd/popd to make the Coreboot util invocation + cleaner, we need to use realpath so that the scripts will work with any + user input. + +commit 6300dd178a35cbe68bc6587fdf48a210f1437607 +gpg: Signature made Mon 27 Feb 2023 06:07:06 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Feb 15 11:47:30 2023 -0500 + + Pass all coreboot 4.13 boards to 4.19 + + - Add 4.19 under modules/coreboot + - point all 4.13 boards to 4.19 + - adapt x230 FHD/EDP patch under patches/coreboot-4.19/0001-x230-fhd-variant.patch (poked upstream to fix patch under https://review.coreboot.org/c/coreboot/+/28950) + - correct versioning info under .circleci/config/yml + +commit 3efec15dc70a12176d6882bb3346c645c4103bc2 +gpg: Signature made Sat 25 Feb 2023 09:28:31 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sat Feb 25 21:28:29 2023 -0500 + + CircleCI: Install crosfirmware.sh dependencies + + We need extra dependencies to support Coreboot's util/crosfirmware.sh to + extract the T440p's mrc.bin. + +commit 5083ba356c68182db83226c051782f31e8aa33a6 +gpg: Signature made Sat 25 Feb 2023 07:53:48 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sat Feb 25 19:46:00 2023 -0500 + + Add the T440p to CircleCI + +commit 1dc5d4eb99f7308d8fa1f0011704f16b19b6ad6b +gpg: Signature made Sat 25 Feb 2023 07:53:47 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sat Feb 25 19:43:14 2023 -0500 + + Make T440p Coreboot build depend on blob files + + Now, when you run `make BOARD=any-t440p-variant`, the build system + automatically fetches mrc.bin and me.bin. + +commit 144f9c147ed9b409ff6ec2b5a8e466b58a1fcf0f +gpg: Signature made Sat 25 Feb 2023 07:53:47 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sat Feb 25 19:39:18 2023 -0500 + + Make T440p scripts use Coreboot from environment + + Before, the T440p blob scripts would look for Coreboot using the find + command. Now, we require the user to specify the path to Coreboot in the + COREBOOT_DIR environment variable. Also, add an output directory + argument to each script. + + These changes will make it easier to integrate with the Heads build + system and CI. + +commit e6c34bda55caee332670b9f9e357d7ba6d867da0 +gpg: Signature made Sat 25 Feb 2023 07:53:47 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sat Feb 25 19:27:35 2023 -0500 + + Add T440p gbe.bin blob + + - I extracted the gbe.bin blob from my T440p's original ROM using the + blobs/t440p/extract script. + - Using a hex editor, I corrected the sign bit in part 0 that I found + was malformed in my analysis: + https://github.com/osresearch/heads/pull/1282#issuecomment-1400634600. + - After correcting the sign bit, nvmutil showed that both parts of my + gbe.bin blob had valid checksums. + - Finally, I used nvmutil to set the MAC address to 00:de:ad:c0:ff:ee. + +commit 7c32d4ed66791da01b3a4338fbaff57aa98f6d80 +gpg: Signature made Sat 25 Feb 2023 07:53:46 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sat Feb 25 19:26:25 2023 -0500 + + Add T440p ifd.bin blob + + I extracted the ifd.bin blob from my T440p using the blobs/t440p/extract + script. + +commit 936840415cc43cf33bdcebd4f5c7ae3425d48fc3 +gpg: Signature made Sat 25 Feb 2023 07:53:46 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sat Feb 25 19:36:26 2023 -0500 + + Rename T440p export-blobs script to extract + + More aligned with the naming conventions of xx20 and xx30's extract.sh. + +commit c4b964c80f4f848033cc87216e8a0e0ef1828bdc +gpg: Signature made Wed 22 Feb 2023 11:46:36 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5c7148f18d 7592efcf99 +Author: tlaurion +Date: Wed Feb 22 11:46:36 2023 -0500 + + Merge pull request #1318 from JonathonHall-Purism/fix-pkg-config-cross-compilation + + Makefile: Fix cross compilation variables for pkg-config + +commit f0dc3541f5412ccda42f0786ad2162e7af49ae0c +gpg: Signature made Tue 21 Feb 2023 04:00:50 PM EST +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Tue Feb 21 15:00:07 2023 -0600 + + patches/busybox-1.32.0.patch: remove, no longer needed with busybox upgrade. + + Signed-off-by: Daniel Pineda + +commit b51fda22c164b35b7fe171f7e1a4c14c2fe63e6b +gpg: Signature made Tue 21 Feb 2023 03:34:41 PM EST +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Tue Feb 21 14:15:25 2023 -0600 + + Makefile: add --remove-destination to cp calls. + + This avoids overwriting the busybox binary (and bricking the system) + by following a symlink when busybox and other module both provide + a command with the same filename. + + Signed-off-by: Daniel Pineda + +commit 17ac64bdf19663bef81b05245ed3c1c547761e18 +gpg: Signature made Tue 21 Feb 2023 03:34:35 PM EST +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Tue Feb 21 14:02:56 2023 -0600 + + Replace base32 from tpmtotp with the one from busybox, disable unused base64. + + Signed-off-by: Daniel Pineda + +commit 0e356e43cb7229818ce14e9886f60a7043fa9fe0 +gpg: Signature made Tue 21 Feb 2023 03:34:27 PM EST +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Matt DeVillier +Date: Fri Jan 7 13:23:01 2022 -0600 + + modules/busybox: update 1.32.0 -> 1.33.2 (stable) + + - update module version, hash + - rename patch + - update config + + Busybox 1.33.0 adds base32, which has been disabled in busybox.config + as it conflicts with tpmtotp's base32. + + Signed-off-by: Jonathon Hall + +commit 7592efcf995dba2f60b78dda0b8e5681009fdc6e +gpg: Signature made Tue 21 Feb 2023 01:48:03 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Feb 21 13:46:03 2023 -0500 + + Makefile: Fix cross compilation variables for pkg-config + + pkg-config will still pick up system default directories from + PKG_CONFIG_LIBDIR even if PKG_CONFIG_PATH is set. Per the docs, + cross compilation requires clearing PKG_CONFIG_PATH and setting + PKG_CONFIG_LIBDIR (which is always searched after PKG_CONFIG_PATH). + + Fixes issues observed in tpm2_retry branch picking up packages from + host environment. + + Signed-off-by: Jonathon Hall + +commit 5c7148f18deafd4b507b509da3a77d29f183f5bb +gpg: Signature made Tue 21 Feb 2023 12:06:35 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8b479b06cc e900d2027a +Author: tlaurion +Date: Tue Feb 21 12:06:35 2023 -0500 + + Merge pull request #1305 from echo-84/yubikey-oem-factory-reset + +commit 8b479b06ccd8afb3672f0f5d153fc27d44a12453 +gpg: Signature made Mon 20 Feb 2023 02:11:27 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9676c794a2 8259d3ca1e +Author: tlaurion +Date: Mon Feb 20 14:11:27 2023 -0500 + + Merge pull request #1317 from tlaurion/fix-sh_argument_expected + + Add DEBUG statements in code and fix "sh: argument expected" + +commit 8259d3ca1e7c8644b1d50832c0be29d34a53bf94 +gpg: Signature made Mon 20 Feb 2023 11:45:19 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Feb 20 11:01:17 2023 -0500 + + Add TRACE function tracing function to output on console when enabled + + - Add TRACE function tracing output under etc/functions, depending on CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT enabled in board configs + - Replace current DEBUG to TRACE calls in code, reserving DEBUG calls for more verbose debugging later on (output of variables etc) + - add 'export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y' in qemu-coreboot(fb)whiptail-tpm1(-hotp) boards to see it in action + +commit 5fbbbbc3f76c3353632f50f13d929a76fada853e +gpg: Signature made Sat 18 Feb 2023 09:52:54 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Feb 18 15:52:32 2023 -0500 + + gui-init: fix sh: argument expected + +commit 5bc2bc88e4618ee0a978bee9329b9597931842bb +gpg: Signature made Sat 18 Feb 2023 09:52:46 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Feb 18 12:58:43 2023 -0500 + + All scripts and functions: Add DEBUG calling trace on console when CONFIG_DEBUG_OUTPUT is exported in board config + -qemu-coreboot-*whiptail-tpm1(-hotp) boards have 'export CONFIG_DEBUG_OUTPUT=y' by default now + +commit 9676c794a2520d7cff22796b8db7f8ee16d7a6c8 +gpg: Signature made Fri 17 Feb 2023 02:42:35 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ffd8ab9ac5 16321dc40a +Author: tlaurion +Date: Fri Feb 17 14:42:35 2023 -0500 + + Merge pull request #1315 from tlaurion/qemu-coreboot-tpm_typo-fix + + Fix reported typo under #1314 + +commit 16321dc40a1d00c2689cef75ce827be86fe923e4 +gpg: Signature made Fri 17 Feb 2023 02:41:16 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Feb 17 14:41:16 2023 -0500 + + Fix reported typo under #1314 + +commit ffd8ab9ac537284f99eaa03b171d573623ef8f3b +gpg: Signature made Wed 15 Feb 2023 11:53:31 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5b6370c70c 011276350b +Author: tlaurion +Date: Wed Feb 15 11:53:31 2023 -0500 + + Merge pull request #1301 from tlaurion/reduce_coreboot_configuration_duplicates-label_legacy_boards_correctly + + xx20/xx30: Reduce coreboot configuration duplicates + label legacy boards correctly + +commit 011276350b567935011555bf373dd5c7dd201784 +gpg: Signature made Thu 09 Feb 2023 12:51:07 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jan 31 11:48:22 2023 -0500 + + CircleCI: change board names to reflect board name changes (legacy tagged correctly) + +commit 03631a5e33945f07ff46cffc9f75b62257a0bf3c +gpg: Signature made Thu 09 Feb 2023 12:50:57 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jan 31 11:46:32 2023 -0500 + + xx30: rename legacy boards names, remove coreboot config duplicates + +commit 225741b4cd834d5d451351a7a86bb1db7d0fb8c7 +gpg: Signature made Thu 09 Feb 2023 12:34:33 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jan 31 10:49:16 2023 -0500 + + remove coreboot-hotp* duplicates, have boards configs point to non-hotp maximized equivalents + +commit 5b6370c70cf91b0cc005f4e7f3a916af72a9cec5 +gpg: Signature made Thu 09 Feb 2023 12:33:35 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 77f8d5a4f6 e7f1e3e7a7 +Author: tlaurion +Date: Thu Feb 9 12:33:35 2023 -0500 + + Merge pull request #1298 from tlaurion/fixup_xx20_xx30_cbfs_size + + xx20/xx30 maximized coreboot configs: Fix CONFIG_CBFS_SIZE to reflect ifd.bin's BIOS region (xx20: gain of 0.59mb, xx30: gain of 0.4mb + +commit e7f1e3e7a7075b0d6490b4b00fcc8b25b3e928c6 +gpg: Signature made Thu 09 Feb 2023 12:28:59 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Jan 28 16:17:59 2023 -0500 + + xx20/xx30 maximized coreboot configs: Fix CONFIG_CBFS_SIZE to reflect ifd.bin's BIOS regions. + + The calculations outlined at https://github.com/osresearch/heads/pull/1282#discussion_r1072473677 + Sums to having 'ifdtool -f layout.txt ifd_shrinked.bin && cat layout.txt' + The example for T440p: + 00000000:00000fff fd + 00021000:00bfffff bios + 00003000:00020fff me + 00001000:00002fff gbe + + Here: 00bfffff-00021000=BDEFFF + Which is exact result of @rbeslow's calculations. + + There is an issue on haswell, maybe because of car, maybe because of non native memory init blob. + But this is not the case for xx20/xx30 boards. + +commit 77f8d5a4f6e47d6a990b6251e52d9201cec96c75 +gpg: Signature made Thu 09 Feb 2023 12:24:54 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8ec0cd377a 2b05a6b42c +Author: tlaurion +Date: Thu Feb 9 12:24:54 2023 -0500 + + Merge pull request #967 from tlaurion/x230-maximized-fhd + + Add x230-maximized-fhd_edp and x230-hotp-maximized-fhd_edp boards + +commit 8ec0cd377aab618273bcd79ea84a275b04a5ab9b +gpg: Signature made Wed 08 Feb 2023 11:34:56 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 305851ab4b 4ac16e0368 +Author: tlaurion +Date: Wed Feb 8 11:34:56 2023 -0500 + + Merge pull request #1309 from tlaurion/osresearch_net-back + + README: point to https://osresearch.net again (DNS name renewed) + +commit 4ac16e0368ea0e1f099d5226dd36dfddcc4692bb +gpg: Signature made Wed 08 Feb 2023 11:32:50 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Feb 8 11:32:50 2023 -0500 + + README: point to https://osresearch.net again (DNS name renewed) + +commit 305851ab4b410d24ba6dc1dc4640f52a1ab8ff5e +gpg: Signature made Tue 07 Feb 2023 11:42:35 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Tue Feb 7 11:42:35 2023 -0500 + + Temporary mitigation to osresearch.net having expired + + Temporal mitigation to https://github.com/osresearch/heads/issues/1308 and https://github.com/osresearch/heads-wiki/issues/122 + +commit e900d2027a8fb0db6d24cdf292852bf0287f40d1 +Author: builder +Date: Wed Feb 1 20:12:45 2023 -0600 + + Check Signature PIN and toggle forcesig if not forced + +commit 411ca09f733fea0f17895a2378ce1eccb214cd6d +gpg: Signature made Tue 31 Jan 2023 07:07:22 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1c68befc59 074d19875c +Author: tlaurion +Date: Tue Jan 31 19:07:22 2023 -0500 + + Merge pull request #1304 from tlaurion/CircleCI_informe_where_full_build_logs_are + + CircleCI step name change : Make Board -> Make Board (FULL ORDERED BUILD LOGS HERE UNTIL JOB FAILED) + +commit 074d19875c80d65ee58f3090b11f0f8a10829789 +gpg: Signature made Tue 31 Jan 2023 07:06:35 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jan 31 19:00:22 2023 -0500 + + CircleCI step name change : Make Board -> Make Board (FULL ORDERED BUILD LOGS HERE UNTIL JOB FAILED) + +commit 2b05a6b42ca8682f21dc76668c184f6c6c833730 +gpg: Signature made Tue 31 Jan 2023 09:59:15 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Jan 29 12:42:20 2023 -0500 + + Add x230-maximized-fhd_edp and x230-hotp-maximized-fhd_edp boards + + - add x230-maximized-fhd_edp and x230-hotp-maximized-fhd_edp board configs + - add/rework coreboot patch for x230 fhd variant to be applied on top of 4.13 + - add coreboot config to point to x230-edp variant, fixing path to vbt file since default path is wrong under. Comment made upstream https://review.coreboot.org/c/coreboot/+/28950/22#message-4904ce82f01ba0505b391e072e4537b6a9f1a229 + - remove no gfx init and replace with libgfxinit(defonfig default), set internal display as default + - add x230-hotp-maximized-fhd_edp and x230-maximized-fhd_edp to CircleCI builds + - One single shared coreboot config between boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config and boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config + - Coreboot 4.13 patch from coreboot at patches/coreboot-4.13/0002-x230-fhd-variant.patch + - config/coreboot-x230-maximized-fhd_edp.config points to seperate coreboot config per patch (CONFIG_BOARD_LENOVO_X230_EDP) + +commit 1c68befc59125a7da0d807e348cb8aeeafbb9050 +gpg: Signature made Fri 27 Jan 2023 04:07:55 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7be67e4992 268767d300 +Author: tlaurion +Date: Fri Jan 27 16:07:55 2023 -0500 + + Merge pull request #1296 from tlaurion/new_tails_key + + /etc/distro/keys/tails.key: Replace with updated and minimized one + +commit 7be67e4992e7d3ccff5b688d5608479cf0b93aef +gpg: Signature made Fri 27 Jan 2023 04:07:17 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f440ad3d31 299977926c +Author: tlaurion +Date: Fri Jan 27 16:07:17 2023 -0500 + + Merge pull request #1297 from tlaurion/usb-scan_moved_to-media-scan + + usb-scan->media-scan: usb-init calling media-scan usb + +commit f440ad3d319ec2fa09e332e458f58ab5195acd44 +gpg: Signature made Fri 27 Jan 2023 01:31:44 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c1ae44d71c 150b95a034 +Author: tlaurion +Date: Fri Jan 27 13:31:44 2023 -0500 + + Merge pull request #1284 from tlaurion/hardenedvault-crypttab-path_remix_enable_discard + + WiP : TPM disk unlock key setup (kexec-save-key) reuses OS initrd's crypttab files as base for /secret.key override (kexec-insert-key) + +commit 150b95a0348b510a400f3e55c467b79a256dd269 +gpg: Signature made Fri 27 Jan 2023 01:27:18 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jan 16 15:15:21 2023 -0500 + + TPM disk unlock key setup: Automatically override selected default boot option's initrd's crypttab file(s) to point to LUKS decryption key in injected cpio + - kexec-save-default extracts initrd crypttab files and creates /boot/kexec_initrd_crypttab_overrides.txt entries pointing to /secret.key + - kexec-insert-key applies /boot/kexec_initrd_crypttab_overrides.txt to replace initrd's crypttabs files pointing to inserted /secret.key through cpio + - Both scripts inform the user of applied magic on screen + +commit 8a60930c6b97ae65fbe2e60675c845edde082353 +gpg: Signature made Fri 27 Jan 2023 12:56:32 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: HardenedVault +Date: Fri Nov 6 08:03:44 2020 +0200 + + Make the path to crypttab within initramfs overridable + + Not all distro put crypttab under /etc/ within initramfs, but finding it at + runtime needs unpacking, which may be hard to do, so it is made overridable + with a file at /boot/kexec_initrd_crypttab_path.txt, whose content could be + obtained with $ cpio -t < ${uncompressed_initrd} | grep crypttab . + + The "target" field of the record within the crypttab stored in the root + file system for the luks container which is going to be unlocked via + kexec-insert-key should be modified into the same "luks-$uuid" format, + otherwise the boot sequence will get stuck when OS is trying to unlock them + again, in order to map them according to "target" fields written in the + crypttab stored in the root fs. + +commit 268767d300a8ee2f87ea309a89ce6665960cdeae +gpg: Signature made Thu 26 Jan 2023 03:58:57 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jan 26 15:58:57 2023 -0500 + + /etc/distro/keys/tails.key: Replace with updated and minimized one + +commit 299977926c31d7bc04345b44c43a61c5198b0a71 +gpg: Signature made Thu 26 Jan 2023 03:39:48 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jan 26 15:03:03 2023 -0500 + + usb-scan->media-scan: usb-init calling media-scan usb + media-scan accepts direct input of existing blkid and mount that passed device to /media + +commit c1ae44d71caa42de496b9f53bd41761ad22265a8 +gpg: Signature made Thu 26 Jan 2023 02:33:38 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 075284374b 3cd8654566 +Author: tlaurion +Date: Thu Jan 26 14:33:38 2023 -0500 + + Merge pull request #1289 from danielp96/master + + /etc/functions: fix detection of virtual flash drive in qemu. + +commit ed8c74e1973d833a968a018c23cbb2688aea5eb4 +gpg: Signature made Mon 23 Jan 2023 10:34:25 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Mon Jan 23 22:30:53 2023 -0500 + + Add script for obtaining T440p me.bin blob + + I performed an analysis of the differences between an me.bin blob I + extracted from my T440p and the me.bin blob from Lenovo's website: + https://github.com/osresearch/heads/pull/1282#issuecomment-1386292403. + +commit 7a29db11ed365a6ac10ed7ef9f6b1af866625737 +gpg: Signature made Mon 23 Jan 2023 10:30:15 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Fri Jan 20 17:23:20 2023 -0500 + + t440p: disable NVMe support in Linux kernel + + I went through all of the different options we copied from the Librem + config. The only thing that stood out as irrelevant was NVMe support. + However, I'm not a Linux kernel expert, and I didn't do a deep dive, so + I'm sure there is still room for improvement. + +commit c23ed548ff92651657059a7ea62a1db182ddcd68 +gpg: Signature made Fri 20 Jan 2023 05:09:09 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Fri Jan 20 17:09:09 2023 -0500 + + Clone linux-librem_common.config for T440p + +commit 075284374b217addbc1d21c803182192d5c0a216 +gpg: Signature made Thu 19 Jan 2023 06:44:10 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f2ba6679ca e00280e663 +Author: tlaurion +Date: Thu Jan 19 18:44:10 2023 -0500 + + Merge pull request #1291 from tlaurion/warn_user_when_totp-hotp_seal_requires_tpm_reset + + gui-init: warn the user when sealing measurements through TOTP/HOTP reset + +commit e00280e663dadb1895595ad0a5a19b917d470f33 +gpg: Signature made Thu 19 Jan 2023 02:59:45 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jan 19 14:58:21 2023 -0500 + + gui-init: warn the user when sealing measurements through TOTP/HOTP requires TPM reset + +commit 24d23ff47ce86744cd7e772401361fcc49dba377 +gpg: Signature made Wed 18 Jan 2023 03:27:45 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sun Jan 15 18:51:27 2023 -0500 + + Add intel_iommu=igfx_off to T440p Coreboot kernel parameters + + Without this, neither Qubes OS nor the Qubes OS installer would start. + Presumably, because we're "kexecing" from an already running kernel, we + need this set at the Coreboot level? Testing revealed that including + `intel_iommu=igfx_off` in the `CONFIG_BOOT_KERNEL_ADD` board config + option did nothing. And, the Qubes OS default boot option already + contains `intel_iommu=igfx_off`. + + See: + - https://www.qubes-os.org/doc/installation-troubleshooting/#not-asking-for-vnc-because-we-dont-have-a-network--x-startup-failed-aborting-installation--pane-is-dead-error-during-installation + - https://github.com/Qubes-Community/Contents/blob/master/docs/troubleshooting/intel-igfx-troubleshooting.md + - https://www.kernel.org/doc/html/v5.10/x86/intel-iommu.html?highlight=igfx_off#graphics-problems + +commit 65be2c5b7ae993f32b9e7645da3a09588997960c +gpg: Signature made Wed 18 Jan 2023 03:27:45 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Jan 10 21:35:13 2023 -0500 + + Add Heads config for the T440p (maximized/hotp-maximized) + +commit f0792117efa177ded19878f652c5a28e8cc62a71 +gpg: Signature made Wed 18 Jan 2023 03:27:44 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Jan 10 21:29:55 2023 -0500 + + Adjust T440p default Coreboot defconfig options + + Remove options that haven't deviated from defaults in the Coreboot + Kconfig, despite being saved by `make savedefconfig`. Also, add + `CONFIG_BOARD_LENOVO_THINKPAD_T440P`, which was missing from the `make + savedefconfig` output, causing Heads builds to fail. And finally, bump + `CONFIG_CBFS_SIZE` to `0x800000` (8 MiB to bytes to hexadecimal). + + This value for the CBFS size is arbitrary. Originally, I had totaled the + size of all binary blobs, subtracted that from the T440p's ROM size (12 + MiB), and used the remaining space as the CBFS size (~11.68 MiB). + However, this caused very long RAM initialization times (courtesy of + `cbmem -t`). And, an anecdote in + https://groups.google.com/a/chromium.org/g/chromium-os-reviews/c/lUqRrGUoEBY/m/ka7L1f2BS8gJ + suggested that this value needs to be a power of 2. + + So, I picked a size I expected our Linux payload to fit into that was a + power of 2 that I also expected would leave enough space in the ROM for + the IFD, ME, GbE, and Coreboot. + + Now, it takes less than a second for RAM initialization after + flashing/first boot (anecdotally, it seems the MRC needs to be + "trained?"). + +commit 96f0c5b0435f41f2513ee1d5a82546ecf7d7e170 +gpg: Signature made Wed 18 Jan 2023 03:27:44 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Jan 10 21:29:22 2023 -0500 + + Add script for exporting blobs from original T440p ROM + +commit e3259765692b2f614ae4940bc5ba0f1a8d82490b +gpg: Signature made Wed 18 Jan 2023 03:27:44 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Jan 10 14:54:30 2023 -0500 + + Add initial T440p Coreboot defconfig + + I generated this config by walking through Coreboot's `make menuconfig`. + The plan is to pare down verbose defaults and tweak from here. + +commit 5cce937393c651cc2baf6c20972b073bee175dd5 +gpg: Signature made Wed 18 Jan 2023 03:27:43 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Jan 10 14:18:37 2023 -0500 + + Add script for obtaining Haswell mrc.bin blob + + I based this script on the Coreboot docs: + https://doc.coreboot.org/northbridge/intel/haswell/mrc.bin.html. While + adding an integrity check to ensure we're obtaining the correct blob. + + Also, it's worth surfacing that the SHA-1 for the resulting binary is + the same SHA that Libreboot uses in their integrity check: + https://notabug.org/libreboot/lbmk/src/master/resources/scripts/download/mrc#L95. + However, I elected to use SHA-256 for extra paranoia. + +commit f2ba6679ca2cdee29030ec12f7b7c9d952a7b30b +gpg: Signature made Wed 18 Jan 2023 03:22:55 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a9e31161ac dbd302497d +Author: tlaurion +Date: Wed Jan 18 15:22:55 2023 -0500 + + Merge pull request #1287 from rbreslow/rb/musl-cross-echo-path + + modules/musl-cross: use echo from the PATH to support NixOS + +commit a9e31161ac163d77f70d95036bcf94f00fd89bd4 +gpg: Signature made Wed 18 Jan 2023 03:22:21 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9da7744808 b6c3229deb +Author: tlaurion +Date: Wed Jan 18 15:22:21 2023 -0500 + + Merge pull request #1288 from rbreslow/rb/gh-syntax-highlighting + + Add overrides for Makefile syntax highlighting + +commit 9da7744808a96b0b6631c6fd20f0b122f33a8e56 +gpg: Signature made Wed 18 Jan 2023 03:21:22 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e45980d33f a5fa2ecb0b +Author: tlaurion +Date: Wed Jan 18 15:21:22 2023 -0500 + + Merge pull request #1286 from rbreslow/rb/hotp-verification-include-path + + modules/hotp-verification: source libusb headers from Makefile DESTDIR + +commit dbd302497db5bc6339ea24a27b91a6544abf36eb +gpg: Signature made Wed 18 Jan 2023 12:42:41 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Jan 10 21:36:11 2023 -0500 + + modules/musl-cross: use echo from the PATH to support NixOS + + NixOS doesn't have a traditional FHS where echo is available at + `/bin/echo`. Instead, we must rely on the PATH for any + distribution-managed utilities. Reverses + https://github.com/osresearch/heads/issues/106. + +commit a5fa2ecb0b5dbe9158eb4c4829ad3e79140643ea +gpg: Signature made Wed 18 Jan 2023 12:41:55 PM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Tue Jan 10 21:35:56 2023 -0500 + + modules/hotp-verification: source libusb headers from Makefile DESTDIR + + Before, the configure script sourced these from the system FHS + (/usr/include/libusb-1.0). The build failed on my NixOS build machine, + which doesn't store dependencies in a traditional FHS. And this is the + correct approach for reproducible builds. + +commit 3cd865456603b8f5de19a5ca45fc34147f5666c6 +gpg: Signature made Wed 18 Jan 2023 12:27:15 PM EST +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Tue Jan 17 14:24:11 2023 -0600 + + /etc/functions: fix detection of virtual flash drive in qemu. + + Adds check to detect device formatted as fat32 without partition table. + + With fat32 fdisk does not print message about invalid partition table + and instead it'll print an empty table with header. + In both cases total output has the same length of 5 lines: 3 about + device info, 1 empty line and the 5th will be the table header or + invalid partition message. + + Signed-off-by: Daniel Pineda + +commit b6c3229debce55c09c618692cf62f3d68d984ce7 +gpg: Signature made Wed 18 Jan 2023 11:51:38 AM EST +gpg: using EDDSA key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 +gpg: issuer "1774125+rbreslow@users.noreply.github.com" +gpg: Can't check signature: No public key +Author: Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Date: Sun Jan 15 18:57:45 2023 -0500 + + Add overrides for Makefile syntax highlighting + + Fix GitHub syntax highlighting for the Coreboot/Heads config files, and + modules, which are all Makefiles. + + See: https://github.com/github/linguist/blob/master/docs/overrides.md + +commit e45980d33f46c9d3aa2855e1876e915a8fc53cdd +gpg: Signature made Tue 17 Jan 2023 12:13:04 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: db5777ad91 256313a988 +Author: tlaurion +Date: Tue Jan 17 12:13:04 2023 -0500 + + Merge pull request #1281 from tlaurion/usb_modules_load_order_fix + +commit db5777ad91365062ae99e2ec2bc3ba1596213953 +gpg: Signature made Tue 17 Jan 2023 12:12:13 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: febff85498 d07df1e60b +Author: tlaurion +Date: Tue Jan 17 12:12:13 2023 -0500 + + Merge pull request #1262 from 3hhh/add-files + +commit 256313a9884f06bf3075223609cf58c976f38f4a +gpg: Signature made Mon 16 Jan 2023 03:21:14 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jan 16 15:18:05 2023 -0500 + + /etc/functions: fix order when loading usb modules to prevent warning + +commit d07df1e60b9fb86fcd3d41cae8afce4b3ccfd31a +gpg: Signature made Sat 14 Jan 2023 07:14:22 AM EST +gpg: using RSA key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +gpg: Good signature from "David Hobach " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1533 C122 5C1B 41AF C46B 33EB EB03 A691 DB2F 0833 +Author: 3hhh +Date: Sat Jan 14 13:14:09 2023 +0100 + + initrd: escape_zero: allow some more characters + + Since it's not supposed to be shell safe, just display safe + inside double quotes, we can allow some more characters. + + Also fix the escape character not being escaped. + +commit 2ae7f53e0406716c9e6a9dc8f130455d84a62bf8 +gpg: Signature made Sat 14 Jan 2023 04:28:22 AM EST +gpg: using RSA key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +gpg: Good signature from "David Hobach " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1533 C122 5C1B 41AF C46B 33EB EB03 A691 DB2F 0833 +Author: 3hhh +Date: Sat Jan 14 10:27:42 2023 +0100 + + initrd: assert_signable: use recovery() instead of die() + + and display some more information to the user, if + available + +commit c65d6b92c09f29a322c474d4f4b438f51b8d498a +gpg: Signature made Sat 14 Jan 2023 04:08:14 AM EST +gpg: using RSA key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +gpg: Good signature from "David Hobach " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1533 C122 5C1B 41AF C46B 33EB EB03 A691 DB2F 0833 +Author: 3hhh +Date: Sat Jan 14 10:07:31 2023 +0100 + + initrd: call assert_signable earlier + + No need to check for the GPG card first. + +commit 4ce8f664addd5070c5dd270d8a9b728b12106a52 +gpg: Signature made Sat 14 Jan 2023 04:02:49 AM EST +gpg: using RSA key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +gpg: Good signature from "David Hobach " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1533 C122 5C1B 41AF C46B 33EB EB03 A691 DB2F 0833 +Author: 3hhh +Date: Thu Jan 12 17:31:31 2023 +0100 + + initrd: work around a bug in busybox sha256sum + + busybox sha256sum will create a checksum file for uncommon file names + (e.g. /boot/foo"$\n"bar), but fail to verify that exact file. + https://bugs.busybox.net/show_bug.cgi?id=14226 + + Thus disallow all files in /boot/ with strange file names at the time of + signing for now. Verifying in the presence of new files with such file + names in /boot/ is no issue for the kexec_tree verification due to the + previously implemented escaping mechanism. + +commit e368c3f6ea475a94f0d1aa0c454063aaa450b45c +gpg: Signature made Sat 14 Jan 2023 04:02:49 AM EST +gpg: using RSA key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +gpg: Good signature from "David Hobach " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1533 C122 5C1B 41AF C46B 33EB EB03 A691 DB2F 0833 +Author: 3hhh +Date: Thu Jan 12 17:18:52 2023 +0100 + + initrd: speed up non-GUI booting + + by not generating the kexec_tree diff in that case + +commit f52466edbfe8c5b3d31b01407db118655b586abe +gpg: Signature made Sat 14 Jan 2023 04:02:49 AM EST +gpg: using RSA key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +gpg: Good signature from "David Hobach " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1533 C122 5C1B 41AF C46B 33EB EB03 A691 DB2F 0833 +Author: 3hhh +Date: Sun Jan 8 14:02:13 2023 +0100 + + initrd kexec_tree: fix various escaping issues + + Attempt to fix the following issues: + 1. unescaped file names may let an attacker display arbitrary + whiptail prompts --> escape, original code by @JonathonHall-Purism + 2. whiptail itself allows escape characters such as \n + --> use an escape character not used by whiptail, i.e. # + 3. performance issues caused by diff'ing too early --> + only generate a diff to display to the user, if an actual issue is + found + +commit 60df237c372000d1f848e5f95e827d6cb74ebf44 +gpg: Signature made Sat 14 Jan 2023 04:02:49 AM EST +gpg: using RSA key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +gpg: Good signature from "David Hobach " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1533 C122 5C1B 41AF C46B 33EB EB03 A691 DB2F 0833 +Author: 3hhh +Date: Sun Jan 8 14:01:12 2023 +0100 + + initrd: fix error message to work with kexec_tree + +commit accd9f470dee5105e9a548f7e67506dd4534ae0e +gpg: Signature made Sat 14 Jan 2023 04:02:48 AM EST +gpg: using RSA key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 +gpg: Good signature from "David Hobach " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1533 C122 5C1B 41AF C46B 33EB EB03 A691 DB2F 0833 +Author: 3hhh +Date: Sat Dec 31 18:41:24 2022 +0100 + + initrd: track files in /boot in kexec_tree.txt + + Fixes #1248 + +commit febff8549816853ea4a32634608a7805b74d494b +gpg: Signature made Fri 13 Jan 2023 02:58:11 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1236cbc29e 90b2e0ca5d +Author: tlaurion +Date: Fri Jan 13 14:58:11 2023 -0500 + + Merge pull request #1278 from tlaurion/kexec-save-default_fix_subshell_boot_ops + + kexec-save-default: do /boot operation in subshell + +commit 90b2e0ca5daf4ff6b862bef2cab9c68541f67664 +gpg: Signature made Fri 13 Jan 2023 02:54:57 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jan 13 14:53:11 2023 -0500 + + kexec-save-default: do /boot operation in subshell + + fixes screwed commit 6f6f37ec3a8d7cab1c963ce4e6614f89132aeecf + +commit 1236cbc29e1c9602af7721ec5142a62c69224fe1 +gpg: Signature made Fri 13 Jan 2023 12:23:53 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: cd269f12c2 1dd8fb4cf1 +Author: tlaurion +Date: Fri Jan 13 12:23:53 2023 -0500 + + Merge pull request #1277 from tlaurion/adjust_printf_clear + +commit 1dd8fb4cf1f37e955f999edd724ddbdd8a1e7f7f +gpg: Signature made Fri 13 Jan 2023 11:25:27 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jan 13 11:25:27 2023 -0500 + + gui-init: add a print clear after TOTP Qr code being confirmed to be scanned by user + +commit 3d5db5d9e26a290a8b7cbbc28a6d3335e6ac949c +gpg: Signature made Fri 13 Jan 2023 11:24:26 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jan 13 11:24:26 2023 -0500 + + functions: remove the last two print clear which prevented to troubleshoot console output + +commit cd269f12c24723307a000ca0cf5b628c24d325e1 +gpg: Signature made Fri 13 Jan 2023 10:45:56 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8e73d91121 87027d6a88 +Author: tlaurion +Date: Fri Jan 13 10:45:56 2023 -0500 + + Merge pull request #1276 from tlaurion/recovery_fix_when_not_secret_to_shred + +commit 87027d6a883c25e8a43ad2ac4dcf7b011228db11 +gpg: Signature made Thu 12 Jan 2023 06:04:27 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jan 12 18:04:27 2023 -0500 + + recovery call: since we operate under set -e, make sure that shred failing doesn't exit + +commit 8e73d91121f4317d2deb69b0bcca336d47cbdb90 +gpg: Signature made Wed 11 Jan 2023 05:19:39 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6f6f37ec3a 080d439758 +Author: tlaurion +Date: Wed Jan 11 17:19:39 2023 -0500 + + Merge pull request #1273 from tlaurion/qemu-coreboot-tpm1-boards_fixes + + qemu-coreboot-tpm boards: usage optimizations + +commit 6f6f37ec3a8d7cab1c963ce4e6614f89132aeecf +gpg: Signature made Wed 11 Jan 2023 04:24:26 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 395de880db aa9b75f64d +Author: tlaurion +Date: Wed Jan 11 16:24:26 2023 -0500 + + Merge pull request #1272 from tlaurion/boot_ops_under_subshell + + /boot: make sure operations requiring to be happening under /boot are under subshells + +commit 080d439758c529e17bf7a967a69a462777c91231 +gpg: Signature made Wed 11 Jan 2023 03:38:31 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jan 11 13:52:50 2023 -0500 + + qemu-coreboot-tpm boards: usage optimizations + - ROOT_DISK_IMG is now dynamic (ROOT_DISK_IMG=/path/to/existing/provisioned/disk.img can be reused across run statements) + - Addition of missing boards to cover all use cases + - All TPM1 boards rely on common config/coreboot-qemu-tpm1.config + - boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.md has been generalized + - all other boards are softlinked to the above for usage + +commit aa9b75f64d57294238b80f264bbaa5b677c9bdc3 +gpg: Signature made Wed 11 Jan 2023 01:59:26 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jan 11 13:59:26 2023 -0500 + + /boot: make sure operations requiring to be happening under /boot are under subshells + +commit 395de880db45db6194eb3cbd994f9147d6ec51b5 +gpg: Signature made Fri 06 Jan 2023 08:44:15 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a772259cbd d3eb708bcb +Author: tlaurion +Date: Fri Jan 6 08:44:15 2023 -0500 + + Merge pull request #1267 from tlaurion/better_totp_correction_guidelines_in_code + +commit a772259cbd8b18e9f9dbc52950ff0139d10c6e1c +gpg: Signature made Thu 05 Jan 2023 10:38:13 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 355d608c6c 171b29f09d +Author: tlaurion +Date: Thu Jan 5 10:38:13 2023 -0500 + + Merge pull request #1261 from Baitinq/nix_fix + + Makefile: Use path agnostic bash location + +commit 355d608c6cca31f4c3ce4563ddf93a80cb603bb0 +gpg: Signature made Wed 04 Jan 2023 07:04:19 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6a82894894 afb338d5d7 +Author: tlaurion +Date: Wed Jan 4 19:04:19 2023 -0500 + + Merge pull request #1268 from tlaurion/qemu-coreboot-whiptail-tpm1-boarname_fix + + qemu-coreboot-whiptail-tpm1: correction of boardname to reflect reality + +commit afb338d5d79822f47447e44b946c93428402dec0 +gpg: Signature made Wed 04 Jan 2023 07:01:42 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jan 4 19:01:42 2023 -0500 + + qemu-coreboot-whiptail-tpm1: correction of boardname to reflect reality + +commit d3eb708bcbb4a523a975e94fb0030ae29e02d7ea +gpg: Signature made Wed 04 Jan 2023 04:07:38 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jan 4 16:07:38 2023 -0500 + + TOTP code mismatch: better guidelines in code + +commit 6a828948941ef540f007d5703729c8925086b142 +gpg: Signature made Wed 04 Jan 2023 11:21:24 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: bf3898a2a1 487c5b0815 +Author: tlaurion +Date: Wed Jan 4 11:21:24 2023 -0500 + + Merge pull request #1264 from JonathonHall-Purism/coreboot-4.11-patch-fix + +commit 487c5b08157b1a415994e00faac33fd86c210b4d +gpg: Signature made Wed 04 Jan 2023 09:04:34 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Jan 4 09:04:19 2023 -0500 + + coreboot-4.11: Fix remaining patch to work with git apply + + Signed-off-by: Jonathon Hall + +commit 171b29f09d96d794d6b43913f22aa5c8bfff9437 +gpg: Signature made Wed 28 Dec 2022 10:01:15 AM EST +gpg: using EDDSA key 523C8D614C0D2CA978C43AF2FD14C4672CA7D2C5 +gpg: Good signature from "Manuel Palenzuela " [unknown] +gpg: aka "Manuel Palenzuela Merino " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 18BE 4F73 6F27 FC19 0C1E 1000 BB3C 0BC6 9865 0937 + Subkey fingerprint: 523C 8D61 4C0D 2CA9 78C4 3AF2 FD14 C467 2CA7 D2C5 +Author: Baitinq +Date: Wed Dec 28 15:58:57 2022 +0100 + + Makefile: Use path agnostic bash location + + This patch changes the bash location in the makefile from /bin/bash to + /usr/bin/env bash. The latter is a more reproducible location as it is + common to more *nix systems which don't contain the former, such as + NixOS. + +commit bf3898a2a1465ae5360c85947c25abf85fc7b443 +gpg: Signature made Wed 14 Dec 2022 05:05:53 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1a0f48d8a6 14adf647eb +Author: tlaurion +Date: Wed Dec 14 17:05:53 2022 -0500 + + Merge pull request #1256 from tlaurion/revert_deleted_race_condition_patch-remove_coreboot413_http_download_patch + + Revert deleted race condition patch remove, coreboot413 http download patch + +commit 14adf647eb593515b4f48c3d97ce94c9c3f0462a +gpg: Signature made Wed 14 Dec 2022 02:35:12 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Dec 14 14:33:43 2022 -0500 + + coreboot 4.13: remove transient patch to download over http instead of https + +commit 16bc658018e56196c03542c57220e5ddce8c8daa +gpg: Signature made Wed 14 Dec 2022 02:35:05 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Dec 14 14:32:23 2022 -0500 + + coreboot 4.11: Re-add patch removed by error which was a race condition patch + +commit 1a0f48d8a6ee1b194c8705c9808fc8f42a5c058f +gpg: Signature made Wed 14 Dec 2022 02:22:32 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 315febdf74 9447b17f86 +Author: tlaurion +Date: Wed Dec 14 14:22:32 2022 -0500 + + Merge pull request #1253 from tlaurion/fix_coreboot_411_patches_for_git_apply + + Have coreboot 4.11 boards locally buildable again (patches compliant with "git apply" + make 4.2.1+ fixes) + +commit 9447b17f864f08d80cd1d4303db6cb340ea1d664 +gpg: Signature made Wed 14 Dec 2022 12:07:25 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Dec 14 12:07:25 2022 -0500 + + CircleCI: add second layer cache for coreboot 4.17 (so buildstack is cached when other modules changes) + +commit 4cd678efb548ad61d8291ab9a400a8d035f4615a +gpg: Signature made Wed 14 Dec 2022 12:06:11 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Dec 14 12:06:11 2022 -0500 + + coreboot 4.11 now builds locally with make 4.2.1+ (CircleCI still unfixed) + +commit 3e893b7df7da3eeb9b39b314b2ef4e1bf744532b +gpg: Signature made Wed 14 Dec 2022 12:05:10 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Dec 14 12:05:10 2022 -0500 + + coreboot 4.11 patches: made compliant with git apply (removal of https->http temp fix) + +commit 315febdf74938691a93d8f2cc657bd55d7d922e6 +gpg: Signature made Thu 08 Dec 2022 10:11:49 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 61f72f8d51 9fc1f1c10b +Author: tlaurion +Date: Thu Dec 8 10:11:49 2022 -0500 + + Merge pull request #1247 from tlaurion/Talos_II_enable_tpm + + Talos II : add TPM module (coreboot config) as under dasharo + +commit 61f72f8d512fd9459cba8158a521875eb62a7959 +gpg: Signature made Thu 01 Dec 2022 10:03:12 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3184bf7a8c cf791477e5 +Author: tlaurion +Date: Thu Dec 1 10:03:12 2022 -0500 + + Merge pull request #1232 from Unb0rn/l14-size-reduce + +commit 9fc1f1c10be20d469a7cb1f1a661acc11e2145ae +gpg: Signature made Thu 24 Nov 2022 10:23:29 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 24 10:23:29 2022 -0500 + + Talos II : add TPM module as under https://github.com/Dasharo/coreboot/commit/2207bbcccba31ad89cf21607b0d8d05d8dc47c03 + +commit 3184bf7a8c6404551871e1353a391710cc52f426 +gpg: Signature made Wed 23 Nov 2022 05:03:57 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 139ecb82b2 817b9b3bb7 +Author: tlaurion +Date: Wed Nov 23 17:03:57 2022 -0500 + + Merge pull request #1246 from JonathonHall-Purism/continue_to_main_menu + + gui-init: Always go to main menu when selecting "continue to main menu" + +commit 817b9b3bb7c2daef98d22f066bf5b86f111c2e49 +gpg: Signature made Wed 23 Nov 2022 02:01:03 PM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Nov 23 13:55:09 2022 -0500 + + gui-init: Always go to main menu when selecting "continue to main menu" + + If the user selects "continue to main menu" from an error, do not show + any more error prompts until reaching the main menu. + + We still try to initialize everything (GPG, TOTP, HOTP) so that the + main menu can still show TOTP/HOTP if GPG is not configured, etc., but + no more prompts are shown after selecting "continue to main menu". + + Signed-off-by: Jonathon Hall + +commit 139ecb82b254da0b3808421e00fb6a8b11edbdb9 +gpg: Signature made Wed 16 Nov 2022 12:13:02 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c1fb04cd5c 81b4bb77de +Author: tlaurion +Date: Wed Nov 16 12:13:02 2022 -0500 + + Merge pull request #1206 from tlaurion/remove_whiptail_clear_so_console_has_errors + + whiptail: no more whiptail reseting console on call (--clear) + +commit 81b4bb77de511ff079595492cec509dfa382323d +gpg: Signature made Tue 15 Nov 2022 03:12:11 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Nov 15 15:11:58 2022 -0500 + + whiptail: no more whiptail reseting console on call (--clear) + + So we have console logs to troubleshoot errors and catch them correctly + +commit c1fb04cd5c9b8e5ffd3430e2ab370529468d859b +gpg: Signature made Tue 15 Nov 2022 11:15:11 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5682a62675 ce19a5fb61 +Author: tlaurion +Date: Tue Nov 15 11:15:11 2022 -0500 + + Merge pull request #1241 from tlaurion/qemu_CONFIG_BOOT_RECOVERY_SERIAL + +commit 5682a626751b27e3670e4634bb2fad67e9171bc0 +gpg: Signature made Tue 15 Nov 2022 11:13:45 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2d2809a9c3 b67f8e19ce +Author: tlaurion +Date: Tue Nov 15 11:13:45 2022 -0500 + + Merge pull request #1243 from tlaurion/give_console_output_to_users + +commit 2d2809a9c31ca7e0f87dcd6992f9cb74f5b5637f +gpg: Signature made Tue 15 Nov 2022 11:12:47 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a9bee2885b 83591fbbc1 +Author: tlaurion +Date: Tue Nov 15 11:12:47 2022 -0500 + + Merge pull request #1244 from tlaurion/talos_flash-sh_fix_on_bad_archive + +commit 83591fbbc13a8a7d06c4efce32d29d162257b2b7 +gpg: Signature made Mon 14 Nov 2022 06:05:32 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 14 18:05:32 2022 -0500 + + talos II: die when tgz archive is corrupt + +commit b67f8e19ce1e00f317cb784d94b4e29d62cee8e3 +gpg: Signature made Mon 14 Nov 2022 06:04:04 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Nov 14 18:04:04 2022 -0500 + + init: add 2 seconds pause on die, 1 second on warning so users see console messages + +commit a9bee2885b784417e541cedfe57f2fc213a673c9 +gpg: Signature made Fri 11 Nov 2022 04:19:42 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5e00800877 93986e8c71 +Author: tlaurion +Date: Fri Nov 11 16:19:42 2022 -0500 + + Merge pull request #1242 from tlaurion/talos_cryptsetup2 + + talos boards: pass cryptsetup to cryptsetup2 to support TPM released disk encryption key + +commit 5e008008775794bfbe2d98049cb069ceeeba7af3 +gpg: Signature made Fri 11 Nov 2022 03:37:25 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: aa0b3e94f8 472ca6fb30 +Author: tlaurion +Date: Fri Nov 11 15:37:25 2022 -0500 + + Merge pull request #1222 from SergiiDmytruk/flashrom + +commit ce19a5fb613060fc8490ef9ba5584021168d136a +gpg: Signature made Fri 11 Nov 2022 03:19:37 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Nov 11 15:19:37 2022 -0500 + + Add CONFIG_BOOT_RECOVERY_SERIAL to qemu board configs to interact with host through serial + +commit aa0b3e94f8108541618616d3a5f3e5c81cf72621 +gpg: Signature made Fri 11 Nov 2022 01:49:23 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e19aadf4cb 3c0e5c06c6 +Author: tlaurion +Date: Fri Nov 11 13:49:23 2022 -0500 + + Merge pull request #1240 from JonathonHall-Purism/boot-ignore-grub-device + + Ignore grub device specs in boot entry paths + +commit 472ca6fb301fd9744c9729482221978bc42a4ce8 +gpg: Signature made Thu 10 Nov 2022 05:59:49 PM EST +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Sun Nov 6 00:13:05 2022 +0200 + + flash-gui.sh: accept tgz package for Talos boards + + Signed-off-by: Sergii Dmytruk + +commit f6999707b8842c5955edad03f4d390903609076a +gpg: Signature made Thu 10 Nov 2022 05:59:12 PM EST +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Thu Nov 3 20:47:54 2022 +0200 + + boards/talos-2_*: build tgz with all output files + hash + + This makes output suitable for use via Heads' menus. + + Signed-off-by: Sergii Dmytruk + +commit 976f57f00880fd6e9f2c7e37fd9fd35893c47a72 +gpg: Signature made Thu 10 Nov 2022 05:59:12 PM EST +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Thu Nov 3 20:41:03 2022 +0200 + + boards/talos-2_*: version zImage.bundled + + Signed-off-by: Sergii Dmytruk + +commit 5ee32193225ad01c00fbe2e8473b9ac285b0e43d +gpg: Signature made Thu 10 Nov 2022 05:59:12 PM EST +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Mon Oct 10 00:24:16 2022 +0300 + + Add cbfs wrapper script to handle PNOR + + Signed-off-by: Sergii Dmytruk + +commit 572c99e898384450b5a2389987159cef8e54acd6 +gpg: Signature made Thu 10 Nov 2022 05:59:12 PM EST +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Mon Oct 10 00:23:48 2022 +0300 + + Add flashrom to Talos II boards + + Signed-off-by: Sergii Dmytruk + +commit a2475e2c534126498814097ba55e71f4ecfd5455 +gpg: Signature made Thu 10 Nov 2022 05:59:12 PM EST +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Mon Oct 10 00:23:00 2022 +0300 + + Add flashtools to Talos II boards + + Signed-off-by: Sergii Dmytruk + +commit 93986e8c7107dedc79e71f8acce01e7f2164e25f +gpg: Signature made Thu 10 Nov 2022 02:12:24 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Nov 10 14:12:24 2022 -0500 + + talos boards: pass cryptsetup to cryptsetup2 to support TPM released disk encryption key testing + +commit 3c0e5c06c60eb862f3d9b51d91d0972f68e9d5a5 +gpg: Signature made Thu 10 Nov 2022 11:30:38 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Nov 10 10:26:20 2022 -0500 + + kexec-parse-boot: Refactor common parts of echo_entry() + + A lot of echo_entry() is now common to elf/multiboot/xen kernels, just + branch for the type-specific logic. + + Signed-off-by: Jonathon Hall + +commit 698360199c9aa75f109c31814010d8bfb8abf019 +gpg: Signature made Thu 10 Nov 2022 11:30:38 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Nov 10 10:13:38 2022 -0500 + + kexec-parse-boot: Ensure kernel/initrd paths exist in boot option + + If a boot option doesn't refer to a valid file for the kernel/initrd, + ignore it. Such an option is never bootable, because we would fail to + find the kernel/initrd. This could happen if the path contained GRUB + variables, or specified a device that wasn't /boot, etc. + + This is checked before expanding GRUB variables. It's unlikely that + any kernel/initrd path containing variables would end up working when + all variables expand to nothing (since we do not handle GRUB + variables). + + Signed-off-by: Jonathon Hall + +commit 2a8a7655d3bf499d22f7af692207d6c0a08358dd +gpg: Signature made Thu 10 Nov 2022 11:30:34 AM EST +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Nov 10 10:09:16 2022 -0500 + + kexec-parse-boot: Trim device specifications from GRUB entries + + Some configs specify kernel/initrd paths relative to a device (often + found in a variable). Assume the device is the /boot partition and + ignore the device specification. + + Signed-off-by: Jonathon Hall + +commit e19aadf4cb789400a10375233b1d88110bd7c1f1 +gpg: Signature made Wed 09 Nov 2022 02:36:09 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1cb0324a12 9bb6be8874 +Author: tlaurion +Date: Wed Nov 9 14:36:09 2022 -0500 + + Merge pull request #1238 from tlaurion/whiptail_dynamic_height_fixated_width_to_80 + + whiptail: fixate width to 80 chars and have height dynamic to all whiptail/fbwhiptail prompts + +commit 9bb6be887457a3cb28ac831c1547a33752429184 +gpg: Signature made Wed 09 Nov 2022 11:51:27 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Nov 9 11:51:27 2022 -0500 + + whiptail: fixate width to 80 characters and have height dynamic to all whiptail/fbwhiptail prompts + +commit cf791477e551ad2ba0ea9b95f622d2ade66d28d9 +gpg: Signature made Sat 05 Nov 2022 02:07:51 PM EDT +gpg: using ECDSA key 5EFABA8B40366BFFC88176A52B4A4BE581022A54 +gpg: Good signature from "Victor Bessonov " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 4633 1268 99C9 D7AF B71D 0CCE 26D7 F341 07E6 2743 + Subkey fingerprint: 5EFA BA8B 4036 6BFF C881 76A5 2B4A 4BE5 8102 2A54 +Author: Victor Bessonov +Date: Sat Nov 5 21:07:51 2022 +0300 + + Reduced defconfig + +commit 77c2fb1e07995c4ee05fe00a306251d919b153db +Author: Thierry Laurion +Date: Mon Oct 24 11:33:55 2022 -0400 + + linux module: add linux.generateoldconfig and linux.modifydefconfig targets to help tweaking/version bumps + +commit 1cb0324a12aa4aec01287142c76b5a41ed51a2cb +gpg: Signature made Fri 04 Nov 2022 01:40:53 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 77c6ac9bea 1279e8bd57 +Author: tlaurion +Date: Fri Nov 4 13:40:53 2022 -0400 + + Merge pull request #1209 from tlaurion/fix_patches_for_git_apply + + Change patch to git apply + +commit 77c6ac9bea0f5a48c4e3622035489fa709570b0f +gpg: Signature made Fri 04 Nov 2022 01:40:15 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 29c7d06b8e a8a843ecc8 +Author: tlaurion +Date: Fri Nov 4 13:40:15 2022 -0400 + + Merge pull request #1235 from JonathonHall-Purism/partitioned-usb-improvements + + mount-usb: Improve reliability with partitioned disks + +commit 29c7d06b8ecef2ff34b6519bd58a89a8efbe23c2 +gpg: Signature made Fri 04 Nov 2022 01:39:50 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f848070d16 297369fd8b +Author: tlaurion +Date: Fri Nov 4 13:39:50 2022 -0400 + + Merge pull request #1236 from JonathonHall-Purism/oem-reset-missing-newline + + oem-factory-reset: Add missing newline to prompt + +commit 297369fd8b68d0d573f671417638c5b54c95ce5b +gpg: Signature made Thu 03 Nov 2022 06:42:32 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Matt DeVillier +Date: Fri Apr 29 15:58:34 2022 -0500 + + oem-factory-reset: Add missing newline to prompt + + Signed-off-by: Matt DeVillier + +commit a8a843ecc80d057e614cef2bf493497bf7270271 +gpg: Signature made Thu 03 Nov 2022 06:22:03 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Nov 2 11:03:30 2022 -0400 + + mount-usb: Improve reliability with partitioned disks + + Extract exclusion for unpartitioned block device of partitioned media + to gui_functions, and exclude them even if kernel hasn't listed the + partitions yet. (Fixes flash/USB boot prompts incorrectly trying to + use the whole device for partitioned media the first time.) + + Ignore block devices of size 0, like empty USB SD card readers. + + Signed-off-by: Jonathon Hall + +commit 1279e8bd575df68cb70d05100142dadb30baa7d3 +gpg: Signature made Wed 02 Nov 2022 03:11:26 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Aug 30 17:53:57 2022 -0400 + + Change patch to git apply + +commit f848070d16858374824a570b0c9fc63b7262d5b9 +gpg: Signature made Tue 01 Nov 2022 11:15:18 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 0389eca95a 5a7902c5ab +Author: tlaurion +Date: Tue Nov 1 11:15:18 2022 -0400 + + Merge pull request #1230 from tlaurion/flash_sh-fixes + + flash.sh: UX and logic fixes + +commit 5a7902c5ab6913a509ffff4db0a21f43d245305b +gpg: Signature made Fri 28 Oct 2022 03:02:27 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Oct 26 15:14:29 2022 -0400 + + flash.sh: single firmware read backup and logic fixes + - Have Talos II supported by detecting correctly size of mtd chip (not internal: different flashrom output needs to be parsed for chip size) + - Read SPI content only once: 66% speedup (TOCTOU? Don't think so, nothing should happen in parallel when flashing insingle user mode) + - Have the main flash_progress loop not break, but break in flash_rom state subcases (otherwise, verifying step was breaking) + - Change "Initializing internal Flash Programmer" -> "Initializing Flash Programmer" + - Apply changes suggested by @SergiiDmytruk under https://github.com/osresearch/heads/pull/1230#issuecomment-1295332539 to reduce userland wasted time processing flashrom -V output + +commit 0389eca95a152366aeda0934135593de406e43da +gpg: Signature made Thu 20 Oct 2022 02:17:35 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f2e45c4396 5e6f4fb90b +Author: tlaurion +Date: Thu Oct 20 14:17:35 2022 -0400 + + Merge pull request #1228 from tlaurion/heads_git_version_fixated_to_abbrev7 + + fixate HEADS_GIT_VERSION to use a commit id of 7 characters + +commit 5e6f4fb90b65b41719607fb3be48612f58bf45e1 +gpg: Signature made Thu 20 Oct 2022 11:00:33 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Oct 20 11:00:33 2022 -0400 + + Reproducibility: fixate HEADS_GIT_VERSION to use a commit id of 7 characters + +commit f2e45c4396456679284eeda9a26196ee7a3a14d1 +gpg: Signature made Fri 16 Sep 2022 05:33:30 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e71ef3a25a 9258ca7a68 +Author: tlaurion +Date: Fri Sep 16 17:33:30 2022 -0400 + + Merge pull request #1214 from tlaurion/cryptsetup2_for_xx30 + + xx30 - pack cryptsetup2 instead of cryptsetup + +commit 9258ca7a68191133658fe760561dbe9e14ff39ae +gpg: Signature made Fri 16 Sep 2022 12:51:38 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Sep 16 12:51:38 2022 -0400 + + xx30 - pack cryptsetup2 instead of cryptsetup + +commit e71ef3a25a1f66545d85ab1a410774463c3f5e5b +gpg: Signature made Thu 15 Sep 2022 03:49:21 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6ec223fabe 8150e300ee +Author: tlaurion +Date: Thu Sep 15 15:49:21 2022 -0400 + + Merge pull request #1210 from danielp96/master + + Update Librem boards to coreboot 4.17 + +commit 8150e300ee311d3bd21dcd9397a0214e8a1f85d4 +gpg: Signature made Thu 15 Sep 2022 12:17:34 PM EDT +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Mon Sep 12 12:34:30 2022 -0600 + + modules/coreboot: remove support for coreboot 4.15 + patches/coreboot-4.15: remove patches for coreboot 4.15 + + No boards depend on it and is affected by CVE-2022-29264 + + Signed-off-by: Daniel Pineda + +commit 1cab17ae303e8f61726993bb0691fd5bfc59e1c4 +gpg: Signature made Mon 12 Sep 2022 03:22:00 PM EDT +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Thu Sep 1 16:55:29 2022 -0600 + + board/librem_*: Update to coreboot 4.17 + + Signed-off-by: Daniel Pineda + +commit 146b78e08cb239f2bc4f23ca649fbae80479009b +gpg: Signature made Mon 12 Sep 2022 03:21:59 PM EDT +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Thu Sep 1 16:46:29 2022 -0600 + + patches/coreboot-4.17: Add Librem 4.17 patches + + Add patches for coreboot 4.17: + - show ME status even when device is disable (kept from 4.15) + - zero unused part of SMBIOS region + + Signed-off-by: Daniel Pineda + +commit cc58994f3bc9af3c0ffdee994ca2995a540f9512 +gpg: Signature made Mon 12 Sep 2022 03:21:59 PM EDT +gpg: using RSA key FB1AB4639F52FF4B8E302151902C199C68C4B327 +gpg: issuer "daniel.pineda@puri.sm" +gpg: Good signature from "Daniel Pineda " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: FB1A B463 9F52 FF4B 8E30 2151 902C 199C 68C4 B327 +Author: Daniel Pineda +Date: Thu Sep 1 16:39:16 2022 -0600 + + modules/coreboot: add support for coreboot 4.17 + + Update hash for coreboot module, coreboot-blobs. + + Signed-off-by: Daniel Pineda + +commit 6ec223fabea1bbf4cda8427dc160e33812243811 +Author: tlaurion +Date: Tue Aug 30 12:58:38 2022 -0400 + + Update coreboot versions in build issues template + + Will use that as a base. @eganonoa thanks + +commit 64aa6510a2f81df62af06566cdddd1687055de69 +Author: eganonoa +Date: Sun Dec 5 15:54:25 2021 +0100 + + adding issue templates + +commit 493149b8d2ab1046537f240919038364669dcc46 +gpg: Signature made Fri 02 Sep 2022 11:10:13 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9df4e48ff2 d0ef7e8c1f +Author: tlaurion +Date: Fri Sep 2 11:10:13 2022 -0400 + + Merge pull request #1002 from SergiiDmytruk/openpower-talos-2 + + Add Talos 2 board (OpenPower) + +commit d0ef7e8c1fb8c4be8847b1c9167e6d1214749613 +gpg: Signature made Wed 31 Aug 2022 05:28:16 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Thu Aug 4 14:57:07 2022 +0300 + + Enable Infineon TPM1 for Talos-2 boards + + Signed-off-by: Sergii Dmytruk + +commit 72110e5915be5e1a6d6f7faed1216085d714606a +gpg: Signature made Wed 31 Aug 2022 05:28:16 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Fri Jul 22 20:41:46 2022 +0300 + + Enable OpenBMC VGA console for Talos-2 boards + + Signed-off-by: Sergii Dmytruk + +commit 565963d51d762a40d9487f0e84191c012be7d5b5 +gpg: Signature made Wed 31 Aug 2022 05:28:16 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Fri Jul 22 20:27:28 2022 +0300 + + Add CONFIG_BOOT_EXTRA_TTYS option + + It specifies whitespace-separated list of console devices to run Heads + on in addition to the default one. + + Example for board config: + + export CONFIG_BOOT_EXTRA_TTYS="tty0 tty1" + + Signed-off-by: Sergii Dmytruk + +commit b5fb2f907c0c28fc4aa572155b299f876777083c +gpg: Signature made Wed 31 Aug 2022 05:21:35 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Fri Jul 22 20:26:18 2022 +0300 + + Build agetty from util-linux and optionally add it to initrd + + Signed-off-by: Sergii Dmytruk + +commit fe9d80c6a72e98799867c956ff2c6781012402c4 +gpg: Signature made Tue 30 Aug 2022 05:21:28 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Sun Jul 18 23:59:51 2021 +0300 + + CircleCI: build Talos 2 boards + + This also involves splitting workspaces based on target architecture to + avoid severely degrading performance of CI. + + Signed-off-by: Sergii Dmytruk + +commit 55ef9912aaa703989f6dee2f9e0127c69f4c5de8 +gpg: Signature made Tue 30 Aug 2022 05:21:28 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Sun Jul 18 20:37:23 2021 +0300 + + Add Talos 2 boards + + Signed-off-by: Sergii Dmytruk + +commit 00bb2b6c32be6c2a5ce0535c8598e3e92ac7c3b3 +gpg: Signature made Tue 30 Aug 2022 05:21:24 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Matt DeVillier +Date: Thu Mar 25 11:56:22 2021 -0500 + + Makefile: Allow use of a specific hash for module using a git repo + + `git reset --hard ` is a no-op when commit_hash is unset + +commit 9df4e48ff25bcc6f8a89a780e5afaf23b6cd375d +gpg: Signature made Tue 30 Aug 2022 04:53:09 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 48b9b74f39 988b05f09d +Author: tlaurion +Date: Tue Aug 30 16:53:09 2022 -0400 + + Merge pull request #1208 from tlaurion/emergency_revert_git_apply + + Emergency revert of git apply instead of patch + +commit 988b05f09db4329651848f81a29d16bc5d852b6b +gpg: Signature made Tue 30 Aug 2022 03:57:30 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Aug 30 15:57:30 2022 -0400 + + Emergency revert of git apply instead of patch + +commit 48b9b74f3902ca1c92fb007a22c413ee86f3b0c4 +gpg: Signature made Tue 30 Aug 2022 03:15:42 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c29c168176 921daabdaf +Author: tlaurion +Date: Tue Aug 30 15:15:42 2022 -0400 + + Merge pull request #1201 from tlaurion/replace_patch_git_git_apply + + Makefile: replace patch with git apply + +commit c29c1681760e7e2dc3731ee4a72a05a0ae61f85e +gpg: Signature made Tue 30 Aug 2022 12:50:29 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c56e9d2917 f16e92792a +Author: tlaurion +Date: Tue Aug 30 12:50:29 2022 -0400 + + Merge pull request #1009 from SergiiDmytruk/support-ppc64-arch + + Support ppc64 arch + +commit f16e92792a05028cdaf374fd0744063b031d9d3e +gpg: Signature made Thu 25 Aug 2022 01:55:39 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Sun Jul 18 20:34:20 2021 +0300 + + Support targeting PowerPC 64 + + This prepares most of the modules to be build for it. + + Signed-off-by: Sergii Dmytruk + +commit 2a44e5e7ee9486287cb249cd20504a92021691a2 +gpg: Signature made Thu 25 Aug 2022 01:55:39 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Fri Jul 23 01:25:55 2021 +0300 + + Incorporate architecture into directory layout + + * build/ -> build// + * crossgcc/ -> crossgcc// + * install/ -> install// + * packages/ -> packages// + + Signed-off-by: Sergii Dmytruk + +commit 5dc06bdbf13601b380d7ee8bcd2422a299daa828 +gpg: Signature made Thu 25 Aug 2022 01:55:39 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Thu Aug 25 19:43:59 2022 +0300 + + Makefile: drop handling of $(TOOLCHAIN) + + It came from https://github.com/osresearch/heads/pull/395 and was a + local workaround. + + Signed-off-by: Sergii Dmytruk + +commit 8944710033b19a3376198b0dac005f452699c57c +gpg: Signature made Thu 25 Aug 2022 01:55:35 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Fri Jul 23 01:24:55 2021 +0300 + + Introduce $(board_build) variable + + To be used in board configuration. Expands to the path of the board's + build directory. Also simplifies main Makefile a bit. + + Signed-off-by: Sergii Dmytruk + +commit fa8e8843c6ad0a29d34e95ba4d364053c8c78fe5 +gpg: Signature made Thu 25 Aug 2022 06:58:49 AM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Tue Aug 16 19:39:33 2022 +0300 + + Expand @VAR@ placeholders in configuration files + + This makes configs much less dependent on directory layout. + + As of this commit the following variables are supported: + * @BOARD_BUILD_DIR@ - absolute path under build/ + * @BLOB_DIR@ - absolute path to blobs/ + + Signed-off-by: Sergii Dmytruk + +commit c56e9d2917fd7a4922e5da1156d36a769dbb0a61 +gpg: Signature made Wed 24 Aug 2022 06:56:32 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f7facf042f 2ca34803af +Author: tlaurion +Date: Wed Aug 24 18:56:32 2022 -0400 + + Merge pull request #1188 from JonathonHall-Purism/qemu-testing-support + +commit 2ca34803afaf720c686fe2dc09d311989234c713 +gpg: Signature made Wed 24 Aug 2022 01:04:07 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 23 16:32:51 2022 -0400 + + qemu: Add qemu-coreboot-whiptail-tpm1 configuration + + This configuration uses a console interface instead of fbwhiptail, and + no USB token is required. + + Signed-off-by: Jonathon Hall + +commit ef3cd5c65f88af4efa8539c8a7769c9bdf46bbbc +gpg: Signature made Wed 24 Aug 2022 01:04:07 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Aug 17 10:28:19 2022 -0400 + + qemu-coreboot-fbwhiptail-tpm1-hotp: Virtio video/storage, serial + + Enable virtio video and storage. + + Enable serial console and tweak kernel command line to show logs. + + Signed-off-by: Jonathon Hall + +commit 64f194628fd4c99b0bf1031ac78e216954c14e14 +gpg: Signature made Wed 24 Aug 2022 01:04:07 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Wed Aug 17 10:10:23 2022 -0400 + + qemu: Linux 5.10 + + Update to Linux 5.10 for improved virtio support. + + Signed-off-by: Jonathon Hall + +commit 73eccb364aeef53542dbcdc94c487f0a9de409b2 +gpg: Signature made Wed 24 Aug 2022 01:04:06 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Sun Jul 10 21:20:29 2022 -0400 + + qemu: Add qemu-coreboot-fbwhiptail-tpm1-hotp for complete testing in QEMU + + Add qemu-coreboot-fbwhiptail-tpm1-hotp configuration, which has a 'run' + target to boot with a persistent TPM, disk, virtual USB disk, and USB- + forwarded token + Provide instructions for bootstrapping a complete working system in qemu + + Signed-off-by: Jonathon Hall + +commit 2d188e493d41aeb7651590af441be3f5d8b3664a +gpg: Signature made Wed 24 Aug 2022 01:04:06 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Jul 7 15:11:47 2022 -0400 + + build: Allow injecting GPG key at build time + + flashrom doesn't work in qemu, so the firmware isn't able to update its + keyring. Adding an already-provisioned key ahead of time works though. + + Signed-off-by: Jonathon Hall + +commit 3e5fd6be750d207dd37e7c61a20ac7165d2efbc0 +gpg: Signature made Wed 24 Aug 2022 01:03:55 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Thu Jul 7 13:59:59 2022 -0400 + + qemu: Build ATA support into kernel, enable OHCI/UHCI + + Set ATA and SATA configs to y, not m - modules weren't being loaded. Other + configs also build these into kernel, so do the same for qemu. Remove relevant + configs from boards since modules no longer need to be in initrd. + + Enable OHCI and UHCI. qemu forwards host USB devices over a UHCI controller. + This enables USB-forwarding a physical Librem Key or Nitrokey Pro to the VM. + Export CONFIG_LINUX_USB_COMPANION_CONTROLLER to have enable_usb() load the + modules - it wants both UHCI and OHCI modules, so build both. + + Signed-off-by: Jonathon Hall + +commit f7facf042f04de38a0a6289ff33341fbe4405e54 +gpg: Signature made Wed 24 Aug 2022 10:38:16 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4ca4656cf9 75748e86b7 +Author: tlaurion +Date: Wed Aug 24 10:38:16 2022 -0400 + + Merge pull request #1200 from SergiiDmytruk/optional-otp + + init: assign CONFIG_TPM depending on /dev/tpm0 presence + +commit 921daabdafaf4b18f52be900296d2c6a7e193072 +gpg: Signature made Sun 21 Aug 2022 02:28:30 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Aug 12 12:06:24 2022 -0400 + + Makefile: replace patch with git apply + Otherwise binary patches cannot be patched/created + + Additional fixes needed + - flashrom patch was invalid and got catched by git apply. Correcting + - gpg2-2.2.21.patch was pointing to bad target. Correcting + +commit 75748e86b7373b5becb5f51e35b07c20d3b43ca5 +gpg: Signature made Sat 20 Aug 2022 05:06:03 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Sat Aug 20 23:57:01 2022 +0300 + + gui-init: fix TOTP/HOTP initialization on missing OS + + Skip only GPG key check, but always init TOTP and HOTP. + + Signed-off-by: Sergii Dmytruk + +commit b989889e5f867f845b8fe3c745ffb860d1aac333 +gpg: Signature made Sat 20 Aug 2022 04:56:53 PM EDT +gpg: using RSA key 924C1CD7C19D95FE7A577D2848579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Sat Aug 20 00:21:39 2022 +0300 + + init: assign CONFIG_TPM depending on /dev/tpm0 presence + + Signed-off-by: Sergii Dmytruk + +commit 4ca4656cf92674124708abf3f0d14a4f9c950a58 +gpg: Signature made Tue 16 Aug 2022 06:14:25 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 160b3d19e7 9f75fa2362 +Author: tlaurion +Date: Tue Aug 16 18:14:25 2022 -0400 + + Merge pull request #1199 from tlaurion/CircleCI_Makefile_part_of_measured_files_in_cache_usage + + .circleci/config.yml: Add Makefile as part of measured files for cache downloads + +commit 9f75fa23624861a38abdd63d0832e83d1e74d2e2 +gpg: Signature made Tue 16 Aug 2022 05:38:15 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Aug 16 17:33:41 2022 -0400 + + .circleci/config.yml: Add Makefile as part of measured files for cache downloads + + Global Makefile is the most effective modifier of builds. + As soon as the global Makefile change, so should not be reused caches having measured a different Makefile + +commit 160b3d19e75e4ed560f708cfee6a426cef16bdae +gpg: Signature made Tue 02 Aug 2022 05:42:47 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 21505aa5dd 2c3244f48d +Author: tlaurion +Date: Tue Aug 2 17:42:47 2022 -0400 + + Merge pull request #1196 from JonathonHall-Purism/dropbear-mirror + + dropbear: Use mirror, main host is down + +commit 2c3244f48d3cab54d5632313a8338f7ccaef9a07 +gpg: Signature made Tue 02 Aug 2022 05:35:49 PM EDT +gpg: using RSA key 8735540225E98BDBC82491B41E9C3CA91AE25114 +gpg: issuer "jonathon.hall@puri.sm" +gpg: Good signature from "Jonathon Hall " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 8735 5402 25E9 8BDB C824 91B4 1E9C 3CA9 1AE2 5114 +Author: Jonathon Hall +Date: Tue Aug 2 17:35:18 2022 -0400 + + dropbear: Use mirror, main host is down + + Switch to mirror https://mirror.dropbear.nl/ + + Signed-off-by: Jonathon Hall + +commit 21505aa5dd65b24f22b8ee9fe9624510b6af0b06 +gpg: Signature made Fri 29 Jul 2022 11:48:01 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2cfa94003b a221321b6a +Author: tlaurion +Date: Fri Jul 29 11:48:01 2022 -0400 + + Merge pull request #1194 from Unb0rn/ecc_fix + + EC keys support + +commit a221321b6ac3e51da8277b7e92335f08f8b2425e +Author: Victor Bessonov +Date: Fri Jul 22 10:17:23 2022 +0300 + + Allow gpg to select digest algo + + EC signatures requires that the digest has the corresponding length. Removing the hardcoded sha2-256 hash function and adding support of sha2-384 and sha2-512 should allow using EC crypto. + +commit 2cfa94003b97e37d268c923ed2278e24608b5e48 +gpg: Signature made Tue 28 Jun 2022 12:46:41 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7c69167e2a ba9235abcb +Author: tlaurion +Date: Tue Jun 28 12:46:41 2022 -0400 + + Merge pull request #1178 from tlaurion/remove_gawk_make_local_build-fix_xx30_maximized-boards_produce_top_bottom_hashes + + Remove local gawk and make builds, add xx30 top and bottom hashes under hashes.txt + +commit 7c69167e2a4dd1cf44dab276730a83a19ce593a8 +gpg: Signature made Thu 23 Jun 2022 02:20:11 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d6dfe9328d cc28121beb +Author: tlaurion +Date: Thu Jun 23 14:20:11 2022 -0400 + + Merge pull request #1183 from tlaurion/QrCode_named_after_boardname + + gui-init: Have TPMTOTP QrCode named under TOTP app with $BOARD_NAME + +commit ba9235abcbc441e9367803ba674fb7a280c48218 +gpg: Signature made Thu 23 Jun 2022 11:06:31 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jun 23 11:05:53 2022 -0400 + + xx30 boards: add top bottom roms statements to get hashes under hashes.txt + +commit bf415a8d693699ba3048c78b65455634ff8b7c9b +gpg: Signature made Thu 23 Jun 2022 10:56:54 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jun 23 10:51:13 2022 -0400 + + Remove local build of gawk make + + -Makefile: remove local gawk and make version compare and local build + -modules: remove gawk and make + -patches: remove make + + local make was added to build 4.2.1 on OSes that were having older version. It was then patched to be built on OSes having newer buildstack. + local gawk was added when GPG toolstack was older then libgpg-error 1.37. GPG toolstack was then upgraded, but local gawk stayed. + + Removing those permits better parallelization and of builds and reduces CircleCI (and higher cores systems) to have race conditions and stalled builds + +commit d6dfe9328dc02ffd75a616f8cc2c0c446056cd2d +gpg: Signature made Wed 22 Jun 2022 10:01:57 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 46414fa4a2 af26a7ef0c +Author: tlaurion +Date: Wed Jun 22 22:01:57 2022 -0400 + + Merge pull request #1182 from tlaurion/CircleCI-remove_coreboot_411_boards + + CircleCI: Remove coreboot 4.11 builds + +commit 46414fa4a212e78da06da397eb335f4dd941e251 +gpg: Signature made Wed 22 Jun 2022 04:47:05 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Wed Jun 22 16:47:05 2022 -0400 + + Changing landing picture to show FBWhiptail + +commit cc28121beb40d592c3483a2b99dfc5d78efa97a5 +gpg: Signature made Wed 22 Jun 2022 04:43:32 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 22 16:41:12 2022 -0400 + + gui-init: Have TPMTOTP QrCode named under TOTP app with $BOARD_NAME + +commit af26a7ef0c37b6f7ebc69132ddea688ca18fe283 +gpg: Signature made Wed 22 Jun 2022 04:32:31 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 22 16:30:05 2022 -0400 + + CircleCI: Remove coreboot 4.11 builds + + Coreboot 4.11 boards are not properly building as of now. + coreboot.pre