Commit Graph

2821 Commits

Author SHA1 Message Date
Michał Kopeć
c516918fac
patches/coreboot-dasharo-unreleased: add back JPEG patches
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-11 18:31:30 +01:00
Michał Kopeć
7323fef604
modules/coreboot: bump for MTL S3
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-10 18:24:47 +01:00
Michał Kopeć
b5fe89903d
config/coreboot-novacustom-v5*: set ME HAP, prefer S3 sleep
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-10 18:22:00 +01:00
Michał Kopeć
ac43d5e78b
config/coreboot-novacustom-v5*: bump version to rc2
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-10 13:10:06 +01:00
Michał Kopeć
1d7b442668
novacustom-v560tu: sync to v540tu
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-10 12:41:39 +01:00
Michał Kopeć
5b444119ca
config/coreboot-novacustom-v540tu.config: disable serial console
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-09 16:30:16 +01:00
Michał Kopeć
6174b63a12
novacustom-v540tu: enable PR0 lockdown in SMM
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-09 16:21:45 +01:00
Michał Kopeć
bb6c83de49
modules/coreboot: add commented out patch version
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-04 18:13:07 +01:00
Michał Kopeć
34ee256dd2
modules/coreboot: bump dasharo fork for PRR lockdown
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-04 18:11:54 +01:00
Michał Kopeć
0f339496a7
Add NovaCustom V560TU
as a copy of V540TU

Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-04 13:51:55 +01:00
Michał Kopeć
ad6605d84b
config/coreboot-novacustom-v540tu.config: set version to rc1
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-04 13:51:49 +01:00
Michał Kopeć
0cdba412ef
modules/coreboot: dasharo: reuse 24.02.1 toolchain
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-04 12:46:38 +01:00
Michał Kopeć
b6f5c6d245
modules/coreboot: update comment about Dasharo coreboot fork
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-04 12:46:37 +01:00
Michał Kopeć
4a3667b78c
boards/novacustom-v540tu/novacustom-v540tu.config: remove unneeded debug options
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-04 12:46:37 +01:00
Michał Kopeć
cf02a2914e
config/coreboot-novacustom-v540tu.config: disable debug console
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
2024-12-04 12:46:37 +01:00
Thierry Laurion
059a60e43e
.circleci/config.yml nitropad-nv41 name changed -> novacustom_nv4x_adl
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-12-04 12:46:37 +01:00
Thierry Laurion
4394052b72
modules/linux: add Linux 6.11.9
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-12-04 12:46:37 +01:00
Michał Kopeć
ce2b051a48
Add NovaCustom V540TU board
Co-authored-by: Michał Kopeć <michal.kopec@3mdeb.com>
Co-authored-by: Thierry Laurion <insurgo@riseup.net>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-12-04 12:46:35 +01:00
Thierry Laurion
99157f2291
Merge pull request #1802 from tlaurion/talos_2-kernel_version_bump_to_6.6.16
talos-2: kernel version bump to 6.6.16
2024-11-29 14:19:25 -05:00
Thierry Laurion
e31afc58b3
Merge pull request #1818 from tlaurion/pr0_skylake_and_more_recent
WiP: PR0 (SPI write prevention through chipset locking) for nv4x_adl, setting base for other platforms/downstream forks supporting >=Skylake+
2024-11-29 13:22:21 -05:00
Sergii Dmytruk
7ca7488474
config/linux-talos-2.config: update
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-29 12:38:30 -05:00
Sergii Dmytruk
e97b379796
talos2: port 2 more Linux patches to 6.6.16
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-29 12:38:24 -05:00
Thierry Laurion
a03857d85f
talos-2 kernel 6.6.16: review needed patches and config: cbmem missing, maybe some more patches needs porting
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-29 12:38:18 -05:00
Thierry Laurion
3ed0f2df35
talos-2 6.6.16 kernel config: deactivate CONFIG_COMPAT (32 bit support)
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-29 12:38:12 -05:00
Thierry Laurion
d7ff890c78
WiP: talos-2: kernel version bump to 6.6.16
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-29 12:38:05 -05:00
Thierry Laurion
03ba3864db
Merge remote-tracking branch 'osresearch/master' into pr0_skylake_and_more_recent 2024-11-29 11:38:36 -05:00
Thierry Laurion
f8b03b3087
nitropad-ns50: remove PR0 until tested and readded in seperate PR
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-29 11:17:02 -05:00
Thierry Laurion
87732b71ce
Merge pull request #1865 from tlaurion/bump-flashprog_latest-meteor_lake_support
modules/flashprog: bump to latest commit, including support for meteor lake
2024-11-28 15:33:22 -05:00
Thierry Laurion
43b03fbe60
Revert "coreboot dasharo fork patch: bump patchset to upstream reviewed"
This reverts commit f5fdf9a97e.
Unfortunately, patch doesn't apply to dasharo current fork pointed under modules/coreboot

