Commit Graph

1385 Commits

Author SHA1 Message Date
tlaurion
2918bcdf48
Merge pull request #1014 from tlaurion/q41_fepitrebot_distro_signing_key
Adding qubes-test distro public key to test QubesOS ISOs
2021-07-29 12:42:38 -04:00
tlaurion
183f72f07c
Merge pull request #1012 from tlaurion/remove_double_heads_banner
init: remove double heads motd banner, keeping the one sent to tty0
2021-07-27 16:19:21 -04:00
tlaurion
7314dc37a9
Merge pull request #1013 from tlaurion/cryptsetup2_add_makefile_missing_statement
Makefile: Add cryptsetup2 missing statement into Makefile
2021-07-26 21:43:46 -04:00
Thierry Laurion
19d064ff96
Adding qubes-test distro public key to test QubesOS ISOs from https://qubes.notset.fr/iso/. Fixes https://github.com/osresearch/heads/issues/1010 2021-07-26 10:21:36 -04:00
Thierry Laurion
ddc5d25a25
Makefile: Add cryptsetup2 so that binaries are copied under tools.cpio when building initrd. 2021-07-26 09:42:38 -04:00
Thierry Laurion
57417e149a
init: remove double heads motd banner, keeping the one sent to tty0 which is both local and remote 2021-07-25 19:53:35 -04:00
tlaurion
9339394b69
Merge pull request #993 from Tonux599/script-exit-codes-fix
Fix exit codes for ME download scripts
2021-05-09 19:36:40 -04:00
Thomas Clarke
6f19104054
Fix exit codes for blobs/xx20/download_parse_me.sh and blobs/xx30/download_clean_me.sh
Incorrect parentheses brackets used in those scripts meant that the script as a whole did not return the correct exit code. The use of `( )` brackets created a sub-shell to which the exit code applied to that sub-shell. Changing to `{ }` does not create a sub-shell and as such, the script will return its true return code.
2021-05-10 00:01:02 +01:00
tlaurion
cae003ebc3
Merge pull request #977 from Tonux599/circleci_split_to_jobs-staging
CircleCI: Overhaul with parallelisation and parameters for a cleaner config
2021-04-27 18:10:18 -04:00
Thierry Laurion
214703f92d
CircleCI: passing CPUS=24 to CPUS=16 to try to fix latest problems linked to master not building and https://github.com/osresearch/heads/pull/977 2021-04-27 22:53:31 +01:00
tlaurion
c3b0bd6ffb
Merge pull request #986 from Thrilleratplay/patch-1
Update README.md
2021-03-15 17:13:04 -04:00
Tom Hiller
e34d59fcfd
Update README.md
Change Heads Wiki link from index.md to https://osresearch.net
2021-03-15 20:50:58 +00:00
Thomas Clarke
eb29056461
CircleCI: Overhaul with parallelisation and parameters for a cleaner config.
* Bump CircleCI config version to 2.1.
* Use commands and parameters to get rid of repeated commands. New boards can be added with just 5 lines at the bottom of the config.
* Made use of some parallelisation. Currently a single board from each Coreboot version is built. Afterwards all remaining boards are built in parallel.
2021-02-24 19:54:54 +00:00
tlaurion
1179cc0358
Merge pull request #974 from tlaurion/x230_nkstorecli_board_removal
x230-nkstorecli PoC board removal, both in tree and in CI (board buil…
2021-02-05 13:27:32 -05:00
Thierry Laurion
815a7ef245
x230-nkstorecli PoC board removal, both in tree and in CI (board builds fails. fits in maximized boards.) 2021-02-04 22:13:43 -05:00
tlaurion
883f4958f8
Merge pull request #876 from hardenedvault/cryptsetup-2.3
Upgrade to cryptsetup 2.3 and make cryptsetup1/cryptsetup2 optionals
2021-02-04 18:21:38 -05:00
tlaurion
b310fc943e
Circle ci optimization build time (#972)
* CircleCI: pass CPUS=4 to CPUS=24
2021-02-04 11:59:53 -05:00
tlaurion
1378c3287e
Merge pull request #969 from tlaurion/libusb_github_download2
libusb: replace package origin from sourceforge to github release
2021-02-02 20:25:21 -05:00
tlaurion
bc10168125
libusb: replace package origin from sourceforge to github release
without hardcoding url... sorry guys
2021-02-02 20:17:17 -05:00
tlaurion
ba863177f7
Merge pull request #968 from tlaurion/libusb_download_from_github
libusb: replace package origin from sourceforge to github release
2021-02-02 20:09:34 -05:00
Thierry Laurion
5d472ca663
libusb: replace package origin from sourceforge to github release
Last CI build in master fails because of a 302 temporary redirect resulting to bad checksum.
2021-02-02 20:04:20 -05:00
tlaurion
f156589570
Merge pull request #957 from Tonux599/support-linux-5.10.5
Bump Librem and KGPE-D16 to Linux 5.10.5
2021-02-02 17:43:45 -05:00
HardenedVault
da7f6f734f make cryptsetup1/cryptsetup2 optional 2021-01-30 07:28:28 +02:00
tlaurion
22396fba75
Merge pull request #964 from tlaurion/xx30_boards_documentation_fix
xx30 boards: correct documentation, typos
2021-01-23 11:17:05 -05:00
Thierry Laurion
041f3f1188
xx30 boards: correct documentation, typos 2021-01-17 13:47:53 -05:00
tlaurion
0d5b3d75e7
Merge pull request #962 from MrChromebox/update_hotp_verification
modules/hotp-verification: Update module to latest version
2021-01-13 12:52:40 -05:00
Matt DeVillier
df02fd934a
modules/hotp-verification: Update module to latest version
Update nitrokey-hotp-verification to upstream master, which
pulls in 2 changes:
- update OTP secret length from 20 bytes to 40 bytes
- fixes handling for branding strings containing spaces