fails to depend on .car.data because of a race condition that can only be mitigated by single threading CPUS= + + This is unrelated to other changes. + KGPE-D16 will soon enough depend on dasharo coreboot and be ported upstream later on. + +commit 8760551e70fdcba33dbb2d32d410f77da4694a69 +gpg: Signature made Fri 17 Jun 2022 06:57:14 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2ddc559653 b6651ee8ec +Author: tlaurion +Date: Fri Jun 17 18:57:14 2022 -0400 + + Merge pull request #1174 from tlaurion/mbetls_move_archive_dl_github + + modules/mbetls: move dl from tls.mbed.org to github + +commit b6651ee8ec4cb704843be322d3d89e41a0879594 +gpg: Signature made Fri 17 Jun 2022 10:15:26 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jun 17 10:13:26 2022 -0400 + + modules/mbetls: move dl from tls.mbed.org to github + - licensing change to APACHE 2.0 + - sha256sum changed too + + TODO: bump version to 3.1+, not trivial. + +commit 2ddc559653ca3b4a058d1a1b697cb8736cfccc30 +gpg: Signature made Wed 15 Jun 2022 04:13:49 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 55b51610fb 810daebc58 +Author: tlaurion +Date: Wed Jun 15 16:13:49 2022 -0400 + + Merge pull request #1171 from tlaurion/oem-system-info-xx30_fix_missing_exec_mode + + oem-system-info-xx30: fix missing exec mode on shell script + +commit 810daebc58a89541f1ba3652df0b6652415bbf4e +gpg: Signature made Wed 15 Jun 2022 03:40:37 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 15 15:40:37 2022 -0400 + + oem-system-info-xx30: fix missing exec mode on shell script + +commit 55b51610fb4aeedf700ba4c784a4fff9253e0751 +gpg: Signature made Mon 13 Jun 2022 02:36:30 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5a6af8f13d 7548580450 +Author: tlaurion +Date: Mon Jun 13 14:36:30 2022 -0400 + + Merge pull request #1164 from tlaurion/system_info_improvements + + System info improvements (under separate oem-system-info-xx30 script) + +commit 7548580450e223aa985948d58ad819cfe335b04a +gpg: Signature made Fri 10 Jun 2022 10:04:41 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jun 10 10:00:25 2022 -0400 + + create oem-system-info-xx30 (w/trackpad info) + + - Take System Info changes from https://github.com/osresearch/heads/commit/06311ff068810839b069039dd2e14eec65bebc84 (Thanks to @nestire) + - Move changes to seperate script under /bin/oem-system-info-xx30 + - Add additional camera and wifi card IDs, add synaptic touchpad detection if kernel has module built in + + Above changes squashed in this commit. + +commit 8e1eeebdee3250ff3184461b543aa87686fa85e6 +gpg: Signature made Fri 10 Jun 2022 09:56:58 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jun 10 09:56:36 2022 -0400 + + maximized boards: add ps2mouse modules to maximized kernel cfg + +commit 0bfd696fbf200a6fa64c40dcae2526ad3b5906ce +gpg: Signature made Fri 10 Jun 2022 09:55:28 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jun 10 09:52:07 2022 -0400 + + xx20 and xx30: split kernel configs to legacy and maximized and board configs point to them + +commit 5a6af8f13dc477035a8c7b8623269110ba9427da +gpg: Signature made Thu 02 Jun 2022 05:22:48 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d285401369 32e7031678 +Author: tlaurion +Date: Thu Jun 2 17:22:48 2022 -0400 + + Merge pull request #1168 from tlaurion/oem-factory-reset_circumvent-hotp-sealing-bug_with-gpg-admin-pin-gt-25-chars + + bin/oem-factory-reset: prevent users to choose a GPG Admin PIN > 25 chars which would fail HOTP sealing + +commit 32e70316785f599e28c38c62a3ac72ba5f7acb27 +gpg: Signature made Thu 02 Jun 2022 02:10:15 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Jun 2 13:52:51 2022 -0400 + + bin/oem-factory-reset: prevent users to choose a GPG Admin PIN > 25 chars which would fail HOTP sealing + + Fixes https://github.com/osresearch/heads/issues/1167 + Circumvents https://github.com/Nitrokey/nitrokey-pro-firmware/issues/32 + Adds validation so user cannot enter GPG User PIN > 64 while we are at it. + + Note that GPG PINs can be up to 64 characters. + But GPG Admin PIN will fail HOTP sealing with GPG Admin PIN of more then 25 chars. + + Edit: change upstream error to firmware issue, not nitrokey-app. + +commit d2854013698cf56f5a76472684ac0dfb69236b10 +gpg: Signature made Tue 17 May 2022 06:57:48 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 79486b5dc8 4b9757ceef +Author: tlaurion +Date: Tue May 17 18:57:48 2022 -0400 + + Merge pull request #1163 from tlaurion/remove_fedora_public_key + + Remove fedora public key. They don't detach sign ISOs since before 2020. + +commit 4b9757ceef81bb368fe52beadf262fb24ffbdf14 +gpg: Signature made Tue 17 May 2022 03:54:21 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 17 15:54:21 2022 -0400 + + Remove fedora public key. They don't detach sign ISOs since before 2020. + +commit 79486b5dc8bcd15d76c6eed6e516a3d6635aab57 +gpg: Signature made Tue 03 May 2022 09:07:26 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 46d64e9f16 dd0e4b0a8d +Author: tlaurion +Date: Tue May 3 21:07:26 2022 -0400 + + Merge pull request #1162 from tlaurion/oem-factory-reset_passwd_change-without_reencryption-fix + + bugfix: oem-factory-reset - permit LUKS passphrase change without reencryption + +commit dd0e4b0a8ddad170112e124b1fbc675251faaec9 +gpg: Signature made Tue 03 May 2022 04:45:53 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 3 16:45:20 2022 -0400 + + luks-functions: typo correction and consistent warnings across functions. + +commit 37bb4906ce85ae0e07b6070853bef64ebbe5c0a0 +gpg: Signature made Tue 03 May 2022 04:44:58 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 3 16:14:51 2022 -0400 + + oem-factory-reset: fix bug where it was impossible to just change LUKS passphrase without reencrypting encrypted container. + + Since /etc/luks-functions are currently exporting passphrases tested good per cryptsetup to be reused in the code, + the logic calling both luks_reencrypt and luks_change_passphrase testing for non-empty luks_current_Disk_Recovery_Key_passphrase + was bogus. + + This commit includes a new variable luks_new_Disk_Recovery_Key_desired which is set when reencryption is desired. + The 3 use cases (reencrypt+passphrase change, reencrypt no passphrase change and passphrase change alone now only test + for luks_new_Disk_Recovery_Key_desired and luks_new_Disk_Recovery_Key_passphrase_desired, nothing else. + +commit 46d64e9f165c083158ea6f68eb37b2aca839c16c +gpg: Signature made Mon 02 May 2022 01:08:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fb5cfd5cc2 e60287fa1d +Author: tlaurion +Date: Mon May 2 13:08:59 2022 -0400 + + Merge pull request #1160 from tlaurion/gen_mac_address_for_maximized_boards + + Add Heads mac address randomization for maximized boards + +commit e60287fa1d80c97891aa4d2c5f52d86c4aa58088 +gpg: Signature made Fri 29 Apr 2022 10:28:38 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Apr 29 10:26:02 2022 -0400 + + bin/network-init-recovery: generate random MAC and set it to eth0 + + network-init-reovery can be used to automatically set RTC clock to obtained NTP clock. + The script would fail if other devices devices previously registered on the network with the same MAC. + Consequently, maximized boards are detected here, and a full random MAC is generated and used instead of using hardcoded DE:AD:C0:FF:EE. + +commit 37a343a49cbc30f65b2f3b139dd306c6de3acdd6 +gpg: Signature made Fri 29 Apr 2022 10:24:02 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Apr 29 10:24:02 2022 -0400 + + etc/functions: Add a function to generate random MAC address + +commit fb5cfd5cc2125f54a5e85447b81c1b970c416b0a +gpg: Signature made Fri 15 Apr 2022 10:24:41 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3201cd4d95 70572fd100 +Author: tlaurion +Date: Fri Apr 15 10:24:41 2022 -0400 + + Merge pull request #1155 from tlaurion/oem_factory_reset-only_if_no_tpm_disk_unlock_key + + oem-factory-reset: Only set default boot option if no TPM Disk Unlock Key + +commit 70572fd1006842ead4f25dc73c3dfb5408a2fa91 +gpg: Signature made Wed 13 Apr 2022 02:29:55 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 13 14:24:59 2022 -0400 + + oem-factory-reset: Only set default boot option if no TPM Disk Unlock Key + This continues to generate checksums and sign them per new GPG User PIN, but does not set a default boot option. + The user hitting Default Boot on reboot will go through having to setup a new boot default, which will ask him to setup a Disk Unlock Key if desired. + + Otherwise, hitting Default Boot goes into asking the user for its Disk Recovery Key passphrase, and requires to manually setup a default boot option. + +commit 3201cd4d957c64473efdba6dbf1e14007d5d455c +gpg: Signature made Wed 13 Apr 2022 11:58:14 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1dd03d0361 4e5f781be3 +Author: tlaurion +Date: Wed Apr 13 11:58:14 2022 -0400 + + Merge pull request #1153 from tlaurion/fix_kexec-select-boot + + Bugfix: fix accidental removal of --menu statement in kexec-select-boot + +commit 4e5f781be34f7b3ef64f9ef61bf42ac0c6d32b0a +gpg: Signature made Wed 13 Apr 2022 11:16:04 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 13 11:14:36 2022 -0400 + + fix removal of --menu from commit ba054b15c3740228ba3e327c3442a9f7594a9fe8 + +commit 1dd03d0361ad572d8649b5258e049b8e02d4e508 +gpg: Signature made Thu 07 Apr 2022 03:41:44 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b07833e1b7 ba054b15c3 +Author: tlaurion +Date: Thu Apr 7 15:41:44 2022 -0400 + + Merge pull request #1151 from MrChromebox/kexec_improvements + + Kexec QOL Improvements + +commit ba054b15c3740228ba3e327c3442a9f7594a9fe8 +gpg: Signature made Thu 07 Apr 2022 03:32:34 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Apr 7 14:30:56 2022 -0500 + + kexec-select-boot: use 'fold' to wrap kernel args at 80 char + + Prevents truncation via fbwhiptail window + + Signed-off-by: Matt DeVillier + +commit 025f914eb3d868be80dccac14994d61496b50bc2 +gpg: Signature made Thu 07 Apr 2022 02:21:29 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Mar 15 12:03:04 2022 -0500 + + kexec-select-boot: Skip duplicate prompt when setting new default boot entry + + The text based prompt isn't needed when using a GUI menu for selection/confirmation, so skip it + + Signed-off-by: Matt DeVillier + +commit 19067a9a72e72f7323f9e0802c38cfcb0a93b4aa +gpg: Signature made Thu 07 Apr 2022 02:21:28 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Mar 15 12:01:49 2022 -0500 + + kexec-select-boot: Simplify boot selection confirmation, reverse order + + Simplify the menu options by removing the duplication of the entry name + in the menu selections; instead, use clear verbiage to distinish + between booting one time and making the default. And as the majority of + the boot menu is shown is when the grub entires have changed and the + user is prompted to select a new default, so make that the first/default + menu option. + + Signed-off-by: Matt DeVillier + +commit 7769d139967b2221db051c08a0e482d0d3418044 +gpg: Signature made Thu 07 Apr 2022 01:27:04 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Mar 15 12:00:20 2022 -0500 + + kexec-select-boot: Simplify boot menu entries + + Drop the duplicated kernel info which hurts readability, runs off the + end of the menu window. This also makes it easier to identify which + menu option is the default, and more closely resembles the grub menu + shown in a traditional BIOS boot. + + Signed-off-by: Matt DeVillier + +commit b07833e1b7c76713dc0cbfa42acc8d3d9773f2a2 +gpg: Signature made Thu 07 Apr 2022 09:51:24 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4bf4dcbb40 0f3f86d21e +Author: tlaurion +Date: Thu Apr 7 09:51:24 2022 -0400 + + Merge pull request #1150 from MrChromebox/luks_cleanup + + Luks-reencrypt Cleanup + +commit 0f3f86d21e98d9159fb65cdc8cfcfe837db4b0ff +gpg: Signature made Wed 06 Apr 2022 06:17:25 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Apr 6 17:02:14 2022 -0500 + + etc/luks-functions: exit function when select_luks_container() returns non-zero + + Signed-off-by: Matt DeVillier + +commit 5b5880b4e84d24aeed3e24c57990dc4d6edd2911 +gpg: Signature made Wed 06 Apr 2022 06:17:24 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Apr 6 17:01:09 2022 -0500 + + select_luks_container(): return non-zero when no device found/selected + + Signed-off-by: Matt DeVillier + +commit 98c251678c28ca2343b706b60b2fbdeb3df7c5f7 +gpg: Signature made Wed 06 Apr 2022 06:17:24 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Apr 6 17:04:55 2022 -0500 + + luks_reencrypt(): remove extraneous call to select_luks_container() + + Signed-off-by: Matt DeVillier + +commit f3d49246467bab4b44a5bc058a16cd14952fc70e +gpg: Signature made Wed 06 Apr 2022 06:17:24 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Apr 6 16:25:40 2022 -0500 + + /bin/reencrypt-luks: rename to /etc/luks-functions + + Move/rename as file is only sourced, not directly executed + + Signed-off-by: Matt DeVillier + +commit 4bf4dcbb4001f260af0b075998a7ffa04d62cd59 +gpg: Signature made Wed 06 Apr 2022 11:19:00 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 493eb3ebb7 7327f3524e +Author: tlaurion +Date: Wed Apr 6 11:19:00 2022 -0400 + + Merge pull request #1145 from tlaurion/seperate_usb-hid_from_usb_requirements_for_usb-keyboard_support + + Make loading of usb-hid kernel module dependent only for USB keyboard support + +commit 7327f3524eadfa9fe77d0477d63d8e42c692c83a +gpg: Signature made Tue 05 Apr 2022 02:37:04 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Apr 5 14:33:43 2022 -0400 + + CircleCI : add x230-maximized_usb-kb board + + Testing points: + - x230-hotp-maximized: USB keyboard is not working (confirmed) + - x230-hotp-maximized_usb-kb: USB keyboard is working (confirmed) + +commit 6012e7724cf3c0bb0b6dab6864150db83ddffc3f +gpg: Signature made Tue 05 Apr 2022 02:12:54 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Apr 5 14:09:44 2022 -0400 + + add new board x230-maximized_usb-kb + - this boards is a duplicate of x230-hotp-maximized with USB Keyboard support + + Testing points: + - x230-hotp-maximized does not accept input from USB keyboard + - x230-hotp-maximized_usb-kb accepts input from USB keyboard + +commit 7b15726e1dae504b19424d1f6b3a59aa4b3ed88c +gpg: Signature made Tue 05 Apr 2022 01:55:11 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Apr 5 13:53:09 2022 -0400 + + functions: add loading of usb-hid via enable_usb + + Testing points: + - All boards explicitely declaring CONFIG_USB_KEYBOARD=y gets USB Keyboard back under Heads + - All other boards are not impacted. + +commit 97b124ab8ea2aa2d58d7dcd29d3f8e7cc5cc3e02 +gpg: Signature made Tue 05 Apr 2022 01:49:06 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Apr 5 13:46:48 2022 -0400 + + adding the usb-hid kernel module inclusion under linux module when CONFIG_USB_KEYBOARD is defined + + Testing points: + - None here. Board who exported "CONFIG_USB_KEYBOARD=y" have it packed under their initrd, but there is no logic loading the module yet. + +commit b90f4f53a1290df6aac2ea840ffe993bec6d3103 +gpg: Signature made Tue 05 Apr 2022 01:45:28 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Apr 5 13:39:29 2022 -0400 + + all linux configs: changing usb-hid support from Y to M + + Testing point: + - All board configs not explicitely stating export CONFIG_USB_KEYBOARD=y should not have any impact + - librem_l1um, kgpe-d16_workstation-usb_keyboard, librem_mini_v2 and librem_mini will loose USB Keyboard input with this commit alone. + +commit 493eb3ebb7820ee943587a9212d4a86855ccd786 +gpg: Signature made Sat 02 Apr 2022 03:16:18 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 303dc26c91 f6d049b3c0 +Author: tlaurion +Date: Sat Apr 2 15:16:18 2022 -0400 + + Merge pull request #1125 from tlaurion/CircleCI_add_packages_to_all_cache_layers + + CircleCI cache: have all cache layers caching packages directory. + +commit f6d049b3c09f89453defb794db9ede1775d8c321 +gpg: Signature made Sat 02 Apr 2022 02:57:55 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Feb 24 15:23:16 2022 -0500 + + CircleCI cache: have all cache layers caching packages directory + + Heads buildstystem: + + Makefile logic will download modules packages under ./packages, check itheir integrity, then extract it and patch extraction directory ONLY if no corresponding .*_verify files are found under ./packages directory. They are extracted under build/modulename-ver/ where patches are applied prior of building them. + build/module* .configured is written when packages are configured under build/modulename-ver/.configured + build/modules* .build is written when packages are built under build/modulename-ver/.build + + CircleCI caching subsystem notes: + + A cache name tag is calculated in the prep_env stage early at each beginning of a workflow, and consists of a cache name, appended by a calculated digest signature (which is the final hash of hashed files (the hash of a digest). + Look for the following under .circleci/config.yml: + "Creating .... digest statements" : they are basically files passed under sha256sum to create a digest. + restore_cache keys: they are basically a string concatenating: name + checksum of digest + CACHE_VERSION. Only the first cache is extracted following declared order. + save_cache keys: same as above, only saving non-existing caches. That is, skipping existing ones and creating missing ones. + A cache is extracted at the beginning of a workflow if an archive matches an archive name, which consists of a name tag + digest hash + CACHE_VERSION + A cache is created only at the end of a workflow ("Saving cache..."). + Caches are specialized. Caches are linked to checkumming of some content. And the largest available cache is extracted on next workflow, only extracting the directories/files that were contained in that cache. + A workspace cache ("Attaching workspace..."), as opposed to a end workflow cache, is passed along steps that depends on prior workflow, as specified under CirclecI config. The current CircleCI config creates a workspace cache for: + make + gawk + musl-cross-make (passed along next) + the most massive board config for each coreboot version (passed along next) + which is finally leading to the workflow cache, specialized for different content that should not change across builds. + That is 3 caches + musl-cross-make and bootstrapping tools (builds make and gawk locally) as long as musl-cross module has same checksum + a coreboot cache, containing all coreboot building directories, as long as coreboot module and patches are having the same hashes + a global cache containing alla builds artifacts (build dir, install dir, musl-cross dir etc) + Consequently, a workspace cache contains all the files under a path that is specified. For heads running under CircleCI, this is ~/project, which is basically "heads" checked out GitHub project, and everything being built under it. + When a workflow is successful, save_cache is ran, constructing caches for digest hashes that are not yet saved (which corresponds to a hash matching muslc-cross module hash, coreboot+patches digest hash and another one for all modules and patches digest hash. + On next workspace iteration, pre_env step will include a "Restore cache" step, which will use the largest cache available and extract it prior of passing it as workspace caches. This is why there is no such different in build time when building on a clean build (the workspace caches layers are smaller, and passed along. This means saving it, passing it. next workspace downloads extracts and builds on top of those smaller layers), as opposed to a workspace reusing and repassing the bigger workspaces containing the whole cache (bigger initial cache extract, then compressing and saving it to be passed as a workspace layer that is then downloaded, extracted, building on top, compressing and saving which then passed as a workspace cache to the next layer depending on it). + And finally, the caching system (save_cache, restore_cache) is based on a CircleCI environment variable named CACHE_VERSION which is appended at the end of the checkum fingerprint of a named cache. It can at any moment be changed to wipe actually used cache, if for some reason it is broken. + + Consequently: + + CircleCI cache should include packages cache (so that packages are downloaded and verified only once.) + Heads Makefile only downloads, checks and extracts packages and then patch extracted directory content if packages/.module-version_verify doesn't exist. This was missing, causing coreboot tarballs to be redownloaded (not present under packages) and reextracted and repatched (since _verify file was not present under packages/*_verify) + +commit 303dc26c912c65ae7ef478bf065e2598dd6607fe +gpg: Signature made Fri 01 Apr 2022 07:28:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: dfbb0db9e9 981cb96f25 +Author: tlaurion +Date: Fri Apr 1 19:28:59 2022 -0400 + + Merge pull request #1144 from tlaurion/fix_busybox_zlib_current_build + + Fix current builds (zlib 1.2.11 cannot be downloaded, busybox patch not applied) + +commit dfbb0db9e97d2007f09cb7b9d6960f1528ea1ee3 +gpg: Signature made Fri 01 Apr 2022 07:27:29 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 182bd6bd75 04431487b1 +Author: tlaurion +Date: Fri Apr 1 19:27:29 2022 -0400 + + Merge pull request #1111 from tlaurion/xx30_vbios_script_fixes + + Improvements on xx30 vbios scripts + +commit 981cb96f253fa8cc1f2b64a1c3997f019e0e503e +gpg: Signature made Fri 01 Apr 2022 09:47:46 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Apr 1 09:32:58 2022 -0400 + + Fix current builds + - zlib 1.2.12 release is not respecting cross compiling. 1.2.11 disappeared from servers: taking another archive link, same hash. + - busybox 1.32.0 was not patched with 1.28.0 patch. Renaming patch so that its applied in fresh builds. + +commit 182bd6bd7517c8e322bc4712db01906b41cce58c +gpg: Signature made Mon 28 Mar 2022 03:03:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9016ebccc2 9760181d09 +Author: tlaurion +Date: Mon Mar 28 15:03:59 2022 -0400 + + Merge pull request #1141 from tlaurion/oem_reownership_add_reencryption_passphrase_change + + OEM Factory Reset/Re-Ownership: Addition of LUKS reencryption + passphrase change options + +commit 9760181d0987de6167bd784415f002f2723d107f +gpg: Signature made Fri 25 Mar 2022 06:46:14 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Mar 23 16:02:59 2022 -0400 + + Uniformize time display so it includes timezone + date=`date "+%Y-%m-%d %H:%M:%S %Z"` + +commit 8f390f97c217fb4aaa4cd8fe7c738c0423ac8d07 +gpg: Signature made Fri 25 Mar 2022 01:31:27 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Mar 23 16:00:08 2022 -0400 + + add integrity report in case some public key is already fused in firmware + + - initrd/bin/oem-factory-reset: adds a measured integrity output prior of prompts. Goal is for stating TOTP/HOTP/boot detached signed measurements prior of initiating a Re-Ownership, validating provisioned OEM state. + +commit dacd99c6299b1883ab878a183302b6cb56e81d1f +gpg: Signature made Wed 23 Mar 2022 03:57:31 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Mar 23 15:55:42 2022 -0400 + + add re-encrypting and passphrase change options to oem-factory-reset + + - initrd/bin/oem-factory-reset: add 2 additional prompts defaulting to N, also explaining why its important. + +commit b9763094985d402d48ab1fe0e6ecf80f074da3f4 +gpg: Signature made Wed 23 Mar 2022 03:52:11 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Mar 23 15:50:58 2022 -0400 + + add re-encrypt and passphrase change options to menu + + - initrd/bin/gui-init : Add two additional menu options to LUKS reencrypt and LUKS passphrase change, calling functions of initrd/bin/reencrypt-luks + - initrd/bin/gui-init : Add option F for EOM Factory Reset / Reownership when no public key is exported by key-init + +commit 058b07110b797ebe79bab5293c03a3e6958d5fbf +gpg: Signature made Wed 23 Mar 2022 03:48:36 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Mar 23 15:47:33 2022 -0400 + + add reencrypt-luks + initrd/bin/reencrypt-luks: add functions for reencryption and passphrase change. Feeds itself from external provisioning or local provisioning + +commit 9016ebccc22eabd40245743886488cf6b89b4309 +Author: Thierry Laurion +Date: Thu Mar 10 09:55:08 2022 -0500 + + OEM Factory Reset -> OEM Factory Reset / Re-Ownership (with customs passwords and provisioned info given) + oem-factory-reset: adapt code so that custom passphrases can be provided by user without changing oem factory reset workflow. + oem-factory-reset: output provisioned secrets on screen at the end of of the process. + oem-factory-reset: warn user of what security components will be provisioned with defaults/customs PINs prior of choosing not after + gui-init and oem-factory-reset: change OEM Factory Reset -> OEM Factory Reset / Re-Ownership to cover actual use cases + +commit acf709184f00ab8eeafdf5441d56e9f2e7ce978a +Author: Thierry Laurion +Date: Mon Feb 21 13:02:34 2022 -0500 + + bin/kexec-iso-init: Add support for Arch iso support requirements (found at https://mbusb.aguslr.com/howto.html) + +commit 3e526aea27033e80ac6a8055731f9aeb3a991409 +Author: Thierry Laurion +Date: Mon Feb 21 11:48:10 2022 -0500 + + distro key: addition of arch minimized public key + bin/kexec-parse-boot: test https://github.com/osresearch/heads/pull/762/commits/2bb1f52bf5e7d0058a3cd518e1f6bcffc1df8965 that fix correctly comma seperated arguments. + + Still TODO: when booting, Heads tries to find where the ISO with /dev/disk/by-label/ARCH_202202 wich is never brought up. uuids could, not sure why the label is not brought up correctly. Maybe an issue in the way Arch makes the ISO. + @tslilc : Any idea to continue #584 or modify #762? + +commit 19a8f9c2423d9daa137edc4b0319b157084f2a79 +Author: tslil clingman +Date: Fri Jun 26 17:23:43 2020 -0400 + + Tweak syslinux parsing code to be compatible with new Arch isos + +commit 70b93be782a319703cdb0ad1874aa4034f566486 +gpg: Signature made Thu 03 Mar 2022 06:59:04 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 13a12d157b ab6425cc7e +Author: tlaurion +Date: Thu Mar 3 18:59:04 2022 -0500 + + Merge pull request #1130 from marmarek/early-usb + + Check for /bin/hotp_verification instead of CONFIG_HOTPKEY + +commit ab6425cc7eabebb112312e870f9a060e9160611b +gpg: Signature made Thu 03 Mar 2022 06:49:38 PM EST +gpg: using RSA key 080FFC139F57AACE3E946186BB2ED46ACD2C6CF7 +gpg: Good signature from "Marek Marczykowski-Górecki (code signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 080F FC13 9F57 AACE 3E94 6186 BB2E D46A CD2C 6CF7 +Author: Marek Marczykowski-Górecki +Date: Fri Mar 4 00:42:28 2022 +0100 + + Check for /bin/hotp_verification instead of CONFIG_HOTPKEY + + CONFIG_HOTPKEY is not exported to the initrd, check for binary presence. + +commit 13a12d157b2a013d968fad8d4e9902d6159c4df7 +Author: Marek Marczykowski-Górecki +Date: Tue Mar 1 03:03:26 2022 +0100 + + Move enable_usb earlier + + It is going to be enabled later anyway (if CONFIG_HOTPKEY=y), so it can + also be simplified by enabling it at the very beginning. + + This enables USB keyboard consistently during all boot menus, including + the "No Bootable OS Found" prompt. It isn't a big deal for "normal" + laptop usage, but it is important for automatic tests and also + non-laptop systems. + +commit 3b99caa996f1c44b693cc938e9cee0a157adbc55 +Author: Thierry Laurion +Date: Tue Feb 22 17:56:25 2022 -0500 + + coreboot-4.11 patches: remove unwanted .orig artifacts that seems to be making CircleCI fail in the past days. + + Heads build system is reextracting archives and reapplying patches on each iteration. + CircleCI optimizes building time by providing cache mechanisms and forces users to build a target under an hour. + This is to force Open Source projects (free tier) to not be leechers of the free tier. + + In the past days, CircleCI bails on building coreboot 4.11 boards because some files being cached are already being present (created files from patches). + In those, two files were unwanted artifacts, recreated on top of coreboot 4.11 extracted original files (undesired .orig files), while bailing on the creating of src/security/tpm/sha1.c from patches/coreboot-4.11/0001-Add-Heads-TPM-measured-boot-support.patch. + + Hopefully, this is CircleCI having a maximum of 3 automatically entered input (it fails on the 3rd)... And this fix will permit src/security/tpm/sha1.c and src/security/tpm/sha1.h to be skipped if existing. + Below, we see that CircleCI fills patch prompts with EOF 2 times, and then waits for input and then timeouts. + + Here is the failing log trace from https://app.circleci.com/pipelines/github/tlaurion/heads/990/workflows/f2a430fd-dc8c-4e95-abe3-364a0e825533/jobs/4914/parallel-runs/0/steps/0-103: + + Exerpt of that log: + if [ -d patches/coreboot-4.11 ] && [ -r patches/coreboot-4.11 ] ; then for patch in patches/coreboot-4.11/*.patch ; do echo "Applying patch file : $patch " ; ( cd /root/project/build/coreboot-4.11/ ; patch -p1 ) < $patch || exit 1 ; done ; fi + Applying patch file : patches/coreboot-4.11/0000-cpu-x86-smm-Use-PRIxPTR-to-print-uintptr_t.patch + patching file src/cpu/x86/smm/tseg_region.c + Applying patch file : patches/coreboot-4.11/0001-Add-Heads-TPM-measured-boot-support.patch + patching file src/Kconfig + The next patch would create the file src/Kconfig.orig, + which already exists! Assume -R? [n] EOF + Apply anyway? [n] EOF + Skipping patch. + 1 out of 1 hunk ignored + patching file src/include/program_loading.h + patching file src/lib/cbfs.c + patching file src/lib/hardwaremain.c + Hunk #2 succeeded at 549 (offset 8 lines). + patching file src/lib/rmodule.c + patching file src/security/tpm/Makefile.inc + The next patch would create the file src/security/tpm/sha1.c, + which already exists! Assume -R? [n] make: *** [Makefile:507: /root/project/build/coreboot-4.11/.canary] Hangup + + context deadline exceeded + +commit a3b058ded9ae8496761edaad1f4d5d0157869324 +Author: Thierry Laurion +Date: Sun Feb 20 12:38:21 2022 -0500 + + CircleCI: readd forgotten x230-maximized board + +commit c1409a8b7552225d4ceb0c46e72df92edc3af579 +Author: Thierry Laurion +Date: Thu Feb 17 20:31:27 2022 -0500 + + config/coreboot-xx30(legacy platforms): add back microcode updates that were preventing vmx to work on i5 without them. + + Fixes #1107 + +commit 55534c577728503f8851a9cd4b428c1250a849fd +gpg: Signature made Fri 18 Feb 2022 12:12:58 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 0670bcd1c6 065cbfda7b +Author: tlaurion +Date: Fri Feb 18 12:12:58 2022 -0500 + + Merge pull request #1115 from tlaurion/xx30-flash_revival + + Revive xx30-flash boards + +commit 065cbfda7b2696656a23e51b54784789095a104a +gpg: Signature made Thu 17 Feb 2022 08:25:10 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Feb 17 20:20:43 2022 -0500 + + boards/xx30-flash: change board configs to be solely include flashrom module. + Those boards now produce 4MB coreboot ROM and according CBFS small size, and remove the logic to extract 4Mb ROM out of the 12Mb rom which for some reason, was now misaligned. + config/coreboot-xx30-flash : remove all unnneded stuff to xx30-flash boards. + config/linux-x230-flash: used commonly for all xx30-flash boards, this is now finally saved with savedeconfig, and removes another bunch of unneeded stuff. + + Tested working. Fixes #1095 + +commit 04431487b18b5fd9e6ba15e0ac7bb3fdcbc9b6c6 +gpg: Signature made Tue 15 Feb 2022 11:26:32 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Feb 15 11:17:25 2022 -0500 + + xx30 vbios scripts error handling and better scoping of UEFIExtract for FL1 files only. Also add sudo calls where required + +commit 0670bcd1c6dda456d5fa11a2eec65be7e45c49b9 +Author: Thierry Laurion +Date: Sat Feb 5 11:09:22 2022 -0500 + + coreboot 4.11: add patch to fix assembly.inc directory not always being present and causing race condition in parallelized builds with high number of cores + +commit f9d143d77abd8cd239b69c419f074e25c2f8b284 +Author: Thierry Laurion +Date: Mon Jan 31 10:57:24 2022 -0500 + + Retry CircleCI for 4.11 on Debian 11 docker + - Add kgpe-d16 patch to remove HID for PCI devices (successful build on top of #1101 and #1012 per https://app.circleci.com/pipelines/github/tlaurion/heads/937/workflows/de49bea0-3f58-4a91-8891-87622f5a0eed) + - CircleCI modified to build for coreboot 4.11 kgpe-d16_workstation on top of 4.15 passed workspace + - CircleCI modified so that we still archive all the logs in artifacts for the current build even if failing. We now exit 1 after having archived all the log files under build/ + - Add xx30 vbios extract scripts to test. Expecting musl-cross target to fail since make and gawk aren't built + - CircleCI: gawk was not installed in apt statements under Debian. Installing + - Makefile: seperate and fix local make and gawk building pror of using. Otherwise, impossible to build musl-cross target seperatly. + - Also give some debugging info at start of Heads builds to tell which local gawk and make are used, also telling which make call will be propagated in the rest of the builds + - Fix gawk version checking, reporting bad version even if 4.2.1 as expected on debian-10 (debian-10 OS deploys gawk and make in version 4.2.1) + - CircleCI: Changing musl-cross taget to bootstrap (gawk+make) and musl-cross-make (bootstrap_musl-cross-make) for clarity + +commit 4b260071c3541262140a53a37b8a1c2adee40310 +Author: Thierry Laurion +Date: Mon Jan 31 10:57:24 2022 -0500 + + Retry CircleCI for 4.11 on Debian 10 docker + - Add kgpe-d16 patch to remove HID for PCI devices (successful build on top of #1101 and #1012 per https://app.circleci.com/pipelines/github/tlaurion/heads/937/workflows/de49bea0-3f58-4a91-8891-87622f5a0eed) + - CircleCI modified to build for coreboot 4.11 kgpe-d16_workstation on top of 4.15 passed workspace + - CircleCI modified so that we still archive all the logs in artifacts for the current build even if failing. We now exit 1 after having archived all the log files under build/ + +commit 1693644d56fe92464fcdb00c77c4f4028adfc214 +Author: Thierry Laurion +Date: Mon Oct 11 15:22:58 2021 -0400 + + patches/coreboot-4.11: Add patches to build on newer systems + + - remove https patch that was made as temporarily fix for bad cert + - upgrade crossgcc's iasl to 2021 so toolchain can be built on debian 11+ + - make iasl report itself as being part of coreboot crossgcc build stack. + - remove acpinames from buildgcc make jobss + - add missing string include for binutils gold + - add gnat statements workarounds + - patch Librem L1UM ACPI for newer IASL + + Signed-off-by: Matt DeVillier + +commit 1d5f72e317cd430eee4ba55bce61cf941db01354 +Author: Matt DeVillier +Date: Fri Jan 28 17:12:58 2022 -0600 + + modules/coreboot: don't build IASL separate from toolchain + + Older coreboot versions (pre-4.11) required IASL to be built separate + from the main toolchain (crossgcc), but that is no longer the case, + and doing so causes random failures from trying to build IASL as + part of the toolchain and separately, in parallel, each using + -j$(CPUS) threads. + + Test: build any board using coreboot 4.15 under Debian 11, observe + no random failures from building the toolchain due to false positives + for a missing depencency . + + Signed-off-by: Matt DeVillier + +commit bf4078ad1357801941f311c78f85eb41dae98db3 +gpg: Signature made Fri 28 Jan 2022 08:56:36 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fde7ee2b11 7644d90160 +Author: tlaurion +Date: Fri Jan 28 20:56:36 2022 -0500 + + Merge pull request #1099 from tlaurion/corebot_fix_EXTRA_FLAGS_only_woking_for_coreboot-415 + + modules/coreboot: pass EXTRA_FLAGS correctly to non coreboot 4.15 coreboot builds + +commit fde7ee2b11806b437722f3ccfe1a7f9ff238bb98 +gpg: Signature made Fri 28 Jan 2022 08:55:37 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3f7f8ac42b 37ee3f37ad +Author: tlaurion +Date: Fri Jan 28 20:55:37 2022 -0500 + + Merge pull request #1100 from tlaurion/board_configs_fixes_CONFIG_BOARD_NAME + + boards/* : Add/uniformize missing CONFIG_BOARD_NAME for coreboot boards + +commit 37ee3f37ad60472accc8f3326e23c1ea4ea4fa4b +gpg: Signature made Fri 28 Jan 2022 02:17:24 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jan 28 14:13:13 2022 -0500 + + boards/* : Add/uniformize missing CONFIG_BOARD_NAME for coreboot boards + +commit 7644d901603f9d2cf5feadfd7a763b344ddf786b +gpg: Signature made Fri 28 Jan 2022 01:57:48 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jan 28 13:57:48 2022 -0500 + + modules/coreboot: :? is invalid. ?= defines if not previously defined + +commit 3f7f8ac42b41f4ebd72ce79910236cb696a994a8 +gpg: Signature made Thu 27 Jan 2022 07:03:33 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 15b3d43d06 31214381a2 +Author: tlaurion +Date: Thu Jan 27 19:03:33 2022 -0500 + + Merge pull request #1098 from MrChromebox/librem_cryptsetup2 + + board/librem_*: Switch to cryptsetup2 + +commit 15b3d43d06f68731142b35a3f788ad38040481e0 +gpg: Signature made Thu 27 Jan 2022 07:03:02 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f618d357c0 411ecc50f4 +Author: tlaurion +Date: Thu Jan 27 19:03:02 2022 -0500 + + Merge pull request #1097 from MrChromebox/librem_4.15_fixup + + patches/coreboot-4.15: Add Librem 4.15 patches + +commit 31214381a28b4ea65f6016a9a9cddd9f50f7379a +gpg: Signature made Thu 27 Jan 2022 05:41:24 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Jan 27 13:26:26 2022 -0600 + + board/librem_*: Switch to cryptsetup2 + + Required to decrypt some volumes encrypted via LUKS2 + (eg, Qubes 4.1 dom0 / root partition) + + Signed-off-by: Matt DeVillier + +commit 411ecc50f46e3ad754552ae2a48b2f5b20460fda +gpg: Signature made Thu 27 Jan 2022 05:39:57 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Jan 27 13:18:56 2022 -0600 + + patches/coreboot-4.15: Add Librem 4.15 patches + + Add patches to coreboot 4.15 to: + - show ME status even when device is disable + - fix PCIe RP hotplug on Librem 14 + - fix ME reset timeout on Librem 13/15 + + This synchronizes with Purism's coreboot 4.15-Purism-3 tag. + + Signed-off-by: Matt DeVillier + +commit f618d357c0cf02c9fc2451473ba5cbbb7a59c4ea +gpg: Signature made Sun 23 Jan 2022 10:19:49 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b4b0bc4a7a 7a324bbd29 +Author: tlaurion +Date: Sun Jan 23 22:19:49 2022 -0500 + + Merge pull request #1094 from tlaurion/tails_signing-key_2022 + + tails.key : merging of new long-term signing key with old one so old ISOs can still be booting from Heads + +commit 7a324bbd29efb3144edfec7adc28f72020635728 +gpg: Signature made Fri 21 Jan 2022 01:00:49 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jan 21 12:58:25 2022 -0500 + + tails.key : merging of new long-term signing key with old one so old ISOs can still be booting from Heads + + Reproducibility notes at https://github.com/osresearch/heads/pull/1023#issuecomment-1018735659 + + Fixes #1023 + +commit b4b0bc4a7afa357a9142145ca30fe8d4a4ab7f7b +Author: HardenedVault +Date: Wed Jan 19 07:07:03 2022 +0200 + + Use luksHeaderBackup rather than luksDump to measure luks headers. + +commit fba79ab44811d9bfb4e87fc351c7faff576f71fc +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Mon Dec 27 09:28:13 2021 +0100 + + Fixing config.yaml file path + +commit a1f86fa3aa47d56a44bd01e37896bfec2905e160 +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Mon Dec 27 09:28:03 2021 +0100 + + Fixing config.yaml file path + +commit a5b27e485f89f8628e705d3885fc8dd366b132a3 +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Sun Dec 19 22:13:47 2021 +0100 + + Adding explanatory notes re t530 and w530 dgpus + + This commit adds explanatory notes and updates existing t530 and w530 boards to generally align them with the dGPU points and provide signposting for those with and those without dGPU boards. It also adds an additional README in the blobs directory to explain the vbios extraction and building process. + +commit a854144e2dbf14700491e3f1cb6f88e12d22197b +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Sun Dec 19 22:01:29 2021 +0100 + + Add support for t530 and w530 dGPU + + This commit adds support for the t530 and w530 boards to enable dGPUs. dGPU's are required for DisplayPort external displays in the t530 dgpu model, and for both the VGA dn DisplayPort external displays in the W530 (which has two dGPUs, the K1000M and K2000M, hence two boards). The commit does the following: + + 1. Adds automated extraction scripts for vbios modelled on the me script in the blobs directory (one per board is necessary as it is based on board-specific bios updates). + 2. Adds specific boards for the various dGPU models and corresponding coreboot configs. + 3. Updates circleci config.yaml to run scripts and test boards. + + Tested and working on T530 dgpu and W530 K1000M. dGPU scripts tested on Debian 10 and Ubuntu 21.04 + +commit f0f467711246b265700b91014e0934741a6979f9 +Author: Matt DeVillier +Date: Fri Dec 17 21:08:47 2021 -0600 + + circleci: add Librem boards as coreboot 4.15 build targets + + Signed-off-by: Matt DeVillier + +commit 7d83bfcbea2e286f5ce2b7f74a9d2e16c9364aae +Author: Matt DeVillier +Date: Mon Oct 25 17:08:25 2021 -0500 + + config/coreboot-librem_14: Drop CONFIG_ANY_TOOLCHAIN + + No longer needed + + Signed-off-by: Matt DeVillier + +commit 51a111997303c889ac214f3f76a7fc415ab1e0fb +Author: Matt DeVillier +Date: Tue Oct 26 10:51:43 2021 -0500 + + boards/librem_*: Unify/update kernel IOMMU params + + Unify the CONFIG_BOOT_KERNEL_ADD/REOVE parameters for all + Librem boards. Ensure IOMMU disabled for the GPU, and that + duplicated IOMMU params are not passed to the kernel. + + Signed-off-by: Matt DeVillier + +commit f23d218db1f46d63b4d9e43a63fcb0531ea88aed +Author: Matt DeVillier +Date: Tue Oct 26 10:54:16 2021 -0500 + + config/coreboot-librem_{13*,15*}: Use iommu=pt for Heads kernel + + Resolves issues booting Qubes 4.1-RC1 installer. Drop log level + to be consistent with the Librem 14/Mini v1/v2. + + Signed-off-by: Matt DeVillier + +commit d9bc74e7f097c5f1b32e1077ed60f29c72b95929 +Author: Matt DeVillier +Date: Wed Oct 27 08:51:54 2021 -0500 + + blobs/librem*: remove blob download scripts + + Blobs needed to build the Librem 13/15 boards are now + handled by the purism_blobs module; these scripts are + no longer needed. + + Signed-off-by: Matt DeVillier + +commit 5859d1438e89bbcae72e2e4d138eae07f2eefff6 +Author: Matt DeVillier +Date: Thu Nov 11 12:17:20 2021 -0600 + + modules/coreboot: drop support for coreboot 4.14 + + All boards using 4.14 have migrated to 4.15 + + Signed-off-by: Matt DeVillier + +commit c5d9fa484b84f2f18c742af8932493054fada857 +Author: Matt DeVillier +Date: Thu Nov 11 12:16:01 2021 -0600 + + boards/librem_*: Update to coreboot 4.15 + + Update all Purism Librem boards except the L1UM server + to coreboot 4.15: + + - update coreboot version from 4.8.1/4.13 to 4.15 + - use purism_blobs module (if not already) + - update board coreboot defconfig files (Librem 13/15) + + Signed-off-by: Matt DeVillier + +commit 1dc79eba8263d494a08f5c682e36c2ca398218fc +Author: Matt DeVillier +Date: Thu Nov 11 12:14:13 2021 -0600 + + modules/coreboot: add support for coreboot 4.15 + + Update hash for coreboot module, coreboot-blobs. + Adjust extra flags to address SNB/IVB build issue. + + Signed-off-by: Matt DeVillier + +commit 3fef749bff60ee329ede07f71dae76b1efa46f4c +Author: Matt DeVillier +Date: Thu Nov 11 12:09:41 2021 -0600 + + modules/purism-blobs: update to current HEAD + + Updates CPU microcodes for all Librem boards. + + Signed-off-by: Matt DeVillier + +commit 90ad70884960ce3a2fb31d76b8191d1d3fdea386 +Author: Thierry Laurion +Date: Fri Dec 17 14:45:53 2021 -0500 + + Apply background colors when fbwhiptail binary is present. + +commit 519bd445d63df637a9a8361094e943e089c72181 +Author: Matt DeVillier +Date: Mon Dec 23 22:49:54 2019 -0600 + + flash.sh: Add progress bar + + Show state of flashrom reads/writes by means of a progress bar, + as used in the Librem coreboot flashing scripts + + v2: add adjustment for use with `--ifd` + + Signed-off-by: Matt DeVillier + +commit 415a08a73259840e753fb1a4ca6cc3e99ed4b339 +Author: Thierry Laurion +Date: Sun Dec 5 13:24:50 2021 -0500 + + board additions: w530, t530, t520 (hotp-maximized and maximized flavors only) + -CircleCI addition. + -Removal of t530-flash, w530-flash boards, flash scripts and associated coreboot configs (no more legacy boards additions) + + This is a merger of #1071, #1072 and #1073 so that test builds are available over CircleCI until osresearch/master CircleCI gets unlocked. + +commit f8a30866a82d33ded4310bf78ad2f3c6a0466d1f +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Sun Dec 5 16:28:16 2021 +0000 + + Reverting to coreboot 4.13 + +commit 5263aa9c2f040cc30f3005da66322fa01793bb85 +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Sun Dec 5 16:27:53 2021 +0000 + + Reverting to coreboot 4.13 + +commit 8aa11bae4027c3732d961f5836e46a5aed7180a9 +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Sun Dec 5 16:27:33 2021 +0000 + + Update t530-flash.config + +commit b4368f3df0ee47e300673185d1b92b0b5793e60d +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Sun Dec 5 16:27:07 2021 +0000 + + Reverting to coreboot 4.13 + +commit 38b29cb9f7684e0c88cf606c6bb5aaed7eaf1fbe +Author: eganonoa <56741779+eganonoa@users.noreply.github.com> +Date: Sun Dec 5 16:26:43 2021 +0000 + + Reverting to coreboot 4.13 + +commit ce435a414899f00f8a9b086bcf0fa46288543701 +Author: eganonoa +Date: Sun Dec 5 15:51:10 2021 +0100 + + adding working w530 board, initrd and config files + +commit 652bcb8ad036b8453da6bbe73fcbe8af136569dd +Author: eganonoa +Date: Sun Dec 5 15:44:10 2021 +0100 + + reverting to coreboot 4.8.1 (4.13, 4.14 both working) + +commit 66e5c23b13b4a46ffb6bbe44661be353a6952ffb +Author: eganonoa +Date: Sun Dec 5 15:40:38 2021 +0100 + + adding working t530 board, initrd and config files + +commit 90984baca71c7db9350ddb06f90de95387713427 +Author: eganonoa +Date: Sun Dec 5 15:30:48 2021 +0100 + + adding working t520 baord and configs + +commit e492786d0a52fd1e2100629b523c7510797329bb +Author: Thierry Laurion +Date: Wed Dec 1 12:37:27 2021 -0500 + + CircleCI: fix #1058 and partly #984 + + CircleCI: We currently drop coreboot 4.11 builds. + - There is a file missing in the builds. Not sure why/how this is happening + src/soc/intel/fsp_broadwell_de/romstage/romstage.c:41:10: fatal error: build.h: No such file or directory + Example:https://app.circleci.com/pipelines/github/tlaurion/heads/877/workflows/7d0248d2-459c-42ad-b741-8fd56a75d527/jobs/2487 + - kgpe-d16_workstation building for all GPUs is unfortunately taking too much time to build (40 minutes). + - Not sure why, but it seems that the kernel build paralellization is not working for 4.11 while it works for 4.13 + Makefile: Uncomment MAKE_JOBS which passes the number of jobs to numbers cores by default and --max-load of 16 + CircleCI: Remove CPUS statement to use Makefile default + modules/newt: force build with one make job, otherwise there is a race condition in module which fails randomly expecting build modules. (TODO: FIX) + + Interestingly, building all coreboot 4.13 boards is happening on a clean commit just above 1h limit. + + More details: + - CircleCI changed job build time to a maximum of 1h each. + - CircleCI now permits parallelization of 30 jobs + - 6000 build minutes a month. + - Still waiting for osresearch/heads CircleCI project to be unlocked (currently not recognized as open source project?!) + +commit 2ddbd12f98c3006d62b9fab6bc8f4f5815ba7158 +Author: Thierry Laurion +Date: Mon Nov 29 14:46:22 2021 -0500 + + t4xx: coreboot fix of https://github.com/osresearch/heads/issues/1057#issuecomment-980244848 for #1015 + +commit ee5073ebe8613051ee2d233a0d4e3ccb36956aaa +Author: Thierry Laurion +Date: Thu Nov 25 10:38:15 2021 -0500 + + CircleCI: add large ressource class for free tier as defined under https://support.circleci.com/hc/en-us/articles/4410707277083-Context-deadline-exceeded-after-1-hour-Build-timed-out-Free-tier-only- + Readd https://github.com/osresearch/heads/pull/984 without cache + Add kgpe-d16 musl-cross target prior of having kgpe-d16 depend on musl-cross target (To try to have musl-cross step successfull under 1h CircleCI new limit) + CircleCI: add a subcommand that can follow a target (to build musl-cross-make now and coreboot version specific musl-cross later) + Output of hashes is now optional + 29/11/2021 CircleCI public information available states parallelization of up to 30 jobs at a time. Let's play + - We first build heads musl-cross-make and persist (passing musl-cross-make into next job) + - We then build per coreboot version board with coreboot make statement only and persist (passing musl-cross-make + coreboot's musl-cross buildstack) + - We then build per coreboot version board (reusing past build musl-cross-make and coreboot's version musl-cross buildstack) + Remove 4.11 boards for the moment to test only build time and parallelization + +commit 22f228833101e2eeaa2441eb38d9f2cdce5cade6 +Author: Thierry Laurion +Date: Sat Oct 30 16:59:31 2021 -0400 + + xx30 blobs: use me_cleaner.py locally downloaded + + - me_cleaner downloaded from https://github.com/corna/me_cleaner/blob/43612a630c79f3bc6f2653bfe90dfe0b7b137e08/me_cleaner.py + - placed under xx30 blobs dir + - CircleCI uses it locally without downloading it everytime (me_cleaner hasn +Date: Fri Oct 29 14:42:44 2021 -0400 + + t430-hotp-verification: addition of t430 counterpart of non-maximized x230-hotp-verification board + +commit 8d805e8d8fe7aeb723ab04b2b5c49282068cae19 +Author: Thierry Laurion +Date: Thu Oct 21 11:56:08 2021 -0400 + + CircleCI: build only for coreboot 4.13 and coreboot 4.11 boards. (TODO: change when 4.13 boards bumped to 4.14) + +commit 2d8d45c02e0f374ffc0b21cddc9abbb169488ad5 +Author: Thierry Laurion +Date: Thu Oct 14 13:14:06 2021 -0400 + + t420 board was still based on coreboot 4.8.1. blobs still depend on blobs/t420/* presence. + +commit c5be3ce4837f51adaf1c0002bba197a82ca82cc2 +Author: Thierry Laurion +Date: Thu Oct 14 13:12:33 2021 -0400 + + t430 board was a X230. fixed. + +commit 7c576e2706ea3c2d05b99dea1db7346bc21af146 +Author: Thierry Laurion +Date: Thu Aug 5 13:56:23 2021 -0400 + + CircleCI: base all coreboot 4.13 boards on hotp-maximized to try to free more building time. + +commit 41847f5cd22dc09e7765089c8818674a7d1fa489 +Author: Thierry Laurion +Date: Mon Jul 26 14:02:42 2021 -0400 + + move all other boards (but KGPE-D16) to coreboot 4.13 + - xx30 legacy boards (x230, x230-flash, t430, t430-flash) now rely also on coreboot 4.13 + - DOWNSIDE: x230 and t430 legacy boards now rely on WHIPTAIL (NOT FBWhiptail) to have enough space to fit under 7mb) + - xx20 boards moved to 4.13 (no need of xx20-flash boards here since single SPI boards with 7.5mb useable since blobs scripts are required) + - DOWNSIDE: all xx20 boards now have dropbear deactivated, while still having ethernet driver in. + - qemu-coreboot and qemu-coreboot-fbwhiptail switched to coreboot 4.13 WITHOUT TPM SUPPORT (with cryptsetup 2.x support) + - DOWNSIDE: + - coreboot-qemu board CBFS_SIZE=0x700000 -> 0x750000 + - coreboot-qemu-fbwhiptail CBFS_SIZE=0x750000 -> 0x780000 + - CircleCi build recipe removes 4.8.1 boards altogether + - KGPE-D16 workstation is used as new base build to save workspace layer (we removed one workspace layer) + - Removing one workspace layer will save approx 2 hours of build time on fresh builds + - Removing one coreboot version will save us approx 2 hours of build time on fresh builds + - KGPE-D16 will stay to coreboot 4.11 until forward notice. + - All other board configs SHOULD be built on latest coreboot versions + +commit c7e651d663dccf904aec40a9096e50f8896e5080 +Author: Thierry Laurion +Date: Mon Jul 26 11:41:28 2021 -0400 + + xx20/xx30 boards uniformisation when switching to coreboot 4.13 + - all: coreboot NO_POST for all boards + - all: coreboot NO_GFX_INIT (linux payload does the graphic init) + - all: coreboot TPM_MEASURED_BOOT (no more patches under Heads for measured boot) + - all: coreboot DRIVERS_PS2_KEYBOARD (fixes no keyboard on soft reboot and potentially xx30t xx20t fix for random raw keyboard (to be tested) + - all: coreboot removal of DEFAULT_CONSOLE_LOGLEVEL_5 under some boards + - all: coreboot removal of "loglevel=3" under some linux command line options booting Heads kernel + - all: coreboot removal of DEBUG_SMM_RELOCATION (unneeded) + - all: coreboot INCLUDE_CONFIG_FILE and COLLECT_TIMESTAMPS for all boards + - all: coreboot CONSOLE_SERIAL present on all boards + - all: coreboot add VBT + - all: board configs switch to cryptsetup2 + + xx20 hotp-maximized boards: + - removal of dropbear (not enough space to have htop + dropbear) + + txx0 boards coreboot: + - USE_OPTION_TABLE and STATIC_OPTION_TABLE added (todo: check T430 boards optimization and find issue/PR and ammend this commit) + +commit 5f36bfab1d53f5038e9eeb21943c1de1ec13d0aa +Author: Thierry Laurion +Date: Fri Jul 23 15:26:39 2021 -0400 + + t420 maximized builds: remove commented coreboot config options (we want log timestamps and also want to provide active configuration) + +commit 816259c0f1a6d533b8d316fa5c6e50c9dc2c8b9e +Author: Thierry Laurion +Date: Fri Jul 23 15:25:47 2021 -0400 + + x230-maximized boards : add PS2 keyboard support to fix keyboard being inactive at reboot and potentially x230t which is raw sometimes on boot. + +commit 6de04473b75c24a8f749122b3bc41a386b4c327a +Author: Thierry Laurion +Date: Fri Jul 23 11:34:26 2021 -0400 + + Add CONFIG_INTEL_GMA_ADD_VBT to suppress i915 PCI errors at early boot + +commit e8032924c1e3ad49c41d36bd6ba11eb43507d29f +Author: Thierry Laurion +Date: Sat Jan 2 12:09:46 2021 -0500 + + x230-maximized boards: build against coreboot 4.13 + +commit 54a3b0794740249f97e62f9938dffb6c655a2349 +Author: natterangell <35780347+natterangell@users.noreply.github.com> +Date: Thu Jun 17 14:11:28 2021 +0200 + + t420-maximized boards: build against coreboot 4.13 + +commit b35e1bcbb3cb067e3bc47159c892c22467775e95 +Author: icequbes1 <71958531+icequbes1@users.noreply.github.com> +Date: Tue Nov 23 12:37:09 2021 -0800 + + oem-factory-reset: fix whiptail height/width order + +commit fdbd9b2d48cbbf5bcd3fed9a6eeabe4dce911734 +Author: Matt DeVillier +Date: Fri Oct 29 13:26:02 2021 -0500 + + gui-init: Handle overflow of list of files w/failed hashes + + When files in /boot fail hash verification, the list of files + can sometimes overflow the whiptail msgbox, preventing the + prompt and buttons to update checksums from showing. To mitigate + this, if # of files is > 10, use less to show the file list and + present a separate prompt to update the checksums once the file + list has been viewed. + + Signed-off-by: Matt DeVillier + +commit 59aafa550669f643c2aaaab5a2fd8cf59b8ae332 +Author: Thierry Laurion +Date: Fri Oct 29 14:18:31 2021 -0400 + + NEWT: fix whiptail line width for output that could wrap line content over multiple lines + +commit 561d01c863c56cb0bc49fa17786561377c021794 +Author: Thierry Laurion +Date: Fri Oct 29 13:39:53 2021 -0400 + + KGPE-D16: remove BOOT_GUI_MENU_NAME and BG_COLOR as under all other boards. + +commit 2fc8813fc6219a807a019ec6d747da825f1f3359 +Author: Thierry Laurion +Date: Fri Oct 29 13:35:16 2021 -0400 + + oem-factory-reset: fix output when fbwhiptail is not used + + - Fixed inversed HEIGHT and WIDTH usage + - Fixed height to 30 and width to 90 as everywhere else + + This was causing a blank screen when whiptail without framebuffer (fbwhiptail) was used. + Actually, it seems like the width and height under whiptail calls are only taken into consideration under NEWT, not FBWHIPTAIL. + +commit 661b3b0e81942e022a09fd52b3b0f8a26f8cbc78 +Author: Thierry Laurion +Date: Fri Oct 29 13:33:35 2021 -0400 + + flash-gui: fix width of flash confirmation from 60 -> 90 chars as everywhere else + - Fix the flash prompt that was spreading filename over 2 lines (width 60 -> 90 as everywhere else) + +commit c6a36948c5884e6815bd0da75c9a498b47304160 +Author: Thierry Laurion +Date: Fri Oct 29 13:29:31 2021 -0400 + + Whiptail: move BG_COLOR default definitions from gui-init to init + + - Set them only when FBWHIPTAIL is used. + - If NEWT is used (console mode without framebuffer): set default to none. + +commit 28c7202bd81715cbca40f8b8dc413bfb94a840cf +Author: Matt DeVillier +Date: Tue Oct 26 15:26:11 2021 -0500 + + etc/functions: Improve handling of battery charge/health calcs + + Some devices, like older Librem laptops, use BAT vs BAT0 for the + primary battery. Accomodate this by using BAT* instead of BAT0. + + Could break on multi-battery devices, but none supported in tree + currently so more of a theoretical problem. + + Signed-off-by: Matt DeVillier + +commit 21e50681985dc810341abd5c829a3bb80235a9d2 +gpg: Signature made Thu 21 Oct 2021 10:07:42 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4dee35ae40 61124979ec +Author: tlaurion +Date: Thu Oct 21 22:07:42 2021 -0400 + + Merge pull request #1043 from MrChromebox/fix_gpg_comment + + oem-factory-reset: fix custom comment entry + +commit 61124979ecc3c85f9499fb6ee9910ce58e83b211 +gpg: Signature made Thu 21 Oct 2021 07:35:16 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Oct 21 16:24:56 2021 -0500 + + oem-factory-reset: fix custom comment entry + + copy/paste error resulted in user-entered comment never + being set/checked/used, and email address being overwritten. + Fix variable usage so comment and email are set correctly. + + Signed-off-by: Matt DeVillier + +commit 4dee35ae405f709a2ed2db39645d5df0ed0860be +Author: Thierry Laurion +Date: Tue Oct 19 14:48:03 2021 -0400 + + System Info: Add full charge Battery capacity (actual full charge capacity/design full charge capacity) + +commit ffde47133fb59ae9261d61df3c3acddc71846a73 +Author: Matt DeVillier +Date: Thu Sep 16 10:05:55 2021 -0500 + + patches/coreboot-4.14: Add patches for Librem mini, 14 + + Patches for the Librem Mini (v1/v2) and Librem 14 upstreamed + post-4.14. Fixes some issues with acoustic noise and headphone + jack detection. + + Signed-off-by: Matt DeVillier + +commit ed0282d33e76f817b34b7939e6e4c01f51027d9d +Author: Matt DeVillier +Date: Fri Dec 4 12:46:03 2020 -0600 + + Add new board Purism Librem 14 + + Signed-off-by: Matt DeVillier + +commit e3e1ac6839152c71ab09a9a43361ff0b1ead60e4 +Author: Matt DeVillier +Date: Wed Jun 23 10:10:40 2021 -0500 + + modules/purism-blobs: update to HEAD at 4.14-Purism-1 coreboot tag + + Adds blobs for Librem 14, update CPU microcode + + Signed-off-by: Matt DeVillier + +commit e6dbfab3c2e62bc7b2de07e579e7b54320f94f1a +Author: Matt DeVillier +Date: Fri Oct 8 17:27:11 2021 -0500 + + board/librem_{mini,mini_v2}: Migrate from coreboot 4.13 to 4.14 + + - adjust board configs + - move/rename coreboot patch + - adjust comment in CI config + + Signed-off-by: Matt DeVillier + +commit 62da6a027938f3f2c6be9b4831856c3d3b594195 +Author: Matt DeVillier +Date: Fri Oct 8 17:24:24 2021 -0500 + + modules/coreboot: Add option to build using coreboot 4.14 + + Add hashes for coreboot, coreboot-blobs + + Signed-off-by: Matt DeVillier + +commit de0ce98da36e91452f5da8051b38cb6974826902 +Author: Matt DeVillier +Date: Tue Jan 5 16:13:41 2021 -0600 + + etc/functions, gpg-gui: Filter boot device options with '/dev/' + + Grepping on just 'Disk' can lead to disk UUID identifier strings + being added to /tmp/disklist, which then fail to parse later on. + Avoid this by grepping on 'Disk /dev' instead. + + Signed-off-by: Matt DeVillier + +commit 1c6f623c25bb9af759c7052817ae038bf19bc76b +Author: Matt DeVillier +Date: Wed Sep 29 16:32:18 2021 -0500 + + gui-init: update $TOTP after generating new secret or resetting TPM + + After updating/flashing a new ROM, a new TOTP secret must be generated, + but the $TOTP variable needs to be updated afterwards, otherwise it + will show the previous failure which led to the new secret being + created. + + Fix this by re-calling update_totp() after generating a new secret + or resetting the TPM. + + Signed-off-by: Matt DeVillier + +commit 5746b8c97011b1fc2276f603b29a2f855472062a +Author: Matt DeVillier +Date: Mon Sep 27 14:22:45 2021 -0500 + + gui-init: Drop elapsed time check for update_totp() + + If user selects to manually update the TOTP via the menu, + we should do it regardless of elapsed time from previous + check. Otherwise, HOTP will be checked regardless of validity + of TOTP. + + Signed-off-by: Matt DeVillier + +commit feca95a0c191979582e92876e09a21dfa1413fc5 +Author: Matt DeVillier +Date: Mon Sep 27 14:21:38 2021 -0500 + + gui-init: improve handling when HOTPKEY not present + + Allow user to cancel HOTPKEY check, set BG color appropriately + + Signed-off-by: Matt DeVillier + +commit a0308b808fbd870f4972985ce441c29fa5910423 +Author: Matt DeVillier +Date: Fri Sep 24 15:05:14 2021 -0500 + + etc/functions: push result handling of update_checksums() to callers + + Modify update_checksums() to return 0/1 on success/failure, and modify + callers to notify the user on error with a GUI msg. + + Set background color as appropriate in gui-init. + + Signed-off-by: Matt DeVillier + +commit a87c54220c1a06b0364724bbbda8562be1c01837 +Author: Matt DeVillier +Date: Thu Sep 23 13:20:25 2021 -0500 + + gui-init: skip initial checks if user selects option from mount_boot + + Signed-off-by: Matt DeVillier + +commit 43b50788c617f80fc1952b687c0b9674d12f1c8a +Author: Matt DeVillier +Date: Thu Sep 23 13:07:07 2021 -0500 + + config-gui: Show error if no disks found + + Currently, if no disks on system, selection of a new /boot + device will silently fail and simply return the user to the + previous screen. Add an error dialog if no disks found. + + Signed-off-by: Matt DeVillier + +commit 32716c8ce6ca96678a370d091a5f42a1b90fedf5 +Author: Matt DeVillier +Date: Thu Sep 23 12:56:17 2021 -0500 + + gui*: Improve consistency of background color use + + Persist the background color (and error state) through + the main menu and all submenus. Use warning + background color for destructive operations, error color + for errors. + + Signed-off-by: Matt DeVillier + +commit a86debb2572c591e50241cda47592c91e7fe2a34 +Author: Matt DeVillier +Date: Thu Sep 23 12:13:40 2021 -0500 + + gui-init: chain initial checks outside of main loop + + Checking the keyring for a GPG and updating the TOTP/HTOP + status need only happen once at initial boot; the latter + can be updated at any later time from the main menu itself. + Having them repeated each loop of the main menu is unnecessary + (and often annoying). Likewise, the default auto boot can be + moved and the first_pass (and unused MAIN_MENU_OPTIONS) + variable dropped. + + Signed-off-by: Matt DeVillier + +commit 463ec15522c0c1438e04118f9a8dc07145db7d1b +Author: Matt DeVillier +Date: Thu Sep 23 12:07:28 2021 -0500 + + gui-init: Handle menu processing internally + + Now that all menu options are encapsulated in shell + functions, move menu handling from the main loop to + inside the menu/submenu function itself. + + Signed-off-by: Matt DeVillier + +commit 1f27dea220d262c706122d3ad695fa79ab3fd4bd +Author: Matt DeVillier +Date: Wed Sep 22 12:17:04 2021 -0500 + + gui-init: refactor into functions + + Break menus and menu items into functions where possible. + Improves readability of code / functional flow, and + makes future refactoring easier. + + Signed-off-by: Matt DeVillier + +commit e6d6594e67bddfccc799702efc965656595a0357 +Author: Matt DeVillier +Date: Wed Sep 22 11:42:07 2021 -0500 + + gui-init: Add line breaks between functions for readability + + Signed-off-by: Matt DeVillier + +commit 5a52606ad5a557a33b1f02fcf8efaaf7d0067475 +Author: Matt DeVillier +Date: Wed Sep 22 11:32:19 2021 -0500 + + gui-init: rename 'update_totp' to 'generate_totp_hotp' + + Name better reflects function purpose, allows 'update_totp' + to be used to actually update the TOTP code. + + Signed-off-by: Matt DeVillier + +commit 46be6541fce2499e12a141b0482ab0ff729627b7 +gpg: Signature made Fri 15 Oct 2021 02:41:43 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7519f34d90 1def8f95b4 +Author: tlaurion +Date: Fri Oct 15 14:41:43 2021 -0400 + + Merge pull request #1040 from MrChromebox/update_nosplash_fix + + kexec-boot: Streamline cmdline remove filtering + +commit 1def8f95b4af82ccc60eafe503a92b78a2a503af +gpg: Signature made Fri 15 Oct 2021 02:40:24 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Oct 15 13:38:24 2021 -0500 + + kexec-boot: Streamline cmdline remove filtering + + Use sed one-liner vs 3 bash inline commands + + Signed-off-by: Matt DeVillier + +commit 7519f34d904f108ec739f0f4e79a984c98133024 +gpg: Signature made Fri 15 Oct 2021 02:38:16 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6f0a8522fd 1245701694 +Author: tlaurion +Date: Fri Oct 15 14:38:16 2021 -0400 + + Merge pull request #1033 from chri2/master + + fix bug with e.g. nosplash parameter in kernel command line + +commit 6f0a8522fde504b6eab67656eba732c97225d2a0 +gpg: Signature made Fri 15 Oct 2021 02:36:02 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1234e5971e d77ffeda4f +Author: tlaurion +Date: Fri Oct 15 14:36:02 2021 -0400 + + Merge pull request #1035 from bluecmd/patch-make + + Fix make 4.2.1 to build on newer systems + +commit 1234e5971e86ee012a22b85b2d237b32ce65c815 +gpg: Signature made Fri 15 Oct 2021 02:32:28 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 04f0d458cf c8f85c41d3 +Author: tlaurion +Date: Fri Oct 15 14:32:28 2021 -0400 + + Merge pull request #1027 from MrChromebox/mini_cfg_fixes + + Librem Mini {v1,v2} config fixes + +commit c8f85c41d33ee4fe299e560af8f84964e777d06a +gpg: Signature made Fri 08 Oct 2021 06:38:59 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Sep 2 17:21:33 2021 -0500 + + board/librem_{mini,v2}: Disable iGPU passthru for consistency + + We use 'iommu=igfx_off' for booting the Heads kernel, so use the same for + booting the OS to ensure consistency when kexecing + + Signed-off-by: Matt DeVillier + +commit 04f0d458cf74bfa8e9db0c2fb5e5dbe77d66c0f3 +gpg: Signature made Fri 08 Oct 2021 03:40:30 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9a43824deb 7f13418a9a +Author: tlaurion +Date: Fri Oct 8 15:40:30 2021 -0400 + + Merge pull request #1026 from MrChromebox/update_kexec + + kexec: Update to version 2.0.22 (was: 2.0.20) + +commit 9a43824debba65deb640c7f15b17f407be81dd36 +gpg: Signature made Thu 07 Oct 2021 12:45:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7a6a3fe5a4 e65770035e +Author: tlaurion +Date: Thu Oct 7 12:45:59 2021 -0400 + + Merge pull request #1028 from MrChromebox/fix_purism_blobs + + blobs/librem_*: ensure blobs placed in script dir + +commit d77ffeda4fc5d25b47f778563e6b7842dfef317d +Author: Christian Svensson +Date: Thu Sep 30 21:59:56 2021 +0200 + + Fix make 4.2.1 to build on newer systems + + This patch makes it possible to build make 4.2.1 using newer systems + that otherwise would complain about a missing definition of __stat. + + Signed-off-by: Christian Svensson + +commit 12457016940b08a4f4c7cc64758971e3e9505b70 +gpg: Signature made Wed 29 Sep 2021 02:57:18 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: chri2 +Date: Wed Sep 29 06:57:18 2021 +0000 + + fix bug with e.g. nosplash parameter in kernel command line + + strings from $cmdremove should only be removed from $cmdline if they are enclosed by spaces of if they are at the beginning of $cmdline followed by a space or if they are at the end of $cmdline prepended by a space + +commit e65770035e7d782900cefe01d0fe900808adefb8 +gpg: Signature made Wed 15 Sep 2021 11:38:59 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 5 17:17:17 2021 -0500 + + blobs/librem_*: ensure blobs placed in script dir + + Ensure blobs end up in correct dirs, even when scripts are + called from the root project dir. Fixes issues when called + from CircleCI. + + Signed-off-by: Matt DeVillier + +commit 7f13418a9acd482cf1ec34b986ce12249207790a +gpg: Signature made Wed 15 Sep 2021 11:23:05 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Sep 2 17:10:03 2021 -0500 + + kexec: Update to version 2.0.22 (was: 2.0.20) + + Update version, download hash, patch filename. + + Fixes some IOMMU-related issues on Librem Mini v1/v2, L14 + + Signed-off-by: Matt DeVillier + +commit 7a6a3fe5a4045f9ff57727fca3ccd63599435d44 +gpg: Signature made Thu 19 Aug 2021 01:15:27 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 60081318b5 0ed8a886ee +Author: tlaurion +Date: Thu Aug 19 13:15:27 2021 -0400 + + Merge pull request #1016 from elliotvirzi/patch-1 + + Display TOTP secret as text + +commit 0ed8a886ee7b06ca9d22dcdc28becef72c90cda9 +gpg: Signature made Sat 07 Aug 2021 01:40:13 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: elliotvirzi <88593218+elliotvirzi@users.noreply.github.com> +Date: Sat Aug 7 17:40:13 2021 +0000 + + Display TOTP secret as text + + Enable use of TOTP devices without a camera + +commit 60081318b5cb4a1d0f9a250cac2474a5cf808345 +gpg: Signature made Thu 29 Jul 2021 02:38:26 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2918bcdf48 268f628c74 +Author: tlaurion +Date: Thu Jul 29 14:38:26 2021 -0400 + + Merge pull request #1011 from SergiiDmytruk/build-enhancements + + Build enhancements + +commit 2918bcdf48a90498381a006427e34e658e5a1d98 +gpg: Signature made Thu 29 Jul 2021 12:42:38 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 183f72f07c 19d064ff96 +Author: tlaurion +Date: Thu Jul 29 12:42:38 2021 -0400 + + Merge pull request #1014 from tlaurion/q41_fepitrebot_distro_signing_key + + Adding qubes-test distro public key to test QubesOS ISOs + +commit 183f72f07c651e110659f419992f0bfe8a78e79e +gpg: Signature made Tue 27 Jul 2021 04:19:21 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7314dc37a9 57417e149a +Author: tlaurion +Date: Tue Jul 27 16:19:21 2021 -0400 + + Merge pull request #1012 from tlaurion/remove_double_heads_banner + + init: remove double heads motd banner, keeping the one sent to tty0 + +commit 7314dc37a97b23f3129a63245ebc32b3d7b940cd +gpg: Signature made Mon 26 Jul 2021 09:43:46 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9339394b69 ddc5d25a25 +Author: tlaurion +Date: Mon Jul 26 21:43:46 2021 -0400 + + Merge pull request #1013 from tlaurion/cryptsetup2_add_makefile_missing_statement + + Makefile: Add cryptsetup2 missing statement into Makefile + +commit 19d064ff966ccde544decd8b2de690a5363c7360 +gpg: Signature made Mon 26 Jul 2021 10:21:36 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Jul 24 15:43:01 2021 -0400 + + Adding qubes-test distro public key to test QubesOS ISOs from https://qubes.notset.fr/iso/. Fixes https://github.com/osresearch/heads/issues/1010 + +commit ddc5d25a25acb5393521e18d6b9f1a0b57191edd +gpg: Signature made Mon 26 Jul 2021 09:42:38 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Jul 25 11:30:19 2021 -0400 + + Makefile: Add cryptsetup2 so that binaries are copied under tools.cpio when building initrd. + +commit 268f628c74a774439744856e966486a2d9aa1be2 +gpg: Signature made Mon 26 Jul 2021 05:02:10 AM EDT +gpg: using RSA key 48579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Sun Jul 18 20:38:35 2021 +0300 + + Build musl-cross in parallel + + Signed-off-by: Sergii Dmytruk + +commit 14c7bb6b7a7421c5c22eff8e0a0b72be29adcc7e +gpg: Signature made Mon 26 Jul 2021 05:02:10 AM EDT +gpg: using RSA key 48579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Tue Jul 20 23:48:08 2021 +0300 + + Allow using files other than coreboot.rom + + Talos 2 will need signed ROM with ECC and an analogous separate bootblock + file. + + Signed-off-by: Sergii Dmytruk + +commit ea66885acb4d2a9eafd85708adfade59ecb778d3 +gpg: Signature made Mon 26 Jul 2021 05:02:10 AM EDT +gpg: using RSA key 48579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Thu Jul 1 00:13:27 2021 +0300 + + Allow having multiple patches for the same version + + By means of specifying ` _patch_version` variable. + + Signed-off-by: Sergii Dmytruk + +commit 97dc552d280b2a5998a9eec5e936be3203aa194b +gpg: Signature made Mon 26 Jul 2021 05:02:09 AM EDT +gpg: using RSA key 48579AA47429663E +gpg: Can't check signature: No public key +Author: Sergii Dmytruk +Date: Sun Jul 18 20:35:59 2021 +0300 + + Support generation of bundled kernel + + Signed-off-by: Sergii Dmytruk + +commit 57417e149a9d6f388fa0df6077418fd2698ea9c1 +gpg: Signature made Sun 25 Jul 2021 07:53:35 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Jul 25 19:53:35 2021 -0400 + + init: remove double heads motd banner, keeping the one sent to tty0 which is both local and remote + +commit 9339394b699fb1790eea3623d6ad5acf7334297a +gpg: Signature made Sun 09 May 2021 07:36:40 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: cae003ebc3 6f19104054 +Author: tlaurion +Date: Sun May 9 19:36:40 2021 -0400 + + Merge pull request #993 from Tonux599/script-exit-codes-fix + + Fix exit codes for ME download scripts + +commit 6f19104054e5ed1227884626a572158d01a93c7d +gpg: Signature made Sun 09 May 2021 07:01:06 PM EDT +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Sun May 9 23:17:26 2021 +0100 + + Fix exit codes for blobs/xx20/download_parse_me.sh and blobs/xx30/download_clean_me.sh + + Incorrect parentheses brackets used in those scripts meant that the script as a whole did not return the correct exit code. The use of `( )` brackets created a sub-shell to which the exit code applied to that sub-shell. Changing to `{ }` does not create a sub-shell and as such, the script will return its true return code. + +commit cae003ebc34f3bfed73982f46553170a0054ad38 +gpg: Signature made Tue 27 Apr 2021 06:10:18 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c3b0bd6ffb 214703f92d +Author: tlaurion +Date: Tue Apr 27 18:10:18 2021 -0400 + + Merge pull request #977 from Tonux599/circleci_split_to_jobs-staging + + CircleCI: Overhaul with parallelisation and parameters for a cleaner config + +commit 214703f92dff45032cb5c82ada777eb42a297f32 +gpg: Signature made