4245aec857
Merge pull request #706 from tlaurion/network-init-recovery_dhcp-ntp
...
network-init-recovery script: Request IP from DHCP, NTP time
2020-05-24 11:33:23 -04:00
b88daa7710
Add Fedora 30 gitlab-ci CI configuration building x230-hotp-verification
2020-05-24 10:04:16 -04:00
f1f92a0fec
Merge pull request #726 from tlaurion/gawk_test_over_latest_debian_redo
...
upgrade gpg toolstack to latest versions
2020-05-22 15:17:09 -04:00
972c25de7d
upgrade gpg toolstack to latest versions
...
- Remove unrecognized configure options
- fixes gawk issue #668 by upgrading to libgpg-error 1.37 instead of patching 1.32 for regex change (fixed upstream)
- move patches so they match new versions for libassuan, gpg and libgcrypt (no change)
Version change:
- gpg 2.2.10 -> 2.2.20
- libassuan 2.5.1 -> 2.5.3
- libgcrypt 1.8.3 -> 1.8.5
- libgpg-error 1.32 -> 1.37
Size changes:
- gpg 886.5 -> 911.3 kB
- gpg-agent: 371.9 -> 376.0 kB
- scdaemon: 399.5 -> 407.8 kB
- libgpg-error.so.0 125.9 -> 130.0 kB
Unrecognized options on gpg2 toolstack:
- disable-nls and disable-asm disable-keyserver-helpers disable-hkp disable-finger disable-dns-srv disable-dns-cert and disable-wks-server
2020-05-22 15:13:06 -04:00
183007e16e
Merge pull request #725 from osresearch/revert-714-gawk_test_over_latest_debian
...
Revert "GPG toolstack upgrade to latest available versions (Fixes Gawk issue)"
2020-05-22 14:57:02 -04:00
0cd1a0d04c
Revert "GPG toolstack upgrade to latest available versions (Fixes Gawk issue)"
2020-05-22 14:55:41 -04:00
69c7b207ba
Merge pull request #714 from tlaurion/gawk_test_over_latest_debian
...
GPG toolstack upgrade to latest available versions (Fixes Gawk issue)
2020-05-22 14:55:04 -04:00
83f2a20cbc
Merge branch 'master' of https://github.com/osresearch/heads into add_gitlabci_ci_integration
2020-05-22 14:47:15 -04:00
fdbac6637f
Add gitlab-ci CI configuration which builds for x230-hotp-verification for the moment
2020-05-22 14:46:24 -04:00
69160699a3
Merge pull request #724 from szszszsz/repro-gitlab-circleci-pr-upstream
...
Make hotp-verification build reproducible across CIs
2020-05-22 14:35:27 -04:00
577fd806d7
Merge pull request #722 from tlaurion/x230-hotp-verification
...
board: x230-hotp-verification (includes libremkey-hotp-verification)
2020-05-22 13:34:16 -04:00
2d50e01071
Make hotp-verification hashes same across two CIs
...
Move from CMake build system to GNU Make for hotp-verification
Change version to one supporting Makefile build
Fixes https://github.com/osresearch/heads/pull/724
Connected:
- https://github.com/Nitrokey/nitrokey-hotp-verification/issues/13
- https://github.com/osresearch/heads/pull/722
2020-05-22 15:17:04 +02:00
d5083f410c
x230-hotp-verification: Add x230-hotp-verification board to have a HOTP supported remote attestation for Nitrokey Pro 2, Nitrokey Storage 2 and Librem Key
2020-05-21 18:06:19 -04:00
241b0bc680
upgrade gpg toolstack to latest versions
...
