Commit Graph

183 Commits

Author SHA1 Message Date
tlaurion
c1fb04cd5c
Merge pull request #1241 from tlaurion/qemu_CONFIG_BOOT_RECOVERY_SERIAL 2022-11-15 11:15:11 -05:00
tlaurion
a9bee2885b
Merge pull request #1242 from tlaurion/talos_cryptsetup2
talos boards: pass cryptsetup to cryptsetup2 to support TPM released disk encryption key
2022-11-11 16:19:42 -05:00
Thierry Laurion
ce19a5fb61
Add CONFIG_BOOT_RECOVERY_SERIAL to qemu board configs to interact with host through serial 2022-11-11 15:19:37 -05:00
Sergii Dmytruk
f6999707b8
boards/talos-2_*: build tgz with all output files + hash
This makes output suitable for use via Heads' menus.

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-11 00:59:12 +02:00
Sergii Dmytruk
976f57f008
boards/talos-2_*: version zImage.bundled
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-11 00:59:12 +02:00
Sergii Dmytruk
572c99e898
Add flashrom to Talos II boards
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-11 00:59:12 +02:00
Sergii Dmytruk
a2475e2c53
Add flashtools to Talos II boards
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-11 00:59:12 +02:00
Thierry Laurion
93986e8c71
talos boards: pass cryptsetup to cryptsetup2 to support TPM released disk encryption key testing 2022-11-10 14:12:24 -05:00
Thierry Laurion
9258ca7a68
xx30 - pack cryptsetup2 instead of cryptsetup 2022-09-16 12:51:38 -04:00
Daniel Pineda
1cab17ae30
board/librem_*: Update to coreboot 4.17
Signed-off-by: Daniel Pineda <daniel.pineda@puri.sm>
2022-09-12 13:22:00 -06:00
Sergii Dmytruk
d0ef7e8c1f
Enable Infineon TPM1 for Talos-2 boards
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-09-01 00:28:16 +03:00
Sergii Dmytruk
72110e5915
Enable OpenBMC VGA console for Talos-2 boards
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-09-01 00:28:16 +03:00
Sergii Dmytruk
55ef9912aa
Add Talos 2 boards
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-08-31 00:21:28 +03:00
Sergii Dmytruk
8944710033
Introduce $(board_build) variable
To be used in board configuration.  Expands to the path of the board's
build directory.  Also simplifies main Makefile a bit.

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-08-25 20:55:35 +03:00
Jonathon Hall
2ca34803af
qemu: Add qemu-coreboot-whiptail-tpm1 configuration
This configuration uses a console interface instead of fbwhiptail, and
no USB token is required.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2022-08-24 13:04:07 -04:00
Jonathon Hall
ef3cd5c65f
qemu-coreboot-fbwhiptail-tpm1-hotp: Virtio video/storage, serial
Enable virtio video and storage.

Enable serial console and tweak kernel command line to show logs.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2022-08-24 13:04:07 -04:00
Jonathon Hall
73eccb364a
qemu: Add qemu-coreboot-fbwhiptail-tpm1-hotp for complete testing in QEMU
Add qemu-coreboot-fbwhiptail-tpm1-hotp configuration, which has a 'run'
target to boot with a persistent TPM, disk, virtual USB disk, and USB-
forwarded token
Provide instructions for bootstrapping a complete working system in qemu

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2022-08-24 13:04:06 -04:00
Jonathon Hall
3e5fd6be75
qemu: Build ATA support into kernel, enable OHCI/UHCI
Set ATA and SATA configs to y, not m - modules weren't being loaded.  Other
configs also build these into kernel, so do the same for qemu.  Remove relevant
configs from boards since modules no longer need to be in initrd.

Enable OHCI and UHCI.  qemu forwards host USB devices over a UHCI controller.
This enables USB-forwarding a physical Librem Key or Nitrokey Pro to the VM.
Export CONFIG_LINUX_USB_COMPANION_CONTROLLER to have enable_usb() load the
modules - it wants both UHCI and OHCI modules, so build both.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2022-08-24 13:03:53 -04:00
Thierry Laurion
ba9235abcb
xx30 boards: add top bottom roms statements to get hashes under hashes.txt 2022-06-23 11:05:53 -04:00
Thierry Laurion
0bfd696fbf
xx20 and xx30: split kernel configs to legacy and maximized and board configs point to them 2022-06-10 09:52:07 -04:00
Thierry Laurion
6012e7724c
add new board x230-maximized_usb-kb
- this boards is a duplicate of x230-hotp-maximized with USB Keyboard support

Testing points:
- x230-hotp-maximized does not accept input from USB keyboard
- x230-hotp-maximized_usb-kb accepts input from USB keyboard
2022-04-05 14:09:44 -04:00
Thierry Laurion
065cbfda7b
boards/xx30-flash: change board configs to be solely include flashrom module.
Those boards now produce 4MB coreboot ROM and according CBFS small size, and remove the logic to extract 4Mb ROM out of the 12Mb rom which for some reason, was now misaligned.
config/coreboot-xx30-flash : remove all unnneded stuff to xx30-flash boards.
config/linux-x230-flash: used commonly for all xx30-flash boards, this is now finally saved with savedeconfig, and removes another bunch of unneeded stuff.