Tue 27 Apr 2021 05:53:31 PM EDT +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thierry Laurion +Date: Tue Apr 27 10:32:10 2021 -0400 + + CircleCI: passing CPUS=24 to CPUS=16 to try to fix latest problems linked to master not building and https://github.com/osresearch/heads/pull/977 + +commit c3b0bd6ffbe816430dd41ef54e649af52ed1ff3b +gpg: Signature made Mon 15 Mar 2021 05:13:04 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1179cc0358 e34d59fcfd +Author: tlaurion +Date: Mon Mar 15 17:13:04 2021 -0400 + + Merge pull request #986 from Thrilleratplay/patch-1 + + Update README.md + +commit e34d59fcfd8052029c2388d66b3d6e81bcd6b5cd +gpg: Signature made Mon 15 Mar 2021 04:50:58 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Tom Hiller +Date: Mon Mar 15 20:50:58 2021 +0000 + + Update README.md + + Change Heads Wiki link from index.md to https://osresearch.net + +commit eb29056461d9fda1006cb9fcd197f794925212c1 +gpg: Signature made Wed 24 Feb 2021 02:54:57 PM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Wed Feb 3 14:21:26 2021 +0000 + + CircleCI: Overhaul with parallelisation and parameters for a cleaner config. + + * Bump CircleCI config version to 2.1. + * Use commands and parameters to get rid of repeated commands. New boards can be added with just 5 lines at the bottom of the config. + * Made use of some parallelisation. Currently a single board from each Coreboot version is built. Afterwards all remaining boards are built in parallel. + +commit 1179cc0358e145efe02c50d8c9249754b048b91a +gpg: Signature made Fri 05 Feb 2021 01:27:32 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 883f4958f8 815a7ef245 +Author: tlaurion +Date: Fri Feb 5 13:27:32 2021 -0500 + + Merge pull request #974 from tlaurion/x230_nkstorecli_board_removal + + x230-nkstorecli PoC board removal, both in tree and in CI (board buil… + +commit 815a7ef24545064b0d36c66ebb7031cf6d86ff32 +gpg: Signature made Thu 04 Feb 2021 10:13:43 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Feb 4 22:13:43 2021 -0500 + + x230-nkstorecli PoC board removal, both in tree and in CI (board builds fails. fits in maximized boards.) + +commit 883f4958f8c8a000d979c6f3a63b581eaff858a1 +gpg: Signature made Thu 04 Feb 2021 06:21:38 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b310fc943e da7f6f734f +Author: tlaurion +Date: Thu Feb 4 18:21:38 2021 -0500 + + Merge pull request #876 from hardenedvault/cryptsetup-2.3 + + Upgrade to cryptsetup 2.3 and make cryptsetup1/cryptsetup2 optionals + +commit b310fc943e3d604d4ae52017be5a268da4b4071e +gpg: Signature made Thu 04 Feb 2021 11:59:53 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Thu Feb 4 11:59:53 2021 -0500 + + Circle ci optimization build time (#972) + + * CircleCI: pass CPUS=4 to CPUS=24 + +commit 1378c3287e0a0e0c7c0532d26d1f8b48d315ac22 +gpg: Signature made Tue 02 Feb 2021 08:25:21 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ba863177f7 bc10168125 +Author: tlaurion +Date: Tue Feb 2 20:25:21 2021 -0500 + + Merge pull request #969 from tlaurion/libusb_github_download2 + + libusb: replace package origin from sourceforge to github release + +commit bc10168125688dcf455252bd362d6edff7d0017a +gpg: Signature made Tue 02 Feb 2021 08:17:52 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Merge: f156589570 5d472ca663 +Author: tlaurion +Date: Tue Feb 2 20:09:34 2021 -0500 + + libusb: replace package origin from sourceforge to github release + without hardcoding url... sorry guys + +commit ba863177f75bae700d9078d3b9141625550893a3 +gpg: Signature made Tue 02 Feb 2021 08:09:34 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f156589570 5d472ca663 +Author: tlaurion +Date: Tue Feb 2 20:09:34 2021 -0500 + + Merge pull request #968 from tlaurion/libusb_download_from_github + + libusb: replace package origin from sourceforge to github release + +commit 5d472ca66319ad24dc480e07e9630a97e1595568 +gpg: Signature made Tue 02 Feb 2021 08:05:21 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Feb 2 20:02:26 2021 -0500 + + libusb: replace package origin from sourceforge to github release + Last CI build in master fails because of a 302 temporary redirect resulting to bad checksum. + +commit f1565895703bb3b76662ebb7ed5d3b6ed5ecdc98 +gpg: Signature made Tue 02 Feb 2021 05:43:45 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 22396fba75 31edd87c89 +Author: tlaurion +Date: Tue Feb 2 17:43:45 2021 -0500 + + Merge pull request #957 from Tonux599/support-linux-5.10.5 + + Bump Librem and KGPE-D16 to Linux 5.10.5 + +commit da7f6f734f64c8999aa46c8fd0bf200bb47ad752 +Author: HardenedVault +Date: Fri Dec 11 11:06:03 2020 +0200 + + make cryptsetup1/cryptsetup2 optional + +commit 22396fba75d12f037afd224de2ca54eda24e402c +gpg: Signature made Sat 23 Jan 2021 11:17:05 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 0d5b3d75e7 041f3f1188 +Author: tlaurion +Date: Sat Jan 23 11:17:05 2021 -0500 + + Merge pull request #964 from tlaurion/xx30_boards_documentation_fix + + xx30 boards: correct documentation, typos + +commit 041f3f1188c4478a9f4331ca26379a6c8ae0cde0 +gpg: Signature made Sun 17 Jan 2021 01:47:53 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Jan 17 13:47:53 2021 -0500 + + xx30 boards: correct documentation, typos + +commit 0d5b3d75e7b84ca85ff252fe5fe23aea990da435 +gpg: Signature made Wed 13 Jan 2021 12:52:40 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6bc40d7a70 df02fd934a +Author: tlaurion +Date: Wed Jan 13 12:52:40 2021 -0500 + + Merge pull request #962 from MrChromebox/update_hotp_verification + + modules/hotp-verification: Update module to latest version + +commit df02fd934aa2214062a7d3f33119290cc6417668 +gpg: Signature made Wed 13 Jan 2021 11:35:13 AM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Jan 13 10:24:38 2021 -0600 + + modules/hotp-verification: Update module to latest version + + Update nitrokey-hotp-verification to upstream master, which + pulls in 2 changes: + - update OTP secret length from 20 bytes to 40 bytes + - fixes handling for branding strings containing spaces + + Test: build/boot Librem 13v4, verify LK verification working + + Signed-off-by: Matt DeVillier + +commit 31edd87c89342e4d62f415edb81bd9d97e823578 +gpg: Signature made Thu 07 Jan 2021 02:24:10 PM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Wed Jan 6 11:03:53 2021 +0000 + + Add `CONFIG_CPU_MICROCODE_CBFS_NONE=y` to KGPE-D16 Coreboot configs. This disables microcode being included and loaded by Coreboot because of a current issue in which newer kernels panic when doing so. + Added note to KGPE-D16 configs about the current microcode bug, why microcode is not included and encouraging AMD Opteron 6300 series users to make sure their operating system loads microcode. + +commit 9bdf3e01dcdd55854193315915e21604f3b055b4 +gpg: Signature made Thu 07 Jan 2021 02:24:09 PM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Thu Jan 7 19:17:23 2021 +0000 + + Update all Librem and KGPE-D16 board to build with Linux 5.10.5. Update KGPE-D16 and Librem linux configs to 5.10.5 with `make savedefconfig`. + +commit 194edf542427e608d6ae874a5b78d7a04398d0b6 +gpg: Signature made Thu 07 Jan 2021 02:24:09 PM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Thu Jan 7 19:07:57 2021 +0000 + + modules/linux: Add support for building against Linux 5.10.5. All patches besides `0000-efi_bds.patch` port cleanly. As a result of `0000-efi_bds.patch` missing, it is strongly encouraged that no linuxboot boards use Linux 5.10.5 until a proper review has been done. + +commit 6bc40d7a7078f1d10136546ccae44f7b4a7b1ad9 +gpg: Signature made Wed 06 Jan 2021 08:13:41 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9af0981473 a1f29410be +Author: tlaurion +Date: Wed Jan 6 20:13:41 2021 -0500 + + Merge pull request #943 from Tonux599/kgpe-d16-flashrom-fix + + Kgpe d16 flashrom fix + +commit 9af0981473b3aa5e1bdda37675dbf3a5a73a383b +gpg: Signature made Tue 05 Jan 2021 09:24:25 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5f0a0ac3cc 7d10edb661 +Author: tlaurion +Date: Tue Jan 5 21:24:25 2021 -0500 + + Merge pull request #954 from tlaurion/coreboot_remove_any_toolchain + + coreboot configs : remove CONFIG_ANY_TOOLCHAIN in coreboot configs + +commit 7d10edb661a1431bfbff7f753abaaf1f91e2bcfd +gpg: Signature made Tue 05 Jan 2021 01:21:06 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Jan 5 13:20:17 2021 -0500 + + coreboot configs : CONFIG_ANY_TOOLCHAIN=y is not needed anymore since built against coreboot's version muslcross built toolchain. + +commit 5f0a0ac3ccc0a2a0b50b302df31d8bd3993048ca +gpg: Signature made Tue 05 Jan 2021 10:47:10 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d8c0ef0735 d364336913 +Author: tlaurion +Date: Tue Jan 5 10:47:10 2021 -0500 + + Merge pull request #952 from tlaurion/xx30-flash_remove_12mb_image + + xx30-flash boards: produce top.rom and remove 12mb rom for clarity + +commit d8c0ef073577a9243fa6408406d8f98f70a74938 +gpg: Signature made Mon 04 Jan 2021 06:25:17 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 69075fa738 7d2ba3d0b8 +Author: tlaurion +Date: Mon Jan 4 18:25:16 2021 -0500 + + Merge pull request #950 from tlaurion/CircleCI_coreboot_cache + + CircleCI: Add coreboot+musl-cross cache + +commit d364336913531c1e0cb3573f6174fe3e26ee86e9 +gpg: Signature made Mon 04 Jan 2021 12:19:09 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon Jan 4 12:19:09 2021 -0500 + + xx30-flash boards: produce top.rom and remove 12mb rom for clarity + +commit 7d2ba3d0b82030cf90bb3a897c0ef311903324f6 +gpg: Signature made Sun 03 Jan 2021 11:08:09 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Jan 3 23:07:51 2021 -0500 + + coreboot module: CPUS=$$CPUS -> CPUS=$(CPUS) + +commit bbaa049ad1182bc9d27e154ddaf7ee843f886524 +gpg: Signature made Sun 03 Jan 2021 09:14:50 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Jan 3 20:00:44 2021 -0500 + + coreboot buildgcc: TEMPORARY HACK: gnu mirrors are failing because of https errors. Falling back to http. + +commit 62a90ed3bea8eb1c35ac2f64adec9553866f59d9 +gpg: Signature made Sun 03 Jan 2021 09:14:44 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Jan 2 15:09:52 2021 -0500 + + CircleCI: Add coreboot+musl-cross cache + The idea here is a cache to restore from (musl-cross from coreboot version bound crosscomipler, from which coreboot is built) + + 1- Reuse existing cache for all modules and patches created digest's hash past build matching cache. + (If a single module or patch changes, we have cache miss.) + 2- Reuse existing coreboot and musl-cross-make created digest's hash past build's matching cache + (If a patch was added to current coreboot, or new coreboot version was added in coreboot module definition, we have a cache miss.) + 3- Reuse existing musl-cross-make created digest's hash past build matching cache + (If musl-cross-make module didn't change, we don't rebuild it.) + + Per https://github.com/osresearch/heads/pull/947#issuecomment-753507412 proposition + +commit 69075fa738e57f25bacf04de14519c1fa7869755 +gpg: Signature made Sun 03 Jan 2021 12:32:43 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 817e6a3068 64b1712e78 +Author: tlaurion +Date: Sun Jan 3 12:32:43 2021 -0500 + + Merge pull request #948 from tlaurion/gpg2_default_RSA3072 + + oem-factory-reset: set default KEY_LENGTH to 3072 and change expectation management message to console + +commit 817e6a30683a8530eadf9919a610c64306602385 +gpg: Signature made Wed 30 Dec 2020 08:36:31 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 69eb819958 ee23fe9d3b +Author: tlaurion +Date: Wed Dec 30 20:36:31 2020 -0500 + + Merge pull request #945 from tlaurion/busybox-fix-1.32 + + busybox: CONFIG_BASH_IS_ASH is incompatible with CONFIG_BASH_IS_NONE + +commit ee23fe9d3ba55e6bbd01a68db0ee3dab0fa25524 +gpg: Signature made Wed 30 Dec 2020 08:32:19 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Dec 30 20:31:37 2020 -0500 + + busybox: CONFIG_BASH_IS_ASH is incompatible with CONFIG_BASH_IS_NONE. Disabling the latter. + +commit a1f29410be0f66b74e6f7c4a6f27a24faac5c82b +gpg: Signature made Wed 30 Dec 2020 02:18:04 PM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Wed Dec 30 18:45:37 2020 +0000 + + modules/flashrom: Enable AST1100 in flashrom. This will allow user to flash the BMC internally for KGPE-D16. + +commit aba13a9c55b4c90a026299fad28892cd9861d2c0 +gpg: Signature made Wed 30 Dec 2020 02:17:54 PM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Wed Dec 30 18:43:09 2020 +0000 + + modules/flashrom: Fixes two issues: + * Flashrom was being fetched with git and was always using `master` + * No patches were being applied (i.e. `0100-enable-kgpe-d16.patch` was being ignored). + +commit 69eb81995809faee342c35b3916fdfea95a8aa4f +gpg: Signature made Wed 30 Dec 2020 01:06:04 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4addeab3f5 3512853ab0 +Author: tlaurion +Date: Wed Dec 30 13:06:04 2020 -0500 + + Merge pull request #909 from Thrilleratplay/bash_is_ash + + feat(busybox): set CONFIG_BASH_IS_ASH + +commit 4addeab3f5f10d0893ee5f0ccc5a6a83f1a63f3b +gpg: Signature made Wed 30 Dec 2020 01:05:49 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7c686d576f e9eedc4717 +Author: tlaurion +Date: Wed Dec 30 13:05:49 2020 -0500 + + Merge pull request #900 from tlaurion/busybox-1_32 + + Upgrade busybox to 1.32 + +commit 7c686d576ff63c5912d80cb28d37809e5f4fbd1e +gpg: Signature made Wed 30 Dec 2020 01:04:50 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b06a26f814 8e4485347e +Author: tlaurion +Date: Wed Dec 30 13:04:50 2020 -0500 + + Merge pull request #938 from tlaurion/revert-coreboot_musl-cross-make + + coreboot: revert building coreboot against musl-cross-make. + +commit 8e4485347e622b29b39f2e02f51cc6dc6f9273ca +gpg: Signature made Tue 29 Dec 2020 05:07:23 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Dec 22 16:25:09 2020 -0500 + + coreboot: revert building coreboot against musl-cross-make. + coreboot: correct $$CPUS -> $(CPUS) + +commit b06a26f814040845de39b1c1f7f471b1e3fdd01d +gpg: Signature made Tue 29 Dec 2020 04:57:35 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 46ff6c56cb 883ac669a8 +Author: tlaurion +Date: Tue Dec 29 16:57:35 2020 -0500 + + Merge pull request #932 from MrChromebox/coreboot_4.13 + + modules/coreboot: bump 4.12 build option to 4.13 + +commit e9eedc4717cbad46cd2c70074e2b39f3e7c209ab +gpg: Signature made Tue 29 Dec 2020 04:49:08 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Nov 14 23:25:26 2020 -0500 + + Upgrade busybox to 1.32 + + +CONFIG_STACK_OPTIMIZATION_386=y + +CONFIG_FLOAT_DURATION=y + +CONFIG_FEATURE_RTMINMAX_USE_LIBC_DEFINITIONS=y + +CONFIG_FEATURE_EDITING_WINCH=y + +CONFIG_BZIP2_SMALL=8 + +CONFIG_FEATURE_CP_REFLINK=y + +CONFIG_MKTEMP=y + +CONFIG_PRINTF=y + +CONFIG_SYNC=y + +CONFIG_FEATURE_SYNC_FANCY=y + +CONFIG_CMP=y + +CONFIG_DIFF=y + +CONFIG_PATCH=y + +CONFIG_FEATURE_FIND_EXECUTABLE=y + +CONFIG_FEATURE_FIND_QUIT=y + +CONFIG_FEATURE_FIND_EMPTY=y + +CONFIG_FEATURE_GPT_LABEL=y + +CONFIG_MKFS_VFAT=y + +CONFIG_DC=y + +CONFIG_FEATURE_LESS_RAW=y + +CONFIG_FEATURE_LESS_ENV=y + +CONFIG_FEATURE_NSLOOKUP_BIG=y + +CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS=y + +CONFIG_FEATURE_NTP_AUTH=y + +CONFIG_FEATURE_TFTP_HPA_COMPAT=y + +CONFIG_PIDOF=y + +CONFIG_FEATURE_PIDOF_SINGLE=y + +CONFIG_FEATURE_PIDOF_OMIT=y + +CONFIG_SHELL_ASH=y + +CONFIG_ASH_BASH_NOT_FOUND_HOOK=y + +CONFIG_FEATURE_SH_MATH_BASE=y + +CONFIG_FEATURE_SH_EMBEDDED_SCRIPTS=y + + This commit changes used compressed space from 6851524 -> 6863812. + Coherent reduction of free available space being 143768 -> 131480 before saturation. + + Net increase of 24kB for busybox binary: + + busybox 1.28 : 484kB + busybox 1.32: 508kB + + Increase of 15kB of needed BIOS region space: + + ROM's initrd.cpio.xz with busybox 1.28: 3839kB + ROM's initrd.cpio.xz with busybox 1.32: 3854kB + +commit 46ff6c56cbfd974e66d38017ec15d719bed527d3 +gpg: Signature made Mon 28 Dec 2020 09:39:46 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ba8ddd2308 2da03d2ef0 +Author: tlaurion +Date: Mon Dec 28 21:39:46 2020 -0500 + + Merge pull request #942 from tlaurion/circleci_kgpe-d16_fix + + CircleCI: seperate build error from details for KGPE-D16 (par to other boards) + +commit 2da03d2ef0a008232211b41462d5cc60be091e4c +gpg: Signature made Sun 27 Dec 2020 05:33:57 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Dec 27 17:33:57 2020 -0500 + + CircleCI: seperate build error from details for KGPE-D16 (par to other boards) + +commit ba8ddd230842dae736d25f2705fa3e1d781cf8c7 +gpg: Signature made Sun 27 Dec 2020 05:16:17 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6ed1f3ab31 d2b41c5249 +Author: tlaurion +Date: Sun Dec 27 17:16:16 2020 -0500 + + Merge pull request #941 from synackd/coreboot-cpus + + coreboot: Pass $CPUS to coreboot make target unerroneously + +commit d2b41c524925e4654cae81c5022202d20c980fe4 +gpg: Signature made Sat 26 Dec 2020 04:38:05 PM EST +gpg: using RSA key 07609BDE4C8AEAB90F6EFCA94CA7B2A5D5C92A9C +gpg: Can't check signature: No public key +Author: Devon Bautista +Date: Sat Dec 26 13:37:36 2020 -0800 + + modules/coreboot: $$CPUS --> $(CPUS) + +commit 6ed1f3ab3188fc60d3cefbb01835b65196f3e065 +gpg: Signature made Sat 26 Dec 2020 04:13:49 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a81ae6ed5b b85dadee76 +Author: tlaurion +Date: Sat Dec 26 16:13:49 2020 -0500 + + Merge pull request #940 from synackd/qemu-linuxboot-cpus + + linuxboot: Pass $CPUS to edk2/OvmfPkg/build.sh unerroneously + +commit b85dadee76d35e851eb6a4828dd0c5a132c96a5f +gpg: Signature made Sat 26 Dec 2020 03:19:14 PM EST +gpg: using RSA key 07609BDE4C8AEAB90F6EFCA94CA7B2A5D5C92A9C +gpg: Can't check signature: No public key +Author: Devon Bautista +Date: Wed Dec 23 14:30:38 2020 -0800 + + modules/linuxboot: $$CPUS --> $(CPUS) + +commit 883ac669a8735273ebed39dfdf55698af31db7b9 +gpg: Signature made Mon 14 Dec 2020 10:03:32 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Dec 3 19:15:15 2020 -0600 + + modules/coreboot: bump 4.12 build option to 4.13 + + - update module hash and blobs hash + - drop patches no longer needed; migrate those that remain + - adjust Librem Mini/Mini v2 board configs + + Signed-off-by: Matt DeVillier + +commit a81ae6ed5b7068b6b5752f6856fa29e69e7a6bdd +gpg: Signature made Sun 13 Dec 2020 12:22:15 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 0f1f547eb1 bead24c4eb +Author: tlaurion +Date: Sun Dec 13 12:22:15 2020 -0500 + + Merge pull request #930 from tlaurion/xx20_hotp_fix + + xx20-hotp-maximized: forgot to fix path to initrd, failed under CI. + +commit bead24c4eb2bf4e664b51e5082dc24b39fed55ea +gpg: Signature made Sun 13 Dec 2020 12:17:15 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Dec 13 12:16:58 2020 -0500 + + xx20-hotp-maximized: forgot to fix path to initrd, failed under CI. + +commit 0f1f547eb13ebe90a5fe68f3637db9ab7ec43df0 +gpg: Signature made Sun 13 Dec 2020 11:36:22 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 671522eff4 164d991a69 +Author: tlaurion +Date: Sun Dec 13 11:36:22 2020 -0500 + + Merge pull request #928 from tlaurion/xx20_boards_correction + + (WiP) xx20 boards: add xx20-hotp-maximized & remove HOTP and NITROCLI support from xxx0-maximized boards + +commit 164d991a6921d3ede213be002faded4d2be535c1 +gpg: Signature made Sat 12 Dec 2020 10:11:20 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Dec 12 22:11:20 2020 -0500 + + xx30 boards: remove NKSTORECLI from all boards. Par with xx20. + +commit 16488fb21ac77e744a62aa376a68fe10e06ebebd +gpg: Signature made Sat 12 Dec 2020 12:44:08 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Dec 12 12:31:25 2020 -0500 + + xx20 boards: add xx20-hotp-maximized boards, remove hotp support from xx20-boards. Modify CircleCI conf accordingly. + +commit 64b1712e78204d19da00e91239ae4a364f4214f3 +gpg: Signature made Thu 10 Dec 2020 10:33:21 AM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Thu Dec 10 10:32:48 2020 -0500 + + oem-factory-reset: set default KEY_LENGTH to 3072 and change expectation management message to console (Fixes #919) + +commit 671522eff43bbf87e3112ed0075f29fbf1a391fe +gpg: Signature made Thu 03 Dec 2020 04:39:36 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1661e5dcb0 75e11cbb8d +Author: tlaurion +Date: Thu Dec 3 16:39:36 2020 -0500 + + Merge pull request #912 from Thrilleratplay/xx20_blobs_extraction_fix + + xx20-maximized t420 and x220 boards addition (ME downloaded from Lenovo and cleaned per @Thrilleratplay me_cleaner adaptation) + +commit 75e11cbb8d67bcfface1c2061767efc30cfca866 +Author: Tom Hiller +Date: Wed Dec 2 19:37:34 2020 -0500 + + circleci: add xx20 maximized builds + +commit 5b898e369c322892a798cc9d180f5a609d8ea5c9 +Author: Tom Hiller +Date: Wed Dec 2 19:33:18 2020 -0500 + + boards: add t420-maximized + +commit d7ccd87d490495f7a3017a40a55f7f1cfbe23071 +Author: Tom Hiller +Date: Wed Dec 2 19:33:03 2020 -0500 + + boards: add x220-maximized + +commit 646ddee74874c584ad09bcd699593716006f751c +Author: Tom Hiller +Date: Fri Nov 27 22:31:53 2020 -0500 + + blobs: add blobs/xx20 + +commit 1661e5dcb07a061317581187b15ae553ad8fc3df +gpg: Signature made Wed 02 Dec 2020 06:23:55 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 014e59210d 572f5b3414 +Author: tlaurion +Date: Wed Dec 2 18:23:55 2020 -0500 + + Merge pull request #867 from Tonux599/kgpe-d16_411_measured-boot + + KGPE-D16 Coreboot 4.11 + Measured Boot + +commit 014e59210d72fc9577eb31540fabf87d83e7f92a +gpg: Signature made Wed 02 Dec 2020 06:20:39 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4d570523f8 e31d6dcb8e +Author: tlaurion +Date: Wed Dec 2 18:20:39 2020 -0500 + + Merge pull request #906 from Nitrokey/gpg-default-keylength + + Default to 4096 bit for OEM factory reset (fixes #831) + +commit 4d570523f8231b7540302d7824fdd16be8785ddf +gpg: Signature made Wed 02 Dec 2020 06:04:55 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 05e212d9bf fbd38155d9 +Author: tlaurion +Date: Wed Dec 2 18:04:55 2020 -0500 + + Merge pull request #908 from osresearch/pr/non-coreboot-builds + + non-coreboot-builds: do not error if CONFIG_COREBOOT_VERSION is not set + +commit 05e212d9bff26ac96a76d9db05c384c459bc647c +gpg: Signature made Wed 02 Dec 2020 05:40:05 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 36c04f19e4 1b0a9c4c22 +Author: tlaurion +Date: Wed Dec 2 17:40:05 2020 -0500 + + Merge pull request #917 from tlaurion/quick_typo_fixes + + xx30-*-maximized boards: typo fix in comments expend -> expand + +commit 1b0a9c4c22391be553fabc4e71e9a196ef52586a +gpg: Signature made Wed 02 Dec 2020 05:35:10 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Dec 2 17:35:10 2020 -0500 + + xx30-*-maximized boards: typo fix in comments expend -> expand + +commit 36c04f19e468991176e65c4c6755373115bcaa4b +gpg: Signature made Wed 02 Dec 2020 05:01:44 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Wed Dec 2 17:01:44 2020 -0500 + + Add xx30-maximized and xx30-hotp-maximized boards (11.5mb flashable BIOS regions, reproducible me.bin and generated gbe.bin and totally externally and internally flashable roms) (#703) + + * xx30-*-maximized: update flashrom options removing --ifd bios option, keeping whole flash of rom internally. WARNING: ifd needs to be initially unlocked through ifdtool -u on 8mb bottom SPI backup. YOU CANNOT COME FROM 1VYRAIN. IF COMING FROM SKULLS, YOU MUST HAVE RAN OPTIONAL -u OPTION FROM SKULLS. PLEASE UPGRADE ONLY AFTER HAVING A PHYSICAL BACKUP OF BOTH SPI FLASH CHIPS. MORE INFORMATION UNDER https://github.com/osresearch/heads/pull/703. This will guarantee that future flash of produced rom will reflash the ROM totally, where heads make sure of adding users customizations (public key, /etc/config.user) when internally flashed. Unfortunately, if you flash externally, you will have to reinject your public key and readd /etc/config customizations. + + * Adding generated bincfg coreboot 4.8.1 patch (merged under coreboot 4.13 and backported here to 4.8.1), resulting in gbe.bin under blobs/xx30/gbe.bin and instructions to replicate in README prior of automation (under repo). Note that MAC under gbe.bin is fixed to DE:AD:C0:FF:EE unless extract.sh script is ran on external backup to keep current user's MAC (Thanks to @Thrilleratplay's contribution!) + + * xx30 blobs: add two blobs management scripts for xx30: extract from local backup/download+neuter ME + extract.sh: extract from external backup: gbe.bin, neuter under me.bin and maximize BIOS+reduce ME regions under unlocked ifd.bin. + download_clean_me.sh: download and verify Lenovo latest ME version from website, and drop me.bin in place. + Note: me.bin is 98kb, containing only BUP and ROMP partitions which cannot be modified nor deleted else computer won't boot. As a result, BIOS region is maximized in ifd.bin to 11.5mb and coreboot config takes advantage of that freed space. + + * CircleCI: xx30-*-maximized additional step to call download_clean_me.sh prior of building boards so that me.bin is dopped in place. This should be done by users prior of building xx30-*-maximized boards locally, which is imitated in CircleCI builds (look at .circleci/config.yaml for innoextract host added dependency and board buildings. Results on github for each commit). + +commit 572f5b341497785c700be8ecb16debfd189e83ff +gpg: Signature made Wed 02 Dec 2020 10:56:42 AM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Mon Oct 26 18:14:03 2020 +0000 + + On KGPE-D16 boards, ensure linux-kgpe-d16*.config are up-to-date by: + cp config/linux.. ./build/linux*/.config + cd build/linux* + make savedefconfig + cp defconfig ../../config/linux.. + + Resulting in only linux-kgpe-d16_workstation.config being updated. + + For KGPE-D16 workstation boards: + Remove `console=tty0` from `CONFIG_BOOT_KERNEL_ADD` as was blocking Qubes graphical installer (CLI installer was launched). + Comment out `export CONFIG_BOOT_KERNEL_REMOVE="plymouth.ignore-serial-consoles"` to provide a more desktop like experience. + + Removed 0001-cpu-x86-smm-Use-PRIxPTR-to-print-uintptr_t.patch as already exists as 0000-cpu-x86-smm-Use-PRIxPTR-to-print-uintptr_t.patch + + Added 0020-kgpe-d16_measured-boot-support.patch for coreboot 4.11 + + Fix TPM errors when microcode is measured by initialising TPM earlier and loading the microcode later. + Thanks to Michał Żygowski for condition suggestion: `if (CONFIG(MEASURED_BOOT) && CONFIG(LPC_TPM) && boot_cpu())` + + Locate bootblock location and size with CBFS API. Credit to: Michał Żygowski + +commit 9f751f11feea0506bd50595738a90f63d0e9b141 +gpg: Signature made Wed 02 Dec 2020 10:56:42 AM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thierry Laurion +Date: Sun Oct 25 12:26:46 2020 -0400 + + KGPE-D16: fix coreboot config to have LOCAL_VERSION injected since not defined, describe better board configs applications + +commit 6bd3f815e4897d263e243821102fd24d7d27b049 +gpg: Signature made Wed 02 Dec 2020 10:56:41 AM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thomas Clarke +Date: Tue Sep 22 23:54:57 2020 +0100 + + Better vboot-rwa.fmd for KGPE-D16. + + Bring patches/coreboot-4.11 on par with master + + Removed patches/coreboot-4.11/0020-kgpe-d16-vboot.patch + Removed Vboot options from KGPE-D16 coreboot configs + + Enabled TPM in kgpe-d16 board configs + Enabled measured boot in kgpe-d16 coreboot configs. + + Added support for video cards that require nouveau, radeon and amdgpu drivers in linux-kgpe-d16_workstation.config + + `nouveau.config=NvForcePost=1` to be added to kexec'd kernels for better Nvidia card support. + +commit bac1d54bde578c6f76418bca8c4d2e8ae9e8a655 +gpg: Signature made Wed 02 Dec 2020 10:56:34 AM EST +gpg: using RSA key E8ACBC6CFCCA7A99779FB69127B829528903C906 +gpg: Good signature from "Thomas Clarke (git signing key) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: E8AC BC6C FCCA 7A99 779F B691 27B8 2952 8903 C906 +Author: Thierry Laurion +Date: Tue Oct 23 08:43:36 2018 -0400 + + Activate dual console by default and restructure board config + + Changing CONFIG_USB_BOOT_DEV to sdc1, adding back CONFIG_BOOT_STATIC_IP to 192.168.2.3, adding dual console to OpenBMC and tty0 in attempt to have QubesOS graphic installer which complains with no networking when attempting to start VNC + + Adding dual console to OpenBmc and tty0 + + putting kgpe-d16-coreboot.conf in defconfig format + + NO_HZ wasn't included in kernel config. Adding it. + + Wasn't able to have both console firing up QubesOS gui installer, complaining about hvc1 console errors. Splitting up Workstation and server config. This one works for Worstation + + Removing serial configuration and static IP stuff since we have a workstation here. + + Seperate Workstation and Server board configurations until dual console truely works through QubesOS gui installation. kgpe-d16 board config removed until then. + + Placing files in good directories + + Corrrect flashrom options for kgpe-d16 server and workstation boards + + kgpe-d16 linux: NO_HZ_IDLE instead of NO_HZ + + kgpe-d16: seperate board for workstation to be AST and gui-init based, while kgpe-d16-> kgpe-d16_server + + kgpe-d16_server: boots, shows ASpeed text on VGA, controllable through BMC via SSH. + + kgpe-d16_workstation on ASpeed console. WIP. (Includes CIs configs to build server and workstation) + + kgpe-d16_workstation in defconfig format + + kgpe-d16 boards: pass from GPG to GPG2 board definitions + + kgpe-d16_workstation : Adding Cairo and FbWhpitail in board config for gui-init to work in FB mode + + kgpe-d16: removing plymouth.ignore-serial-consoles to fix server terminal output + + kgpe-d16: bring par with staging branch https://gitlab.com/tlaurion/heads/commits/kgpe-d16_staging + + kgpe-d16 : expressively export CONFIG_TPM=n + + kgpe-d16_wokstation gui-init variables were missing + + kgpe-d16 boards: add CONFIG_LINUX_USB_COMPANION_CONTROLLER so that usb is recognized + + linux-kgpe-d16*: add support for Pike + + kgpe-d16_workstation-usb_keyboard board support addition + + kgpe-d16_server-whiptail: Add board and dependencies to have gui-init in whiptail (console mode, not FbWhiptail based + + GitlabCI: kgpe-d16 fixes and upstream merge of change + + kgpe-d16* board: add statement to fixate coreboot version to 4.8.1 for the moment + + kgpe-d16: add missing config/linux-kgpe-d16_server-whiptail.config file + + KGPE-D16: community work migration to coreboot 4.11 to fix issue #740 + + KGPE-D16 boards: Adding VBOOT+measured boot, musl-cross patch and 4.11 patch brought up per https://github.com/osresearch/heads/pull/709 + + kgpe-d16* boards: add VBOOT Kconfig patch per @miczyg1 recommendation under https://github.com/osresearch/heads/pull/795#issuecomment-671214637 + + KGPE-D16* coreboot configs: Add S3NV as a Runtime data whitelist (so that it is not measured at term) per @miczyg1 recommendation under https://github.com/osresearch/heads/pull/795#issuecomment-671214637 + + kgpe-d16 coreboot 4.11: add https://review.coreboot.org/c/coreboot/+/36908 patch + + kgpe-d16 boards: add Linux kernel version where missing. + + CircleCI: Add debug output on fail for kgpe-d16 board builds to bring par with upstream after rebasing on master + + coreboot module: typo correction (tabs vs spaces) + + CircleCI: trying to address "g++: fatal error: Killed signal terminated program cc1plus." happening under coreboot 4.11 and coreboot 4.12 builds + + CircleCI: remove past addition to test recommendation from CircleCI: "resource_class: large" + + CircleCi: Ok.... lets output dmesg content prior of other logs.... I'm out of ideas. Next step, ask CircleCI for support + + At this stage: + - job's "make --load" is supposed to guarantee that the number of thread doesn't exhaust pass of a load of 2 (medium, free class, CircleCI has 32 cores so possibility of a load of 32) + - "--max_old_space_size=4096" in CircleCI environement is supposed to limit memory consumption to 4096Mb of memory, the max of a medium class free tier CircleCI node + + CircleCI: remove verbose build (no more V=1), in case of failed build, find all logs modified in last minute and output each of them on console. + + coreboot module: implement load average respect inside of problematic CI build for coreboot 4.11+ being killed in the action (32 cores with 4Gb ram get gcc OOM) + + coreboot module: replace nproc by number of Gb actually available as number of CPUs, since each thread is expected to have 1Gb of ram. + + CircleCI & coreboot config: fix merge conflict rebasing on master + + coreboot 4.11 kgpe-d16 vboot patches addendum, credits goes to @Tonux599 + + Fix merge conflicts and make sure all boards are inside of CircleCI builds. PoC build for #867 + +commit 3512853ab08d0944182c19bd37c7a67b4ec584b8 +Author: Tom Hiller +Date: Fri Oct 23 16:15:43 2020 -0400 + + feat(busybox): set CONFIG_BASH_IS_ASH + +commit fbd38155d98f7f3c2677fbfb791368b7d7712c19 +gpg: Signature made Wed 25 Nov 2020 08:43:07 AM EST +gpg: using RSA key A6C74E341054A169CE52BE5FB65BFE540DEF86C0 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed Nov 25 14:43:07 2020 +0100 + + non-coreboot-builds: do not error if CONFIG_COREBOOT_VERSION is not set + + Signed-off-by: Trammell hudson + +commit e31d6dcb8e39fb7f4b7fce0d7524c5955d7b7616 +Author: alex-nitrokey +Date: Tue Nov 24 12:48:41 2020 +0100 + + Default to 4096 bit for OEM factory reset + +commit 7ee4a11d1b12d83baedd27ef56eda7414f2d6bbb +Author: Matt DeVillier +Date: Fri Oct 16 16:57:49 2020 -0500 + + Add new board: Purism Librem Mini v2 + + Add board config, coreboot config, Circle CI entry. + + Signed-off-by: Matt DeVillier + +commit 9d14a286f30f3f5cd7c3be95b3fd8371427010ef +Author: Matt DeVillier +Date: Fri Nov 6 12:07:57 2020 -0600 + + configs/coreboot-librem_mini: update blob paths + + Update blob paths to match submodule layout + + Signed-off-by: Matt DeVillier + +commit 1241f9714f8b90220b87601c3b3862235ede21a0 +Author: Matt DeVillier +Date: Fri Nov 6 12:01:50 2020 -0600 + + modules/purism-blobs: Update module pointer and hash + + Update purism-blobs for Librem Mini v2 release + + Signed-off-by: Matt DeVillier + +commit 85f52e7c7d09c4dc5be6205170edbfd3b05e4c1e +Author: Matt DeVillier +Date: Fri Nov 6 11:58:53 2020 -0600 + + patches/coreboot-4.12: Add support to coreboot for Librem Mini v2 + + Signed-off-by: Matt DeVillier + +commit 904b64db93196938157b87396c1a25138ef426db +Author: Matt DeVillier +Date: Fri Nov 6 11:57:23 2020 -0600 + + patches/coreboot-4.12: Add patches to update Librem Mini + + Combination of commits from upstream coreboot master backported to + coreboot 4.12 (tag) to improve performance/functionality, and + prepare for addition of Librem Mini v2. + + Signed-off-by: Matt DeVillier + +commit acd9d258b8ef5fc86cb133303cc705f237672b13 +Author: Matt DeVillier +Date: Fri Nov 6 11:55:07 2020 -0600 + + patches/coreboot-4.12: Add patch for cbmem alignment + + Cherry-pick of commit 3dea2b63eeb8f97b31571f6f0eb37f38f9967b6b + [soc/intel/common/block/systemagent/memmap.c: Align cached region] + from upstream coreboot. + + Signed-off-by: Matt DeVillier + +commit 561452508bbb8ec6c77a6f7ab11348579d5977f3 +Author: Matt DeVillier +Date: Wed Jan 22 17:34:39 2020 -0600 + + boards/librem*: enable automatic booting + + Add CONFIG_AUTO_BOOT_TIMEOUT=5 to Librem board configs, to + enable automatic booting of default boot target after successful + HOTP verifcation via a Librem Key + + Signed-off-by: Matt DeVillier + +commit 055165d61a3c312e7e03998ea832447452a86d71 +Author: Matt DeVillier +Date: Tue Jan 14 17:04:28 2020 -0600 + + gui-init: add support for auto-booting default target + + if CONFIG_AUTO_BOOT_TIMEOUT exists and is set, and if HOTP + validation was successful, then attempt to boot the default + target after CONFIG_AUTO_BOOT_TIMEOUT seconds if not interrupted + by key press + + Signed-off-by: Matt DeVillier + +commit 89c457706fdf5295ca5736aa99bdf41582d33972 +Author: Thierry Laurion +Date: Fri Nov 6 13:48:26 2020 -0500 + + coreboot configs: remove CONFIG_LOCALVERSION artifacts in conformity of https://github.com/osresearch/heads/commit/bd7a945bbbf586ceb7c83785ef36d95f0adf7a15 + +commit f445b29dbe7e15caccfc0ddc622ba2b9e7c0b1cb +Author: Matt DeVillier +Date: Fri Nov 6 13:21:35 2020 -0600 + + kexec-sign-config: fix args to `getopts` + + The -u arg does not take a parameter, so remove the trailing colon. + + Fixes /boot hashes not being updated when update_checksums() is called. + + Signed-off-by: Matt DeVillier + +commit b94edd1d6c08ccdc6c918d7958895fcb2821a0a5 +Author: Thierry Laurion +Date: Wed Nov 4 17:23:39 2020 -0500 + + qemu-coreboot-fbwhiptail board: coreboot config CBFS region upgraded to 7.5mb to not fail CI + +commit 3f3d24db6bf51eb18118f8d55b7782061f8d809e +Author: amaloteaux +Date: Tue Nov 3 19:30:51 2020 +0100 + + fix t420 flashrom options + +commit 9395f91d021800f13c52991eca658b5c3d55088b +Author: Thierry Laurion +Date: Mon Nov 2 17:41:36 2020 -0500 + + CircleCI seperation of main failed error and detailed logs of last minute + qemu-coreboot-fbwhiptail board addition + +commit fb60f2f32e0f15967393db337f741dbe0ac49eea +gpg: Signature made Sun 01 Nov 2020 10:55:04 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e7faac20db b055a3be1c +Author: tlaurion +Date: Sun Nov 1 22:55:04 2020 -0500 + + Merge pull request #882 from Thrilleratplay/master + + fix(config-qemu-fbwhiptail): update CONFIG_CBFS_SIZE + +commit b055a3be1cc1635dd4688257193d15abd5be181b +Author: Tom Hiller +Date: Sun Nov 1 15:38:38 2020 -0500 + + fix(config-qemu-fbwhiptail): update CONFIG_CBFS_SIZE + +commit 057cc3c377b26a7a189c8d13e80e29626d2e9ccd +Author: HardenedVault +Date: Thu Oct 22 13:16:00 2020 +0200 + + [WIP] cross build json-c and cryptsetup + +commit 209c9778ad968d9f6e6b5255d5fe28c94e803e33 +Author: HardenedVault +Date: Wed Oct 21 16:04:00 2020 +0200 + + Use -isystem instead of -I to introduce header files of target system + + If using -I to introduce header files, the elf.h in the target system + instead of elf.h shipped with kexec-tools will be included, making its + building process failed. + +commit e7faac20dba36efc1ad91dee141dbde4a86d536a +Author: Matt DeVillier +Date: Fri Oct 23 18:38:30 2020 -0500 + + oem-factory-reset: Allow use without an installed OS + + If an installed OS is not detected, then skip setting the + default boot device or generating /boot checksums. + + Signed-off-by: Matt DeVillier + +commit 1fc123df4a7c46acaf16edee714d2f0f73d723cd +Author: Matt DeVillier +Date: Fri Oct 23 18:35:39 2020 -0500 + + gui-init: improve handling of blank/missing disk + + Check for presence of CONFIG_BOOT_DEV, and if missing or + unable to be mounted, present the user with a menu offering the + option to select another disk, boot from USB, continue to + main menu, or drop to a recovery shell. + + Signed-off-by: Matt DeVillier + +commit 6a3bb5897af350de72adf89ff643176656f7f257 +Author: Matt DeVillier +Date: Fri Oct 23 18:07:34 2020 -0500 + + Drop duplicate board-specific background color configs + + Set and export currently-used defaults in gui-init, but still + allow for inidividual boards to override via config if desired. + + Signed-off-by: Matt DeVillier + +commit 95442dccd437d0562f547cdb952363d127629702 +Author: Matt DeVillier +Date: Fri Oct 23 17:01:54 2020 -0500 + + flash-gui: improve readability of ROM filename + + Strip the path prefix from the ROM filename, and place on own + line to prevent truncation with long filenames / narrow screens. + + Signed-off-by: Matt DeVillier + +commit 755e9787a76fa2c3a511ceaa591a3ccadd7ceb51 +Author: Matt DeVillier +Date: Fri Oct 23 17:20:00 2020 -0500 + + gui-init: add board name, kernel version to System Info + + Signed-off-by: Matt DeVillier + +commit 6df281813f11add95827727c5d3916ec1a880a04 +Author: Matt DeVillier +Date: Fri Oct 23 17:18:20 2020 -0500 + + Specify 'friendly' board name vs overriding CONFIG_BOOT_GUI_MENU_NAME + + This will allow it to be used elsewhere within the UI. + Rename CONFIG_BOOT_GUI_MENU_NAME to better indicate use/function. + + Signed-off-by: Matt DeVillier + +commit 8b3b8cedb5ddf710b2c04428dd21fa12853d1092 +Author: Matt DeVillier +Date: Tue Aug 4 15:52:18 2020 -0500 + + gui_init: use consistent notation for main menu + + sed -i 's/default boot menu/main menu/g' + + Signed-off-by: Matt DeVillier + +commit 998dc684f1258340a716e8c11d9ff70305f7c6b8 +Author: Matt DeVillier +Date: Tue Aug 4 15:55:01 2020 -0500 + + gpg_gui: use 'and' vs '+' in menu listings + + Using words is more explicit and clear here rather than symbols. + + Signed-off-by: Matt DeVillier + +commit cd6ba01429fedfa2edd004f524e772fa5dd5fe06 +Author: Matt DeVillier +Date: Mon Oct 26 10:51:13 2020 -0500 + + boards/x220: update flashrom parameters + + Force use of hardware sequencing for internal flashing to avoid + needing to specify the chip to be flashed. + + Addresses #870 + + Signed-off-by: Matt DeVillier + +commit e3519f2ecd8e396d92905317ac5151e590388b02 +gpg: Signature made Mon 26 Oct 2020 10:19:57 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Mon Oct 26 10:19:57 2020 -0400 + + WiP: gpg2 2.21 LTS upgrade (gnupg toolstack) (#860) + + * gpg2: change gpg2 toolstack to gpg2 2.21 LTS + * remove additional gpg2 unneeded configure options across gpg2 toolstack dependencies + +commit b71f3757c1a402efab134363b526a4577270862e +gpg: Signature made Sun 25 Oct 2020 01:26:08 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Sun Oct 25 00:26:08 2020 -0500 + + modules/linux: add support for building with kernel 5.4.69 (#854) + + * modules/linux: add support for building with kernel 5.4.69 + + Add support to module, port patches from 4.19.139. + Needed for newer platforms not supported by 4.19 kernel. + + Signed-off-by: Matt DeVillier + + * CircleCI: add rysnc dependency for building kernel 5.x + + Signed-off-by: Matt DeVillier + + * Migrate all Librem boards to kernel 5.x, common config + + Update linux-librem_common.config from 4.x to 5.x, and add + CONFIG items needed to support the librem_l1um (AST DRM drivers, + serial port output). + + Tested on Librem 13v4, Librem Mini, and Librem Server L1UM. + + Signed-off-by: Matt DeVillier + +commit d398a4e4401bded1dd08621cd5c5d6a5981a26f8 +gpg: Signature made Wed 21 Oct 2020 06:06:03 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Wed Oct 21 17:06:03 2020 -0500 + + configs/coreboot-librem_l1um: drop CONFIG_LOCALVERSION (#866) + + PR #859 should have included this after #858 was merged, + but was missed + + Signed-off-by: Matt DeVillier + +commit bd7a945bbbf586ceb7c83785ef36d95f0adf7a15 +gpg: Signature made Wed 21 Oct 2020 11:04:27 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Wed Oct 21 10:04:27 2020 -0500 + + Inject Heads version string into coreboot LOCALVERSION... (#859) + + * config/coreboot-*: drop CONFIG_LOCALVERSION + Will be injected as part of the build using $(HEADS_GIT_VERSION) + Signed-off-by: Matt DeVillier + + * modules/coreboot: inject $(HEADS_GIT_VERSION) as CONFIG_LOCALVERSION + Needed for fwupd to handle board updates + Signed-off-by: Matt DeVillier + + * modules/coreboot: override SMBIOS ProductName with $(BOARD) + Signed-off-by: Matt DeVillier + + * Use $(BOARD)-$(HEADS_GIT_VERSION) as basis for output filename + makes builds uniquely identifiable based on board and version. + Signed-off-by: Matt DeVillier + +commit b3d01c19629a7603c8d1884ffc21c1d386a2aaba +gpg: Signature made Wed 21 Oct 2020 10:53:28 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Wed Oct 21 10:53:28 2020 -0400 + + GitlabCI: remove .gitlab-ci.yml (backup present under .gitlab-ci.yml.deprecated) (#865) + +commit 99c309026d758b2dfecc4071194729cf4bd1839a +gpg: Signature made Tue 20 Oct 2020 07:33:42 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Tue Oct 20 19:33:42 2020 -0400 + + GitlabCI now deprecated. For details and failed experiments, see https://github.com/osresearch/heads/pull/851 (#864) + +commit 1e5a08fa785960ae7758c2b303289788783ca5f2 +gpg: Signature made Tue 20 Oct 2020 06:20:55 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Tue Oct 20 17:20:55 2020 -0500 + + Librem Mini: increase size of CBFS (#863) + + Increase size of CBFS to 0xC00000 (from 0x800000) to accomodate + newer/larger kernels. + + Update purism-blobs module so an update/modified IFD and smaller + ME blob are used. + + Signed-off-by: Matt DeVillier + +commit 30852aa2739e71ed8c2c889cae91ef3995cfe75a +gpg: Signature made Mon 19 Oct 2020 12:50:24 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Mon Oct 19 12:50:24 2020 -0400 + + xx30 boards: suspend/resume fix (#838) + + * x230-hotp-verification: revert to coreboot "CONFIG_CBFS_SIZE=0x700000" by disabling board "CONFIG_DROPBEAR=y" and "CONFIG_LINUX_E1000E" to save space per @alex-nitrokey test under #770 to fix #608 + * x230-htop-verification board: add clarifications on x230 board differences. Fixes #737 #770 #608 + * X230 board & coreboot config: Fix x230 board, removing dropbear and e1000e driver. + * t430: board and coreboot config par with x230 to circumvent CBFS linked suspend/resume issues. + +commit 09ca500d3e9be3c741cc3a668b841d22677687bb +gpg: Signature made Mon 19 Oct 2020 10:47:22 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Markus Meissner +Date: Mon Oct 19 16:47:22 2020 +0200 + + add x230-nkstorecli board config (#817) + + * add x230-nkstorecli board; + * add modules: nkstorecli, libnk, libhidapi-libusb + * version bump nkstorecli; related minor in libnk + * upd. libnk module version bump to 3.6; remove 3.5 patch + +commit 85d7e29d185da8cd83da801d11c57cc0e1849901 +gpg: Signature made Sun 18 Oct 2020 02:48:25 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Sun Oct 18 13:48:25 2020 -0500 + + Add new board: Purism Librem Server L1UM (#858) + + * modules/coreboot: add option to use coreboot 4.11 + + Port patches from coreboot 4.8.1 to 4.11: + * 0000-measure-boot -> 0001 + * 0010-cross-compiler-support + + All other patches for coreboot 4.8.1 have either already been + integrated, or are for platforms which do not need to be migrated + to coreboot 4.11 (they will move to 4.12 or newer). + + Signed-off-by: Matt DeVillier + + * patches/coreboot-4.11: Add Broadwell-DE platform patch + + Add a patch for FSP Broadwell-DE to make use of Heads' measured boot. + + Signed-off-by: Matt DeVillier + + * patches/coreboot-4.11: Add patch to read serial # from CBFS + + Will be used by multiple Librem boards. + + Signed-off-by: Matt DeVillier + + * patches/coreboot-4.11: add board support for Librem Server L1UM + + Signed-off-by: Matt DeVillier + + * Librem Server L1UM: add new board + + Add board config, coreboot config, kernel config files. + Add conditional purism-blobs dependency to coreboot-4.11 module. + + Signed-off-by: Matt DeVillier + + * flash.sh: add special handling for librem_l1um board + + Add support for persisting PCIe config via PCHSTRP9 in flash descriptor. + This is needed to support multiple variants of the L1UM server which + use the same firmware but differ in PCIe lane configuration via the + PCH straps configuration in the flash descriptor. + + Signed-off-by: Matt DeVillier + + * patches/coreboot-4.11: Add 'Use PRIxPTR to print uintptr_t' patch + + Cherry-picked from upstream coreboot (post-4.11), fixes compilation issue. + + Signed-off-by: Matt DeVillier + + * CircleCI: add target to build board librem_l1um + + Signed-off-by: Matt DeVillier + +commit 636e40456e30053e39273565f4abe5797885bfa3 +gpg: Signature made Sun 18 Oct 2020 02:46:57 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Tom Hiller +Date: Sun Oct 18 14:46:57 2020 -0400 + + fix: update chesksums of filenames with spaces (#847) + + Signed-off-by: Tom Hiller + +commit 3c24460f1a4976704d491bfd985ce0ee9fcc84ec +gpg: Signature made Sun 18 Oct 2020 10:17:34 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Sun Oct 18 09:17:34 2020 -0500 + + modules/flashrom: update to add support for Comet Lake-U (#855) + + Update to upstream flashrom (post v1.2) commit 4d3657b4: + Add support for Comet Lake-U/400-series PCH + + kgpe-d16 patch from flashrom 1.2 still applies cleanly. + + Signed-off-by: Matt DeVillier + +commit 2d53395c039ade8981051d486e42af5250a0c556 +gpg: Signature made Sun 18 Oct 2020 10:11:42 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Sun Oct 18 09:11:42 2020 -0500 + + config/coreboot-librem_15v4: set kernel video mode to 1080p (#857) + + Set the kernel video mode for the internal display to 1080p, + as the native panel resolution of 2160p is difficult to read. + + A recent update to fbwhiptail allows the GUI to make use of the + scaled resolution as well, provided it is set via kernel param. + + Signed-off-by: Matt DeVillier + +commit 5d2f6d57bf3bd5d82f167264e6a2c1945563c28a +gpg: Signature made Sat 17 Oct 2020 08:16:21 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ad8d102f8a 7baeebe9bf +Author: tlaurion +Date: Sat Oct 17 20:16:21 2020 -0400 + + Merge pull request #852 from Nitrokey/update_checksum + + Change hash files only if gpg card is present + +commit ad8d102f8a7b914b211fa46d5ff30d297fc96d1a +gpg: Signature made Fri 16 Oct 2020 10:43:56 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Fri Oct 16 21:43:56 2020 -0500 + + fbwhiptail: Fix module to specific git commit vs master (#856) + + Even though repo is stable at the moment, improves reproducibility. + + Signed-off-by: Matt DeVillier + +commit b80899f36cb90db831415dea3df139e5dd7512d4 +gpg: Signature made Fri 16 Oct 2020 03:26:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Fri Oct 16 15:26:59 2020 -0400 + + musl-cross: remove old patch artifact of the musl-cross era (#849) + + * musl-cross: remove old patch artifact of the musl-cross era + + * CircleCI: do not produce hash digest for musl-cross-make patches (artifact was for musl-cross, not musl-cross-make) + +commit 7baeebe9bf2daf7c8ee07c384ed1e195b176b012 +Author: alex-nitrokey +Date: Thu Oct 8 15:16:08 2020 +0200 + + Change hash files only if gpg card is present + + Update_checksum was already changing files in /boot, befor checking for + gpg card. If no card is present, the user will end up in the recovery + next time instead of getting the same dialog again. Therefore, the + confirm_gpg_card should be checked before altering files. + + The dead -u flag/$update_counter is used to mark the necessisty to + update the hash files now. + +commit 92e9a24902a34c4a1fa68753ec1f2500a277d9f1 +gpg: Signature made Fri 02 Oct 2020 03:12:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Fri Oct 2 14:12:59 2020 -0500 + + coreboot-4.12: Use musl-cross-make (#844) + + * patches/coreboot-4.12: add cross-compiler support patch + + Ported from coreboot-4.8.1, re-exported via `git diff` + + Signed-off-by: Matt DeVillier + + * modules/coreboot: use musl-cross-make to build + + revert toolchain bits to pre-4.12 addition + + Signed-off-by: Matt DeVillier + + * config/coreboot-librem_mini: use CONFIG_ANY_TOOLCHAIN + + Needed since coreboot 4.12 now built with musl-cross-make + + Signed-off-by: Matt DeVillier + +commit afa6753a3038eb111c31c314f0f84f1136f540dd +gpg: Signature made Wed 30 Sep 2020 04:13:15 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Wed Sep 30 15:13:15 2020 -0500 + + librem_mini-NoTPM: drop '-noTPM' suffix (#843) + + There's only one Librem Mini board, it doesn't use a TPM, + no reason to unnecesarily lengthen the board name. + + Signed-off-by: Matt DeVillier + +commit f009acb4a39efc6f3b23b2209520f4c7922ee12e +gpg: Signature made Tue 29 Sep 2020 01:25:12 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 0eb1f69216 e3c81a94f8 +Author: tlaurion +Date: Tue Sep 29 13:25:11 2020 -0400 + + Merge pull request #842 from tlaurion/CPUS_as_make_argument + + Add 'CPUS' as make BOARD=X argument + +commit e3c81a94f801e28c112db2ab919f35bb609eb441 +gpg: Signature made Fri 25 Sep 2020 04:00:07 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Sep 25 16:00:07 2020 -0400 + + CircleCI: changing order of build boards, since we want to test coreboot 4.12 built boards currently failing for lack of memory in other builds (make error 137). + +commit c47425709f169c38f1c1e8b4ddc01c04bbf84133 +gpg: Signature made Fri 25 Sep 2020 03:56:27 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Sep 25 15:56:27 2020 -0400 + + CircleCI: we pass CPUS=2 to CPUS=4 since the logic calculation for threads/memory is 1/1024Mb, CircleCI supposedly reserving 4Gb for medium (free). Build time will increase, unfortunately, when compared to nproc returning 32 cores. + +commit c74564086ca0540d2744861f7db2d8731da7ed41 +gpg: Signature made Fri 25 Sep 2020 03:52:31 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Sep 25 15:52:31 2020 -0400 + + Buildsystem: permit to pass CPUS=X to make to force a number of CPUS to be used if desired, else the default is detected in Makefile and pushed to submodules. If nothing specified, uses nproc and pass it to submodules. CircleCI forced to CPUS=2 + +commit 0eb1f692169f6b833315896f65bdc9587e52624d +gpg: Signature made Wed 16 Sep 2020 05:46:22 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Wed Sep 16 16:46:22 2020 -0500 + + functions/recovery: loop recovery shell when exited (#835) + + Currently, exiting the recovery shell results in a kernel panic, + necessitating a hard reset / power cycle. As this is less than ideal, + drop the exec and add a loop to restart the shell. + + Addresses issue #833 + + Tested under qemu-coreboot-fbwhiptail + + Signed-off-by: Matt DeVillier + +commit 53c74fa02ab5159816937898da32dc95e94d5abc +gpg: Signature made Tue 15 Sep 2020 10:51:37 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Tue Sep 15 10:51:37 2020 -0400 + + CircleCI: readd librem_mini (#832) + + * CircleCI: readd librem_mini while making sure that if a board build fails, all logfile modified in the last minute are outputted on the CircleCI console prior to really failing and exiting + + * librem_mini-NoTPM: addition of board config, distinctive coreboot config (required per Heads build system) to construct a ROM without TPM requirement. + + * librem_mini: deletion of board and coreboot relative config, keeping librem_mini-NoTPM and coreboot config only. Removed librem_mini board build under CircleCI, keeping only librem_mini-NoTPM + +commit 51fd3b3546c72bb6c144a9899897a0b197845e2c +gpg: Signature made Mon 07 Sep 2020 01:41:31 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7ce12fe621 4d7286991d +Author: tlaurion +Date: Mon Sep 7 13:41:31 2020 -0400 + + Merge pull request #829 from tlaurion/flashtools_par_upstream + + modules/flashtools: bring par to upstream flashtools. + +commit 7ce12fe621fe95a460c2c5b0038ab12ad6b3b7b0 +gpg: Signature made Mon 07 Sep 2020 08:50:01 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Nathan Rennie-Waldock +Date: Mon Sep 7 13:50:01 2020 +0100 + + Add gawk module to use if the host is running a different major version (fixes #668) (#811) + + Signed-off-by: Nathan Rennie-Waldock + +commit 4d7286991d6239f3a613ab78a6fcd4d5e00554b8 +gpg: Signature made Sun 06 Sep 2020 07:06:02 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Sep 6 19:06:02 2020 -0400 + + modules/flashtools: bring par to upstream flashtools. + +commit c096a1f54d828022a6b8b845b276345316fda63e +gpg: Signature made Fri 04 Sep 2020 10:54:38 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 843d4adb4c c7085d89c3 +Author: tlaurion +Date: Fri Sep 4 22:54:38 2020 -0400 + + Merge pull request #812 from Nitrokey/default_boot + + Remove quotes to fix use of asterisk in command + +commit 843d4adb4c4b9fdd108712a3fa5a5f8e6352621f +gpg: Signature made Fri 04 Sep 2020 02:01:47 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Patrick Rudolph <36034716+PatrickRudolph@users.noreply.github.com> +Date: Fri Sep 4 20:01:47 2020 +0200 + + blobs/*: Fix extract script (#792) + + Command returns a list of utilities found. This can happen if multiple + coreboot folders are present. + + Use only one to fix a crash in the following lines. + + Test: Being able to extract blobs when two coreboot folders are present, + both containing an IFDTOOL. + + Signed-off-by: Patrick Rudolph + +commit b2c49e8742d8f8aa2de2adaca5508ad9f0053dc8 +gpg: Signature made Thu 03 Sep 2020 10:02:16 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Thu Sep 3 22:02:16 2020 -0400 + + CircleCI: removing librem_mini board under CircleCI (#825) + + Coreboot 4.12, on which the librem_mini depends, doesn't build under debian:10 docker image as of right now. + It was building over debian:bullseye (where 4.8.1 boards didn't) which constructed a valid cache that + was reused when building #806 (https://app.circleci.com/pipelines/github/tlaurion/heads/364/workflows/df9bad8d-8ff1-40da-b8d8-1b87a05be509/jobs/392) + Consequently, more troubleshooting would need to be done under local debian:10 docker image. + +commit ef96d64d09ed7073e3afc5760ca6702fddf7b4eb +gpg: Signature made Wed 02 Sep 2020 05:25:55 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8067efc9ae cde6e24e8d +Author: tlaurion +Date: Wed Sep 2 17:25:55 2020 -0400 + + Merge pull request #821 from tlaurion/x230_t430-CBFS_fix + + xx30 boards: fixing CONFIG_CBFS_SIZE=0x710000 for x230 and t430 boards + +commit 8067efc9aecdc1cfb254528706979323ec49c12c +gpg: Signature made Wed 02 Sep 2020 02:42:55 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Wed Sep 2 14:42:55 2020 -0400 + + CircleCI: bring recent failing logs on CI output (#822) + +commit 480a2e11301127026c317909a6f37380505148a0 +gpg: Signature made Wed 02 Sep 2020 02:41:29 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Wed Sep 2 14:41:29 2020 -0400 + + modules/fbwhiptail: fixate to latest commit ID to make sure Heads commit would produce the same binary signature long term. (#820) + +commit 268fb90623a49e7645becca456365c23730cb6b1 +gpg: Signature made Wed 02 Sep 2020 02:39:37 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Wed Sep 2 13:39:37 2020 -0500 + + Add new board: Purism Librem Mini (#806) + + * patches/coreboot-4.12: Add patch for Cannonlake ME status + + Add patch print ME status regardless of enablement state + + Signed-off-by: Matt DeVillier + + * modules: add purism-blobs module + + Rather than require users to manually run a script to download the required + blobs to build Purism Librem boards, automate it so the correct version + is automatically downloaded/extracted. Restrict to coreboot 4.12 for now + since 4.8.1 still needs FSP blobs, which are not in module. + + Signed-off-by: Matt DeVillier + + * configs/linux-librem13v2: unset CONFIG_RETPOLINE + + Fixes compilation issue with newer kernels, ignored by older ones + which don't need it + + Signed-off-by: Matt DeVillier + + * Add new board: Librem Mini + + Add Librem Mini board patch for coreboot 4.12, board config and + coreboot config. Continue reusing existing librem13v2 Linux config, + same as all other Librem boards currently. Use new purism-blobs module. + + Signed-off-by: Matt DeVillier + + * board/librem*: rename for consistency + + Use 'librem_' notation for consistency across all models. + Rename linux config file since used by multiple Librem models. + + Signed-off-by: Matt DeVillier + + * CircleCI: add librem_mini board to test + + Signed-off-by: Matt DeVillier + +commit cde6e24e8da5e3b8e80d498ac7ec3d557c991e2b +gpg: Signature made Tue 01 Sep 2020 12:31:47 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue Sep 1 12:31:47 2020 -0400 + + xx30 boards: fixing CONFIG_CBFS_SIZE=0x710000 for x230 and t430 boards to fix #815 and #667 + +commit c7085d89c3f1b0a3ef36e1937e18ce0792c07247 +gpg: Signature made Wed 26 Aug 2020 07:24:04 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: issuer "alex@nitrokey.com" +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Aug 26 13:21:57 2020 +0200 + + Remove quotes to fix use of asterisk in command + + Changing the default boot was failing because remove the old entries did + not work as `rm "/some/path/*.txt"` does not work as intended, e.g. the + asterisk is no catch-all. + +commit a0753473510ec598f9db86cfb610cf61156ca5cb +gpg: Signature made Mon 24 Aug 2020 04:42:33 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Mon Aug 24 15:42:33 2020 -0500 + + kexec-parse-boot/bls: Strip boot dir from front of grub entries (#804) + + Some grub configs/bls entries contain the full paths to the + kernel/initrd files, which the parsers currently fail to handle, + causing a failed boot without any useful error being presented to the user. + + To fix this, strip the bootdir prefix from the menu entries when parsing, + should it exist. + + Test: build/boot Librem 13v2 w/F32 and bls entries containing absolute paths. + + Signed-off-by: Matt DeVillier + +commit f23ced0a3bef2b65384b1ad6668f62ed2c9be633 +gpg: Signature made Thu 20 Aug 2020 07:26:48 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: MrChromebox +Date: Thu Aug 20 18:26:48 2020 -0500 + + Support Multiple Kernel Options (#805) + + * modules/linux: Add support for multiple kernel versions + + Follow same pattern as used for coreboot. Add existing kernel version + as default for all existing boards. + + Signed-off-by: Matt DeVillier + + * modules/linux: Add option to use 4.19 LTS kernel + + Add option to use kernel 4.19.139 (current LTS version). + Duplicate existing patches from 4.14.62 as they all apply cleanly. + + Signed-off-by: Matt DeVillier + +commit b14e564ac99efd8ca75c4e1a2233792d87fe41bf +gpg: Signature made Thu 20 Aug 2020 03:15:46 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Thu Aug 20 15:15:46 2020 -0400 + + Fix CircleCI build problems (#808) + + * CircleCI: debian:10 docker based. Give possitility to override CACHE_VERSION through CircleCI when needed + * Makefile: fix #799 with implementation of @osresearch's recommended https://github.com/osresearch/heads/issues/799#issuecomment-673059028 + * modules/coreboot : indentation fix and putting version hashes together to facilitate future maintainership. + +commit 9eff5c5b7068f6c03395d537cc67b01b558e191c +gpg: Signature made Mon 17 Aug 2020 07:56:03 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c6a82a2464 5f9e59afae +Author: tlaurion +Date: Mon Aug 17 19:56:03 2020 -0400 + + Merge pull request #721 from MrChromebox/coreboot-4.12 + + Add option to build against coreboot 4.12 + +commit 5f9e59afaef7354ec6171be079c5700564fa7f0b +gpg: Signature made Thu 13 Aug 2020 10:51:22 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed May 13 15:51:12 2020 -0500 + + modules/coreboot: Add option to build with coreboot 4.12 + + Add version and hash for coreboot and coreboot-blobs modules. + Adjust to use own toolchain, fix blobs path and extraction depth. + + Test: build Librem 13v4 using both coreboot 4.8.1 and coreboot 4.12 + (after adjusting board defconfig), verify correct toolchains used to + build each, and that teh result is a bootable ROM. + + Signed-off-by: Matt DeVillier + +commit c6a82a246411f091ccebdc683da83fafd989b08a +gpg: Signature made Wed 12 Aug 2020 03:07:54 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Wed Aug 12 15:07:54 2020 -0400 + + CircleCI: mitigate issue #799 (#800) + +commit 28d3b7c89c114fccdf937f55ccce4397fa9338d1 +gpg: Signature made Tue 11 Aug 2020 05:54:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Patrick Rudolph <36034716+PatrickRudolph@users.noreply.github.com> +Date: Tue Aug 11 23:54:59 2020 +0200 + + patches/coreboot-4.8.1: Measure firmware into PCR2 (#793) + + As part of migration to coreboot 4.12, which includes measured boot + without additional patches, measure all parts of the firmware and the + payload into PCR2. + + The same is done in coreboot 4.12. This commit ensures that boards not + migrated yet will show the same behaviour. + + TODO: Update heads-wiki. + + Signed-off-by: Patrick Rudolph + +commit 63b400c73f3e1b2102a1931397232e3559d45e7b +gpg: Signature made Tue 11 Aug 2020 04:38:26 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Tue Aug 11 16:38:26 2020 -0400 + + CircleCI : specialized caches (#798) + + CircleCI: two cache save/restore mechanisms. One bound to musl-cross+patches, one for modules + patches. + + * Replacing the generic cache bound to CircleCI user to have two caches levels. One for musl-cross and its patchsets, one for all modules and their patchset being the same. So if modules changed, we use the cache for musl-cross as a fallback to economize one hour of precious build time out of two, while most of Heads changes are on the scripts and can be built on top of packages+patches cache + +commit ae9fb747594c576b3b1f42c155d0f725e9b72d90 +gpg: Signature made Thu 06 Aug 2020 04:14:01 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3aa919ade9 872a4b0488 +Author: tlaurion +Date: Thu Aug 6 16:14:01 2020 -0400 + + Merge pull request #763 from Nitrokey/storage-factoryreset + + Delete AES keys of Nitrokey Storage after reset + +commit 3aa919ade9081e37a0c87982e2d51a9ba85b4457 +gpg: Signature made Thu 06 Aug 2020 04:13:21 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 5dc65f63b6 0b970b745e +Author: tlaurion +Date: Thu Aug 6 16:13:21 2020 -0400 + + Merge pull request #791 from MrChromebox/gui_boot_tweaks + + GUI / Boot Device Tweaks + +commit 5dc65f63b6107bf3628433b5d5f49e2f3dd0f47b +gpg: Signature made Thu 06 Aug 2020 04:12:53 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 06656c4d29 c725f869e2 +Author: tlaurion +Date: Thu Aug 6 16:12:53 2020 -0400 + + Merge pull request #766 from Nitrokey/gpgexport-factoryreset + + Make gnupg pubkey export an option only in oem-factory-reset + +commit 872a4b04885c9f9abb63278599236033a74654c4 +Merge: a224c43026 06656c4d29 +Author: alex-nitrokey +Date: Wed Aug 5 11:49:18 2020 +0200 + + Merge remote-tracking branch 'upstream/master' into storage-factoryreset + +commit a224c430260f1f7c9e10aba59546d3a3bea6b8ae +Author: alex-nitrokey +Date: Wed Aug 5 11:49:06 2020 +0200 + + Add PID for Storage + +commit c725f869e210e686422cd54bc3f0c886aa0712fc +gpg: Signature made Wed 05 Aug 2020 04:49:04 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6fe409aaf3 06656c4d29 +Author: Alexander Paetzelt <36155797+alex-nitrokey@users.noreply.github.com> +Date: Wed Aug 5 10:49:04 2020 +0200 + + Merge branch 'master' into gpgexport-factoryreset + +commit 0b970b745e9239a5bf24ef3fe0bb0683a477365b +gpg: Signature made Mon 03 Aug 2020 07:49:47 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Feb 28 18:54:14 2020 -0600 + + config-gui: clean up boot device selection + + When a new /boot device is selected, wait until after + successfully mounting the newly-selected device before + updating CONFIG_BOOT_DEV. + + Also, don't assume /boot already mounted, as this can cause + a false failure and prevent mounting of the newly-selected device. + + Lastly, tidy up the error output in case mounting /boot fails. + + Signed-off-by: Matt DeVillier + +commit 0afa5994917c9e2f520caae06d6a20e30c8c8ba1 +gpg: Signature made Mon 03 Aug 2020 07:49:13 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Feb 27 14:39:13 2020 -0600 + + Fix eval of DEV_NUM_PARTITIONS + + Using 'let' in these scripts fails when evaluating to zero + for some reason, so replace with '$(())' which works as intended. + + Test: Boot device selection menu shown properly when + new/unpartitioned drive installed. + + Signed-off-by: Matt DeVillier + +commit 244de9de94a6c0302d2f9dbd4f3146e91b0155a3 +gpg: Signature made Mon 03 Aug 2020 07:48:47 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Dec 10 09:53:24 2019 -0600 + + gui-init: remove double-prompt for checksum update + + Not need to prompt the user twice for the same action + + Signed-off-by: Matt DeVillier + +commit 06656c4d29042b8df033ac8d2e7860ee7a86d64f +gpg: Signature made Sat 01 Aug 2020 03:55:53 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 116787fd03 5d641ee5b1 +Author: tlaurion +Date: Sat Aug 1 15:55:53 2020 -0400 + + Merge pull request #787 from MrChromebox/guard_tpm_reset + + gui-init: Guard TPM reset function with CONFIG_TPM + +commit 116787fd03436909f2fe81032895f1d70098a60a +gpg: Signature made Sat 01 Aug 2020 03:52:57 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fb98d0e3e0 83cac9ed14 +Author: tlaurion +Date: Sat Aug 1 15:52:57 2020 -0400 + + Merge pull request #788 from Nitrokey/kexec-debian + + Fix kexec to work with Debian Installer (fixes #699) + +commit fb98d0e3e0fca97fffce7fe9356fd99076fa5278 +gpg: Signature made Sat 01 Aug 2020 03:25:29 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3c551cc249 d6292015a1 +Author: tlaurion +Date: Sat Aug 1 15:25:29 2020 -0400 + + Merge pull request #786 from MrChromebox/drop_hotp_patch + + modules/hotp-verification: Update and drop patch + +commit 83cac9ed14382c07cbacd7b00a45c47407c086ac +gpg: Signature made Thu 30 Jul 2020 04:11:07 PM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: issuer "alex@nitrokey.com" +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jul 30 22:08:13 2020 +0200 + + Fix kexec to work with Debian Installer (fixes #699) + + This patch was reported by @bemoody in issue #699 + + Tested via `BOARD=x230-hotp-verification` on a Thinkpad x230 + + Signed-off-by: alex-nitrokey + +commit 5d641ee5b17499e774fbb4ddaf1eaa0741c69095 +gpg: Signature made Thu 30 Jul 2020 03:47:05 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Jul 23 19:54:53 2020 -0500 + + gui-init: Guard TPM reset function with CONFIG_TPM + + Attempting to reset the TPM when once isn't present causes a kernel + panic, so let's not allow users to do that. + + Test: verify 'No TPM Detected' shown on Librem Mini when Reset TPM + option selected from menu. + + Signed-off-by: Matt DeVillier + +commit 3c551cc249e4cba4207409c735e43f07aa1f0daa +gpg: Signature made Thu 30 Jul 2020 03:42:08 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 624faa1a9d 97143953e8 +Author: tlaurion +Date: Thu Jul 30 15:42:08 2020 -0400 + + Merge pull request #784 from MrChromebox/default_boot_fixes + + Fix OEM factory reset and setting of default boot with F32 + +commit d6292015a14680cbb3ecbb7b3b20080d285bd574 +gpg: Signature made Thu 30 Jul 2020 03:28:21 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Jul 30 14:26:59 2020 -0500 + + modules/hotp-verification: Update and drop patch + + Update to nitrokey-hotp-verification master (c0956cf) and drop + existing patch which is no longer needed. + + Test: clean build for Librem 13v2 + + Signed-off-by: Matt DeVillier + +commit 624faa1a9d9c7794927757ff49fbb567d6d031fb +gpg: Signature made Thu 30 Jul 2020 01:54:25 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b9f487aa36 2dbe6c9d3b +Author: tlaurion +Date: Thu Jul 30 13:54:25 2020 -0400 + + Merge pull request #778 from MrChromebox/usb_gui_tweaks + + USB / GUI Tweaks + +commit b9f487aa36017d5ea30f96b44967380d02480a5d +gpg: Signature made Thu 30 Jul 2020 01:54:15 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fbbdf67c57 c2c45dae0e +Author: tlaurion +Date: Thu Jul 30 13:54:15 2020 -0400 + + Merge pull request #779 from MrChromebox/pwd_fix + + Encapsulate changes to working directory inside subshells + +commit 97143953e8705c02403af3e45923838dac9f9251 +gpg: Signature made Wed 29 Jul 2020 01:24:11 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 28 22:26:20 2020 -0500 + + Fix check for valid boot options + + -r will always succeed since the file will be generated regardless + of number of boot entries found. Use -s instead to check for zero + file size. + + Signed-off-by: Matt DeVillier + +commit 4c64ca631a1edee6f89e6182b6827760391c6829 +gpg: Signature made Wed 29 Jul 2020 01:24:01 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Jul 29 00:18:57 2020 -0500 + + oem-factory-reset: Fix index used for default boot option + + Since we sort the boot options prior to selecting the new default entry, + we need to use the index of the entry in the list prior to being sorted, + vs always setting it as 1. This fixes setting/booting of the default + OS target where the list entries are changed when calling sort. + + Test: perform OEM factory reset with Fedora 32 installed, verify + default boot succeeds followng reset. + + Signed-off-by: Matt DeVillier + +commit 009c10465a8eb7d77b01129193c3e58d55b48e43 +gpg: Signature made Wed 29 Jul 2020 01:23:50 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 28 22:24:32 2020 -0500 + + oem-factory-reset: Parse BLS format grub files + + The same grub parsing logic used in kexec-select-boot should + be used here as well, so copy it over. + + Test: oem-factory-reset succeeds with Fedora 32 installed. + + Signed-off-by: Matt DeVillier + +commit fbbdf67c57a391aa21efe575fcee1ec82f1a7517 +gpg: Signature made Tue 28 Jul 2020 09:49:58 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1d6460a3cd 302f044e8e +Author: tlaurion +Date: Tue Jul 28 09:49:58 2020 -0400 + + Merge pull request #783 from MrChromebox/fix_hotp_verification + + patches: Add patch to fix hotp-verification + +commit 302f044e8eccf91a213fbf75f14b90f974ecf993 +gpg: Signature made Tue 28 Jul 2020 02:21:04 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 27 20:40:41 2020 -0500 + + patches: Add patch to fix hotp-verification + + Commit 7ea13ee0 made some significant changes to Librem/Nitrokey + verification which broke both compilation and calls to hotp_initialize. + Fix them via a patch until it's fixed upstream. + + Signed-off-by: Matt DeVillier + +commit 1d6460a3cd4b08b5dc73733af1d83c52461719d5 +gpg: Signature made Sat 25 Jul 2020 10:56:53 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c89f67077c efe30b72bf +Author: tlaurion +Date: Sat Jul 25 22:56:53 2020 -0400 + + Merge pull request #774 from MrChromebox/update_lk_hotp_verification + + modules/hotp-verification: update to upstream master + +commit c89f67077c48e8b96fada140be37ad2c2bb77208 +gpg: Signature made Sat 25 Jul 2020 10:54:44 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7ea13ee000 a89d5a2780 +Author: tlaurion +Date: Sat Jul 25 22:54:44 2020 -0400 + + Merge pull request #781 from MrChromebox/fix_hotp_id + + seal-hotp: Fix HOTP key identification + +commit a89d5a278021183d828263a3595b819700d4b071 +gpg: Signature made Fri 24 Jul 2020 01:46:38 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 24 00:11:33 2020 -0500 + + seal-hotp: Fix HOTP key