Commit Graph

22 Commits

Author SHA1 Message Date
Thierry Laurion
b9495130cf boards FLASH_OPTIONS: remove --noverify/--noverify-all for now
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-10-29 08:58:09 -04:00
Thierry Laurion
d9ad27f372 boards FLASH_OPTIONS: add --noverify. No point verifying flash with internal programmer?
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-10-29 08:58:09 -04:00
Thierry Laurion
9b101f1454 flash.sh: FLASHROM_OPTIONS->FLASH_OPTIONS: require FLASH_OPTIONS to specify flash program in board configs
- boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal

TODO: check, Might break:
- xx20 : x220/t420/t520: used hwseq: verify compat
- legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...)
- talos: linux_mtd is used: verify compat

Tested:
- x230 works with awesome progress bar on read, erase and write.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-10-29 08:58:09 -04:00
Thierry Laurion
3574e12be9
board configs: remove CONFIG_BOOT_DEV so detect_boot_device detects it prior of oem-factory-reset usage
repro:
sed -i '/CONFIG_BOOT_DEV/d' boards/*/*.config unmaintained_boards/*/*.config

qemu debug trace on preinstalled OS:
[    3.999725] [U] hello world
[    4.286215] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)
[    4.315239] TRACE: Under init
[    4.369379] DEBUG: Applying panic_on_oom setting to sysctl
[    4.588333] TRACE: /bin/cbfs-init(5): main
[    4.728310] TRACE: /bin/cbfs-init(24): main
[    4.867039] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/pubring.kbx
[    4.946757] TRACE: /bin/tpmr(788): main
[    5.006987] DEBUG: TPM: Extending PCR[7] with hash 7ccf4f64044946cf4e5b0efe3d959f00562227ae
[    5.068692] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/pubring.kbx
[    5.326365] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/pubring.kbx
[    5.399511] TRACE: /bin/tpmr(788): main
[    5.460618] DEBUG: TPM: Extending PCR[7] with hash 547ca343719d3aa62af4763357d8c10cb35eae55
[    5.524608] DEBUG: exec tpm extend -ix 7 -if /.gnupg/pubring.kbx
[    5.752340] TRACE: /bin/cbfs-init(24): main
[    5.908677] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/trustdb.gpg
[    5.988169] TRACE: /bin/tpmr(788): main
[    6.044996] DEBUG: TPM: Extending PCR[7] with hash 7236ea8e612c1435259a8a0f8e0a8f1f5dba7042
[    6.101604] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/trustdb.gpg
[    6.371341] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/trustdb.gpg
[    6.451878] TRACE: /bin/tpmr(788): main
[    6.511948] DEBUG: TPM: Extending PCR[7] with hash 4697c489f359b40dd8aec55df52a33b1f580a3df
[    6.572785] DEBUG: exec tpm extend -ix 7 -if /.gnupg/trustdb.gpg
[    6.879519] TRACE: /bin/key-init(6): main
[    8.239618] TRACE: Under /etc/ash_functions:combine_configs
[    8.323781] TRACE: Under /etc/ash_functions:pause_recovery
!!! Hit enter to proceed to recovery shell !!!
[    8.572855] TRACE: /bin/setconsolefont.sh(6): main
[    8.631296] DEBUG: Board does not ship setfont, not checking console font
[    8.887295] TRACE: /bin/gui-init(641): main
[    8.920627] TRACE: /etc/functions(715): detect_boot_device
[    9.251212] TRACE: /etc/functions(682): mount_possible_boot_device
[    9.312602] TRACE: /etc/functions(642): is_gpt_bios_grub
[    9.410830] TRACE: /dev/vda1 is partition 1 of vda
[    9.540007] TRACE: /etc/functions(619): find_lvm_vg_name
[    9.707187] TRACE: Try mounting /dev/vda1 as /boot
[    9.766843] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null)
[    9.825028] TRACE: /bin/gui-init(319): clean_boot_check

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-09 10:35:03 -04:00
Thierry Laurion
646db06eb6
boards/*/*.config: bump coreboot 4.22.01 boards config to use 24.02.01
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:35:56 -04:00
Thierry Laurion
fb616f416a
WiP 4.22.01 fhd patch test + bump all 4.19 boards to 4.22.01
- patches/coreboot-4.22.01/0001-x230-fhd-variant.patch created per
  - git fetch https://review.coreboot.org/coreboot refs/changes/50/28950/23 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-4.22.01/0001-x230-fhd-variant.patch
- all boards configs bumped with:
  - grep -Rn 4.22 boards/ | awk -F "/" {'print $2'}| while read line; do make BOARD=$line coreboot.save_in_oldconfig_format_in_place ; done

