Commit Graph

364 Commits

Author SHA1 Message Date
tlaurion
61f72f8d51
Merge pull request #1232 from Unb0rn/l14-size-reduce 2022-12-01 10:03:12 -05:00
Sergii Dmytruk
572c99e898
Add flashrom to Talos II boards
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-11 00:59:12 +02:00
Sergii Dmytruk
a2475e2c53
Add flashtools to Talos II boards
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-11 00:59:12 +02:00
Thierry Laurion
77c2fb1e07 linux module: add linux.generateoldconfig and linux.modifydefconfig targets to help tweaking/version bumps 2022-11-05 21:05:08 +03:00
Daniel Pineda
8150e300ee
modules/coreboot: remove support for coreboot 4.15
patches/coreboot-4.15: remove patches for coreboot 4.15

No boards depend on it and is affected by CVE-2022-29264

Signed-off-by: Daniel Pineda <daniel.pineda@puri.sm>
2022-09-15 10:17:34 -06:00
Daniel Pineda
cc58994f3b
modules/coreboot: add support for coreboot 4.17
Update hash for coreboot module, coreboot-blobs.

Signed-off-by: Daniel Pineda <daniel.pineda@puri.sm>
2022-09-12 13:21:59 -06:00
Sergii Dmytruk
b5fb2f907c
Build agetty from util-linux and optionally add it to initrd
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-09-01 00:21:27 +03:00
Sergii Dmytruk
55ef9912aa
Add Talos 2 boards
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-08-31 00:21:28 +03:00
Sergii Dmytruk
f16e92792a
Support targeting PowerPC 64
This prepares most of the modules to be build for it.

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-08-25 20:55:39 +03:00
Sergii Dmytruk
2a44e5e7ee
Incorporate architecture into directory layout
* build/ -> build/<arch>/
 * crossgcc/ -> crossgcc/<arch>/
 * install/ -> install/<arch>/
 * packages/ -> packages/<arch>/

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-08-25 20:55:39 +03:00
Sergii Dmytruk
fa8e8843c6
Expand @VAR@ placeholders in configuration files
This makes configs much less dependent on directory layout.

As of this commit the following variables are supported:
 * @BOARD_BUILD_DIR@ - absolute path under build/
 * @BLOB_DIR@ - absolute path to blobs/

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-08-25 13:58:40 +03:00
Jonathon Hall
2c3244f48d
dropbear: Use mirror, main host is down
Switch to mirror https://mirror.dropbear.nl/

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2022-08-02 17:35:18 -04:00
Thierry Laurion
bf415a8d69
Remove local build of gawk make
-Makefile: remove local gawk and make version compare and local build
-modules: remove gawk and make
-patches: remove make

local make was added to build 4.2.1 on OSes that were having older version. It was then patched to be built on OSes having newer buildstack.
local gawk was added when GPG toolstack was older then libgpg-error 1.37. GPG toolstack was then upgraded, but local gawk stayed.

Removing those permits better parallelization and of builds and reduces CircleCI (and higher cores systems) to have race conditions and stalled builds
2022-06-23 10:51:13 -04:00
Thierry Laurion
b6651ee8ec
modules/mbetls: move dl from tls.mbed.org to github
- licensing change to APACHE 2.0
- sha256sum changed too

TODO: bump version to 3.1+, not trivial.
2022-06-17 10:15:00 -04:00
Thierry Laurion
97b124ab8e
adding the usb-hid kernel module inclusion under linux module when CONFIG_USB_KEYBOARD is defined
Testing points:
- None here. Board who exported "CONFIG_USB_KEYBOARD=y" have it packed under their initrd, but there is no logic loading the module yet.
2022-04-05 13:46:48 -04:00
Thierry Laurion
981cb96f25
Fix current builds
- zlib 1.2.12 release is not respecting cross compiling. 1.2.11 disappeared from servers: taking another archive link, same hash.
- busybox 1.32.0 was not patched with 1.28.0 patch. Renaming patch so that its applied in fresh builds.
2022-04-01 09:47:39 -04:00
Matt DeVillier
1d5f72e317 modules/coreboot: don't build IASL separate from toolchain
Older coreboot versions (pre-4.11) required IASL to be built separate
from the main toolchain (crossgcc), but that is no longer the case,
and doing so causes random failures from trying to build IASL as
part of the toolchain and separately, in parallel, each using
-j$(CPUS) threads.