Test: build/boot Librem 13v4, verify LK verification working

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-01-13 10:35:13 -06:00
Thomas Clarke
31edd87c89
Add CONFIG_CPU_MICROCODE_CBFS_NONE=y to KGPE-D16 Coreboot configs. This disables microcode being included and loaded by Coreboot because of a current issue in which newer kernels panic when doing so.
Added note to KGPE-D16 configs about the current microcode bug, why microcode is not included and encouraging AMD Opteron 6300 series users to make sure their operating system loads microcode.
2021-01-07 19:24:10 +00:00
Thomas Clarke
9bdf3e01dc
Update all Librem and KGPE-D16 board to build with Linux 5.10.5. Update KGPE-D16 and Librem linux configs to 5.10.5 with make savedefconfig. 2021-01-07 19:24:09 +00:00
Thomas Clarke
194edf5424
modules/linux: Add support for building against Linux 5.10.5. All patches besides 0000-efi_bds.patch port cleanly. As a result of 0000-efi_bds.patch missing, it is strongly encouraged that no linuxboot boards use Linux 5.10.5 until a proper review has been done. 2021-01-07 19:24:03 +00:00
tlaurion
6bc40d7a70
Merge pull request #943 from Tonux599/kgpe-d16-flashrom-fix
Kgpe d16 flashrom fix
2021-01-06 20:13:41 -05:00
tlaurion
9af0981473
Merge pull request #954 from tlaurion/coreboot_remove_any_toolchain
coreboot configs : remove CONFIG_ANY_TOOLCHAIN in coreboot configs
2021-01-05 21:24:25 -05:00
Thierry Laurion
7d10edb661
coreboot configs : CONFIG_ANY_TOOLCHAIN=y is not needed anymore since built against coreboot's version muslcross built toolchain. 2021-01-05 13:20:17 -05:00
tlaurion
5f0a0ac3cc
Merge pull request #952 from tlaurion/xx30-flash_remove_12mb_image
xx30-flash boards: produce top.rom and remove 12mb rom for clarity
2021-01-05 10:47:10 -05:00
tlaurion
d8c0ef0735
Merge pull request #950 from tlaurion/CircleCI_coreboot_cache
CircleCI: Add coreboot+musl-cross cache
2021-01-04 18:25:16 -05:00
Thierry Laurion
d364336913
xx30-flash boards: produce top.rom and remove 12mb rom for clarity 2021-01-04 12:19:09 -05:00
Thierry Laurion
7d2ba3d0b8
coreboot module: CPUS=$$CPUS -> CPUS=$(CPUS) 2021-01-03 23:07:51 -05:00
Thierry Laurion
bbaa049ad1
coreboot buildgcc: TEMPORARY HACK: gnu mirrors are failing because of https errors. Falling back to http. 2021-01-03 21:14:50 -05:00
Thierry Laurion
62a90ed3be
CircleCI: Add coreboot+musl-cross cache
The idea here is a cache to restore from (musl-cross from coreboot version bound crosscomipler, from which coreboot is built)

1- Reuse existing cache for all modules and patches created digest's hash past build matching cache.
(If a single module or patch changes, we have cache miss.)
2- Reuse existing coreboot and musl-cross-make created digest's hash past build's matching cache
(If a patch was added to current coreboot, or new coreboot version was added in coreboot module definition, we have a cache miss.)
3- Reuse existing musl-cross-make created digest's hash past build matching cache
(If musl-cross-make module didn't change, we don't rebuild it.)