- Remove unrecognized configure options
- fixes gawk issue #668 by upgrading to libgpg-error 1.37 instead of patching 1.32 for regex change (fixed upstream)
- move patches so they match new versions for libassuan, gpg and libgcrypt (no change)
Version change:
- gpg 2.2.10 -> 2.2.20
- libassuan 2.5.1 -> 2.5.3
- libgcrypt 1.8.3 -> 1.8.5
- libgpg-error 1.32 -> 1.37
Size changes:
- gpg 886.5 -> 911.3 kB
- gpg-agent: 371.9 -> 376.0 kB
- scdaemon: 399.5 -> 407.8 kB
- libgpg-error.so.0 125.9 -> 130.0 kB
Unrecognized options on gpg2 toolstack:
- disable-nls and disable-asm disable-keyserver-helpers disable-hkp disable-finger disable-dns-srv disable-dns-cert and disable-wks-server
2020-05-20 13:19:51 -04:00
fa35b3c557
Merge pull request #715 from tlaurion/circle_ci_based_on_debian_bullseye_with_x230-flash_and_reproducibility_troubleshooting_helpers
...
CIs: pass CircleCI to debian:bullseye docker image
2020-05-15 19:20:04 -04:00
2ee51d864c
Merge pull request #656 from fibreblazer/master
...
T430 Support
2020-05-15 19:19:00 -04:00
762e59eac3
Merge pull request #693 from SebastianMcMillan/patch-4
...
Fix X220 and T420 CBFS sizes
2020-05-15 19:16:52 -04:00
23735d729a
Add T430 board support
...
Co-authored-by: Sebastian McMillan <22755892+SebastianMcMillan@users.noreply.github.com >
Co-authored-by: Andrew Montoya <halossqwerty@gmail.com >
2020-05-15 18:52:11 +01:00
5a033fa80d
T430 TPM Backport
2020-05-15 18:51:49 +01:00
950acf9355
Merge pull request #708 from tlaurion/qemu-coreboot-fbwhiptail_board
...
qemu-coreboot-fbwhiptail board addition
2020-05-14 23:07:07 -04:00
29e28005ab
qemu-coreboot-fbwhiptail: removing of unneeded comments
2020-05-11 13:57:08 -04:00
31a103fdae
Working config to do make BOARD=qemu-coreboot-fbwhiptail and then make BOARD=qemu-coreboot-fbwhiptail run
2020-05-11 13:56:40 -04:00
df89d16f7c
Merge pull request #707 from tlaurion/useful_qemu-coreboot_board
...
qemu-coreboot: finally a useable debug/test board
2020-05-04 17:07:30 -04:00
040e358b2d
CIs: pass CircleCI to debian:bullseye docker image, provide logs.tar.gz and cpios to facilitate debugging of reproducibility issues
2020-05-04 14:55:36 -04:00
8d6f47fb4d
mount-usb: suppress error output from calls to stat
...
If no USB storage devices inserted, stat will output
unnecessary error text to console
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm >
2020-05-04 11:41:21 -05:00
a2d50a10f7
mount-usb: replace fixed timeout with drive detection
...
Rather than wait a fixed 5s for the usb storage kernel modules
to load, and the user to insert a drive, check for new USB drives
inserted every 1s with a 5s timeout.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm >
2020-05-04 11:41:20 -05:00
59b65d1069
Merge pull request #713 from tlaurion/acpica-unix2_revert_url_change
...
coreboot patch: revert acpica-unix2 url change
2020-05-03 23:42:38 -04:00
15e19d0594
coreboot patch: remove acpica-unix2-20180531.tar.gz url change fix since acpica.org is now functional again while crux.ster.zone is not...
2020-05-03 23:39:15 -04:00
00a1a2bef6
Merge pull request #679 from MrChromebox/flashrom_1.2
...
modules/flashrom: update to v1.2 release
2020-05-01 17:55:43 -04:00
ba68c723bf
qemu-coreboot: Now useful to debug something through make BOARD=qemu-coreboot. TODO: map a virtual TPM instance and USB passthrough. Thanks to @orangecms for the tip
2020-04-22 23:02:46 -04:00
01dabe19e7
network-init-recovery: do DHCP, then ask NTP from DNS server before attempting sync on internet
2020-04-22 15:00:48 -04:00
b29447ef8f
modules/flashrom: update to v1.2 release
...
- Update flashrom module to v1.2.
- Drop Thinkpad x220 patch as it's now properly supported.
- Drop 'laptop=force_I_want_a_brick' from board FLASHROM_OPTIONS
since it's no longer needed.
- Migrate kgpe-d16 patch.