Test: build any board using coreboot 4.15 under Debian 11, observe
no random failures from building the toolchain due to false positives
for a missing depencency .

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2022-02-03 15:04:09 -05:00
Thierry Laurion
7644d90160
modules/coreboot: :? is invalid. ?= defines if not previously defined 2022-01-28 13:57:48 -05:00
Matt DeVillier
5859d1438e modules/coreboot: drop support for coreboot 4.14
All boards using 4.14 have migrated to 4.15

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-12-20 22:13:36 -05:00
Matt DeVillier
1dc79eba82 modules/coreboot: add support for coreboot 4.15
Update hash for coreboot module, coreboot-blobs.
Adjust extra flags to address SNB/IVB build issue.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-12-20 22:13:36 -05:00
Matt DeVillier
3fef749bff modules/purism-blobs: update to current HEAD
Updates CPU microcodes for all Librem boards.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-12-20 22:13:36 -05:00
Thierry Laurion
e492786d0a CircleCI: fix #1058 and partly #984
CircleCI: We currently drop coreboot 4.11 builds.
- There is a file missing in the builds. Not sure why/how this is happening
src/soc/intel/fsp_broadwell_de/romstage/romstage.c:41:10: fatal error: build.h: No such file or directory
Example:https://app.circleci.com/pipelines/github/tlaurion/heads/877/workflows/7d0248d2-459c-42ad-b741-8fd56a75d527/jobs/2487
- kgpe-d16_workstation building for all GPUs is unfortunately taking too much time to build (40 minutes).
- Not sure why, but it seems that the kernel build paralellization is not working for 4.11 while it works for 4.13
Makefile: Uncomment MAKE_JOBS which passes the number of jobs to numbers cores by default and --max-load of 16
CircleCI: Remove CPUS statement to use Makefile default
modules/newt: force build with one make job, otherwise there is a race condition in module which fails randomly expecting build modules. (TODO: FIX)

Interestingly, building all coreboot 4.13 boards is happening on a clean commit just above 1h limit.

More details:
- CircleCI changed job build time to a maximum of 1h each.
- CircleCI now permits parallelization of 30 jobs
- 6000 build minutes a month.
- Still waiting for osresearch/heads CircleCI project to be unlocked (currently not recognized as open source project?!)
2021-12-04 15:51:53 -05:00
Thierry Laurion
ee5073ebe8 CircleCI: add large ressource class for free tier as defined under https://support.circleci.com/hc/en-us/articles/4410707277083-Context-deadline-exceeded-after-1-hour-Build-timed-out-Free-tier-only-
Readd https://github.com/osresearch/heads/pull/984 without cache
Add kgpe-d16 musl-cross target prior of having kgpe-d16 depend on musl-cross target (To try to have musl-cross step successfull under 1h CircleCI new limit)
CircleCI: add a subcommand that can follow a target (to build musl-cross-make now and coreboot version specific musl-cross later)
Output of hashes is now optional
29/11/2021 CircleCI public information available states parallelization of up to 30 jobs at a time. Let's play
- We first build heads musl-cross-make and persist (passing musl-cross-make into next job)
- We then build per coreboot version board with coreboot make statement only and persist (passing musl-cross-make + coreboot's musl-cross buildstack)
- We then build per coreboot version board (reusing past build musl-cross-make and coreboot's version musl-cross buildstack)
Remove 4.11 boards for the moment to test only build time and parallelization
2021-12-04 15:51:53 -05:00
Matt DeVillier
e3e1ac6839 modules/purism-blobs: update to HEAD at 4.14-Purism-1 coreboot tag
Adds blobs for Librem 14, update CPU microcode

