277 Commits

Author	SHA1	Message	Date
gaspar-ilom	4cb69858f9	rename patches in correct order to prepare for more ... more patches are going to come for haswell nri so we want a clean naming scheme Signed-off-by: gaspar-ilom <gasparilom@riseup.net>	2025-03-09 21:08:26 +01:00
gaspar-ilom	f765586015	fix preprocessor checks ... Signed-off-by: gaspar-ilom <gasparilom@riseup.net>	2025-03-08 00:59:00 +01:00
gaspar-ilom	dc207ea8f2	Revert "patches/coreboot-24.12/0003-mb-lenovo-Add-ThinkPad-T480-and-ThinkPad-T480s.patch: do not comment inclusion of thermal.asl" ... Not necessary anymore as properly fixed by coreboot patch 0004 in 3466272a69f1345340f5eeda05a5dd338883f8eb This reverts commit aa2b15dd055b3db18e0e60bf4a008d3e6b95c270. Signed-off-by: gaspar-ilom <gasparilom@riseup.net>	2025-03-07 19:55:54 +01:00
gaspar-ilom	3466272a69	do not break building other thinkpads with the hacks for the t480/s made Mate Kukri ... still not fixing things properly but at least it should now be possible to build older thinkpads without regressions. prior, some code was just commented or unreachable. now we make this explicit with preprocessor directives. heads should build all boards on this coreboot version from the same coreboot tree. use CONFIG_BOARD_LENOVO_SKLKBL_THINKPAD_COMMON to decide what to compile this should work for T480, T480S and older thinkpads Signed-off-by: gaspar-ilom <gasparilom@riseup.net>	2025-03-07 17:27:56 +01:00
Thierry Laurion	80055417f7	Merge remote-tracking branch 'gaspar-ilom/poc_t480' into coreboot_bump_2412 ... Resolve conflicts for .circleci/config.yml Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2025-03-02 11:58:59 -05:00
Thierry Laurion	aa2b15dd05	patches/coreboot-24.12/0003-mb-lenovo-Add-ThinkPad-T480-and-ThinkPad-T480s.patch: do not comment inclusion of thermal.asl ... Thanks to @nic3-14159 over coreboot matrix channel for the tip https://matrix.to/#/!EhaGFZyYcbyhdSgStq:matrix.org/$Rp7bFaRphrasUhnvNRrNvfYdzMgThMUUjQNswvg5CWo?via=matrix.org&via=tchncs.de&via=envs.net Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2025-02-27 13:35:32 -05:00
gaspar-ilom	77cccad1e7	remove leftovers from libreboot's coreboot kconfig modification for flashing the thunderbolt spi externally ... Signed-off-by: gaspar-ilom <gasparilom@riseup.net>	2025-02-27 09:49:19 +01:00
Thierry Laurion	0d53e8a385	rename coreboot-2412 to coreboot-24.12 for versioning consistency, move patches, point board configs to version change ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2025-02-14 12:11:57 -05:00
Thierry Laurion	796a6c338f	t480: remove unneeded patches from libreboot under patches/coreboot-2412, resave in oldconfig (reenables compressed fsp) ... repro: - inspect patches applicability from patch trace if [ ! -e "/home/user/heads/build/x86/coreboot-2412/.patched" ]; then if [ -r patches/coreboot-2412.patch ]; then ( git apply --verbose --reject --binary --directory build/x86/coreboot-2412 ) < patches/coreboot-2412.patch || exit 1 ; fi && if [ -d patches/coreboot-2412 ] && [ -r patches/coreboot-2412 ] ; then for patch in patches/coreboot-2412/*.patch ; do echo "Applying patch file : $patch " ; ( git apply --verbose --reject --binary --directory build/x86/coreboot-2412 ) < $patch || exit 1 ; done ; fi && touch "/home/user/heads/build/x86/coreboot-2412/.patched"; fi Applying patch file : patches/coreboot-2412/0001-soc-intel-skylake-configure-usb-acpi.patch Checking patch build/x86/coreboot-2412/src/soc/intel/skylake/Kconfig... Checking patch build/x86/coreboot-2412/src/soc/intel/skylake/chipset.cb... Applied patch build/x86/coreboot-2412/src/soc/intel/skylake/Kconfig cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/skylake/chipset.cb cleanly. Applying patch file : patches/coreboot-2412/0002-soc-intel-skylake-Enable-4E-4F-PNP-I-O-ports-in-boot.patch Checking patch build/x86/coreboot-2412/src/soc/intel/skylake/bootblock/pch.c... Applied patch build/x86/coreboot-2412/src/soc/intel/skylake/bootblock/pch.c cleanly. Applying patch file : patches/coreboot-2412/0003-mb-lenovo-Add-ThinkPad-T480-and-ThinkPad-T480s.patch Checking patch build/x86/coreboot-2412/src/device/pci_rom.c... Checking patch build/x86/coreboot-2412/src/ec/lenovo/h8/acpi/ec.asl... Checking patch build/x86/coreboot-2412/src/ec/lenovo/h8/bluetooth.c... Checking patch build/x86/coreboot-2412/src/ec/lenovo/h8/wwan.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/Kconfig... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/Kconfig.name... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/Makefile.mk... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/acpi/ec.asl... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/acpi/superio.asl... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/bootblock.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/devicetree.cb... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/dsdt.asl... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/ec.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/ec.h... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/gpio.h... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/ramstage.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/data.vbt... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/gma-mainboard.ads... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/gpio.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/hda_verb.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/memory_init_params.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/overridetree.cb... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/data.vbt... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/gma-mainboard.ads... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/gpio.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/hda_verb.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/memory_init_params.c... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/overridetree.cb... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_0.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_1.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_10.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_11.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_12.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_13.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_14.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_15.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_16.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_17.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_18.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_19.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_2.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_20.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_3.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_4.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_5.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_6.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_7.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_8.bin... Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_9.bin... Applied patch build/x86/coreboot-2412/src/device/pci_rom.c cleanly. Applied patch build/x86/coreboot-2412/src/ec/lenovo/h8/acpi/ec.asl cleanly. Applied patch build/x86/coreboot-2412/src/ec/lenovo/h8/bluetooth.c cleanly. Applied patch build/x86/coreboot-2412/src/ec/lenovo/h8/wwan.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/Kconfig cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/Kconfig.name cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/Makefile.mk cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/acpi/ec.asl cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/acpi/superio.asl cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/bootblock.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/devicetree.cb cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/dsdt.asl cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/ec.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/ec.h cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/gpio.h cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/ramstage.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/data.vbt cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/gma-mainboard.ads cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/gpio.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/hda_verb.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/memory_init_params.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480/overridetree.cb cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/data.vbt cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/gma-mainboard.ads cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/gpio.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/hda_verb.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/memory_init_params.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/overridetree.cb cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_0.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_1.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_10.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_11.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_12.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_13.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_14.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_15.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_16.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_17.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_18.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_19.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_2.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_20.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_3.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_4.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_5.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_6.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_7.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_8.bin cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480s/spd/spd_9.bin cleanly. Applying patch file : patches/coreboot-2412/0004-mb-dell-Add-Optiplex-780-MT-x4x-ICH10.patch Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Kconfig... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Kconfig.name... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Makefile.mk... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/acpi/ec.asl... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/acpi/ich10_pci_irqs.asl... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/acpi/superio.asl... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/board_info.txt... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/cmos.default... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/cmos.layout... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/cstates.c... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/devicetree.cb... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/dsdt.asl... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/gma-mainboard.ads... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/data.vbt... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/early_init.c... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/gpio.c... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/hda_verb.c... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/overridetree.cb... Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Kconfig cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Kconfig.name cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Makefile.mk cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/acpi/ec.asl cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/acpi/ich10_pci_irqs.asl cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/acpi/superio.asl cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/board_info.txt cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/cmos.default cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/cmos.layout cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/cstates.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/devicetree.cb cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/dsdt.asl cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/gma-mainboard.ads cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/data.vbt cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/early_init.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/gpio.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/hda_verb.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_mt/overridetree.cb cleanly. Applying patch file : patches/coreboot-2412/0005-util-ifdtool-add-nuke-flag-all-0xFF-on-region.patch Checking patch build/x86/coreboot-2412/util/ifdtool/ifdtool.c... Applied patch build/x86/coreboot-2412/util/ifdtool/ifdtool.c cleanly. Applying patch file : patches/coreboot-2412/0006-Remove-warning-for-coreboot-images-built-without-a-p.patch Checking patch build/x86/coreboot-2412/payloads/Makefile.mk... Applied patch build/x86/coreboot-2412/payloads/Makefile.mk cleanly. Applying patch file : patches/coreboot-2412/0007-mb-dell-optiplex_780-Add-USFF-variant.patch Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Kconfig... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Kconfig.name... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/data.vbt... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/early_init.c... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/gpio.c... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/hda_verb.c... Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/overridetree.cb... Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Kconfig cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/Kconfig.name cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/data.vbt cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/early_init.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/gpio.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/hda_verb.c cleanly. Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_780/variants/780_usff/overridetree.cb cleanly. Applying patch file : patches/coreboot-2412/0008-dell-3050micro-disable-nvme-hotplug.patch Checking patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_3050/devicetree.cb... Applied patch build/x86/coreboot-2412/src/mainboard/dell/optiplex_3050/devicetree.cb cleanly. Applying patch file : patches/coreboot-2412/0009-lenovo-Add-Kconfig-option-CONFIG_LENOVO_TBFW_BIN.patch Checking patch build/x86/coreboot-2412/src/mainboard/lenovo/Kconfig... Applied patch build/x86/coreboot-2412/src/mainboard/lenovo/Kconfig cleanly. Applying patch file : patches/coreboot-2412/0010-soc-intel-skylake-Don-t-compress-FSP-S.patch Checking patch build/x86/coreboot-2412/src/soc/intel/skylake/Kconfig... Applied patch build/x86/coreboot-2412/src/soc/intel/skylake/Kconfig cleanly. Applying patch file : patches/coreboot-2412/0011-soc-intel-pmc-Hardcoded-poweroff-after-power-fail.patch Checking patch build/x86/coreboot-2412/src/soc/intel/common/block/pmc/pmclib.c... Applied patch build/x86/coreboot-2412/src/soc/intel/common/block/pmc/pmclib.c cleanly. Applying patch file : patches/coreboot-2412/0012-ec-dasharo-Comment-EC_DASHARO_EC_FLASH_SIZE.patch Checking patch build/x86/coreboot-2412/src/ec/dasharo/ec/Kconfig... Applied patch build/x86/coreboot-2412/src/ec/dasharo/ec/Kconfig cleanly. Applying patch file : patches/coreboot-2412/0013-src-intel-skylake-Disable-stack-overflow-debug-optio.patch Checking patch build/x86/coreboot-2412/src/soc/intel/skylake/Kconfig... Applied patch build/x86/coreboot-2412/src/soc/intel/skylake/Kconfig cleanly. Applying patch file : patches/coreboot-2412/0014-src-intel-x4x-Disable-stack-overflow-debug.patch Checking patch build/x86/coreboot-2412/src/northbridge/intel/x4x/Kconfig... Applied patch build/x86/coreboot-2412/src/northbridge/intel/x4x/Kconfig cleanly. Applying patch file : patches/coreboot-2412/85278-post-skylake-pr0.patch Checking patch build/x86/coreboot-2412/src/soc/intel/alderlake/finalize.c... Checking patch build/x86/coreboot-2412/src/soc/intel/cannonlake/finalize.c... Checking patch build/x86/coreboot-2412/src/soc/intel/common/block/lpc/Makefile.mk... Checking patch build/x86/coreboot-2412/src/soc/intel/common/block/smm/smihandler.c... Checking patch build/x86/coreboot-2412/src/soc/intel/common/pch/include/intelpch/lockdown.h... Checking patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/Kconfig... Checking patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/Makefile.mk... Checking patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/lockdown.c... Checking patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/lockdown_lpc.c... Checking patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/lockdown_spi.c... Checking patch build/x86/coreboot-2412/src/soc/intel/denverton_ns/lpc.c... Checking patch build/x86/coreboot-2412/src/soc/intel/elkhartlake/finalize.c... Checking patch build/x86/coreboot-2412/src/soc/intel/jasperlake/finalize.c... Checking patch build/x86/coreboot-2412/src/soc/intel/meteorlake/finalize.c... Checking patch build/x86/coreboot-2412/src/soc/intel/pantherlake/finalize.c... Checking patch build/x86/coreboot-2412/src/soc/intel/skylake/finalize.c... Checking patch build/x86/coreboot-2412/src/soc/intel/tigerlake/finalize.c... Applied patch build/x86/coreboot-2412/src/soc/intel/alderlake/finalize.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/cannonlake/finalize.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/common/block/lpc/Makefile.mk cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/common/block/smm/smihandler.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/common/pch/include/intelpch/lockdown.h cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/Kconfig cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/Makefile.mk cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/lockdown.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/lockdown_lpc.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/common/pch/lockdown/lockdown_spi.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/denverton_ns/lpc.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/elkhartlake/finalize.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/jasperlake/finalize.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/meteorlake/finalize.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/pantherlake/finalize.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/skylake/finalize.c cleanly. Applied patch build/x86/coreboot-2412/src/soc/intel/tigerlake/finalize.c cleanly. - remove patches unrelated to t480, skylake etc - clean local build cache for coreboot fork - remove files added per patches - sudo rm -rf build/x86/coreboot-2412/src/mainboard/lenovo/sklkbl_thinkpad/variants/t480* - rewrite canary content so that coreboot fork si resynced - echo "bogus" |sudo tee build/x86/coreboot-2412/.canary - rebuild the board, so that coreboot fork is resynced and patches are reapplied - ./docker_repro.sh make BOARD=t480-hotp-maximized - save oldconfig changes from patches applied/removed - ./docker_repro.sh make BOARD=t480-maximized coreboot.modify_and_save_oldconfig_in_place Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2025-02-14 12:02:56 -05:00
Thierry Laurion	aff8e13a90	targets/t480_me_blobs.mk: remove leftover artifact of @notgivenby from cleaner merged/adapted work from @gaspar-ilom ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2025-02-12 13:33:15 -05:00
Thierry Laurion	32fc31bc6e	patches/coreboot-t480/85278-post-skylake-pr0.patch: remove xeon bits we are not interested into which are conflicting against coreboot upstream commit 2f1e4e5e8515dd350cc9d68b48d32a5b6b02ae6a ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2025-02-11 14:04:01 -05:00
Thierry Laurion	7f673d4882	patches/coreboot-t480/85278-post-skylake-pr0.patch: add unmerged upstream PR0 patchset https://review.coreboot.org/c/coreboot/+/85278 ... Repro: git fetch https://review.coreboot.org/coreboot refs/changes/78/85278/3 && git format-patch -1 --stdout FETCH_HEAD > patches/coreboot-t480/85278-post-skylake-pr0.patch Unfortunately Applying patch file : patches/coreboot-t480/85278-post-skylake-pr0.patch Checking patch build/x86/coreboot-t480/src/soc/intel/alderlake/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/cannonlake/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/common/block/lpc/Makefile.mk... Checking patch build/x86/coreboot-t480/src/soc/intel/common/block/smm/smihandler.c... Checking patch build/x86/coreboot-t480/src/soc/intel/common/pch/include/intelpch/lockdown.h... Checking patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/Kconfig... Checking patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/Makefile.mk... Checking patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/lockdown.c... Checking patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/lockdown_lpc.c... Checking patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/lockdown_spi.c... Checking patch build/x86/coreboot-t480/src/soc/intel/denverton_ns/lpc.c... Checking patch build/x86/coreboot-t480/src/soc/intel/elkhartlake/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/jasperlake/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/meteorlake/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/pantherlake/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/skylake/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/tigerlake/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/xeon_sp/finalize.c... Checking patch build/x86/coreboot-t480/src/soc/intel/xeon_sp/lockdown.c... error: while searching for: static void lpc_lockdown_config(void) { /* Set BIOS Interface Lock, BIOS Lock */ lpc_set_bios_interface_lock_down(); /* Only allow writes in SMM */ if (CONFIG(BOOTMEDIA_SMM_BWP)) { lpc_set_eiss(); lpc_enable_wp(); } lpc_set_lock_enable(); } void soc_lockdown_config(int chipset_lockdown) { if (chipset_lockdown == CHIPSET_LOCKDOWN_FSP) return; lpc_lockdown_config(); pmc_lockdown_config(); sata_lockdown_config(chipset_lockdown); spi_lockdown_config(chipset_lockdown); error: patch failed: build/x86/coreboot-t480/src/soc/intel/xeon_sp/lockdown.c:6 Applied patch build/x86/coreboot-t480/src/soc/intel/alderlake/finalize.