Per https://github.com/osresearch/heads/pull/947#issuecomment-753507412 proposition
2021-01-03 21:14:44 -05:00
tlaurion
69075fa738
Merge pull request #948 from tlaurion/gpg2_default_RSA3072
oem-factory-reset: set default KEY_LENGTH to 3072 and change expectation management message to console
2021-01-03 12:32:43 -05:00
tlaurion
817e6a3068
Merge pull request #945 from tlaurion/busybox-fix-1.32
busybox: CONFIG_BASH_IS_ASH is incompatible with CONFIG_BASH_IS_NONE
2020-12-30 20:36:31 -05:00
Thierry Laurion
ee23fe9d3b
busybox: CONFIG_BASH_IS_ASH is incompatible with CONFIG_BASH_IS_NONE. Disabling the latter. 2020-12-30 20:31:37 -05:00
Thomas Clarke
a1f29410be
modules/flashrom: Enable AST1100 in flashrom. This will allow user to flash the BMC internally for KGPE-D16. 2020-12-30 19:18:04 +00:00
Thomas Clarke
aba13a9c55
modules/flashrom: Fixes two issues:
* Flashrom was being fetched with git and was always using `master`
* No patches were being applied (i.e. `0100-enable-kgpe-d16.patch` was being ignored).
2020-12-30 19:17:54 +00:00
tlaurion
69eb819958
Merge pull request #909 from Thrilleratplay/bash_is_ash
feat(busybox): set CONFIG_BASH_IS_ASH
2020-12-30 13:06:04 -05:00
tlaurion
4addeab3f5
Merge pull request #900 from tlaurion/busybox-1_32
Upgrade busybox to 1.32
2020-12-30 13:05:49 -05:00
tlaurion
7c686d576f
Merge pull request #938 from tlaurion/revert-coreboot_musl-cross-make
coreboot: revert building coreboot against musl-cross-make.
2020-12-30 13:04:50 -05:00
Thierry Laurion
8e4485347e
coreboot: revert building coreboot against musl-cross-make.
coreboot: correct $$CPUS -> $(CPUS)
2020-12-29 17:06:54 -05:00
tlaurion
b06a26f814
Merge pull request #932 from MrChromebox/coreboot_4.13
modules/coreboot: bump 4.12 build option to 4.13
2020-12-29 16:57:35 -05:00
Thierry Laurion
e9eedc4717
Upgrade busybox to 1.32
+CONFIG_STACK_OPTIMIZATION_386=y
+CONFIG_FLOAT_DURATION=y
+CONFIG_FEATURE_RTMINMAX_USE_LIBC_DEFINITIONS=y
+CONFIG_FEATURE_EDITING_WINCH=y
+CONFIG_BZIP2_SMALL=8
+CONFIG_FEATURE_CP_REFLINK=y
+CONFIG_MKTEMP=y
+CONFIG_PRINTF=y
+CONFIG_SYNC=y
+CONFIG_FEATURE_SYNC_FANCY=y
+CONFIG_CMP=y
+CONFIG_DIFF=y
+CONFIG_PATCH=y
+CONFIG_FEATURE_FIND_EXECUTABLE=y
+CONFIG_FEATURE_FIND_QUIT=y
+CONFIG_FEATURE_FIND_EMPTY=y
+CONFIG_FEATURE_GPT_LABEL=y
+CONFIG_MKFS_VFAT=y
+CONFIG_DC=y
+CONFIG_FEATURE_LESS_RAW=y
+CONFIG_FEATURE_LESS_ENV=y
+CONFIG_FEATURE_NSLOOKUP_BIG=y
+CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS=y
+CONFIG_FEATURE_NTP_AUTH=y
+CONFIG_FEATURE_TFTP_HPA_COMPAT=y
+CONFIG_PIDOF=y
+CONFIG_FEATURE_PIDOF_SINGLE=y
+CONFIG_FEATURE_PIDOF_OMIT=y
+CONFIG_SHELL_ASH=y
+CONFIG_ASH_BASH_NOT_FOUND_HOOK=y
+CONFIG_FEATURE_SH_MATH_BASE=y
+CONFIG_FEATURE_SH_EMBEDDED_SCRIPTS=y

This commit changes used compressed space from 6851524 -> 6863812.
Coherent reduction of free available space being 143768 -> 131480 before saturation.

Net increase of 24kB for busybox binary:

    busybox 1.28 : 484kB
    busybox 1.32: 508kB

Increase of 15kB of needed BIOS region space:

    ROM's initrd.cpio.xz with busybox 1.28: 3839kB
    ROM's initrd.cpio.xz with busybox 1.32: 3854kB
2020-12-29 16:49:08 -05:00