Commit Graph

1478 Commits

Author SHA1 Message Date
Matt DeVillier
83a67d2798
oem-factory-reset: fix GPG key backup filename
fix $GPG_GEN_KEY getting clobbered when using a custom password

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-02-19 16:47:51 -06:00
tlaurion
c684d6b37c
Merge pull request #681 from tlaurion/flash_sh-config_export_fix
Flash.sh cleanup: Fix FLASHROM_OPTIONS -> CONFIG_FLASHROM_OPTIONS
2020-02-19 17:44:10 -05:00
Matt DeVillier
30b098bfac
gui-init: fix checking librem key card-status
Commit 6b5adcca moved the call to enable_usb from gui-init
to init and guarded it with CONFIG_USB_KEYBOARD, but it was
missed that this is needed for the clean boot check logic
when a librem key is used. Add the call back to gui-init
and guard it properly

Test: clean_boot_detect works properly on a librem 13v4

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-02-19 16:31:39 -06:00
Thierry Laurion
62f180d098
Flash.sh cleanup: Fix FLASHROM_OPTIONS -> CONFIG_FLASHROM_OPTIONS to be exported by Makefile 2020-02-19 17:18:01 -05:00
Matt DeVillier
28fedf9a7e
modules/libremkey-hotp-verification: make reproducible
Modeled after modules/tpmtotp, use a specific git commit hash for
module libremkey-hotp-verification. Add hidapi as a submodule with
dummy/placeholder in modules (like coreboot-blobs), also specified
by git commit hash. Adjust libremkey-hotp-verification patch file
name so patch applied properly.

Addresses issue #640

Test: build Librem 13v4

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-02-19 13:37:41 -06:00
tlaurion
8e23a54f28
Merge pull request #677 from MrChromebox/usb_keyboard
init: load usb modules for devices using USB keyboard
gui-init: remove enable_usb to fix generic Heads users who wanted to release LUKS disk encryption key from TPM if measurements were valid (fix regression)
2020-02-19 12:54:26 -05:00
Sebastian McMillan
21faf524b9
T420 initial support + X220 FBWhiptail Support (#578)
* Add support for the Lenovo ThinkPad T420 and X220.
* Fix the autodetection of ifdtool and me_cleaner.
* Enable FBWhiptail mode for X220 and T420
* Decreased CBFS size to fix 50 seconds boot delay problems
2020-02-19 12:51:03 -05:00
Matt DeVillier
6b5adcca6f
init: load usb modules for devices using USB keyboard
Some (out of tree) servers require use of a USB keyboard, and need
the USB kernel modules loaded prior to checking for keypress to enter
a recovery console. Since loading the modules affects the value in PRC5
and can cause issues putting a LUKS key in TPM, guard the loading of the
USB modules with CONFIG_USB_KEYBOARD and remove the unguarded call from
gui-init.