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/cannonlake/finalize.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/common/block/lpc/Makefile.mk cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/common/block/smm/smihandler.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/common/pch/include/intelpch/lockdown.h cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/Kconfig cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/Makefile.mk cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/lockdown.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/lockdown_lpc.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/common/pch/lockdown/lockdown_spi.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/denverton_ns/lpc.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/elkhartlake/finalize.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/jasperlake/finalize.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/meteorlake/finalize.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/pantherlake/finalize.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/skylake/finalize.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/tigerlake/finalize.c cleanly. Applied patch build/x86/coreboot-t480/src/soc/intel/xeon_sp/finalize.c cleanly. Applying patch build/x86/coreboot-t480/src/soc/intel/xeon_sp/lockdown.c with 1 reject... Rejected hunk #1. make: *** [Makefile:570: /home/user/heads/build/x86/coreboot-t480/.canary] Error 1 Will have to edit patch Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2025-02-11 13:59:49 -05:00
AK Unterkontrolle	ca1bd2025b	Add coreboot patches for T480 ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2025-02-11 11:25:28 -05:00
Michał Kopeć	b59c0e2e33	Remove leftover Linux 6.11.9 patches ... Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>	2025-01-15 17:36:09 +01:00
Michał Kopeć	2148e64aa3	coreboot-dasharo: move patches from Heads into Dasharo coreboot fork ... Patch 0003-CONFIG_RESOURCE_ALLOCATION_TOP_DOWN-CONFIG_DOMAIN_RESOURCE_32BIT_LIMIT.patch is removed because it is no longer required. Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>	2025-01-15 12:20:25 +01:00
Michał Kopeć	c516918fac	patches/coreboot-dasharo-unreleased: add back JPEG patches ... Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>	2024-12-11 18:31:30 +01:00
Thierry Laurion	4394052b72	modules/linux: add Linux 6.11.9 ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-12-04 12:46:37 +01:00
Michał Kopeć	ce2b051a48	Add NovaCustom V540TU board ... Co-authored-by: Michał Kopeć <michal.kopec@3mdeb.com> Co-authored-by: Thierry Laurion <insurgo@riseup.net> Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com> Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-12-04 12:46:35 +01:00
Thierry Laurion	99157f2291	Merge pull request #1802 from tlaurion/talos_2-kernel_version_bump_to_6.6.16 ... talos-2: kernel version bump to 6.6.16	2024-11-29 14:19:25 -05:00
Sergii Dmytruk	e97b379796	talos2: port 2 more Linux patches to 6.6.16 ... Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com> Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-11-29 12:38:24 -05:00
Thierry Laurion	d7ff890c78	WiP: talos-2: kernel version bump to 6.6.16 ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-11-29 12:38:05 -05:00
Thierry Laurion	43b03fbe60	Revert "coreboot dasharo fork patch: bump patchset to upstream reviewed" ... This reverts commit f5fdf9a97e2d730fbaf888b33e730f51fdbdf4ed. Unfortunately, patch doesn't apply to dasharo current fork pointed under modules/coreboot Waiting for Dasharo to provide a patch updated to heads used fork/dasahro bumping to newer coreboot version for which patchset applies clealy Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-11-28 13:24:30 -05:00
Thierry Laurion	6f2ea7c7bf	Merge remote-tracking branch 'osresearch/master' into pr0_skylake_and_more_recent	2024-11-28 11:53:48 -05:00
Thierry Laurion	f5fdf9a97e	coreboot dasharo fork patch: bump patchset to upstream reviewed ... repro: git fetch https://review.coreboot.org/coreboot refs/changes/78/85278/3 && git format-patch -1 --stdout FETCH_HEAD > patches/coreboot-dasharo-unreleased/0002-pr0_chipset_locking-post_skylake.patch Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-11-28 11:52:22 -05:00
Thierry Laurion	2a8cc11a46	newt (whiptail): bump version 0.52.20 -> 0.52.24 (fixs random whiptail crash with newer muslc + parallel builds ... popt havent't changed. Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-11-07 10:19:49 -05:00
Thierry Laurion	9e311b6e97	patches/coreboot-talos_2: add ugly patch against skiboot-to fix CFLAGS against newer mulslc (Doesn't use coreboot buildstack, obviously) ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-11-06 19:12:39 -05:00
Thierry Laurion	a5c1d8e929	dasharo coreboot fork patches: rename 501 and add PR0 patch; add coreboot config bits ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-10-31 10:22:37 -04:00
Thierry Laurion	c445ff067e	patches/coreboot-*: fix tpm1 cbmem crash on 'cbmem -L' ... repro: git fetch https://review.coreboot.org/coreboot refs/changes/27/84927/1 && git format-patch -1 --stdout FETCH_HEAD > patches/coreboot-24.02.01/0004-cbmem_tpm-clear_whole_log_on_creation.patch Then copy patch around in forks patch dirs Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-10-30 15:42:00 -04:00