identification + + With current implementation, Librem Keys with VID 0x316d are + not identified properly; correct the if/else logic to resolve. + + Signed-off-by: Matt DeVillier + +commit efe30b72bf2849c087bb0faaae9ab48ba8278086 +gpg: Signature made Thu 23 Jul 2020 09:00:12 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 7 17:45:18 2020 -0500 + + modules/hotp-verification: update to upstream master + + Update hotp-verification to Nitrokey upstream commit 03a198c4. + + Test: build/boot Librem 13v4, verify Librem key verification functional. + + Signed-off-by: Matt DeVillier + +commit 7ea13ee0005b9f193e3d0fe45cbba034f88a9bab +gpg: Signature made Thu 23 Jul 2020 03:05:13 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d5262f11d4 d472c43c79 +Author: tlaurion +Date: Thu Jul 23 15:05:13 2020 -0400 + + Merge pull request #761 from Nitrokey/hotp-neutral + + Fix branding issue with HOTP USB Security Dongles + +commit 2dbe6c9d3b4f77bc637d7d729e8ae6c9c609c46b +gpg: Signature made Tue 21 Jul 2020 10:48:03 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 10 18:09:05 2020 -0500 + + gui-init: Improve readability of checksum dialogs + + Add a linebreak before showing list of files with changed + checksums. Fix text truncation on checksum update prompt. + + Signed-off-by: Matt DeVillier + +commit 5005c9295317aedc3783d7e40df7961f072db9ac +gpg: Signature made Tue 21 Jul 2020 10:47:56 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 10 17:29:43 2020 -0500 + + oem-factory-reset: Improve readability of error output + + Use fold to wrap long lines. Don't show pubkey filename if not needed. + + Signed-off-by: Matt DeVillier + +commit ffedd3ac11a332927dd6fc12849a7a1e8666f7fb +gpg: Signature made Tue 21 Jul 2020 10:47:52 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 10 17:28:26 2020 -0500 + + configs/busybox: include 'fold' utility + + Will be used to wrap long error messages so not truncated + when shown in fbwhiptail dialogs. + + Signed-off-by: Matt DeVillier + +commit d6ea02d7d5db2084a6ecee4f2f4405f354c327fa +gpg: Signature made Tue 21 Jul 2020 10:47:48 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 10 16:53:10 2020 -0500 + + flash-gui: Improve readability of prompts + + Adjust text on GUI dialogs to prevent filenames from being truncated + and to improve clarity/readability. + + Signed-off-by: Matt DeVillier + +commit ba4fcefceaeb8762fbabb060c1a13e731de020c5 +gpg: Signature made Tue 21 Jul 2020 10:47:00 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 10 13:00:13 2020 -0500 + + usb-scan/mount: Improve USB handling + + Currently, /media is mounted once per boot, which causes issues + if a user need to change USB sticks, or unknowning performs an + operation that mounts /media and then needs to access a different + USB stick later (eg, updating the firmware). + + To mitigate this, always unmount /media if mounted before scanning + for USB devices, so the user can choose the correct device at the + time of its use. + + Additionally, add a unique exit code for user abort so we're not + treating it the same as a failure, and use it to prevent unnecessary + GUI prompts when cancelling selection of a USB device. + + Signed-off-by: Matt DeVillier + +commit d5262f11d4eff9a6bb2fce6ccb3cd69ed1f37793 +gpg: Signature made Sat 18 Jul 2020 10:33:03 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9719510f39 84b2f9b540 +Author: tlaurion +Date: Sat Jul 18 22:33:03 2020 -0400 + + Merge pull request #759 from Nitrokey/usb_label + + Add partition Label to list of mount-usb + +commit d472c43c7916e318407e028d54a6087f04508dcc +gpg: Signature made Wed 15 Jul 2020 03:49:02 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: issuer "alex@nitrokey.com" +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: Alexander Paetzelt +Date: Wed Jul 15 09:35:47 2020 +0200 + + Fix quoting of variable + +commit c2c45dae0eddba1eb1fcca40d0a2e1d5137464ce +gpg: Signature made Mon 13 Jul 2020 06:30:02 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 13 17:22:40 2020 -0500 + + Encapsulate changes to working directory inside subshells + + For the handful of operations which need to be done with /boot + as the pwd, encapsulate them in subshells to ensure the pwd + doesn't unexpectedly change for other operations, as functions + which need to mount/unmount /boot may fail if the pwd isn't root. + + Also, set the pwd to root at the start of detect_boot_device as an + added safety measure. + + Test: run oem-factory-reset function, ensure it doesn't fail to + detect boot device due to incorrect working directory. + + Signed-off-by: Matt DeVillier + +commit 9719510f395bcb54efc6b01d309184ba637e6f29 +gpg: Signature made Sun 12 Jul 2020 11:51:15 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 268d9d64ac 5f067ea908 +Author: tlaurion +Date: Sun Jul 12 11:51:15 2020 -0400 + + Merge pull request #776 from tlaurion/coreboot_481 + + coreboot: 4.8.1 fixed in Makefile, coreboot module and board configs + +commit f7c4cae903af099ec8ed0b64c75b69dc878f44d2 +gpg: Signature made Fri 10 Jul 2020 06:37:10 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 10 12:58:32 2020 -0500 + + *gui.sh: move common ops to gui_functions + + Move code duplicated across several GUI scripts into a common + gui_functions file and include/use that. + + Signed-off-by: Matt DeVillier + +commit 5f067ea908c1c22855801bfe4d9ee4f07739241e +gpg: Signature made Fri 10 Jul 2020 12:37:15 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri Jul 10 09:44:01 2020 -0400 + + coreboot: 4.8.1 fixed in Makefile, coreboot module and board configs (coreboot_481) to facilitate newer coreboot version integration and testing without breaking old fixed boards + +commit 268d9d64ac6b198b6a66f85299a638092762c8d5 +gpg: Signature made Fri 10 Jul 2020 10:07:25 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 54cb664ffc 5cb45bbc99 +Author: tlaurion +Date: Fri Jul 10 10:07:25 2020 -0400 + + Merge pull request #773 from MrChromebox/revert_gpg_toolstack + + Revert "upgrade gpg toolstack to latest versions" + +commit 5cb45bbc9906aeef6e0d1f78eced0b00d31ad8b1 +gpg: Signature made Tue 07 Jul 2020 06:51:44 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 7 17:03:48 2020 -0500 + + Revert "upgrade gpg toolstack to latest versions" + + This reverts commit 972c25de7df9cf797fd211bc795fe057462a6432. + + This commit broke OEM factory reset functionality, so revert it + until the issue can be properly diagnosed. + + Signed-off-by: Matt DeVillier + +commit 6fe409aaf34fb689d7f72e5040e5a8ec47ef4215 +Author: Alexander Paetzelt +Date: Tue Jul 7 11:16:18 2020 +0200 + + Still need the exported pubkey file + +commit 43971dc029ddbdb2e89339a8ecf8e9ae387f41af +Author: Alexander Paetzelt +Date: Tue Jul 7 10:32:22 2020 +0200 + + Make export to USB drive an option + +commit 54cb664ffc676a239b3bcaa1a2a0ebeb8d64f494 +gpg: Signature made Wed 01 Jul 2020 03:03:10 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8dc5b7616a cdbd0fcf2a +Author: tlaurion +Date: Wed Jul 1 15:03:10 2020 -0400 + + Merge pull request #767 from MrChromebox/sysinfo_fixes + + gui-init: Fix RAM and firmware version strings + +commit cdbd0fcf2ab65f083ab949d127283e3c016ae3a0 +gpg: Signature made Wed 01 Jul 2020 02:42:12 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Jul 1 11:44:40 2020 -0500 + + gui-init: Fix RAM and firmware version strings + + Show RAM in GB, since the calculation in MB is imprecise as + it excludes RAM allocated for GPU (eg). + + Fix display of firmware version strings which contain spaces by + adjusting cut and simply chopping off the date at the end, which + is a fixed 10-char length. + + Signed-off-by: Matt DeVillier + +commit 19cd15cf969b16f1458b38046af405d4b589e28d +gpg: Signature made Tue 30 Jun 2020 01:18:20 PM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Tue Jun 30 19:16:10 2020 +0200 + + Remove gnupg pubkey export in oem-factory-reset + + Since #758 is merged, users have a option to export GnuPG pubkey if + necessary. Thus, we they do not need to insert a USB drive during + factory reset. Until now the whole process failed just because a user + did not provide a USB drive instead. + + This shall be fixed by this commit + +commit 30236ffbaaea83acadaf10f3337376a0affa22fc +gpg: Signature made Tue 30 Jun 2020 12:34:42 PM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Tue Jun 30 18:29:42 2020 +0200 + + Delete AES keys of Nitrokey Storage after reset + + If smartcard Nitrokey Storage was factory-reset, we delete AES keys on + it as well. + + Explaination: After oem-factory-reset was started the AES on the Nitrokey Storage that is used for the encrypted volume and the password safe is is not usable anymore because the smart card was factory-reset. To make it usable, a user needs to delete it via Nitrokey App. By doing so, the HOTP secret is deleted as well, resulting in a bad warning in Heads. Therefore, we are resetting AES key right after factory-reset with hotp_verification + +commit e0f0655b5db49c723e5b8cb036e16a05b3d64294 +gpg: Signature made Tue 30 Jun 2020 10:17:54 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Merge: 8dc5b7616a d3d4529545 +Author: alex-nitrokey +Date: Tue Jun 30 16:17:51 2020 +0200 + + Merge branch 'hotp-neutral' into storage-factoryreset + +commit 9c9edb0cfc10b626c7fb5b9bd0a3a5348e0da756 +gpg: Signature made Tue 30 Jun 2020 10:00:04 AM EDT +gpg: using RSA key 868184069239FF65DE0BCD7DD9BAE35991DE5B22 +gpg: Good signature from "Szczepan Zalega " [unknown] +gpg: aka "Szczepan Zalega (Nitrokey) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8681 8406 9239 FF65 DE0B CD7D D9BA E359 91DE 5B22 +Author: Szczepan Zalega +Date: Tue Jun 30 16:00:04 2020 +0200 + + Remove pkg-config and git version use + +commit d3d4529545848f5ee3a2b96eb89324582b61f69a +gpg: Signature made Tue 30 Jun 2020 07:45:21 AM EDT +gpg: using RSA key 868184069239FF65DE0BCD7DD9BAE35991DE5B22 +gpg: Good signature from "Szczepan Zalega " [unknown] +gpg: aka "Szczepan Zalega (Nitrokey) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8681 8406 9239 FF65 DE0B CD7D D9BA E359 91DE 5B22 +Author: Szczepan Zalega +Date: Tue Jun 30 13:45:21 2020 +0200 + + GitlabCI: reset cache, and investigate + + Calculate the uncompressed used cache space + Decrease retry count + +commit 07cc2b64f55a96ff475ae5bc2b6d139f3f116665 +gpg: Signature made Tue 30 Jun 2020 05:17:04 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Tue Jun 23 11:03:17 2020 +0200 + + Separate json-c module from cryptsetup module + +commit 84b2f9b5405082b81d485809511ed4d6bd50abbc +gpg: Signature made Tue 30 Jun 2020 03:28:35 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Tue Jun 30 09:28:35 2020 +0200 + + Re-arrange the order of label and device + +commit 8dc5b7616aec2586c4a3bd59ac8cfca1cfa01e91 +gpg: Signature made Sun 28 Jun 2020 03:59:22 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: d579e731b9 9798cf9c66 +Author: tlaurion +Date: Sun Jun 28 15:59:22 2020 -0400 + + Merge pull request #756 from tlaurion/x230-hotp-verification_CBFS_fix + + x230-htop-verification: coreboot CBFS_SIZE changed to 0x710000 + +commit d579e731b9e335a1cdcefbe2474985a38123abd9 +gpg: Signature made Sun 28 Jun 2020 03:30:16 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 94476bb470 8d6f47fb4d +Author: tlaurion +Date: Sun Jun 28 15:30:16 2020 -0400 + + Merge pull request #659 from MrChromebox/mount-usb-status + + mount-usb: provide useful output when loading kernel modules + +commit 94476bb47040d3a0aff17dbd99f1ed34aed0bb92 +gpg: Signature made Sun 28 Jun 2020 03:26:16 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: cc572f4c68 cbad9b6637 +Author: tlaurion +Date: Sun Jun 28 15:26:16 2020 -0400 + + Merge pull request #747 from MrChromebox/factory_reset_no_tpm + + oem-factory-reset: Handle non-TPM case + +commit cc572f4c681b365eb5b62a206ec644bf8c5870df +gpg: Signature made Sun 28 Jun 2020 03:08:36 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e6037a217e 2763711083 +Author: tlaurion +Date: Sun Jun 28 15:08:36 2020 -0400 + + Merge pull request #758 from Nitrokey/gpg-export + + Add option to export pubkey + +commit e6037a217eaa3b5bfda9c775262add69f0b9fd06 +gpg: Signature made Sun 28 Jun 2020 03:04:41 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 05c854753c e418ecbf71 +Author: tlaurion +Date: Sun Jun 28 15:04:41 2020 -0400 + + Merge pull request #760 from Nitrokey/menu-systeminfo + + Add systeminfo menu option + +commit 53dc659c014ce63c3dcd7d40140cb062121df6f4 +gpg: Signature made Thu 25 Jun 2020 09:36:28 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jun 25 15:35:47 2020 +0200 + + Replace libremkey_htop_* by hotp_* + +commit e418ecbf71370c24187d401b48d6c3f0cd0b1f49 +gpg: Signature made Thu 25 Jun 2020 04:41:15 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jun 25 10:41:01 2020 +0200 + + Fix MEMTOTAL calculation + +commit 481082f2d8ff4e909d31d7f94ab0275221350d14 +gpg: Signature made Thu 25 Jun 2020 04:40:44 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jun 25 09:58:01 2020 +0200 + + Include adaption of @MrChromebox + + See + https://source.puri.sm/coreboot/purism-heads/-/commit/5a3f5992337316caf4831fbc46099a8f2a624bd4 + +commit 20b07dd1b380151270431665f6088926e075d3d7 +gpg: Signature made Thu 25 Jun 2020 03:46:41 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jun 25 09:46:11 2020 +0200 + + swap label and device and minor formatting change + +commit c2a2134eb270ce63be2cbc10b7861957d0f5e38d +gpg: Signature made Wed 24 Jun 2020 12:22:15 PM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Merge: 73c9d6efc8 05c854753c +Author: alex-nitrokey +Date: Wed Jun 24 18:22:13 2020 +0200 + + Merge remote-tracking branch 'upstream/master' into hotp-neutral + +commit 73c9d6efc8dd8ce8ed55a10c37e04aeff0124b9c +gpg: Signature made Wed 24 Jun 2020 12:17:56 PM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Merge: fecb9cfd80 38ba257063 +Author: alex-nitrokey +Date: Wed Jun 24 18:17:54 2020 +0200 + + Merge branch 'hotp-verification-update' into hotp-neutral-merge + +commit fecb9cfd80dc1115017147777ab4a1a81214f40f +gpg: Signature made Wed 24 Jun 2020 12:13:50 PM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 18:12:56 2020 +0200 + + Rename CONFIG_HOTP_BRANDING to HOTP_BRANDING + + reason: it not a config option anymore + +commit 2fe946ccbe8eede9c07d84c4cb3b6bf94873e862 +gpg: Signature made Wed 24 Jun 2020 11:54:49 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 17:54:39 2020 +0200 + + Fix termonology + +commit 3236f0e1707481f418dfa065073a7eaac72605ce +gpg: Signature made Wed 24 Jun 2020 11:45:10 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 17:44:29 2020 +0200 + + Change name seal-libremkey -> seal-hotpkey + +commit 5867fc516cce80ec751196902f895c9237647bac +gpg: Signature made Wed 24 Jun 2020 11:41:12 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 17:40:49 2020 +0200 + + Store HOTP USB Security Key branding in /boot + +commit 92b18265377c8797914cadc20663beae90ccc667 +gpg: Signature made Wed 24 Jun 2020 11:36:53 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 17:36:53 2020 +0200 + + /boot needs to get mounted first + +commit aab2c327e38901876e8d904fb788ddc49b99be11 +gpg: Signature made Wed 24 Jun 2020 11:26:15 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 17:25:39 2020 +0200 + + Fix warning box title + +commit 38ba25706372d22bf1f033c5543b71496e4d7d61 +gpg: Signature made Wed 24 Jun 2020 10:31:55 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 16:31:22 2020 +0200 + + Include upstream updates of hotp_verification + +commit 407778eb9a22ec9cb6b5e2d3e2865434681fcbd0 +gpg: Signature made Wed 24 Jun 2020 10:16:49 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 16:16:03 2020 +0200 + + Remove unintented paranthesis + +commit 53b67d27a430edcdcc63f971acf6fbb43304a028 +gpg: Signature made Wed 24 Jun 2020 10:12:05 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 16:11:41 2020 +0200 + + Prepare usage of /boot/kexec_hotp_key as branding + +commit c07f3b7f7c4d730a87704be607b62e22babbda17 +gpg: Signature made Wed 24 Jun 2020 04:07:45 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 10:07:36 2020 +0200 + + Add systeminfo menu option + +commit 6d29ab71f9a4ef921f9723186e600744e58716dd +gpg: Signature made Wed 24 Jun 2020 03:45:00 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 24 09:44:50 2020 +0200 + + dd partition Label to menu list + +commit 27637110834b7487417cf75e509a10a7c4f23401 +gpg: Signature made Tue 23 Jun 2020 09:32:51 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Tue Jun 23 15:32:51 2020 +0200 + + Add option to export pubkey + +commit 9798cf9c66ff281fa172bcd0ea897c592b332a47 +gpg: Signature made Sat 20 Jun 2020 11:05:04 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Jun 20 11:04:10 2020 -0400 + + x230-htop-verification: coreboot CBFS_SIZE changed to 0x710000 + as per https://github.com/osresearch/heads/pull/748/files#diff-540d604c350e8fd52c25559b642795fbR5 + +commit 19c1e8f1afc52dc9764f7d2a867236d374a66287 +gpg: Signature made Fri 19 Jun 2020 10:26:52 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Tue Jun 16 10:29:01 2020 +0200 + + Clean up branch off testing stuff + +commit ff58f1524d3cb3f51dfadfa4afa073f5699c6d9e +gpg: Signature made Fri 19 Jun 2020 10:23:18 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Tue Jun 16 10:29:01 2020 +0200 + + Fix build issue + + * use --libdir to fix issue with .la files which had //lib as lib folder + * add libblkid as library + +commit 05c854753cda306f1e1192cb97495dd59e4f1cf1 +gpg: Signature made Thu 18 Jun 2020 11:08:54 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fab603153b 0cae2d7805 +Author: tlaurion +Date: Thu Jun 18 23:08:54 2020 -0400 + + Merge pull request #625 from MrChromebox/tpm_luks + + kexec-save-default: guard TPM LUKS usage with config option + +commit fab603153bd744ba3d1b4617a10c405c88f854bf +gpg: Signature made Wed 17 Jun 2020 02:00:31 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3dbf1f5f39 a16b97b6ea +Author: tlaurion +Date: Wed Jun 17 14:00:31 2020 -0400 + + Merge pull request #646 from alex-nitrokey/custom-userinfo + + Add option to choose GnuPG userinfo during OEM reset + +commit 28735a8c849b55e6dc647591e9540af9b9c4a820 +gpg: Signature made Thu 11 Jun 2020 11:04:03 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jun 11 17:04:03 2020 +0200 + + Add CONFIG_HOTP_BRANDING + +commit 4069619ead133aee352a17e696f4f46b7c135f83 +gpg: Signature made Thu 11 Jun 2020 09:54:10 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jun 11 15:54:10 2020 +0200 + + Rename libremkey-hotp-verification module + +commit fc8c7b0e6499d6044d2ee4c000e5f6a04f6b82f9 +gpg: Signature made Thu 11 Jun 2020 09:44:58 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Merge: 1ba73ac1d5 342431746d +Author: alex-nitrokey +Date: Thu Jun 11 15:44:53 2020 +0200 + + Merge branch 'hotp-verification-update' into hotp-neutral + +commit 342431746dda12db84c0306a45e84dc85448b4e1 +gpg: Signature made Thu 11 Jun 2020 09:39:12 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jun 11 15:39:12 2020 +0200 + + Quick fix to build + +commit 1ba73ac1d5c1317fadcda9d086225b0544deaa67 +gpg: Signature made Thu 11 Jun 2020 09:29:51 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jun 11 15:29:51 2020 +0200 + + Rename CONFIG_LIBREMKEY to CONFIG_HOTPKEY + +commit 1ef8d14921f9fb60bd8d1c2f96b25b8805870f78 +gpg: Signature made Thu 11 Jun 2020 08:48:52 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 10 17:05:01 2020 +0200 + + Use configure parameter instead of patchfile for rpath + + * hardcode rpatch patch not needed as `--disable-rpath` is available + * remove obsolete config parameters + +commit f674a479972e26fa774ab2787aab110504e3170d +gpg: Signature made Wed 10 Jun 2020 10:57:15 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 10 16:55:25 2020 +0200 + + Add patch for cryptsetup 2.3.3 + + Following commit ed3602f0ba62ccdb806cda5a5a055bbc386c2185 (maintain + reproducibility by removing rpath) and applying the same changes for new + version of cryptsetup. + +commit 7adcd4b3927eb780f917fe6e6dec6e474d374a83 +gpg: Signature made Wed 10 Jun 2020 10:42:22 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 10 11:20:41 2020 +0200 + + Add json-c as cryptsetup 2.3.3 dependency + +commit 7b00cc679d5d8a33846a56c46fccbc72effabe47 +gpg: Signature made Wed 10 Jun 2020 04:24:03 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Wed Jun 10 10:24:03 2020 +0200 + + Upgrade cryptsetup to version 2.3.3 + +commit cbad9b663724c95508f0eec027841d93c723c006 +gpg: Signature made Tue 09 Jun 2020 01:45:48 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Apr 23 18:36:03 2020 -0500 + + oem-factory-reset: Handle non-TPM case + + Guard TPM-related bits by checking CONFIG_TPM = y + + Signed-off-by: Matt DeVillier + +commit 0e349c565e871fe49cd9b94799af82566f13e79c +gpg: Signature made Tue 09 Jun 2020 12:42:55 PM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Tue Jun 9 18:42:55 2020 +0200 + + Update hotp-verification + +commit 0cae2d7805868b9ee5d1a81a36b4424589e69aef +gpg: Signature made Mon 08 Jun 2020 12:40:55 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Nov 21 16:01:50 2019 -0600 + + kexec-save-default: guard TPM LUKS usage with config option + + Add CONFIG_TPM_NO_LUKS_DISK_UNLOCK to allow Librem boards to opt + out of using TPM to store LUKS key, and use it to guard the user + option to add the disk encryption key to the TPM. + + Select this option for all Librem boards; all other boards which + select CONFIG_TPM=y will have no change in functionality. + + Signed-off-by: Matt DeVillier + +commit 3dbf1f5f39ab9a8965ac89b20d1ef7969a7da5e8 +gpg: Signature made Mon 08 Jun 2020 09:43:35 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 872ac38fbb 53071ce183 +Author: tlaurion +Date: Mon Jun 8 09:43:35 2020 -0400 + + Merge pull request #744 from tlaurion/CIs_reusable_cache_typo_fix + + CircleCI: fix save_cache (save and restore were not identical) + +commit 53071ce183afdecff6bebd633b3e6c9e47fc07d7 +gpg: Signature made Mon 08 Jun 2020 09:42:31 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Merge: 27fe438261 7941dac328 +Author: tlaurion +Date: Sun Jun 7 21:57:20 2020 -0400 + + CircleCI: fix typos (save_cache and restore_cache not identical) + +commit 872ac38fbb3025e05352a9a77be5167ae8ab9fa0 +gpg: Signature made Sun 07 Jun 2020 09:57:21 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 27fe438261 7941dac328 +Author: tlaurion +Date: Sun Jun 7 21:57:20 2020 -0400 + + Merge pull request #743 from tlaurion/CIs_reusable_cache_fix + + CircleCI: fix save_cache + +commit 7941dac328178e25d4a929d681b81dfd5c9ed587 +gpg: Signature made Sun 07 Jun 2020 09:55:48 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Merge: 9311eec4f4 11a0fdc061 +Author: tlaurion +Date: Sun Jun 7 17:00:24 2020 -0400 + + CIs: Replace cache fingerprints so cache is reusable between builds (fix save_cache) + +commit 27fe438261a0a29db0b0bdbb6476f05a8a6fe1f0 +gpg: Signature made Sun 07 Jun 2020 05:00:24 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9311eec4f4 11a0fdc061 +Author: tlaurion +Date: Sun Jun 7 17:00:24 2020 -0400 + + Merge pull request #742 from tlaurion/CIs_reusable_cache + + CIs: Replace cache fingerprints so cache is reusable between builds + +commit 11a0fdc061b6483af8644a84adf05e54c8425683 +gpg: Signature made Sun 07 Jun 2020 04:39:39 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Jun 7 15:58:21 2020 -0400 + + CIs: Replace cache fingerprint with username of the user launching the build to make it reusable between PRs + +commit 9311eec4f4a7308d74c59793dce91509ba07c6ff +gpg: Signature made Sun 07 Jun 2020 01:52:22 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f095ab0fcb dcbeb26e03 +Author: tlaurion +Date: Sun Jun 7 13:52:22 2020 -0400 + + Merge pull request #738 from tlaurion/CIs_add_t430 + + CIs: add t430 and t430-flash boards to CircleCi and GitlabCI + +commit dcbeb26e035110e82eda40a9732736fb0cfdf12f +gpg: Signature made Sat 06 Jun 2020 12:35:13 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat Jun 6 12:35:13 2020 -0400 + + CIs: move qemu-coreboot to be built last, add t430 and t430-flash boards to CIs + +commit f095ab0fcb582b22055c495b61f6a7361ba54a1e +gpg: Signature made Wed 03 Jun 2020 04:52:19 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 78053b9ec1 9090f1a1f9 +Author: tlaurion +Date: Wed Jun 3 16:52:19 2020 -0400 + + Merge pull request #736 from tlaurion/libpng_download_from_github + + Libpng download from GitHub + +commit 9090f1a1f9c2132b91466b5ddfb533cc21159498 +gpg: Signature made Wed 03 Jun 2020 04:51:34 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Jun 3 16:42:40 2020 -0400 + + libpng : moving archive download from sourceforge to github + Fixes #735 + +commit 78053b9ec1a2030f479b1b2ba7e57f9b0e0ab681 +gpg: Signature made Sun 24 May 2020 11:21:03 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 488d6529e4 7600ce4bff +Author: tlaurion +Date: Sun May 24 23:21:03 2020 -0400 + + Merge pull request #729 from tlaurion/CIs-cache_restriction-artifacts_cleanup + + CIs: restrict cache, clean past build artifacts. + +commit 7600ce4bff4075aeb4f490bcdcfff597cdfbea74 +gpg: Signature made Sun 24 May 2020 10:16:21 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun May 24 17:12:13 2020 -0400 + + GitlabCI: restrict cache, store cleaned build artifacts for x230* and qemu-coreboot + +commit 488d6529e463a9732f653f1d6bb89080f4768237 +gpg: Signature made Sun 24 May 2020 01:58:49 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 3895318749 801bbed601 +Author: tlaurion +Date: Sun May 24 13:58:49 2020 -0400 + + Merge pull request #670 from flawedworld/patch-1 + + Add ability to change CMOS values for X230 + +commit 3895318749f3283c0b1807209a10470403c69826 +gpg: Signature made Sun 24 May 2020 01:47:15 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b1840e8b73 c66fed1bac +Author: tlaurion +Date: Sun May 24 13:47:15 2020 -0400 + + Merge pull request #728 from tlaurion/add_gitlabci_ci_integration + + Add Fedora 30 gitlab-ci CI configuration building x230-hotp-verification + +commit c66fed1bac801149cf43caf61f5e97e69ca205af +gpg: Signature made Sun 24 May 2020 01:45:15 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b88daa7710 b1840e8b73 +Author: tlaurion +Date: Sun May 24 13:45:15 2020 -0400 + + Merge branch 'master' into add_gitlabci_ci_integration + +commit b1840e8b734b5db22258c80f1d460cdeb8f8c4ba +gpg: Signature made Sun 24 May 2020 12:32:53 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4245aec857 83f2a20cbc +Author: tlaurion +Date: Sun May 24 12:32:53 2020 -0400 + + Merge pull request #727 from tlaurion/add_gitlabci_ci_integration + + Add gitlabci ci integration + +commit 4245aec85796523945da51596d4d4af864288843 +gpg: Signature made Sun 24 May 2020 11:33:23 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f1f92a0fec 01dabe19e7 +Author: tlaurion +Date: Sun May 24 11:33:23 2020 -0400 + + Merge pull request #706 from tlaurion/network-init-recovery_dhcp-ntp + + network-init-recovery script: Request IP from DHCP, NTP time + +commit b88daa7710c0ee5285122b6901a5a3686b4ec52d +gpg: Signature made Sun 24 May 2020 10:04:54 AM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri May 22 14:46:24 2020 -0400 + + Add Fedora 30 gitlab-ci CI configuration building x230-hotp-verification + +commit f1f92a0fece096bcc3110c8f24a6a911b8ecc7b0 +gpg: Signature made Fri 22 May 2020 03:17:09 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 183007e16e 972c25de7d +Author: tlaurion +Date: Fri May 22 15:17:09 2020 -0400 + + Merge pull request #726 from tlaurion/gawk_test_over_latest_debian_redo + + upgrade gpg toolstack to latest versions + +commit 972c25de7df9cf797fd211bc795fe057462a6432 +gpg: Signature made Fri 22 May 2020 03:14:09 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri May 22 15:13:06 2020 -0400 + + upgrade gpg toolstack to latest versions + + - Remove unrecognized configure options + - fixes gawk issue #668 by upgrading to libgpg-error 1.37 instead of patching 1.32 for regex change (fixed upstream) + - move patches so they match new versions for libassuan, gpg and libgcrypt (no change) + + Version change: + - gpg 2.2.10 -> 2.2.20 + - libassuan 2.5.1 -> 2.5.3 + - libgcrypt 1.8.3 -> 1.8.5 + - libgpg-error 1.32 -> 1.37 + + Size changes: + - gpg 886.5 -> 911.3 kB + - gpg-agent: 371.9 -> 376.0 kB + - scdaemon: 399.5 -> 407.8 kB + - libgpg-error.so.0 125.9 -> 130.0 kB + + Unrecognized options on gpg2 toolstack: + - disable-nls and disable-asm disable-keyserver-helpers disable-hkp disable-finger disable-dns-srv disable-dns-cert and disable-wks-server + +commit 183007e16e7f11b5324354068ceb764cf5f2bfbd +gpg: Signature made Fri 22 May 2020 02:57:02 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 69c7b207ba 0cd1a0d04c +Author: tlaurion +Date: Fri May 22 14:57:02 2020 -0400 + + Merge pull request #725 from osresearch/revert-714-gawk_test_over_latest_debian + + Revert "GPG toolstack upgrade to latest available versions (Fixes Gawk issue)" + +commit 0cd1a0d04c80dc1ddbce44b7f22631f6f1a37c34 +gpg: Signature made Fri 22 May 2020 02:55:41 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Fri May 22 14:55:41 2020 -0400 + + Revert "GPG toolstack upgrade to latest available versions (Fixes Gawk issue)" + +commit 69c7b207bad576148e7c972195d9a5b376414452 +gpg: Signature made Fri 22 May 2020 02:55:04 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 69160699a3 241b0bc680 +Author: tlaurion +Date: Fri May 22 14:55:04 2020 -0400 + + Merge pull request #714 from tlaurion/gawk_test_over_latest_debian + + GPG toolstack upgrade to latest available versions (Fixes Gawk issue) + +commit 83f2a20cbc7edfa4966c2f5e1abba525c8a03d0a +gpg: Signature made Fri 22 May 2020 02:47:21 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Merge: fdbac6637f 69160699a3 +Author: Thierry Laurion +Date: Fri May 22 14:47:15 2020 -0400 + + Merge branch 'master' of https://github.com/osresearch/heads into add_gitlabci_ci_integration + +commit fdbac6637ff517e5366c313e1ec343c7308c0b37 +gpg: Signature made Fri 22 May 2020 02:46:24 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Fri May 22 14:46:24 2020 -0400 + + Add gitlab-ci CI configuration which builds for x230-hotp-verification for the moment + +commit 69160699a3bdd011d15a86284d428747885b71ca +gpg: Signature made Fri 22 May 2020 02:35:27 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 577fd806d7 2d50e01071 +Author: tlaurion +Date: Fri May 22 14:35:27 2020 -0400 + + Merge pull request #724 from szszszsz/repro-gitlab-circleci-pr-upstream + + Make hotp-verification build reproducible across CIs + +commit 577fd806d77adb485fd64587458b7a3f7af7ef10 +gpg: Signature made Fri 22 May 2020 01:34:16 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fa35b3c557 d5083f410c +Author: tlaurion +Date: Fri May 22 13:34:16 2020 -0400 + + Merge pull request #722 from tlaurion/x230-hotp-verification + + board: x230-hotp-verification (includes libremkey-hotp-verification) + +commit 2d50e01071f43d0db9995320fb2f6ff6c810bbc9 +gpg: Signature made Fri 22 May 2020 09:18:22 AM EDT +gpg: using RSA key 868184069239FF65DE0BCD7DD9BAE35991DE5B22 +gpg: Good signature from "Szczepan Zalega " [unknown] +gpg: aka "Szczepan Zalega (Nitrokey) " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8681 8406 9239 FF65 DE0B CD7D D9BA E359 91DE 5B22 +Author: Szczepan Zalega +Date: Thu May 21 07:38:02 2020 +0200 + + Make hotp-verification hashes same across two CIs + + Move from CMake build system to GNU Make for hotp-verification + Change version to one supporting Makefile build + + Fixes https://github.com/osresearch/heads/pull/724 + Connected: + - https://github.com/Nitrokey/nitrokey-hotp-verification/issues/13 + - https://github.com/osresearch/heads/pull/722 + +commit d5083f410c45f2256d52a7dcbb9abdafa9895a82 +gpg: Signature made Thu 21 May 2020 06:06:20 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sat May 16 13:38:14 2020 -0400 + + x230-hotp-verification: Add x230-hotp-verification board to have a HOTP supported remote attestation for Nitrokey Pro 2, Nitrokey Storage 2 and Librem Key + +commit 241b0bc6804fc16856525472248503ee4814c32c +gpg: Signature made Wed 20 May 2020 01:19:53 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 19 19:39:45 2020 -0400 + + upgrade gpg toolstack to latest versions + + - Remove unrecognized configure options + - fixes gawk issue #668 by upgrading to libgpg-error 1.37 instead of patching 1.32 for regex change (fixed upstream) + - move patches so they match new versions for libassuan, gpg and libgcrypt (no change) + + Version change: + - gpg 2.2.10 -> 2.2.20 + - libassuan 2.5.1 -> 2.5.3 + - libgcrypt 1.8.3 -> 1.8.5 + - libgpg-error 1.32 -> 1.37 + + Size changes: + - gpg 886.5 -> 911.3 kB + - gpg-agent: 371.9 -> 376.0 kB + - scdaemon: 399.5 -> 407.8 kB + - libgpg-error.so.0 125.9 -> 130.0 kB + + Unrecognized options on gpg2 toolstack: + - disable-nls and disable-asm disable-keyserver-helpers disable-hkp disable-finger disable-dns-srv disable-dns-cert and disable-wks-server + +commit fa35b3c557f31e5e57691cc6867845d47403ea45 +gpg: Signature made Fri 15 May 2020 07:20:04 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2ee51d864c 040e358b2d +Author: tlaurion +Date: Fri May 15 19:20:04 2020 -0400 + + Merge pull request #715 from tlaurion/circle_ci_based_on_debian_bullseye_with_x230-flash_and_reproducibility_troubleshooting_helpers + + CIs: pass CircleCI to debian:bullseye docker image + +commit 2ee51d864ca82ede32a459ba6e55a7b6df2dd1d1 +gpg: Signature made Fri 15 May 2020 07:19:00 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 762e59eac3 23735d729a +Author: tlaurion +Date: Fri May 15 19:19:00 2020 -0400 + + Merge pull request #656 from fibreblazer/master + + T430 Support + +commit 762e59eac3ead0029392f3f240de938c1a28a398 +gpg: Signature made Fri 15 May 2020 07:16:52 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 950acf9355 cc2eb8f207 +Author: tlaurion +Date: Fri May 15 19:16:52 2020 -0400 + + Merge pull request #693 from SebastianMcMillan/patch-4 + + Fix X220 and T420 CBFS sizes + +commit 23735d729a14df0f304160e2fde149f5d22ef109 +Author: flawedworld <38294951+flawedworld@users.noreply.github.com> +Date: Fri May 15 18:52:11 2020 +0100 + + Add T430 board support + + Co-authored-by: Sebastian McMillan <22755892+SebastianMcMillan@users.noreply.github.com> + Co-authored-by: Andrew Montoya + +commit 5a033fa80dc8d6134fd31f6a8077e1b10b370328 +Author: flawedworld <38294951+flawedworld@users.noreply.github.com> +Date: Fri May 15 18:51:49 2020 +0100 + + T430 TPM Backport + +commit 950acf93555f09fa6c4f1c3515e77ae614630251 +gpg: Signature made Thu 14 May 2020 11:07:07 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: df89d16f7c 29e28005ab +Author: tlaurion +Date: Thu May 14 23:07:07 2020 -0400 + + Merge pull request #708 from tlaurion/qemu-coreboot-fbwhiptail_board + + qemu-coreboot-fbwhiptail board addition + +commit 29e28005abf4a28c3226bbf9b0297c64616f907e +gpg: Signature made Mon 11 May 2020 01:57:19 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Tue May 5 10:54:31 2020 -0400 + + qemu-coreboot-fbwhiptail: removing of unneeded comments + +commit 31a103fdaee1158c0b294ecd6c7f9ecca0ef5146 +gpg: Signature made Mon 11 May 2020 01:57:02 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 22 23:02:46 2020 -0400 + + Working config to do make BOARD=qemu-coreboot-fbwhiptail and then make BOARD=qemu-coreboot-fbwhiptail run + +commit df89d16f7c2e7f43a473b2a32ebaaae01315e4b2 +gpg: Signature made Mon 04 May 2020 05:07:30 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 59b65d1069 ba68c723bf +Author: tlaurion +Date: Mon May 4 17:07:30 2020 -0400 + + Merge pull request #707 from tlaurion/useful_qemu-coreboot_board + + qemu-coreboot: finally a useable debug/test board + +commit 040e358b2d4ded3ca0d5c101598600499c8bb87c +gpg: Signature made Mon 04 May 2020 02:55:38 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Mon May 4 12:07:14 2020 -0400 + + CIs: pass CircleCI to debian:bullseye docker image, provide logs.tar.gz and cpios to facilitate debugging of reproducibility issues + +commit 8d6f47fb4d37f67b812d9bb1a8055a84fb28b916 +gpg: Signature made Mon 04 May 2020 12:41:21 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jan 28 20:47:00 2020 -0600 + + mount-usb: suppress error output from calls to `stat` + + If no USB storage devices inserted, stat will output + unnecessary error text to console + + Signed-off-by: Matt DeVillier + +commit a2d50a10f7fc4a34e1ded95519fdb4536798e2a1 +gpg: Signature made Mon 04 May 2020 12:41:20 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jan 14 17:07:53 2020 -0600 + + mount-usb: replace fixed timeout with drive detection + + Rather than wait a fixed 5s for the usb storage kernel modules + to load, and the user to insert a drive, check for new USB drives + inserted every 1s with a 5s timeout. + + Signed-off-by: Matt DeVillier + +commit 59b65d1069fbd4081ce15d46c73fd0ad2b20522a +gpg: Signature made Sun 03 May 2020 11:42:38 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 00a1a2bef6 15e19d0594 +Author: tlaurion +Date: Sun May 3 23:42:38 2020 -0400 + + Merge pull request #713 from tlaurion/acpica-unix2_revert_url_change + + coreboot patch: revert acpica-unix2 url change + +commit 15e19d0594ac8deda89a20e0db1b54a4a5c2c3fa +gpg: Signature made Sun 03 May 2020 11:39:15 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun May 3 23:19:58 2020 -0400 + + coreboot patch: remove acpica-unix2-20180531.tar.gz url change fix since acpica.org is now functional again while crux.ster.zone is not... + +commit 00a1a2bef6672f04cb69212cc657639c3cf476a4 +gpg: Signature made Fri 01 May 2020 05:55:43 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 83c22f3e4a b29447ef8f +Author: tlaurion +Date: Fri May 1 17:55:43 2020 -0400 + + Merge pull request #679 from MrChromebox/flashrom_1.2 + + modules/flashrom: update to v1.2 release + +commit ba68c723bf209b5891b84b6564390f8b85c7c7f6 +gpg: Signature made Wed 22 Apr 2020 11:02:46 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 22 23:02:46 2020 -0400 + + qemu-coreboot: Now useful to debug something through make BOARD=qemu-coreboot. TODO: map a virtual TPM instance and USB passthrough. Thanks to @orangecms for the tip + +commit 01dabe19e73c17ba2a17e2e2e2b74584b1295e84 +gpg: Signature made Wed 22 Apr 2020 03:00:48 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Apr 22 15:00:48 2020 -0400 + + network-init-recovery: do DHCP, then ask NTP from DNS server before attempting sync on internet + +commit b29447ef8f93cfe2c91be9a5754ebca31ee9fb5d +gpg: Signature made Mon 20 Apr 2020 06:34:10 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 30 21:46:34 2019 -0500 + + modules/flashrom: update to v1.2 release + + - Update flashrom module to v1.2. + - Drop Thinkpad x220 patch as it's now properly supported. + - Drop 'laptop=force_I_want_a_brick' from board FLASHROM_OPTIONS + since it's no longer needed. + - Migrate kgpe-d16 patch. + + The kgpe-d16 patch needed a complete overhaul when rebased against + flashrom v1.2, and needs close inspection/testing as a result. + The following changes were made from the previous patch: + + - dropped addition of 4-byte addressing (4BA), since now supported + - dropped addtiion of Macronix MX25L256 and MX66L512 chips, + since now supported + - added 4BA erase commands for Winbond W25Q256 chip + - dropped code to show progress indicator, since another PR already adds that + + Signed-off-by: Matt DeVillier + +commit a16b97b6eabbd0e962f95bdc02ed3c1923bef456 +gpg: Signature made Thu 26 Mar 2020 10:09:58 AM EDT +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Mar 26 15:05:51 2020 +0100 + + Add more input validation + + Based on tlaurion's work done here + https://gitlab.com/tlaurion/heads/-/blob/ff148e4dafff2a01dc00ce92f115cb74a5557aa0/initrd/bin/factory-reset-libremkey.sh#L53 + +commit 83c22f3e4a154707b8cc00f1267d6591b6c24e41 +gpg: Signature made Tue 17 Mar 2020 09:18:58 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f62364ffa2 58cb8df266 +Author: tlaurion +Date: Tue Mar 17 09:18:58 2020 -0400 + + Merge pull request #696 from tlaurion/acpica-unix2_fix + + coreboot-4.8.1 : fix acpica-unix2 download + +commit 58cb8df26652f2fe03764ea921cf90bae63aec83 +gpg: Signature made Sun 15 Mar 2020 06:45:33 PM EDT +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Sun Mar 15 11:05:54 2020 -0400 + + coreboot-4.8.1: acpica-unix2 cannot be downloaded per www.acpica.org since cert is signed by Intel which cert authority is unknown from older build systems... Cert was renewed March 10 2020. URL changed to crux.ster.zone + +commit cc2eb8f207248f97bf71e72e4783965f0e13991a +gpg: Signature made Mon 09 Mar 2020 04:59:00 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Sebastian McMillan <22755892+SebastianMcMillan@users.noreply.github.com> +Date: Mon Mar 9 15:59:00 2020 -0500 + + Update coreboot-t420.config + +commit b1471d945ad91bf95e79fd5bcc41020b7d324e66 +gpg: Signature made Mon 09 Mar 2020 04:53:19 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Sebastian McMillan <22755892+SebastianMcMillan@users.noreply.github.com> +Date: Mon Mar 9 15:53:19 2020 -0500 + + Update coreboot-x220.config + + Add some room in the CBFS to actually save GPG keys, as well as have room to add libremkey support. + +commit f62364ffa23c5e36b93b593174847ecd52a17986 +gpg: Signature made Mon 09 Mar 2020 02:21:46 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Mon Mar 9 14:21:46 2020 -0400 + + Update README.md + + - Add basic board building + - Remove xen as Heads dependency + - change musl-cross in text to musl-cross-make to reflect new building tools reality + +commit ad84c38aed84f71522910cf63ad40c3123f04b2e +gpg: Signature made Wed 04 Mar 2020 10:55:46 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f42b338de9 1bd93d6679 +Author: tlaurion +Date: Wed Mar 4 22:55:46 2020 -0500 + + Merge pull request #685 from MrChromebox/fix_iso_boot + + Eliminate use of CONFIG_USB_BOOT_DEV + +commit 801bbed601de9e3a2617f83c9b7b81fd2118a253 +gpg: Signature made Sun 23 Feb 2020 01:51:42 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Gabe Gałązka <38294951+flawedworld@users.noreply.github.com> +Date: Sun Feb 23 18:51:42 2020 +0000 + + Update coreboot-x230.config + +commit f42b338de984d04da3ef7ee0edf2bbb61ecf1580 +gpg: Signature made Sat 22 Feb 2020 02:17:07 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 508034b4d9 25113cb8c2 +Author: tlaurion +Date: Sat Feb 22 14:17:07 2020 -0500 + + Merge pull request #478 from flammit/coreboot-kgpe-d16 + + Fix coreboot build for kgpe-d16 + +commit 1bd93d66790075403ca193417b11e21d2eb2447b +gpg: Signature made Wed 19 Feb 2020 11:32:09 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Feb 19 22:16:39 2020 -0600 + + Eliminate use of CONFIG_USB_BOOT_DEV + + mount-usb switched to dynamic USB device detection a while back, + so eliminate instances of CONFIG_BOOT_USB_DEV, and derive the + mounted USB device from /etc/mtab in the one place where it's + actually needed (usb-scan). Clean up areas around calls to + mount-usb for clarity/readability. + + Addresses issue #673 + + Test: Build Librem 13v4, boot ISO file on USB + + Signed-off-by: Matt DeVillier + +commit 508034b4d94b8669e000966cb311a5c3c475d292 +gpg: Signature made Wed 19 Feb 2020 10:49:18 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 65e718b6de 28fedf9a7e +Author: tlaurion +Date: Wed Feb 19 22:49:18 2020 -0500 + + Merge pull request #680 from MrChromebox/libremkey_hotp_reproducible + + modules/libremkey-hotp-verification: make reproducible + +commit 65e718b6de7d1a725bae3d89a1164ad60c1d7cc8 +gpg: Signature made Wed 19 Feb 2020 09:27:30 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 76ac9d2259 3165ba60f6 +Author: tlaurion +Date: Wed Feb 19 21:27:30 2020 -0500 + + Merge pull request #684 from SebastianMcMillan/patch-2 + + T420: Fix screen garble + +commit 3165ba60f6d6262e8890b3821a0ea01c6924b805 +gpg: Signature made Wed 19 Feb 2020 08:03:31 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Sebastian McMillan <22755892+SebastianMcMillan@users.noreply.github.com> +Date: Wed Feb 19 19:03:31 2020 -0600 + + Update coreboot-t420.config + + Fix Screen Garble + +commit 76ac9d225939c4752ada24f69a6ea0c112410dda +gpg: Signature made Wed 19 Feb 2020 06:04:21 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e5c7f7397f 83a67d2798 +Author: tlaurion +Date: Wed Feb 19 18:04:21 2020 -0500 + + Merge pull request #683 from MrChromebox/oem-reset-fix + + oem-factory-reset: fix GPG key backup filename + +commit e5c7f7397f19c808b826e88dacd4c1362f2a8f2b +gpg: Signature made Wed 19 Feb 2020 05:57:46 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c684d6b37c 30b098bfac +Author: tlaurion +Date: Wed Feb 19 17:57:46 2020 -0500 + + Merge pull request #682 from MrChromebox/clean_boot_detect_fix + + gui-init: fix checking librem key card-status + +commit 83a67d27988ae1663b0b5fa2092778035f286dd6 +gpg: Signature made Wed 19 Feb 2020 05:47:56 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Feb 19 14:15:27 2020 -0600 + + oem-factory-reset: fix GPG key backup filename + + fix $GPG_GEN_KEY getting clobbered when using a custom password + + Signed-off-by: Matt DeVillier + +commit c684d6b37cc95b7896418250efe76396c3c935c0 +gpg: Signature made Wed 19 Feb 2020 05:44:10 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8e23a54f28 62f180d098 +Author: tlaurion +Date: Wed Feb 19 17:44:10 2020 -0500 + + Merge pull request #681 from tlaurion/flash_sh-config_export_fix + + Flash.sh cleanup: Fix FLASHROM_OPTIONS -> CONFIG_FLASHROM_OPTIONS + +commit 30b098bfacd08a5877a7f7c25f85345844481aa5 +gpg: Signature made Wed 19 Feb 2020 05:31:41 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Feb 19 16:27:57 2020 -0600 + + gui-init: fix checking librem key card-status + + Commit 6b5adcca moved the call to enable_usb from gui-init + to init and guarded it with CONFIG_USB_KEYBOARD, but it was + missed that this is needed for the clean boot check logic + when a librem key is used. Add the call back to gui-init + and guard it properly + + Test: clean_boot_detect works properly on a librem 13v4 + + Signed-off-by: Matt DeVillier + +commit 62f180d0983ceed06bc948d44e184fd75111f79a +gpg: Signature made Wed 19 Feb 2020 05:18:03 PM EST +gpg: using RSA key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 +gpg: Good signature from "Insurgo Technologies Libres / Open Technologies " [expired] +gpg: aka "[jpeg image of size 9521]" [expired] +gpg: Note: This key has expired! +Primary key fingerprint: ACF4 B789 3D4D 05C8 F180 69BA E7B4 A716 58E3 6A93 +Author: Thierry Laurion +Date: Wed Feb 19 16:33:43 2020 -0500 + + Flash.sh cleanup: Fix FLASHROM_OPTIONS -> CONFIG_FLASHROM_OPTIONS to be exported by Makefile + +commit 28fedf9a7e6040fabd323f16a4166099e24f6c38 +gpg: Signature made Wed 19 Feb 2020 02:37:57 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Feb 19 13:28:15 2020 -0600 + + modules/libremkey-hotp-verification: make reproducible + + Modeled after modules/tpmtotp, use a specific git commit hash for + module libremkey-hotp-verification. Add hidapi as a submodule with + dummy/placeholder in modules (like coreboot-blobs), also specified + by git commit hash. Adjust libremkey-hotp-verification patch file + name so patch applied properly. + + Addresses issue #640 + + Test: build Librem 13v4 + + Signed-off-by: Matt DeVillier + +commit 8e23a54f284b3847e973b70c4cecbe36acdfd19f +gpg: Signature made Wed 19 Feb 2020 12:54:26 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 21faf524b9 6b5adcca6f +Author: tlaurion +Date: Wed Feb 19 12:54:26 2020 -0500 + + Merge pull request #677 from MrChromebox/usb_keyboard + + init: load usb modules for devices using USB keyboard + gui-init: remove enable_usb to fix generic Heads users who wanted to release LUKS disk encryption key from TPM if measurements were valid (fix regression) + +commit 21faf524b9d791a75f1710ada502f21298b8fa77 +gpg: Signature made Wed 19 Feb 2020 12:51:03 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Sebastian McMillan <22755892+SebastianMcMillan@users.noreply.github.com> +Date: Wed Feb 19 11:51:03 2020 -0600 + + T420 initial support + X220 FBWhiptail Support (#578) + + * Add support for the Lenovo ThinkPad T420 and X220. + * Fix the autodetection of ifdtool and me_cleaner. + * Enable FBWhiptail mode for X220 and T420 + * Decreased CBFS size to fix 50 seconds boot delay problems + +commit 6b5adcca6f002ab440d616186942ce44ca3bd152 +gpg: Signature made Wed 19 Feb 2020 12:46:37 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Feb 19 11:40:34 2020 -0600 + + init: load usb modules for devices using USB keyboard + + Some (out of tree) servers require use of a USB keyboard, and need + the USB kernel modules loaded prior to checking for keypress to enter + a recovery console. Since loading the modules affects the value in PRC5 + and can cause issues putting a LUKS key in TPM, guard the loading of the + USB modules with CONFIG_USB_KEYBOARD and remove the unguarded call from + gui-init. + + This should resolve issues #603 and #674. + + Signed-off-by: Matt DeVillier + +commit f0d85ba2d732a4944c8d2065aee6def74996b28c +gpg: Signature made Wed 19 Feb 2020 12:04:56 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Sebastian McMillan <22755892+SebastianMcMillan@users.noreply.github.com> +Date: Wed Feb 19 11:04:56 2020 -0600 + + Flash.sh cleanup : flashrom specifics now in board configs (#592) + + Flash.sh cleanup : flashrom specifics now in board configs (#592) + +commit e341f40cc44e22e0191553de5e0ad034a4eaf03b +gpg: Signature made Mon 03 Feb 2020 05:09:42 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Gabe Gałązka <38294951+flawedworld@users.noreply.github.com> +Date: Mon Feb 3 22:09:42 2020 +0000 + + Update coreboot-x230.config + +commit 6c85d7a61ea01392dd572b255eceb881c309feaa +gpg: Signature made Sat 01 Feb 2020 12:43:35 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: Gabe Gałązka <38294951+flawedworld@users.noreply.github.com> +Date: Sat Feb 1 17:43:35 2020 +0000 + + Add ability to change CMOS values for X230 + + Add ability to change CMOS values by genning SMBIOS tables and using the values from stock bios, this allows for editing of SMBIOS values to change things such as VRAM allocation, FN and CTRL key swap etc + +commit bcf522cb2e40b932383bb4b06bf5564776216c93 +gpg: Signature made Wed 29 Jan 2020 03:00:55 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 497765038e 132dcb2344 +Author: Kyle Rankin +Date: Wed Jan 29 12:00:55 2020 -0800 + + Merge pull request #666 from MrChromebox/flash_gui-fixup + + flash-gui: set unset variable USB_FAILED + +commit 132dcb234425770045780592c1726828cecf6719 +gpg: Signature made Wed 29 Jan 2020 02:58:29 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jan 28 20:44:34 2020 -0600 + + flash-gui: set unset variable USB_FAILED + + Not setting USB_FAILED when call to mount-usb succeeds results + in a spurious 'sh: 0 unknown operand' error printed to console. + + Signed-off-by: Matt DeVillier + +commit 497765038e6b35227daf8ffaca71af32ac550f20 +gpg: Signature made Tue 28 Jan 2020 05:31:45 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ceda2d3e3f ad2395d3db +Author: tlaurion +Date: Tue Jan 28 17:31:45 2020 -0500 + + Merge pull request #657 from MrChromebox/fix-librem-hotp + + libremkey-hotp-verification: toolchain adjustments + +commit ceda2d3e3f69cf27e20fbf581b812b67d7067ee1 +gpg: Signature made Mon 27 Jan 2020 08:08:10 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ac71f295a0 92e706bf1b +Author: tlaurion +Date: Mon Jan 27 20:08:10 2020 -0500 + + Merge pull request #663 from flammit/fix-gpg-tty + + init: fix invalid GPG_TTY variable + +commit 92e706bf1bd6affdbf28f99d9de0ed513ceaff48 +Author: Francis Lam +Date: Sat Jan 25 20:45:03 2020 -0800 + + init: fix invalid GPG_TTY variable + + busyboy tty isn't working after the musl-cross-make change so + revert to known good value. + +commit ac71f295a08f8139d2d4a5e6496d6e14f7b7690e +gpg: Signature made Wed 22 Jan 2020 06:08:28 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6b485ed89f a3bbdbab54 +Author: Kyle Rankin +Date: Wed Jan 22 15:08:28 2020 -0800 + + Merge pull request #660 from MrChromebox/update-librem-blobs + + blobs/librem_{kbl,skl}: update blobs + +commit a3bbdbab540386317596a2ac7124c85a9523b843 +gpg: Signature made Wed 22 Jan 2020 05:59:54 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Nov 26 17:52:57 2019 -0600 + + blobs/librem*: update hashes for FSP and VBT + + Update hashes of coreboot images, releases repo, FSP blobs, + and VBT file. Updated VBT from coreboot 4.11 release eliminates + flickering on some 13v4/15v4 displays. + + Signed-off-by: Matt DeVillier + +commit ad2395d3db59668779cc0d303fd1cbea0cdaa330 +gpg: Signature made Wed 22 Jan 2020 01:04:24 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jan 21 21:43:56 2020 -0600 + + libremkey-hotp-verification: toolchain adjustments + + Pass through new toolchain path via $(CROSS) so we can set the + c/c++ compiler paths correctly for CMake. Adjust patch to use + new paths, and fix compiler/linker paths to correct a libusb linking issue. + + Signed-off-by: Matt DeVillier + +commit 6b485ed89f533f7c264543ac333c36ed0d19d715 +gpg: Signature made Thu 16 Jan 2020 07:59:10 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8e4b10922b ed3602f0ba +Author: tlaurion +Date: Thu Jan 16 19:59:10 2020 -0500 + + Merge pull request #655 from flammit/fix-kexec-and-repro + + Fix kexec and repro + +commit ed3602f0ba62ccdb806cda5a5a055bbc386c2185 +gpg: Signature made Thu 16 Jan 2020 12:36:44 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Thu Jan 16 09:36:42 2020 -0800 + + modules: maintain reproducibility by removing rpath + +commit c3213e150a16bcacd1fea8d189efbe1be69573b5 +gpg: Signature made Thu 16 Jan 2020 12:34:04 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Thu Jan 16 09:33:41 2020 -0800 + + initrd: update distro keys + + Update distro keys to the latest with updated expiration dates + +commit d63d5b4508072fef03223342879e349e97860587 +gpg: Signature made Thu 16 Jan 2020 12:32:32 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Thu Jan 16 09:30:48 2020 -0800 + + modules: update to use full commit id + + The short commit id can cause the tar archive potentially cause + the root directory in the archive to be named with the short id + causing the verification to fail + +commit 23d012640739d5a85fbf2afe307e50d3bd281b88 +gpg: Signature made Thu 16 Jan 2020 12:30:33 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Thu Jan 16 09:30:15 2020 -0800 + + kexec: update to 2.0.20 + + Fix issue with kexec failing to load the target kernel when + building with musl-cross-make + +commit 8e4b10922bcfa70eb1891e8933d5e4cb93191c00 +gpg: Signature made Wed 15 Jan 2020 01:15:19 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a5f4d7d8be 1e77a72f99 +Author: tlaurion +Date: Wed Jan 15 13:15:19 2020 -0500 + + Merge pull request #653 from osresearch/musl-cross-make + + Use musl cross make for Heads, Linux, coreboot and edk2 + +commit a5f4d7d8be8404097ce5c3ce0370131e4a9fdc38 +gpg: Signature made Wed 15 Jan 2020 01:14:30 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a78034d017 6962bfda10 +Author: tlaurion +Date: Wed Jan 15 13:14:30 2020 -0500 + + Merge pull request #652 from osresearch/lvm-segfault + + lvm2: turn off buffering, which prevents segfault with new musl (#651) + +commit a78034d017e1db8eb6731083dc439ab7e2e7a65f +gpg: Signature made Wed 15 Jan 2020 12:48:33 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8af849cadc 6c93a5e854 +Author: tlaurion +Date: Wed Jan 15 12:48:33 2020 -0500 + + Merge pull request #649 from osresearch/libksba-reproducibile + + libksba: fix qsort handler to reproducible sort the string table + +commit 6962bfda10772606dcbc33477c81adb04c41c9c3 +gpg: Signature made Thu 09 Jan 2020 07:27:09 AM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Jan 9 13:27:09 2020 +0100 + + lvm2: turn off buffering, which prevents segfault with new musl (#651) + + Signed-off-by: Trammell hudson + +commit 1e77a72f99f270f3b19fed39f4f73f88509a9927 +gpg: Signature made Wed 08 Jan 2020 06:07:19 PM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Jan 9 00:07:19 2020 +0100 + + circleci: skip linuxboot steps for now + + Signed-off-by: Trammell hudson + +commit 31f021e5f7fc2d13c05c23c1d17a1e9b036bebf8 +gpg: Signature made Wed 08 Jan 2020 05:26:20 PM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Jan 8 23:26:20 2020 +0100 + + circleci: enable V=1 to produce more output and avoid timing out + + Signed-off-by: Trammell hudson + +commit 97402ed32db6e2b15fd7c812283349eefbd1f330 +gpg: Signature made Wed 08 Jan 2020 05:10:46 PM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Jan 8 23:10:46 2020 +0100 + + circleci: replace -j4 with --load 2 + +commit c069901f90bacfc5091fbe70c53b71b1fa77fb93 +gpg: Signature made Wed 08 Jan 2020 04:47:27 PM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Jan 8 22:47:27 2020 +0100 + + circleci: no tabs! + + Signed-off-by: Trammell hudson + +commit 35ddd3e065c65b16e77d14cf443e55d000950d0d +gpg: Signature made Wed 08 Jan 2020 04:45:39 PM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Jan 8 22:45:39 2020 +0100 + + circleci: pre-build edk2 for linuxboot + + Signed-off-by: Trammell hudson + +commit fed0858126f09f1701a415d2ca2e13ff25e6966a +gpg: Signature made Wed 08 Jan 2020 11:33:49 AM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jan 8 17:33:49 2020 +0100 + + circleci: try using the osresearch/musl-cross docker image + + Signed-off-by: Trammell Hudson + +commit 791d064397594ab5f62374b1fe6f5dfc6aa72883 +gpg: Signature made Wed 08 Jan 2020 11:08:15 AM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jan 8 17:08:15 2020 +0100 + + musl-cross-make: replace all cross compilers with musl-cross-make + + Signed-off-by: Trammell Hudson + +commit 6c93a5e85407aa1199fd205d63212e0a7263f5d2 +gpg: Signature made Wed 08 Jan 2020 04:01:21 AM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Jan 8 10:01:21 2020 +0100 + + libksba: fix name of patch file + + Signed-off-by: Trammell hudson + +commit 69f3cc46ab55311d4389408fcba5ec8f37b423f6 +gpg: Signature made Tue 07 Jan 2020 01:01:59 PM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jan 7 19:01:59 2020 +0100 + + libksba: fix qsort handler to sort the string table in a reproducible way + + Signed-off-by: Trammell Hudson + +commit f0f6e80e953a18fe9765c2f6df0e7d0b21a3e4b1 +gpg: Signature made Thu 02 Jan 2020 11:29:11 AM EST +gpg: using RSA key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA +gpg: Good signature from "Alexander Paetzelt | Nitrokey " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 79D0 526B D96A E633 8E62 57BD A885 3020 E8EE 6FBA +Author: alex-nitrokey +Date: Thu Jan 2 17:29:11 2020 +0100 + + Add option to choose GnuPG userinfo during OEM reset + +commit 8af849cadc684259865123195b86317ecfa53528 +gpg: Signature made Fri 06 Dec 2019 10:52:50 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b4a647c485 027ae39abe +Author: tlaurion +Date: Fri Dec 6 10:52:50 2019 -0500 + + Merge pull request #618 from osresearch/musl-cross-pin + + Pin tag of musl-cross, tpmtotp and msrtools + +commit 027ae39abe602a8d229746e100fbf62375563cdf +gpg: Signature made Tue 03 Dec 2019 04:48:10 AM EST +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Tue Dec 3 10:48:10 2019 +0100 + + modules: add module_tar_opt to allow different strip options + + Signed-off-by: Trammell hudson + +commit 28740017d84398bd645a49452ed80cfca8a7bfb3 +gpg: Signature made Mon 02 Dec 2019 11:22:40 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2980eb0522 7370b75945 +Author: tlaurion +Date: Mon Dec 2 23:22:40 2019 -0500 + + Merge pull request #635 from rofl0r/musl-cross-pin + + update musl-cross to 1952975 + +commit 7370b75945681cbf49db392e3e25a3eb839ce533 +Author: rofl0r +Date: Mon Dec 2 23:03:09 2019 +0000 + + update musl-cross to 1952975 + + this should fix issues with compressed ELF header sections. + +commit b4a647c485299253715321111461a8577c68661b +gpg: Signature made Thu 28 Nov 2019 10:53:29 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 81e7c1b636 e177de63d0 +Author: tlaurion +Date: Thu Nov 28 10:53:29 2019 -0500 + + Merge pull request #461 from osresearch/debug-linux + + Enable verbose bootup debugging and set the early serial IO base port + +commit 81e7c1b6363a394f6563e9859423d46f76badc82 +gpg: Signature made Thu 28 Nov 2019 10:52:37 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 61dd9ce2a0 7bc90cd8a2 +Author: tlaurion +Date: Thu Nov 28 10:52:37 2019 -0500 + + Merge pull request #575 from merge/remove_keylime + + initrd: remove unused keylime-init + +commit 61dd9ce2a0319a699abfcb1bb26b336adf91a6fc +gpg: Signature made Thu 28 Nov 2019 10:51:44 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: bd8d1c3e3d 81df949632 +Author: tlaurion +Date: Thu Nov 28 10:51:43 2019 -0500 + + Merge pull request #633 from merge/anykey_text + + oem-factory-reset: Fix description for rebooting when finished + +commit 81df9496323db45a1c71f16d8923e54e27821568 +Author: Martin Kepplinger +Date: Tue Nov 26 18:10:39 2019 +0100 + + oem-factory-reset: Fix description for rebooting when finished + + As is in many cases in Heads, not any key will work, just Enter. + + Signed-off-by: Martin Kepplinger + +commit bd8d1c3e3d90beb2de2c572f9ec63ca53fc1064c +gpg: Signature made Mon 25 Nov 2019 01:47:25 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 8110b6192c 4db6fbd51a +Author: Kyle Rankin +Date: Mon Nov 25 10:47:25 2019 -0800 + + Merge pull request #632 from MrChromebox/password_min + + oem-factory-reset: enforce 8-char min on custom password + +commit 4db6fbd51a66aa01f63797f98568b339d05c5f39 +gpg: Signature made Mon 25 Nov 2019 01:44:56 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Nov 20 16:27:40 2019 -0600 + + oem-factory-reset: enforce 8-char min on custom password + + Since the custom password is used to set the GPG admin + password as well as the TPM and GPG user passwords, an + 8-character minimum is required. Inform the user of this, + and validate custom password length upon entry. + + Signed-off-by: Matt DeVillier + +commit 8110b6192c2c725ca46d27696d4f9343c6d56717 +gpg: Signature made Mon 25 Nov 2019 12:26:07 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 9576a427a0 0dbc748233 +Author: Kyle Rankin +Date: Mon Nov 25 09:26:07 2019 -0800 + + Merge pull request #628 from MrChromebox/hotp_check_boot + + unseal-hotp: ensure /boot mounted before checking HOTP secret + +commit 9576a427a0da457104d574e31f8f6e04c869fbb0 +gpg: Signature made Mon 25 Nov 2019 12:23:21 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ac987a2870 b9fd6e2708 +Author: Kyle Rankin +Date: Mon Nov 25 09:23:21 2019 -0800 + + Merge pull request #627 from MrChromebox/totp_error_prompt + + gui-init: update TOTP error prompt + +commit ac987a2870174b5d0b8183b4747b70a8cd95cad0 +gpg: Signature made Mon 25 Nov 2019 12:22:05 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c55c36ba50 e8fb231bc7 +Author: Kyle Rankin +Date: Mon Nov 25 09:22:05 2019 -0800 + + Merge pull request #626 from MrChromebox/librem_cfgs + + Update Librem configs + +commit c55c36ba5096e389fb8d2857ed258bcfe33ae694 +gpg: Signature made Mon 25 Nov 2019 12:20:48 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 4f0e778582 7998e96b98 +Author: Kyle Rankin +Date: Mon Nov 25 09:20:48 2019 -0800 + + Merge pull request #624 from MrChromebox/purism_resync + + Resync with Purism tree + +commit e8fb231bc7ee45dd35ba4ed235a78020dd6c4569 +gpg: Signature made Thu 21 Nov 2019 04:42:51 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Nov 21 15:38:38 2019 -0600 + + config/coreboot-librem*: disable iGPU IOMMU for Linux payload + + Disabling IOMMU on the iGPU for Heads (mostly) eliminates + display corruption when kexec'ing to new kernel (and has no effect + on iGPU/IOMMU for kexec'ed kernel) + + Signed-off-by: Matt DeVillier + +commit 0dbc748233b2103cf2bbe1b655e952a094268389 +gpg: Signature made Mon 18 Nov 2019 10:56:00 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Sat May 18 20:22:11 2019 -0500 + + unseal-hotp: ensure /boot mounted before checking HOTP secret + + If /boot isn't mounted, we can't read the HOTP counter, so no + point in reading from the TPM. This speeds up getting to the + main menu in the case of an inaccessible or non-existant /boot. + + Signed-off-by: Matt DeVillier + +commit b9fd6e27086fe3ff3dbdfa856bf5cd2e69566da6 +gpg: Signature made Mon 18 Nov 2019 10:46:04 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Aug 21 15:39:34 2019 -0500 + + gui-init: update TOTP error prompt + + Update text on TOTP error prompt to provide better + guidance for users following the use of the OEM + factory reset function + + Signed-off-by: Matt DeVillier + +commit 5d28532a0f1311b3f6832d6f199c466888d558f1 +gpg: Signature made Mon 18 Nov 2019 10:45:06 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Aug 28 10:59:43 2019 -0500 + + board/librem*.config: set default boot device to NVMe + + Automatic /boot detection will fall back to /dev/sd* + + Signed-off-by: Matt DeVillier + +commit 858f0272850eec7b7135c8182c4c70650b9e7259 +gpg: Signature made Mon 18 Nov 2019 10:43:47 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Nov 18 19:12:06 2019 -0600 + + config/coreboot-librem*: drop secondary payloads + + Drop coreinto/memtest secondary payloads as they are not + usable with Linux as primary payload. Leftover copy-pasta + from original SeaBIOS configs. + + Signed-off-by: Matt DeVillier + +commit 7998e96b98bfde7eb4a6911aaf5eb237ece86bef +gpg: Signature made Mon 18 Nov 2019 12:33:25 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Nov 13 17:36:29 2019 -0600 + + functions: check both grub/grub2 dirs for boot files + + Signed-off-by: Matt DeVillier + +commit 4d32b4adf841fff539da5cc8977af0937b565aec +gpg: Signature made Mon 18 Nov 2019 12:33:08 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Nov 13 17:28:12 2019 -0600 + + functions: fix handling of checksum update fail + + If kexec-sign-config fails due to GPG key not present, + the double die() results in a kernel panic (and if it didn't, + /boot would be left mounted RW). Fix this by removing call to + die() and ensuring /boot remounted RO regardless checksum + update success or failure. + + Signed-off-by: Matt DeVillier + +commit 018279b2bf6d30c0bd591e58ca1998647a7e530e +gpg: Signature made Mon 18 Nov 2019 12:31:55 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Kyle Rankin +Date: Thu Nov 7 11:01:49 2019 -0800 + + Add ability to enter custom password for OEM reset + + Normally we resort to default passwords for OEM reset, however we have a + use case where it would be convenient to set a custom password instead. + This patch adds a simple prompt (that defaults to the defaults if you + hit Enter) that enables someone using the OEM reset to enter a single + password that will replace the defaults (TPM, GPG Admin, GPG User). + +commit c14c09b60216a0861538eaf024347010f466eb12 +gpg: Signature made Mon 18 Nov 2019 12:17:35 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Aug 28 10:47:53 2019 -0500 + + flash-gui: clear boot signatures after flashing a cleaned ROM + + If the user chooses to flash a "cleaned" ROM (not persisting settings + or GPG keys) then the signatures on /boot are no longer valid, so clear + them out. This allows for the OEM factory reset prompt to be shown on + the next boot. + + Signed-off-by: Matt DeVillier + +commit 5dc9b0b457bcbd4936697f256667931cdcf525fa +gpg: Signature made Mon 18 Nov 2019 12:16:53 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Aug 28 21:47:45 2019 -0500 + + config-gui: mount new /boot after selection + + Users may wish to temporarily boot an OS from a drive other than + their primary boot drive, without changing the default and saving + to ROM. Mounting /boot after changing the device selection + facilitates this by allowing the user to then choose an unsafe boot + from the newly-selected boot drive. + + Signed-off-by: Matt DeVillier + +commit 0599ce97afc9f8b6141b83ec5acb338bb823280e +gpg: Signature made Mon 18 Nov 2019 12:16:51 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Nov 18 11:13:27 2019 -0600 + + config-gui: fix Save Config option + + when commit [928f003] config-gui: add 'Full Reset' option + was added, the bottom end of the save config option was + accidentally truncated; restore it to fix save config option + + Signed-off-by: Matt DeVillier + +commit 5a4cb4acbbe4c28a8e8502db865eb8b440bc1222 +gpg: Signature made Mon 18 Nov 2019 12:10:15 PM EST +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Nov 13 16:55:16 2019 -0600 + + blobs/librem_*: update CPU microcode + + Update hashes for CPU microcde, git releases repo, precompiled + images used for extraction + + Signed-off-by: Matt DeVillier + +commit 2980eb0522bfaf52f74ccbd33b564089e6abf933 +gpg: Signature made Tue 29 Oct 2019 08:36:04 AM EDT +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Tue Oct 29 13:36:04 2019 +0100 + + pin msrtools and tpmtotp to current git heads + + Signed-off-by: Trammell hudson + +commit e5038e6adf9133a51c80b9699e552a68167db63b +gpg: Signature made Tue 29 Oct 2019 08:26:23 AM EDT +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Tue Oct 29 13:26:23 2019 +0100 + + musl-cross: crossgcc binary changed names (#617) + + Signed-off-by: Trammell hudson + +commit 56aa508b8dd69915a94d237b52e6c428d95c7077 +gpg: Signature made Tue 29 Oct 2019 08:17:36 AM EDT +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Tue Oct 29 13:15:56 2019 +0100 + + musl-cross: pin to a specific checkout (#617) + + Add `--strip 1` to tar file extraction in the `Makefile`, + which ensures that the directory name in `build/` will + match the one listed in `$($(MODULE)_dir)`. + + Signed-off-by: Trammell hudson + +commit 4f0e7785824591c0e4463f459eff570904e09207 +gpg: Signature made Tue 29 Oct 2019 07:52:55 AM EDT +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Tue Oct 29 12:52:27 2019 +0100 + + musl-cross: update patch for recent git commits (#617) + + Signed-off-by: Trammell hudson + +commit 5d91d6a099201a260a2dbabd1b63da4673abf276 +gpg: Signature made Mon 30 Sep 2019 01:21:58 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b7f2249b66 71a2ddfb1e +Author: Kyle Rankin +Date: Mon Sep 30 10:21:57 2019 -0700 + + Merge pull request #612 from MrChromebox/patch-1 + + update Librem blobs + +commit 71a2ddfb1e69772a418c4d919fa9d1d72f50232f +gpg: Signature made Mon 30 Sep 2019 01:14:56 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: MrChromebox +Date: Mon Sep 30 12:12:36 2019 -0500 + + blobs/librem_kbl: update get_blobs script + + update file hashes to match Purism fork + +commit 5fa06316cfc125c29c6ec3fe07f234cab91dc8d4 +gpg: Signature made Mon 30 Sep 2019 01:14:15 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: MrChromebox +Date: Mon Sep 30 12:10:58 2019 -0500 + + blobs/librem_skl: update get_blobs script + + update file hashes to match Purism fork + +commit b7f2249b665705939dc4eca67d11553c72164f4b +gpg: Signature made Fri 23 Aug 2019 10:39:04 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c5999d9b12 aab9004c53 +Author: Kyle Rankin +Date: Fri Aug 23 07:39:04 2019 -0700 + + Merge pull request #606 from MrChromebox/oem-factory-reset + + OEM factory reset + +commit aab9004c5303ca37fb9adf8c86f854b3ad5fe93d +gpg: Signature made Wed 21 Aug 2019 06:10:25 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Aug 19 17:09:42 2019 -0500 + + gui-init: add clean boot check + + Add a check to determine if first boot after flashing a cleaned + ROM, and prompt user to run the OEM Factory Reset if so + + Signed-off-by: Matt DeVillier + +commit ba23fb7ac2ce81adaf692b7cd3fc5fc380668697 +gpg: Signature made Wed 21 Aug 2019 06:10:24 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Aug 16 09:35:40 2019 -0500 + + gpg-gui: remove OEM factory reset option + + superseded by newer version in main options menu + + Signed-off-by: Matt DeVillier + +commit d8bcc7b841660a633f689296916302cf72d38356 +gpg: Signature made Wed 21 Aug 2019 06:10:24 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Aug 16 09:33:17 2019 -0500 + + gui-init: add OEM Factory Reset to options menu + + Add an OEM Factory Reset menu option, which performs an + unattended reset and configuration of the device's TPM, + GPG security token, and boot device / boot selection. + + Signed-off-by: Matt DeVillier + +commit f067d9af234be0985295d6b5913aee45726e8219 +gpg: Signature made Wed 21 Aug 2019 06:10:23 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Aug 15 13:36:05 2019 -0500 + + initrd/bin: add OEM Factory Reset + + Add oem-factory-reset script which performs an unattended + reset and configuration of the device's TPM, GPG security token, + and boot device / boot selection. + + Signed-off-by: Matt DeVillier + +commit 4f54a97cf208e28f624a206ad62469966b8c726e +gpg: Signature made Wed 21 Aug 2019 06:10:23 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Aug 19 17:07:22 2019 -0500 + + etc/function: add detect_boot_device() + + Add function to detect boot device. Start by checking + CONFIG_BOOT_DEV, then iterate thru all bootable partitions. + Check if partition is mountable, contains grub directory. + + Update CONFIG_BOOT_DEV and mount on /boot if successful. + + Signed-off-by: Matt DeVillier + +commit c5999d9b1204862b628a62985784c62aa75f414b +gpg: Signature made Wed 21 Aug 2019 06:04:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: b532315733 a27affcc7d +Author: Kyle Rankin +Date: Wed Aug 21 15:04:59 2019 -0700 + + Merge pull request #600 from MrChromebox/ux_tweaks_2 + + UX Tweaks [2/2] + +commit b5323157335d02f22fdb184c070e45f40294b4a9 +gpg: Signature made Sun 11 Aug 2019 11:06:03 AM EDT +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: c1232239e9 a37e1f434d +Author: Trammell hudson +Date: Sun Aug 11 17:05:55 2019 +0200 + + Merge branch 'msrtools' + +commit a27affcc7d751018f0e9bd5c685e4fd04a4f1908 +gpg: Signature