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-10-15 15:11:39 -04:00
Matt DeVillier
62da6a0279 modules/coreboot: Add option to build using coreboot 4.14
Add hashes for coreboot, coreboot-blobs

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-10-15 15:11:39 -04:00
Matt DeVillier
7f13418a9a
kexec: Update to version 2.0.22 (was: 2.0.20)
Update version, download hash, patch filename.

Fixes some IOMMU-related issues on Librem Mini v1/v2, L14

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-09-15 10:22:54 -05:00
Sergii Dmytruk
268f628c74
Build musl-cross in parallel
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2021-07-26 12:02:10 +03:00
Sergii Dmytruk
14c7bb6b7a
Allow using files other than coreboot.rom
Talos 2 will need signed ROM with ECC and an analogous separate bootblock
file.

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2021-07-26 12:02:10 +03:00
Sergii Dmytruk
97dc552d28
Support generation of bundled kernel
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2021-07-26 12:02:08 +03:00
tlaurion
883f4958f8
Merge pull request #876 from hardenedvault/cryptsetup-2.3
Upgrade to cryptsetup 2.3 and make cryptsetup1/cryptsetup2 optionals
2021-02-04 18:21:38 -05:00
tlaurion
bc10168125
libusb: replace package origin from sourceforge to github release
without hardcoding url... sorry guys
2021-02-02 20:17:17 -05:00
Thierry Laurion
5d472ca663
libusb: replace package origin from sourceforge to github release
Last CI build in master fails because of a 302 temporary redirect resulting to bad checksum.
2021-02-02 20:04:20 -05:00
tlaurion
f156589570
Merge pull request #957 from Tonux599/support-linux-5.10.5
Bump Librem and KGPE-D16 to Linux 5.10.5
2021-02-02 17:43:45 -05:00
HardenedVault
da7f6f734f make cryptsetup1/cryptsetup2 optional 2021-01-30 07:28:28 +02:00
Matt DeVillier
df02fd934a
modules/hotp-verification: Update module to latest version
Update nitrokey-hotp-verification to upstream master, which
pulls in 2 changes:
- update OTP secret length from 20 bytes to 40 bytes
- fixes handling for branding strings containing spaces