Thierry Laurion	0cef8e1edc	cryptsetup2 toolstack version bump and script fixes to support multi-LUKS containers (BTRFS QubesOS 4.2) ... cryptsetup2 2.6.1 is a new release that supports reencryption of Q4.2 release LUKS2 volumes created at installation. This is a critical feature for the Qubes OS 4.2 release for added data at rest protection Cryptsetup 2.6.x internal changes: - Argon2 used externally and internally: requires a lot of RAM and CPU to derivate passphrase to key validated in key slots. - This is used to rate limit efficiently bruteforcing of LUKS key slots, requiring each offline brute force attempt to consume ~15-30 seconds per attempt - OF course, strong passphrases are still recommended, but bruteforcing LUKSv2 containers with Argon2 would require immense time, ram and CPU even to bruteforce low entropy passphrase/PINs. - passphrase change doesn't permit LUKS key slot specification anymore: key slot rotates (new one consusumed per op: then old one wiped internally. EG: LUKS key slot 1 created, then 0 deleted) - reencryption doesn't permit old call arguments. No more direct-io; inadmissively slow through AIO (async) calls, need workarounds for good enough perfs (arguments + newer kernel with cloudfare fixes in tree) cryptsetup 2.6.1 requires: - lvm2 2.03.23, which is also included in this PR. - requires libaio, which is also included in this PR (could be hacked out but deep dependency at first sight: left in) - requires util-linux 2.39 - patches for reproducible builds are included for above 3 packages. luks-functions was updated to support the new cryptsetup2 version calls/changes - reencryption happen in direct-io, offline mode and without locking, requiring linux 5.10.9+ to bypass linux queues - from tests, this is best for performance and reliability in single-user mode - LUKS container ops now validate Disk Recovery Key (DRK) passphrase prior and DRK key slot prior of going forward if needed, failing early. - Heads don't expect DRK to be in static key slot anymore, and finds the DRK key slot dynamically. - If reencrytipn/passphrase change: make sure all LUKS containers on same block device can be unlocked with same DRK - Reencryption: requires to know which key slot to reencrypt. - Find LUKS key slot that unlocks with DRK passphrase unlock prior of reencrypt call - Passphrase change: no slot can be passed, but key slot of DRK rotates. kexec-seal-key - TPM LUKS Disk Unlock Key key slots have changed to be set in max slots per LUKS version (LUKSv1:7 /LUKSv2: 31) - If key slot != default LUKS version's keyslot outside of DRK key slot: prompt the user before wiping that key slot, otherwise wipe automatically - This takes for granted that the DRK key slot alone is needed on the system and Heads controls the LUKS key slots. - If user has something else going on, ie: Using USB Security dongle + TPM DUK, then the user will need to say no when wiping keys. - It was suggested to leave LUKS key slots outside of DRK alone, but then: what to do when all key slots would be used? - Alternative implementation could be to only prompt users to wipe keyslots other then DRK when key slots are all used (LUKSv1: 0-7, LUKSv2: 0-31) - But then cleanup would need to happen prior of operations (LUKS passphrase change, TPM DUK setup) and could be problematic. - LUKS containers now checked to be same LUKS version prior of permitting to set TPM DUK and will refuse to go forward of different versions. TODO: - async (AIO) calls are not used. direct-io is used instead. libaio could be hacked out - this could be subject to future work Notes: - time to deprecated legacy boards the do not enough space for the new space requirements - x230-legacy, x230-legacy-flash, x230-hotp-legacy - t430-legacy, t430-legacy-flash, t430-hotp-legacy already deprecated Unrelated: - typos fixes found along the way Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-10-30 14:18:20 -04:00
Thierry Laurion	0679b75e1d	Bump 5.10.5 kernel to 5.10.214 ... Cloudfare patches to speed up LUKS encryption were upstreamed into linux kernel and backported to 5.10.9: https://github.com/cloudflare/linux/issues/1#issuecomment-763085915 Therefore, we bump to latest of 5.10.x (bump from 5.10.5 which doesn't contain the fixes) Trace: sed -i 's/5.10.5/5.10.214/g' boards/*/*.config find ./boards/*/*.config | awk -F "/" {'print $3'}| while read board; do echo "make BOARD=$board linux"; make BOARD=$board linux; echo make BOARD=$board linux.save_in_oldconfig_format_in_place || make BOARD=$board linux.modify_and_save_oldconfig_in_place; done git status | grep modified | awk -F ":" {'print $2'}| xargs git add git commit --signoff - Move patches from 5.10.5 -> 5.10.214 - Add linux kernel hash and version under modules/linux - Change board configs accordingly Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-10-30 14:18:20 -04:00
Thierry Laurion	c63114710e	coreboot patches: remove lib/jpeg patches for heap increase and alloc failure. Add https://review.coreboot.org/c/coreboot/+/83895 ... Repro: rm patches/coreboot-24.02.01/0001* patches/coreboot-24.02.01/0002* git fetch https://review.coreboot.org/coreboot refs/changes/94/83894/2 && git format-patch -1 --stdout FETCH_HEAD > patches/coreboot-24.02.01/0001-vc_wuffs-upgrade-to-Wuffs_0.4.0-alpha.8.patch git fetch https://review.coreboot.org/coreboot refs/changes/95/83895/3 && git format-patch -1 --stdout FETCH_HEAD > patches/coreboot-24.02.01/0002-lib_jpeg-avoidcalling-malloc-and-free.patch sed -i 's/CONFIG_HEAP_SIZE=0x400000/CONFIG_HEAP_SIZE=0x100000/g' config/coreboot-* Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-10-30 13:57:10 -04:00