made Mon 05 Aug 2019 12:06:48 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Jul 31 22:53:04 2019 -0500 + + flash.sh: persist serial in cbfs + + Librem devices store their serial number as a text file + in cbfs; persist this across flashes. + + Signed-off-by: Matt DeVillier + +commit e8e1032027d646615a007bf48282c0f9bbf66520 +gpg: Signature made Mon 05 Aug 2019 12:03:47 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 9 16:53:40 2019 -0500 + + gpg_add_key_reflash: handle user cancellation + + if user chooses abort option, exit without flashing ROM + + Signed-off-by: Matt DeVillier + +commit c33209add18122894c10b8fef810de7eec04d559 +gpg: Signature made Mon 05 Aug 2019 12:03:47 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 9 16:46:14 2019 -0500 + + confirm_gpg_card: prompt for retry on detection failure + + Initial card detection can sometimes fail, so prompt the user + to remove/reinsert their GPG card before retrying. Since + errexit is likely set, disable it prior to calling --card-status so + we can handle the error ourself, then re-set if necessary when done. + + Signed-off-by: Matt DeVillier + +commit 5ff3849c169e8afe0ea61cc995cf3c70e192b059 +gpg: Signature made Mon 05 Aug 2019 12:03:46 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 9 11:43:06 2019 -0500 + + kecec_select_boot: default to Y when setting new boot option + + Next prompt will be to ensure GPG key is attached, which defaults + to Y, so default here as well for consistency + + Signed-off-by: Matt DeVillier + +commit 29f89ae47b33ee827dd8a29c89a745ba500457c6 +gpg: Signature made Mon 05 Aug 2019 12:03:46 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 9 11:41:31 2019 -0500 + + gpg_flash_rom(): ensure files exist before adding to CBFS + + Check that any files added to cbfs exist before attempting to + add them, so flashing doesn't fail after a reset. + + Signed-off-by: Matt DeVillier + +commit 928f003550dbe48fe25205fe5e9911b6423d9191 +gpg: Signature made Mon 05 Aug 2019 12:03:45 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Tue Jul 9 09:02:46 2019 -0500 + + config-gui: add 'Full Reset' option + + Add Full Reset option to clear all GPG keys and user settings, + both from the local filesystem and running firmware, and + clear/reset the TPM + + Signed-off-by: Matt DeVillier + +commit 0690c8c011ea188f078564422594691804213927 +gpg: Signature made Mon 05 Aug 2019 12:03:45 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 8 22:27:40 2019 -0500 + + gui-init: use direct boot device selection + + If the boot device is invalid or unabled to be mounted + and the user opts to select a new boot device, jump + directly to that menu option and avoid the additional + step of showing the config main menu. + + Signed-off-by: Matt DeVillier + +commit 258783e98e34a038e5b4448b320910baf02e9f17 +gpg: Signature made Mon 05 Aug 2019 12:03:45 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 8 22:25:57 2019 -0500 + + gui-init: don't reboot after updating TOTP/HOTP + + Updating TOTP/HOTP is mainly necessary after a user updates + their firmware, and no need to force another reboot. + + Signed-off-by: Matt DeVillier + +commit c982be5bd48314bb3e20ca4a277995a19192a697 +gpg: Signature made Mon 05 Aug 2019 12:03:44 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 8 22:23:04 2019 -0500 + + config-gui: filter out invalid boot device options + + use similar filtering logic as with USB drives to provide + the user a more sane list of boot device options. Show user + only valid bootable partitions, not block devices. + + There's no point in showing /dev/nvme0 and /dev/nvme0n1 (eg) + when /dev/nvme0n1p[1..n] (eg) exist, as the former are not + valid boot devices. + + Signed-off-by: Matt DeVillier + +commit 34394032defb73ddd7f099ab5820364f854a29fe +gpg: Signature made Mon 05 Aug 2019 12:03:44 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 8 22:20:45 2019 -0500 + + config-gui: add optional param to bypass menu + + Add optional parameter to bypass menu selection and + immediately select a menu option. This allows us to call + the 'Set Boot Device' option directly, saving the user + an unnecessary step. + + Signed-off-by: Matt DeVillier + +commit 5ca3069b2387d937decceb60debf410652f386ab +gpg: Signature made Mon 05 Aug 2019 12:03:43 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 8 22:19:27 2019 -0500 + + config-gui: add optional param to set file_selector title + + Signed-off-by: Matt DeVillier + +commit c1232239e95c48bc242318ff6587bd9a42b3966f +gpg: Signature made Fri 02 Aug 2019 01:53:18 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 20d79f5ab5 0d51b62ebb +Author: Kyle Rankin +Date: Fri Aug 2 10:53:18 2019 -0700 + + Merge pull request #593 from MrChromebox/ux_tweaks + + UX Tweaks [1/2] + +commit a37e1f434dc1bb232ab05a1f48d537d28c85d7a0 +gpg: Signature made Tue 30 Jul 2019 09:36:57 AM EDT +gpg: using RSA key E157D2B23F605B99A3E297760F948052DDECBE68 +gpg: issuer "hudson@trmm.net" +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Tue Jul 30 15:36:57 2019 +0200 + + add Intel msrtools commands + +commit 0d51b62ebb9ae831b58b3fcbc7508e464271c3a6 +gpg: Signature made Fri 12 Jul 2019 12:51:19 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon Jul 8 22:16:57 2019 -0500 + + gpg-gui: add option to replace existing key(s) + + Introduce option to remove any existing key(s) from firmware + and add a user-suppled key, before reflashing. + + Move existing code for adding a new key to a separate function + so it can be reused for new feature without duplication. + + Signed-off-by: Matt DeVillier + +commit b1d57dac66e50ebb5f2c04427ba29abc1480a1f1 +gpg: Signature made Fri 12 Jul 2019 12:51:19 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Sun Jul 7 20:47:04 2019 -0500 + + gui-init: retry mounting /boot after device changed + + If CONFIG_BOOT_DEV isn't set or otherwise fails to mount, + we prompt the user to change the /boot device, but never + attempt to mount it to ensure it's sane, leading to + potential failures later in the config/boot process. + + Ensure that CONFIG_BOOT_DEV is updated after the /boot device + is changed, and attempt to re-mount /boot after the change. + + Signed-off-by: Matt DeVillier + +commit 57c4207bf89ef929450a6c4f271e9e47b2cd63c2 +gpg: Signature made Fri 12 Jul 2019 12:51:19 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Sun Jul 7 20:45:36 2019 -0500 + + gpg_flash_rom: persist user config when flashing + + If the user has changed the /boot config but not yet flashed, + it's reasonable for them to expect that flashing to add/update + a GPG key won't revert those changes. + + Signed-off-by: Matt DeVillier + +commit 6fc5571289d3e45d344c3a7329f36ac1c4172712 +gpg: Signature made Fri 12 Jul 2019 12:51:18 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 5 18:02:27 2019 -0500 + + boards/librem15v[3,4]: add missing background colors + + The error/warning background gradient colors were defined + for the librem 13 boards, but not for the librem 15 ones. + Add the missing exports. + + Signed-off-by: Matt DeVillier + +commit a9e494f670ebf9b5ac2c431c94ae6ac1d41608a0 +gpg: Signature made Fri 12 Jul 2019 12:51:18 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 5 17:07:06 2019 -0500 + + gpg-gui: prompt user to update checksums after adding key + + In order to streamline the initial setup, prompt user to + update checksums/sign /boot files after adding a key and + updating the firmware, in order to avoid an extra reboot. + + Signed-off-by: Matt DeVillier + +commit ed2f19d862dd4aec085ca76dc9cf87e4d92f1ab8 +gpg: Signature made Fri 12 Jul 2019 12:51:18 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jul 5 17:04:00 2019 -0500 + + gui-init: move update_checksums() to /etc/functions + + Move the non-GUI component of update_checksums() to + /etc/functions so it can be reused outside of gui-init. + + Add check that /boot/kexec_default_hashes.txt exists before parsing + it, since doesn't exist if there's no default boot target set yet. + Eliminates spurious error text and/or premature exit depending on + state of errexit. + + Signed-off-by: Matt DeVillier + +commit db5d282a7bb92aa1765ed1febdc63dd92d015c78 +gpg: Signature made Fri 12 Jul 2019 12:51:17 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri Jun 28 23:26:20 2019 -0500 + + seal-libremkey: add newlines for readability + + improve readability of console output by adding newlines as needed + + Signed-off-by: Matt DeVillier + +commit 94f7f9802297c59022d93ca73f336b3ac390192d +gpg: Signature made Fri 12 Jul 2019 12:51:17 PM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Thu Jun 27 17:30:54 2019 -0500 + + gui-init: update Settings, Boot Options menu text + + 'Options' makes more sense than 'Settings' given the submenu's contents. + Tidy up Boot Options as well + + Signed-off-by: Matt DeVillier + +commit 20d79f5ab54957e18322fa010b92b8376b33ae7f +gpg: Signature made Tue 25 Jun 2019 11:52:06 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a29c10ad51 6cfbc86618 +Author: Kyle Rankin +Date: Tue Jun 25 08:52:06 2019 -0700 + + Merge pull request #589 from MrChromebox/small_fixes + + Small fixes + +commit a29c10ad51e3a556decba0ebc98e42391dfc8a7e +gpg: Signature made Tue 25 Jun 2019 11:48:42 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f4b5ea9d04 77949c9cff +Author: Kyle Rankin +Date: Tue Jun 25 08:48:42 2019 -0700 + + Merge pull request #588 from MrChromebox/hotp_fixes + + HOTP fixes + +commit 6cfbc86618ae05908ca035aa59ba43e48c0c2a0d +gpg: Signature made Tue 25 Jun 2019 11:07:14 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Jun 19 16:27:44 2019 -0500 + + initrd: don't mount efivars fs on non-linuxboot systems + + it doesn't exist and produces a spurious error on Heads systems + + Signed-off-by: Matt DeVillier + +commit 4a85c85336130b801c178741ed7246bdfc3eabef +gpg: Signature made Tue 25 Jun 2019 11:06:55 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Wed Jun 19 16:27:05 2019 -0500 + + gui-init: load USB modules at startup + + ensures external USB keyboards are accessible + + Signed-off-by: Matt DeVillier + +commit 2686c836c6aa8abfb6ee605c3bd2987d1028b701 +gpg: Signature made Tue 25 Jun 2019 11:06:32 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Mon May 27 11:45:09 2019 -0500 + + gui-init: ensure /boot is sane first thing + + Before anything else, ensure that a default boot device + is set. If not, prompt the user to set one. If set, ensure + that /boot can be mounted successfully; else prompt the + user to select a new boot device. + + Signed-off-by: Matt DeVillier + +commit f772f2d088cb69e0642bc5ff646690959b887e6c +gpg: Signature made Tue 25 Jun 2019 11:04:46 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Sat May 18 20:22:11 2019 -0500 + + unseal-hotp: ensure /boot mounted before checking HOTP secret + + If /boot isn't mounted, we can't read the HOTP secret, so no + point in reading from the TPM. This speeds up getting to the + main menu in the case of an inaccessible or non-existant /boot, + and maintains the warning condition from not being able to + validate the HOTP. + + Signed-off-by: Matt DeVillier + +commit 65d669d408d212729a4bf01ac28f5261b6596397 +gpg: Signature made Tue 25 Jun 2019 11:01:27 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Sat May 18 20:13:32 2019 -0500 + + Skip prompt to set default boot when booting from USB + + Since a USB boot target can't be the default (at least currently, + /boot must be on internal media), skip the extraneous prompt to + set it as such when booting from USB. + + Signed-off-by: Matt DeVillier + +commit 3306dbb66d2859edd095cb6707c532e9ca23d93e +gpg: Signature made Tue 25 Jun 2019 11:01:01 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Sat May 18 20:02:05 2019 -0500 + + flash-gui: clean up ROM list + + Exclude dot folders from ROM search path, so that files in + .Trash (eg) aren't shown. Sort the remaining options. + + Signed-off-by: Matt DeVillier + +commit e0e0019250ee5904d036d310d820db88c0575d0d +gpg: Signature made Tue 25 Jun 2019 10:57:34 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Sat May 18 19:59:22 2019 -0500 + + kexec-select-boot: correct order of USB boot options + + Using sort on USB boot options produces a reverse-ordered list, + leading users to often select the wrong option. Add the -r + parameter to sort to correct the list order and make the default + option the first in the list. + + Signed-off-by: Matt DeVillier + +commit 5eb758711da626d952e03bb9b8b4c8d1fd346dc7 +gpg: Signature made Tue 25 Jun 2019 10:57:06 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri May 17 18:07:07 2019 -0500 + + unseal-hotp: fix/rename mount_boot() + + Because of the way unseal-hotp is called from gui-init, + dropping to a recovery shell when failing to mount /boot + causes it to hang, leaving the user stranded until they + kill it with CTRL+C. Instead, simply return and continue + to the main GUI menu where the user can address the problem. + + Rename the function to clarify difference from other versions + of mount_boot() which do drop to the recovery shell. + + Signed-off-by: Matt DeVillier + +commit 77949c9cffef0566093d61fd1ceb373865b032d4 +gpg: Signature made Tue 25 Jun 2019 12:30:39 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri May 24 18:29:58 2019 -0500 + + libremkey_hotp_initialize: handle spaces in admin pin/pass + + Fix HOTP verfication failure if LK admin pin/passphrase contains + spaces by quoting the variables when passed to functions. + + Test: set LK admin pin to passphrase with spaces, generate + new TOTP/HOTP, verification passes. + + Signed-off-by: Matt DeVillier + +commit 286303d95cc8d17504516bb181ea4e8d76fab2bd +gpg: Signature made Tue 25 Jun 2019 12:29:07 AM EDT +gpg: using RSA key 8D6066CF922E52796F187ABE2BBB776A35B978FD +gpg: Good signature from "Matt DeVillier " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 8D60 66CF 922E 5279 6F18 7ABE 2BBB 776A 35B9 78FD +Author: Matt DeVillier +Date: Fri May 24 11:50:27 2019 -0500 + + libremkey-hotp-verification: pass in key file directly + + Reading the file into a variable and then redirecting to stdin + via echo() can cause the binary data to be truncated, leading + to an invalid base32 value and failure to properly generate + and validate the HOTP code. + + To resolve this, pass the file directly to hotp(), and ensure + it is removed properly regardless of success or failure to + prevent leakage. + + Fixes "Invalid base32 string" error seen when attempting to + generate a new TOTP secret. + + Signed-off-by: Matt DeVillier + +commit f4b5ea9d0481911b13237e25d6876574192c2dc0 +gpg: Signature made Mon 27 May 2019 12:27:50 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: eb31354085 186895d414 +Author: Kyle Rankin +Date: Mon May 27 09:27:50 2019 -0700 + + Merge pull request #576 from merge/power_off_gui + + gui-init: reorder, simplify main menu entries and add Power Off entry + +commit 186895d414957011dc279b5a3c6f2150cc2c70b1 +Author: Martin Kepplinger +Date: Sun May 26 19:00:41 2019 +0200 + + gui-init: move Refresh TOTP/HOTP to the Main Boot Menu + + also, rename the current menu entry to being smaller and simpler. + + Closes #574 + +commit e203de9669fc595b7f9f27e9dfdf1e7421c476b9 +Author: Martin Kepplinger +Date: Sat May 25 10:22:59 2019 +0200 + + gui-init: rename Advanced Settings to Settings + + Since there are no other settings to choose from, there don't have to + be "advanced" ones. + +commit 0dc8d9f82e494090b6f9e545ac388ba52488e348 +Author: Martin Kepplinger +Date: Fri May 24 23:25:22 2019 +0200 + + gui-init: move Exit to Shell menu entry under Advanced Settings + + Exiting the GUI to a shell is not expected to be part of our users' + everyday workflow, and thus this menu entry doesn't have to be on + the main page. + +commit fbe39745b49123ab5ef8f72dd99e8e6262a3052a +Author: Martin Kepplinger +Date: Fri May 24 11:23:28 2019 +0200 + + gui-init: add Power Off to the Main Boot Menu + + Add a main boot menu entry to power off. This enables users to + only verify the firmware integrity using OTP, and do nothing more. + + After having left the device out of sight, one might want to do + a quick sanity check only. + + Since we already have a script to safely power down, we make use of + it now. + +commit 7bc90cd8a202d476fbfbd1774af8604c2f8ef0c2 +Author: Martin Kepplinger +Date: Thu May 23 09:39:35 2019 +0200 + + initrd: remove unused keylime-init + + Besides the fact that keylime-init uses a local network location for + downloading something, it is unused. Remove dead code. Was is this + anyways? + +commit eb31354085d0ab5f6aa959e51ba4955d2c84d49b +gpg: Signature made Thu 23 May 2019 11:21:53 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 26b9c4ce59 00bf4740e3 +Author: tlaurion +Date: Thu May 23 23:21:53 2019 -0400 + + Merge pull request #573 from merge/x230-flash-command-fix + + initrd: x230-flash: fix commandline instructions for flashing + +commit 00bf4740e3c08feb1870f4c7b4dd7823681bf22c +Author: Martin Kepplinger +Date: Thu May 23 13:09:18 2019 +0200 + + initrd: x230-flash: fix commandline instructions for flashing + + flashrom-x230.sh is now flash.sh + +commit 26b9c4ce59df65a3bfe3bd8de2dbfbeaa60eb88d +gpg: Signature made Wed 22 May 2019 01:48:27 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 33bc720236 ae916cbd91 +Author: tlaurion +Date: Wed May 22 13:48:27 2019 -0400 + + Merge pull request #567 from merge/git_submodule_checkout + + Makefile: add submodule checkout after git cloning coreboot + +commit 33bc7202367dc2313c4efd23366bf5d4ff437f6b +gpg: Signature made Wed 22 May 2019 01:47:56 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: cccb846a4c 6a28462794 +Author: tlaurion +Date: Wed May 22 13:47:56 2019 -0400 + + Merge pull request #570 from merge/x220_build_instruction_fix + + blobs/x220: fix build instruction + +commit 6a28462794b12975bbbc9b07463495a6b92517a0 +Author: Martin Kepplinger +Date: Wed May 22 10:40:02 2019 +0200 + + blobs/x220: fix build instruction + +commit cccb846a4cdabd2a163bc0db3e707cc456e7f77b +gpg: Signature made Wed 22 May 2019 12:13:24 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: e6cfe38797 a4effd9167 +Author: tlaurion +Date: Wed May 22 00:13:24 2019 -0400 + + Merge pull request #565 from merge/linux_remove_debug + + config/linux-x230: remove debug symbols + +commit e6cfe38797409633ae8466baddbeabad4f94071e +gpg: Signature made Tue 21 May 2019 01:23:59 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Tue May 21 13:23:59 2019 -0400 + + Strip README.md of outdated instructions + + - dm-verity related instruction stripped (see https://github.com/osresearch/heads-wiki/issues/26) + - stripped Xen parts saying it needed to be patched. Was resolved by patching kexec instead of Xen (https://github.com/osresearch/heads/issues/227#issuecomment-369043638) + - Added a link to heads-wiki for documentation needs + +commit ae916cbd9173dd1f47b0a1588ed5008266450f1a +Author: Martin Kepplinger +Date: Tue May 21 13:35:50 2019 +0200 + + Makefile: add submodule checkout after git cloning coreboot + + Right now all git submodules are left behind on a git clone. Add + git submodule update --init --checkout according to the docs, see + https://www.coreboot.org/Build_HOWTO + +commit a4effd916720aae8c7afca61b42852c76204f3f4 +Author: Martin Kepplinger +Date: Mon May 20 13:04:58 2019 +0200 + + config/linux-x230: remove debug symbols + + Remove debug symbols and dynamic debug support from Linux. This reduces + our resulting bzImage by 100K. + + This should help when size becomes even more limited, see #562 + +commit 08ad2d4d2085222e4cbda1f246844844ab8e2335 +gpg: Signature made Fri 03 May 2019 09:20:22 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 124ae916f4 73c6f3fcc0 +Author: tlaurion +Date: Fri May 3 09:20:22 2019 -0400 + + Merge pull request #559 from heads105/fc30kexec2 + + Parse grub config files for Fedora 29/30 + +commit 73c6f3fcc0e50b658621f296ad3d8fbe15b8e2ad +Author: paul +Date: Thu May 2 22:23:59 2019 +0100 + + Parse grub config files for Fedora 29/30 + +commit 124ae916f40a65a47094c2609340f33be19e03bf +gpg: Signature made Wed 01 May 2019 03:32:35 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ca067385bd 260507cafd +Author: tlaurion +Date: Wed May 1 15:32:35 2019 -0400 + + Merge pull request #558 from tlaurion/reverse_fedora_30_breaks_qubes + + Revert "Support Fedora 30 boot configuration" + +commit 260507cafd2d88bc8c25196f7b6d58a73791a66c +gpg: Signature made Wed 01 May 2019 02:26:26 PM EDT +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Wed May 1 14:26:15 2019 -0400 + + Revert "Support Fedora 30 boot configuration" + + This reverts commit bc5343c626fed8dd43b512f2a2cedcfddfcfe7c8. + +commit ca067385bd9c072c7aee052e8e24fe22e4618d1b +gpg: Signature made Wed 01 May 2019 09:07:25 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: fe9807cb1f efd6b066a2 +Author: tlaurion +Date: Wed May 1 09:07:25 2019 -0400 + + Merge pull request #546 from kylerankin/add_gpg_sc_keygen + + Add GPG smartcard keygen feature + +commit fe9807cb1fb1e16430cb40ef2e5ef3dfee3df5cd +gpg: Signature made Wed 01 May 2019 09:06:52 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: cd92b2d585 bc5343c626 +Author: tlaurion +Date: Wed May 1 09:06:52 2019 -0400 + + Merge pull request #557 from heads105/fc30kexec + + kexec-select-boot not compatible with Fedora 30 + +commit bc5343c626fed8dd43b512f2a2cedcfddfcfe7c8 +Author: paul +Date: Tue Apr 30 12:32:30 2019 +0100 + + Support Fedora 30 boot configuration + +commit 9c18962f41b62a72249daabaf1dd7c85f9ebe098 +Author: paul +Date: Mon Apr 29 15:36:25 2019 +0100 + + Enable busybox loadkmap command + +commit cd92b2d585b966390ebdaa5c0f4409cbc056cb33 +gpg: Signature made Sat 27 Apr 2019 01:42:41 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: dac412a798 6080219d85 +Author: tlaurion +Date: Sat Apr 27 13:42:41 2019 -0400 + + Merge pull request #554 from tlaurion/pinentry_remove_gtk_gnome3 + + Fedora 30 fix for pinentry: remove gtk and gnome3 support. + + Tested on fedora-29 clean build and fedora-30 beta. Good enough. + +commit 6080219d85daeda7319a9d98da01f18b4386b29d +gpg: Signature made Sat 27 Apr 2019 01:40:12 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Sat Apr 27 13:40:12 2019 -0400 + + tabs required instead of spaces... + +commit a15504b41463ba4ba484b5be008452199c27e306 +gpg: Signature made Sat 27 Apr 2019 01:36:05 PM EDT +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Sat Apr 27 13:36:05 2019 -0400 + + Fedora 30 fix for pinentry: remove gtk and gnome3 support. TODO: remove all unneeded config options for ALL modules + +commit dac412a798954f2c85d930913d1916bd6a5dd8b4 +gpg: Signature made Tue 23 Apr 2019 03:59:26 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: decffe8e15 76a068935d +Author: tlaurion +Date: Tue Apr 23 15:59:26 2019 -0400 + + Merge pull request #548 from kylerankin/add_dynamic_usb_detection + + Detect USB disk dynamically + +commit decffe8e15508ca0feb5b809d41f2e2147bde660 +gpg: Signature made Mon 22 Apr 2019 09:55:54 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 2ebf8e2c1a 64c830e652 +Author: tlaurion +Date: Mon Apr 22 21:55:54 2019 -0400 + + Merge pull request #457 from osresearch/make-4.2.1 + + Make 4.2.1, hashes, external coreboot crossgcc, circleci and other fixes + +commit 64c830e65292eee967d479097726eaa4e414c260 +gpg: Signature made Mon 22 Apr 2019 09:53:43 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: aeb59e1b48 2ebf8e2c1a +Author: tlaurion +Date: Mon Apr 22 21:53:43 2019 -0400 + + Merge branch 'master' into make-4.2.1 + +commit 2ebf8e2c1ad3ccf4c4d645f018a4dfa11d3385d1 +gpg: Signature made Sat 20 Apr 2019 10:48:27 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7a755a879e 553cf0958b +Author: tlaurion +Date: Sat Apr 20 22:48:27 2019 -0400 + + Merge pull request #549 from kylerankin/flash_script_ui + + Improve flash GUI documentation + +commit 553cf0958b1c8122c8415540e422aba224bbbdd3 +gpg: Signature made Fri 19 Apr 2019 05:11:55 PM EDT +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Fri Apr 19 14:11:45 2019 -0700 + + Add dynamic USB device detection + + Instead of relying on a hard-coded USB disk, it would be better if the + mount script attempted to dynamically detect available USB disks. This + modification to the USB mount script attempts to handle the common case + of a single USB disk but can also handle the case of multiple disks + where it will present the user with all available USB disks + +commit 7a755a879ec241f59f30eabe88f6e99a2fdc80f0 +gpg: Signature made Fri 19 Apr 2019 11:36:51 AM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1d14f264dc 1fda1fffb0 +Author: Kyle Rankin +Date: Fri Apr 19 08:36:51 2019 -0700 + + Merge pull request #537 from tlaurion/xen_cmdline_appended_not_flushed + + Keep Xen cmdline arguments while appending Heads required ones. + +commit efd6b066a2b679899816fedf51c01b01638f0add +gpg: Signature made Fri 19 Apr 2019 11:38:43 AM EDT +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Fri Apr 19 08:35:01 2019 -0700 + + Add a "Factory reset" GPG option + + This mimics tlauion's OEM work in the sense that a user (or OEM) could + choose this option and it will reset an OpenPGP smart card and + automatically generate a random key on it. The idea is to allow an OEM + to set up a Librem Key and Heads on a machine before shipping with a + random key, so the user can test for tampering when they receive the + machine, and then the user can choose to reset all of the keys with + their chosen keys after that fact. + +commit 76a068935d59cef42398f6f106a9930ceb9380d7 +gpg: Signature made Tue 16 Apr 2019 03:55:24 PM EDT +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Tue Apr 16 12:55:00 2019 -0700 + + Bugfixes to mount-usb + + This change fixes some edge cases where a single usb disk was inserted + with multiple partitions on it, among others. + +commit 152689d5d584dfa144b7a725dbd2727490871ef0 +gpg: Signature made Mon 15 Apr 2019 06:06:49 PM EDT +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Mon Apr 15 15:05:03 2019 -0700 + + Detect USB disk dynamically + + Currently Heads relies on a hard-coded config value to determine which + USB disk to mount. This can be problematic when trying to distribute a + pre-built version of Heads that can work on multiple disk + configurations. I've modified the USB mounting script so that it + attempts to detect all USB boot disks present on the system, pick sane + defaults, and prompt the user when there are multiple choices. + + I've also removed the USB configuration option from config-gui.sh as + this config option is no longer used. + +commit c028f7752e40b8f8f4f1ee8416c271a5565566da +gpg: Signature made Wed 10 Apr 2019 12:37:43 PM EDT +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Wed Apr 10 09:34:31 2019 -0700 + + Add GPG smartcard keygen feature + + This change updates the very basic GPG smartcard feature in the GPG GUI + so that it can properly support generating a key from within Heads. It + offers the user the option to copy the generated GPG public key to a USB + thumb drive so it's not lost as well as the option to reflash the + current Heads BIOS with this new public key added to the keyring. + + I've moved the common functions required to flash a new ROM with GPG + changes into a shared function at the top of the script. + +commit 1fda1fffb03ee9091701902f30591a5ff485fd1b +gpg: Signature made Sun 17 Mar 2019 07:37:31 PM EDT +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Sun Mar 17 19:33:55 2019 -0400 + + Keep Xen cmdline arguments while appending Heads required ones. Fixes #536 + +commit 1d14f264dca10b1437435d7e05686eff9fe5acdf +gpg: Signature made Mon 04 Mar 2019 12:38:53 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 6612352a60 92fdb0392b +Author: Kyle Rankin +Date: Mon Mar 4 09:38:53 2019 -0800 + + Merge pull request #534 from MrChromebox/use_purism_blobs + + get_blobs: extract blobs from precompiled Purism coreboot images + +commit 92fdb0392b7789cd47db8aeb7460bc0b161c24d5 +Author: Matt DeVillier +Date: Fri Mar 1 01:10:09 2019 -0600 + + get_blobs: extract blobs from precompiled Purism coreboot images + + Rather than download large repositories of files from sources we + don't control and patch files as needed, simply extract the + files from precompiled, known good Purism coreboot images. + + This offers multiple advantages: + - single source for all blobs, which we control + - significantly smaller download requirements for end user + - significantly less script complexity + - much, much faster + + Signed-off-by: Matt DeVillier + +commit 6612352a60d0d3a5f5db3dc2a79bba4b606e4652 +gpg: Signature made Thu 28 Feb 2019 04:12:25 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 1acdb98cfe 8b28e49459 +Author: tlaurion +Date: Thu Feb 28 16:12:25 2019 -0500 + + Merge pull request #496 from strugee/better-mirror-url + + Improve mirror URLs + +commit 1acdb98cfe37d0754c2e151c1122000ab0e1d0db +gpg: Signature made Wed 27 Feb 2019 04:46:37 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c341609488 2740317d67 +Author: tlaurion +Date: Wed Feb 27 16:46:37 2019 -0500 + + Merge pull request #526 from tlaurion/shred_secrets + + Use shred instead of rm on secret related files. + +commit 2740317d67dfe3aa185ff501e6391ba3cf785d6f +gpg: Signature made Sun 24 Feb 2019 11:11:00 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Sun Feb 24 11:11:00 2019 -0500 + + shred TOTP_SECRET also when generation is successful + +commit 8310a3d62eb3aff2ce39f8c08e6a6e54f9219557 +gpg: Signature made Sun 24 Feb 2019 10:29:09 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Fri Feb 22 10:52:35 2019 -0500 + + also shred LUKS sealed secret when done instead of rm it + +commit b3a6c285c8ac8596a654571023132bcbf5c754c9 +gpg: Signature made Sun 24 Feb 2019 10:29:07 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Fri Feb 22 10:48:00 2019 -0500 + + also shred LUKS key when done instead of rm it + +commit 9fbfb41a71a9889c8c80ab3595e3f513ad613758 +gpg: Signature made Sun 24 Feb 2019 10:29:05 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Thu Feb 21 20:17:16 2019 -0500 + + reverting shred on a file that is not a secret to be shredded + +commit 14c76d062c199f17ff6369091a80d2885cb54914 +gpg: Signature made Sun 24 Feb 2019 10:28:57 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Thu Feb 21 20:16:02 2019 -0500 + + supress errors on console when files don't exist (equivalent of rm -f) + +commit 0722d42d659ee99006f06e6e2b5d091f9b017dbe +gpg: Signature made Sun 24 Feb 2019 10:27:20 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Sat Feb 16 12:26:51 2019 -0500 + + using shred instead of rm on secret related files. + +commit c341609488da662eb1a00b0fc568f3c4e892ee4b +gpg: Signature made Thu 21 Feb 2019 05:58:08 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 405f4dd00c 70f809187b +Author: tlaurion +Date: Thu Feb 21 17:58:08 2019 -0500 + + Merge pull request #530 from cawilliamson/master + + Add support for EXT2 (via the EXT4 driver) + +commit 405f4dd00ca4c4d171361a7e59f33af80296dff4 +gpg: Signature made Wed 20 Feb 2019 12:02:00 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c6619818ff 1bb8184143 +Author: tlaurion +Date: Wed Feb 20 12:02:00 2019 -0500 + + Merge pull request #528 from tlaurion/qemu-gui-init_optional + + qemu-coreboot board: switch back to generic init in non-FBWhiptail mode + + This is following a dev request. Not waiting for approval since it's a commented revert. + +commit c6619818ffe69be07b041246650a44961ed24125 +gpg: Signature made Wed 20 Feb 2019 10:40:23 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 50172f21e5 ccdef58982 +Author: tlaurion +Date: Wed Feb 20 10:40:23 2019 -0500 + + Merge pull request #522 from kylerankin/add_gpg_gui + + It makes more logical sense for GPG functions to be split out into their + own menu instead of being part of the "Flash" menu. This creates a + gpg-gui.sh script and moves GPG options there while adding a few + additional features (like listing keys and initial smartcard key + generation support). + +commit 70f809187bc66cc3bb5d7bbff146461425b57de8 +Author: Christopher A. Williamson +Date: Tue Feb 19 21:16:52 2019 +0000 + + Disable EXT2 standard driver (replaced by EXT4 driver) + +commit ccdef58982a9df5a643068c5e340a8f99ecc3d5f +gpg: Signature made Tue 19 Feb 2019 09:49:50 AM EST +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Merge: 07cf7d7577 cd5d0a0c4b +Author: Kyle Rankin +Date: Tue Feb 19 06:49:46 2019 -0800 + + Merge branch 'add_gpg_gui' of github.com:kylerankin/heads into add_gpg_gui + +commit 07cf7d757703ec5fefe429520dd01e9df753d0a2 +gpg: Signature made Tue 19 Feb 2019 09:48:37 AM EST +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Tue Feb 19 06:48:35 2019 -0800 + + Revert "Remove "pipefail" so unmatched greps don't cause script to exit" + + This reverts commit 9279d60a1a7685a18b819811d864d195fba2e1fd. + +commit 9279d60a1a7685a18b819811d864d195fba2e1fd +gpg: Signature made Tue 19 Feb 2019 09:48:17 AM EST +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Fri Feb 15 10:16:43 2019 -0800 + + Remove "pipefail" so unmatched greps don't cause script to exit + +commit cfddb4ed2e6fa481737fb44081f780643e354050 +gpg: Signature made Tue 19 Feb 2019 09:48:08 AM EST +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Mon Feb 11 14:29:13 2019 -0800 + + Add GPG GUI + + It makes more logical sense for GPG functions to be split out into their + own menu instead of being part of the "Flash" menu. This creates a + gpg-gui.sh script and moves GPG options there while adding a few + additional features (like listing keys and initial smartcard key + generation support). + +commit 6794e9cdb5b1ea1aa8941297993e315b15628b19 +Author: Christopher A. Williamson +Date: Tue Feb 19 13:02:52 2019 +0000 + + Add support for EXT2 (via the EXT4 driver) + +commit 1bb8184143d5240843e7fe994282d824bf1b8360 +gpg: Signature made Mon 18 Feb 2019 09:10:45 PM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Mon Feb 18 21:10:45 2019 -0500 + + qemu-coreboot board: switch back to generic init in non-FBWhiptail mode + +commit 50172f21e5b8284d397f464396aac8a134fbaa56 +gpg: Signature made Sun 17 Feb 2019 08:50:14 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: ee3d96b4b0 a14a4fb419 +Author: tlaurion +Date: Sun Feb 17 08:50:14 2019 -0500 + + Merge pull request #527 from flammit/qemu-gui-init + + qemu-coreboot: change configs to enable gui-init testing + +commit ee3d96b4b0b4a1d0cd5792935bf15a441b177a32 +gpg: Signature made Fri 15 Feb 2019 07:27:28 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: a6e978911a 90ec5e9e2a +Author: tlaurion +Date: Fri Feb 15 19:27:28 2019 -0500 + + Merge pull request #525 from MrChromebox/librem_iommu + + Fix Purism Librem IOMMU support + +commit cd5d0a0c4bb90feb2b7e8bccc1efdc5e356d6a68 +gpg: Signature made Fri 15 Feb 2019 01:17:03 PM EST +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Fri Feb 15 10:16:43 2019 -0800 + + Remove "pipefail" so unmatched greps don't cause script to exit + +commit 90ec5e9e2afd492af465f9b4bd21fa7d60e5bc03 +Author: Matt DeVillier +Date: Wed Jan 30 23:35:50 2019 -0600 + + boards/librem*: replace iommu=pt with intel_iommu=on + + With addition of IOMMU/RMRR patches, passthru is no longer needed + for proper IOMMU functionality + + Signed-off-by: Matt DeVillier + +commit 988724c39d04928f7b397f72ff21564e68945753 +Author: Matt DeVillier +Date: Wed Jan 30 23:33:52 2019 -0600 + + configs/coreboot/librem*: remove iommu=pt from linux cmd line + + No longer needed with addition of IOMMU/RMRR patches + + Signed-off-by: Matt DeVillier + +commit f5355815d920f7c77421a5c392d49fcc4d89ec7e +Author: Matt DeVillier +Date: Wed Jan 30 23:27:30 2019 -0600 + + patches/coreboot: add proper IOMMU/RMRR support + + These two patches add the capability for coreboot to generate + the RMRR ACPI tables needed for proper IOMMU support. These + patches allow us to use 'intel_iommu=on' vs 'iommu=pt' + + Signed-off-by: Matt DeVillier + +commit a6e978911a032b494a0d9db75636e67c99f664c9 +gpg: Signature made Tue 12 Feb 2019 06:05:24 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: f0067d4b5c 398f75f19f +Author: Kyle Rankin +Date: Tue Feb 12 15:05:24 2019 -0800 + + Merge pull request #524 from MrChromebox/librem_v4 + + Add Purism Librem v4 support + +commit 398f75f19f2c5fe9d3d2132fadd7e6d9c6f1075e +Author: Matt DeVillier +Date: Wed Jan 30 20:19:25 2019 -0600 + + heads/config: add librem 13v4/15v4 as clones of 13v2/15v3 + + Signed-off-by: Matt DeVillier + +commit 9aaa25c882369bbe30f56d63cef8d49feac1bb13 +Author: Matt DeVillier +Date: Wed Jan 30 20:18:33 2019 -0600 + + coreboot/config: add librem 13v4/15v4 as clones of 13v2/15v3 + + Adjust blobs paths for kbl vs skl, adjust board names + + Signed-off-by: Matt DeVillier + +commit da2d2672208992f3e323d2c8a3a21598cad3fc84 +Author: Matt DeVillier +Date: Wed Jan 30 21:17:08 2019 -0600 + + patches/coreboot: add support for librem 13v4/15v4 boards + + Signed-off-by: Matt DeVillier + +commit 81bf58d96d404954663a28e9a354b525b3606436 +Author: Matt DeVillier +Date: Wed Jan 30 17:39:12 2019 -0600 + + blobs/librem_kbl: clone from librem_skl, adjust for v4 + + Librem 13v4/15v4 use Kabylake SoC, have different set of blobs + required from Skylake-based v3 boards. + + Signed-off-by: Matt DeVillier + +commit 428561c11e303f0a0c3a2b1014801033de069a5e +Author: Matt DeVillier +Date: Wed Jan 30 16:40:39 2019 -0600 + + librem_skl/readme: remove reference to 15v4 + + 15v4 isn't a skylake-based device + + Signed-off-by: Matt DeVillier + +commit c31421218ae52563bfe39dbd6e877d8a111ce177 +gpg: Signature made Mon 11 Feb 2019 05:29:37 PM EST +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Mon Feb 11 14:29:13 2019 -0800 + + Add GPG GUI + + It makes more logical sense for GPG functions to be split out into their + own menu instead of being part of the "Flash" menu. This creates a + gpg-gui.sh script and moves GPG options there while adding a few + additional features (like listing keys and initial smartcard key + generation support). + +commit f0067d4b5c6dc91802daf15871085bb3ce30f5c9 +gpg: Signature made Sun 10 Feb 2019 10:19:02 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 564f3ee201 be12506d7c +Author: tlaurion +Date: Sun Feb 10 10:19:02 2019 -0500 + + Merge pull request #518 from tlaurion/gpg2_missing_sed + + GPG2 branch required sed + +commit be12506d7c6e9aab48afc445228b81c340d61f40 +gpg: Signature made Sat 09 Feb 2019 12:15:26 PM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Sat Feb 9 12:15:20 2019 -0500 + + GPG2 branch required sed + + sed is required to import owner trust information in trustdb when keys are imported into pubkey.kbx/pubkey.gpg + +commit 564f3ee201e25e3b797a7f84a60df19635be21da +gpg: Signature made Fri 08 Feb 2019 03:01:28 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 98598e7f2f a809c72f7d +Author: tlaurion +Date: Fri Feb 8 15:01:28 2019 -0500 + + Merge pull request #490 from kylerankin/add_empty_keyring_detection + + Add empty keyring detection, clean up main menu + +commit 98598e7f2f27eeb831a66eeb3f50d598c9ff50d0 +gpg: Signature made Fri 08 Feb 2019 01:32:22 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: eafb47065f ae40892205 +Author: tlaurion +Date: Fri Feb 8 13:32:22 2019 -0500 + + Merge pull request #465 from merge/x230-gui + + x230: use fbwhiptail and gui-init instead of generic-init + +commit eafb47065fc65e1e232394f50aacb605b089c97d +gpg: Signature made Fri 08 Feb 2019 01:31:21 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: aef5753373 695993b593 +Author: tlaurion +Date: Fri Feb 8 13:31:21 2019 -0500 + + Merge pull request #510 from tlaurion/gpg2 + + Gpg2 with all fixes included + +commit 695993b5938d0b96a545e6901c76ceec81150864 +gpg: Signature made Fri 08 Feb 2019 01:29:02 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 005a19eeda aef5753373 +Author: tlaurion +Date: Fri Feb 8 13:29:02 2019 -0500 + + Merge branch 'master' into gpg2 + +commit aef5753373bf38854f24f0c88c6e42c627987ab5 +gpg: Signature made Fri 08 Feb 2019 01:28:06 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 0cc827cea4 181c621c84 +Author: tlaurion +Date: Fri Feb 8 13:28:06 2019 -0500 + + Merge pull request #494 from kylerankin/add_config_gui + + Add GUI to change /etc/config configuration options + +commit 181c621c843e7c0c3f6ebcf91d127fb77cb60639 +gpg: Signature made Fri 08 Feb 2019 01:25:22 PM EST +gpg: using RSA key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 0DFE 2A03 7FEF B6BF C56F 73C5 B9EF 770D 6EFE 360F + Subkey fingerprint: 4D6E 8D94 8B90 871E F9AE 2FAC 91AB 3245 B1D1 4ABD +Author: Kyle Rankin +Date: Fri Feb 8 10:25:12 2019 -0800 + + Touch /tmp/config when entering recovery mode + +commit 0cc827cea42d195f008aa1dda611e70e18667da6 +gpg: Signature made Fri 08 Feb 2019 01:12:07 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 71b919cc06 4ea175838f +Author: tlaurion +Date: Fri Feb 8 13:12:07 2019 -0500 + + Merge pull request #424 from merge/master + + x230: remove 4M and 8M split-images from the build + +commit 71b919cc06dba74a140293504a5c54cd635722e7 +gpg: Signature made Fri 08 Feb 2019 01:09:35 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 7b68b1ea9d c559d71725 +Author: tlaurion +Date: Fri Feb 8 13:09:35 2019 -0500 + + Merge pull request #486 from flammit/cairo-repro + + cairo: restore build reproducibility + +commit 005a19eeda7267d8a731fffe3a91ee0696a0df9a +gpg: Signature made Fri 08 Feb 2019 12:41:48 PM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Fri Feb 8 12:38:38 2019 -0500 + + properly deal with trusting keys to supress UX confusion about trusted keys + + key-init makes sure trustdb is updated at run time and user and distro keys are ultimately trusted. Each time a file is signed, the related public key is showed without error on it's trustability. + flash-gui deals with gpg1 to gpg2 migration. If pubring.kbx is found, pubring.gpg is deleted from running rom dump. + +commit ae408922058194077a1d4c890bbdd0eb4d3b23ac +Author: Martin Kepplinger +Date: Thu Oct 11 13:06:33 2018 +0200 + + x230: use fbwhiptail and gui-init instead of generic-init + + This changes Heads' bootscript for the x230 to gui-init and adds config + options needed for it. The config is very similar to the librem13v2 config. + + My comparison of startup-time from a power-button press shows 2.5 seconds + more with these changes applied. + + That said, the experience is smooth, the GUI is beautiful and easier to use + than the shell and text menu, especially during setup. That's what we + buy with startup time here. + +commit 8dd1082808f8479f5b9eb5c9827deca53e6b4164 +gpg: Signature made Tue 29 Jan 2019 11:18:14 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Sat Jan 26 12:52:37 2019 -0500 + + module/pinentry: disable-pinentry-qt instead of qt5 + + else: + make[4]: Entering directory '/home/user/heads/build/pinentry-1.1.0/qt' + g++ -DHAVE_CONFIG_H -I. -I.. -I//include -I//include -I.. -I../secmem -I../pinentry -Wall -I/home/user/heads/install/usr/include -I/home/user/heads/install/usr/include/QtCore -I/home/user/heads/install/usr/include/QtGui -DQT_SHARED -g -O2 -MT pinentrydialog.o -MD -MP -MF .deps/pinentrydialog.Tpo -c -o pinentrydialog.o pinentrydialog.cpp + In file included from pinentrydialog.cpp:24: + pinentrydialog.h:27:10: fatal error: QDialog: No such file or directory + +commit 5eee5aa296ce388dd6ccc9c856af2a0b45584520 +gpg: Signature made Tue 29 Jan 2019 11:18:11 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Sat Jan 26 12:20:31 2019 -0500 + + GPG2 required changes for key and trustdb generation and inclusion in rom + .ash_history: add examples to generate keys and otrust in rom + flash-gui: export otrust and import it in rom + key-init: import otrust.txt if present to supress warning about user public key being untrusted + +commit 4f75da7ea79f2fb3ea73f215a062388a29f476a7 +gpg: Signature made Tue 29 Jan 2019 11:18:07 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Sat Jan 26 12:16:53 2019 -0500 + + Removing CONFIG_GPG in librem boards + +commit 3bc79495bb078ff1d9d83171ba40abcb8311d6f9 +gpg: Signature made Tue 29 Jan 2019 11:16:26 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Itay Grudev +Date: Fri Jan 4 09:33:13 2019 +0200 + + Disabled libsecret support in the pinentry module + +commit 92c547c0d41294acb1fd3d90b7dd27a677d8bf81 +gpg: Signature made Tue 29 Jan 2019 11:16:23 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Itay Grudev +Date: Fri Jan 4 09:21:44 2019 +0200 + + Enabled GPG2 in the Librem board config + +commit ca3a5fd2eb57090dbce1d94a67ace3258c0b829f +gpg: Signature made Tue 29 Jan 2019 11:16:19 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Jason Andryuk +Date: Sat Dec 1 08:37:34 2018 -0500 + + Set GPG_TTY before calling gpg in key-init + + gpg2 needs GPG_TTY set to function properly. We set it in /init so it + is inherited by all children. The call to $(tty) must be after /dev and + (preferably) /dev/pts are mounted. + + Signed-off-by: Jason Andryuk + +commit 75c11481f689c51c2dbf07beb4715bfb5989241b +gpg: Signature made Tue 29 Jan 2019 11:16:16 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Wed Nov 14 19:47:24 2018 -0500 + + Port gpg1 patch to gpg2 to force crosscompiling and output to stderr. + +commit 46ddc20f74b84d20b3d87c2b0d64bfe7bc0cfff4 +gpg: Signature made Tue 29 Jan 2019 11:16:13 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Wed Nov 14 19:46:46 2018 -0500 + + instruct gpg to use gpg-agent. + +commit fb3e2066b8ee33b29c3fbc387a1b707956c646f3 +gpg: Signature made Tue 29 Jan 2019 11:15:48 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Wed Nov 14 19:45:44 2018 -0500 + + GPG_TTY is forced to /dev/console under init. Ash console is never called; trying to get console tty from the tty returns "no console". NEEDs BETTER FIX. + +commit 7b68b1ea9ddcbfbdbcedcdcccffa3291cd193524 +gpg: Signature made Mon 28 Jan 2019 10:05:36 PM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: edb9cd615b c77b560300 +Author: tlaurion +Date: Mon Jan 28 22:05:36 2019 -0500 + + Merge pull request #512 from kylerankin/update_blob_links + + Update ME repository links/filenames/hashes + +commit c77b560300b196b9dee8c1c72333bb4ddb9b5ee0 +gpg: Signature made Mon 28 Jan 2019 12:27:00 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Mon Jan 28 09:26:23 2019 -0800 + + Update ME repository links/filenames/hashes + + The current links to the ME blob have expired. This updates the links + along with the resulting file names and hashes. + +commit edb9cd615bc3bba2a9ca46f127bea21d0f6589c6 +gpg: Signature made Sun 27 Jan 2019 07:27:54 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: 760429601a e274a2c396 +Author: tlaurion +Date: Sun Jan 27 07:27:54 2019 -0500 + + Merge pull request #508 from shamen123/patch-1 + + remove CONFIG_GPG=y + +commit 44d566a72ac51d25692928ad3f35c9b553848056 +gpg: Signature made Sat 26 Jan 2019 11:51:59 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Wed Nov 14 19:41:02 2018 -0500 + + pinentry-tty path needs to be known from gpg-agent + +commit 6335ece90244452bb26c477556c34bdb2d96eee2 +gpg: Signature made Sat 26 Jan 2019 11:51:56 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Wed Nov 14 19:39:11 2018 -0500 + + gpg2 pubring extension change from gpg to kbx + +commit e5a739e54cdda3c2fcc805a971b8ab3eea131c27 +gpg: Signature made Sat 26 Jan 2019 11:51:54 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Trammell Hudson +Date: Wed Oct 17 17:42:43 2018 -0400 + + use /bin for libexecdir and disable curses pinentry + +commit 8ba3c3340287d3e501418e91a98a579ca559ed83 +gpg: Signature made Sat 26 Jan 2019 11:51:51 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Thu Oct 4 21:32:04 2018 -0400 + + required changes to apply on top of osresearch/gpg2 for gpg2 to actually work, tools and libs updated to latest versions + +commit 82701fb10fb88bb48827dd783448d426f234e4b6 +gpg: Signature made Sat 26 Jan 2019 11:51:47 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Trammell hudson +Date: Wed Sep 19 07:21:02 2018 -0400 + + typo on pinentry + +commit c261907ee67575f026d89bad594352be219b7aca +gpg: Signature made Sat 26 Jan 2019 11:51:41 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Trammell hudson +Date: Wed Sep 19 06:58:08 2018 -0400 + + gpg2 pinentry program is required for passwords or PINs + +commit 49269f2bb4a5c6668606e087418b1477d985c386 +gpg: Signature made Sat 26 Jan 2019 11:51:17 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: tlaurion +Date: Wed Sep 19 06:33:18 2018 -0400 + + gpg2 library fixes + +commit b89ed83af67e1ee7edc973ecbe217ad2da44cd56 +gpg: Signature made Sat 26 Jan 2019 11:49:27 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Trammell hudson +Date: Wed Sep 19 06:32:00 2018 -0400 + + enable Unix Domain sockets for gpg-agent + +commit b1736d7cb3f37a64f1575b4aa62f9de49489f6ba +gpg: Signature made Sat 26 Jan 2019 11:48:26 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Trammell hudson +Date: Tue Sep 18 05:32:46 2018 -0400 + + use full version names on output libraries + +commit d61587c17985248ea8dc6a6385658539fcf3b44a +gpg: Signature made Sat 26 Jan 2019 11:47:53 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Trammell hudson +Date: Tue Sep 18 05:14:05 2018 -0400 + + switch to gpg2 for qemu targets + +commit c1c615e6775588a9ab039fc19a6cd9c412f251cc +gpg: Signature made Sat 26 Jan 2019 11:47:16 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Trammell hudson +Date: Tue Sep 18 05:12:47 2018 -0400 + + copy gpg2 executables and pass in the libusb include path + +commit 7f1288b89c4765bc8ce86ca213bcdbc7535f2084 +gpg: Signature made Sat 26 Jan 2019 11:45:00 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Duncan Guthrie +Date: Fri Jan 5 21:09:07 2018 +0000 + + Preliminary support for GnuPG2 + +commit e274a2c396b008dcdf9dc0ad8edf9680a839a39f +gpg: Signature made Thu 10 Jan 2019 10:06:40 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: shamen123 <31340423+shamen123@users.noreply.github.com> +Date: Thu Jan 10 15:06:40 2019 +0000 + + remove CONFIG_GPG=y + + Building make BOARD=x230-flash fails due to size. Removal of CONFIG_GPG fixes this. For further details, see https://github.com/osresearch/heads/issues/451 + +commit 8b28e4945966b7cad52c712e6c1615df666dd1cf +gpg: Signature made Thu 13 Dec 2018 04:39:12 PM EST +gpg: using RSA key D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3 +gpg: Good signature from "AJ Jordan " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: D825 FD54 D9B9 40FF 0FFF B31A A4FD B7BE 12F6 3EC3 +Author: AJ Jordan +Date: Thu Dec 13 16:08:18 2018 -0500 + + Switch popt mirror to Launchpad + + Launchpad offers HTTPS downloads, whereas other more obvious mirrors + (like the one used originally, as well as rpm5.org) do not. + + Note: it is unclear to whether Launchpad's tarballs will always match + the checksum from upstream tarballs. However, at least for 1.16, this + condition does indeed seem to hold true. Homebrew, FWIW, lists OpenBSD + as a mirror: + + https://github.com/Homebrew/homebrew-core/blob/master/Formula/popt.rb + +commit 6303fbcacc68426a9987706466e0fc7b00b3b678 +gpg: Signature made Thu 13 Dec 2018 04:21:22 PM EST +gpg: using RSA key D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3 +gpg: Good signature from "AJ Jordan " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: D825 FD54 D9B9 40FF 0FFF B31A A4FD B7BE 12F6 3EC3 +Author: AJ Jordan +Date: Thu Dec 13 16:07:35 2018 -0500 + + Download most resource from HTTPS + + As much as possible. + +commit b38e720440b44d8e1161a278121cd8f2c5687e87 +gpg: Signature made Thu 13 Dec 2018 01:34:14 AM EST +gpg: using RSA key D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3 +gpg: Good signature from "AJ Jordan " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: D825 FD54 D9B9 40FF 0FFF B31A A4FD B7BE 12F6 3EC3 +Author: AJ Jordan +Date: Thu Dec 13 01:32:37 2018 -0500 + + Use a better GNU mirror URL + + The new URL automatically redirects to a nearby, current GNU mirror. + + Also, the fact that it's HTTPS helps with restrictive outbound + firewall policies that disallow plaintext traffic (for example, + using Qubes' firewall functionality). + +commit a809c72f7d82540aaf954d6fd4ea84d5e4f410ca +gpg: Signature made Wed 12 Dec 2018 05:09:31 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Dec 12 14:09:19 2018 -0800 + + Fix column width for error output + +commit 6ebabc5b94cea6cb94669bdfcbaa6e08ce19dc04 +gpg: Signature made Thu 06 Dec 2018 07:51:51 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 16:51:43 2018 -0800 + + Remove any duplicate config options from config.user + +commit 43a858e25ce325407b63260d0da9ab5420a532e3 +gpg: Signature made Thu 06 Dec 2018 07:45:52 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 16:45:40 2018 -0800 + + Show the last setting for a config option if more than one exist + +commit ab0f9dd32e1847d784d1cba265d8303ea90ddb7d +gpg: Signature made Thu 06 Dec 2018 07:35:41 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 16:34:47 2018 -0800 + + Move custom configs below recovery shell + + For safety it would be better if we source any custom configs after the + recovery shell in init. That way we can recover from any config mistakes. + +commit 8b8be510a26f6b15bb0f5abfc7150a8ecad5ccdf +gpg: Signature made Thu 06 Dec 2018 07:29:43 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 16:29:09 2018 -0800 + + Do not sort config options, just cat to preserve precedence + + If we sort | uniq config options, then the lowest in the sort will get + precedence, when what we want is for user preferences to override system + ones. + +commit 64484206ed950b51eed77b74dc491733e97f9443 +gpg: Signature made Thu 06 Dec 2018 07:27:49 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 16:27:36 2018 -0800 + + Load cbfs before combining configs and building fstab + +commit 1e9491f98d33b05be030add26359dfbcb75fa0ed +gpg: Signature made Thu 06 Dec 2018 07:11:14 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 16:10:10 2018 -0800 + + Handle the case where grep operates on an empty file + + There are cases when grepping for an option in the config file where + grep will not find it, which is fine in this case, but without adjusting + the exit code in that case it can make an entire script bail out. + +commit dd3f650b81c93f8848c081af1a04d0773b5e9ea7 +gpg: Signature made Thu 06 Dec 2018 06:42:52 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 15:41:20 2018 -0800 + + Just load usb-storage module, not mount, bugfix in replace_config + + We need to handle the case where the specific config file doesn't exist, + or else grep fails, so we touch the file ahead of time. Mounting the usb + storage caused problems when you re-enter the menu a second time, so we + will just load the storage module. + +commit 3eb62eed1a18caae4161ecb956c20b1f203212c3 +gpg: Signature made Thu 06 Dec 2018 06:27:55 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 15:24:28 2018 -0800 + + Use global /tmp/config that combines multiple config files + + As part of the config gui we want to be able to have the system define + new config options without them being lost if the user makes their own + changes in CBFS. To allow that this change creates a function initiated + in init that combines all /etc/config* files into /tmp/config. All + existing scripts have been changed to source /tmp/config instead of + /etc/config. The config-gui.sh script now uses /etc/config.user to hold + user configuration options but the combine_configs function will allow + that to expand as others want to split configuration out further. + + As it stands here are the current config files: + + /etc/config -- Compiled-in configuration options + /etc/config.user -- User preferences that override /etc/config + /tmp/config -- Running config referenced by the BIOS, combination + of existing configs + +commit 49a131fa4b523a33779920a65331169168bdce9d +gpg: Signature made Thu 06 Dec 2018 04:51:56 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 13:51:46 2018 -0800 + + Fix formatting on the default config GUI menu text + +commit f47df1edd688ef862564d417064402ab52ad59d0 +gpg: Signature made Thu 06 Dec 2018 04:10:56 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 13:10:45 2018 -0800 + + Use mount-usb instead of enable_usb to find USB drives + +commit de18c706dcdb3bc6d7b4fa7c53403713356a684c +gpg: Signature made Thu 06 Dec 2018 03:56:49 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 12:56:39 2018 -0800 + + Load USB modules before scanning for USB devices + +commit 2f9c201f3e9f20c93e432326c0ddfdb19229b02a +gpg: Signature made Thu 06 Dec 2018 01:44:59 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Dec 6 10:43:34 2018 -0800 + + Add a configuration GUI script + + This change will add a new GUI script that will allow users to change + their running configuration (currently just /boot and USB boot options) + and optionally persist that modified configuration with reflashing the + BIOS with a modified cbfs. + +commit 57b487c38cbc014bbe2e3d6a477b9a5651967b46 +gpg: Signature made Wed 05 Dec 2018 05:53:41 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Dec 5 14:51:53 2018 -0800 + + Update version #s for Librem coreboot, add Librem Key detection dialog + + The Librem coreboot is labeled with the current version and is visible + from dmidecode and is supposed to reflect the current version of + coreboot, however it was out of date and reflected 4.7 when Heads has + moved on to 4.8.1. + + I've also added a simple change to further simplify onboarding by + warning users who have Librem Key configured when they boot without it + being inserted. + +commit 2195977c23a72b0136724e423eec609fdf5e5732 +gpg: Signature made Mon 03 Dec 2018 07:11:54 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Mon Dec 3 16:09:55 2018 -0800 + + Move GPG check outside TPM failure + + We want to catch the missing GPG keyring error regardless of TPM failure + or even in the case of a system without a TPM at all so we need to move + that section up above the TPM check. + +commit a14a4fb4191cae7093be5337cd3165606125de3a +gpg: Signature made Sat 01 Dec 2018 01:10:30 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Dec 1 10:10:04 2018 -0800 + + qemu-coreboot: change configs to enable gui-init testing + +commit 7f8738d6d82f1f500f5efc74b6d38a8eff1a5fff +gpg: Signature made Fri 30 Nov 2018 06:34:51 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri Nov 30 15:32:29 2018 -0800 + + Add empty keyring detection, clean up main menu + + To help with onboarding new users to Heads, this change will detect when + Heads does not have any keys in its keyring and will guide the user + through adding a key to the running BIOS. It's important that this + happen *before* guiding them through setting up an initial TOTP/HOTP + secret because adding a GPG key changes the BIOS, so the user would have + to generate TOTP/HOTP secrets 2x unless we handle the keyring case + first. + + In addition to this change I've simplified the main menu so that the + majority of the options appear under an 'advanced' menu. + +commit c559d71725d530355da5c61ff8a9e3b8231ceb0b +gpg: Signature made Sat 24 Nov 2018 12:18:32 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Nov 24 09:12:41 2018 -0800 + + cairo: restore reproducibility + + libtool needs to be patched to not write rpath to targets + +commit 760429601a3a01efe25f2c2bdf466957ec6c05d5 +gpg: Signature made Fri 23 Nov 2018 12:32:14 PM EST +gpg: using RSA key 1705719801234567 +gpg: Can't check signature: No public key +Merge: 31a62849ea e3343b5aff +Author: Trammell hudson +Date: Fri Nov 23 12:32:13 2018 -0500 + + Merge branch 'update_blob_script' of https://github.com/kylerankin/heads + +commit 31a62849eaca4b4d50ffcad6b0cda096da36ce6f +gpg: Signature made Fri 23 Nov 2018 12:30:14 PM EST +gpg: using RSA key 1705719801234567 +gpg: Can't check signature: No public key +Merge: 371b65ff58 fd3d69cdac +Author: Trammell hudson +Date: Fri Nov 23 12:30:12 2018 -0500 + + Merge branch 'key-update' of https://github.com/flammit/heads + +commit 371b65ff5827e1048511b91be1f9ce656040cb9d +gpg: Signature made Fri 23 Nov 2018 12:29:13 PM EST +gpg: using RSA key 1705719801234567 +gpg: Can't check signature: No public key +Author: Martin Kepplinger +Date: Wed Nov 21 14:24:54 2018 +0100 + + fix install directory handling for git and builds + + The install directly should basically behave like the "build" directory. + Since it's tracked by git, containing a gitignore file, we shouldn't + have it in the toplevel gitignore (just like the build directory). + + But then, the toplevel Makefile's real.clean target removes the install + directory. This is changed so that only it's content is being removed. + +commit fd3d69cdac8b32bb6252bc670f9e20c08e5bb5ad +gpg: Signature made Sun 18 Nov 2018 01:49:52 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Nov 18 10:49:37 2018 -0800 + + update tails distro signing key + +commit 25113cb8c2f431bb0e0c038cbd2a306069159bcb +gpg: Signature made Sat 10 Nov 2018 04:41:20 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Nov 10 13:41:01 2018 -0800 + + Fix coreboot build for kgpe-d16 + +commit e3343b5aff8f44fa3407529a8f662ccaa203a4c2 +gpg: Signature made Thu 08 Nov 2018 12:22:31 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Nov 8 09:22:24 2018 -0800 + + Fix permissions on get_blobs.sh + +commit f20d45a42638b11d7ca046b0e379150e3e932cde +gpg: Signature made Thu 08 Nov 2018 12:19:05 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Nov 8 09:18:26 2018 -0800 + + Update Librem get_blobs.sh script to point to proper upstream URLs + +commit d8a3be47af16a771781e852eb0a1efaeefd23a4d +gpg: Signature made Wed 07 Nov 2018 05:04:25 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 7f83a0a028 fe0f957bfc +Author: Trammell Hudson +Date: Wed Nov 7 17:04:23 2018 -0500 + + Merge branch 'coreboot-4.8' of https://github.com/flammit/heads + +commit 7f83a0a02881dc7a750fbe8dc2b0fabb081f1ef6 +gpg: Signature made Wed 07 Nov 2018 04:41:29 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: af81e34292 255181c02f +Author: Trammell Hudson +Date: Wed Nov 7 16:41:28 2018 -0500 + + Merge branch 'fbwhiptail_url' of https://github.com/merge/heads + +commit af81e34292ca92778b6953e66b68a17899be11bc +gpg: Signature made Wed 07 Nov 2018 04:40:03 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 6eb214a3f1 c0aeb614ec +Author: Trammell Hudson +Date: Wed Nov 7 16:40:02 2018 -0500 + + Merge branch 'patch-2' of https://github.com/tlaurion/heads + +commit 6eb214a3f1836fa9d56709886fdd49103c5df4a2 +gpg: Signature made Wed 07 Nov 2018 04:38:54 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 8fec61f6e8 3755ddb47a +Author: Trammell Hudson +Date: Wed Nov 7 16:38:51 2018 -0500 + + Merge branch 'usb-scan_fix' of https://github.com/tlaurion/heads + +commit 8fec61f6e819bdd9907571a45717fb6b2efcbd58 +gpg: Signature made Wed 07 Nov 2018 04:38:13 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 3f53cfe05b 1d2fb02668 +Author: Trammell Hudson +Date: Wed Nov 7 16:38:12 2018 -0500 + + Merge branch 'cryptsetup-reencrypt' of https://github.com/tlaurion/heads + +commit 3f53cfe05b1fdbca751f53372ca4c387d6238b7f +gpg: Signature made Wed 07 Nov 2018 04:37:03 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 72c42fa5ea 79a09e7424 +Author: Trammell Hudson +Date: Wed Nov 7 16:37:01 2018 -0500 + + Merge branch 'add_librem_key_support' of https://github.com/kylerankin/heads + +commit 79a09e7424c67fc3168fef95a0352292a9bcf8eb +gpg: Signature made Wed 07 Nov 2018 04:29:15 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Nov 7 13:27:52 2018 -0800 + + Ignore PCR5 when sealing key when Librem Key is enabled + + When the Librem Key is enabled, the kernel loads USB modules at boot, + this causes PCR5 to change and breaks unsealing the LUKS key (if set). + This change retains the protection of the PCR5 check unless Librem Key + is enabled. + +commit fe0f957bfc3db1f6113d908c608404ef5751bd3a +gpg: Signature made Sun 28 Oct 2018 02:00:09 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Oct 28 10:59:33 2018 -0700 + + Make lvm and slang build reproducibly again + +commit 03a09a1e1a7dcf633ddb2736ff66e8129f1bef2f +gpg: Signature made Sat 27 Oct 2018 06:05:43 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Youness Alaoui +Date: Fri Jul 27 20:34:56 2018 -0400 + + Add patches to update coreboot crossgcc to v1.52 + + crossgcc is now using gcc 8.1.0 which will compile without issues + if your host system has gcc 8.x + This is required if we are to build on a new system (such as latest Fedora) + +commit 79c14346106818769df5befd7708d7b724a61fb0 +gpg: Signature made Sat 27 Oct 2018 05:04:12 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Oct 27 14:03:45 2018 -0700 + + Fix DOTCONFIG in coreboot module and clean up configs + +commit 0bb78d343f4ab0e72caa1e834bb818d6bb245b5a +gpg: Signature made Sat 27 Oct 2018 02:02:39 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Trammell hudson +Date: Mon Aug 13 10:26:08 2018 -0400 + + Use defconfig for coreboot builds + +commit 0113ecc806b167d12d877e141d7d387af1a677e2 +gpg: Signature made Sat 27 Oct 2018 02:02:35 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Fri Jun 8 10:39:36 2018 -0700 + + Update coreboot patches condition on CONFIG_MEASURED_BOOT + +commit 8601268a1f731a373ac8a33c315ec24018348696 +gpg: Signature made Sat 27 Oct 2018 02:02:32 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Jun 2 09:46:57 2018 -0700 + + Remove duplicate measurements on librem components + + also fix indentation issues + +commit dd3ae6ee069515bcd447f3c91b1d76ca979ab946 +gpg: Signature made Sat 27 Oct 2018 02:02:29 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Tue May 29 13:17:56 2018 -0700 + + Update patches for librem boards + +commit c326ff62c7efe7198d503974f6aa142ad7bb11e2 +gpg: Signature made Sat 27 Oct 2018 02:02:23 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun May 20 16:05:07 2018 -0700 + + Start updating to coreboot 4.8.1 + + missing librem patches + +commit 72c42fa5ea1e7831fd3250993879b4cda032e507 +gpg: Signature made Wed 24 Oct 2018 02:28:34 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Oct 24 14:28:34 2018 -0400 + + qemu-linuxboot: enable cgroups for u-root + +commit 3755ddb47a5aece00b02c186bc87850e8dc8ffd8 +Author: Thierry Laurion +Date: Mon Oct 22 11:01:05 2018 -0400 + + $TMP_MENU_FILE is an unknown variable. Replaced with /tmp/iso_menu.txt so usb-scan works. + +commit 255181c02f15354a8b1968dbc847321913eb4ea7 +Author: Martin Kepplinger +Date: Thu Oct 18 13:44:44 2018 +0200 + + fix the fbwhiptail source URL + + The current source URL is not available anymore. + + kakaroto changed his copy of heads to point to his own github account's fbwhiptail: + https://github.com/kakaroto/heads/commit/b13cc5e68d9d77ef9bfd6623b812f4205698dafb + + But it seems that source.puri.sm/coreboot is a more accessible home for the + project. + +commit 1d2fb0266812d97c969b6226a300280706f659ee +Author: Thierry Laurion +Date: Mon Oct 8 16:26:20 2018 -0400 + + Adding cryptsetup-reencrypt support + +commit c0aeb614ec3c00daf673b2a537ea8a470cb9a946 +gpg: Signature made Thu 04 Oct 2018 10:01:54 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Thu Oct 4 22:01:54 2018 -0400 + + Update .ash_history + + mount-usb is better + +commit e177de63d02718a3bed6816fee075076c94181cd +gpg: Signature made Fri 28 Sep 2018 06:25:00 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Sep 28 06:25:00 2018 -0400 + + Enable verbose bootup debugging and ensure that the serial IO base port is configured + +commit aeb59e1b4852aea6aeb7f771e96d94d0ea2e1c9b +gpg: Signature made Tue 18 Sep 2018 04:06:35 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 16:06:35 2018 -0400 + + coreboot must be extracted before the xgcc symlink + +commit 6183d58ecc2923df97ee9fccf8282df1af1ee03a +gpg: Signature made Tue 18 Sep 2018 04:04:28 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 16:04:28 2018 -0400 + + fix config spacing and path to xgcc + +commit 9ab033aa06ebca1b5272ed8e334fb516f0d8e308 +gpg: Signature made Tue 18 Sep 2018 03:59:48 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 15:59:48 2018 -0400 + + use externally built coreboot compilers + +commit 866358d5c7c6297e8be627d0c8fcfa31f90f8636 +gpg: Signature made Tue 18 Sep 2018 03:12:41 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 15:12:41 2018 -0400 + + rollback to 16.04? + +commit 66b51d3296569d55b174a7c7f4431f01d52321f7 +gpg: Signature made Tue 18 Sep 2018 01:07:40 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 13:07:40 2018 -0400 + + quiet hashing process slightly + +commit fdb8268fc99dd09f1c637290b6aa580119e801e8 +gpg: Signature made Tue 18 Sep 2018 01:07:14 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 13:07:14 2018 -0400 + + remove coreboot-gcc target (it will be built anyway) and add x230 + +commit a5a11e82130643356583345187ab106a7659b2b0 +gpg: Signature made Tue 18 Sep 2018 12:35:19 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 12:35:19 2018 -0400 + + fix missing ) in hashes + +commit 54748c663adcad63b2ddeeeff588ab3dafa0213d +gpg: Signature made Tue 18 Sep 2018 12:09:47 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 12:09:47 2018 -0400 + + hash the kernel + +commit eafe001097687a19915610bb954d3dc365308806 +gpg: Signature made Tue 18 Sep 2018 12:09:16 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 12:09:16 2018 -0400 + + fix yaml + +commit 7a39cc78f4140756cecb3d36783a0845e49d2889 +gpg: Signature made Tue 18 Sep 2018 12:08:16 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 12:08:16 2018 -0400 + + create hashes and store them in the circleci artifacts + +commit 553964157b5bf6b2de9c65c0ed65f6abf89d538d +gpg: Signature made Tue 18 Sep 2018 10:43:36 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 10:43:36 2018 -0400 + + use a smaller image, maybe we will not run out of space + +commit d3bf7aab64b6c75b56433b4bf2d39ceced1fae69 +gpg: Signature made Tue 18 Sep 2018 09:59:09 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 09:59:09 2018 -0400 + + does tput cause the problem with circleci? + +commit 606600586c3a3ab18d2debf501cd6899fa369cec +gpg: Signature made Tue 18 Sep 2018 09:27:18 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 09:27:18 2018 -0400 + + coreboot-gcc target + +commit f712d7aefeb6bd4c87abc4883ed0a18b3add3bc2 +gpg: Signature made Tue 18 Sep 2018 07:24:19 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 07:24:19 2018 -0400 + + move limits.h dependency into modules/linux + +commit e03f375bfdaa392c29a6cc23dfd4bdfe85ca9fcd +gpg: Signature made Tue 18 Sep 2018 07:14:39 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 07:14:39 2018 -0400 + + use osresearch/heads-builder docker image with pre-built compilers + +commit c494d0a5fdd33e22c1e0e9f95e8b71b9319783fd +gpg: Signature made Tue 18 Sep 2018 07:14:02 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 07:14:02 2018 -0400 + + fix wget and allow packages to be overridden + +commit 5555e9e8ac605905b927a9f7d2c3e34657e03f43 +gpg: Signature made Tue 18 Sep 2018 06:55:16 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 06:55:16 2018 -0400 + + circleci needs to use the new 4.2.1 make + +commit 292a8bec81219e5edab19187e3550605a0ce82b5 +gpg: Signature made Tue 18 Sep 2018 06:33:15 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Sep 18 06:33:15 2018 -0400 + + patch for __alloca missing on ubuntu 18.04 (#352) + +commit bec3335cf62f2a1ae008061e85eed0e19486c7b7 +gpg: Signature made Sun 16 Sep 2018 05:56:17 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sun Sep 16 17:56:17 2018 -0400 + + verbose builds to avoid quiet timeouts + +commit e3ac9b59f38214f0ff05ced1a97d64876215e3e9 +gpg: Signature made Sat 15 Sep 2018 07:11:12 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 07:11:12 2018 -0400 + + ensure there is output from the musl-cross bild + +commit f96cceb6214d6d46312de53aee459ca68e3b98e6 +gpg: Signature made Sat 15 Sep 2018 06:56:42 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 06:56:42 2018 -0400 + + do dependencies before checkout + +commit 081cda2dd4dee098ce4ff019a9c041adb8b7eb51 +gpg: Signature made Sat 15 Sep 2018 06:53:34 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 06:53:34 2018 -0400 + + bootstrap and parallelize build + +commit cdd061e06380e376a888b67a453424e93b3efe4b +gpg: Signature made Sat 15 Sep 2018 05:59:28 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 05:59:28 2018 -0400 + + switch back to 16.04 just to avoid make-4.2 error + +commit 607381fec21571310ba10bb880246317ac304082 +gpg: Signature made Sat 15 Sep 2018 05:58:00 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 05:58:00 2018 -0400 + + try apt-update before apt-install + +commit b826e4c705def40e58caa7fadaf5524cf88ec2ae +gpg: Signature made Sat 15 Sep 2018 05:56:58 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 05:56:58 2018 -0400 + + tweak yaml + +commit 265ed9d043142cef9927e9e46fc38ad26214cfbc +gpg: Signature made Sat 15 Sep 2018 05:52:38 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 05:52:38 2018 -0400 + + checkout dependencies + +commit 96ea6b69ba843905babc33e557496590249cf388 +gpg: Signature made Sat 15 Sep 2018 05:49:32 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 05:49:32 2018 -0400 + + try ubuntu 18.04 build + +commit 32cd59d4f6f9b5aba7c9d9fb4a640de983796f07 +gpg: Signature made Sat 15 Sep 2018 05:48:03 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 05:48:03 2018 -0400 + + try ubuntu 18.04 build + +commit 2e1dd829929f26386cc608479509f93c7d11cd78 +gpg: Signature made Sat 15 Sep 2018 05:42:42 AM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Sep 15 05:42:42 2018 -0400 + + try enabling circleci builder + +commit 95748a82d775636f2f6d97df4f4f5e4b6331a768 +gpg: Signature made Mon 03 Sep 2018 12:03:19 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Mon Sep 3 12:03:19 2018 -0400 + + Typo correction in .ash_history + +commit 1d27c93a500e3c284464671a238f0801f5906bfc +gpg: Signature made Mon 13 Aug 2018 06:33:53 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 070461ad05 09b3e7b1dc +Author: Trammell Hudson +Date: Mon Aug 13 06:33:51 2018 -0400 + + Merge branch 'master' of https://github.com/Akendo/heads + +commit 070461ad058e87056840364e69024d8cb1f3027b +gpg: Signature made Mon 13 Aug 2018 06:33:05 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 2be492d7fd e594598a28 +Author: Trammell Hudson +Date: Mon Aug 13 06:33:03 2018 -0400 + + Merge branch 'fix-spelling-mistakes' of https://github.com/paulmenzel/heads + +commit 2be492d7fdb6a2422f2101f9251264cf9cb81492 +gpg: Signature made Mon 13 Aug 2018 06:31:38 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: cc4976b3da fb37c5dcc8 +Author: Trammell Hudson +Date: Mon Aug 13 06:31:37 2018 -0400 + + Merge branch 'linux-4.14-update' + +commit fb37c5dcc82f2e715fe472fa842a5314e0aa2c39 +gpg: Signature made Mon 13 Aug 2018 06:31:07 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Aug 13 06:31:07 2018 -0400 + + bds-pr is on the main branch now + +commit e594598a28b1712f7b63fdcc434b48e1ad027ca6 +Author: Paul Menzel +Date: Wed May 23 23:30:29 2018 +0200 + + FAQ: Fix spelling of *convenience* + +commit 11d30bd6350c9d90e02a22e8efb2b7b2b9913a63 +Author: Paul Menzel +Date: Sun May 20 12:18:10 2018 +0200 + + blobs/x220: Start *Lenovo* with capital letter + +commit 6c9ff68a87b6b21e10f1ea737096ea1be87acb6d +Author: Paul Menzel +Date: Sun May 20 12:14:56 2018 +0200 + + README: Spell *Chromebook* with capital letter in beginning + +commit 4016cd96ab440b03e246d1764b4f980ccb587383 +gpg: Signature made Thu 09 Aug 2018 12:51:12 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Aug 9 12:51:12 2018 -0400 + + convert all active board Linux kernel config files into defconfig format + +commit f4e25dd2168ac414398bbc9e57bb5c7138432173 +gpg: Signature made Thu 09 Aug 2018 12:46:52 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Aug 9 12:45:53 2018 -0400 + + Use Linux kernel defconfig format (issue #416) + + This reduces the amount of noise in the Linux kernel config files + by only storing the differences from the stock configuration. + It adds a new makefile target 'linux.saveconfig' to convert the + build tree's .config file into config/linux-linuxboot.config. + +commit c7c4b9919c130f5e21d308287ec2d7463230dc89 +gpg: Signature made Thu 09 Aug 2018 12:20:03 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Aug 9 12:20:03 2018 -0400 + + ensure that the dxe modules will be built with the Heads cross compiler + +commit c98bfe158fb95bef78a3c98893b268d446ca71c8 +gpg: Signature made Thu 09 Aug 2018 10:20:22 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Aug 9 10:20:22 2018 -0400 + + update to 4.14.62 and use the linuxboot.efi BDS + +commit cc4976b3dadbdc131b1cc0d9aed281d776ea4159 +gpg: Signature made Thu 09 Aug 2018 07:51:30 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Thierry Laurion +Date: Fri Jul 27 10:04:53 2018 -0400 + + Commenting out DROPBEAR support; not fitting into 4MB image with GPG integrated. + +commit 09b3e7b1dc8666b8998df1ab0117cd5e5d939914 +Merge: 1b0fdefb5f e830737e9b +Author: Akendo +Date: Wed Jul 25 14:14:32 2018 +0200 + + Merge branch 'master' of github.com:Akendo/heads + +commit 1b0fdefb5fa32c8f624258529b7626edf617b6dd +Author: Akendo +Date: Wed Jul 25 13:59:18 2018 +0200 + + Add missing paraemter for the correct board. + + Without this parameter the qemu board is selected by default. Leading to errors + Signed-off-by: Akendo + +commit e830737e9b7a03ed709151bf3e129287756683fc +Author: Akendo +Date: Tue Jul 24 23:46:46 2018 +0200 + + Update the path within the readme.md from the x220 + + The path was incorrect for the configuration file of the x220. Leading to some + confusion. Adjusting to to newer path, where the file is located. + +commit 1d2dfd4affdc773329550e694c274cff8e71639b +gpg: Signature made Wed 18 Jul 2018 06:53:59 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jul 18 06:53:59 2018 -0400 + + remove orphaned x200 config (merge pr #387) + +commit 6170b4cd06892738387fb9adae07dbb75e584aad +gpg: Signature made Wed 18 Jul 2018 06:52:11 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 770c696117 22b1241475 +Author: Trammell Hudson +Date: Wed Jul 18 06:52:09 2018 -0400 + + Merge branch 'patch-failure-pr' of https://github.com/osresearch/heads + +commit 770c6961176bee48bebbd1faed2f3676ab5e3e39 +gpg: Signature made Wed 18 Jul 2018 06:50:47 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 584c07042e 85eebd0487 +Author: Trammell Hudson +Date: Wed Jul 18 06:50:46 2018 -0400 + + Merge branch 'x230-flash' of https://github.com/tlaurion/heads + +commit d876776ed774c596b5f98217309817fbb5305700 +gpg: Signature made Wed 18 Jul 2018 06:23:13 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jul 18 06:23:13 2018 -0400 + + enable coreboot console support + +commit a75d8a0c92a331f708d45446b577d06c27a05247 +gpg: Signature made Wed 18 Jul 2018 06:22:50 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jul 18 06:22:50 2018 -0400 + + increase CBMEM log level + +commit 977c1c3987533ce82baf78893736c7ba10f88ec3 +gpg: Signature made Tue 17 Jul 2018 06:51:38 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 17 06:51:38 2018 -0400 + + update qemu-coreboot Linux config to 4.14.56, enable the CBMEM console + +commit d400c4dd4d2d3a5ed637f44f04b48db426c5aa80 +gpg: Signature made Tue 17 Jul 2018 06:48:06 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 17 06:48:06 2018 -0400 + + update paths for Linux 4.14.56 (issue #423) + +commit 6033015454a9f4008bc37de83eb979df12d732dd +Author: Trammell Hudson +Date: Tue Jul 17 06:22:52 2018 -0400 + + Exit if patch fails to apply (issue #429) + +commit 22b124147598fa11ac9b6ca47b3eaee79635eda7 +gpg: Signature made Tue 17 Jul 2018 06:22:52 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 17 06:22:52 2018 -0400 + + Exit if patch fails to apply (issue #429) + +commit fd99d160e83550518b754fd1eb7f9b4925c08ae0 +gpg: Signature made Tue 03 Jul 2018 03:41:17 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue Jul 3 12:40:52 2018 -0700 + + Improve status messages for Librem Key HOTP output + +commit acb2b34873e641dfc5d94c6de6ee62422ae8809a +gpg: Signature made Thu 21 Jun 2018 07:30:54 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Jun 21 16:30:35 2018 -0700 + + Show warning bg color in main menu when HOTP key not found + +commit be665ac4f9f9c4054b9cbbdf55d124e5aee4f002 +gpg: Signature made Thu 21 Jun 2018 07:06:05 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Jun 21 16:04:46 2018 -0700 + + Show red background when HOTP code is invalid + + Granted the user should really be using the Librem Key/phone to check + for tampering (since an attacker could control the Heads background + color) but this provides another visual queue for the user with + the GUI menu to catch less sophisticated tampering. + +commit ec3248dbc948ded7ea115fd2d24599d9ad852043 +gpg: Signature made Wed 20 Jun 2018 07:21:38 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Jun 20 16:20:15 2018 -0700 + + Shorten timeout for Librem Key + + Currently the Librem Key tests will time out after 40 seconds, which + adds to the boot time significantly if the user wants to boot without + inserting it. This patch changes that timeout to one second. + +commit fe34aba719073ef3710b25627b0acbbb5236815d +gpg: Signature made Wed 20 Jun 2018 12:22:43 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Jun 20 09:20:39 2018 -0700 + + Store HOTP counter directly in /boot instead of TPM + + The HOTP counter isn't a secret but is just used to prevent replay + attacks (the time-based counter in TOTP isn't a secret either) so it + doesn't need to be protected in the TPM and storing it as a TPM + monotonic counter was causing conflicts with the Heads configuration + counter as TPM 1.2 can only increment one counter per reboot. + + This change moves the HOTP counter into the file in /boot that was + previously keeping track of the TPM counter id. + +commit 7dde5c2aca74c19195a71338324743bf3bf4d952 +gpg: Signature made Tue 19 Jun 2018 07:28:39 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue Jun 19 16:28:37 2018 -0700 + + Revert "Use HOTP TPM counter instead of Heads when signing, if present" + + This reverts commit c42084406d47409ccce5ac6ddd717b576b693eb3. + +commit c42084406d47409ccce5ac6ddd717b576b693eb3 +gpg: Signature made Tue 19 Jun 2018 07:19:54 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue Jun 19 16:18:10 2018 -0700 + + Use HOTP TPM counter instead of Heads when signing, if present + + TPM v1.2 has a limitation in that only a single monotonic counter can be + incremented between reboots [1]. So in the event we are using HOTP + monotonic counters, we need to reference those for the Heads rollback + counter when we update file signatures in /boot, otherwise the increment + stage at kexec-sign-config will fail since at each boot, the HOTP + monotonic counter has already been incremented. + + [1] https://projects.csail.mit.edu/tc/tpmj/UsersGuide.html#inccounter + +commit 2cacb1572971b50923c9844e19e48bcc9e139a15 +gpg: Signature made Tue 19 Jun 2018 04:03:40 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue Jun 19 13:03:01 2018 -0700 + + Add back TPM config counter section to gui-init + + The section in gui-init that modifies the Heads TPM counter when signing + config was accidentally removed. This change adds that section back. + +commit 31cf85b7074a6e9a9da93faf0d5c4d1beaacb97e +gpg: Signature made Tue 19 Jun 2018 03:46:06 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue Jun 19 12:27:27 2018 -0700 + + Add Librem Key support to Heads + + The Librem Key is a custom device USB-based security token Nitrokey is + producing for Purism and among other things it has custom firmware + created for use with Heads. In particular, when a board is configured + with CONFIG_LIBREMKEY, this custom firmware allows Heads to use the + sealed TOTP secret to also send an HOTP authentication to the Librem + Key. If the HOTP code is successful, the Librem Key will blink a green + LED, if unsuccessful it will blink red, thereby informing the user that + Heads has been tampered with without requiring them to use a phone to + validate the TOTP secret. + + Heads will still use and show the TOTP secret, in case the user wants to + validate both codes (in case the Librem Key was lost or is no longer + trusted). It will also show the result of the HOTP verification (but not + the code itself), even though the user should trust only what the Librem + Key displays, so the user can confirm that both the device and Heads are + in sync. If HOTP is enabled, Heads will maintain a new TPM counter + separate from the Heads TPM counter that will increment each time HOTP + codes are checked. + + This change also modifies the routines that update TOTP so that if + the Librem Key executables are present it will also update HOTP codes + and synchronize them with a Librem Key. + +commit 85eebd0487cfc6dff5a898363de7fec6d5a339ba +gpg: Signature made Wed 06 Jun 2018 10:09:57 PM EDT +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Author: tlaurion +Date: Wed Jun 6 22:09:57 2018 -0400 + + Modify flash command to use generic flash.sh + +commit 4ea175838f336cb86017db998aed49caba9312c0 +Author: Martin Kepplinger +Date: Mon Jun 4 09:02:22 2018 +0200 + + x230: remove 4M and 8M split-images from the build + + The bios regions of the 12M coreboot image is 7M: 4M and 3 of the 8M split + image. The rest of the 8M image _generated_ with fake data and not usable + on real systems! It's dangerous to create them and suggest flashing them + externally. + + That's exactly why the x230-flash build target is there: To + have a self-contained 4M image and enable easy unlocking of the 8M image + using the _original_ data. + + the heads-wiki project is updated accordingly. + + Closes #307 + Closes #302 + +commit 584c07042ef4898de52ba4981997211c646b75fd +gpg: Signature made Fri 01 Jun 2018 12:40:17 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 1d366546f1 8d50b6a1ab +Author: Trammell hudson +Date: Fri Jun 1 12:40:16 2018 -0400 + + Merge branch 'generic_flashrom_script' of https://github.com/kylerankin/heads + +commit 1d366546f165236438717d3b6ef14da276a5bc9f +gpg: Signature made Fri 01 Jun 2018 12:39:42 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 4b264fba70 736538a8a2 +Author: Trammell hudson +Date: Fri Jun 1 12:39:41 2018 -0400 + + Merge branch 'gpg' of https://github.com/flammit/heads + +commit 4b264fba70ed236fae2f55df16e2dfb5a151c50d +gpg: Signature made Fri 01 Jun 2018 12:38:54 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: d88cc4fe3c 4b34cca555 +Author: Trammell hudson +Date: Fri Jun 1 12:38:53 2018 -0400 + + Merge branch 'librem_vbt' of https://github.com/kakaroto/heads + +commit d88cc4fe3cf8dae97c7334b7b8f75177a47b4cf3 +gpg: Signature made Fri 01 Jun 2018 12:36:21 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Fri Jun 1 12:36:21 2018 -0400 + + use tpmtotp git and add hotp command + +commit c7bad87e4238be48207f71e81521705d5a4f376e +gpg: Signature made Tue 29 May 2018 05:28:47 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Tue May 29 17:28:47 2018 -0400 + + update URL for popt since rpm5.or gis down (issue #421) + +commit 2c44800c6509b98cd3d00b3d253fc8f07bd5eccc +gpg: Signature made Tue 29 May 2018 05:12:08 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 29f0f914c5 6d9b0a7c6c +Author: Trammell hudson +Date: Tue May 29 17:12:07 2018 -0400 + + Merge branch 'master' of ssh://github.com/osresearch/heads + +commit 29f0f914c504a5d3daf1d471c520fb72856d785c +gpg: Signature made Tue 29 May 2018 05:09:26 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Tue May 29 17:09:26 2018 -0400 + + do not create empty file if wget fails (issue #422) + +commit 8d50b6a1aba0cf28cb8e4de5222ae628805abf8d +gpg: Signature made Mon 28 May 2018 02:38:12 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Mon May 28 11:38:04 2018 -0700 + + Add option to flash cleaned ROM to GUI + +commit 8dc2f8602f353fe67f2bd4ee0e21a521f249c62a +gpg: Signature made Wed 23 May 2018 07:14:51 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed May 23 16:14:44 2018 -0700 + + Add trivial word-wrapping for long output line + +commit 4b34cca55588696c114d44524d1f088eba826f48 +gpg: Signature made Wed 23 May 2018 04:49:28 PM EDT +gpg: using DSA key AAFC4B34BBEBB31C +gpg: Good signature from "Youness Alaoui " [unknown] +gpg: aka "Youness Alaoui " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1B5A 42BC 46BC C731 63E1 0121 AAFC 4B34 BBEB B31C +Author: Youness Alaoui +Date: Wed May 23 16:47:17 2018 -0400 + + Add VBT file to coreboot image. + + Adding the VBT file makes it available through some ACPI memory area + and apparently the VBT contains the information needed by the i915 driver + in order to figure out how to control the screen's backlight. + Without the VBT, we can't control the screen backlight with Fn-F5/Fn-F6 + anymore. + +commit 736538a8a2a8494ec11c3695a59b425b2425593b +gpg: Signature made Sat 19 May 2018 01:54:27 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat May 19 10:52:49 2018 -0700 + + Add additional kernel command line options for ISO boot + + Allows Qubes/Ubuntu/Fedora ISO media to be used by default + without a custom kexec_iso_add.txt config + +commit cfa6c3a37415315d5e86bb710955965210672ce4 +gpg: Signature made Fri 18 May 2018 05:04:15 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri May 18 14:04:00 2018 -0700 + + Make x230 board option a glob to match x230-flash option + +commit 6d9b0a7c6cce30ac95a7536f902d3f3ff37fc267 +gpg: Signature made Fri 18 May 2018 04:14:27 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Fri May 18 16:14:27 2018 -0400 + + enable cgroups and the various controllers (issue #384) + +commit 33e9dda884fc0a64fdd2f38214793e7f554bf0c7 +gpg: Signature made Fri 18 May 2018 03:39:20 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: eda252568c 2839364d43 +Author: Trammell hudson +Date: Fri May 18 15:39:19 2018 -0400 + + Merge branch 'add-boot-devices-to-qemu-coreboot' of https://github.com/paulmenzel/heads + +commit eda252568cf719db5cf89fd5d11f82a3e1100cc3 +gpg: Signature made Fri 18 May 2018 03:13:58 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 191ef56797 fc72daa6e3 +Author: Trammell hudson +Date: Fri May 18 15:13:57 2018 -0400 + + Merge branch 'variable_counter_label' of https://github.com/kylerankin/heads + +commit 191ef567978728a9dcbf6275b20a52efe4897924 +gpg: Signature made Fri 18 May 2018 03:13:08 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 9c95b4ed58 1585f596d1 +Author: Trammell hudson +Date: Fri May 18 15:13:07 2018 -0400 + + Merge branch 'add-ata-ahci-modules-to-qemu-coreboot' of https://github.com/paulmenzel/heads + +commit 2839364d435e79cb04d20e7ce14ab00374bffe4a +Author: Paul Menzel +Date: Fri May 18 18:38:29 2018 +0200 + + boards/qemu-coreboot: Set `/dev/sdb1` as USB boot device + + QEMU’s USB device is detected as `/dev/sdb1`. + +commit c5665b78822cd7a72f338e96c76cd0b81d0089c4 +Author: Paul Menzel +Date: Fri May 18 18:35:54 2018 +0200 + + boards/qemu-coreboot: Set boot device to `/dev/sda1` + + QEMU emulated drive is detected as `/dev/sda1`. Set it up as the boot + device. + + Use the same value as in for `qemu-linuxboot.config`. + +commit c1be56c5ad3db313e70338b5d8d5c55c6850a699 +gpg: Signature made Thu 17 May 2018 10:53:56 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Thu May 17 19:52:11 2018 -0700 + + Separate trusted ISO signers from trusted config signers + +commit 258420d75db66c0eb92e3fdcf8a948fd562e2a24 +gpg: Signature made Thu 17 May 2018 06:33:09 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu May 17 15:31:23 2018 -0700 + + Add BIOS ROM editing features to flash GUI + + In addition to being able to flash a ROM from the GUI, it would also be + useful for a user to be able to add a GPG key to their keyring using the + flashing tool. This change adds the ability for a user to edit both a + ROM located on a USB key and also edit the running BIOS by using + flashrom to make a local copy of the running BIOS, edit it, then reflash + it. This also supports the upcoming delete feature in CBFS for + circumstances where keyring files already exist within CBFS. + +commit a9bf4eb8740a6eb3cf6d17cb9d531259a7c6b70d +gpg: Signature made Tue 15 May 2018 07:24:37 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue May 15 16:24:24 2018 -0700 + + Add read mode to flash.sh + + If we want to modify a running BIOS we will need the ability to pull + down the current BIOS, modify it, and then reflash. This change adds a + read option to flash.sh and pulls down three versions of the BIOS and + only exists successfully if all three match. + +commit 1585f596d1f88ee638bd4a3ba2c0d6ec2592ef4a +Author: Paul Menzel +Date: Fri May 11 22:40:12 2018 +0200 + + qemu-coreboot: Add modules libata, libahci and ahci to initrd + + To be able to boot a disk image, passed to QEMU with `-hda + /path/qemu.img`, the appropriate modules are needed. Strange, `libata` + is not enough, and the drive is only detected, when the module `ahci` is + loaded. + + > ata1.00: ATA-7: QEMU HARDDISK, 2.5+, max UDMA/100 + + Tested with QEMU emulator version 2.11.1(Debian 1:2.11+dfsg-1ubuntu7) + with the command below, + + qemu-system-x86_64 -enable-kvm -M q35 -m 1G -bios \ + qemu-coreboot/coreboot.rom -serial stdio -L /dev/shm -hda \ + /dev/shm/qemu-debian.img + + where `qemu-debian.img` is created with grml-debootstrap. + + grml-debootstrap --vmfile --vmsize 3G --target \ + /dev/shm/qemu-debian.img -r sid + +commit b276e355d912e59100f37fa8f015401b48f33fab +gpg: Signature made Fri 11 May 2018 05:24:19 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri May 11 14:23:48 2018 -0700 + + Re-add the flashrom script for kgpe-d16-openbmc + +commit 3c88bc5d86fef0dd988d3ac1f0fff767db56b410 +gpg: Signature made Fri 11 May 2018 05:10:14 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri May 11 14:08:31 2018 -0700 + + Split flash GUI into separate script + + To keep the flash logic simpler the GUI logic has been split into a + flash-gui.sh program so flash.sh behaves closer to the original flashrom + scripts it was based from. I've also removed the previous flashrom + scripts and incorporated their options into flash.sh. Finally I set + CONFIG_BOARD via the Makefile instead of setting a duplicate option in + each board's config. + +commit 89b008a0424544609c9e7ca98a42063bc49ad4c3 +gpg: Signature made Fri 11 May 2018 03:32:09 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri May 11 12:32:04 2018 -0700 + + Use explicit path for flash.sh + +commit 45ae20fc12a3f351295b205ebd5639cad6302ffd +gpg: Signature made Fri 11 May 2018 03:29:34 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri May 11 12:27:50 2018 -0700 + + Add generic flash script + + Based on the conversation for PR #406, we decided to go with a more + generic script for general-purpose flashing instead of having individual + (and therefore very similar) flash scripts for each board type. This + script currently handles flashrom on Librem and X230 board types and + introduces a new CONFIG_BOARD option that sets specific flashrom + arguments based on the board. + + It also adds support to gui-init to call this flash script. + +commit fc72daa6e391b4aa21253075d8e80860c30e3f3e +gpg: Signature made Wed 09 May 2018 05:28:49 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed May 9 14:28:36 2018 -0700 + + Fix tabbing + +commit ec2d7dfc2cb24b6b4cc34f68d91440b60b60c255 +gpg: Signature made Wed 09 May 2018 05:27:26 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed May 9 14:25:43 2018 -0700 + + Make TPM counter label a variable + + Currently the TPM counter label is hard-coded. By changing it to a + variable in this function we can reuse all of the TPM counter functions + to create other monotonic counters in the TPM (if the hardware supports + it) with custom labels. + +commit b0ca83dbca1fa604a3d0e5446c75d65f5660d9f0 +Author: Thierry Laurion +Date: Mon May 7 16:56:54 2018 -0400 + + reverting changes on linux-x230.config + +commit 93e77c3ade95556a2902f08b22a27066a8fd7283 +Author: Thierry Laurion +Date: Mon May 7 16:55:26 2018 -0400 + + reverting changes on coreboot-x230.config + +commit fbcedd77dc73d25665fec86f4e1434ea3d064af6 +Author: Thierry Laurion +Date: Mon May 7 16:52:54 2018 -0400 + + reverting changes on x230.config + +commit 3d23cadd15ae2da4d6d7e7f92e2e7b18aa32fa26 +Author: Thierry Laurion +Date: Mon May 7 16:45:47 2018 -0400 + + x230-flash depends on independent and minimal linux-x230-flash.config. ash_history content replaced with usefull commands. Everything is there to generate keys from Yubikey/Nitrokey, export armored versions to external media and cbfs them into reproducible rom and flash resulting rom with flashrom-x230.sh. + +commit 2ede0b355d33dd43ba6c3b64ffccbd024165e786 +Merge: a61d565d56 9c95b4ed58 +Author: Thierry Laurion +Date: Mon May 7 14:27:44 2018 -0400 + + Merge branch 'master' of https://github.com/osresearch/heads into X230-CCACHE-GUI_INIT-LINUX_I915FB-COREBOOT_NO_TEXTBUFFER + +commit 9c95b4ed589a7f58c66f3b54cdc680470e98cb0d +gpg: Signature made Mon 07 May 2018 11:24:58 AM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 2ab90623f9 f70fabd187 +Author: Trammell hudson +Date: Mon May 7 11:24:56 2018 -0400 + + Merge branch 'usb-scan-gui' of https://github.com/kylerankin/heads + +commit 2ab90623f9d7503855bc3c6a20bca04ec3dd6096 +gpg: Signature made Mon 07 May 2018 11:24:00 AM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 11cb44432c 4fdbe88560 +Author: Trammell hudson +Date: Mon May 7 11:23:58 2018 -0400 + + Merge branch 'word_wrap_whiptail' of https://github.com/kylerankin/heads + +commit 11cb44432cb57e894c126f500854957a2bcf34b0 +gpg: Signature made Mon 07 May 2018 11:22:49 AM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 492b94afb5 bb0e13c24f +Author: Trammell hudson +Date: Mon May 7 11:22:47 2018 -0400 + + Merge branch 'flashrom' of https://github.com/flammit/heads + +commit a61d565d56f85b5ad35fde5a6cc0b464db336fdd +Merge: 7b57db976f bb0e13c24f +Author: Thierry Laurion +Date: Sun May 6 01:02:13 2018 -0400 + + Merge branch 'flashrom' of https://github.com/flammit/heads into tlaurion/x230-fbwhiptail + +commit bb0e13c24fbf2bf1664b2e97a17a2b255e35a8ee +gpg: Signature made Sat 05 May 2018 10:00:12 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat May 5 18:59:43 2018 -0700 + + Add back flashrom support for KGPE-D16 + + Also fix up flashrom-x230.sh command only read bios area + +commit 7b57db976f0e81103d38828057311c2900bfc05e +Merge: f34e43a1a3 492b94afb5 +Author: Thierry Laurion +Date: Sat May 5 02:03:47 2018 -0400 + + Merge branch 'master' of https://github.com/osresearch/heads into tlaurion/x230-fbwhiptail + +commit 492b94afb51ca64361c2ebd88abcd72d83eb5525 +gpg: Signature made Fri 04 May 2018 02:36:56 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Fri May 4 14:36:56 2018 -0400 + + move git hash into /etc/config instead of Linux kernel version and track clean/dirty status (#398) + +commit 958c26e0f52bb7923275d2c34acaea286516a61c +gpg: Signature made Fri 04 May 2018 02:09:20 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Fri May 4 14:09:20 2018 -0400 + + include flashrom in the x230-flash config + +commit 8bea99f793da39eeba42df23ce6f0508ef5e5c87 +gpg: Signature made Fri 04 May 2018 02:02:31 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Fri May 4 14:02:31 2018 -0400 + + add xz and bz2 (#399) + +commit 7f8cec0992c493854c845ead70240f0e3294ee53 +gpg: Signature made Fri 04 May 2018 12:31:21 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Fri May 4 12:31:21 2018 -0400 + + fix clean checkout missing tagets, silence a spurious print (#394) + +commit 0b644b1e19adde84c8f3598b10b38e9fbd70ca05 +gpg: Signature made Thu 03 May 2018 06:03:24 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu May 3 18:03:24 2018 -0400 + + ensure that Linux kernel is updated after a build and that busybox is not spuriously rebuilt (#397) + +commit 3d6eeb6a9509d7d4455db3978f9b028a428256df +gpg: Signature made Thu 03 May 2018 04:47:09 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu May 3 16:47:09 2018 -0400 + + force re-configuration when linux or coreboot config files change (#397) + +commit 2b79f006d9faa9a4e6db29b942f50527d9705c27 +gpg: Signature made Thu 03 May 2018 04:18:51 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 8108e419fe 17bcc68f5d +Author: Trammell hudson +Date: Thu May 3 16:18:49 2018 -0400 + + Merge branch 'parallel-build' of ssh://github.com/osresearch/heads + +commit 4fdbe88560d84bc363a35f2be4c00a672f4aa993 +gpg: Signature made Thu 03 May 2018 01:46:07 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu May 3 10:45:45 2018 -0700 + + Allow lines to be wrapped closer to the edge + +commit f70fabd187a202f32e206720e93486840bebba49 +gpg: Signature made Wed 02 May 2018 05:29:40 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed May 2 14:29:27 2018 -0700 + + Add a whiptail GUI to usb-scan + +commit 17bcc68f5d092540cd02b36a712679098e848c09 +gpg: Signature made Wed 02 May 2018 04:13:23 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed May 2 16:13:23 2018 -0400 + + fix symlink install of busybox so that it happens even on parallel builds (#394) + +commit 3dc4672bc6a16011a1c3dc8f9a6dcd84a7704903 +gpg: Signature made Wed 02 May 2018 03:46:30 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed May 2 15:46:30 2018 -0400 + + fix path to edk2/OvmfPkg for qemu-linuxboot board (#394) + +commit a1eae9111f90f202869cd542b6132cd4136a6a4a +gpg: Signature made Wed 02 May 2018 03:41:11 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed May 2 15:41:11 2018 -0400 + + allow a system make that matches the same major number (#353) + +commit e5740c6bfe193f289db8ab4922a9c7dabe64c53b +gpg: Signature made Wed 02 May 2018 02:53:54 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed May 2 14:53:54 2018 -0400 + + ensure that both coreboot.rom and linuxboot.rom are built in a parallel build (#394) + +commit 022ca815e45fbf50348021f9d34a01777cad42a3 +gpg: Signature made Wed 02 May 2018 02:30:58 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed May 2 14:30:58 2018 -0400 + + fix external cross compiler parallel build and patch directories + +commit 589e67db8eac2abc336c01e9e68bd77f8c3ee3c6 +gpg: Signature made Wed 02 May 2018 02:30:27 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed May 2 14:30:27 2018 -0400 + + Fix linux header install path + +commit a772b27e5dda46c8441367d9cba49a841cd896ad +gpg: Signature made Wed 02 May 2018 11:38:39 AM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed May 2 11:38:39 2018 -0400 + + parallel make fixes and hacks, which seem to work and reduce excessive remaking (issue #394) + +commit 745d843f0d42cc4426f401afbcaf9cd46881371b +gpg: Signature made Tue 01 May 2018 06:21:36 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue May 1 15:20:35 2018 -0700 + + Extend whiptail window to 90 columns wide + + Wrapping text to 80 characters works but due to font size and padding + the maximum 80 character lines start to get truncated. Extending the + window to 90 characters will resolve this. + +commit 480b01c27874191cf6a9bddee391714efe8f61f7 +gpg: Signature made Tue 01 May 2018 06:10:28 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue May 1 15:10:14 2018 -0700 + + Wrap an additional line that was missed in the first pass + +commit f26a14c20dd81b6a79caa12086efdaee0c32eb12 +gpg: Signature made Tue 01 May 2018 05:25:26 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue May 1 14:23:56 2018 -0700 + + Wrap whiptail text that's over 80 characters + + While the whiptail program wraps text appropriately based on column + size, the fbwhiptail program doesn't, leading to text that scrolls off + the window where it can no longer be read. This change wraps the longer + text output so it all fits. + +commit 8108e419fe4789e5671cde8f6aa7a38a2be7a382 +gpg: Signature made Mon 30 Apr 2018 05:16:06 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Mon Apr 30 17:16:06 2018 -0400 + + remove unused flashrom 0.9.9 patch and use new --ifd feature in its place (pr #370) + +commit ca5a7e0809eebc907a8890461eb091dda19d287b +gpg: Signature made Mon 30 Apr 2018 05:08:53 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 03a0e39bce 02145a80f5 +Author: Trammell hudson +Date: Mon Apr 30 17:08:51 2018 -0400 + + Merge branch 'flashrom' of https://github.com/kakaroto/heads + +commit 03a0e39bce7a0171efef7291bff6be86e709eed2 +gpg: Signature made Mon 30 Apr 2018 04:39:21 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 1a04226eea eaaa1dad39 +Author: Trammell hudson +Date: Mon Apr 30 16:39:20 2018 -0400 + + Merge branch 'skip_sig_checks' of https://github.com/kylerankin/heads + +commit 1a04226eea7a51f1884bf63e1231b446338eb662 +gpg: Signature made Mon 30 Apr 2018 04:36:23 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: cd2325781c eedf5a31a1 +Author: Trammell hudson +Date: Mon Apr 30 16:36:21 2018 -0400 + + Merge branch 'librem15v3' of https://github.com/kakaroto/heads + +commit cd2325781c41b906360088aa83706229471f7f75 +gpg: Signature made Mon 30 Apr 2018 04:31:46 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 05a36ce3d9 22a8d6f603 +Author: Trammell hudson +Date: Mon Apr 30 16:31:45 2018 -0400 + + Merge branch 'colorized_warning_error' of https://github.com/kylerankin/heads + +commit 05a36ce3d95df807525ea704334f3c77a901c83d +gpg: Signature made Mon 30 Apr 2018 04:31:06 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 7372595a20 a308bc97e4 +Author: Trammell hudson +Date: Mon Apr 30 16:31:05 2018 -0400 + + Merge branch 'skip_confirmation_on_force' of https://github.com/kylerankin/heads + +commit 7372595a20a99331a2f21c56b58b9cb90a0fe83b +gpg: Signature made Mon 30 Apr 2018 04:30:30 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 463f91c601 c99d5a8437 +Author: Trammell hudson +Date: Mon Apr 30 16:30:29 2018 -0400 + + Merge branch 'red_background_on_insecure_boot' of https://github.com/kylerankin/heads + +commit eedf5a31a124da9c533ecc7fef5878fca2a505c9 +gpg: Signature made Mon 30 Apr 2018 04:22:25 PM EDT +gpg: using DSA key AAFC4B34BBEBB31C +gpg: Good signature from "Youness Alaoui " [unknown] +gpg: aka "Youness Alaoui " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1B5A 42BC 46BC C731 63E1 0121 AAFC 4B34 BBEB B31C +Author: Youness Alaoui +Date: Fri Apr 20 17:49:30 2018 -0400 + + librem15v3: Add board and coreboot config files for Librem 15 v3 + +commit 463f91c6016049de3512d09a4557503c80346ef0 +gpg: Signature made Mon 30 Apr 2018 04:02:20 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: cbbcbcdf1b c0f3a4bb79 +Author: Trammell hudson +Date: Mon Apr 30 16:02:16 2018 -0400 + + Merge branch 'cbfs-init' of https://github.com/flammit/heads + +commit cbbcbcdf1bd841f646687697c661bde41ffb22b8 +gpg: Signature made Mon 30 Apr 2018 03:51:39 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: acf16c7304 6104c5bdd4 +Author: Trammell hudson +Date: Mon Apr 30 15:51:37 2018 -0400 + + Merge branch 'fix_u-root_build' of https://github.com/vejmarie/heads + +commit 6104c5bdd4ee65cbd6d2670e81e1cbabf6e8d292 +Author: vejmarie +Date: Mon Apr 30 16:14:18 2018 +0200 + + Fix uinit setup + +commit 4c8e97eda15f6ba89cba7f60231ac8f300f3fe35 +Author: vejmarie +Date: Mon Apr 30 14:48:24 2018 +0200 + + Enhance parallel build + +commit c0f3a4bb79fda146c2733f42ff625e51e25068ba +gpg: Signature made Sun 29 Apr 2018 10:59:03 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Apr 29 19:58:44 2018 -0700 + + Read and measure an EFI file into initrd during init + +commit f34e43a1a31c9aec21eacab982ed6fd39ac835cc +Author: Thierry Laurion +Date: Sun Apr 29 20:32:18 2018 -0400 + + Coreboot Linear FB works. Still flickering when Xen inits the FB for 10s + +commit a90858c0e5371795c7f42319ee54e94f6a699280 +Author: vejmarie +Date: Sun Apr 29 20:56:33 2018 +0200 + + Fix u-root parallel build + +commit 1a7dff318026b09dfa17494de62d425c7df7d4dc +Author: Thierry Laurion +Date: Sun Apr 29 13:33:47 2018 -0400 + + FB Whiptail: coreboot FB without text support, linux with i915 support. Still flickering when Xen owns FB. + +commit 22a8d6f6031c804107fae249f4e668d4b6310530 +gpg: Signature made Wed 25 Apr 2018 04:24:13 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Apr 25 13:21:56 2018 -0700 + + Colorize warning and error messages in fbwhiptail + + Since fbwhiptail allows us to customize the background colors, we should + colorize warnings and error messages to provide a user with an + additional subtle cue that there might be a problem. I have added two + additional configuration options: + + CONFIG_WARNING_BG_COLOR + CONFIG_ERROR_BG_COLOR + + and in the librem13v2.config file you can see an example for how to set + them to be yellow and red gradients, respectively. I've also updated the + main two scripts that use whiptail to include those background colors. + + If you decide to use regular whiptail, just don't set these config + options and it should behave as expected. + +commit 28256ca3b69ef7ab4426e4b19b98b2efb8996290 +Author: Francis Lam +Date: Sat Apr 21 18:29:52 2018 -0700 + + Add flashtool to all coreboot-based boards + +commit 789c2db70d0013f3ae164a32fd408ae8689497d0 +gpg: Signature made Sat 21 Apr 2018 09:30:11 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Apr 21 18:29:52 2018 -0700 + + Add flashtool to all coreboot-based boards + +commit 1cbae3cc12cae7c90b263a02d746c2f25e1a5e0d +gpg: Signature made Sat 21 Apr 2018 08:21:56 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Apr 21 17:21:37 2018 -0700 + + Preserve custom CBFS files on flashrom updates + +commit 48ca75a482d27d714b31dc0aee17f481406f1326 +gpg: Signature made Fri 20 Apr 2018 06:12:06 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Fri Apr 20 15:11:12 2018 -0700 + + Add "heads/" prefix to all Heads-related cbfs files + + Needed to identify which files should be preserved between upgrades + such as "heads/initrd/*" or "heads/counter" + +commit a308bc97e4cdeb0f3f91b59bf378e9c4f96aa129 +gpg: Signature made Fri 20 Apr 2018 05:11:59 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri Apr 20 14:11:49 2018 -0700 + + Skip boot choice confirmation in "force" mode + + When a user gets confirmation of their boot menu choice, that's largely + to give them the option of making their boot choice the default. In the + case of "force mode" there's no reason for the user to be presented with + that dialog so this change skips right ahead to the boot once they have + +commit 8644a3648863398ae655efc495dd3e9cb89ee308 +gpg: Signature made Fri 20 Apr 2018 01:46:55 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Fri Apr 20 10:46:08 2018 -0700 + + Drop unnecessary flashtools.patch + + Also added convenience call to import keys and removed credentials + +commit 8b1d194b5a13cf586e3e15318b044f99442f4ac1 +gpg: Signature made Fri 20 Apr 2018 12:30:11 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Mar 31 15:36:14 2018 -0700 + + Update flashtools patch with latest + +commit e0c1ab2d79496a924f976a8de6b6d4434c06cfb6 +gpg: Signature made Fri 20 Apr 2018 12:30:07 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Fri Mar 23 09:29:47 2018 -0700 + + Update cbfs-init script for new cbfs tool option + +commit d0294b1142d4c9ee49834c89ccc9afc12c1f80d8 +gpg: Signature made Fri 20 Apr 2018 12:30:03 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Tue Mar 13 17:55:34 2018 -0700 + + Add all supported network modules to network-init-recovery + + also fix verbiage in comments + +commit 37feebdc7640c5a57369ec9b25cd33c6b8687505 +gpg: Signature made Fri 20 Apr 2018 12:29:57 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Mar 11 18:27:19 2018 -0700 + + Read and measure CBFS files into initrd during init + +commit acf16c7304de8675f66ecc204b2abea25f0f67a3 +gpg: Signature made Thu 19 Apr 2018 08:41:49 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Apr 19 20:41:49 2018 -0400 + + slang: disable parallel make during the install target (issue #385) + +commit 7dee3902f3b325f6bce911c138d273981d39c7c4 +gpg: Signature made Thu 19 Apr 2018 08:06:36 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Apr 19 20:06:36 2018 -0400 + + ensure clean builds work even if BOARD is not specified in the environment + +commit a91be6b38d2734514da967848cab92bd5bdd83a3 +gpg: Signature made Thu 19 Apr 2018 07:37:45 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Apr 19 19:37:45 2018 -0400 + + move log directory creation above the make version check (issue #375) + +commit ee9bb29c7d3c49a5f8e106dd68f80551569b3c2d +gpg: Signature made Thu 19 Apr 2018 05:41:50 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu Apr 19 17:41:50 2018 -0400 + + relocate Make version check to be above the inclusion of the board config (issue #375) + +commit 19ef20ed9455d5772f0c2bfbb93d45f2fdb9490c +gpg: Signature made Thu 19 Apr 2018 12:54:05 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu Apr 19 12:54:05 2018 -0400 + + flashtools include cbfs reader + +commit 4fe148a19b227606ca9ab852f982790d767cb4f0 +gpg: Signature made Wed 18 Apr 2018 04:41:22 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed Apr 18 16:41:22 2018 -0400 + + split the x230 ROM image into 8MB and 4MB pieces (issue #375) + +commit c99d5a843717d67b5ba7a6c32a73c8b63465ac01 +gpg: Signature made Wed 11 Apr 2018 07:12:12 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Apr 11 16:09:46 2018 -0700 + + Add red background to boot console for insecure "force" boot + + In the event a user does pick the insecure "force" boot option that + bypasses checksum and signing checks in Heads, it would be nice to + provide a clear visual warning during the boot process that they are in + this state. This change will add a kernel argument that changes the boot + console background to be red and removes any boot splash that might + obscure it, in the event the user picks the insecure boot mode. + + Since a user should only boot into this mode during emergencies, having + it be apparent that it's an unsafe mode helps ensure the user doesn't + pick this boot option needlessly. + +commit 0eff9914ea9e5ad5c324054ed85d81bf1b848584 +gpg: Signature made Tue 10 Apr 2018 03:44:50 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: d14b0f52d7 d1e6dcb899 +Author: Trammell hudson +Date: Tue Apr 10 15:44:49 2018 -0400 + + Merge branch 'gui_for_changed_boot_entries' of https://github.com/kylerankin/heads + +commit d14b0f52d7f0cd74039912062a3cb786836d2bb0 +gpg: Signature made Tue 10 Apr 2018 03:44:16 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: c7bbe700af 887c79065e +Author: Trammell hudson +Date: Tue Apr 10 15:44:15 2018 -0400 + + Merge branch 'detect_package_updates' of https://github.com/kylerankin/heads + +commit c7bbe700af71f67d9ba194091a37436fabb197e9 +gpg: Signature made Tue 10 Apr 2018 03:43:21 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: b887104035 16d9c405ac +Author: Trammell hudson +Date: Tue Apr 10 15:43:20 2018 -0400 + + Merge branch 'librem-iommu' of https://github.com/kakaroto/heads + +commit b887104035c89b728eea73354baec41e949d8358 +gpg: Signature made Tue 10 Apr 2018 03:39:05 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Tue Apr 10 15:39:05 2018 -0400 + + enable setsid for job control in recovery shell (issue #382) + +commit 23e0dc84ef44cbbd8953a64dfadc5be3ac9b7765 +gpg: Signature made Tue 10 Apr 2018 03:28:24 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Tue Apr 10 15:28:24 2018 -0400 + + option for Intel ME modules + +commit d1e6dcb899b49e1c81bafa430826f5840185dba8 +gpg: Signature made Wed 04 Apr 2018 05:27:36 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Apr 4 14:27:31 2018 -0700 + + Fix tab on return line + +commit 5434e0bdf2ae72a59540cb89bc9ec258357f8f88 +gpg: Signature made Wed 04 Apr 2018 05:26:31 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Apr 4 14:25:22 2018 -0700 + + Add a gui menu for changed boot entries + + Currently when the boot entries change, kexec-select-boot dies. Given + the normal loop is set up to catch this event and display a regular boot + menu at the next iteration of the loop, instead of dying it would be + better to just warn and then return from that function back into the + main loop. In addition to that I added a GUI menu for the same warning + when in GUI mode. + +commit 16d9c405acdef59a5effaf1dd0e5e7378eb8ec7c +gpg: Signature made Tue 03 Apr 2018 07:04:59 PM EDT +gpg: using DSA key AAFC4B34BBEBB31C +gpg: Good signature from "Youness Alaoui " [unknown] +gpg: aka "Youness Alaoui " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1B5A 42BC 46BC C731 63E1 0121 AAFC 4B34 BBEB B31C +Author: Youness Alaoui +Date: Tue Apr 3 18:06:22 2018 -0400 + + Librem13v2: Update to 4.7-Purism-4 + + Fixes access to the EC through the Index I/O interface + Fixes AC and DC LoadLine values to avoid overheating problems + Fix Turbo mode value from EC + Change version name to have '-heads' suffix + +commit 1fc114ba42488d05b4cce19a5d039b9cc94304dd +gpg: Signature made Tue 03 Apr 2018 07:04:57 PM EDT +gpg: using DSA key AAFC4B34BBEBB31C +gpg: Good signature from "Youness Alaoui " [unknown] +gpg: aka "Youness Alaoui " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1B5A 42BC 46BC C731 63E1 0121 AAFC 4B34 BBEB B31C +Author: Youness Alaoui +Date: Tue Apr 3 18:04:03 2018 -0400 + + Librem13v2: Enable IOMMU and Pass-through mode + + By enabling Pass-through iommu, it fixes the GPU glitching issues + we've had with IOMMU, and it also allows us to boot a target kernel + without having to give it intel_iommu=igfx_off as argument. + +commit 887c79065eb6c25dc8e0abb9acf4cfddbcd968b2 +gpg: Signature made Tue 03 Apr 2018 06:30:46 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue Apr 3 15:20:34 2018 -0700 + + Add GUI package update handler w/ checksum update function + + Part of the Heads workflow involves handling legitimate changes to /boot + as part of the package manager. This is a challenging workflow to handle + as package managers on many systems work in a completely unattended way + (and some even reboot first, apply updates, and then reboot again). + + We need to be able to detect changes that are potentially caused by a + package manager so to do that I've set up a trigger within the OS + (currently just for Debian) that runs both before and after package + updates. It verifies the signatures in /boot and if they fail before + package updates it creates a log file in + /boot/kexec_package_trigger_pre.txt. If they fail after package updates + run /boot/kexec_package_trigger_post.txt is created. These files contain + the following fields: + + CHANGED_FILES: A list of files in /boot that failed the sha256sum check + UPDATE_INITRAMFS_PACKAGE: An (optional) list of packages known to + trigger initramfs changes + + Following those fields is a list of log output from the last package + manager run which contains its own formatted fields (I'm pulling from + /var/lib/dpkg/info). + + When a user selects a boot option, gui-init first verifies the + checksums just to catch errors before calling kexec-select-boot. If + there are any errors it looks for these package logs and if they exist, + it displays appropriate warnings. If the files are absent it displays a + more generic warning. The user is also given an opportunity to re-sign + the /boot hashes. + +commit f60f0543d633651c3df0742c6e9e17a27149b365 +gpg: Signature made Mon 02 Apr 2018 11:12:23 AM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Mon Apr 2 11:12:23 2018 -0400 + + rename x230-flash coreboot file and update path to bzImage (#375) + +commit 1f04cf94efe25dcacc4e9b72a9e88b16b1497422 +gpg: Signature made Thu 29 Mar 2018 06:05:57 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu Mar 29 18:05:57 2018 -0400 + + generate the list of modules to be cleaned automatically (issue #313) + +commit 83df25c5ab26ea361cf4d126abed42060d4a7547 +gpg: Signature made Thu 29 Mar 2018 05:32:09 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: c6ece3bea1 35916d942b +Author: Trammell hudson +Date: Thu Mar 29 17:32:08 2018 -0400 + + Merge branch 'nested_menus' of https://github.com/kylerankin/heads + +commit c6ece3bea1d1915a26fcc92547278fd7dadfd129 +gpg: Signature made Thu 29 Mar 2018 05:21:58 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: bd0c7da8f5 8ca6286ae0 +Author: Trammell hudson +Date: Thu Mar 29 17:21:57 2018 -0400 + + Merge branch 'cairo' of https://github.com/kakaroto/heads + +commit bd0c7da8f5dd0f6da559cbd658bf240a40d1da43 +gpg: Signature made Thu 29 Mar 2018 05:21:51 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu Mar 29 17:21:51 2018 -0400 + + point pkg-config at the $(INSTALL) directory (issue #373) + +commit fe3e6dd5ec007e4fbb4895f87a726de63569ab12 +gpg: Signature made Thu 29 Mar 2018 03:35:40 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu Mar 29 15:35:38 2018 -0400 + + Merge branch 'nvme' of https://github.com/kakaroto/heads + +commit 8ca6286ae032ccfbb9c5376fb8cbb63d764718d8 +gpg: Signature made Wed 28 Mar 2018 04:42:53 PM EDT +gpg: using DSA key AAFC4B34BBEBB31C +gpg: Good signature from "Youness Alaoui " [unknown] +gpg: aka "Youness Alaoui " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1B5A 42BC 46BC C731 63E1 0121 AAFC 4B34 BBEB B31C +Author: Youness Alaoui +Date: Tue Mar 6 14:57:00 2018 -0500 + + Add Cairo/FBWhiptail to the build process + + Enable it by default for the Librem 13 v2 + +commit 02145a80f56cdeb7d4b0bbeffff02c086cf93580 +gpg: Signature made Mon 26 Mar 2018 03:21:41 PM EDT +gpg: using DSA key AAFC4B34BBEBB31C +gpg: Good signature from "Youness Alaoui " [unknown] +gpg: aka "Youness Alaoui " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1B5A 42BC 46BC C731 63E1 0121 AAFC 4B34 BBEB B31C +Author: Youness Alaoui +Date: Wed Mar 21 16:45:08 2018 -0400 + + Update flashrom to 1.0 + +commit e62362ddcc6b0ea295b138c91c0b99805714ea13 +gpg: Signature made Fri 23 Mar 2018 09:13:09 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Mar 23 21:13:09 2018 -0400 + + Tioga Pass support, with the Broadcom BCM57302 + +commit b0fa91a6cf12e68a0032ed3a2e4e09de6281bf9d +gpg: Signature made Thu 22 Mar 2018 05:34:58 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 22 17:34:58 2018 -0400 + + very small Leopard board build + +commit 35916d942b6538acb27b29d217e694be36333a97 +gpg: Signature made Tue 20 Mar 2018 02:26:25 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue Mar 20 11:26:09 2018 -0700 + + Handle signing failures more gracefully with a dialog + +commit f01e4076a0429964e1351a18d5242263c26d78c7 +gpg: Signature made Fri 16 Mar 2018 03:18:13 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Mar 16 15:18:13 2018 -0400 + + fix target for non-external cross compiler build (issue #162) + +commit 7e52951715a78d5d22facc8f7270fb9318b911d1 +gpg: Signature made Fri 16 Mar 2018 01:37:24 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Mar 16 13:37:24 2018 -0400 + + fix missing ) in check for cross compiler (issue #162) + +commit 7f30b22b82791dca2c2dce5462f6f53a923585bb +gpg: Signature made Fri 16 Mar 2018 12:59:24 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Mar 16 12:59:24 2018 -0400 + + allow CROSS or MUSL_DIR to be set on the command line so that an external cross compiler can be used (issue #162) + +commit 114d17bab6ee5416694ed0ea3a8ba3484cd818cd +gpg: Signature made Thu 15 Mar 2018 06:10:15 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 15 18:10:15 2018 -0400 + + add leading + to enable job server mode for parallel make + +commit 7e0450113ffbff87cf2e2d3ba1fcd36b1d168e2b +gpg: Signature made Thu 15 Mar 2018 05:44:42 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 15 17:44:42 2018 -0400 + + split Linux patches into separate files (issue #348) + +commit e7697055a38d5f228b0a4feca16e9d26351867d9 +gpg: Signature made Thu 15 Mar 2018 05:16:14 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 3cbff7ed1e dabb181516 +Author: Trammell hudson +Date: Thu Mar 15 17:16:13 2018 -0400 + + Merge branch 'init-changes' of https://github.com/flammit/heads + +commit 3cbff7ed1e6e5c6e1990e7d09d793aea1aa15076 +gpg: Signature made Thu 15 Mar 2018 03:41:46 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 15 15:41:46 2018 -0400 + + split coreboot patch into measured boot, kgpe-16 and sandybridge patches (#358) + +commit 18a7d5e16d6802b2e1d356c18be0222a7132248e +gpg: Signature made Thu 15 Mar 2018 03:34:42 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: cd98b36b7c 514ec6bb29 +Author: Trammell hudson +Date: Thu Mar 15 15:34:40 2018 -0400 + + Merge branch 'vejmarie-nerf' + +commit 514ec6bb29f8866e89a486c82eb5eae01c4fde83 +gpg: Signature made Thu 15 Mar 2018 03:30:05 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 15 15:30:05 2018 -0400 + + reduce the number of tools include in a qemu-linuxboot u-root build so that it fits + +commit 6c041ad8458882902ef2029184f558e6db21bf52 +gpg: Signature made Thu 15 Mar 2018 03:29:36 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 15 15:29:36 2018 -0400 + + use the Makefile dependencies to setup the per-board uinit.go file (#358) + +commit bac09ec1919f2a860a707febdfc7b478a696691f +gpg: Signature made Thu 15 Mar 2018 02:46:53 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: cd98b36b7c 5bad1cc595 +Author: Trammell hudson +Date: Thu Mar 15 14:46:50 2018 -0400 + + Merge branch 'nerf' of https://github.com/vejmarie/heads into vejmarie-nerf + +commit cd98b36b7cc1dd6b9040dfdfb025f99ace63c55b +gpg: Signature made Thu 15 Mar 2018 02:44:53 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 921bda774f 8bf187b50a +Author: Trammell hudson +Date: Thu Mar 15 14:44:51 2018 -0400 + + Merge branch 'patch_series' of https://github.com/kakaroto/heads + +commit 921bda774fa0f8fc8e9b6610e73064455e7ca496 +gpg: Signature made Thu 15 Mar 2018 11:49:02 AM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 15 11:49:02 2018 -0400 + + pre-build more of edk2 (issue #362) + +commit ac537d0300b6668ae7ad51056905742c47a71dd3 +gpg: Signature made Thu 15 Mar 2018 11:46:42 AM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 15 11:46:42 2018 -0400 + + clean all cpio files and ensure that they are all padded + +commit fadbc77fe89027062f81eb9b5d3dc6d858e62cbb +gpg: Signature made Wed 14 Mar 2018 08:31:47 PM EDT +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Mar 14 20:31:47 2018 -0400 + + prebuild the edk2 OVMF for a qemu system (issue #362) + +commit 8bf187b50ad04f073b4f4ae4829b18dbb6d5738e +gpg: Signature made Wed 14 Mar 2018 04:27:25 PM EDT +gpg: using DSA key AAFC4B34BBEBB31C +gpg: Good signature from "Youness Alaoui " [unknown] +gpg: aka "Youness Alaoui " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1B5A 42BC 46BC C731 63E1 0121 AAFC 4B34 BBEB B31C +Author: Youness Alaoui +Date: Thu Mar 8 15:39:11 2018 -0500 + + Add patches to coreboot to support Librem 13 v2 with TPM + + Add a new series of patches which add measurement support for skylake, + add IOMMU for skylake, fix TPM support, and add support for TPM for + the Librem 13v2 and Librem 15v3 hardware. + +commit e7d4b88d3970494b646caaa83379b714da08adce +gpg: Signature made Wed 14 Mar 2018 04:27:21 PM EDT +gpg: using DSA key AAFC4B34BBEBB31C +gpg: Good signature from "Youness Alaoui " [unknown] +gpg: aka "Youness Alaoui " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1B5A 42BC 46BC C731 63E1 0121 AAFC 4B34 BBEB B31C +Author: Youness Alaoui +Date: Thu Mar 8 15:37:17 2018 -0500 + + Add ability to specify a series of patches per module + + If a file $module_$version.series exists, it will be used to + specify a list of patch files to apply to the module. + This is becoming necessary for coreboot which has an increasing + amount of patches required and which makes it hard to maintain + all in one file. + +commit eaaa1dad395e57aeda19f39125fd2ae902efe2da +gpg: Signature made Wed 14 Mar 2018 01:24:24 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Mar 14 10:24:14 2018 -0700 + + Fix tab alignment to conform with rest of script + +commit 665754122d31d80f3cdfcc0299d0a5db21c8f025 +gpg: Signature made Wed 14 Mar 2018 01:20:50 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Mar 14 10:18:52 2018 -0700 + + Allow insecure boot mode to bypass kexec sig checks + + There was a bug in the "force" boot mode where it would still fail if + signatures didn't match. This was because the check_config function + validates the signatures for kexec files. I've added a few conditionals + here so that in the case of a forced boot mode, we can bypass those + signature checks that would prevent boot and error out to a recovery + console. + +commit 769f6a7a24d0e465fdda875b5b3466fc1469b0e0 +gpg: Signature made Wed 14 Mar 2018 01:14:26 PM EDT +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Mar 14 10:14:22 2018 -0700 + + Create nested menus and add option to rehash/sign /boot + + The number of options we want in the menu is starting to get large + enough that it's worth slimming things down in the main menu and move + options to nested menus. Along with this nested menu change is the + option to re-sign and re-hash files in /boot directly from the menu. + +commit 5bad1cc59515e3df17039c4fb8446cd0aaefd1f8 +Author: Jean-Marie Verdun +Date: Mon Mar 12 21:31:58 2018 +0100 + + Move u-root.cpio pre-deletion from a global make definition to a "clean" rule + +commit 21a3059c5f09eb8ce42b72667b0029450ea392e1 +gpg: Signature made Mon 12 Mar 2018 02:18:14 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 160405450b 0c18ad55ff +Author: Trammell hudson +Date: Mon Mar 12 14:18:12 2018 -0400 + + Merge branch 'librem13v2_blobs_config' of https://github.com/kakaroto/heads + +commit 160405450bbcf00815168351715c9aae7fddcdd7 +gpg: Signature made Mon 12 Mar 2018 01:59:27 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 3bce5ad3d2 dee52415fa +Author: Trammell hudson +Date: Mon Mar 12 13:59:26 2018 -0400 + + Merge branch 'add_tpm_reset_menu_option' of https://github.com/kylerankin/heads + +commit 3bce5ad3d2aedce5bed41cb7b3e3a847fc301481 +gpg: Signature made Mon 12 Mar 2018 01:59:06 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 5765a0b834 21c46ceb95 +Author: Trammell hudson +Date: Mon Mar 12 13:59:05 2018 -0400 + + Merge branch 'add_gui_hash_alert' of https://github.com/kylerankin/heads + +commit 5765a0b834350fb546631a4cce294b0e87c90f42 +gpg: Signature made Mon 12 Mar 2018 01:57:56 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 6f151a287d 00c7717f70 +Author: Trammell hudson +Date: Mon Mar 12 13:57:54 2018 -0400 + + Merge branch 'newt_slang_module_fix' of https://github.com/kakaroto/heads + +commit 6f151a287d3092cb4ac806416608db5a869d0dd4 +gpg: Signature made Mon 12 Mar 2018 01:57:07 PM EDT +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Mar 12 13:56:11 2018 -0400 + + Merge branch 'librem13v2_blobs_config' of https://github.com/kakaroto/heads + +commit 87ae9072b23fb3770a55fd57dec23f1c0bb8b488 +Author: Jean-Marie Verdun +Date: Mon Mar 12 14:27:43 2018 +0100 + + Add uinit.go init script for winterfell board. This is setting up the basic + storage drivers to boot locally (ATA and NVME) and kick the RSDP + +commit 8e69f8cdbfb35b8947792e037d528bce136680f7 +Author: Jean-Marie Verdun +Date: Mon Mar 12 10:28:35 2018 +0100 + + Automatically remove u-root.cpio before compilation. u-root doesn't do that + and if the file is soon created, it will dropped the creation of a new initramfs + +commit d6743abcc4ed125e8a05225d8806cc92c8e6d094 +Author: Jean-Marie Verdun +Date: Mon Mar 12 10:26:23 2018 +0100 + + Refactor config directory content as to add extension capabilities for + inserting init script within generated ramfs. + Each init script are board file dependant (think kernel drivers auto insertion) + +commit dabb1815164568453a0f9458f577283fb025efad +gpg: Signature made Sat 10 Mar 2018 09:13:41 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Mar 10 18:12:52 2018 -0800 + + Temporarily add flashrom back to x230 config + + Until scripts are changed to use flashtool + +commit e86123769b1fa095abc0d8cf5ecb585340780e47 +gpg: Signature made Sat 10 Mar 2018 06:42:57 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Mar 10 15:40:07 2018 -0800 + + Moved network init to a separate bootscript + + Enabled recovery serial console (tested on kgpe-d16) + Minor fix to kexec-boot to correct xen boot + Remove busybox power utils + +commit 0c18ad55ff844da1d7926d4d40ca69b5f714810d +Author: Youness Alaoui +Date: Thu Mar 8 17:39:15 2018 -0500 + + Update coreboot and linux configs for Librem 13 v2 + +commit 79c139876564c63b8ae90cea6e958e3ce1895161 +Author: Youness Alaoui +Date: Thu Mar 8 17:38:37 2018 -0500 + + Add blobs directory/script for skylake based librems + +commit dee52415fa94f090c9d66486883acfdf776eae21 +gpg: Signature made Thu 08 Mar 2018 07:38:14 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Mar 8 16:36:56 2018 -0800 + + Add a menu option to reset TPM for bootstrapping. Widen menus. + + One of the other core functions a user needs when bootstrapping is + taking over the TPM. I've added a new option in the menu for this and it + revealed that some of the menus needed more space so I've widened all + the menus and also made the main menu longer so the options don't + scroll. + +commit 00c7717f703aaf836dc2d8781888e03564529383 +Author: Youness Alaoui +Date: Thu Mar 8 18:50:12 2018 -0500 + + slang: Don't error out when building slang for the 2nd time + +commit 112daf475d2dd04dac80291ef640d57ee2c36560 +Author: Youness Alaoui +Date: Tue Mar 6 14:58:59 2018 -0500 + + newt: Disable compiling TCL module if tcl headers are installed in system + +commit 9c9b5bcd2bf596f72b62ac631fbf37624cd8fc5a +gpg: Signature made Thu 08 Mar 2018 02:41:49 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 8 14:41:44 2018 -0500 + + Merge branch 'add_gui_hash_alert' of https://github.com/kylerankin/heads + +commit 1043da2860f8d0c2e2c1a6723640bd47f85125d8 +gpg: Signature made Thu 08 Mar 2018 11:53:59 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: adee5a1261 8152e8c796 +Author: Trammell hudson +Date: Thu Mar 8 11:53:56 2018 -0500 + + Merge branch 'add_force_boot_mode' of https://github.com/kylerankin/heads + +commit adee5a1261fb129785ab4ac1984cddfb5b014e41 +gpg: Signature made Thu 08 Mar 2018 11:41:43 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: dd8685c1be 54fe11a4f2 +Author: Trammell hudson +Date: Thu Mar 8 11:41:42 2018 -0500 + + Merge branch 'master' of ssh://github.com/osresearch/heads + +commit dd8685c1bec4cb9933b6abd9cfe3cb822b44624d +gpg: Signature made Thu 08 Mar 2018 11:41:28 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 8 11:41:28 2018 -0500 + + Do not include busybox if CONFIG_BUSYBOX is not set (issue #346) + +commit 54fe11a4f2e1b77288a4c4fe5dc4fa6330e6b5e6 +gpg: Signature made Thu 08 Mar 2018 04:33:04 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 8 04:33:04 2018 -0500 + + restore x230-flash configuration for a 4MB build (#340) + +commit 4e8e88b323404e8fe014043bef8e6fefa88af6d5 +gpg: Signature made Thu 08 Mar 2018 04:32:23 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 8 04:32:23 2018 -0500 + + remove superiotool from default build + +commit ab460645a38fbb9e1c34b81c9a1caedf7ec6bfb2 +gpg: Signature made Thu 08 Mar 2018 01:16:28 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 8 01:16:28 2018 -0500 + + allow $(packages) to be set in Make enviroment (#338) + +commit 6443442912160a5cef3b8488bfcf3d931dc5bcda +gpg: Signature made Thu 08 Mar 2018 01:14:41 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Mar 8 01:14:41 2018 -0500 + + restore /etc/motd + +commit 091ae92b6f1cef5e327e201258df2e2143a7db1a +gpg: Signature made Thu 08 Mar 2018 01:13:17 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: b2868cf3cf 77d2fc9eb4 +Author: Trammell hudson +Date: Thu Mar 8 01:13:16 2018 -0500 + + Merge branch 'KGPE-D16_port_NoTPM' of https://github.com/tlaurion/heads + +commit b2868cf3cf35377399f79da2c65741fc1d567c38 +gpg: Signature made Thu 08 Mar 2018 01:08:00 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: b94c88cb59 4e758b8bfb +Author: Trammell hudson +Date: Thu Mar 8 01:07:58 2018 -0500 + + Merge branch 'export-quote-walkaround' of https://github.com/persmule/heads + +commit b94c88cb59e45486320f38a20339e19014296d52 +gpg: Signature made Thu 08 Mar 2018 01:00:32 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 31dd1f4b62 b79d518f8d +Author: Trammell hudson +Date: Thu Mar 8 01:00:31 2018 -0500 + + Merge branch 'master' of https://github.com/burk3/heads + +commit 31dd1f4b62f9730c35f19747e2b1555d2b2a16ed +gpg: Signature made Thu 08 Mar 2018 12:58:54 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Thierry Laurion +Date: Tue Mar 6 20:57:52 2018 -0500 + + kexec-boot patch so that xen can be booted from bootdir and referred xen.gz and not internal flash xen.gz + +commit b79d518f8d77e809afc4986877ab423d2603e187 +Author: Burke Cates +Date: Tue Mar 6 00:00:39 2018 -0800 + + x220 board and coreboot config fixes + + x220 board config references correct x230 linux config path. + x220 coreboot config references proper bzImage and initrd path. + +commit 8152e8c7963b2f7ddc6be5ab3d8751e93a208265 +gpg: Signature made Mon 05 Mar 2018 05:55:23 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Mon Mar 5 14:46:15 2018 -0800 + + Add a "force" option to kexec-select-boot to bypass hash checks + + The point of this change is to provide a failsafe (failunsafe?) mode for + less technically-savvy users who will ultimately be using Heads by + default on Librem laptops. + + There are some scenarios where an end user might forget to update hashes + in /boot after an initrd change or might have some other hash mismatch. + Currently that user would then be stuck in a recovery console in Heads + not knowing what to do within that limited shell environment to fix the + situation. + + This change adds a 'force' mode to kexec-select-boot that goes straight + into a boot menu and bypasses the hash checks so the user could more + easily get back into their system to attempt to repair it. It adds + appropriate warnings about why this is a risky option and moves it down + toward the bottom of the menu. The goal would be to just have this be an + emergency option our support could guide a user to if they ended up in + this situation. + +commit d9808f6659b2de683380a14e0be9192f961750cb +gpg: Signature made Fri 02 Mar 2018 09:37:31 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Mar 2 09:37:31 2018 -0500 + + build the superiotool, which requires a hack on the pciutils lib/types.h file + +commit 21c46ceb95da772e5bb6719c58264d0c5746d49f +gpg: Signature made Thu 01 Mar 2018 02:11:03 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Mar 1 11:10:41 2018 -0800 + + Add a gui message when hash checks fail in kexec-select-boot + +commit 4e758b8bfbc1a2d0d7a79a49d9f3720f7d426340 +Author: persmule +Date: Thu Mar 1 15:13:01 2018 +0800 + + Walkaround envvars passed through make(1) when generating etc/config + + "export" statements included or declared in a Makefile proves literally + (with no escape) passed to the shell, which may result in shell envvars + containing literal double quote if SHELL is set as bash, and they further + becomes statements containing `\"` when printed with command export. + + This behavior could be observed by the makefile inlined at the end. + + This commit adds a regexp to sed to remove those `\"`. + + export QUOTE="QUOTE" + SHELL := /bin/bash + .SHELLFLAGS := -o pipefail -c + export-quote: + export|grep QUOTE + +commit 77d2fc9eb49e27cb00eb65d34dcd8590e04d12fe +gpg: Signature made Thu 01 Mar 2018 02:08:24 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Thu Mar 1 02:08:24 2018 -0500 + + reverted remote configuration from board config, which will be pushed by flammit + +commit 1c1a1a215dbc159fd31034a93ed975dd47547e1f +gpg: Signature made Thu 01 Mar 2018 01:53:37 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Thu Mar 1 01:53:37 2018 -0500 + + reverting changes that were not merged from other branches + +commit 9eadb072802f86cfd34fd4a4d4a3e3e54e737ed1 +gpg: Signature made Thu 01 Mar 2018 01:37:36 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Merge: 0f299fe4be 149635ef95 +Author: Thierry Laurion +Date: Thu Mar 1 01:37:36 2018 -0500 + + Merging to osresearch master + +commit 0f299fe4be8762bf7e3d59ad15d3df2999a8fefe +gpg: Signature made Thu 01 Mar 2018 12:49:53 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Thu Mar 1 00:49:53 2018 -0500 + + IKVM4 and alike SMB support into coreboot from here: https://review.coreboot.org/#/c/coreboot/+/19820/. Flashing scripts and flashrom patches. + +commit 23ae788c6f9e47b3b68ff9fef94bceef7594cf75 +gpg: Signature made Thu 01 Mar 2018 12:40:46 AM EST +gpg: using RSA key A2444D06D3CAFA92F68A21E679C78E6659DB658F +gpg: Good signature from "Insurgo, Technologies Libres " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A244 4D06 D3CA FA92 F68A 21E6 79C7 8E66 59DB 658F +Author: Thierry Laurion +Date: Thu Mar 1 00:40:46 2018 -0500 + + Board, linux and coreboot configs + +commit 149635ef958b37e446686cb133501defcc4a5ffc +gpg: Signature made Wed 28 Feb 2018 03:06:43 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 4f5432bb46 f9a12a270a +Author: Trammell hudson +Date: Wed Feb 28 15:06:41 2018 -0500 + + Merge branch 'kylerankin-add_gui_init' + +commit f9a12a270a0434f6d98b4eb399312d27dc539bbc +gpg: Signature made Wed 28 Feb 2018 03:06:09 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 4f5432bb46 fbbfc8e22f +Author: Trammell hudson +Date: Wed Feb 28 15:06:06 2018 -0500 + + Merge branch 'add_gui_init' of https://github.com/kylerankin/heads into kylerankin-add_gui_init + +commit 4f5432bb461ad63995afb45aba34534e1d8c3d23 +gpg: Signature made Wed 28 Feb 2018 02:57:46 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 28 14:57:46 2018 -0500 + + generate /etc/config from exported configuration variables + +commit ef4576e881f564d62f074056c62117b29bafbcd9 +gpg: Signature made Wed 28 Feb 2018 02:06:53 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 28 14:06:53 2018 -0500 + + Enable NVMe option for winterfell + +commit a84ea7b9de291a5b68e32f4dc77b651d1a6919f6 +gpg: Signature made Wed 28 Feb 2018 01:33:02 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 4566801420 9bf131b601 +Author: Trammell hudson +Date: Wed Feb 28 13:33:01 2018 -0500 + + Merge branch 'tpm-optional' of https://github.com/persmule/heads + +commit 4566801420103b965322663dee40b982af08a238 +gpg: Signature made Wed 28 Feb 2018 12:06:42 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 28 12:06:42 2018 -0500 + + switch to an 8 MB flash part for qemu writable flash support + +commit a4f121b838d1c71de4d43ea4ccec79294c42f898 +gpg: Signature made Wed 28 Feb 2018 11:12:02 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 28 11:12:02 2018 -0500 + + make uroot optional + +commit 495e88f1752820057c34d20466f009f5d407966a +gpg: Signature made Wed 28 Feb 2018 10:53:18 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 28 10:53:18 2018 -0500 + + correct flashtools repo url + +commit f618f09a6985a961a789ef52bc779d474ca3b947 +gpg: Signature made Wed 28 Feb 2018 10:51:11 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 28 10:48:35 2018 -0500 + + Generate a fake EBDA with kexec, removing the need for a custom xen (#227) + + This modifies the segment at 0x0 so that it contains enough of a fake + Extended BIOS Data Area at addresses 0x40e and 0x413 that Xen can + correctly locate its trampoline code. + + Since custom Xen is no longer required, we can remove the module, + the patches and all of the references to it in the board definition + files. + +commit 2facd55e44ab5a7b6303268ff8dbf35c4cc6b07e +gpg: Signature made Wed 28 Feb 2018 02:46:14 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 28 02:46:14 2018 -0500 + + flashtool can write to the winterfell ROM + +commit 7283a5397abf6c7f7f2760629b347eee936fd20f +gpg: Signature made Mon 26 Feb 2018 04:33:45 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: ff9925a6d4 1b8ac07a58 +Author: Trammell hudson +Date: Mon Feb 26 16:33:34 2018 -0500 + + Merge branch 'add_whiptail' of https://github.com/kylerankin/heads + +commit ff9925a6d45b3b64a83661975e99654bb3efa084 +gpg: Signature made Mon 26 Feb 2018 04:32:42 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 26 16:32:42 2018 -0500 + + remove ancient default CONFIG variable + +commit 1b8ac07a58bc095688bb6d7d2fbc84fd20b381a9 +gpg: Signature made Mon 26 Feb 2018 04:29:08 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Mon Feb 26 13:28:11 2018 -0800 + + Fix bad slang modules file + + The modules file had a few errors that prevented slang from being built. + First the src/elfobjs file needed to be created before make started. + Second it needed to be configured without external png, pcre and onig + libraries it doesn't need for this application. + +commit e4106c6969095e73b99183e4bd4ed06a5243124b +gpg: Signature made Mon 26 Feb 2018 01:15:35 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: d145af2878 3211ce71a7 +Author: Trammell hudson +Date: Mon Feb 26 13:15:34 2018 -0500 + + Merge branch 'clean_up_init' of https://github.com/kylerankin/heads + +commit d145af2878e283150ab368a14e5fdf53718f19b8 +gpg: Signature made Mon 26 Feb 2018 01:14:29 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 9f19cd9dc3 5f03be56e5 +Author: Trammell hudson +Date: Mon Feb 26 13:14:28 2018 -0500 + + Merge branch 'add_measured_boot_to_librem13v2_coreboot' of https://github.com/kylerankin/heads + +commit 9f19cd9dc3f3a6553c308ac40c1dc391b72fdb4c +gpg: Signature made Mon 26 Feb 2018 01:13:44 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 082a4e28ee dadfbeb3b3 +Author: Trammell hudson +Date: Mon Feb 26 13:13:42 2018 -0500 + + Merge branch 'smm-walkaround' of https://github.com/persmule/heads + +commit 082a4e28eeab9b8e79543cf7178c2a7fe7b05be0 +gpg: Signature made Mon 26 Feb 2018 11:43:16 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 657693f791 baa30a2026 +Author: Trammell hudson +Date: Mon Feb 26 11:43:14 2018 -0500 + + Merge branch 'companion-controller' of https://github.com/persmule/heads + +commit 657693f791531a28c0a0c448386616c31d2809eb +gpg: Signature made Mon 26 Feb 2018 11:42:14 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: e88700d0d9 1f22da73af +Author: Trammell hudson +Date: Mon Feb 26 11:42:13 2018 -0500 + + Merge branch 'fix_cpio_in_Makefile' of https://github.com/kylerankin/heads + +commit e88700d0d9c72faf72533b360e3a63d0a6d603be +gpg: Signature made Mon 26 Feb 2018 11:42:07 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 26 11:42:07 2018 -0500 + + add inteltool build instructions (not included by default) + +commit 79d121d0728f3241933f07d0c7c725d6ccbd4136 +gpg: Signature made Mon 26 Feb 2018 11:40:40 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: b4bb4edb73 55c4864d3d +Author: Trammell hudson +Date: Mon Feb 26 11:40:38 2018 -0500 + + Merge branch 'master' of ssh://github.com/osresearch/heads + +commit b4bb4edb739779e879337c53ccbe539d4ad1c73d +gpg: Signature made Mon 26 Feb 2018 11:40:04 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 26 11:40:04 2018 -0500 + + fix dependency for bzImage, allowing make -jN to work (#306) + +commit 8ced05de157f9d726d3d72e53636b04e0c05a9ae +gpg: Signature made Mon 26 Feb 2018 11:39:27 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 26 11:39:27 2018 -0500 + + musl-cross has the correct URLs now (#324) + +commit e9312e19bf63a2c2676f5d42d20a8e52d4526c99 +gpg: Signature made Sun 25 Feb 2018 02:55:13 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Feb 25 11:51:19 2018 -0800 + + Cleanup of init to support server and desktop + + Guarded linuxboot specific init entries + Removed Makefile entries into separate file (conflicts with srcing /etc/config) + Added CONFIG_BOOT_LOCAL/_REMOTE to control interface setup + Fixed CONFIG_TPM usage + +commit b5072390ee41e9410aef6b5f62672657e1425af5 +gpg: Signature made