Tested working. Fixes #1095
2022-02-17 20:20:43 -05:00
tlaurion
fde7ee2b11
Merge pull request #1100 from tlaurion/board_configs_fixes_CONFIG_BOARD_NAME
boards/* : Add/uniformize missing CONFIG_BOARD_NAME for coreboot boards
2022-01-28 20:55:37 -05:00
Thierry Laurion
37ee3f37ad
boards/* : Add/uniformize missing CONFIG_BOARD_NAME for coreboot boards 2022-01-28 14:17:22 -05:00
Matt DeVillier
31214381a2
board/librem_*: Switch to cryptsetup2
Required to decrypt some volumes encrypted via LUKS2
(eg, Qubes 4.1 dom0 / root partition)

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2022-01-27 16:40:47 -06:00
eganonoa
a5b27e485f Adding explanatory notes re t530 and w530 dgpus
This commit adds explanatory notes  and updates existing t530 and w530 boards to generally align them with the dGPU points and provide signposting for those with and those without dGPU boards. It also adds an additional README in the blobs directory to explain the vbios extraction and building process.
2021-12-28 11:10:58 -05:00
eganonoa
a854144e2d Add support for t530 and w530 dGPU
This commit adds support for the t530 and w530 boards to enable dGPUs. dGPU's are required for DisplayPort external displays in the t530 dgpu model, and for both the VGA dn DisplayPort external displays in the W530 (which has two dGPUs, the K1000M and K2000M, hence two boards).  The commit does the following:

1. Adds automated extraction scripts for vbios modelled on the me script in the blobs directory (one per board is necessary as it is based on board-specific bios updates).
2. Adds specific boards for the various dGPU models and corresponding coreboot configs.
3. Updates circleci config.yaml to run scripts and test boards.

Tested and working on T530 dgpu and W530 K1000M. dGPU scripts tested on Debian 10 and Ubuntu 21.04
2021-12-28 11:10:58 -05:00
Matt DeVillier
51a1119973 boards/librem_*: Unify/update kernel IOMMU params
Unify the CONFIG_BOOT_KERNEL_ADD/REOVE parameters for all
Librem boards. Ensure IOMMU disabled for the GPU, and that
duplicated IOMMU params are not passed to the kernel.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-12-20 22:13:36 -05:00
Matt DeVillier
c5d9fa484b boards/librem_*: Update to coreboot 4.15
Update all Purism Librem boards except the L1UM server
to coreboot 4.15:

- update coreboot version from 4.8.1/4.13 to 4.15
- use purism_blobs module (if not already)
- update board coreboot defconfig files (Librem 13/15)

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-12-20 22:13:36 -05:00
Thierry Laurion
415a08a732 board additions: w530, t530, t520 (hotp-maximized and maximized flavors only)
-CircleCI addition.
-Removal of t530-flash, w530-flash boards, flash scripts and associated coreboot configs (no more legacy boards additions)