Waiting for Dasharo to provide a patch updated to heads used fork/dasahro bumping to newer coreboot version for which patchset applies clealy

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-28 13:24:30 -05:00
Thierry Laurion
3de473c409
modules/flashprog: bump to latest commit, including support for meteor lake
We use eb2c04185f (2024-11-21 1.3+ bugfixes)
Where meteor lake is 5e0d9b04a0 is from 1.3 (3 weeks ago)

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-28 12:06:42 -05:00
Thierry Laurion
6f2ea7c7bf
Merge remote-tracking branch 'osresearch/master' into pr0_skylake_and_more_recent 2024-11-28 11:53:48 -05:00
Thierry Laurion
f5fdf9a97e
coreboot dasharo fork patch: bump patchset to upstream reviewed
repro:
git fetch https://review.coreboot.org/coreboot refs/changes/78/85278/3 && git format-patch -1 --stdout FETCH_HEAD > patches/coreboot-dasharo-unreleased/0002-pr0_chipset_locking-post_skylake.patch
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-28 11:52:22 -05:00
Thierry Laurion
4f1405853f
Merge pull request #1861 from tlaurion/oem-factory_reset_hide-detach-sign-user-pin
bugfix: oem-factory-reset: debug mode; hide passphrase output on screen/debug log on gpg --detach-sign of /boot hash digest
2024-11-25 11:02:30 -05:00
Thierry Laurion
5501cd0744
oem-factory-reset: debug mode; hide passphrase output on screen/debug.log on gpg --detach-sign of /boot hash digest
Before:
[  155.845101] DEBUG: gpg --pinentry-mode loopback --passphrase Please Change Me --digest-algo SHA256 --detach-sign -a

After:
[  131.272954] DEBUG: gpg --pinentry-mode loopback --passphrase <hidden> --digest-algo SHA256 --detach-sign -a

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-25 10:57:44 -05:00
Thierry Laurion
45696a4c8a
Merge pull request #1860 from tlaurion/fix_initrd_unpack_for_repacking
initrd/bin/unpack_initramfs.sh: add xz unpacking support.
2024-11-22 17:50:23 -05:00
Thierry Laurion
95c6eb5c49
initrd/bin/unpack_initramfs.sh: add xz to unpack logic (add commented: bzip2, lzma, lzo and lz4)
xz: tested working with tails test build and 6.8.1's initrd
latest ubuntu 24.10: switched back to zstd, works as expected (tested)

Magic numbers referred at:
- 28eb75e178/scripts/extract-vmlinux (L52C1-L58C43)
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/lib/decompress.c#n51

