Update Purism coreboot to 24.02.01-Purism-1.
Remove CFLAGS overrides when building coreboot. These overrides break
24.02.01, which added (and needs) --param=min-pagesize=1024. This has
happened repeatedly in the past since Heads has to duplicate coreboot's
CFLAGS if it overrides them.
Specifically, the build fails with this error:
src/commonlib/include/commonlib/endian.h:27:26: error: array subscript 1 is outside array bounds of 'void[0]' [-Werror=array-bounds=]
27 | *(uint8_t *)dest = val;
| ~~~~~~~~~~~~~~~~~^~~~~
In function 'setup_default_ebda':
cc1: note: source object is likely at address zero
That's because coreboot is attempting to write to EBDA at physical
address 0x40e, just above 1024. That is a valid address for x86, but
it's too close to 0 by default for GCC, --param-min-pagesize=1024
allows writes to physical addresses above 1024.
coreboot shouldn't need any of the usual Heads CFLAGS overrides for
reproducibility; it is already reproducible.
Fix indentation in modules/coreboot. Make accepted it before because
the indented lines followed a variable assignment, so they couldn't
be part of a recipe. That assignment is now gone, so they're now
interprted as part of a recipe for the `.configured` target just above,
they should not be indented.
Add nss to flake.nix, needed as of 24.02.01.
Update Librem coreboot configs for 24.02.01-Purism-1. Notably, the
board Kconfig changed for Mini v2 in coreboot, so this is needed for
correct builds.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
intel_iommu=igfx_off is needed on the Heads kernel command line for
memtest86+ to work. Without this parameter, the screen blanks when
memtest86+ starts testing.
This is unique to Librem 11, probably because it is the only device
using FSP GOP for graphics init in coreboot. (libgfxinit does not yet
support Jasper Lake.)
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
- flake.lock: bumps lcoekd package list to latest packages list through 'nix flake update'
- flake.nix : comment out customizations of derivatives, removing canokey-qemu lib since qemu_full depends on qemu which depends on canokey-qemu by default now
- flake.nux: add 'less' so that 'git log' is usable
- circleci/config.yml: use docker v0.1.9
- README.md : update docker image maintainer notes to ease upstreaming of docker images and for others to play around, requiring dockerhub account
For testing iterations of this, I used:
docker_version="v0.1.9" && docker_hub_repo="tlaurion/heads-dev-env" && sed "s@\(image: \)\(.*\):\(v[0-9]*\.[0-9]*\.[0-9]*\)@\1\2:$docker_version@" -i .circleci/config.yml && nix --print-build-logs --verbose develop --ignore-environment --command true && nix build .#dockerImage && docker load < result && docker tag linuxboot/heads:dev-env "$docker_hub_repo:$docker_version" && docker push "$docker_hub_repo:$docker_version"
Then added final commit, and pushed.
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
- Revert gnupg toolstack version bump to prior of #1661 merge (2.4.2 -> 2.4.0). Version bump not needed for reproducibility.
- Investigation and upstream discussions will take their time resolving invalid time issue introduced by between 2.4.0 and latest gnupg, fix regression first under master)
- oem-factory-reset
- Adding DO_WITH_DEBUG to oem-factory-reset for all its gpg calls. If failing in debug mode, /tmp/debug.txt contains calls and errors
- Wipe keyrings only (*.gpg, *.kbx) not conf files under gpg homedir (keep initrd/.gnupg/*.conf)
- flake.nix
- switch build derivative from qemu and qemu_kvm to qemu_full to have qemu-img tool which was missing to run qemu boards (v0.1.8 docker)
- add gnupg so that qemu boards can call inject_gpg to inject public key in absence of flashrom+pflash support for internal flashing
- flake.lock: Updated nix pinned package list under flake.lock with 'nix flake update' so qemu_full builds
- README.md: have consistent docker testing + release (push) notes
- .circleci/config.yml: depend on docker v0.1.8 (qemu_full built with canokey-qemu lib support, diffoscopeMinimal and gnupg for proper qemu testing)
TODO:
- some fd2 instead of fd1?!
- oem-factory-resest has whiptail_or_die which sets whiptail box to HEIGHT 0. This doesn't show a scrolling window on gpg errors which is problematic with fbwhiptail, not whiptail
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
PR numbers being numerical and hopefully not conflicting with each other, keeping track of commits per their upstream PR should make sure they can be applied cleanly on top of each other
as opposed to commit id related patches that git apply will apply in random order.