This is a merger of #1071, #1072 and #1073 so that test builds are available over CircleCI until osresearch/master CircleCI gets unlocked.
2021-12-06 19:52:25 -05:00
eganonoa
f8a30866a8 Reverting to coreboot 4.13 2021-12-06 19:52:25 -05:00
eganonoa
5263aa9c2f Reverting to coreboot 4.13 2021-12-06 19:52:25 -05:00
eganonoa
8aa11bae40 Update t530-flash.config 2021-12-06 19:52:25 -05:00
eganonoa
b4368f3df0 Reverting to coreboot 4.13 2021-12-06 19:52:25 -05:00
eganonoa
38b29cb9f7 Reverting to coreboot 4.13 2021-12-06 19:52:25 -05:00
eganonoa
ce435a4148 adding working w530 board, initrd and config files 2021-12-06 19:52:25 -05:00
eganonoa
652bcb8ad0 reverting to coreboot 4.8.1 (4.13, 4.14 both working) 2021-12-06 19:52:25 -05:00
eganonoa
66e5c23b13 adding working t530 board, initrd and config files 2021-12-06 19:52:25 -05:00
eganonoa
90984baca7 adding working t520 baord and configs 2021-12-06 19:52:25 -05:00
Thierry Laurion
40babfeaf4 t430-hotp-verification: addition of t430 counterpart of non-maximized x230-hotp-verification board 2021-12-04 15:51:53 -05:00
Thierry Laurion
2d8d45c02e t420 board was still based on coreboot 4.8.1. blobs still depend on blobs/t420/* presence. 2021-12-04 15:51:53 -05:00
Thierry Laurion
41847f5cd2 move all other boards (but KGPE-D16) to coreboot 4.13
- xx30 legacy boards (x230, x230-flash, t430, t430-flash) now rely also on coreboot 4.13
  - DOWNSIDE: x230 and t430 legacy boards now rely on WHIPTAIL (NOT FBWhiptail) to have enough space to fit under 7mb)
- xx20 boards moved to 4.13 (no need of xx20-flash boards here since single SPI boards with 7.5mb useable since blobs scripts are required)
  - DOWNSIDE: all xx20 boards now have dropbear deactivated, while still having ethernet driver in.
- qemu-coreboot and qemu-coreboot-fbwhiptail switched to coreboot 4.13 WITHOUT TPM SUPPORT (with cryptsetup 2.x support)
  - DOWNSIDE:
    - coreboot-qemu board CBFS_SIZE=0x700000 -> 0x750000
    - coreboot-qemu-fbwhiptail CBFS_SIZE=0x750000 -> 0x780000
- CircleCi build recipe removes 4.8.1 boards altogether
  - KGPE-D16 workstation is used as new base build to save workspace layer (we removed one workspace layer)
  - Removing one workspace layer will save approx 2 hours of build time on fresh builds
  - Removing one coreboot version will save us approx 2 hours of build time on fresh builds
  - KGPE-D16 will stay to coreboot 4.11 until forward notice.
  - All other board configs SHOULD be built on latest coreboot versions
2021-12-04 15:51:53 -05:00
Thierry Laurion
c7e651d663 xx20/xx30 boards uniformisation when switching to coreboot 4.13
- all: coreboot NO_POST for all boards
- all: coreboot NO_GFX_INIT (linux payload does the graphic init)
- all: coreboot TPM_MEASURED_BOOT (no more patches under Heads for measured boot)
- all: coreboot DRIVERS_PS2_KEYBOARD (fixes no keyboard on soft reboot and potentially xx30t xx20t fix for random raw keyboard (to be tested)
- all: coreboot removal of DEFAULT_CONSOLE_LOGLEVEL_5 under some boards
- all: coreboot removal of "loglevel=3" under some linux command line options booting Heads kernel
- all: coreboot removal of DEBUG_SMM_RELOCATION (unneeded)
- all: coreboot INCLUDE_CONFIG_FILE and COLLECT_TIMESTAMPS for all boards
- all: coreboot CONSOLE_SERIAL present on all boards
- all: coreboot add VBT
- all: board configs switch to cryptsetup2

xx20 hotp-maximized boards:
- removal of dropbear (not enough space to have htop + dropbear)

txx0 boards coreboot:
- USE_OPTION_TABLE and STATIC_OPTION_TABLE added (todo: check T430 boards optimization and find issue/PR and ammend this commit)
2021-12-04 15:51:53 -05:00
Thierry Laurion
e8032924c1 x230-maximized boards: build against coreboot 4.13 2021-12-04 15:51:53 -05:00
natterangell
54a3b07947 t420-maximized boards: build against coreboot 4.13 2021-12-04 15:51:53 -05:00
Thierry Laurion
561d01c863 KGPE-D16: remove BOOT_GUI_MENU_NAME and BG_COLOR as under all other boards. 2021-10-29 13:45:22 -04:00
Matt DeVillier
ed0282d33e Add new board Purism Librem 14
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-10-15 15:11:39 -04:00
Matt DeVillier
e6dbfab3c2 board/librem_{mini,mini_v2}: Migrate from coreboot 4.13 to 4.14
- adjust board configs
- move/rename coreboot patch
- adjust comment in CI config

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-10-15 15:11:39 -04:00
Matt DeVillier
c8f85c41d3
board/librem_{mini,v2}: Disable iGPU passthru for consistency
We use 'iommu=igfx_off' for booting the Heads kernel, so use the same for
booting the OS to ensure consistency when kexecing

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-10-08 17:38:59 -05:00
Thierry Laurion
815a7ef245
x230-nkstorecli PoC board removal, both in tree and in CI (board builds fails. fits in maximized boards.) 2021-02-04 22:13:43 -05:00