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-22 17:30:17 -05:00
Thierry Laurion
71a8075125
initrd/bin/unpack_initramfs.sh: no functional change, just format with tabs
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-22 17:29:41 -05:00
Thierry Laurion
573f48dd11
Merge pull request #1858 from tlaurion/bugfix-fix_lvm_reproducibility
modules/lvm2: define /run relative paths (not sure why circleci remote docker default run dir != local run dir)
2024-11-22 11:51:29 -05:00
Thierry Laurion
1a07bf7b68
modules/lvm2: define /run relative paths (not sure why circleci remote docker default run dir != local run dir)
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-22 09:41:32 -05:00
Thierry Laurion
be0aac6914
Merge pull request #1856 from tlaurion/docker_helpers_conditional_usb_passthrough
docker_* helpers: pass usb host controllers to docker only if usb devices are connected, unify, bugfixes
2024-11-21 17:46:38 -05:00
Thierry Laurion
dd540366b5
docker_* helpers: pass usb host controllers to docker only if usb devices are connected, unify, bugfixes
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-21 17:38:31 -05:00
Thierry Laurion
ee8d1d9ae8
Merge pull request #1855 from tlaurion/docker_helpers
add 3 Docker users/build helpers : local_dev, repro and latest, update README.md to simplify usage
2024-11-21 11:44:49 -05:00
Thierry Laurion
4ec2fef3e9
README.md: simplify local usage of nix/docker for devs/local images builders(local repro of CircleCI builds), referring to ./docker_*.sh scripts created
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-21 11:30:16 -05:00
Thierry Laurion
e70e2f7016
./docker_*: add 3 nix+docker helpers; local_dev, latest and repro
- Kill any GPG toolstack USB host consumers of USB devices so targets/qemu.md instruction can be used as intended (usb security dongles, HOTP features)

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-21 11:25:12 -05:00
Thierry Laurion
1939af6fa6
Merge pull request #1853 from tlaurion/bugfix-qemu_coreboot_prod-fix_bootsplash_stretched
bugfix qemu boards: revert changes of CONFIG_BOOTSPLASH_CONVERT_RESOLUTION=XYZ for all boards, set qemu prod boards to 1440x810
2024-11-19 18:55:21 -05:00
Thierry Laurion
7c539c9aff
bugfix qemu boards: revert changes of CONFIG_BOOTSPLASH_CONVERT_RESOLUTION=XYZ for all boards, set qemu prod boards to 1440x810
* CONFIG_BOOTSPLASH_CONVERT_RESOLUTION: setting this stretches the bootsplash and makes it ugly. Revert the change on master so that produced videos/screenshots are ok.
* qemu prod boards: CONFIG_DRIVERS_EMULATION_QEMU_BOCHS_XRES=1440 and CONFIG_DRIVERS_EMULATION_QEMU_BOCHS_YRES=810 brings the Height just big enough to fit on screens we mostly have out there.
* qemu dev boards: CONFIG_DRIVERS_EMULATION_QEMU_BOCHS_XRES=1024 and CONFIG_DRIVERS_EMULATION_QEMU_BOCHS_YRES=768: is a reminder of x230's 1376x768 (16:9) for Height and shows us that things are not perfect for all platforms

Notes:
- cannot put to 1376x768 for qemu (would have been nice to see what console text looks like + fbwhiptail windows for x230 (min screen size supported)
  - that tears bochs fb for some unknown reason
    - doesn't tear x230 fb (TODO: bug report for bochs qemu driver?)

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-19 18:34:34 -05:00
Thierry Laurion
49733bbaa9
Merge pull request #1852 from tlaurion/bugfix-qemu_coreboot_prod-fix_bootsplash
bugfix, bootsplash: qemu coreboot prod configs
2024-11-19 15:30:32 -05:00
Thierry Laurion
5600c09610
bugfix, bootsplash: qemu coreboot prod configs: add CONFIG_BOOTSPLASH_CONVERT_RESIZE=y and CONFIG_BOOTSPLASH_CONVERT_RESOLUTION="1280x720"
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-19 15:19:34 -05:00
Thierry Laurion
c9bb7be58b
Merge pull request #1851 from tlaurion/qemu_prod-unify_with_other_prod_boards
qemu prod coreboot configs: remove debug output + unify with other boards prod kernel output (quiet, loglevel2), change resolution 1024x768 (4:3) to 1280x720 (16:9)
2024-11-19 14:56:36 -05:00
Thierry Laurion
a9bb1e6e9e
qemu prod coreboot configs: remove debug output + unify with other boards prod kernel output (quiet, loglevel2), change resolution 1024x768 (4:3) to 1280x720 (16:9)
resolution changed to fit smallest (uncommon) x230 screen size supported for dev cycles to show prod output: 1366x768 (16:9)

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-11-19 14:51:31 -05:00