This should resolve issues #603 and #674.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-02-19 11:40:34 -06:00
Sebastian McMillan
f0d85ba2d7
Flash.sh cleanup : flashrom specifics now in board configs (#592)
Flash.sh cleanup : flashrom specifics now in board configs (#592)
2020-02-19 12:04:56 -05:00
Gabe Gałązka
e341f40cc4
Update coreboot-x230.config 2020-02-03 22:09:42 +00:00
Gabe Gałązka
6c85d7a61e
Add ability to change CMOS values for X230
Add ability to change CMOS values by genning SMBIOS tables and using the values from stock bios, this allows for editing of SMBIOS values to change things such as VRAM allocation, FN and CTRL key swap etc
2020-02-01 17:43:35 +00:00
Kyle Rankin
bcf522cb2e
Merge pull request #666 from MrChromebox/flash_gui-fixup
flash-gui: set unset variable USB_FAILED
2020-01-29 12:00:55 -08:00
Matt DeVillier
132dcb2344
flash-gui: set unset variable USB_FAILED
Not setting USB_FAILED when call to mount-usb succeeds results
in a spurious 'sh: 0 unknown operand' error printed to console.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-01-29 13:58:29 -06:00
tlaurion
497765038e
Merge pull request #657 from MrChromebox/fix-librem-hotp
libremkey-hotp-verification: toolchain adjustments
2020-01-28 17:31:45 -05:00
tlaurion
ceda2d3e3f
Merge pull request #663 from flammit/fix-gpg-tty
init: fix invalid GPG_TTY variable
2020-01-27 20:08:10 -05:00
Francis Lam
92e706bf1b init: fix invalid GPG_TTY variable
busyboy tty isn't working after the musl-cross-make change so
revert to known good value.
2020-01-25 20:45:03 -08:00
Kyle Rankin
ac71f295a0
Merge pull request #660 from MrChromebox/update-librem-blobs
blobs/librem_{kbl,skl}: update blobs
2020-01-22 15:08:28 -08:00
Matt DeVillier
a3bbdbab54
blobs/librem*: update hashes for FSP and VBT
Update hashes of coreboot images, releases repo, FSP blobs,
and VBT file. Updated VBT from coreboot 4.11 release eliminates
flickering on some 13v4/15v4 displays.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-01-22 16:59:54 -06:00
Matt DeVillier
ad2395d3db
libremkey-hotp-verification: toolchain adjustments
Pass through new toolchain path via $(CROSS) so we can set the
c/c++ compiler paths correctly for CMake. Adjust patch to use
new paths, and fix compiler/linker paths to correct a libusb linking issue.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-01-22 12:03:05 -06:00
tlaurion
6b485ed89f
Merge pull request #655 from flammit/fix-kexec-and-repro
Fix kexec and repro
2020-01-16 19:59:10 -05:00
Francis Lam
ed3602f0ba
modules: maintain reproducibility by removing rpath 2020-01-16 09:36:42 -08:00
Francis Lam
c3213e150a
initrd: update distro keys
Update distro keys to the latest with updated expiration dates
2020-01-16 09:33:41 -08:00
Francis Lam
d63d5b4508
modules: update to use full commit id
The short commit id can cause the tar archive potentially cause
the root directory in the archive to be named with the short id
causing the verification to fail
2020-01-16 09:30:48 -08:00
Francis Lam
23d0126407
kexec: update to 2.0.20
Fix issue with kexec failing to load the target kernel when
building with musl-cross-make
2020-01-16 09:30:15 -08:00
tlaurion
8e4b10922b
Merge pull request #653 from osresearch/musl-cross-make
Use musl cross make for Heads, Linux, coreboot and edk2
2020-01-15 13:15:19 -05:00
tlaurion
a5f4d7d8be
Merge pull request #652 from osresearch/lvm-segfault
lvm2: turn off buffering, which prevents segfault with new musl (#651)
2020-01-15 13:14:30 -05:00
tlaurion
a78034d017
Merge pull request #649 from osresearch/libksba-reproducibile
libksba: fix qsort handler to reproducible sort the string table
2020-01-15 12:48:33 -05:00
Trammell hudson
6962bfda10
lvm2: turn off buffering, which prevents segfault with new musl (#651)
Signed-off-by: Trammell hudson <hudson@trmm.net>
2020-01-09 13:27:09 +01:00
Trammell hudson
1e77a72f99
circleci: skip linuxboot steps for now
Signed-off-by: Trammell hudson <hudson@trmm.net>
2020-01-09 00:07:19 +01:00
Trammell hudson
31f021e5f7
circleci: enable V=1 to produce more output and avoid timing out
Signed-off-by: Trammell hudson <hudson@trmm.net>
2020-01-08 23:26:20 +01:00
Trammell hudson
97402ed32d
circleci: replace -j4 with --load 2 2020-01-08 23:10:46 +01:00
Trammell hudson
c069901f90
circleci: no tabs!
Signed-off-by: Trammell hudson <hudson@trmm.net>
2020-01-08 22:47:27 +01:00
Trammell hudson
35ddd3e065
circleci: pre-build edk2 for linuxboot
Signed-off-by: Trammell hudson <hudson@trmm.net>
2020-01-08 22:45:39 +01:00
Trammell Hudson
fed0858126
circleci: try using the osresearch/musl-cross docker image
Signed-off-by: Trammell Hudson <hudson@trmm.net>
2020-01-08 17:33:49 +01:00
Trammell Hudson
791d064397
musl-cross-make: replace all cross compilers with musl-cross-make
Signed-off-by: Trammell Hudson <hudson@trmm.net>
2020-01-08 17:08:15 +01:00
Trammell hudson
6c93a5e854
libksba: fix name of patch file
Signed-off-by: Trammell hudson <hudson@trmm.net>
2020-01-08 10:01:21 +01:00
Trammell Hudson
69f3cc46ab
libksba: fix qsort handler to sort the string table in a reproducible way
Signed-off-by: Trammell Hudson <hudson@trmm.net>
2020-01-07 19:01:59 +01:00
alex-nitrokey
f0f6e80e95
Add option to choose GnuPG userinfo during OEM reset 2020-01-02 17:29:11 +01:00
tlaurion
8af849cadc
Merge pull request #618 from osresearch/musl-cross-pin
Pin tag of musl-cross, tpmtotp and msrtools
2019-12-06 10:52:50 -05:00
Trammell hudson
027ae39abe
modules: add module_tar_opt to allow different strip options
Signed-off-by: Trammell hudson <hudson@trmm.net>
2019-12-03 10:48:10 +01:00
tlaurion
28740017d8
Merge pull request #635 from rofl0r/musl-cross-pin
update musl-cross to 1952975
2019-12-02 23:22:40 -05:00
rofl0r
7370b75945 update musl-cross to 1952975
this should fix issues with compressed ELF header sections.
2019-12-02 23:03:14 +00:00
tlaurion
b4a647c485
Merge pull request #461 from osresearch/debug-linux
Enable verbose bootup debugging and set the early serial IO base port
2019-11-28 10:53:29 -05:00
tlaurion
81e7c1b636
Merge pull request #575 from merge/remove_keylime
initrd: remove unused keylime-init
2019-11-28 10:52:37 -05:00
tlaurion
61dd9ce2a0
Merge pull request #633 from merge/anykey_text
oem-factory-reset: Fix description for rebooting when finished
2019-11-28 10:51:43 -05:00
Martin Kepplinger
81df949632 oem-factory-reset: Fix description for rebooting when finished
As is in many cases in Heads, not any key will work, just Enter.

Signed-off-by: Martin Kepplinger <martin.kepplinger@puri.sm>
2019-11-26 18:10:39 +01:00
Kyle Rankin
bd8d1c3e3d
Merge pull request #632 from MrChromebox/password_min
oem-factory-reset: enforce 8-char min on custom password
2019-11-25 10:47:25 -08:00
Matt DeVillier
4db6fbd51a
oem-factory-reset: enforce 8-char min on custom password
Since the custom password is used to set the GPG admin
password as well as the TPM and GPG user passwords, an
8-character minimum is required. Inform the user of this,
and validate custom password length upon entry.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-11-25 12:44:56 -06:00
Kyle Rankin
8110b6192c
Merge pull request #628 from MrChromebox/hotp_check_boot
unseal-hotp: ensure /boot mounted before checking HOTP secret
2019-11-25 09:26:07 -08:00
Kyle Rankin
9576a427a0
Merge pull request #627 from MrChromebox/totp_error_prompt
gui-init: update TOTP error prompt
2019-11-25 09:23:21 -08:00