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-03-25 15:14:42 -04:00
Thierry Laurion
9b69f1b66a
boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config: unify with x230-hotp-maximized
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-02-21 13:50:28 -05:00
Thierry Laurion
7cbcdd8ed7
Tethering refresh for CDC NCM/CDC EEM mobile phones (tested on GrapheneOS Pixel 6a, no more RNDIS support)
- Add additional requirements to linux config
- Add additional CONFIG_MOBILE_TETHERING=y to all maximized board configs
- Fix issue under network-recovery-init to NTP sync against NTP server pool
- Extend network-recovery-init to first try NTP sync against DNS server returned by DHCP answer
- Remove network-recovery-init earlytty and tty0 redirection (console should be setuped properly by init in all cases)
- If CONFIG_MOBILE_TETHERING=y added to board config and network-recovery-init called, wait to user input on instructions and warning 30 secs before proceeding (non-blocking)
- Machines having STATIC_IP under board config won't benefit of autoatic NTP sync

Since network-recovery-init can only be called from recovery shell now, and recovery shell can be guarded by GPG auth, this is PoC code to be used to complement TOTP being out of sync

TODO(Future PR):
- Refactor into functions and reuse into TOTP/HOTP being out of sync automatically.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-02-21 13:50:18 -05:00
Jonathon Hall
0a823cb491
Allow laptops to include optional USB keyboard support
Laptops can include optional USB keyboard support (default off unless
the board also sets the default to 'y').  The setting is in the
configuration GUI.

CONFIG_USER_USB_KEYBOARD is now the user-controlled setting on those
boards.  'CONFIG_USB_KEYBOARD' is no longer used to avoid any conflict
with prior releases that expect this to be a compile-time setting only
(conflicts risk total lock out requiring hardware flash, so some
caution is justified IMO).

Boards previously exporting CONFIG_USB_KEYBOARD now export
CONFIG_USB_KEYBOARD_REQUIRED.  Those boards don't have built-in
keyboards, USB keyboard is always enabled. (librem_mini,
librem_mini_v2, librem_11, librem_l1um, librem_l1um_v2, talos-2,
kgpe-d16_workstation-usb_keyboard, x230-hotp-maximized_usb-kb).

Librem laptops now export CONFIG_SUPPORT_USB_KEYBOARD to enable
optional support.  The default is still 'off'.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2024-01-10 15:38:06 -05:00
Thierry Laurion
a2ebf251e0
hotp boards: enable autoboot after 5 seconds if reverse HOTP against USB Security Dongle is successful by default
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-01-09 15:06:04 -05:00
Thierry Laurion
77f9933538
xx20/xx30 blob based boards: move ME blobs target outside of board configs (targets/xx*_blobs.mk)
Makefile: have inclusion of all defined $BOARD BOARD_TARGETS (me, split_8mb4mb, ...)

TODO: VBIOS scripts for W530/T530 need way more work. To be done later.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-01-04 15:32:09 -05:00
Thierry Laurion
43d1b4ed81
xx30: have all xx30 download me automatically.
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-01-04 14:21:00 -05:00
Jonathon Hall
d512cd4ad2
12MB boards: Deduplicate generation of 8MB/4MB split ROMs
Move Makefile targets for split ROMs to targets/split_8mb4mb.mk.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2023-12-18 16:49:52 -05:00
Thierry Laurion
2fcef4a979
FB_EFI next step: remove CONFIG_BOOT_KERNEL_ADD=intel_iommu=on intel_iommu=igfx_off, add CONFIG_BOOT_KERNEL_REMOVE=intel_iommu=on intel_iommu=igfx_off, remove quiet removal from CONFIG_BOOT_KERNEL_REMOVE. TLDR: do not interfere with OS setting its own boot policies
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2023-11-20 09:40:39 -05:00
Thierry Laurion
e02228407f
boards: bump non-tpm qemu*, xx20 and xx30 boards to use linux kernel 5.10.5 2023-06-27 11:21:06 -04:00
Thierry Laurion
9830c6c4ed
io386 platform lockdown: enable on sandy/ivy/haswell maximized board configs 2023-06-20 12:36:45 -04:00
Thierry Laurion
6300dd178a
Pass all coreboot 4.13 boards to 4.19
- Add 4.19 under modules/coreboot
- point all 4.13 boards to 4.19
- adapt x230 FHD/EDP patch under patches/coreboot-4.19/0001-x230-fhd-variant.patch (poked upstream to fix patch under https://review.coreboot.org/c/coreboot/+/28950)
- correct versioning info under .circleci/config/yml
2023-02-27 18:07:06 -05:00
Thierry Laurion
03631a5e33
xx30: rename legacy boards names, remove coreboot config duplicates 2023-02-09 12:50:56 -05:00
Sergii Dmytruk
8944710033
Introduce $(board_build) variable
To be used in board configuration.  Expands to the path of the board's
build directory.  Also simplifies main Makefile a bit.

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-08-25 20:55:35 +03:00
Thierry Laurion
ba9235abcb
xx30 boards: add top bottom roms statements to get hashes under hashes.txt 2022-06-23 11:05:53 -04:00
Thierry Laurion
0bfd696fbf
xx20 and xx30: split kernel configs to legacy and maximized and board configs point to them 2022-06-10 09:52:07 -04:00
Thierry Laurion
6012e7724c
add new board x230-maximized_usb-kb
- this boards is a duplicate of x230-hotp-maximized with USB Keyboard support

Testing points:
- x230-hotp-maximized does not accept input from USB keyboard
- x230-hotp-maximized_usb-kb accepts input from USB keyboard
2022-04-05 14:09:44 -04:00