Modeled after modules/tpmtotp, use a specific git commit hash for
module libremkey-hotp-verification. Add hidapi as a submodule with
dummy/placeholder in modules (like coreboot-blobs), also specified
by git commit hash. Adjust libremkey-hotp-verification patch file
name so patch applied properly.
Addresses issue #640
Test: build Librem 13v4
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
init: load usb modules for devices using USB keyboard
gui-init: remove enable_usb to fix generic Heads users who wanted to release LUKS disk encryption key from TPM if measurements were valid (fix regression)
* Add support for the Lenovo ThinkPad T420 and X220.
* Fix the autodetection of ifdtool and me_cleaner.
* Enable FBWhiptail mode for X220 and T420
* Decreased CBFS size to fix 50 seconds boot delay problems
Some (out of tree) servers require use of a USB keyboard, and need
the USB kernel modules loaded prior to checking for keypress to enter
a recovery console. Since loading the modules affects the value in PRC5
and can cause issues putting a LUKS key in TPM, guard the loading of the
USB modules with CONFIG_USB_KEYBOARD and remove the unguarded call from
gui-init.
This should resolve issues #603 and #674.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Add ability to change CMOS values by genning SMBIOS tables and using the values from stock bios, this allows for editing of SMBIOS values to change things such as VRAM allocation, FN and CTRL key swap etc
Not setting USB_FAILED when call to mount-usb succeeds results
in a spurious 'sh: 0 unknown operand' error printed to console.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Update hashes of coreboot images, releases repo, FSP blobs,
and VBT file. Updated VBT from coreboot 4.11 release eliminates
flickering on some 13v4/15v4 displays.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Pass through new toolchain path via $(CROSS) so we can set the
c/c++ compiler paths correctly for CMake. Adjust patch to use
new paths, and fix compiler/linker paths to correct a libusb linking issue.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
The short commit id can cause the tar archive potentially cause
the root directory in the archive to be named with the short id
causing the verification to fail
Since the custom password is used to set the GPG admin
password as well as the TPM and GPG user passwords, an
8-character minimum is required. Inform the user of this,
and validate custom password length upon entry.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Disabling IOMMU on the iGPU for Heads (mostly) eliminates
display corruption when kexec'ing to new kernel (and has no effect
on iGPU/IOMMU for kexec'ed kernel)
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