Sat 24 Feb 2018 05:46:33 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: persmule +Date: Tue Dec 5 16:29:07 2017 +0800 + + Make TPM dependency optional and controlled by flag CONFIG_TPM + + if "CONFIG_TPM=y" is not present in the config file, functionalities + needing TPM could be disabled, while leaving other functionalities intact. + + This will make Heads a more general-usage bootloader payload atop coreboot. + +commit ffa857d087238795b339a2c178978ec445a51384 +gpg: Signature made Sat 24 Feb 2018 05:46:12 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Feb 24 14:45:55 2018 -0800 + + update mpc url for musl-cross patch + +commit 3211ce71a7100b697f86131b2007911faf7763a7 +gpg: Signature made Sat 24 Feb 2018 10:16:49 AM EST +gpg: using RSA key 4AEE18F83AFDEB23 +gpg: Good signature from "GitHub (web-flow commit signing) " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23 +Merge: c35f385cf7 43ba7a777d +Author: Kyle Rankin +Date: Sat Feb 24 07:16:49 2018 -0800 + + Merge pull request #1 from persmule/clean_up_init + + fix the broken if syntax + +commit dadfbeb3b329c7c025230f4c9932e22de1065bca +Author: persmule +Date: Sat Feb 24 15:27:21 2018 +0800 + + Changed to coreboot patch not to call prog_segment_loaded in smm. + +commit 43ba7a777df3bf90330e15c27dd251140019464d +Author: persmule +Date: Sat Feb 24 14:21:44 2018 +0800 + + fix the broken if syntax + +commit 5f03be56e58a3ab3505a614a0e407047a6a32d2b +gpg: Signature made Fri 23 Feb 2018 06:03:29 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri Feb 23 15:03:18 2018 -0800 + + Add CONFIG_MEASURED_BOOT=y to librem13v2 coreboot config + +commit fbbfc8e22f3a6e15df710b259fc31bb2d521584d +gpg: Signature made Fri 23 Feb 2018 03:15:02 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Fri Feb 23 12:13:21 2018 -0800 + + Replace remaining text-only options in main workflow w/ gui menus + + In particular I added a GUI menu to instruct the user if there is no + TOTP code registered (as is the case upon first flash) and also added + better handling of the case the user selects 'default boot' when there + is no default boot set yet. Apart from that where there were text-only + menus left in gui-init I've replaced them with GUI menus. + +commit 6ab78ae236c59758bfc3bbda3d2bdea509e86e31 +gpg: Signature made Thu 22 Feb 2018 04:19:43 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Thu Feb 22 13:18:16 2018 -0800 + + Add gui option to kexec-select-boot, use in gui-init menu option + + When selecting the boot menu option (m) in the gui-init you call out to + kexec-select-boot. To better maintain the graphical menu experience, + I've added a -g option to kexec-select-boot that, when set, will use a + graphical whiptail menu for the most common menu selection modes. + +commit 57405b0d2883c6f23491adfe84c11f81f5c28015 +gpg: Signature made Wed 21 Feb 2018 06:59:17 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Feb 21 15:58:54 2018 -0800 + + Add menu for TOTP updates, provide sample board config to use gui-init + +commit 140064bbf8029122b0a9152a874255182d369610 +gpg: Signature made Tue 20 Feb 2018 06:36:51 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Tue Feb 20 15:35:37 2018 -0800 + + Add graphical init menu that uses whiptail + + This is a modified version of the generic-init script that uses whiptail + to generate a graphical menu. I changed two of the options so that the + user can refresh the menu to get an updated TOTP code if needed. + +commit 34296b54a6bb828a3077913f56bfb27c92fe8f85 +gpg: Signature made Mon 19 Feb 2018 08:20:23 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Mon Feb 19 17:20:10 2018 -0800 + + Fix bad copy/paste variable reference from TPMTOTP + +commit bb465ad5131783b38ab3e6c2afc91659a9d677b8 +gpg: Signature made Mon 19 Feb 2018 07:44:36 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Mon Feb 19 16:44:24 2018 -0800 + + Align tabs with previous lines + +commit 88c732833ab0bad00cf4fec0eb3bb61a52beaa6b +gpg: Signature made Mon 19 Feb 2018 07:41:48 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Mon Feb 19 16:39:42 2018 -0800 + + Add whiptail binary, new libraries, and slang dependency + + The whiptail binary will allow us to create GUI menus from bash scripts. + It is included in the newt library, which depends on slang. To enable, + the board configuration file should add CONFIG_SLANG=y and CONFIG_NEWT=y + +commit a6a5fef57f91e62711a7eb5a3b15422e095c78d0 +gpg: Signature made Mon 19 Feb 2018 02:29:43 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Feb 10 22:45:01 2018 -0500 + + Update qubes xen version for Qubes 4.0rc4 + +commit baa30a20266086d7886fcb92b521b7e220abb774 +Author: persmule +Date: Wed Dec 6 16:04:27 2017 +0800 + + Add OHCI and UHCI drivers to initrd. + + USB smart card readers are most full speed devices, and there is no + "rate-matching hubs" beneath the root hub on older (e.g. GM45) plat- + forms, which has companion OHCI or UHCI controllers and needs cor- + responding drivers to communicate with card readers directly plugged + into the motherboard, otherwise a discrete USB hub should be inserted + between the motherboard and the reader. + + This time I make inserting linux modules for OHCI and UHCI controllable + with option CONFIG_LINUX_USB_COMPANION_CONTROLLER. + + A linux config for x200 is added as an example. + + Tested on my x200s and elitebook revolve 810g1. + +commit 9bf131b6019ac4a9f613ff619a5373e8119706d4 +Author: persmule +Date: Tue Dec 5 16:29:07 2017 +0800 + + Make TPM dependency optional and controlled by flag CONFIG_TPM + + if "CONFIG_TPM=y" is not present in the config file, functionalities + needing TPM could be disabled, while leaving other functionalities intact. + + This will make Heads a more general-usage bootloader payload atop coreboot. + +commit 1f22da73af35d66c621060a76f4a8a0a832c1eca +gpg: Signature made Wed 14 Feb 2018 05:43:50 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Feb 14 14:43:35 2018 -0800 + + Fix missing parenthesis in cpio make option + +commit 55c4864d3de0f0911c1e47d0259dc74ac5884a63 +gpg: Signature made Wed 14 Feb 2018 05:21:34 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Merge: 1459e701e3 36af892129 +Author: Trammell hudson +Date: Wed Feb 14 17:21:32 2018 -0500 + + Merge branch 'librem13v2-merge' + +commit 36af892129cbbfb2d0c9635cba3ca40bb709b64f +gpg: Signature made Wed 14 Feb 2018 05:21:16 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 14 17:21:16 2018 -0500 + + remove old libream13v1 files + +commit aaafb9313713ceb7558c9aa001f340c7079620ca +gpg: Signature made Wed 14 Feb 2018 05:06:34 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Feb 14 14:06:20 2018 -0800 + + Add corresponding coreboot config for Librem 13v2 + +commit c35f385cf7665d7edd833e9ad9da5b804e87a871 +gpg: Signature made Wed 14 Feb 2018 02:51:29 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Feb 14 11:50:21 2018 -0800 + + Make eth0 init condition on module, remove early bin/ash + + To avoid unnecessary errors, only load the eth0 network if the e1000 + module exists. Also remove /bin/ash so CONFIG_BOOTSCRIPT works. + +commit b6514fc3330b600a11bd907987fd91a598937690 +gpg: Signature made Wed 14 Feb 2018 02:44:19 PM EST +gpg: using RSA key F553996957F0D56EE54D6F72555577116BFA74B9 +gpg: Good signature from "Kyle Rankin " [unknown] +gpg: aka "Kyle Rankin " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 7B85 0961 8D82 0DF6 3924 1BB6 BD83 B92B 2F4B FD99 + Subkey fingerprint: F553 9969 57F0 D56E E54D 6F72 5555 7711 6BFA 74B9 +Author: Kyle Rankin +Date: Wed Feb 14 11:44:18 2018 -0800 + + Add board and Linux kernel config for Purism Librem 13v2 + +commit 1459e701e3c867dcede633e6ed4000491a4dfc67 +gpg: Signature made Tue 13 Feb 2018 05:47:58 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 13 17:46:48 2018 -0500 + + Make the Heads runtime opt-out from the initrd.cpio. #317 + + Allow sub-modules like u-root to opt out of the Heads runtime, + while retaining the musl-libc built tools. + +commit fc5d21cc281f874c8e10536ca92614cbd91a1df8 +gpg: Signature made Tue 13 Feb 2018 05:46:38 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 13 17:46:38 2018 -0500 + + remove unused _platform modules + +commit 073834e5c0e1487932089964da18a195714681fd +gpg: Signature made Tue 13 Feb 2018 05:44:35 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 13 17:44:26 2018 -0500 + + Move the ld-musl symlink into the `blobs/dev.cpio` file. #317 + + This makes it possible to use musl-libc compiled tools + without the Heads runtime. + +commit 78543fb7c7fca0734e90b0ae7708fd90ab54ebf5 +gpg: Signature made Tue 13 Feb 2018 05:37:28 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 13 17:37:28 2018 -0500 + + make zlib, busybox and musl opt-out + +commit 10c1f56b0ad95610de55a4716cfad67b3c01c923 +gpg: Signature made Tue 13 Feb 2018 03:49:59 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 13 15:47:31 2018 -0500 + + Enable easy building with the NERF u-root tree #317 + + This adds a `CONFIG_UROOT=y` option to allow the busybox + runtime to be replaced with the go u-root runtime. + You must have go 1.9 or newer for it to work. + + It has been tested on the OCP winterfell and qemu nodes, + and it can be specified on the build command line as well. + + Nothing from `heads/initrd` or any of the tools will be + linked into the cpio file. Only the kernel modules and the + go shell will be included. + +commit e0d390c62d6c6508408968b61f9b9a7d27e64398 +gpg: Signature made Tue 13 Feb 2018 01:20:27 PM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 13 13:20:04 2018 -0500 + + Helpful targets + +commit 2395ae78b0b816e3db6488088664db78883a6a57 +gpg: Signature made Mon 12 Feb 2018 10:49:04 AM EST +gpg: using RSA key 687A5005935B1533 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Mon Feb 12 10:49:04 2018 -0500 + + use the dev.cpio for corebooot builds too (issue #309) + +commit 638026ea3e9625dfe59a48b3645b90d1fec9ed2c +gpg: Signature made Fri 09 Feb 2018 03:53:44 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 9 15:53:44 2018 -0500 + + use the reproducible dev.cpio file to avoid system /dev (issue #309) + +commit 15a07b3fce9e932b31617a8abcfcaefc468f4e1d +gpg: Signature made Fri 09 Feb 2018 01:42:52 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 9 13:42:52 2018 -0500 + + enable qemu networking and ssh key login (#312) + +commit f9a9ae544f5beaaba5edd4a770a45a28b91baba5 +gpg: Signature made Fri 09 Feb 2018 12:15:35 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 9 12:15:35 2018 -0500 + + busybox 1.28.0 (#310) + +commit 23bd4107ded7e9ba039049b1ba0c290939a62e16 +gpg: Signature made Fri 09 Feb 2018 12:05:49 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 9 12:05:49 2018 -0500 + + localhost should be defined + +commit a3177acb3872ba7e6f9c3b7722652ec96f4ec7c1 +gpg: Signature made Thu 08 Feb 2018 05:25:32 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Feb 8 17:25:32 2018 -0500 + + fix typos in efivarfs + +commit bac75769791f32685b02f8cd5bcdbadb58bb2956 +gpg: Signature made Thu 08 Feb 2018 04:49:49 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Feb 8 16:49:49 2018 -0500 + + enable efivarfs if it is available + +commit e41fa6c67a7007bbdee79871ee24a509425a085c +gpg: Signature made Thu 08 Feb 2018 04:03:16 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Feb 8 16:03:16 2018 -0500 + + export EFI variables to sysfs + +commit 670f76889bdd345cee1e8ec664c987878d2d8062 +gpg: Signature made Thu 08 Feb 2018 04:02:54 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Feb 8 16:02:54 2018 -0500 + + allow easier reconfig + +commit f51e1c419c868603db33f6fc526cd648ca3b7a23 +gpg: Signature made Thu 08 Feb 2018 04:02:29 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Feb 8 16:02:29 2018 -0500 + + do not pass in ROM= for boards that do not define one + +commit f738cacdbe2430d1f5ace57ce350c897e4af9cae +gpg: Signature made Thu 08 Feb 2018 03:21:38 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Feb 8 15:21:38 2018 -0500 + + use the ROM in our directory, rather than copying it into the LinuxBoot boards/ directory + +commit 8d7eee22d14be3004b08df52a234ee0c9d036511 +gpg: Signature made Thu 08 Feb 2018 02:54:25 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Feb 8 14:54:25 2018 -0500 + + BOARD definitions are no longer required since the user defines BOARD + +commit d225527cadd6cc31eca8cd46c2b26bf21dab2e3a +gpg: Signature made Wed 07 Feb 2018 07:07:53 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 7 19:07:53 2018 -0500 + + move to Linux 4.9.80, add winterfell AHCI patch, qemu NMI patch #308 + +commit ee291ec95b2c6d5eccb0064db4773f4d4d19f778 +gpg: Signature made Wed 07 Feb 2018 07:05:56 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 7 19:05:56 2018 -0500 + + add AHCI and e1000e drivers, as well as flashing targets for winterfell + +commit 3ea842b5648a72c61bc358845e9cafeb2a1a9a9c +gpg: Signature made Wed 07 Feb 2018 07:05:22 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 7 19:05:22 2018 -0500 + + add run target for starting the emulators + +commit 3bf51cb74ce0dac51f3027519a5d46d17736260b +gpg: Signature made Wed 07 Feb 2018 07:03:40 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Wed Feb 7 19:03:40 2018 -0500 + + ensure that all is the default target and have a useful default board + +commit cade555c468ec85e752fd6fc4653baecf73f7171 +gpg: Signature made Wed 07 Feb 2018 11:33:36 AM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Merge: 1047e5877e 28628d54f2 +Author: Trammell hudson +Date: Wed Feb 7 11:33:02 2018 -0500 + + Merge branch 'master' of https://github.com/flammit/heads #297 + +commit 1047e5877ebb3cf0f39c453c414f99b19c56b9dd +gpg: Signature made Tue 06 Feb 2018 04:21:59 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 6 16:21:59 2018 -0500 + + messed up musl.intermediate target #304 + +commit 6b8dc76ae83be8a00cd726d55c1327031314f92e +gpg: Signature made Tue 06 Feb 2018 03:56:28 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 6 15:56:06 2018 -0500 + + fix headers_install so that it does not corrupt the linux build tree #304 + +commit ef677fc3f277986377b0a517179c8542a4c2ffa6 +gpg: Signature made Tue 06 Feb 2018 03:03:47 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 6 15:03:47 2018 -0500 + + fixup per-board Linux build so that it runs `make oldconfig` before starting build (issue #304) + +commit 14d9bd1cb31f7c7a470690593e73a1f1da71eae2 +gpg: Signature made Tue 06 Feb 2018 03:02:49 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 6 15:02:49 2018 -0500 + + include the Heads git hash in the xen build + +commit eb26a453619a1c484365fd80d79cff125d2bce12 +gpg: Signature made Tue 06 Feb 2018 11:38:37 AM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 6 11:38:14 2018 -0500 + + Revert "moved to 4.8 xen" + + This reverts commit 2f879be2218770e5c7f69875190f535182644261. + +commit db35de4e4812ebe053c676357b6cfd4904465aef +gpg: Signature made Tue 06 Feb 2018 11:13:20 AM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Feb 6 11:13:20 2018 -0500 + + force cross compile flags for gpg (#299) + +commit 2f879be2218770e5c7f69875190f535182644261 +gpg: Signature made Mon 05 Feb 2018 05:38:09 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 17:38:09 2018 -0500 + + moved to 4.8 xen + +commit 68a406d675682d23946bc41baf69c1ff54951b63 +gpg: Signature made Mon 05 Feb 2018 05:29:54 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 17:29:54 2018 -0500 + + fixup paths for x230 + +commit d26f79bac9b88c38efc9da077f19a57e0320bcc7 +gpg: Signature made Mon 05 Feb 2018 05:27:12 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 17:27:12 2018 -0500 + + coreboot and linuxboot qemu builds work + +commit fa3e6fe7eaf025999a5678e5876a5359acd9aaad +gpg: Signature made Mon 05 Feb 2018 05:25:51 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 17:25:51 2018 -0500 + + And servers! + +commit 452aabe528d096a0c204a7564125d52c668e48e9 +gpg: Signature made Mon 05 Feb 2018 04:27:48 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 16:27:48 2018 -0500 + + fix path to CONFIG_LINUX_CONFIG file + +commit c46c07815791298f82d0fb09864d2d197030d970 +gpg: Signature made Mon 05 Feb 2018 04:12:32 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 16:12:32 2018 -0500 + + remove old patches + +commit c79e407872b329b91d0358b68fe56f15b3ffebe9 +gpg: Signature made Mon 05 Feb 2018 04:08:30 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 16:08:30 2018 -0500 + + edk2 is now part of LinuxBoot + +commit a3d3a3c813b5e0aebb53593357a69079da6903c7 +gpg: Signature made Mon 05 Feb 2018 04:07:00 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 16:07:00 2018 -0500 + + moved boards into boards/, removed old config files + +commit bf4972c37e94a1a9ee72f72194b465f12d681fd0 +gpg: Signature made Mon 05 Feb 2018 04:04:23 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 16:04:23 2018 -0500 + + ignore everything in install/ + +commit b50f8e847bcc27df4bacbfca78762bf8fb99575f +gpg: Signature made Mon 05 Feb 2018 03:59:26 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 15:59:26 2018 -0500 + + cleanup configuration options to all have the same CONFIG_MODULE_OPTION naming scheme + +commit 22f744271001e951ddd50731e03497deb8e6b40a +gpg: Signature made Mon 05 Feb 2018 03:28:33 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 15:28:33 2018 -0500 + + perform per-board Linux builds + +commit 47a94da5ed19d012ac827e91ebf9edff5373f9dd +gpg: Signature made Mon 05 Feb 2018 11:57:38 AM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 11:56:15 2018 -0500 + + x230 build works on the NERF tree (#305) + + Fix FAST=1 builds to actually be fast. + +commit 9c92a1ff4da203994a854141b3dd23aade967b3a +gpg: Signature made Mon 05 Feb 2018 11:30:39 AM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 11:30:39 2018 -0500 + + adventure module + +commit cf8509e0f5c033f2add072578a498ea871473692 +gpg: Signature made Mon 05 Feb 2018 11:30:19 AM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 11:27:45 2018 -0500 + + Add LinuxBoot as a module, prep for nerf branch merge (#305) + + Move board configuration into `boards/` instead of `config/` + Fix mistake in building kernel module tree before kernel was done. + Allow per-board initrd builds (#278) + Allow per-board configurations for things (#304) + +commit 755c9e91ea1d5dde91d3fa2fe888ac9c5730bc0c +gpg: Signature made Mon 05 Feb 2018 11:23:13 AM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Mon Feb 5 11:23:13 2018 -0500 + + ignore all vi temp files + +commit 383f1f66a559fd68342894769c8e9570172bd6c4 +gpg: Signature made Fri 02 Feb 2018 05:06:49 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Merge: 6df5c8a18b 4310bd4743 +Author: Trammell hudson +Date: Fri Feb 2 17:06:49 2018 -0500 + + merge changes from master into nerf branch in preparation for closing nerf branch + +commit 6df5c8a18bab0a12ee87b102be9fea23e2ce175c +gpg: Signature made Fri 02 Feb 2018 04:27:57 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 16:27:57 2018 -0500 + + fix path for MPC (issue #299) + +commit ff87428098c30c0ce4e9246fe697cbd647c6134e +gpg: Signature made Fri 02 Feb 2018 04:27:13 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 16:27:13 2018 -0500 + + remove vestiges of Makefile.nerf + +commit 16d13e61defe550d247b7bb7a8bffbe106ef353e +gpg: Signature made Fri 02 Feb 2018 04:26:26 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 16:26:12 2018 -0500 + + rename initrd.cpio to inird-$(BOARD).cpio), remove old tools + +commit 8ebe816b0b4d1aa12496477e4ec8aa3191cd5d7e +gpg: Signature made Fri 02 Feb 2018 04:02:37 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 16:02:37 2018 -0500 + + now part of LinuxBoot tree + +commit d1c6e6573f2ff847d68dcd100e767403f52fd943 +gpg: Signature made Fri 02 Feb 2018 04:01:58 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Merge: edbd62f8f2 23bded6e8f +Author: Trammell hudson +Date: Fri Feb 2 16:01:58 2018 -0500 + + merge from s2600wf tree + +commit edbd62f8f2105dee467bff955ebae0ca2759d71d +gpg: Signature made Fri 02 Feb 2018 03:59:12 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 15:59:12 2018 -0500 + + remove ACPI and other blobs; these are now part of LinuxBoot + +commit 1c43f25de018541bcb3e00e1b75be4d5666b0b88 +gpg: Signature made Fri 02 Feb 2018 03:57:48 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 15:57:48 2018 -0500 + + Remove edk2 dependency and Makefile.nerf -- it is now part of LinuxBoot + +commit 3cece82118a50819b5bc0736cd479528afcca1cd +gpg: Signature made Fri 02 Feb 2018 03:57:11 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 15:57:11 2018 -0500 + + Solarflare card driver and use git hash for build user + +commit 982256df600df9dc10d47e8de33323ebf24b5c35 +gpg: Signature made Fri 02 Feb 2018 03:56:46 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 15:56:46 2018 -0500 + + add config, git hash and phase out the Makefile.nerf + +commit 12185e0a28718d3c2be8d3a53228a1c8338e6fd9 +gpg: Signature made Fri 02 Feb 2018 03:54:01 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 15:54:01 2018 -0500 + + fix url for LVM2 + +commit 23bded6e8f7b342bbc96b4dc002e11eca0519c94 +gpg: Signature made Fri 02 Feb 2018 03:51:18 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Merge: 4150454e1c d46f52519b +Author: Trammell hudson +Date: Fri Feb 2 15:51:16 2018 -0500 + + Merge branch 'nerf' of ssh://github.com/osresearch/heads into nerf + +commit 4150454e1cf7b7a0064cb0cba891cd7017eb0f80 +gpg: Signature made Fri 02 Feb 2018 03:50:17 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 15:50:17 2018 -0500 + + add normal directories to path for chroot calls + +commit 39796634e3011e97658e55894517e121bcc28ef6 +gpg: Signature made Fri 02 Feb 2018 03:49:49 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Feb 2 15:49:49 2018 -0500 + + Enable MLX4 cards, TPM, MSR, microcode and turn off vga console + +commit 28628d54f228e27ad22eb1f95fd101561d9a9dfa +gpg: Signature made Fri 26 Jan 2018 12:30:14 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Fri Jan 26 09:29:21 2018 -0800 + + Update qubes xen version for QSB 37 + + For Qubes 3.2: version 4.6.6-36 + For Qubes 4.0: version 4.8.2-12 + +commit bd38a9cd5810d7a234b463e9ac3c35f3514d4f48 +gpg: Signature made Fri 26 Jan 2018 12:30:11 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Jan 20 17:29:43 2018 -0800 + + Update to coreboot 4.7 + +commit 21004fbb775df3f622ca9b3ba35001081910944c +gpg: Signature made Fri 26 Jan 2018 12:30:06 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Wed Jan 10 16:28:28 2018 -0500 + + Backport patch to build coreboot 4.6 with GCC 7 + + Resolves pointer and integer comparison while building crossgcc + +commit 4310bd4743f98b8a2c966e9bce4ab0fd1dc1d0ab +gpg: Signature made Sat 20 Jan 2018 04:56:53 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Jan 20 16:56:53 2018 -0500 + + force cross_compile=yes for gnupg (issue #299) + +commit 5daeb025f2b823d2e41e2907e09eb1f9079b3cd1 +gpg: Signature made Sat 20 Jan 2018 01:28:02 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Sat Jan 20 13:28:02 2018 -0500 + + fix path for MPC (issue #299) + +commit 4895e4704f45a8a90b7a95bf3cab3c6ff704bc6f +gpg: Signature made Fri 19 Jan 2018 03:53:05 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Jan 19 15:53:05 2018 -0500 + + checkpointing a config that boots to user space, but serial still does not work + +commit 07f7653999ab96ec712a0a652885c25806edd273 +gpg: Signature made Fri 19 Jan 2018 02:17:26 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Jan 19 14:17:26 2018 -0500 + + move tools into bin/ directory + +commit d46f52519bdc1e94b44d0c1d3c13ad897183bf68 +gpg: Signature made Fri 19 Jan 2018 01:54:11 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Jan 19 13:54:11 2018 -0500 + + generate a compressed LinuxBoot volume with extra parts from the vendor BIOS (does not work yet) + +commit 4d2b4a3e4c486f75a004718a1fc9c0292ff3e001 +gpg: Signature made Fri 19 Jan 2018 01:44:15 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Jan 19 13:44:15 2018 -0500 + + acpi and necessary vendor GUIDs for Intel S2600WF mainboard + +commit aa6c3b49ca78103b8381ccc1aff24a0be5f79b4d +gpg: Signature made Fri 19 Jan 2018 09:55:21 AM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Fri Jan 19 09:55:21 2018 -0500 + + compression works (according to UEFITool) + +commit 88f1df122ac8d79cfdfb5e52f7190d55a9a88cbc +gpg: Signature made Thu 18 Jan 2018 05:24:08 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Jan 18 17:24:08 2018 -0500 + + Use create-ffs in place of edk2 GenSec and GenFfs + +commit 9d5c2b9e41614b8e0ca60f7ba7c4d9dd2829837c +gpg: Signature made Thu 18 Jan 2018 05:22:01 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Jan 18 17:22:01 2018 -0500 + + ensure that the output file is opened for output + +commit ae2f11d4c3a5332ed79f8984e0bad3859bc100ce +gpg: Signature made Thu 18 Jan 2018 05:01:42 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Thu Jan 18 17:01:42 2018 -0500 + + tool to create a FFS with UI, depex and version section without temp files + +commit 9bdb01944b3501c1a901c22f870e2367e8e2fd49 +gpg: Signature made Tue 16 Jan 2018 12:56:03 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Jan 16 12:56:03 2018 -0500 + + fix patch format for edk2/Makefile + +commit 1c9334553c3c1600d1f2ebda4e36566ec1f7ac70 +gpg: Signature made Tue 16 Jan 2018 12:55:44 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Author: Trammell hudson +Date: Tue Jan 16 12:55:44 2018 -0500 + + fix flashrom URL (#295) + +commit 83816d2b2d7cbe793847035ce6b58f9dba9d7f56 +gpg: Signature made Tue 02 Jan 2018 05:15:22 PM EST +gpg: using RSA key 5FCA029DCAB21268 +gpg: Can't check signature: No public key +Merge: 5dcbc44d39 6898b84b28 +Author: Trammell hudson +Date: Tue Jan 2 17:15:16 2018 -0500 + + Merge branch 'pr-295' + +commit 6898b84b28298bfbe325dc941319545d259cedc5 +gpg: Signature made Tue 02 Jan 2018 11:53:29 AM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Tue Jan 2 08:53:23 2018 -0800 + + Use HTTPS URL for flashrom + +commit 5dcbc44d39c0f874540269e0292e0edff4c03064 +gpg: Signature made Sun 10 Dec 2017 09:00:03 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 32ebb70e76 5f9567c390 +Author: Trammell hudson +Date: Sun Dec 10 20:59:29 2017 -0500 + + Merge branch 'pr289': QSB 34, 35, 36 and coreboot 4.6 updates #289 + +commit 7a61beeeea504887845e5b98db0e1d2d37721f83 +gpg: Signature made Fri 08 Dec 2017 02:07:56 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Dec 8 14:07:56 2017 -0500 + + secureboot stuff is not necessary for s2600wf + +commit 7a712f71fcb01942c80ee423181f14ed9faeb0f2 +gpg: Signature made Fri 08 Dec 2017 02:01:58 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Dec 8 14:01:58 2017 -0500 + + more unnecessary modules for the s2600wf + +commit a9f97c45e193d5459dc911e7e0f619e6e10a7ae4 +gpg: Signature made Fri 08 Dec 2017 01:53:56 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Dec 8 13:53:56 2017 -0500 + + removed more guids that are not necessary for s2600wf + +commit 5ef939cf83dc470f806b48fdbc32d56c7782d623 +gpg: Signature made Fri 08 Dec 2017 01:29:25 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Dec 8 13:29:25 2017 -0500 + + minimal set of GUIDs to boot the s2600wf + +commit a3983d4fa77bb877790be6a45dd5a3c1b545b806 +gpg: Signature made Mon 04 Dec 2017 06:58:15 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 18:58:15 2017 -0500 + + patches for DxeCore to work on s2600wf + +commit b3bd1ed8888a45f31fa496f7dd6ca2dd22046621 +gpg: Signature made Mon 04 Dec 2017 06:58:02 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 18:58:02 2017 -0500 + + pci=realloc, as suggested by dmesg + +commit 9685483cd65a515007333ea89dae33ff24fdbe63 +gpg: Signature made Mon 04 Dec 2017 06:57:48 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 18:57:48 2017 -0500 + + size notes + +commit 103d435fe165efb866bb9e4959438369b6658ef6 +gpg: Signature made Mon 04 Dec 2017 04:00:35 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 16:00:35 2017 -0500 + + Make the AHCI and ATA drivers a module (issue #291) + +commit 4e3d19b72abf5df23b4cfec4380501ca3f2eac42 +gpg: Signature made Mon 04 Dec 2017 03:59:51 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 15:59:51 2017 -0500 + + fix newlines + +commit bf4446c900c3b714d819d40be2f0c9525cb37a0b +gpg: Signature made Mon 04 Dec 2017 03:31:18 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 15:31:18 2017 -0500 + + Make DxeCore and others configurable + +commit 5a188f5b46e5115a905ab759c641563c3af37b9c +gpg: Signature made Mon 04 Dec 2017 03:30:40 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 15:30:40 2017 -0500 + + Add support for building the Linux kernel as a BDS target + +commit 517d242da5644562f101ffbe3afe6eb118cd8299 +gpg: Signature made Mon 04 Dec 2017 03:29:00 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 15:29:00 2017 -0500 + + allow .vol targets to be passed through + +commit 680b9528563d0feac10939641bdc874007c6ccd1 +gpg: Signature made Mon 04 Dec 2017 02:56:58 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 14:56:58 2017 -0500 + + Make ROM_SIZE a configuration option #283 + +commit 27deeba893fdd78dfab6f8b3481922a6f24ef22f +gpg: Signature made Mon 04 Dec 2017 02:52:27 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 14:52:27 2017 -0500 + + Make ROM_SIZE a configuration option #283 + +commit 63c9e6e51ce1e501ce3ab5055a4d0207d6acc1c6 +gpg: Signature made Mon 04 Dec 2017 02:14:16 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Dec 4 14:14:16 2017 -0500 + + configuration for Intel s2600wf server mainboard + +commit 5f9567c3907696a81d7115bf0c915307155e0faf +gpg: Signature made Sat 02 Dec 2017 03:15:48 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Dec 2 15:14:42 2017 -0500 + + Fix coreboot GCC7 build issue + + This is fixed in coreboot master but backporting for Heads. + + Closes #241 + +commit 61f6973c5cc4db9b40f3bbbd94e9d0745e33910d +gpg: Signature made Sat 02 Dec 2017 02:54:50 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Merge: 491fe083fa 87251fd1b1 +Author: Francis Lam +Date: Sat Dec 2 14:54:48 2017 -0500 + + Merge branch 'coreboot-4.6' + +commit 491fe083fa76a77bd733e39016d3d402b826b785 +gpg: Signature made Sat 02 Dec 2017 02:48:16 PM EST +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Dec 2 14:47:52 2017 -0500 + + Update qubes xen version for QSB 36 + + For Qubes 3.2: version 4.6.6-35 + For Qubes 4.0: version 4.8.2-11 + +commit c954ec19472defefe748613ec85c7c30b65812e1 +gpg: Signature made Mon 20 Nov 2017 05:29:03 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Nov 20 17:28:35 2017 -0500 + + Fix default target for NERF and edk2 dependency (issue #284) + +commit 8d34bcc6bc45dae6dac5a78b6e1a3d6e0123621d +gpg: Signature made Sat 28 Oct 2017 03:13:46 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Oct 28 15:12:39 2017 -0400 + + Update qubes xen version for QSB 34 and QSB 35 + + For Qubes 3.2: version 4.6.6-34 + For Qubes 4.0: version 4.8.2-9 + +commit b04294c2344d4529a7224b715110aaea005ab40f +gpg: Signature made Fri 20 Oct 2017 04:20:51 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Fri Oct 20 16:20:51 2017 -0400 + + restore alignment on files for faster flashes + +commit 3e5783a24fc309cb13cf9a65e16bcc55f82dba56 +gpg: Signature made Thu 19 Oct 2017 04:04:14 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu Oct 19 16:04:14 2017 -0400 + + enable serial debugging and moderate verbose output from dxe-core + +commit 87bd21111f80243dc77eafee1e1a522d9b87e088 +gpg: Signature made Thu 19 Oct 2017 04:00:25 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Thu Oct 19 15:59:13 2017 -0400 + + Include edk2 EmuVariableRuntimeDxe to provide efi vars (issue #270) + + Remove the patch to Linux efivar_init() since we now have efi vars + for it to use. + + Also link in SmbiosDxe, although it is not currently used. + +commit 5176bfdd5845221317d7aff2d50e8780ddc7f48e +gpg: Signature made Wed 18 Oct 2017 01:56:32 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Author: Trammell hudson +Date: Wed Oct 18 13:56:32 2017 -0400 + + preliminary winterfell support for NERF + +commit 87251fd1b16400ddaf916a16b2c3479264d5983c +gpg: Signature made Tue 10 Oct 2017 04:27:20 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Aug 27 15:39:22 2017 -0400 + + Changed to coreboot patch to not measure relocated modules + +commit 1a34bd9d6f2bd6d3ce89421bfc461b268fef49aa +gpg: Signature made Tue 10 Oct 2017 04:27:16 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Mon Aug 21 23:40:17 2017 -0400 + + Updated to coreboot 4.6 + + Also changed x220 and purism configs to use generic boot + +commit 32ebb70e764ff8299ea291bb7ad986d8d8a04818 +gpg: Signature made Mon 09 Oct 2017 06:18:45 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 076e246549 5ebe5a119a +Author: Trammell hudson +Date: Mon Oct 9 18:18:29 2017 -0400 + + Merge branch 'jgrip-x220' PR #235 + +commit 5ebe5a119a8b9f6e556a8bc1802478b137de97e3 +gpg: Signature made Mon 09 Oct 2017 06:16:48 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 076e246549 6f48c14d0c +Author: Trammell hudson +Date: Mon Oct 9 18:16:45 2017 -0400 + + Merge branch 'x220' of https://github.com/jgrip/heads into jgrip-x220 + +commit 076e246549b9a8c822e3cb28b17144aea4392ac6 +gpg: Signature made Mon 09 Oct 2017 06:14:07 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 48175f7528 645c7656fa +Author: Trammell hudson +Date: Mon Oct 9 18:14:01 2017 -0400 + + Merge branch 'qubes-4.0' PR #210 + +commit 645c7656fa9acba6d21d4360862fdba5aad29a3f +gpg: Signature made Mon 09 Oct 2017 06:12:36 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 48175f7528 41f49237c6 +Author: Trammell hudson +Date: Mon Oct 9 18:12:33 2017 -0400 + + Merge branch 'qubes-4.0' of https://github.com/flammit/heads into qubes-4.0 + +commit 48175f752837b400f6dcc79371a1cd96e5c53651 +gpg: Signature made Mon 09 Oct 2017 06:08:24 PM EDT +gpg: using RSA key B65BFE540DEF86C0 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 +Merge: 9d9af31e58 ec1a54c6b6 +Author: Trammell hudson +Date: Mon Oct 9 18:08:05 2017 -0400 + + Merge branch 'generic-boot-cleanup' PR #230 + +commit 2045c082dccace0c0881d949de77e3f95b70d58c +gpg: Signature made Thu 05 Oct 2017 03:17:24 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Oct 5 15:17:24 2017 -0400 + + ignore temporary files + +commit 6046a01e9e33466d7748343c20934f911683d3e5 +gpg: Signature made Thu 05 Oct 2017 03:16:34 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Oct 5 15:16:34 2017 -0400 + + Initial support for the Lenovo x3550 m5 server, but it does not work yet + +commit 2438a0ea24bcdef75f1e8ef460999bf26ba209d7 +gpg: Signature made Thu 05 Oct 2017 03:15:33 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Oct 5 15:10:34 2017 -0400 + + Build multiple boards with the NERF firmware (issue #268) + + This modifies the `Makefile.nerf` to create files based on the + $(BOARD) variable, which is necessary as we start to support + multiple mainboards. + + The config files must define five variables, all in bytes: + + * `NERF_SIZE` - for the EFI firmware volume that contains Linux + * `PEI_SIZE` - size of the PEI image in the vendor ROM + * `PEI_OFFSET` - offset of the PEI image in the vendor ROM + * `ME_SIZE` - size of the ME image in the vendor ROM, or 0 if + there is no ME image to be extracted. + * `ME_OFFSET` - offset of the ME image in the vendor ROM + + The `ifd.bin` must be created and can be checked in. + The default ROM input file is `blobs/$(BOARD)/$(BOARD).rom`, + and it *must not* be checked in. + +commit 212b0306603bc012290a64f66000e35d278b5413 +gpg: Signature made Mon 25 Sep 2017 03:21:16 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Mon Sep 25 15:21:16 2017 -0400 + + generate ACPI firmware volume and removed Linux ACPI table hacks (issue #266) + +commit 86f90c894729d336e44445d9831d1654345d33c9 +gpg: Signature made Sun 24 Sep 2017 11:59:10 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Sun Sep 24 11:59:10 2017 -0400 + + LZ compressed version of the ACPI tables (hand generated) (issue #266) + +commit 115573adc9fcb0531d633ff03b6dec0faddaec95 +gpg: Signature made Sat 23 Sep 2017 10:55:42 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Sat Sep 23 22:53:10 2017 -0400 + + Attempt to use the edk2 ACPI tables (issue #266) + + This links in the AcpiTableDxe and AcpiPlatform executables from + the edk2 build tree and adds a depex dependency for the Linux + kernel on the AcpiTable being setup. The `acpi.cpio` file is + no longer included in the Linux kernel bzImage. + + The `Makefile.nerf` has been re-written to generate the firmware + file system (FFS) files via rules. + + TODO: figure out how to add LZMA compressed sections so that the + 900k acpi tables can be compressed to about 100k. + +commit 30c844661c56861f0ffcc146fd792c6c9b4e178c +gpg: Signature made Fri 22 Sep 2017 07:13:23 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Sep 22 19:13:23 2017 -0400 + + make a hole in low memory for the trampoline (issue #246) + +commit ab87580b18362a7de94e22b6fb9779b473c45be9 +gpg: Signature made Fri 22 Sep 2017 04:30:02 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Sep 22 16:30:02 2017 -0400 + + use depex to wait for runtime services guid to be installed (issue #261) + +commit 341f8ac1887e947df6b0b5013a25af761fc46368 +gpg: Signature made Fri 22 Sep 2017 04:20:58 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Sep 22 16:20:58 2017 -0400 + + generate the r630 blobs from the input rom file + +commit 12cea9a8e949f26aaf873b9900fdd618e16209bd +gpg: Signature made Fri 22 Sep 2017 04:17:05 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Sep 22 16:17:05 2017 -0400 + + make coreboot an optional dependency (issue #265) + +commit ae8aa669dca39a5ac8bf25b56bf5bdf5f4a154c9 +gpg: Signature made Fri 22 Sep 2017 04:13:26 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Sep 22 16:13:26 2017 -0400 + + make PERC/MegaRaid a module again (issue #253) + +commit 90c231623c7268b701a02cdf1787db8d36b402a9 +gpg: Signature made Fri 22 Sep 2017 03:27:10 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Sep 22 15:27:10 2017 -0400 + + support XZ initrd, without forcing XZ on initramfs (issue #257) + +commit 0cc31132d324138e955a31eca5441db45642092b +gpg: Signature made Fri 22 Sep 2017 03:14:40 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Sep 22 15:13:41 2017 -0400 + + Allow initrd.cpio to be a separate EFI firmware volume (issue #257) + + Add a function to walk all firmware volumes looking for a well + known GUID that is the initrd.cpio image. Currently it must be + uncompressed. + +commit 03d21da2681bf649fd71e070d35ea4dc6cda12aa +gpg: Signature made Fri 22 Sep 2017 03:09:57 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Fri Sep 22 15:09:57 2017 -0400 + + generate 512-byte padded xz files + +commit 91ef9aeefa9ff2dfdd49b7ab5388ee5bc428c37e +gpg: Signature made Thu 21 Sep 2017 04:54:48 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Sep 21 16:54:48 2017 -0400 + + Make megaraid a module so that it does not delay normal boots (issue #253) + +commit a1c9bbb9ff4bc64c7bc2000664b60d7afa107606 +gpg: Signature made Thu 21 Sep 2017 04:18:17 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Sep 21 16:18:17 2017 -0400 + + Enable MegaRaid and XFS support (issue #253) + +commit 0b7e5e60a0e2243939d8b6e0783af8c180bb4184 +gpg: Signature made Thu 21 Sep 2017 10:34:35 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Sep 21 10:34:35 2017 -0400 + + quiet down the output to the vga, since it is so slow to update + +commit f7de7d7388970f3e9b7ae7b78681d07c2939b913 +gpg: Signature made Thu 21 Sep 2017 10:27:19 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Sep 21 10:26:11 2017 -0400 + + Enable all flashrom devices (issue #249). + + This allows flashrom to work on the r630 NERF server, but + also increases the size of the flashrom executable significantly + since it brings in all chipset and flash types. + +commit 607868c0b5eb82ff59bb2ed91f6428d7151a1e58 +gpg: Signature made Thu 21 Sep 2017 10:24:16 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Sep 21 10:24:16 2017 -0400 + + document how to extract and unlock regions from r630.rom (issue #259) + +commit ddbdcd4d4d7b15587042d2ce253ed4b7865a7dc2 +gpg: Signature made Thu 21 Sep 2017 09:34:16 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Thu Sep 21 09:34:16 2017 -0400 + + remove unneeded foo.vol.txt output from GenVol + +commit 8148c970fbb6ba31e93423406383bf828cdc3b9f +gpg: Signature made Wed 20 Sep 2017 06:59:24 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 18:59:24 2017 -0400 + + expand the NERF volume to fill all available space in the ROM (issue #242) + +commit 9596e73dfce6ed324e0d764f26bbb98f90308fdc +gpg: Signature made Wed 20 Sep 2017 06:33:05 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 18:33:05 2017 -0400 + + make edk2 a dep for building the DXE images + +commit 796ea2870af3eaf02fd32bf1dbebeae02412d6ef +gpg: Signature made Wed 20 Sep 2017 06:24:54 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 18:24:54 2017 -0400 + + build appears to produce a NERFed r630 firmware image + +commit 998736fc50d7558464362a39ab8a3da0d2ee9cb3 +gpg: Signature made Wed 20 Sep 2017 05:47:48 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 17:47:48 2017 -0400 + + initial tools to build the nerf EFI volume that goes into the firmware + +commit 3a8710cf492f44ab5ee4becd394cc80ec468a7a0 +gpg: Signature made Wed 20 Sep 2017 05:47:12 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 17:47:12 2017 -0400 + + unquiet it for now + +commit 04a108912ffa0f5e264d4a927167fb694f0f287a +gpg: Signature made Wed 20 Sep 2017 05:46:56 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 17:46:56 2017 -0400 + + ignore edk2 generated files + +commit 81a7f18b8635c16247731265032257820fdcd635 +gpg: Signature made Wed 20 Sep 2017 02:26:38 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 14:26:38 2017 -0400 + + build edk2 as a module for the r630 NERF firmware + +commit bda821dbb93663ff5f5c8771899190ba2d33dc63 +gpg: Signature made Wed 20 Sep 2017 02:26:07 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 14:26:07 2017 -0400 + + fix patches to have the correct -p level + +commit 8194f2f47791d597171b96c0e5d96ba408666026 +gpg: Signature made Wed 20 Sep 2017 02:25:19 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 14:25:19 2017 -0400 + + allow extra options to git via the repo variable + +commit 33c1c9147e1ba794796f0a7367a11c939bea57c9 +gpg: Signature made Wed 20 Sep 2017 10:34:26 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 10:34:25 2017 -0400 + + ACPI tables for the r630 NERF firmware + +commit a4d7654b1eee65a104053c0a2b2b882fa1ec9e44 +gpg: Signature made Wed 20 Sep 2017 10:31:30 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 20 10:29:14 2017 -0400 + + Build the Heads/NERF firmware for the Dell R630 server. + + This development branch builds a NERF firmware for the Dell R630 + server. It does not use coreboot; instead it branches directly + from the vendor's PEI core into Linux and the Heads runtime + that is setup to be run as an EFI executable. + +commit 41f49237c636bf6ff12938253641b317a932fa09 +gpg: Signature made Wed 13 Sep 2017 10:12:36 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Wed Sep 13 22:10:46 2017 -0400 + + Added configurable xen version for Qubes 4 support + + also addresses issue #238 + +commit ec1a54c6b61b10b9dbdc7e7791c0bd75ba93cb11 +gpg: Signature made Wed 13 Sep 2017 09:14:45 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Wed Sep 13 21:14:13 2017 -0400 + + Updated to match latest qubes 3.2 xen 4.6.6-30 (issue #238) + +commit 498105c9796f6b32fa4f96c34517a63dbdec1e74 +gpg: Signature made Wed 06 Sep 2017 07:07:02 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell hudson +Date: Wed Sep 6 19:07:02 2017 -0400 + + enable i915 native support (needed for Librem 13v2) + +commit 821e48446a19c53a1afdd433ff79e9d74068c5b1 +gpg: Signature made Sat 02 Sep 2017 02:13:49 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Wed Aug 16 21:52:06 2017 -0400 + + Updated to match latest qubes 3.2 xen 4.6.6-29 (issue #238) + +commit 472ffd35c0a5d8b9d4d678a3ab5117722cccf2ae +gpg: Signature made Sat 02 Sep 2017 02:13:45 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Jul 30 17:33:26 2017 -0400 + + Moved kernel command line parameters to config + +commit 7cec25542d45b7a2251c395a2e6ffc5ac16cf3ba +gpg: Signature made Sat 02 Sep 2017 02:13:42 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Jul 29 13:24:34 2017 -0400 + + Allow boot without unseal of TPM LUKS key + + Closes issue #226 + + Also changed to procedure to show LVM volume groups and block + device ids to aid in choosing the right combination during the + TPM LUKS key sealing process. + +commit 26b2d498977f793c8092226ab9f0be93231dbb54 +gpg: Signature made Sat 02 Sep 2017 02:13:38 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Jul 22 16:32:10 2017 -0400 + + Allow TPM LUKS key to be set during default selection + + Closes #222 + +commit 0897a20b845c387d8c297bf2d006568f2ca88db9 +gpg: Signature made Sat 02 Sep 2017 02:13:33 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Jul 22 14:57:46 2017 -0400 + + Ensure recovery for failed default boot + + Should close #223 + + Added reboot and poweroff scripts using /proc/sysrq-trigger + + Also cleaned up the boot loop in generic-init + +commit e8f3d206c557169c60918f436f65c62d37d6f394 +gpg: Signature made Sat 02 Sep 2017 02:13:29 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Jul 22 14:25:39 2017 -0400 + + Strip invalid leading/trailing '/' from script params + +commit 6f48c14d0c9b24148d60025c50355bb9bb6d439f +Author: Johan Grip +Date: Fri Aug 4 22:48:27 2017 +0200 + + Update X220 to do generic image instead of qubes. + Also added a script to extract the necessary blobs from a bios + dump image. + +commit 9d9af31e58a40e6e679be2397391128bbd05f318 +gpg: Signature made Thu 27 Jul 2017 06:26:04 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Jul 27 06:26:04 2017 -0400 + + fix typo and format with markdown (issue #206) + +commit 314ce7b350acbbf7c94c33f91c6e036586cf6c0c +gpg: Signature made Tue 18 Jul 2017 02:25:15 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 18 14:25:15 2017 -0400 + + bump Linux kernel to 4.9.38 (issue #224) + +commit fcc99eca9349cf0202befe927c41854b6e436927 +gpg: Signature made Tue 18 Jul 2017 02:03:43 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 18 14:03:43 2017 -0400 + + include version number in verify target (issue #228) + +commit b550a7f967edbdff34d18369fe633194bdfc9680 +gpg: Signature made Tue 18 Jul 2017 01:44:02 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 18 13:44:02 2017 -0400 + + rework startup scripts to combine totp prompt with boot mode selection (issue #221) + +commit 3e48f1c5e829431d9c5f8160166ade275d4c4072 +gpg: Signature made Tue 18 Jul 2017 01:42:19 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 18 13:42:19 2017 -0400 + + tweaks to make qemu run through the /bin/generic-init process + +commit 36e3172c8e2edd3e3d660139a6d1335cfd988a88 +gpg: Signature made Tue 18 Jul 2017 01:32:57 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 18 13:32:57 2017 -0400 + + disable i915 for now, since it causes screen glitches in Xen/Qubes (issue #219) + +commit 3c8adf2cf10a5be7294aa60e85d4e077602ef43c +gpg: Signature made Tue 18 Jul 2017 01:31:08 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 18 13:31:08 2017 -0400 + + remove no longer required vga patch from xen (issue #227) + +commit 7aec9a228860c1f59508ad1ddad1980d5829fbd0 +gpg: Signature made Tue 18 Jul 2017 10:10:55 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 18 10:10:55 2017 -0400 + + add support for i915 and render mode setting (issue #219) + +commit 39ade211ce73cf6baf59044dba06837a39548768 +gpg: Signature made Tue 18 Jul 2017 09:11:05 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 18 09:11:05 2017 -0400 + + add support for fractional second timeouts in busybox read (issue #221) + +commit f0913e96705804f9d9ddc8a228f747a5ed1a341e +gpg: Signature made Mon 17 Jul 2017 12:44:13 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 7e5c9bf5f8 af3170ebf7 +Author: Trammell Hudson +Date: Mon Jul 17 12:43:53 2017 -0400 + + Merge branch 'flammit-usb-boot' pull request #200 + +commit af3170ebf71d610765f724be9e7b4907155efb21 +gpg: Signature made Mon 17 Jul 2017 12:43:14 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 17 12:43:14 2017 -0400 + + remove trailing / on the /boot device parameter + +commit 831dca51243228edc7d2d50f423de9ee84e84893 +gpg: Signature made Mon 17 Jul 2017 12:31:58 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 17 12:31:58 2017 -0400 + + remove older qubes-specific files, no longer required in generic boot env + +commit 22282da905d6deabd81aa753845ff4af381f343d +gpg: Signature made Mon 17 Jul 2017 12:24:15 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 17 12:24:15 2017 -0400 + + default to mounting USB device on /media + +commit 86f3e9f5dc13e69a847ed8105557d8f0e384cd7d +gpg: Signature made Mon 17 Jul 2017 12:22:48 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 17 12:22:48 2017 -0400 + + add /boot and /media to /etc/fstab on startup (issue #220) + +commit ba98d5dda66c7d1de4668089bbc131729ddb949e +gpg: Signature made Mon 17 Jul 2017 08:52:53 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 7e5c9bf5f8 11aca354e9 +Author: Trammell Hudson +Date: Mon Jul 17 08:52:48 2017 -0400 + + Merge branch 'usb-boot' of https://github.com/flammit/heads into flammit-usb-boot + +commit 11aca354e9b4c7e50c95f7b7209eeddbfb535e02 +gpg: Signature made Thu 13 Jul 2017 12:34:54 AM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Thu Jul 13 00:33:49 2017 -0400 + + Fixed edge case in kernel argument injection + + Debian 9 installer doesn't have kernel arguments so the iommu fix + wasn't being applied properly. + +commit 2a9ca6fdba3e5fd41153c59caf1b652d369623d8 +gpg: Signature made Wed 12 Jul 2017 12:43:28 AM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Wed Jul 12 00:43:08 2017 -0400 + + Fixed regression on kexec-save-key + +commit 22a52ec4b82411198c1032caa6a722395b557d62 +gpg: Signature made Wed 12 Jul 2017 12:18:36 AM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Wed Jul 12 00:17:45 2017 -0400 + + Added TPM secret management to generic boot + + Also cleaned up error handling and boot parsing edge cases + +commit d67360a24b215a65974253da6e8f18acd46a42bf +gpg: Signature made Sat 08 Jul 2017 05:03:36 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Jul 8 16:59:37 2017 -0400 + + Added rollback protection to generic boot + + Changed the checking of required hashes or required rollback state + to be right before boot, allowing the user to sign/set defaults + in interactive mode. + + Also cleaned up usages of recovery and fixed iso parameter + regression. + +commit 8004b5df2a4dd626a01f6c8b7b67abe222ebb134 +gpg: Signature made Tue 04 Jul 2017 07:53:31 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Tue Jul 4 19:49:14 2017 -0400 + + Added the ability to persist a default boot option + + Similar to qubes-update, it will save then verify the hashes of + the kexec files. Once TOTP is verified, a normal boot will verify + that the file hashes and all the kexec params match and if + successful, boot directly to OS. + + Also added a config option to require hash verification for + non-recovery boots, failing to recovery not met. + +commit ce4b91cad98f11f696bd320a4d6990cf831f1e3a +gpg: Signature made Mon 03 Jul 2017 01:08:26 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Mon Jul 3 13:07:03 2017 -0400 + + Minor tweaks to signing params and boot options + + Also split out usb-scan to allow manual initiation of scan from + the recovery shell + +commit 3614044fffbf702c49e79e48e12dcd9988a8cbc3 +gpg: Signature made Sun 02 Jul 2017 11:10:52 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Jul 2 23:01:04 2017 -0400 + + Added a generic boot config and persistent params + + Refactored boot parsing code and applied that in local-init to + scan /boot for grub options and allow the user to unsafely boot + anything. This goes a long way to addressing #196. + + Optionally the user can customize those boot parameters or enforce + arbitrary hashes on the boot device by creating and signing config + files in /boot/ or /media/ or /media/kexec_iso/ISO_FILENAME/. + +commit 76a20288a33085d041f8396068528e413506e61a +gpg: Signature made Sun 02 Jul 2017 02:30:06 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Jul 2 14:27:02 2017 -0400 + + Tweaks to allow qubes install w/o custom script + + usb-boot automatically uses internal xen binary / command line + when multiboot is detected. + + also tweaked to evaluate/remove variable refs in kexec arguments + +commit 7e5c9bf5f846bf6e8c5d885670ba011706949342 +gpg: Signature made Mon 26 Jun 2017 04:33:49 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jun 26 16:33:49 2017 -0400 + + fix Xen reproducibility by not using figlet #207 + +commit 7f6f365afe74115172b1d473a8db12aa6a47c624 +gpg: Signature made Mon 26 Jun 2017 01:08:03 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Mon Jun 26 13:07:48 2017 -0400 + + Reverted submodule name back to xen + +commit e1e654696b0f360df054cf9fa65391825c758d8f +gpg: Signature made Sun 25 Jun 2017 06:36:28 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Jun 25 18:35:59 2017 -0400 + + Fixes the patched qubes-vmm-xen Makefile + + Prevents subsequent builds from trying to unpack/repatch + +commit c2ec62bfcd41f4b8409cf59d85c2cd83f43b1d1b +gpg: Signature made Fri 23 Jun 2017 11:01:57 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Fri Jun 23 23:01:20 2017 -0400 + + Changed xen submodule to track Qubes Xen + + Closes #159 + +commit 265424b101fc5f7fd1a614cc0c8dbad18b3eb913 +gpg: Signature made Tue 13 Jun 2017 10:45:33 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jun 13 10:45:33 2017 -0400 + + do not enable libkmod (issue #164) + +commit a5d4c6553317d9e5a25c47e9417f2ba5baabab41 +gpg: Signature made Thu 04 May 2017 11:20:11 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu May 4 11:18:50 2017 -0400 + + use SHA256 digest on signatures to avoid SHA1 collision attacks (issue #120) + +commit 2b2c00e594431accc1656f10e6d5af926023a438 +gpg: Signature made Mon 01 May 2017 10:52:49 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon May 1 10:52:49 2017 -0400 + + typo in comment + +commit 8b3ed5fd7a1a7b77ed2c404f7b1d23b1f0966232 +gpg: Signature made Mon 01 May 2017 10:49:45 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Johan Grip +Date: Fri Apr 21 21:12:54 2017 +0200 + + Added blob directory for non-free blobs Also basic documentation for the binaries needed for the X220 and how the get to them + +commit dea6cb60d3d9e311fa8646b4807183c0590d6f14 +gpg: Signature made Mon 01 May 2017 10:49:43 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Johan Grip +Date: Wed Apr 19 00:16:26 2017 +0200 + + Also enable the correct flash chip for x220 + +commit ceb81944a1be0da9fec5688026f6ae21abef37dc +gpg: Signature made Mon 01 May 2017 10:49:40 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Johan Grip +Date: Wed Apr 19 00:01:21 2017 +0200 + + Re-enabled x220 components in flashrom. + +commit 186b641385209ec5c5e26ef1241f291f63635b45 +gpg: Signature made Mon 01 May 2017 10:49:38 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Johan Grip +Date: Tue Apr 18 21:24:55 2017 +0200 + + Inital test of a lenovo x220 port. Uses hardcoded paths for the blobs required. Uses a stripped ME blob. + +commit 2cad84a76861652352091ec43e14230e2b1746d6 +gpg: Signature made Mon 01 May 2017 10:47:24 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon May 1 10:47:24 2017 -0400 + + make the ME a module (issue #194) + +commit 1f8eaa696e792694f8fb866b6b3a0cb86a46a9e4 +gpg: Signature made Sat 29 Apr 2017 09:50:38 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Apr 29 21:50:10 2017 -0400 + + minor tweaks to config parsing + +commit efd662c63a18192b1c82597b17822c61dc28c00d +gpg: Signature made Sat 29 Apr 2017 01:48:03 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sat Apr 29 13:40:34 2017 -0400 + + adds a USB boot option with basic parsing to kexec + + Supports booting from USB media using either the root device or + a signed ISO as the boot device. Boot options are parsed with + quick/dirty shell scripts to infer kexec params. + + Closes #195 and begins to address #196 + +commit 7f600072ade503c6e57cd40b4316264f1a3a0ed2 +gpg: Signature made Sun 23 Apr 2017 04:12:09 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Apr 23 16:12:08 2017 -0400 + + pass -ic option to tpm extend (issue #198) + +commit 448d0731a9756d7a9a1a09cdec866354b6cbb62e +gpg: Signature made Mon 17 Apr 2017 04:10:48 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 17 16:10:48 2017 -0400 + + cherry pick Linux config from zfs branch with multi-user set + +commit 964b967c9e07c7108d785b168304ef6e3b1e5715 +gpg: Signature made Mon 17 Apr 2017 04:09:06 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Apr 16 14:18:46 2017 -0400 + + Use kernel headers from our Linux kernel tree (issue #188) + +commit ad732939c339506b4b15a6aa9516f2a5fc8ce6c1 +gpg: Signature made Sun 16 Apr 2017 05:37:14 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Apr 16 17:37:14 2017 -0400 + + load usb-storage module in x230-flash.init + +commit a71f84c08f57a8a134cf6413a34d13ff2115a3d1 +gpg: Signature made Wed 12 Apr 2017 11:54:11 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 11:54:11 2017 -0400 + + cbmem was not being built + +commit 8f4455bc5724215287f56339cb0679e561d94b60 +gpg: Signature made Wed 12 Apr 2017 09:50:08 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 09:50:08 2017 -0400 + + hardware token key + +commit 4310b596866d21e8ea75f294cb98ab3293f42d1a +gpg: Signature made Wed 12 Apr 2017 09:30:08 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 09:30:08 2017 -0400 + + fix patch for -p1 + +commit bf95aa1839f28b3a9de3fe48213257e965dab04c +gpg: Signature made Wed 12 Apr 2017 08:46:56 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 08:46:56 2017 -0400 + + use 0.3.0 release of tpmtotp + +commit 9d4b7a5b73935bb4380e32c0fc2e3ace394115cf +gpg: Signature made Wed 12 Apr 2017 08:28:31 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 08:28:31 2017 -0400 + + print and update the timestamp on the TOTP while waiting for disk unlock code + +commit 87b6f1e4896c057cfbc88d7901479b567e532e11 +gpg: Signature made Wed 12 Apr 2017 08:27:57 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 08:27:57 2017 -0400 + + supress mlock error + +commit 3fc174b0f78a73eb0bdc6279ff512a879b880d13 +gpg: Signature made Wed 12 Apr 2017 08:12:31 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 08:12:31 2017 -0400 + + totp program outputs the date + +commit 782d4cdc7bfd1d905d3769463a7e8308a15f04b9 +gpg: Signature made Wed 12 Apr 2017 07:04:25 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 07:04:25 2017 -0400 + + signing of files is now possible on the laptop + +commit 353a0efe6f18f540a0fa51d58dc889cfab4f8398 +gpg: Signature made Wed 12 Apr 2017 07:03:41 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:57:58 2017 -0400 + + Rework /init and qubes setup scripts (issue #27, #155, #32, #29, #110) + + This adds support for seamless booting of Qubes with a TPM disk key, + as well as signing of qubes files in /boot with a Yubikey. + + The signed hashes also includes a TPM counter, which is incremented + when new hashes are signed. This prevents rollback attacks against + the /boot filesystem. + + The TPMTOTP value is presented to the user at the time of entering + the disk encryption keys. Hitting enter will generate a new code. + + The LUKS headers are included in the TPM sealing of the disk + encryption keys. + +commit 8464227aa109c727d5fc0524ed5f2708521e385e +gpg: Signature made Wed 12 Apr 2017 06:57:26 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:57:26 2017 -0400 + + use the external functions (issue #161) + +commit 8d2d6ad6c38e7081faeaf764bf16ccdf3f4a847e +gpg: Signature made Wed 12 Apr 2017 06:55:22 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:55:22 2017 -0400 + + helper to install qubes from the recovery shell (issue #27) + +commit 6a734208b07cf671dc99be63d17e70fa42b7380b +gpg: Signature made Wed 12 Apr 2017 06:53:54 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:53:54 2017 -0400 + + try creating NVRAM entry before prompting for owner password (issue #151) + +commit fa8c3abe98d7edf00c831ab39d2de9417ebcd9df +gpg: Signature made Wed 12 Apr 2017 06:52:35 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:52:35 2017 -0400 + + put board configuration file into /etc/config + +commit 122bacab37071b799a7ceb3815b1b2ff03875bb3 +gpg: Signature made Wed 12 Apr 2017 06:50:57 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:50:57 2017 -0400 + + use xen.gz since we have zlib support in kexec again (issue #170) + +commit 84f1d0af3980618581f9f48bfac45982dd2a933f +gpg: Signature made Wed 12 Apr 2017 06:50:18 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:50:18 2017 -0400 + + copy file and compute sha256 before flashing + +commit 7a9ab72144d2a1c092dc85d97a63b236740c263f +gpg: Signature made Wed 12 Apr 2017 06:49:39 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:49:39 2017 -0400 + + import the seal/unseal totp scripts since they are very specialized to the heads install, skip owner password if not required (issue #151) + +commit c5c47c6b1c0a31203e4f8f5de20b2cd1f2a61e18 +gpg: Signature made Wed 12 Apr 2017 06:48:38 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:48:38 2017 -0400 + + common recovery shell functions (issue #161) + +commit d73c92e63f071fd7f96af3b9503ac66d78eec0a0 +gpg: Signature made Wed 12 Apr 2017 06:46:55 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:46:55 2017 -0400 + + quiet down the boot process + +commit da9bde721c9e5b6ae7cb020695422ceff25c0abb +gpg: Signature made Wed 12 Apr 2017 06:46:24 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:46:24 2017 -0400 + + add some color + +commit ea9b2c0da088bec47a26d0fcb096e718adc11123 +gpg: Signature made Wed 12 Apr 2017 06:45:15 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 12 06:45:15 2017 -0400 + + helper to do a forcible TPM reset (issue #27) + +commit 8c57ac59e78061a9810618a9b16eaf707cdf6397 +gpg: Signature made Tue 11 Apr 2017 07:16:20 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Apr 11 07:16:20 2017 -0400 + + x230-flash configuration and initialization + +commit 51ecbdc8cb7e280744c6a00eb3a8b2a1f116c1be +gpg: Signature made Tue 11 Apr 2017 06:31:25 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Apr 11 06:31:25 2017 -0400 + + "$@" does not expand correctly in test expressions, use "$*" instead (issue #181) + +commit c19193d7c6b40a4456a8742c1b2a37253a4eb346 +gpg: Signature made Mon 10 Apr 2017 05:48:52 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 10 17:48:52 2017 -0400 + + check for TPM program and device before loading modules (issue #181) + +commit b6eaa5c2959a4cd0108e54c7ffedddb3af77c086 +gpg: Signature made Mon 10 Apr 2017 05:48:20 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 10 17:48:20 2017 -0400 + + remember to add /dev to /etc/fstab + +commit 1744612df63fd81e132215b203a0992b4f6abec7 +gpg: Signature made Mon 10 Apr 2017 01:11:19 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 10 13:11:19 2017 -0400 + + mount only takes one filesystem + +commit 4c982856a368b4284243b640147a88ccfac9651b +gpg: Signature made Mon 10 Apr 2017 12:59:24 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 10 12:59:24 2017 -0400 + + add /etc/fstab and /etc/mtab to initrd image + +commit 85f0586615d16f9475ed88189d7ca3caa238437c +gpg: Signature made Mon 10 Apr 2017 12:59:07 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 10 12:59:07 2017 -0400 + + build xen for the qemu image so that we can test kexec + +commit 4eab928339ce53fcd28e83bc454613b190767ad6 +gpg: Signature made Sun 09 Apr 2017 05:50:48 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 1043517371 ca06e7598d +Author: Trammell Hudson +Date: Sun Apr 9 17:50:43 2017 -0400 + + Merge branch 'flammit-master' + +commit ca06e7598dbab3cbbab1824da6250fc5182ebe1c +Merge: 1043517371 a39a24665c +Author: Trammell Hudson +Date: Sun Apr 9 17:49:36 2017 -0400 + + Merge branch 'master' of https://github.com/flammit/heads into flammit-master + +commit a39a24665c3369dc1dcdf9abc0300add3b5024ba +gpg: Signature made Sun 09 Apr 2017 05:40:15 PM EDT +gpg: using RSA key 0A59C698920806EB +gpg: Good signature from "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: aka "Francis Lam " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: 5DD5 D107 FF15 DF42 DEEB 2C8C 7EEE 2E88 49FF CE9C + Subkey fingerprint: 3E65 88E5 2957 E38D E5E7 5292 0A59 C698 9208 06EB +Author: Francis Lam +Date: Sun Apr 9 17:39:23 2017 -0400 + + Fix coreboot build where gcc defaults to pie (issue #177) + + See https://github.com/coreboot/coreboot/commit/8bbd596de631adc8b677e69603e978b848eb1708 + +commit 1043517371d6ea5d0e2d0e692c6002222b607233 +gpg: Signature made Sun 09 Apr 2017 04:09:17 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Apr 9 16:09:17 2017 -0400 + + typo in $(CROSS_TOOLS_NOCC), building xen with system ld (issue #173) + +commit 132d26de05590e94ea6539e4d3cbf621c721005a +gpg: Signature made Sun 09 Apr 2017 02:49:42 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Apr 9 02:49:42 2017 -0400 + + do two make passes to avoid concurrency errors in lvm2 (issue #175) + +commit 740f197487b91deaed791a8e0016c0972f4c7cec +gpg: Signature made Sun 09 Apr 2017 02:11:18 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Apr 9 02:11:18 2017 -0400 + + Linux does not need the musl-libc, just the cross compiler (issue #175) + +commit 4e88d5d59c96dc864bc0c27901e24d0f90768cc7 +gpg: Signature made Sun 09 Apr 2017 01:38:22 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Apr 9 01:38:22 2017 -0400 + + typo in gnupg, remove the install directory on a real.clean + +commit a2b0ef878ea1c765c164522f83d58203ad6806f1 +gpg: Signature made Sat 08 Apr 2017 05:46:54 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 8 17:46:54 2017 -0400 + + add real.clean target and fix DAG for parallel top-level makes (issue #175) + +commit a42aaa37c6aed1ca418b185a19f9b0e54f00a7c6 +gpg: Signature made Sat 08 Apr 2017 05:46:21 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 8 17:46:21 2017 -0400 + + xen depends on musl-cross (issue #175) + +commit 8c3b5877a356177756bed61821c0aec2f5095186 +gpg: Signature made Sat 08 Apr 2017 03:19:26 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 8 15:19:26 2017 -0400 + + add bootstrap target to build cross compilers (issue #162) + +commit 46a2ae8c2b09efcdadd1006eb7e6a2539cd63b31 +gpg: Signature made Sat 08 Apr 2017 02:30:50 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 8 14:30:50 2017 -0400 + + disable more unnecessary LVM components + +commit 07eb5e971782ca75ed542a72b1f7d8d25711e534 +gpg: Signature made Sat 08 Apr 2017 01:26:57 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 8 13:23:34 2017 -0400 + + Define $(CROSS_TOOLS) to ensure reproducible builds (issue #173) + + Each of the submodule configuration files defined a subset of the + cross compiler tools that it used and many were picking up the + system `ar`, `nm`, `strip, `ld`, etc. They all now use a `Makefile` + macro that defines the path to the proper cross compiler tools. + + For ones that need the tools, but not the musl-libc gcc, + there is $(CROSS_TOOLS_NOCC) that is all of them without gcc. + This is for musl-libc itself, as well as xen and the Linux kernel. + +commit ae6bed14a2abf0732ccb425224f03ac60fc14911 +gpg: Signature made Sat 08 Apr 2017 01:21:14 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 8 13:21:14 2017 -0400 + + lvm Makefile was defining $(STRIP) (issue #174) + +commit c262de30a4eb12d28b35e22fb5dfcb705d8f3d45 +gpg: Signature made Sat 08 Apr 2017 01:20:40 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 8 13:20:40 2017 -0400 + + kexec/util/bin-to-hex needs to be HOST_CC, not LD (issue #173) + +commit 9fb1f247ad5c892037293d4de8de5d3a6500883f +gpg: Signature made Fri 07 Apr 2017 11:28:36 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 11:28:36 2017 -0400 + + use cross compiler ar (issue #166) + +commit 2b0b6f33c0957129ac94e1cd4ea088f694190e51 +gpg: Signature made Fri 07 Apr 2017 11:19:44 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 11:19:44 2017 -0400 + + use cross compiler ar (issue #166) + +commit ea175466a05274c26030eb4ea04f2e32c84d4da3 +gpg: Signature made Fri 07 Apr 2017 10:57:19 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 10:57:19 2017 -0400 + + use cross compiler ar (issue #166) + +commit 8241f190acd9dc98af7275ac1b48d67d43b175dc +gpg: Signature made Fri 07 Apr 2017 10:48:46 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 10:48:46 2017 -0400 + + use cross compiler ar (issue #166) + +commit 75117c0e5b2c1a6570cf9bba79135348a1aaf4d2 +gpg: Signature made Fri 07 Apr 2017 10:34:57 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 10:34:57 2017 -0400 + + reconfigure submodules if their config files ever change (issue #172) + +commit 5a0f3dc10b1c16c5a3cfaeca7807bc02496c623b +gpg: Signature made Fri 07 Apr 2017 10:05:30 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 10:05:30 2017 -0400 + + use -9 instead of --extreme for reproducibility (issue #171) + +commit 300b17fa25e0611de8e33a201dace14386352748 +gpg: Signature made Fri 07 Apr 2017 09:53:02 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 09:53:02 2017 -0400 + + add dropbear ssh to qubes and moc configurations (issue #169) + +commit ac74b92157b852ff6ed8ad9089ae8d3ac70bebe4 +gpg: Signature made Fri 07 Apr 2017 09:51:49 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 09:51:49 2017 -0400 + + re-enable zlib and use it in kexec (issue #170) + +commit 3c07e27d73c483762e8eb3a830ea75b71c3e0ff1 +gpg: Signature made Fri 07 Apr 2017 09:51:15 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 09:51:15 2017 -0400 + + prefix should not be empty + +commit f65136c1a2d92ad66736e5594b8072733cbe4bac +gpg: Signature made Fri 07 Apr 2017 08:59:25 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Apr 7 08:59:25 2017 -0400 + + parallel crosscompiler build (issue #168) + +commit 6b0013e0384481c5d2731445ae2362a2ed220f52 +gpg: Signature made Thu 06 Apr 2017 05:28:12 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 17:28:12 2017 -0400 + + use the non-musl-libc wrapped gcc (issue #167) + +commit c76a618b1ec09349e2682552fc21db8fb3f04b7f +gpg: Signature made Thu 06 Apr 2017 05:02:14 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 17:02:14 2017 -0400 + + use our cross compiler ld (issue #166) + +commit 7c8f86bc529151d8299540641859140051c0da40 +gpg: Signature made Thu 06 Apr 2017 04:44:48 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 16:44:48 2017 -0400 + + lvm2 builds reproducibly again (issue #166) + +commit 2b55d8bcf85087702bf9528bd47c5a2c74436765 +gpg: Signature made Thu 06 Apr 2017 04:22:40 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 16:22:40 2017 -0400 + + use our cross compiler ar, not /usr/bin/ar (issue #166) + +commit 727e2fbc5641e0279c5be9488c5fd4306b4a8fa8 +gpg: Signature made Thu 06 Apr 2017 04:06:52 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 16:06:52 2017 -0400 + + report sha256 of stages as they are built + +commit 96fe3f3f09a9e2376d3e50712198edaa9b55f84d +gpg: Signature made Thu 06 Apr 2017 04:01:56 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 16:01:56 2017 -0400 + + replaced PREFIX= with DESTDIR= to make builds reproducible (issue #166) + +commit 09718fc97ed894f8cf7e854604e20e622072c495 +gpg: Signature made Thu 06 Apr 2017 03:58:51 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 15:58:51 2017 -0400 + + replace __FILE__ with "__FILE__" to make Xen reproducible (issue #166) + +commit ea8a55fe5b755a4d508fb45bf54ed0350001ea05 +gpg: Signature made Thu 06 Apr 2017 11:01:48 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 11:01:48 2017 -0400 + + shell syntax, not makefile syntax (issue #131) + +commit 192e1227198d0198c83caa27b354260012ced926 +gpg: Signature made Thu 06 Apr 2017 10:50:43 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 10:50:43 2017 -0400 + + scale the max load by the number of CPUs (issue #131) + +commit 830828f2a29d6d18b12d535de9aac216021b349e +gpg: Signature made Thu 06 Apr 2017 09:45:47 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Apr 6 09:45:47 2017 -0400 + + enable usb storage module (issue #160) + +commit 350a3564b1ed2ee4d124b4e1dabbe8a0eea831d3 +gpg: Signature made Wed 05 Apr 2017 07:20:53 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 19:20:53 2017 -0400 + + move usb-storage into a kernel module (issue #160) + +commit 362785b81cf5b6e1a7279dc99744e03e8b98152f +gpg: Signature made Wed 05 Apr 2017 06:43:58 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 18:43:58 2017 -0400 + + gpg uses pubring.gpg instead of trustedkeys.gpg + +commit 06d2f7728bb06209db29ed35df422d6b056cf49e +gpg: Signature made Wed 05 Apr 2017 06:43:18 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 18:43:18 2017 -0400 + + ignore tilde files + +commit 9d6c5c5da84f4ef06d9f1023b4074ce1cd4077b5 +gpg: Signature made Wed 05 Apr 2017 06:35:45 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 18:35:45 2017 -0400 + + fix gpg tty reading from /dev/console to support yubikey (issue #32) + +commit a2e51a599cec5220ccb5a5fc39a513f5a19157e9 +gpg: Signature made Wed 05 Apr 2017 06:07:50 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 18:07:50 2017 -0400 + + fix build to avoid libusb installed on host system + +commit a1efbb8e02288c93981ca63344d1a0ce689fd3b1 +gpg: Signature made Wed 05 Apr 2017 06:06:42 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 18:06:42 2017 -0400 + + fix build to avoid libusb installed on host system + +commit 71f6cf3315e52157c51cfcef6347c76bc4730584 +gpg: Signature made Wed 