The kgpe-d16 patch needed a complete overhaul when rebased against
flashrom v1.2, and needs close inspection/testing as a result.
The following changes were made from the previous patch:
- dropped addition of 4-byte addressing (4BA), since now supported
- dropped addtiion of Macronix MX25L256 and MX66L512 chips,
since now supported
- added 4BA erase commands for Winbond W25Q256 chip
- dropped code to show progress indicator, since another PR already adds that
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm >
2020-04-20 17:34:08 -05:00
a16b97b6ea
Add more input validation
...
Based on tlaurion's work done here
ff148e4daf/initrd/bin/factory-reset-libremkey.sh (L53)
2020-03-26 15:05:51 +01:00
83c22f3e4a
Merge pull request #696 from tlaurion/acpica-unix2_fix
...
coreboot-4.8.1 : fix acpica-unix2 download
2020-03-17 09:18:58 -04:00
58cb8df266
coreboot-4.8.1: acpica-unix2 cannot be downloaded per www.acpica.org since cert is signed by Intel which cert authority is unknown from older build systems... Cert was renewed March 10 2020. URL changed to crux.ster.zone
2020-03-15 18:45:33 -04:00
cc2eb8f207
Update coreboot-t420.config
2020-03-09 15:59:00 -05:00
b1471d945a
Update coreboot-x220.config
...
Add some room in the CBFS to actually save GPG keys, as well as have room to add libremkey support.
2020-03-09 15:53:19 -05:00
f62364ffa2
Update README.md
...
- Add basic board building
- Remove xen as Heads dependency
- change musl-cross in text to musl-cross-make to reflect new building tools reality
2020-03-09 14:21:46 -04:00
ad84c38aed
Merge pull request #685 from MrChromebox/fix_iso_boot
...
Eliminate use of CONFIG_USB_BOOT_DEV
2020-03-04 22:55:46 -05:00
801bbed601
Update coreboot-x230.config
2020-02-23 18:51:42 +00:00
f42b338de9
Merge pull request #478 from flammit/coreboot-kgpe-d16
...
Fix coreboot build for kgpe-d16
2020-02-22 14:17:07 -05:00
1bd93d6679
Eliminate use of CONFIG_USB_BOOT_DEV
...
mount-usb switched to dynamic USB device detection a while back,
so eliminate instances of CONFIG_BOOT_USB_DEV, and derive the
mounted USB device from /etc/mtab in the one place where it's
actually needed (usb-scan). Clean up areas around calls to
mount-usb for clarity/readability.
Addresses issue #673
Test: Build Librem 13v4, boot ISO file on USB
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm >
2020-02-19 22:32:08 -06:00
508034b4d9
Merge pull request #680 from MrChromebox/libremkey_hotp_reproducible
...
modules/libremkey-hotp-verification: make reproducible
2020-02-19 22:49:18 -05:00
65e718b6de
Merge pull request #684 from SebastianMcMillan/patch-2
...
T420: Fix screen garble
2020-02-19 21:27:30 -05:00
3165ba60f6
Update coreboot-t420.config
...
Fix Screen Garble
2020-02-19 19:03:31 -06:00
76ac9d2259
Merge pull request #683 from MrChromebox/oem-reset-fix
...
oem-factory-reset: fix GPG key backup filename
2020-02-19 18:04:21 -05:00
e5c7f7397f
Merge pull request #682 from MrChromebox/clean_boot_detect_fix
...
gui-init: fix checking librem key card-status
2020-02-19 17:57:46 -05:00
83a67d2798
oem-factory-reset: fix GPG key backup filename
...
fix $GPG_GEN_KEY getting clobbered when using a custom password
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm >
2020-02-19 16:47:51 -06:00
c684d6b37c
Merge pull request #681 from tlaurion/flash_sh-config_export_fix
...
Flash.sh cleanup: Fix FLASHROM_OPTIONS -> CONFIG_FLASHROM_OPTIONS
2020-02-19 17:44:10 -05:00
30b098bfac
gui-init: fix checking librem key card-status
...
Commit 6b5adccamatt.devillier@puri.sm >
2020-02-19 16:31:39 -06:00