Test: build/boot Librem 13v4, verify LK verification working

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-01-13 10:35:13 -06:00
Thomas Clarke
194edf5424
modules/linux: Add support for building against Linux 5.10.5. All patches besides 0000-efi_bds.patch port cleanly. As a result of 0000-efi_bds.patch missing, it is strongly encouraged that no linuxboot boards use Linux 5.10.5 until a proper review has been done. 2021-01-07 19:24:03 +00:00
tlaurion
6bc40d7a70
Merge pull request #943 from Tonux599/kgpe-d16-flashrom-fix
Kgpe d16 flashrom fix
2021-01-06 20:13:41 -05:00
Thierry Laurion
7d2ba3d0b8
coreboot module: CPUS=$$CPUS -> CPUS=$(CPUS) 2021-01-03 23:07:51 -05:00
Thomas Clarke
a1f29410be
modules/flashrom: Enable AST1100 in flashrom. This will allow user to flash the BMC internally for KGPE-D16. 2020-12-30 19:18:04 +00:00
Thomas Clarke
aba13a9c55
modules/flashrom: Fixes two issues:
* Flashrom was being fetched with git and was always using `master`
* No patches were being applied (i.e. `0100-enable-kgpe-d16.patch` was being ignored).
2020-12-30 19:17:54 +00:00
tlaurion
4addeab3f5
Merge pull request #900 from tlaurion/busybox-1_32
Upgrade busybox to 1.32
2020-12-30 13:05:49 -05:00
Thierry Laurion
8e4485347e
coreboot: revert building coreboot against musl-cross-make.
coreboot: correct $$CPUS -> $(CPUS)
2020-12-29 17:06:54 -05:00
tlaurion
b06a26f814
Merge pull request #932 from MrChromebox/coreboot_4.13
modules/coreboot: bump 4.12 build option to 4.13
2020-12-29 16:57:35 -05:00
Thierry Laurion
e9eedc4717
Upgrade busybox to 1.32
+CONFIG_STACK_OPTIMIZATION_386=y
+CONFIG_FLOAT_DURATION=y
+CONFIG_FEATURE_RTMINMAX_USE_LIBC_DEFINITIONS=y
+CONFIG_FEATURE_EDITING_WINCH=y
+CONFIG_BZIP2_SMALL=8
+CONFIG_FEATURE_CP_REFLINK=y
+CONFIG_MKTEMP=y
+CONFIG_PRINTF=y
+CONFIG_SYNC=y
+CONFIG_FEATURE_SYNC_FANCY=y
+CONFIG_CMP=y
+CONFIG_DIFF=y
+CONFIG_PATCH=y
+CONFIG_FEATURE_FIND_EXECUTABLE=y
+CONFIG_FEATURE_FIND_QUIT=y
+CONFIG_FEATURE_FIND_EMPTY=y
+CONFIG_FEATURE_GPT_LABEL=y
+CONFIG_MKFS_VFAT=y
+CONFIG_DC=y
+CONFIG_FEATURE_LESS_RAW=y
+CONFIG_FEATURE_LESS_ENV=y
+CONFIG_FEATURE_NSLOOKUP_BIG=y
+CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS=y
+CONFIG_FEATURE_NTP_AUTH=y
+CONFIG_FEATURE_TFTP_HPA_COMPAT=y
+CONFIG_PIDOF=y
+CONFIG_FEATURE_PIDOF_SINGLE=y
+CONFIG_FEATURE_PIDOF_OMIT=y
+CONFIG_SHELL_ASH=y
+CONFIG_ASH_BASH_NOT_FOUND_HOOK=y
+CONFIG_FEATURE_SH_MATH_BASE=y
+CONFIG_FEATURE_SH_EMBEDDED_SCRIPTS=y

This commit changes used compressed space from 6851524 -> 6863812.
Coherent reduction of free available space being 143768 -> 131480 before saturation.

Net increase of 24kB for busybox binary:

    busybox 1.28 : 484kB
    busybox 1.32: 508kB

Increase of 15kB of needed BIOS region space:

    ROM's initrd.cpio.xz with busybox 1.28: 3839kB
    ROM's initrd.cpio.xz with busybox 1.32: 3854kB
2020-12-29 16:49:08 -05:00
Devon Bautista
d2b41c5249
modules/coreboot: $$CPUS --> $(CPUS) 2020-12-26 13:37:36 -08:00
Devon Bautista
b85dadee76
modules/linuxboot: $$CPUS --> $(CPUS) 2020-12-26 12:19:10 -08:00
Matt DeVillier
883ac669a8
modules/coreboot: bump 4.12 build option to 4.13
- update module hash and blobs hash
- drop patches no longer needed; migrate those that remain
- adjust Librem Mini/Mini v2 board configs

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-12-14 21:03:32 -06:00
Trammell hudson
fbd38155d9
non-coreboot-builds: do not error if CONFIG_COREBOOT_VERSION is not set
Signed-off-by: Trammell hudson <hudson@trmm.net>
2020-11-25 14:43:07 +01:00
Matt DeVillier
1241f9714f modules/purism-blobs: Update module pointer and hash
Update purism-blobs for Librem Mini v2 release

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-11-19 15:39:44 -05:00
HardenedVault
057cc3c377 [WIP] cross build json-c and cryptsetup 2020-10-28 15:28:05 +02:00