05 Apr 2017 06:01:36 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 18:01:36 2017 -0400 + + hash update + +commit 0da184fe0154fcc287f30dea7e6f2c0087f00755 +gpg: Signature made Wed 05 Apr 2017 05:59:49 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 17:59:49 2017 -0400 + + Enable gpg with card support (issue #32) + +commit cfcf6c46d5d6d48b8a0a7389c9ba1dce32147415 +gpg: Signature made Wed 05 Apr 2017 02:13:40 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 14:13:40 2017 -0400 + + Purism Librem 13v1 initial configuration + +commit 0019d8031c4b0535df9429f412aeb959edcfded9 +gpg: Signature made Wed 05 Apr 2017 02:12:44 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 14:12:44 2017 -0400 + + make %.rom generic + +commit 5195a74422d3dce16e2c4f53809e6f83aef53a13 +gpg: Signature made Wed 05 Apr 2017 10:30:28 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Apr 5 10:30:28 2017 -0400 + + remove initrd unpacking, since Qubes dracut /etc/cryptab can be fixed + +commit ce766bdc58d6800923417fb26dee4d57b34a9ddb +gpg: Signature made Tue 04 Apr 2017 09:41:50 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Apr 4 09:41:50 2017 -0400 + + LVM patches to compile with musl + +commit 39cb4031f46eaa39cbc356668731e9e056746538 +gpg: Signature made Mon 03 Apr 2017 05:25:41 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 17:18:11 2017 -0400 + + TPM disk encryption keys for Qubes. + + Issue #123: This streamline Qubes startup experience by + making it possible to have a single-password decryption. + + Issue #29: The disk keys in `/secret.key` are passed to the systemd + in initramfs through `/etc/crypttab`, which is generated on each boot. + This is slow; need to look at alternate ways. + + Issue #110: By using LVM instead of partitions it is now + possible to find the root filesystem in a consistent way. + + Issue #80: LVM is now included in the ROM. + +commit 3d79f51e4a909a21dab07b5f3b98668769d55f41 +gpg: Signature made Mon 03 Apr 2017 05:15:29 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 17:13:59 2017 -0400 + + Build lvm command line utility (issue #80) + + Replace libuuid with util-linux libuuid (and libblkid, + although we are not using libblkid right now). + + This also requires a much larger coreboot cbfs, which was + fixed as part of issue #154. + +commit 392599b90b72f15a6af601b8c25ad1f1ecd289c1 +gpg: Signature made Mon 03 Apr 2017 05:13:07 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 17:13:07 2017 -0400 + + have xen output the xen executable for x230-qubes (issue #84) + +commit 4c413a17372429a3fdc4e8e072b87465d8953000 +gpg: Signature made Mon 03 Apr 2017 05:11:12 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 17:11:12 2017 -0400 + + enable file locking for LVM + +commit cd584c4fad72778b3c33f3f4514dc8c85dd0ad3e +gpg: Signature made Mon 03 Apr 2017 05:10:22 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 17:10:22 2017 -0400 + + remove unused platform modules + +commit 3dcc3d4b496b7829dc3120c1ec2e5dd7215a8fa1 +gpg: Signature made Mon 03 Apr 2017 05:09:54 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 17:09:54 2017 -0400 + + load the xhci USB3 modules as well + +commit 85a77cf5decb7b29b395bdeb871dcc22ad885f98 +gpg: Signature made Mon 03 Apr 2017 05:09:22 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 17:09:22 2017 -0400 + + build xen for installation into x230-qubes ROM (issue #84) + +commit d335f242921c590aac808e9ad64c1da4a86d6b5b +gpg: Signature made Mon 03 Apr 2017 02:53:29 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 14:53:29 2017 -0400 + + split x230 config into 4MB bootstrap image and 7MB runtime image (issue #156) + +commit e41e21084a021b9ec515b2e1cdfcf651c48ff8ca +gpg: Signature made Mon 03 Apr 2017 10:30:03 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Apr 3 10:30:03 2017 -0400 + + extend PCR 4 in a recovery to prevent disk key decryption (issue #154) + +commit 174bb6495730902321e8f9706084048377a3499d +gpg: Signature made Sun 02 Apr 2017 10:30:29 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Apr 2 22:21:49 2017 -0400 + + Move Qubes startup script to /boot/boot.sh + + This also adds a set of files in the qubes/ directory that + are meant to be copied to the /boot partition. + + Issue #154: for ease of upgrading Qubes, the script should + live on /boot instead of in the ROM. This requires a GPG + signature on the startup script to avoid attacks by modifying + the boot script. + + Issue #123: this streamlines the boot process for Qubes, although + the disk password is still not passed in correctly to the initrd + (issue #29). + + This does not address issues #110 of how to find the root device. + The best approach is probably disk labels, which will require + special installation instructions. + +commit 4e71017bea8d599044ba063ab19a8373ffbf4f26 +gpg: Signature made Sun 02 Apr 2017 09:45:10 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Apr 2 21:45:10 2017 -0400 + + bump xen to 4.6.4 (issue #153) + +commit f99944abe534de8886f21bdafcbce0c0c51494e6 +gpg: Signature made Sat 01 Apr 2017 11:02:00 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 1 23:02:00 2017 -0400 + + qubes init script and improved TPM disk encryption with LUKS headers (issue #123 and #6) + +commit d06ba0a851d3cf154826652d6b2f21106c0484e8 +gpg: Signature made Sat 01 Apr 2017 10:25:16 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Apr 1 22:25:16 2017 -0400 + + reset $boot_option between loops + +commit 93a0d7eee2642463a57d35b700c1a775f4e8911c +gpg: Signature made Fri 31 Mar 2017 06:13:50 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 18:13:50 2017 -0400 + + support clean targets + +commit 3225501e8402fbb6bd97460cce09b0b076add951 +gpg: Signature made Fri 31 Mar 2017 04:00:27 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Fri Mar 31 16:00:27 2017 -0400 + + remove power related busybox tools that do not work + +commit 7045d0279426057521662f45316b2e6595563258 +gpg: Signature made Fri 31 Mar 2017 03:59:38 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Fri Mar 31 15:59:37 2017 -0400 + + move to Linux 4.9.20 (issue #149) + +commit 858b48d3040d72ce914a9db3d2d9dfb3190db0a6 +gpg: Signature made Fri 31 Mar 2017 03:26:41 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 15:26:41 2017 -0400 + + use our specific strip program to ensure reproducibility (issue #148) + +commit 8544c5fe6d249dff2e39765e90f25e6ff97c4922 +gpg: Signature made Fri 31 Mar 2017 02:53:01 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 14:53:01 2017 -0400 + + busybox 1.26.2 update (issue #148) + +commit 2db3c33866d770e877424c7a948f0094f0f6624f +gpg: Signature made Fri 31 Mar 2017 02:33:15 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 14:33:15 2017 -0400 + + fix IDSDIR to make pciutils reproducible (issue #147) + +commit 27e35f6ef7ed72dddd4359a3557ad20fe42b7c19 +gpg: Signature made Fri 31 Mar 2017 01:28:20 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 13:28:20 2017 -0400 + + cleanup initrd tmpfile and reduce recursive make calls + +commit 3241499ee386c7af3b15eb6a7c1c7ce7dd5565aa +gpg: Signature made Fri 31 Mar 2017 01:05:05 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 13:05:05 2017 -0400 + + pciutils fails on first build if both install and install-lib are specified + +commit d6c553e884bb003839c308c771335ba426941ef2 +gpg: Signature made Fri 31 Mar 2017 01:04:46 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 13:04:46 2017 -0400 + + typo in qemu description + +commit 9322dbef2d276a0bc963da6f0dcf3b41b4cf41fa +gpg: Signature made Fri 31 Mar 2017 12:06:59 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 12:06:59 2017 -0400 + + use default qemu config, parameterize bin_modules + +commit 4141c75c8c42549fc7007eb9f10f7fadb5ea6478 +gpg: Signature made Fri 31 Mar 2017 11:59:18 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 31 11:59:18 2017 -0400 + + make kexec work with the modular build + +commit b35f8d35ae11ada2d9b59d20e5c9141cd0ba030c +gpg: Signature made Fri 31 Mar 2017 11:34:13 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 43ef324ae7 5ae0b09eb2 +Author: Trammell Hudson +Date: Fri Mar 31 11:34:11 2017 -0400 + + Merge /tmp/heads + +commit 43ef324ae770facbe21b2180c59cf14b3044f093 +Merge: d8ab8ecfe8 36021e006b +Author: Trammell Hudson +Date: Fri Mar 31 11:30:17 2017 -0400 + + Merge /tmp/heads + +commit 5ae0b09eb26efcbfa73426fbf9727c2f83141c14 +gpg: Signature made Fri 31 Mar 2017 11:24:10 AM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Fri Mar 31 11:24:10 2017 -0400 + + do not ignore files in initrd anymore + +commit c40748aa255f96067076bedf3a88d2dd70b3cb1b +gpg: Signature made Fri 31 Mar 2017 11:23:11 AM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Fri Mar 31 11:18:46 2017 -0400 + + Build time configuration for startup scripts and modules. + + This addresses multiple issues: + + * Issue #63: initrd is build fresh each time, so tracked files do not matter. + * Issue #144: build time configuration + * Issue #123: allows us to customize the startup experience + * Issue #122: manual start-xen will go away + * Issue #25: tpmtotp PCRs are updated after reading the secret + * Issue #16: insmod now meaures modules + +commit 581602e5b4864cf0857e953c06cc62de03d599ec +gpg: Signature made Fri 31 Mar 2017 09:06:04 AM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Fri Mar 31 09:06:04 2017 -0400 + + not using jekyl pages on this branch + +commit 36021e006b0514c7c0575fdfda19f752bb11a9d3 +Author: Trammell Hudson +Date: Thu Mar 30 18:39:18 2017 -0400 + + Rebuild sub-modules on each build (issue #143). + + The .INTERMEDIATE target seemed to causing the problem with + make thinking it didn't have to descend into the sub-module + directories. Removing it allows it to work correctly. + +commit d8ab8ecfe8ff55276b6ba76029127ca713abe48f +gpg: Signature made Thu 30 Mar 2017 06:40:23 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Mar 30 18:39:18 2017 -0400 + + Rebuild sub-modules on each build (issue #143). + + The .INTERMEDIATE target seemed to causing the problem with + make thinking it didn't have to descend into the sub-module + directories. Removing it allows it to work correctly. + +commit 8343130e9ae3b02045cd430664eb2db06d104de1 +gpg: Signature made Thu 30 Mar 2017 05:33:14 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: cab9e7c39f cfd549097f +Author: Trammell Hudson +Date: Thu Mar 30 17:32:47 2017 -0400 + + Merge branch 'moc' - kernel modules, flashrom and other enhancements. + +commit cfd549097f5b6cc4bf13860af667b2627ec559e7 +gpg: Signature made Thu 30 Mar 2017 05:21:22 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Mar 30 17:21:22 2017 -0400 + + disable dhcp, since there are no networking modules loaded + +commit 85893707083b6df98387a50ef7bad002db3d2fb7 +gpg: Signature made Thu 30 Mar 2017 05:15:30 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Mar 30 17:12:22 2017 -0400 + + Flash writing from userspace works (issue #17). + + Reduce the size of flashrom by commenting out most flash chips, + boards and programmers. + + Wrapper script to make it easier to rewrite the ROM on the x230 + using the flashrom layout. + + Keep the entire 12 MB ROM for flashing. + +commit 9feb09470188d3b7038c1f6d1f0c4bf7ec530d9b +gpg: Signature made Thu 30 Mar 2017 02:35:30 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Thu Mar 30 14:35:30 2017 -0400 + + enable flashrom and pciutils to allow the boot ROM to be re-written (issue #17) + +commit 9666f52e4405443299a11c643f7aa6df64f4dcd8 +gpg: Signature made Thu 30 Mar 2017 11:59:55 AM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Thu Mar 30 11:59:55 2017 -0400 + + bioswrite tool (beta, untested!) + +commit bf94e4c416be9a52c3456ecfaaa477d56e3a417d +gpg: Signature made Thu 30 Mar 2017 10:16:13 AM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Thu Mar 30 10:16:13 2017 -0400 + + include a nearly empty, but consistent, cpio file to ensure reproducible Linux builds (issue #142) + +commit 40c9db041679f6f4c17e3df3f88a68c546b21633 +gpg: Signature made Wed 29 Mar 2017 06:00:54 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Wed Mar 29 18:00:54 2017 -0400 + + wait until the coreboot tree is unpacked before building xgcc + +commit 4901ccd89c10f1f9a324a60cd6771bd22f2fed89 +gpg: Signature made Wed 29 Mar 2017 04:58:45 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Wed Mar 29 16:58:45 2017 -0400 + + major rearranging of Makefile, bin, library and busybox installation + +commit 8f63763e53466a1c93cd042157b70d504f747ce7 +gpg: Signature made Wed 29 Mar 2017 04:49:07 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Wed Mar 29 16:49:07 2017 -0400 + + install symlinks directly into initrd + +commit ab0476ad2f20d391c71000770ec39f772a24480d +gpg: Signature made Wed 29 Mar 2017 03:16:44 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Wed Mar 29 15:15:03 2017 -0400 + + Remove populate-lib, rework libraries and kernel module installation. + + The populate-lib program was buggy on some systems and could accidentally + introduce unwanted libraries into the initrd. The Makefile now uses the + modules' $(module_libraries) variable to select which libraries should be + installed into the initrd. + + Kernel modules are now stripped and installed using a similar system. + +commit fbfe5650645e41ee58336190900ef79cc14f8713 +Merge: 418ceaf733 59bae0bf51 +Author: Trammell Hudson +Date: Wed Mar 29 13:53:28 2017 -0400 + + Merge branch 'moc' of https://github.com/osresearch/heads into moc + +commit cab9e7c39fcafdbf9681b6564024f00424bd366f +gpg: Signature made Tue 28 Mar 2017 05:20:02 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 28 16:36:37 2017 -0400 + + ignore install and crossgcc directories + +commit 555e1738229d690a568792436037a4d3a48c5bfa +gpg: Signature made Tue 28 Mar 2017 05:19:53 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 28 16:35:58 2017 -0400 + + silence NMI errors on qemu (issue #141) + +commit 59bae0bf51230f862cbbf5e7804f8c5d35cb03f5 +gpg: Signature made Tue 28 Mar 2017 05:08:28 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 28 17:05:04 2017 -0400 + + make USB a module, strip debug info (issue #139) + +commit 453029bde1c5391f228e85000e05002b9fa75d7c +gpg: Signature made Tue 28 Mar 2017 05:08:22 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 28 16:36:37 2017 -0400 + + ignore install and crossgcc directories + +commit 0913adbacb30f826e54a70a2760ef041939b3d96 +gpg: Signature made Tue 28 Mar 2017 05:07:56 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 28 16:35:58 2017 -0400 + + silence NMI errors on qemu (issue #141) + +commit 713d4867fd0195fabe8551a90c875fda890620fe +gpg: Signature made Tue 28 Mar 2017 05:07:26 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 28 16:32:58 2017 -0400 + + Change ethernet drivers to be modules and measure them when they are loaded. + + This is a step towards unifying the server and laptop config (issue #139) + and also makes it possible to later remove the USB modules from the + normal boot path. + +commit 418ceaf73302ddcfa297a7720b81650241854477 +gpg: Signature made Tue 28 Mar 2017 05:05:04 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Tue Mar 28 17:05:04 2017 -0400 + + make USB a module, strip debug info (issue #139) + +commit 6f3e923a37acd316ee76a38e372ef8c0bdc84e27 +gpg: Signature made Tue 28 Mar 2017 04:36:37 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Tue Mar 28 16:36:37 2017 -0400 + + ignore install and crossgcc directories + +commit 581af6dbd9a118cc30f23c2d11a0e390f937778e +gpg: Signature made Tue 28 Mar 2017 04:35:58 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Tue Mar 28 16:35:58 2017 -0400 + + silence NMI errors on qemu (issue #141) + +commit 8384201e9c850c663342edf460a47577f38f18bd +gpg: Signature made Tue 28 Mar 2017 04:34:13 PM EDT +gpg: using RSA key C7CFA251FF608213 +gpg: Can't check signature: No public key +Author: Trammell Hudson +Date: Tue Mar 28 16:32:58 2017 -0400 + + Change ethernet drivers to be modules and measure them when they are loaded. + + This is a step towards unifying the server and laptop config (issue #139) + and also makes it possible to later remove the USB modules from the + normal boot path. + +commit 664c0ebc24082191581f44d8ae720b684cfedd96 +gpg: Signature made Tue 28 Mar 2017 12:05:45 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 18:02:27 2017 -0400 + + initrd.cpio.tmp is no longer necessary + +commit 7cb6ddd0dc43fd0a6c43b59a230657e6f243648a +gpg: Signature made Tue 28 Mar 2017 12:05:33 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 15:55:47 2017 -0400 + + ignore log files + +commit 1475148848fd48135d328228be3b9c25b9bff831 +gpg: Signature made Tue 28 Mar 2017 11:46:17 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 28 11:46:17 2017 -0400 + + enable TCP SYN cookies (issue #138) + +commit e83ba0a0c789a01a933d0571efe7d4342cb60aa6 +gpg: Signature made Mon 27 Mar 2017 06:52:31 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 18:52:31 2017 -0400 + + enable futex for keylime + +commit c3757650fd54a38d9e9e8ccdc785abfc9e4e4b1a +gpg: Signature made Mon 27 Mar 2017 06:03:29 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 18:03:29 2017 -0400 + + wget and measure files into the PCR + +commit b0d2d4b5ba343166250c0279b61b47b04d1fe43a +gpg: Signature made Mon 27 Mar 2017 06:03:09 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 18:03:09 2017 -0400 + + run dhcp automatically on boot + +commit 291e28b04000068dcc0baeea3be8311af4c91414 +gpg: Signature made Mon 27 Mar 2017 06:02:27 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 18:02:27 2017 -0400 + + initrd.cpio.tmp is no longer necessary + +commit f39dfd321dacd6cdde5e25f36940f1f61888f08b +gpg: Signature made Mon 27 Mar 2017 03:56:10 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 15:56:10 2017 -0400 + + enable dhcp and add helper script for lease setup + +commit 391d953623ede780176e03d81ef4cd983994307c +gpg: Signature made Mon 27 Mar 2017 03:55:47 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 15:55:47 2017 -0400 + + ignore log files + +commit edb4b4de50a767099beace1c2138301182af0f08 +gpg: Signature made Mon 27 Mar 2017 03:27:53 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 15:27:53 2017 -0400 + + enable raw sockets and the qemu network driver + +commit 48adc3e4cd4bd52dec615ffe535bd84184bd8d26 +gpg: Signature made Mon 27 Mar 2017 02:25:34 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 14:25:34 2017 -0400 + + enable wget + +commit ee32198701384376e26c0aec53497e6c204168fe +Merge: 6e8adf54bd 23b0b8332b +Author: Trammell Hudson +Date: Mon Mar 27 06:42:34 2017 -0400 + + Merge branch 'master' of ssh://github.com/osresearch/heads + +commit 6e8adf54bd9eb39577d7619e6568a49601a4e953 +gpg: Signature made Mon 27 Mar 2017 06:42:16 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 06:41:13 2017 -0400 + + bump mbedssl version to 2.4.2 + +commit f0e42d65ab94fbf273131c5090e5bc7869c04098 +gpg: Signature made Mon 27 Mar 2017 06:41:38 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 06:41:38 2017 -0400 + + use git tpmtotp on the moc branch for development + +commit 0ddd56b3c5a8796958682663951f3fb930c4edc0 +gpg: Signature made Mon 27 Mar 2017 06:41:13 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 27 06:41:13 2017 -0400 + + bump mbedssl version to 2.4.2 + +commit 23b0b8332b4c9c38de897e88f15457114231bbe3 +Author: Trammell Hudson +Date: Fri Mar 24 22:48:33 2017 -0400 + + Delete CNAME + +commit bca9aa4b61caca275d1dc2e72c70b6ab01f54953 +Author: Trammell Hudson +Date: Fri Mar 24 21:20:47 2017 -0400 + + Create CNAME + +commit cfe6e9402b4f79c64e888d964bd968ee6ca8dc77 +Author: Trammell Hudson +Date: Fri Mar 24 21:20:13 2017 -0400 + + Set theme jekyll-theme-hacker + +commit 7b76ac6f955aed4a6f43c967837aef01138244f4 +gpg: Signature made Wed 22 Mar 2017 11:53:43 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 21 14:31:36 2017 -0400 + + report sha256sum of generated fimrware after build + +commit c136f1f76b46a24099934eeecfacc9a14680575f +gpg: Signature made Wed 22 Mar 2017 11:53:35 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 21 14:24:00 2017 -0400 + + include configure and make command lines in logs + +commit aa473a0dea5a2e438a6d8923c7f018db5f41b144 +gpg: Signature made Wed 22 Mar 2017 11:53:08 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 21 14:29:07 2017 -0400 + + limit parallel make load (issue #131) + +commit cbb85c645e7f296c96dcab55409341d6dbd4019a +gpg: Signature made Wed 22 Mar 2017 11:52:55 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 18:02:05 2017 -0400 + + bzImage source was wrong (issue #62) + +commit 9d638c8f8d39feb8e8f0d9ffd21bfe79522b0b21 +gpg: Signature made Wed 22 Mar 2017 11:52:45 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 17:52:54 2017 -0400 + + use relative outputs for musl-gcc and cross-gcc, clean up coreboot.rom (issue #62) + +commit 84944884165d8ccf7d59ecd6cbf2929b3abdfd31 +gpg: Signature made Tue 21 Mar 2017 02:31:36 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 21 14:31:36 2017 -0400 + + report sha256sum of generated fimrware after build + +commit 1331e2475faf731b4ffa0653396502e9113565c5 +gpg: Signature made Tue 21 Mar 2017 02:29:45 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 21 14:24:00 2017 -0400 + + include configure and make command lines in logs + +commit db3a8e8c2e91e55237f86c885fde137ec4b3ee5b +gpg: Signature made Tue 21 Mar 2017 02:29:07 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Mar 21 14:29:07 2017 -0400 + + limit parallel make load (issue #131) + +commit 2befac7e13a859a6b3952b3cbfbe9b6e50cef327 +gpg: Signature made Mon 20 Mar 2017 06:02:05 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 18:02:05 2017 -0400 + + bzImage source was wrong (issue #62) + +commit e7f2bca29715ca4f46f8a0098d78af534b28eb1a +gpg: Signature made Mon 20 Mar 2017 05:57:20 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 17:52:54 2017 -0400 + + use relative outputs for musl-gcc and cross-gcc, clean up coreboot.rom (issue #62) + +commit cf1cfc991866b20c8d4244db4dbc1bd199060244 +gpg: Signature made Mon 20 Mar 2017 03:07:19 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 14:52:03 2017 -0400 + + Linux kernel depends on musl-cross (issue #130) + +commit 936f6d6c9c876d6e80f6688e1ebc4a0eb8af1968 +gpg: Signature made Mon 20 Mar 2017 03:06:50 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 14:47:47 2017 -0400 + + Fix small annoyances. + + Issue #129: set pipefail so that intermediate failures in a pipeline + will cause the build to fail. Otherwise they are silently swallowed + by the tee into the build log. + + Issue #128: strip was updating timestamps, making some files look + like they didn't need to be replaced. + + No issue: configure was reading from stdin, which would make builds + hang forever if a new option was present. + + No issue: print the cbfstool output on a successful ROM build. + +commit 279851e66d221c96ce6dd1f79e0c717a80bc5dbf +gpg: Signature made Mon 20 Mar 2017 02:57:22 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 14:57:22 2017 -0400 + + started on extra features for MOC server initrd build + +commit b06b0331a0820d337502ab5adffc82e6dfebbc4d +gpg: Signature made Mon 20 Mar 2017 02:52:39 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 14:52:39 2017 -0400 + + started on extra features for MOC server kernel build + +commit 3632c35da66428c492daff476d33d73e6d9b6272 +gpg: Signature made Mon 20 Mar 2017 02:52:03 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 14:52:03 2017 -0400 + + Linux kernel depends on musl-cross (issue #130) + +commit 8fa9fc25a162039708dbc710fd43f7f1072cc3d5 +gpg: Signature made Mon 20 Mar 2017 02:50:12 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 14:47:47 2017 -0400 + + Fix small annoyances. + + Issue #129: set pipefail so that intermediate failures in a pipeline + will cause the build to fail. Otherwise they are silently swallowed + by the tee into the build log. + + Issue #128: strip was updating timestamps, making some files look + like they didn't need to be replaced. + + No issue: configure was reading from stdin, which would make builds + hang forever if a new option was present. + + No issue: print the cbfstool output on a successful ROM build. + +commit 4182c0e0aa3b25e47c79f654e21ada51bed7a6e9 +gpg: Signature made Mon 20 Mar 2017 11:17:18 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 11:17:18 2017 -0400 + + enable ISO9660 file systems and code page ISO8859-1 (issues #116 and #107) + +commit e4538785ec507843e8fd86737c4b7d5808dd1791 +gpg: Signature made Mon 20 Mar 2017 11:12:41 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Mar 20 11:12:41 2017 -0400 + + enable read-only, no-execute for module data (issue #72) + +commit 54cded7f595e3ba84e65f7801cac91eab50f3e4e +gpg: Signature made Sat 18 Mar 2017 10:50:43 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 17 15:17:14 2017 -0400 + + pass extra parameters to xz to compress initrd.cpio for Linux kernel (issue #127) + +commit 356e9307a2c21f80589b88dd24892f3ad28513c3 +gpg: Signature made Sat 18 Mar 2017 10:50:37 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Mar 17 13:18:27 2017 -0400 + + parameterize number of parallel make jobs (issue #125) + +commit c3368554beb6c8f4756d2ad0e75cb08f44027d2e +gpg: Signature made Thu 09 Mar 2017 11:18:41 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Paul Menzel +Date: Mon Mar 6 13:59:06 2017 +0100 + + README: Use www.coreboot.org over coreboot.org + + coreboot.org gets redirected to www.coreboot.org. + + ``` + $ curl -I https://coreboot.org + HTTP/1.1 301 Moved Permanently + Server: nginx/1.8.1 + Date: Mon, 06 Mar 2017 12:59:27 GMT + Content-Type: text/html + Content-Length: 184 + Connection: keep-alive + Location: https://www.coreboot.org/ + ``` + + So save a request, and use the final URL. + +commit 09feb834c676e12b06fa40683a34106758adc21a +gpg: Signature made Thu 09 Mar 2017 11:18:39 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Paul Menzel +Date: Mon Mar 6 13:58:17 2017 +0100 + + README: Use secure URL for coreboot Web site + + Use https://coreboot.org over http://coreboot.org. + +commit 02fc94869b82e1865b42afd8a11cce81e2ec2d2b +gpg: Signature made Thu 09 Mar 2017 11:18:37 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Paul Menzel +Date: Fri Mar 3 15:13:27 2017 +0100 + + README: Remove trailing space + +commit ff3622c8476d6505ec5cd68212610dca751e6295 +gpg: Signature made Thu 09 Mar 2017 11:18:34 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Paul Menzel +Date: Tue Dec 13 19:36:05 2016 +0100 + + README: Spell QEMU all uppercase + + Use the official spelling for QEMU. + +commit 45324e83c24e1d21836d8a5d5d899f8ec5771e12 +gpg: Signature made Wed 01 Mar 2017 09:30:57 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Mar 1 09:30:57 2017 -0500 + + remove converted wiki pages for now + +commit 814f2be6e39bc6f00c7d8c8baaf464f2b7f14ff8 +gpg: Signature made Wed 01 Mar 2017 09:29:55 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Mar 1 09:29:55 2017 -0500 + + fix github wiki syntax to github markdown syntax + +commit 8e9d77631e0aabea9e98182805165491a4109342 +gpg: Signature made Wed 01 Mar 2017 09:26:29 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Mar 1 09:26:29 2017 -0500 + + import from github.com/osresearch/heads.wiki + +commit ef89302095eeb6e364027e6b252e6341f6c34594 +gpg: Signature made Tue 28 Feb 2017 06:03:20 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Feb 28 18:02:10 2017 -0500 + + Quiet build unless V=1 is set (issue #114). + + This logs all of the sub-modules into $(build)/log/$(module).log + instead of to stdout, unless the user sets `V=1` on the make + environment. It produces a much quieter build, which should + allow integration into CI systems. + +commit 26b323d2ac308f29d5212468af60765d4886f3d6 +gpg: Signature made Tue 28 Feb 2017 03:54:49 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Feb 28 15:54:49 2017 -0500 + + use /bin/echo instead of built in echo (issue #106) + +commit 0843d3009704c63a20114f697a8fef96fc3175a1 +gpg: Signature made Tue 28 Feb 2017 03:20:17 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Feb 28 15:18:57 2017 -0500 + + Use a pre-built /dev/console initrd image. + + This fixes issue #111 which led to problems if /dev/console on + a container had a virtualized device that didn't match the + device major/minor that the Heads kernel was expecting. + +commit 453317921a818f2b8124d3c1575f04bff108326a +gpg: Signature made Sun 26 Feb 2017 12:52:49 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Feb 26 12:52:49 2017 -0500 + + fix Makefile generation in musl-cross build (issue #106) + +commit 99990ab7153377174ea0fdd6fecc3746064bfdf0 +gpg: Signature made Sun 26 Feb 2017 10:53:11 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Feb 26 10:53:11 2017 -0500 + + Add GPL license (issue #115) + +commit b8508ffe94dba12d64fef8805b8b2d2b0fde4a38 +gpg: Signature made Wed 01 Feb 2017 01:39:56 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Feb 1 13:39:56 2017 -0500 + + use BUILD_TIMELESS to avoid timestamps in coreboot when not in a git tree (issue #104) + +commit cc8151749e763f2f37717c688597c8b4a605413b +gpg: Signature made Wed 01 Feb 2017 11:50:52 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Feb 1 11:50:52 2017 -0500 + + use coreboot-4.5 release with a patch against the source tree (issue #102) + +commit 8f7debc52fa14f578a693cacca9654689aed0795 +gpg: Signature made Wed 01 Feb 2017 11:50:02 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Feb 1 11:50:02 2017 -0500 + + bump tpmtotp version to v0.2.1 + +commit fe4eab2a7eb634b94f931600a12aaf702da0069e +gpg: Signature made Wed 01 Feb 2017 11:47:43 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Feb 1 11:47:43 2017 -0500 + + use Linux 4.9.7 kernel (issue #103) + +commit 267b3557665a227c5a115b5c709d4b14f8edaf97 +gpg: Signature made Wed 01 Feb 2017 11:21:53 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Feb 1 11:21:53 2017 -0500 + + use v0.2.0 release of tpmtotp instead of git (issue #102) + +commit b387b27e82c29bdd60b5f8f83974696664a767bc +gpg: Signature made Wed 01 Feb 2017 10:29:55 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Feb 1 10:28:35 2017 -0500 + + Update expired key (issue #82) + + Replace the expired key with my updated key, although users + should add their own keys to sign their own firmware images. + + Todo: document how to add/replace public keys. + + Longer term todo: remove trusted key from the initrd image + so that there is nothing variable between different users' + builds. + +commit 1b9f99617a233ac116ae3a6b4753250fff197846 +gpg: Signature made Wed 01 Feb 2017 10:25:17 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Feb 1 10:25:17 2017 -0500 + + wrong path to correct strip binary (issue #100) + +commit 2acaf616b997347ab08af0373cc9896dae48a5af +gpg: Signature made Tue 31 Jan 2017 04:44:35 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jan 31 16:44:35 2017 -0500 + + zero group/world bits in cpio file (issue #101) + +commit e051915707cf7c155486c2683783c811be83fd40 +gpg: Signature made Tue 31 Jan 2017 02:57:41 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jan 31 14:57:41 2017 -0500 + + use musl-libc cross compiler strip (issue #100) + +commit 3008bb6945adcd78654ebdae73f1fbd4796f13c9 +gpg: Signature made Tue 31 Jan 2017 01:22:55 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jan 31 12:45:42 2017 -0500 + + Make musl-cross a normal Heads module. + + This merges pull request #99 by @blackwellops and removes + the ./bootstrap script since the musl-cross can be built as + part of the normal dependency tree. + +commit bac717407f38bbdc467fcb1eb501c8938113df42 +gpg: Signature made Tue 31 Jan 2017 01:12:21 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jan 31 11:56:14 2017 -0500 + + Patch git checkouts, if a patch exists for a module. Add a per-module clean target. + +commit 2f2d68755fcb32ed25f87c0c97209ed221de6bfa +gpg: Signature made Tue 31 Jan 2017 01:12:15 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Jason Blackwell +Date: Mon Jan 30 19:00:53 2017 -0600 + + remove patch for MUSL_DEFAULT_VERSION + + Signed-off-by: Trammell Hudson + +commit 53bb0b0ac795ddaeac5b7a941a593cfe1013aa9b +gpg: Signature made Tue 31 Jan 2017 01:11:58 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Jason Blackwell +Date: Mon Jan 30 18:44:55 2017 -0600 + + update musl-cross to github maintained mirror + + Signed-off-by: Trammell Hudson + +commit bdf8a6c978f5dcf181e91b69a4e2db619c6ab952 +gpg: Signature made Sun 29 Jan 2017 04:44:23 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Jan 29 16:44:23 2017 -0500 + + updated docs, make note of new bootstrap build procedure + +commit d64caac4db14f371236994f29c82a6c5a4e2e270 +gpg: Signature made Sat 28 Jan 2017 08:42:26 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 20:42:26 2017 -0500 + + silence the builds + +commit 26ef81f5fba333015be99a828da90b39de83b331 +gpg: Signature made Sat 28 Jan 2017 08:21:47 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 20:21:47 2017 -0500 + + coreboot flags to strip build paths (issue #95) + +commit 1ec00592afd5e63f2863c75beaf02cde7ba488a3 +gpg: Signature made Sat 28 Jan 2017 06:38:29 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 18:38:29 2017 -0500 + + pass in flags to make Linux kernel reproducible (issue #94) + +commit d81073715a6801185b14bd6f52d1136f0b95298d +gpg: Signature made Sat 28 Jan 2017 05:23:29 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 17:23:29 2017 -0500 + + set file device major/minor to zero (issue #93) + +commit 66a663ac00942d4073b5d1b2a98647951fae3128 +gpg: Signature made Sat 28 Jan 2017 03:44:28 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 15:44:28 2017 -0500 + + use our cross compiler for purgatory files, in place of host CC (issue #34) + +commit 8d912ced8fef1b89687134726a722530fd0da812 +gpg: Signature made Sat 28 Jan 2017 02:22:51 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 14:22:51 2017 -0500 + + patch busybox to not include build times (issue #91) + +commit c144146ced3cc17807205ba56deff32e3e79b980 +gpg: Signature made Sat 28 Jan 2017 01:25:44 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 13:25:44 2017 -0500 + + oops; do not die if we have to checkout the cross compiler + +commit 1411dffb6a045aee60dc007835a838dc004059cd +gpg: Signature made Sat 28 Jan 2017 01:17:52 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 13:14:56 2017 -0500 + + Make modules not depend on build path (issue #1). + + Use --prefix="" to ensure that no destination paths are in libraries. + + Use -fdebug-prefix-map to rewrite build path so that it does not + appear in the executables. + + Use -gno-record-gcc-switches to ensure that the -fdebug-prefix-map + does not appear in the executables. + +commit 19cb1bcb73baf49d5c86f0975039956d16740360 +gpg: Signature made Sat 28 Jan 2017 01:14:48 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 13:14:48 2017 -0500 + + use bootstrap built crossgcc + +commit 8ca440b7aeb095a63a2dbb7d59fcaa4db2e0c257 +gpg: Signature made Sat 28 Jan 2017 12:16:34 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 12:16:34 2017 -0500 + + allow $(heads_cc) to contain spaces + +commit ecc40ed32ae5a65526c5f45703feeb62a0839803 +gpg: Signature made Sat 28 Jan 2017 12:16:07 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Jan 28 12:16:07 2017 -0500 + + fix bootstrap to install into heads/crossgcc + +commit 2213500000771a8791553b91ec1b9ca24f35b0d3 +gpg: Signature made Fri 27 Jan 2017 06:01:25 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Jan 27 17:55:44 2017 -0500 + + bootstrap the musl-libc gcc cross compiler and use it to build everything except coreboot + +commit 5c425b3ec9097422ddd8a16e2c7d73958e567e87 +gpg: Signature made Fri 27 Jan 2017 06:00:56 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Jan 27 17:27:07 2017 -0500 + + include uuid and devmapper since musl cross compiler is not linking them in + +commit 24e54a65f60461e83a5ecbff70691780dd286fb4 +gpg: Signature made Fri 27 Jan 2017 06:00:50 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Jan 27 16:17:03 2017 -0500 + + Build GNU make-4.2 if the system make is the wrong version (issue #88). + + Change all of the builds to use $(MAKE) instead of the /usr/bin/make. + + Download and build GNU make-4.2 if the wrong version is installed + on the system. + + Re-invoke build/make-4.2/make with the target that was passed in once + the correct make has been built. + +commit 7294fa9438b976ddbce3b75e46b382fa9fc9b397 +gpg: Signature made Fri 27 Jan 2017 06:00:45 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Jan 27 15:47:08 2017 -0500 + + use two spaces in sha256sum command (issue #89) + +commit 85dcbf668732388911b9f13ede757d675191b57d +gpg: Signature made Mon 23 Jan 2017 01:35:48 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: iseeareddoor +Date: Mon Jan 16 18:49:19 2017 +0000 + + modules/coreboot: remove 'time' for dash compat + + the 'time' builtin is a bashism whichis not supported in Debian's standard sh ('dash'), which is used implicitly here. + +commit b81a20fb712b4b65a789d5c5abc29400920ac8ff +gpg: Signature made Thu 05 Jan 2017 06:00:59 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Jan 5 06:00:59 2017 -0500 + + enable CONFIG_NET, to allow cryptsetup to work (issue #79) + +commit 5b3ca49a15baf3ff2841f07e6d17ea1d7bce4552 +gpg: Signature made Thu 05 Jan 2017 04:29:56 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Jan 5 04:29:56 2017 -0500 + + force kexec to build 64-bit version, otherwise xen fails to load + +commit 8ff56aff5a86bfc3ad49b5dcd7281b5ee59671e0 +gpg: Signature made Wed 04 Jan 2017 06:40:30 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jan 4 18:38:45 2017 -0500 + + Enable IOMMU by default (issue #75) and prune kernel features. + +commit a8f2f0ec4ae7fffc65c074c658998fac3ffaf43f +gpg: Signature made Wed 04 Jan 2017 05:09:23 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 177dede4ca bf914e7156 +Author: Trammell Hudson +Date: Wed Jan 4 17:09:17 2017 -0500 + + Merge branch 'musl-libc' + +commit bf914e7156930462aeb644529312b0a203d51c7d +gpg: Signature made Wed 04 Jan 2017 05:05:29 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jan 4 17:05:29 2017 -0500 + + make clean before install; crosscompile failed? + +commit 58ff95818e1f52d692e910353f03ba62e32da6f1 +gpg: Signature made Wed 04 Jan 2017 04:41:47 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jan 4 16:39:10 2017 -0500 + + Working build with musl-libc cross compiler (issue #77). + + Pass in the --host argument to all of the various programs + that need to treat the configure scripts as cross compilation + targets. + + This removes all dependencies on the host libc (issue #7) + and adds some tools to the initrd (cryptsetup #46). + +commit e68f09bbfd4ea1152c506bc6843e7e486ba9b039 +gpg: Signature made Wed 04 Jan 2017 01:52:55 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jan 4 13:51:36 2017 -0500 + + Make kexec work with musl-libc. + + Remove unused tools (crash kernel and vmcore). + + Replace "%Lx" scanf formatting with "%"SCNxPTR in /proc/iommem + reading code. This might be a musl bug since it works with glibc + sscanf. + +commit 84064debbea37019ccda5b3a6977995ca5eb9c50 +gpg: Signature made Wed 04 Jan 2017 10:31:27 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jan 4 10:31:27 2017 -0500 + + musl-libc patches to build a successfull qemu image + +commit 3e5be157e979934cf0451d4319c3892f405b0aba +gpg: Signature made Wed 04 Jan 2017 10:30:50 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Jan 4 10:30:50 2017 -0500 + + remove the dev mapper library output; it will be detected by the populate-lib step + +commit 9273e252f6eca638dfd44c6097315974fdcb95e7 +gpg: Signature made Thu 29 Dec 2016 06:25:40 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Dec 29 18:23:08 2016 -0500 + + Build initrd tools with musl-libc (issue #77). + + This adds compilations modules for musl-libc and kernel-headers. + The entire initrd (busybox, cryptsetup, gpgv, kexec, etc) can be built + with the much smaller libc and it appears to work with chroot. + + Library paths are not set correctly and files are installed into + heads/install to make them accessible to other modules. This prevents + the initrd from working without manual fixup; need to fix before + merging into master. + + Build times have gone up since everything is being rebuilt more + often for some reason. + +commit 177dede4caac4cced686d1af23580ecc0f23ada4 +gpg: Signature made Thu 29 Dec 2016 06:44:49 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Dec 29 06:44:49 2016 -0500 + + install the gpgv binary into the initrd (typo in output variable) + +commit 092a395dbcebc1ef917697de5e446301aa167600 +gpg: Signature made Thu 29 Dec 2016 06:39:32 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Dec 29 06:39:32 2016 -0500 + + update hash for gnupg-1.4 (issue #76) + +commit 19721db935eeaff7674203ee2ff5514f1094e78c +gpg: Signature made Wed 28 Dec 2016 04:47:35 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Dec 28 16:47:35 2016 -0500 + + strip libraries after populating initrd/lib (issue #74) + +commit 065179758eb2504ce5ae7e54c37aad48493c8fd6 +gpg: Signature made Wed 28 Dec 2016 04:47:10 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Dec 28 16:47:10 2016 -0500 + + lzma is not required in kexec + +commit 850abfc9c847950367a8076dfac712772ba8d23e +gpg: Signature made Wed 28 Dec 2016 12:52:29 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Dec 28 12:50:48 2016 -0500 + + Remove -lm and -lpthreads dependencies from devmapper. + + This resolves issue #73 by replacing the use of log10() with + an integer version so that -lm is no longer required. + + The parts of dmsetup that we use don't need threads, so + -lpthreads is removed from the link line. + +commit 5fd9878d28cd05f89551359cc0de1adfb67a310b +gpg: Signature made Wed 28 Dec 2016 12:49:22 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Dec 28 12:45:12 2016 -0500 + + Download and build almost all dependencies. + + As part of issue #1, we should build all libraries and programs that we + deploy into the Heads initrd. This modifies the module configurations + for all of them to install into heads/install so that we can build + against them. + + Add dmsetup, cryptsetup and veritysetup (issue #46). + + Build gpgv 1.4 as a standalone tool (issue #23). + + Modify populate-lib to use the install directory by setting + LD_LIBRARY_PATH (issue #35). + +commit b27aebc5594f92d41818af5a1ed5ac2c6d59bb76 +gpg: Signature made Wed 28 Dec 2016 12:39:48 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Dec 28 12:39:48 2016 -0500 + + single line output for tracking which libraries go with which programs + +commit be725ed10414b327fee7f013bb6c58454c4fe576 +Merge: 2a53c60453 73a3b6d08f +Author: Trammell Hudson +Date: Wed Dec 28 06:57:27 2016 -0500 + + Merge branch 'master' of ssh://github.com/osresearch/heads + +commit 73a3b6d08f6bab0b63a0ebaf97c70138bdade128 +gpg: Signature made Mon 26 Dec 2016 04:29:36 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Dec 26 16:29:36 2016 -0500 + + removed old info, added link to presentatoin + +commit 24dd8489b421f32177b3bc5f0ae2f38244f18a76 +gpg: Signature made Mon 26 Dec 2016 10:55:43 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Dec 26 10:55:43 2016 -0500 + + use the mega-binary version of the tpm utilities (issue #70) + +commit 2a53c604535d88142decb53d6b147f0f8a82d2e0 +gpg: Signature made Mon 26 Dec 2016 09:52:40 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Dec 26 09:52:40 2016 -0500 + + use the mega TPM binary instead of the individual ones + +commit ccea67e8b4b9bf46676a72e76578a8ec212dcb29 +gpg: Signature made Tue 13 Dec 2016 03:10:47 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Dec 13 15:10:47 2016 -0500 + + shell scripts to help rewrite Qubes initrd /etc/crypttab (issue #29) + +commit 8ce13091022ef073a09a313433af9c657ce9c87b +Merge: 45ba75949b bf3b5a44be +Author: Trammell Hudson +Date: Tue Dec 13 14:59:13 2016 -0500 + + Merge branch 'master' of ssh://github.com/osresearch/heads + +commit 45ba75949b0fc327c81e16f51d2a42d7741d540c +gpg: Signature made Tue 13 Dec 2016 02:58:23 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Dec 13 14:58:23 2016 -0500 + + kernel 4.9 setup with framebuffer for x230 (issue #64) + +commit bf3b5a44be83ffea25c0579fe3952a4e944284da +gpg: Signature made Tue 13 Dec 2016 01:25:51 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 6040851d36 92b20bdfb6 +Author: Trammell Hudson +Date: Tue Dec 13 13:25:50 2016 -0500 + + Merge branch 'paulmenzel-remove-trailing-whitespace' + +commit 92b20bdfb6a8c3976828ad093e3fa45a9b6ceda2 +Author: Paul Menzel +Date: Tue Dec 13 19:10:21 2016 +0100 + + Strip trailing whitespace + +commit 6040851d36e7a17743579941b634eafa3876bf78 +gpg: Signature made Tue 13 Dec 2016 01:07:11 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: a6520772dc aa3375f5ef +Author: Trammell Hudson +Date: Tue Dec 13 13:07:09 2016 -0500 + + Merge branch 'paulmenzel-spell-coreboot-lowercase' + +commit aa3375f5ef00ec74eae6a9a7d6c7544cdd3d6f11 +Author: Paul Menzel +Date: Tue Dec 13 18:02:35 2016 +0100 + + Spell coreboot all lowercase + + [coreboot](https://www.coreboot.org/) is officially spelled all + lowercase. + +commit a6520772dc52ae4fd3463fb157786d477c65e3fd +gpg: Signature made Mon 12 Dec 2016 11:03:07 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Dec 12 11:01:18 2016 -0500 + + Update Heads to use the 4.9 Linux LTS kernel. + + No patches are required to boot 4.9 as a coreboot payload, + unlike the 4.7 kernel that required a head_64.S patch. + + The new kernel is about 40 KB larger than the 4.7; the + config might be shrinkable. + + Close issue #61. + +commit ff5639a5426224db27f359ab60a73a1b3c64ee28 +gpg: Signature made Thu 01 Dec 2016 02:03:55 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Dec 1 14:03:55 2016 -0500 + + Build cryptsetup and install it into the initrd + +commit 0aae22d67c32fb4903c40ef070e4b8b41a1acd8e +gpg: Signature made Thu 01 Dec 2016 02:02:57 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Dec 1 14:02:57 2016 -0500 + + increase CBFS size for qemu builds to allow easier experimentation + +commit c98a3925084bbf6b3d024b14be6eda5ea42c7d3b +gpg: Signature made Thu 01 Dec 2016 02:02:26 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Dec 1 14:02:26 2016 -0500 + + enable EPOLL for plymouth + +commit 3b0509758ab9e28e209ba61f0e9feefca73b14be +gpg: Signature made Thu 01 Dec 2016 01:57:35 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Dec 1 13:57:35 2016 -0500 + + parse the Firmware Interface Table (FIT) on a ROM image + +commit 0b20cb297cf479f50d37a18e59385b6e26fa99f5 +Merge: 05056aefc0 5fd61f3e52 +Author: Trammell Hudson +Date: Tue Nov 29 14:32:59 2016 -0500 + + Merge pull request #56 from zaolin/strip + + Update cryptsetup and strip down. + +commit 05056aefc045e78fcee60e0f47df56ab5de49b6e +gpg: Signature made Tue 29 Nov 2016 02:29:38 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Nov 29 14:29:38 2016 -0500 + + include chmod (fix #30) + +commit 5fd61f3e52fb5419542e35922c10531ee637d91d +gpg: Signature made Tue 29 Nov 2016 02:24:01 PM EST +gpg: using RSA key 64E40F3DE2ECB70D746863563FBAF0E7D81427AB +gpg: issuer "zaolin@das-labor.org" +gpg: Good signature from "Philipp Deppenwiese " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 64E4 0F3D E2EC B70D 7468 6356 3FBA F0E7 D814 27AB +Author: Philipp Deppenwiese +Date: Tue Nov 29 20:24:01 2016 +0100 + + Update cryptsetup module and strip it down + + Signed-off-by: Philipp Deppenwiese + +commit ba01c24f46c9360554da63a92e6cc6eb498b5258 +Merge: c51a73aa05 e55a6a4df4 +Author: zaolin +Date: Tue Nov 29 19:48:56 2016 +0100 + + Merge pull request #2 from osresearch/master + + Merge + +commit e55a6a4df42cd30a08481f1271dc61bde906d3f2 +gpg: Signature made Tue 29 Nov 2016 11:28:09 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Nov 29 11:19:48 2016 -0500 + + Rework Makefile a bit. + + rename TARGET to BOARD (fix #55) + use .INTERMEDIATE trick to avoid building multiple times (fix #52) + Don't touch build/*/.config if we don't have to (fix #51) + +commit 4a832737448f0ecf02fab238cc97917c78c839fd +Author: Trammell Hudson +Date: Tue Nov 29 11:14:35 2016 -0500 + + disable ACPI on qemu boots, this fixes #53 + +commit 11b52e9a86a31ec78a578f7a279a3ab12d2bbb5a +gpg: Signature made Mon 28 Nov 2016 01:53:19 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Merge: 4fbd6ca58b 9fb998bef0 +Author: Trammell Hudson +Date: Mon Nov 28 13:53:19 2016 -0500 + + merge; start-xen had been relocated + +commit c51a73aa051e097e76ec473c287c0094896cdcc7 +Merge: b818986cb2 9fb998bef0 +Author: zaolin +Date: Thu Nov 24 03:57:01 2016 +0100 + + Merge pull request #1 from osresearch/master + + check PGP signatures on xen, kernel and initrd (partial fix for #43) + +commit 4fbd6ca58bff576c5ba149de472a18615e82a665 +gpg: Signature made Wed 23 Nov 2016 12:12:34 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Nov 23 12:11:08 2016 -0500 + + Make coreboot building modular to support multiple boards. + + This touches most of the module configurations since the + coreboot build process had to add a few new features. + The Linux kernel could make use of it as well if we need + separate x230/chell/qemu kernels, for instance. + +commit cc1c198810ac7c137e9e425c09bbb2ea9b996e9c +gpg: Signature made Wed 23 Nov 2016 12:10:40 PM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Nov 23 12:10:40 2016 -0500 + + ignore modified .config files + +commit 638329709e0ad7585dc4f8e5506b85f3d73f6b12 +gpg: Signature made Wed 23 Nov 2016 10:47:04 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Nov 23 10:47:04 2016 -0500 + + include find and compression tools + +commit 3f444efe8c94ccbf1a5c4b57f7549cff5c71ad22 +gpg: Signature made Wed 23 Nov 2016 10:46:32 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Nov 23 10:46:32 2016 -0500 + + formatting + +commit 1414023e6ecf6f440a7fea1d2a3b92182d3f88f4 +gpg: Signature made Wed 23 Nov 2016 10:46:04 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Nov 23 10:46:04 2016 -0500 + + include cryptsetup in build, will break 4M ROM images + +commit da2a6580ce918232355e3258d66e2f03f8608971 +gpg: Signature made Wed 23 Nov 2016 10:45:39 AM EST +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Nov 23 10:45:39 2016 -0500 + + allow key file to be specified on command line + +commit 9fb998bef056c8f8de99d91c1ebfb1a653f0bfef +gpg: Signature made Thu 03 Nov 2016 04:45:50 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Nov 3 16:45:50 2016 -0400 + + check PGP signatures on xen, kernel and initrd (partial fix for #43) + +commit e9e6d661d3297f4ad2788b7470855e4998a20f10 +gpg: Signature made Fri 28 Oct 2016 04:59:51 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Oct 28 04:59:51 2016 -0400 + + wrappers to seal/unseal drive encryption keys from the TPM + +commit eda28b5800dec899e8d740b7e97b015dd1b68955 +gpg: Signature made Fri 28 Oct 2016 04:59:21 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Oct 28 04:59:21 2016 -0400 + + move start-xen so that it is in the path + +commit a281d6b8a54dce1999d0daa1977b4a5b043408a1 +gpg: Signature made Fri 28 Oct 2016 04:58:57 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Oct 28 04:58:57 2016 -0400 + + fix default location for trusted keys + +commit 5a5e7047c70191d5c5c24ab96a21f43734b5b668 +gpg: Signature made Fri 28 Oct 2016 04:58:39 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Oct 28 04:58:39 2016 -0400 + + fix default location for trusted keys + +commit f65fe75823f046e1813e129009f0619f074b4edc +gpg: Signature made Fri 28 Oct 2016 04:57:11 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Oct 28 04:57:11 2016 -0400 + + simplify startup arguments for qubes r3.2 + +commit 9311428082b68140d2e3de38ca002ed0675721e4 +gpg: Signature made Wed 26 Oct 2016 03:11:12 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Oct 26 15:11:12 2016 -0400 + + add /sbin paths + +commit 16bad1abd4e9f3fb5f39e3ca1e781d6ecee0836e +gpg: Signature made Wed 26 Oct 2016 03:10:53 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Oct 26 15:10:53 2016 -0400 + + enable aes-xts in Heads kernel (issue #44) + +commit 279d38488527d60608779470fbb6f3c11b00a4f7 +gpg: Signature made Tue 25 Oct 2016 02:42:36 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Oct 25 14:42:36 2016 -0400 + + check signatures on kernel, initramfs and xen (issue #43) + +commit b818986cb239e91516daa9ace66333ab2b8562b6 +gpg: Signature made Wed 28 Sep 2016 11:13:27 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Sep 28 11:13:27 2016 -0400 + + ignore vdso fake library on fedora + +commit b30846379dea3190efa2ca4f84dc6eded895cc71 +gpg: Signature made Tue 27 Sep 2016 07:53:28 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Sep 27 19:53:28 2016 -0400 + + some frequently asked questions, with draft answers + +commit 24ef1e1a0ad5f12666f21eeb7c5a128e9c1c9d08 +gpg: Signature made Mon 26 Sep 2016 02:55:48 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Sep 26 14:55:48 2016 -0400 + + Created initrd/bin and initrd/lib directories (fix issue #33) + +commit 2663fc464ba1c4a0b7aa6c2eebeb6a13a5f4f640 +gpg: Signature made Mon 26 Sep 2016 02:10:32 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Sep 26 14:10:32 2016 -0400 + + updated for receent merge of coreboot master + +commit 4d20bc3e1312158ec6803e5c2503fe54beb7ea06 +gpg: Signature made Mon 26 Sep 2016 01:51:10 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Sep 26 13:51:10 2016 -0400 + + preload the recovery shell command line history + +commit c66167b9e50ffc9196a8738d9a11f74a06bbe7f7 +gpg: Signature made Sun 11 Sep 2016 12:07:56 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Sep 11 00:07:56 2016 -0400 + + remove unused binary sealtotp/unsealtotp programs + +commit 4b2064f1939d2922e80f9b3be1719aeec352b3d5 +gpg: Signature made Sat 10 Sep 2016 05:36:36 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Sep 10 17:36:36 2016 -0400 + + improve library/binary handling in building initrd (issue #21) + +commit ab5fb0347597ad89d5c54f1fc841a7a98abc07d9 +gpg: Signature made Fri 09 Sep 2016 06:32:44 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Sep 9 18:32:44 2016 -0400 + + enable unicode on vt so that qrenc works + +commit 9a85bc22d94ff77c74102b31d86945d3dc8ddafd +gpg: Signature made Fri 09 Sep 2016 05:24:52 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Sep 9 17:24:52 2016 -0400 + + use the new tpmtotp shell scripts + +commit 0e16afe17a494863bd7204d52721c63c6241fb6d +gpg: Signature made Fri 09 Sep 2016 01:27:20 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Sep 9 13:27:20 2016 -0400 + + update config after recent coreboot/coreboot merge + +commit 05d1c66d8db5c5956cef62ff1faa2a456c0d3693 +gpg: Signature made Fri 09 Sep 2016 01:26:52 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Sep 9 13:26:52 2016 -0400 + + extreme compression + +commit e342aa3f18864e3b68b8773e95ce1352ddbf61ba +gpg: Signature made Fri 19 Aug 2016 05:25:44 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 19 17:25:44 2016 -0400 + + checkout tpmtotp from github, install various tpm utilities + +commit a707cab40352e554a8f0e1f2957f0eefd410175d +gpg: Signature made Fri 19 Aug 2016 02:51:45 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 19 14:51:45 2016 -0400 + + correct path and patch for xen-4.6.3 files + +commit 47ad314798726ba795e686ea36a362a18f69a23f +gpg: Signature made Fri 19 Aug 2016 02:41:32 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 19 14:41:32 2016 -0400 + + enable CONFIG_USE_BLOBS to checkout non-free binary blobs submodule + +commit 4a8163bcf81a3744378e4ca64e861112dd82c5f8 +gpg: Signature made Fri 19 Aug 2016 02:38:39 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 19 14:38:39 2016 -0400 + + adjust file name so that patch -p1 works + +commit b228290ae12c416002bf821d8c5a26d8e536bde5 +gpg: Signature made Fri 19 Aug 2016 11:31:07 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 19 11:31:07 2016 -0400 + + checkout coreboot from github, rather than downloading release file + +commit 18c9b2d80824641c4de56626e398d5734d0809f0 +gpg: Signature made Fri 19 Aug 2016 11:20:41 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 19 11:20:41 2016 -0400 + + cryptsetup for dm-verity support + +commit d857170e0fad19b8b7a7b5a60968bc8753fdd0d1 +gpg: Signature made Tue 16 Aug 2016 05:44:51 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 16 17:44:51 2016 -0400 + + Enable measured boot support + +commit c755b8431f8f94e8802d1e0b850fc56b58d71a87 +gpg: Signature made Tue 16 Aug 2016 09:13:38 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 16 09:13:38 2016 -0400 + + update for coreboot-git + +commit ed409cabbf648ec3a808433a6b0317fca4d844fe +gpg: Signature made Tue 16 Aug 2016 09:13:09 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 16 09:13:09 2016 -0400 + + reset nlinks as well since /dev was changing due to serial adapter hotplug + +commit 21268a4bb8e362b554f0548d69418d81cf34520d +gpg: Signature made Sun 14 Aug 2016 04:04:43 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 14 16:04:43 2016 -0400 + + Updates for coreboot-git + +commit c84293ad622d198b973e763c81217241b94de9ae +gpg: Signature made Sun 14 Aug 2016 04:04:11 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 14 16:04:11 2016 -0400 + + 4.7 is the new default kernel + +commit 3ba3e2a939acaf1d7a302d00690a99d75033cc8a +gpg: Signature made Sun 14 Aug 2016 04:03:11 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 14 16:03:11 2016 -0400 + + use coreboot from git instead of downloading it, move blobs into this module file + +commit 74e21567d40f496bb46b4217f610211d0d9b533e +gpg: Signature made Sun 14 Aug 2016 04:02:15 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 14 16:02:15 2016 -0400 + + use cpio-clean to make a reproducible makefile + +commit 8a32fb4ac3210f04f5b4bfea79b9d0921f29a466 +gpg: Signature made Sun 14 Aug 2016 04:00:34 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 14 16:00:34 2016 -0400 + + warn if there is no totp file + +commit 0646b0bd410804921f3ac560709b7892254b7775 +gpg: Signature made Sun 14 Aug 2016 03:34:40 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 14 15:34:40 2016 -0400 + + make cpio files deterministic + +commit 72f35dd1518a63cf09f0d7e01169c1174ee30687 +gpg: Signature made Sun 14 Aug 2016 12:57:54 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 14 12:57:54 2016 -0400 + + rearrange notes + +commit 9b405930deedf404733efc2f11f55d0e4614ec18 +gpg: Signature made Sun 07 Aug 2016 01:50:06 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 7 13:50:06 2016 -0400 + + read-only / thoughts + +commit 8e4e37360fcccd29d0d95fe460c1659f4239c154 +gpg: Signature made Sun 07 Aug 2016 01:49:30 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Aug 7 13:49:30 2016 -0400 + + mount /boot + +commit d3bbc22d540ab278f14724d06a69ad1969bb5a07 +gpg: Signature made Sat 06 Aug 2016 06:45:56 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Aug 6 18:45:56 2016 -0400 + + signing details + +commit ec96a39d48aab0360631ac83e17833c33f37d87c +gpg: Signature made Sat 06 Aug 2016 05:15:56 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Aug 6 17:15:56 2016 -0400 + + build library subdirectory only + +commit d85d72a0d724f81cae0b146736a8b6c62ed180dd +gpg: Signature made Sat 06 Aug 2016 05:14:56 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Aug 6 17:14:56 2016 -0400 + + enable a few more busybox tools + +commit 785006d4a4ca7d613ed651c8afdab01f6b780aae +gpg: Signature made Sat 06 Aug 2016 05:14:07 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Aug 6 17:14:07 2016 -0400 + + warn on missing libraries + +commit 80b82fdfc41fea15096ef902321acf879ab4f9f7 +gpg: Signature made Sat 06 Aug 2016 05:13:22 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sat Aug 6 17:13:22 2016 -0400 + + extract and verify gpg signature on the boot script + +commit 2438460503edaed0102bc73e3662367dbab9aabc +gpg: Signature made Fri 05 Aug 2016 11:28:20 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 5 23:28:20 2016 -0400 + + shell script to setup dmverity device + +commit e5e16bd47f36e0c735d24cdc677191617a533aa7 +gpg: Signature made Fri 05 Aug 2016 11:17:41 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 5 23:17:41 2016 -0400 + + convert veritysetup into a dmsetup table + +commit 97a0c3662cfd70003fa447a843069412ca03ea80 +gpg: Signature made Fri 05 Aug 2016 12:26:35 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 5 12:26:35 2016 -0400 + + ignore generate script files + +commit 015b5290cfd915ad04f304090f171b8ce378000d +gpg: Signature made Fri 05 Aug 2016 12:26:12 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 5 12:26:12 2016 -0400 + + total hack patch to allow Linux 4.7 to boot with coreboot + +commit 0c090c49ed7f8e6e6837d195d448bada92ef5e3c +gpg: Signature made Fri 05 Aug 2016 12:25:35 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 5 12:25:35 2016 -0400 + + add no-real-mode to Xen parameters + +commit 377cb1415b6e89c6f117afc9269b6e3996cbeabd +gpg: Signature made Fri 05 Aug 2016 12:25:00 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 5 12:25:00 2016 -0400 + + Add cdroms to Linux config, support 4.7 kernels + +commit 4a9c3e1ccb9a302edbc41ba19bf3635574a44458 +gpg: Signature made Fri 05 Aug 2016 12:24:16 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Aug 5 12:24:16 2016 -0400 + + allow linux 4.7 to be selected + +commit 3e5aa26c9928f200f13fc691d281095f3dac1d50 +gpg: Signature made Thu 04 Aug 2016 06:08:27 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Aug 4 18:08:27 2016 -0400 + + update the 4.6.3 patch to make the xen build reproducible on at least one machine + +commit 99830f7dd3070f34f1de607fca5560fa0548b391 +gpg: Signature made Thu 04 Aug 2016 06:07:36 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Aug 4 18:07:36 2016 -0400 + + touch all files, including symlinks to reset the date for reproducible builds + +commit 6f1a7e2a5be4fbcc605d76a080716095b07aa15e +gpg: Signature made Thu 04 Aug 2016 05:38:00 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Aug 4 17:38:00 2016 -0400 + + bring in cbmem from coreboot utils to be able to see the coreboot console + +commit 69ede68ced530bb087b1dd6dabb1588a231063bc +gpg: Signature made Thu 04 Aug 2016 05:29:26 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Aug 4 17:29:26 2016 -0400 + + enable /dev/mem so that cbmem tool can work + +commit a81a002abb9f2dcbb114c97e27ac495a738c93b2 +gpg: Signature made Wed 03 Aug 2016 06:10:44 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Aug 3 18:10:44 2016 -0400 + + Build and bundle the patched xen 4.6.3 kernel + +commit 24fc2bbc9a23ad0df9daad7c88c7855d95fa333d +gpg: Signature made Wed 03 Aug 2016 10:47:48 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Aug 3 10:47:48 2016 -0400 + + minimal /dev for initrd is /dev/console, fix dep on canary versus output + +commit f184c8e7f989446b1ff6073e60efd89c3ccfa31b +gpg: Signature made Wed 03 Aug 2016 08:52:23 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Aug 3 08:52:23 2016 -0400 + + unpack tar files silently + +commit 1c64e4ce096ae2a09d756cd9e46cb7b38f09f222 +gpg: Signature made Wed 03 Aug 2016 08:40:51 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Aug 3 08:40:51 2016 -0400 + + module ordering works, so include entire module/* directory; fix initrd/bin mkdir; correct spelling of coreboot dep on bzImage + +commit ef9485e9bcb3fb2f887ff001fddcfd01a170d526 +gpg: Signature made Wed 03 Aug 2016 08:40:04 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Aug 3 08:40:04 2016 -0400 + + rename status file to .built + +commit f37d5dd1717f76f256af919fc5db1a91c6c72a0c +gpg: Signature made Wed 03 Aug 2016 08:39:29 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Wed Aug 3 08:39:29 2016 -0400 + + dependency updates + +commit 397aa4a9f83e4d05ca091349d5c4a9722c9ca920 +gpg: Signature made Tue 02 Aug 2016 11:48:18 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 23:48:18 2016 -0400 + + ensure that the initrd/bin dir exists + +commit c6e066fd0c1249c7bf2f0437390e733f0da0d9b3 +gpg: Signature made Tue 02 Aug 2016 11:29:46 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 23:29:46 2016 -0400 + + Images and warning + +commit a554b3e49a4e4221f6b2c014583b542d4ed54173 +gpg: Signature made Tue 02 Aug 2016 11:25:34 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 23:25:34 2016 -0400 + + correct path for mbedtls package + +commit 97f4fd2c6560cc6e909c18df98f44fca957e0830 +gpg: Signature made Tue 02 Aug 2016 11:22:12 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 23:22:12 2016 -0400 + + release 0.0.1 for tpmtotp + +commit 4589e5d1d31e924e51f508c701582f75e7497248 +gpg: Signature made Tue 02 Aug 2016 09:59:14 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:59:14 2016 -0400 + + copy the bzImage into the coreboot build directory + +commit c01435a240a4ffe96df7d692c59c4157cf47b56a +gpg: Signature made Tue 02 Aug 2016 09:54:10 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:54:10 2016 -0400 + + ignore created directories in initrd + +commit 224a835b99e8e35d5ea3e0af8153243e794fbb94 +gpg: Signature made Tue 02 Aug 2016 09:53:23 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:53:23 2016 -0400 + + fix library path in initrd build + +commit 62c544ea96839d7c33adcb2a0f6acd24c081160f +gpg: Signature made Tue 02 Aug 2016 09:49:22 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:49:22 2016 -0400 + + coreboot build (might) work; need to do a test from clean while online + +commit 3fde9759f3f993269965de97ea94c171a6f66f57 +gpg: Signature made Tue 02 Aug 2016 09:39:24 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:39:24 2016 -0400 + + coreboot-4.4 binary blobs + +commit 0934e85d84106a9b4fefee580770b4e4b4ecec5e +gpg: Signature made Tue 02 Aug 2016 09:24:15 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:24:15 2016 -0400 + + ignore fetched files + +commit 426cd8f94f4631e32df39c487c82c1e9dae7612b +gpg: Signature made Tue 02 Aug 2016 09:23:18 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:23:18 2016 -0400 + + build the linux kernel after building the initrd + +commit f7067d876c8d19b2fbe620df4e496a7c71ba4f1d +gpg: Signature made Tue 02 Aug 2016 09:22:46 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:22:46 2016 -0400 + + ignore cpio files + +commit 8c3b1ac046e0a4b1faa80a82c058f41a1ce905c5 +gpg: Signature made Tue 02 Aug 2016 09:21:56 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 21:21:56 2016 -0400 + + temp var for destination library + +commit 0ffa65d2f2b438fcfb049f289a831acc1ad28675 +gpg: Signature made Tue 02 Aug 2016 07:29:33 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 19:29:33 2016 -0400 + + busybox configuration + +commit 00559def5d956432c7c2f96df8bc625b355ae02c +gpg: Signature made Tue 02 Aug 2016 07:25:47 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Aug 2 19:25:47 2016 -0400 + + porting Makefile to use a modular build system for each package + +commit b3786d256a9b522040d3ee79aff4becfe745cbfd +gpg: Signature made Sun 31 Jul 2016 10:39:07 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Sun Jul 31 22:39:07 2016 -0400 + + tpmtotp and qrencode deps + +commit 02f70457f4ef36a58e309ac68f3b733926f0a4b2 +gpg: Signature made Fri 29 Jul 2016 08:54:04 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Fri Jul 29 08:54:04 2016 -0400 + + ignore temp files + +commit 2471e15109f1ee85b41b42640dd4f1021d1889ee +gpg: Signature made Thu 28 Jul 2016 12:08:33 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Thu Jul 28 00:08:33 2016 -0400 + + cleanup initrd, improve population of lib directories, remove some extra drivers, add notes on /dev + +commit 6dcbaeb5d89e912c154ee3d1dc446a85bf4799b0 +gpg: Signature made Tue 26 Jul 2016 03:14:34 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 26 15:14:34 2016 -0400 + + patch to let Xen 4.6.3 boot via kexec without a BIOS + +commit 364e44fcdfc84d19aa3cfd4a7b8a91f59de6a348 +gpg: Signature made Tue 26 Jul 2016 03:14:07 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 26 15:14:07 2016 -0400 + + working configuration files for coreboot-4.4 and linux-4.6.4, as well as with qemu + +commit 68e77385bc66a53fb578eae2604e83ab3d0af2df +gpg: Signature made Tue 26 Jul 2016 03:06:09 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 26 15:06:09 2016 -0400 + + use modified xen-4.6.3 instead of xen on the drive + +commit 13c4d9897186924b020ad640f2520aa6f160e493 +gpg: Signature made Tue 26 Jul 2016 03:01:16 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Tue Jul 26 15:01:16 2016 -0400 + + remove double bzImage build and unneeded initrd.img buld + +commit a8761d4c8377be9f596efe402f94e7c31025cd8e +gpg: Signature made Mon 25 Jul 2016 02:50:22 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 25 14:50:22 2016 -0400 + + deps for coreboot.rom + +commit 913793c2c1d9e9e2648253b87eb1e8d1ca79a57b +gpg: Signature made Mon 25 Jul 2016 01:36:55 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 25 13:36:55 2016 -0400 + + ignore downloaded files + +commit 4dded24fb75b29022ddf3d5588c888c73cedc902 +gpg: Signature made Mon 25 Jul 2016 01:36:15 PM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 25 13:36:15 2016 -0400 + + build almost works + +commit a6d9902a2d84dfd4c90395c9df31c7b8444f03c6 +gpg: Signature made Mon 25 Jul 2016 10:08:53 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 25 10:08:53 2016 -0400 + + started on automated build process + +commit cccf7b030729ff51e99c8e42f50e1f89a9558d3e +gpg: Signature made Mon 25 Jul 2016 10:08:32 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 25 10:08:32 2016 -0400 + + ignore temp files + +commit 84a2675841e9fd80b46f6fb210b7882b68c5a674 +gpg: Signature made Mon 25 Jul 2016 09:06:36 AM EDT +gpg: using RSA key 0F948052DDECBE68 +gpg: Good signature from "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: aka "Trammell Hudson " [expired] +gpg: Note: This key has expired! +Primary key fingerprint: A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0 + Subkey fingerprint: E157 D2B2 3F60 5B99 A3E2 9776 0F94 8052 DDEC BE68 +Author: Trammell Hudson +Date: Mon Jul 25 09:06:36 2016 -0400 + + created repo diff --git a/git_signing_keys/success_log.txt b/git_signing_keys/success_log.txt new file mode 100644 index 00000000..e713da9e --- /dev/null +++ b/git_signing_keys/success_log.txt @@ -0,0 +1,29 @@ +Successfully retrieved key 080FFC139F57AACE3E946186BB2ED46ACD2C6CF7 from hkp://pgp.surfnet.nl +Successfully retrieved key 0A52DFD7727000734B9A53BD365ED1E014824647 from hkp://keys.openpgp.org +Successfully retrieved key 0A59C698920806EB from hkp://keys.openpgp.org +Successfully retrieved key 0F948052DDECBE68 from hkp://pgp.surfnet.nl +Successfully retrieved key 1533C1225C1B41AFC46B33EBEB03A691DB2F0833 from hkp://pgp.surfnet.nl +Successfully retrieved key 4AEE18F83AFDEB23 from hkp://pgp.surfnet.nl +Successfully retrieved key 4D6E8D948B90871EF9AE2FAC91AB3245B1D14ABD from hkp://pgp.surfnet.nl +Successfully retrieved key 523C8D614C0D2CA978C43AF2FD14C4672CA7D2C5 from hkp://keys.openpgp.org +Successfully retrieved key 575F80D1599EA6D2C70AA9A19A53E1BB3FF00461 from hkp://keys.openpgp.org +Successfully retrieved key 5EFABA8B40366BFFC88176A52B4A4BE581022A54 from hkp://pgp.surfnet.nl +Successfully retrieved key 64E40F3DE2ECB70D746863563FBAF0E7D81427AB from hkp://pgp.surfnet.nl +Successfully retrieved key 79D0526BD96AE6338E6257BDA8853020E8EE6FBA from hkp://pgp.surfnet.nl +Successfully retrieved key 7C75583D172140AF4A6B10186CD35B07297B3CF9 from hkp://keys.openpgp.org +Successfully retrieved key 868184069239FF65DE0BCD7DD9BAE35991DE5B22 from hkp://keys.openpgp.org +Successfully retrieved key 8735540225E98BDBC82491B41E9C3CA91AE25114 from hkp://keys.openpgp.org +Successfully retrieved key 8D6066CF922E52796F187ABE2BBB776A35B978FD from hkp://keys.openpgp.org +Successfully retrieved key A2444D06D3CAFA92F68A21E679C78E6659DB658F from hkp://pgp.surfnet.nl +Successfully retrieved key A6C74E341054A169CE52BE5FB65BFE540DEF86C0 from hkp://pgp.surfnet.nl +Successfully retrieved key A766C89569895C0B86D598D09963C36AAC3B2B46 from hkp://pgp.surfnet.nl +Successfully retrieved key AAFC4B34BBEBB31C from hkp://pgp.surfnet.nl +Successfully retrieved key ACF4B7893D4D05C8F18069BAE7B4A71658E36A93 from hkp://keys.openpgp.org +Successfully retrieved key B5690EEEBB952194 from hkp://keys.openpgp.org +Successfully retrieved key B65BFE540DEF86C0 from hkp://pgp.surfnet.nl +Successfully retrieved key C7E32619E2F71736F5910BB144CB2D868DD16BDA from hkp://pgp.surfnet.nl +Successfully retrieved key D825FD54D9B940FF0FFFB31AA4FDB7BE12F63EC3 from hkp://keys.openpgp.org +Successfully retrieved key E157D2B23F605B99A3E297760F948052DDECBE68 from hkp://pgp.surfnet.nl +Successfully retrieved key E8ACBC6CFCCA7A99779FB69127B829528903C906 from hkp://pgp.surfnet.nl +Successfully retrieved key F553996957F0D56EE54D6F72555577116BFA74B9 from hkp://keys.openpgp.org +Successfully retrieved key FB1AB4639F52FF4B8E302151902C199C68C4B327 from hkp://keys.openpgp.org diff --git a/git_signing_keys/unfound_keys_users.txt b/git_signing_keys/unfound_keys_users.txt new file mode 100644 index 00000000..38270d1a --- /dev/null +++ b/git_signing_keys/unfound_keys_users.txt @@ -0,0 +1,10 @@ +Key 07609BDE4C8AEAB90F6EFCA94CA7B2A5D5C92A9C not found for user Devon Bautista +Key 140BC0DEE3D6C93FBA88DE6E5401F9FC55CD2EA4 not found for user Rocky Breslow <1774125+rbreslow@users.noreply.github.com> +Key 1705719801234567 not found for user Trammell hudson +Key 3A07364F010D7C71552FAFA687F342A528DFD8E5 not found for user Michał Kopeć +Key 3E3D140D4439F0659D4A8FED20C3618D656E7853 not found for user Matthew Drobnak +Key 48579AA47429663E not found for user Sergii Dmytruk +Key 5FCA029DCAB21268 not found for user Trammell hudson +Key 687A5005935B1533 not found for user Trammell hudson +Key 924C1CD7C19D95FE7A577D2848579AA47429663E not found for user Sergii Dmytruk +Key C7CFA251FF608213 not found for user Trammell Hudson