Mike Rothfuss	ef6cbe551b	coreboot-4.11: add fixes to KGPE-D16 raminit ... The added patches fix bugs in fam15h ram DQS timing and configure the motherboard to restart gracefully if raminit fails instead of booting into an unstable state and/or crashing. Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-08-26 07:46:49 -04:00
Thierry Laurion	db9eed7ac5	coreboot 24.02.01: add upstream patch for Intel CONFIG_DOMAIN_RESOURCE_32BIT_LIMIT to fix CONFIG_RESOURCE_ALLOCATION_TOP_DOWN peripherals disappearing ... repro: git fetch https://review.coreboot.org/coreboot refs/changes/07/80207/3 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-24.02.01/0003-CONFIG_RESOURCE_ALLOCATION_TOP_DOWN-CONFIG_DOMAIN_RESOURCE_32BIT_LIMIT.patch docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=x230-maximized real.remove_canary_files-extract_patch_rebuild_what_changed grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place > /dev/null 2>&1; then echo $board failed;fi; done Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-08-05 05:40:51 -04:00
Thierry Laurion	119cebc44f	coreboot 24.02.01: add upstream pending patches for heap allocation failure on bootsplash and defaulting to 4mb of heap when bootsplash ... Add upstreeam patches to downstream: git fetch https://review.coreboot.org/coreboot refs/changes/75/83475/1 && git format-patch -1 --stdout FETCH_HEAD > 0001-prevent_bootsplash_heap_allocation_failure_to_booting.patch git fetch https://review.coreboot.org/coreboot refs/changes/76/83476/2 && git format-patch -1 --stdout FETCH_HEAD > 0002-increase_heap_from1mb_to4mb_when_bootpslash_enabled.patch Rebuilding coreboot version with patches applied: docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.0 -- make BOARD=qemu-coreboot-whiptail-tpm1 real.remove_canary_files-extract_patch_rebuild_what_changed Remove file added by patch when patching fails: sudo rm build/x86/libgpg-error-1.46/src/syscfg/lock-obj-pub.powerpc64le-unknown-linux-musl.h Applying patches touching coreboot version 24.02.01 defiend in board config to all boards: grep -R 24.02.01 boards/ | awk -F "/" {'print $2'} | while read board; do sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place; done Adding added/modified files to git tracked files for commit: git status | grep -e modified -e added | awk -F ":" {'print $2'}| xargs git add Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-07-26 15:35:44 -04:00
Thierry Laurion	37f04e2855	Fix key to card failing with invalid time when moving keys to smartcard on master (Opt: Authenticated Heads) ... - Revert gnupg toolstack version bump to prior of #1661 merge (2.4.2 -> 2.4.0). Version bump not needed for reproducibility. - Investigation and upstream discussions will take their time resolving invalid time issue introduced by between 2.4.0 and latest gnupg, fix regression first under master) - oem-factory-reset - Adding DO_WITH_DEBUG to oem-factory-reset for all its gpg calls. If failing in debug mode, /tmp/debug.txt contains calls and errors - Wipe keyrings only (*.gpg, *.kbx) not conf files under gpg homedir (keep initrd/.gnupg/*.conf) - flake.nix - switch build derivative from qemu and qemu_kvm to qemu_full to have qemu-img tool which was missing to run qemu boards (v0.1.8 docker) - add gnupg so that qemu boards can call inject_gpg to inject public key in absence of flashrom+pflash support for internal flashing - flake.lock: Updated nix pinned package list under flake.lock with 'nix flake update' so qemu_full builds - README.md: have consistent docker testing + release (push) notes - .circleci/config.yml: depend on docker v0.1.8 (qemu_full built with canokey-qemu lib support, diffoscopeMinimal and gnupg for proper qemu testing) TODO: - some fd2 instead of fd1?! - oem-factory-resest has whiptail_or_die which sets whiptail box to HEIGHT 0. This doesn't show a scrolling window on gpg errors which is problematic with fbwhiptail, not whiptail Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-05-17 09:27:29 -04:00
Thierry Laurion	a51a7afefe	patches/coreboot-dasharo-unreleased : keep track of patches per upsream dasharo+heads unreleased patches to apply on top of last release ... PR numbers being numerical and hopefully not conflicting with each other, keeping track of commits per their upstream PR should make sure they can be applied cleanly on top of each other as opposed to commit id related patches that git apply will apply in random order. Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-05-14 12:09:22 -04:00
Thierry Laurion	41d55bf2fc	coreboot + patches/coreboot-dasharo-unreleased: Add b35dc4a4f25497acfbe159d6abd057d885661a02.patch for TPM IRQ Kconfig missing ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-05-13 11:03:23 -04:00
Thierry Laurion	3a7292018e	Merge remote-tracking branch 'osresearch/master' into pr/tlaurion/1662	2024-05-13 09:23:20 -04:00
Michał Żygowski	c7dc6a8064	patches: Remove obsolete patches for nitropad builds ... Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com> Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-05-10 14:39:57 -04:00
Thierry Laurion	50ab1c5b88	modules/patches slang: bump to version 2.3.3 so we can disable termcap without hacking around ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-05-02 13:02:55 -04:00
