From fdc8e3835f6b2a260f850b3f479983f3ebdcaf1d Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Thu, 13 Mar 2025 13:26:09 -0400 Subject: [PATCH] PoC: UNMAINTAINED_kgpe-d16_server-whiptail : use 15h fork latest commit from https://git.15h.org/mrothfuss/coreboot-15h/src/branch/4.11-tpm-measured-boot dating 20250126 Once fork switched, after repo is cloned, CTRL-C and: - ./docker_repro.sh make BOARD=UNMAINTAINED_kgpe-d16_server-whiptail coreboot.modify_and_save_oldconfig_in_place - Enable measured boot, save changes. Changes were saved under config/coreboot-kgpe-d16_server-whiptail.config, see diff (a lot compared to 4.11 in master) Signed-off-by: Thierry Laurion Signed-off-by: arhabd --- .../UNMAINTAINED_kgpe-d16_server-whiptail.config | 2 +- config/coreboot-kgpe-d16_server-whiptail.config | 13 +++++++++++-- modules/coreboot | 8 ++++++++ 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/boards/UNMAINTAINED_kgpe-d16_server-whiptail/UNMAINTAINED_kgpe-d16_server-whiptail.config b/boards/UNMAINTAINED_kgpe-d16_server-whiptail/UNMAINTAINED_kgpe-d16_server-whiptail.config index 27dccb6b..dfd77370 100644 --- a/boards/UNMAINTAINED_kgpe-d16_server-whiptail/UNMAINTAINED_kgpe-d16_server-whiptail.config +++ b/boards/UNMAINTAINED_kgpe-d16_server-whiptail/UNMAINTAINED_kgpe-d16_server-whiptail.config @@ -18,7 +18,7 @@ # sure their operating system loads microcode updates. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.11 +export CONFIG_COREBOOT_VERSION=15h export CONFIG_LINUX_VERSION=6.1.8 CONFIG_COREBOOT_CONFIG=config/coreboot-kgpe-d16_server-whiptail.config diff --git a/config/coreboot-kgpe-d16_server-whiptail.config b/config/coreboot-kgpe-d16_server-whiptail.config index b4adf654..6c1e9dbc 100644 --- a/config/coreboot-kgpe-d16_server-whiptail.config +++ b/config/coreboot-kgpe-d16_server-whiptail.config @@ -28,7 +28,6 @@ CONFIG_NO_RELOCATABLE_RAMSTAGE=y # CONFIG_RELOCATABLE_RAMSTAGE is not set # CONFIG_UPDATE_IMAGE is not set # CONFIG_BOOTSPLASH_IMAGE is not set -CONFIG_MEASURED_BOOT=y # # Mainboard @@ -104,6 +103,7 @@ CONFIG_ONBOARD_VGA_IS_PRIMARY=y CONFIG_DIMM_SPD_SIZE=256 # CONFIG_VGA_BIOS is not set CONFIG_MAINBOARD_SERIAL_NUMBER="123456789" +CONFIG_VGA_BIOS_FILE="3rdparty/blobs/mainboard/asus/kgpe-d16/VGABIOS.bin" CONFIG_C_ENV_BOOTBLOCK_SIZE=0x10000 CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="ASUS" CONFIG_DEVICETREE="devicetree.cb" @@ -161,6 +161,7 @@ CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="KGPE-D16" CONFIG_DEFAULT_CONSOLE_LOGLEVEL=7 # CONFIG_USBDEBUG is not set CONFIG_IPMI_KCS_REGISTER_SPACING=1 +CONFIG_IPMI_FRU_SINGLE_RW_SZ=16 CONFIG_MAINBOARD_VERSION="1.0" CONFIG_DRIVERS_PS2_KEYBOARD=y CONFIG_PCIEXP_L1_SUB_STATE=y @@ -325,6 +326,8 @@ CONFIG_DIMM_VOLTAGE_SET_SUPPORT=y CONFIG_LIMIT_HT_DOWN_WIDTH_16=y # CONFIG_LIMIT_HT_UP_WIDTH_8 is not set CONFIG_LIMIT_HT_UP_WIDTH_16=y +# CONFIG_AMD_NB_CIMX is not set +# CONFIG_NORTHBRIDGE_AMD_CIMX_RD890 is not set # CONFIG_NORTHBRIDGE_AMD_PI is not set # @@ -449,6 +452,7 @@ CONFIG_CRB_TPM_BASE_ADDRESS=0xfed40000 # CONFIG_MAINBOARD_HAS_CRB_TPM is not set # CONFIG_GIC is not set CONFIG_IPMI_KCS=y +CONFIG_IPMI_KCS_TIMEOUT_MS=5000 # CONFIG_DRIVERS_LENOVO_WACOM is not set # CONFIG_RT8168_GET_MAC_FROM_VPD is not set # CONFIG_RT8168_SET_LED_MODE is not set @@ -488,7 +492,6 @@ CONFIG_HAVE_USBDEBUG_OPTIONS=y # CONFIG_DRIVERS_AMD_PI is not set CONFIG_DRIVERS_ASPEED_AST2050=y CONFIG_DRIVERS_ASPEED_AST_COMMON=y -# CONFIG_DRIVERS_GENERIC_CBFS_SERIAL is not set # CONFIG_DRIVERS_I2C_MAX98373 is not set # CONFIG_DRIVERS_I2C_MAX98927 is not set # CONFIG_DRIVERS_I2C_PCA9538 is not set @@ -529,6 +532,7 @@ CONFIG_VGA=y # CONFIG_NC_FPGA_NOTIFY_CB_READY is not set # CONFIG_DRIVERS_SIL_3114 is not set # CONFIG_MAINBOARD_HAS_SPI_TPM_CR50 is not set +# CONFIG_MAINBOARD_HAS_SPI_TPM is not set # CONFIG_DRIVER_TI_TPS65090 is not set # CONFIG_DRIVERS_TI_TPS65913 is not set # CONFIG_DRIVERS_TI_TPS65913_RTC is not set @@ -542,6 +546,7 @@ CONFIG_VGA=y # # Verified Boot (vboot) # +CONFIG_VBOOT_LIB=y # # Trusted Platform Module @@ -553,10 +558,13 @@ CONFIG_USER_TPM1=y # CONFIG_TPM_DEACTIVATE is not set # CONFIG_DEBUG_TPM is not set CONFIG_TPM_RDRESP_NEED_DELAY=y +CONFIG_TPM_MEASURED_BOOT=y +CONFIG_TPM_MEASURED_BOOT_RUNTIME_DATA="" # # Memory initialization # +# CONFIG_STM is not set # CONFIG_ACPI_SATA_GENERATOR is not set # CONFIG_ACPI_INTEL_HARDWARE_SLEEP_VALUES is not set # CONFIG_ACPI_AMD_HARDWARE_SLEEP_VALUES is not set @@ -691,6 +699,7 @@ CONFIG_HAVE_DEBUG_SMBUS=y # CONFIG_DEBUG_MALLOC is not set # CONFIG_DEBUG_CONSOLE_INIT is not set # CONFIG_DEBUG_SPI_FLASH is not set +# CONFIG_DEBUG_IPMI is not set # CONFIG_TRACE is not set # CONFIG_DEBUG_BOOT_STATE is not set # CONFIG_DEBUG_ADA_CODE is not set diff --git a/modules/coreboot b/modules/coreboot index 1ff9b649..0e7ee449 100644 --- a/modules/coreboot +++ b/modules/coreboot @@ -109,6 +109,14 @@ coreboot-24.12_commit_hash := 2f1e4e5e8515dd350cc9d68b48d32a5b6b02ae6a #Don't reuse any coreboot buildstack for now since nothing else is based on 24.12 $(eval $(call coreboot_module,24.12,)) +# d16 15h fork could use the 4.15 toolchain, but d16 is alone consuming it, so +# there is no point preparing another coreboot module that won't be shared with +# anything. +# Pointing to https://git.15h.org/mrothfuss/coreboot-15h/src/branch/4.11-tpm-measured-boot latest commit as of 20250129 +coreboot-15h_repo := https://git.15h.org/mrothfuss/coreboot-15h.git +coreboot-15h_commit_hash := 2b7c566b463737f807a69738163344b41c686ef6 +$(eval $(call coreboot_module,15h,)) + # Check that the board configured the coreboot version correctly ifeq "$(CONFIG_COREBOOT_VERSION)" "" $(error "$(BOARD): does not specify coreboot version under CONFIG_COREBOOT_VERSION")