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
flake.nix: add canokey-qemu lib, derivate qemu on tope of it and have qemu_kvm depend on qemu derivative
targets/qemu.mk: modified to had canokey support by default if no "USB_TOKEN=" specified on make run call
CircleCI: base docker image pull on v0.1.6 containing the newly added derivatives
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
removes a comment:
-# CONFIG_DASHARO_FIRMWARE_UPDATE_MODE is not set
- Unify ns50/nv41
- CONFIG_TPM_PIRQ=0x27 in both nv41/ns50 as per https://github.com/linuxboot/heads/pull/1662#issuecomment-2100820944
NOTE that this doesn't stick when calling
make[1]: Leaving directory '/home/user/heads/build/x86/coreboot-dasharo'
user@heads-tests-deb12:~/heads$ git diff
diff --git a/config/coreboot-nitropad-nv41.config b/config/coreboot-nitropad-nv41.config
index 9484aaf5122..ddd4e5d7c56 100644
--- a/config/coreboot-nitropad-nv41.config
+++ b/config/coreboot-nitropad-nv41.config
@@ -143,7 +143,7 @@ CONFIG_BOARD_CLEVO_NV40PZ_BASE=y
CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NV41"
CONFIG_CONSOLE_POST=y
# CONFIG_USE_PM_ACPI_TIMER is not set
-CONFIG_TPM_PIRQ=0x27
+CONFIG_TPM_PIRQ=0x0
# CONFIG_SOC_INTEL_CSE_SEND_EOP_EARLY is not set
CONFIG_VBOOT_FWID_VERSION="$(CONFIG_LOCALVERSION)"
CONFIG_EC_SYSTEM76_EC_BAT_THRESHOLDS=y
Also note that CONFIG_EC_SYSTEM76_EC_DGPU=y is not present on ns50 as opposed to nv41, whatever that does.
user@heads-tests-deb12:~/heads$ diff -u config/coreboot-nitropad-nv41.config config/coreboot-nitropad-ns50.config
--- config/coreboot-nitropad-nv41.config 2024-05-10 14:59:42.156754718 -0400
+++ config/coreboot-nitropad-ns50.config 2024-05-10 14:55:37.699761391 -0400
@@ -110,7 +110,7 @@
# CONFIG_VENDOR_TI is not set
# CONFIG_VENDOR_UP is not set
CONFIG_MAINBOARD_FAMILY="Not Applicable"
-CONFIG_MAINBOARD_PART_NUMBER="nv40pz"
+CONFIG_MAINBOARD_PART_NUMBER="ns50pu"
CONFIG_MAINBOARD_VERSION="v2.1"
CONFIG_MAINBOARD_DIR="clevo/adl-p"
CONFIG_DIMM_MAX=4
@@ -128,7 +128,7 @@
CONFIG_DEVICETREE="devicetree.cb"
# CONFIG_VBOOT is not set
CONFIG_VBOOT_VBNV_OFFSET=0x28
-CONFIG_VARIANT_DIR="nv40pz"
+CONFIG_VARIANT_DIR="ns50pu"
CONFIG_OVERRIDE_DEVICETREE="variants/$(CONFIG_VARIANT_DIR)/overridetree.cb"
# CONFIG_VGA_BIOS is not set
CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="Nitrokey"
@@ -139,8 +139,8 @@
CONFIG_CMOS_LAYOUT_FILE="src/mainboard/$(MAINBOARDDIR)/cmos.layout"
CONFIG_BOOT_DEVICE_SPI_FLASH_BUS=0
CONFIG_BOARD_CLEVO_ADLP_COMMON=y
-CONFIG_BOARD_CLEVO_NV40PZ_BASE=y
-CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NV41"
+CONFIG_BOARD_CLEVO_NS50PU_BASE=y
+CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NS51"
CONFIG_CONSOLE_POST=y
# CONFIG_USE_PM_ACPI_TIMER is not set
CONFIG_TPM_PIRQ=0x27
@@ -158,8 +158,8 @@
CONFIG_HAVE_INTEL_FIRMWARE=y
CONFIG_MRC_SETTINGS_CACHE_SIZE=0x10000
CONFIG_DRIVERS_INTEL_WIFI=y
-CONFIG_IFD_BIN_PATH="3rdparty/dasharo-blobs/novacustom/nv4x_adl/descriptor.bin"
-CONFIG_ME_BIN_PATH="3rdparty/dasharo-blobs/novacustom/nv4x_adl/me.bin"
+CONFIG_IFD_BIN_PATH="3rdparty/dasharo-blobs/novacustom/ns5x_adl/descriptor.bin"
+CONFIG_ME_BIN_PATH="3rdparty/dasharo-blobs/novacustom/ns5x_adl/me.bin"
CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x20000
CONFIG_VBT_DATA_SIZE_KB=9
CONFIG_CARDBUS_PLUGIN_SUPPORT=y
@@ -176,8 +176,8 @@
#
# Alder Lake P (2022)
#
-# CONFIG_BOARD_NOVACUSTOM_NS5X_ADLP is not set
-CONFIG_BOARD_NOVACUSTOM_NV4X_ADLP=y
+CONFIG_BOARD_NOVACUSTOM_NS5X_ADLP=y
+# CONFIG_BOARD_NOVACUSTOM_NV4X_ADLP is not set
#
# Tiger Lake U (2021)
@@ -503,7 +503,6 @@
#
CONFIG_EC_ACPI=y
CONFIG_EC_SYSTEM76_EC=y
-CONFIG_EC_SYSTEM76_EC_DGPU=y
#
# Intel Firmware
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Also disable bootsplash resizing to center the logo in the middle of
the screen.
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