Thierry Laurion	236f9b117c	modules/gpg2: Bump version 2.4.0 -> 2.4.2 ... More pending work needed to fix fragility of buildsystem and fix nix build issues as well like: https://app.circleci.com/pipelines/github/mmlb/osresearch-heads/11/workflows/32cc883c-5074-4f28-94b8-a83a2ec44414/jobs/252 https://app.circleci.com/pipelines/github/mmlb/osresearch-heads/11/workflows/32cc883c-5074-4f28-94b8-a83a2ec44414/jobs/221 https://app.circleci.com/pipelines/github/tlaurion/heads/1781/workflows/ee402ead-6739-4549-88ae-105b695fb3cd https://app.circleci.com/pipelines/github/tlaurion/heads/1783/workflows/2b35826c-aff4-4f48-8809-4e66259f9aa4/jobs/25877/parallel-runs/0/steps/0-103 Signed-off-by: Thierry Laurion <insurgo@riseup.net> Signed-off-by: Manuel Mendez <github@i.m.mmlb.dev> Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-05-02 13:00:37 -04:00
Manuel Mendez	d396236a83	Remove hard coded paths in shebang lines ... Remove hard coded paths from shebangs and other references because they do not play well in nix-land. Either use /usr/bin/env to do runtime PATH based lookup or avoid absolute paths so PATH look up happens instead. Signed-off-by: Thierry Laurion <insurgo@riseup.net> Signed-off-by: Manuel Mendez <github@i.m.mmlb.dev> Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-05-02 13:00:22 -04:00
Thierry Laurion	8208c86efe	modules/tpm2-tss: sed configure script to remove hardcoding of libs, move patch 3.2.0->3.2.2 ... disable static lib builds Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-04-03 13:48:58 -04:00
Thierry Laurion	ddef233708	modules-tpm2-tools: bump from 5.2->5.6 (removes need to hack around PACKAGE_VERSION string which configure.ac points to ./VERSION already ... tpm2-tools-5.6 patch: comment out git versioning output under ./VERSION; module: output current version under ./VERSION instead. Document under module Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-04-03 13:48:52 -04:00
Thierry Laurion	d7915e1639	OpenSSL (libcrypto): patch so that crypto/buildinfo.h generated by perl script contains reproducible date and fake compiler_flags ... hardcode VERSION='reproducible_build' into generated configure script to get rid of generate random git abbrev 8/12 chars (could not find source) patches/openssl-3.0.8.patch: clean up tpm2-tools/tpm2-tss: hack configure scripts to not contain hardcoded libs and other rpath related strings, using sed instead of patching configure script like cryptsetup2 patch Will be clened up in other commits. Leaving here as trace for autotools sed patching for reproducible builds. CircleCI: change working dir from project->heads so that CircleCI and local builds are from heads directory, helping reproducible builds TODO: change other patches a well and generalize to gpg toolstack, removing patches that are a maintainership burden. Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-04-03 13:48:47 -04:00
Thierry Laurion	6d8939924e	patches/coreboot-4.22.01/0001-x230-fhd-variant.patch: adapt patch for Makefile.inc (Makefile.mk doesn't exist under 4.22) ... Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-03-25 15:15:58 -04:00
Thierry Laurion	f37b010ab1	patches/coreboot-4.22.01/0001-x230-fhd-variant.patch: update to upstream merged state ... git fetch https://review.coreboot.org/coreboot refs/changes/50/28950/27 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-4.22.01/0001-x230-fhd-variant.patch Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-03-25 15:15:47 -04:00
Thierry Laurion	fb616f416a	WiP 4.22.01 fhd patch test + bump all 4.19 boards to 4.22.01 ... - patches/coreboot-4.22.01/0001-x230-fhd-variant.patch created per - git fetch https://review.coreboot.org/coreboot refs/changes/50/28950/23 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-4.22.01/0001-x230-fhd-variant.patch - all boards configs bumped with: - grep -Rn 4.22 boards/ | awk -F "/" {'print $2'}| while read line; do make BOARD=$line coreboot.save_in_oldconfig_format_in_place ; done Signed-off-by: Thierry Laurion <insurgo@riseup.net>	2024-03-25 15:14:42 -04:00
Markus Meissner	55e3a192be	coreboot-nitrokey: hard-code ME state during boot, fixes Nitrokey/heads#39 ... Signed-off-by: Markus Meissner <coder@safemailbox.de>	2024-01-22 15:46:31 +01:00
Jonathon Hall	f632897bb5	modules/coreboot: Cache coreboot toolchain archives and use mirrors ... Download coreboot toolchain archives into packages/<arch> before coreboot tries to download them. This allows us to use mirrors to get the archives. We could also update the primary source this way if it goes down instead of patching coreboot itself (has happened for IASL). The archive versions and digests are retrieved from the coreboot module, so there isn't another copy of that info to maintain. That is done in bin/fetch_coreboot_crossgcc_archive.sh, which uses the existing fetch script to do the actual download, leveraging mirrors. bin/fetch_source_archive.sh supports using a SHA-1 digest instead of SHA-256, since coreboot has SHA-1 digests. It also checks if the file already exists (deleting the coreboot directory will cause it to be re-run, but the packages are already there and can be used from cache). The coreboot-4.11 IASL patch is updated to delete the outdated acpica archive digest (it already added the new one, but the old one was still there). bin/fetch_coreboot_crossgcc_archive.sh finds the archive version and digest from the digest files, so only one acpica file must be present. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>	2024-01-08 15:10:56 -05:00