ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-01-22 04:18:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,821 Commits 28 Branches 6 Tags 22 MiB
c516918fac
Commit Graph

377 Commits

Author SHA1 Message Date
Michał Kopeć
1d7b442668
novacustom-v560tu: sync to v540tu 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-10 12:41:39 +01:00
Michał Kopeć
6174b63a12
novacustom-v540tu: enable PR0 lockdown in SMM 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-09 16:21:45 +01:00
Michał Kopeć
0f339496a7
Add NovaCustom V560TU 
as a copy of V540TU

Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 13:51:55 +01:00
Michał Kopeć
4a3667b78c
boards/novacustom-v540tu/novacustom-v540tu.config: remove unneeded debug options 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 12:46:37 +01:00
Thierry Laurion
4394052b72
modules/linux: add Linux 6.11.9 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-04 12:46:37 +01:00
Michał Kopeć
ce2b051a48
Add NovaCustom V540TU board 
Co-authored-by: Michał Kopeć <michal.kopec@3mdeb.com>
Co-authored-by: Thierry Laurion <insurgo@riseup.net>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-04 12:46:35 +01:00
Thierry Laurion
99157f2291
Merge pull request #1802 from tlaurion/talos_2-kernel_version_bump_to_6.6.16 
talos-2: kernel version bump to 6.6.16
 2024-11-29 14:19:25 -05:00
Thierry Laurion
d7ff890c78
WiP: talos-2: kernel version bump to 6.6.16 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-29 12:38:05 -05:00
Thierry Laurion
f8b03b3087
nitropad-ns50: remove PR0 until tested and readded in seperate PR 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-29 11:17:02 -05:00
Thierry Laurion
6f2ea7c7bf
Merge remote-tracking branch 'osresearch/master' into pr0_skylake_and_more_recent 2024-11-28 11:53:48 -05:00
Thierry Laurion
a9bb1e6e9e
qemu prod coreboot configs: remove debug output + unify with other boards prod kernel output (quiet, loglevel2), change resolution 1024x768 (4:3) to 1280x720 (16:9) 
resolution changed to fit smallest (uncommon) x230 screen size supported for dev cycles to show prod output: 1366x768 (16:9)

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-19 14:51:31 -05:00
Thierry Laurion
8323078ff8
Merge pull request #1845 from tlaurion/add_qemu_prod_boards 
boards/qemu*: add "prod" variants, not built by CircleCI as of now, to test Heads prod console output
 2024-11-19 13:17:50 -05:00
Thierry Laurion
15bf330075
boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config: 'CONFIG_BOARD_NAME=NovaCustom NV4x 12th Gen', nv40pz in title. Remove forgotten Nitrokey Nitropad NV41 reference 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-14 08:52:14 -05:00
Thierry Laurion
9fccfb4627
Change board name from nitropad-nv41 -> novacustom_nv4x_adl 
- Move/rename board config
- Rename coreboot config
- Applies changes to coreboot config from defconfig+dasharo coreboot fork config + fixes
- Rename CircleCI board for rom build

-----
Repro:

First: change some oldconfig defaults from dasharo coreboot fork
git checkout -b move_nitropad-nv41_to_novacustom-v41
mv boards/nitropad-nv41 boards/novacustom_nv4x_adl
mv boards/novacustom_nv4x_adl/nitropad-nv41.config boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
vim boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
vim config/coreboot-nitropad-nv41.config
mv config/coreboot-nitropad-nv41.config config/coreboot-novacustom_nv4x_adl.config
vim boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=novacustom_nv4x_adl coreboot.modify_and_save_oldconfig_in_place
cd /home/user/heads/build/x86/coreboot-dasharo
sudo make menuconfig
cd ~/heads
sudo meld /home/user/heads/build/x86/coreboot-dasharo/.config config/coreboot-novacustom_nv4x_adl.config
git status
git add boards/nitropad-nv41/nitropad-nv41.config config/coreboot-nitropad-nv41.config config/coreboot-novacustom_nv4x_adl.config config/coreboot-novacustom_nv4x_adl.config
git add boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
sed -i 's/nitropad-nv41/novacustom_nv4x_adl/g' .circleci/config.yml
git add .circleci/config.yml
git commit --sigoff -m
git push tlaurion-github --force
...
(and multiple 'git commit --signoff --amend' to add traces below)

----

Relevant changes from nitropad-nv41 coreboot configs:
diff --git a/config/coreboot-nitropad-nv41.config b/config/coreboot-novacustom_nv4x_adl.config
index 9484aaf512..235f255a31 100644
--- a/config/coreboot-nitropad-nv41.config
+++ b/config/coreboot-novacustom_nv4x_adl.config
@@ -111,7 +111,7 @@ CONFIG_VENDOR_NOVACUSTOM=y
 # CONFIG_VENDOR_UP is not set
 CONFIG_MAINBOARD_FAMILY="Not Applicable"
 CONFIG_MAINBOARD_PART_NUMBER="nv40pz"
-CONFIG_MAINBOARD_VERSION="v2.1"
+CONFIG_MAINBOARD_VERSION="nv40pz"
 CONFIG_MAINBOARD_DIR="clevo/adl-p"
 CONFIG_DIMM_MAX=4
 CONFIG_DIMM_SPD_SIZE=512
@@ -131,7 +131,7 @@ CONFIG_VBOOT_VBNV_OFFSET=0x28
 CONFIG_VARIANT_DIR="nv40pz"
 CONFIG_OVERRIDE_DEVICETREE="variants/$(CONFIG_VARIANT_DIR)/overridetree.cb"
 # CONFIG_VGA_BIOS is not set
-CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="Nitrokey"
+CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="Notebook"
 CONFIG_INTEL_GMA_VBT_FILE="src/mainboard/$(MAINBOARDDIR)/variants/$(VARIANT_DIR)/data.vbt"
 # CONFIG_DISABLE_HECI1_AT_PRE_BOOT is not set
 CONFIG_PRERAM_CBMEM_CONSOLE_SIZE=0x4000
@@ -140,7 +140,7 @@ CONFIG_CMOS_LAYOUT_FILE="src/mainboard/$(MAINBOARDDIR)/cmos.layout"
 CONFIG_BOOT_DEVICE_SPI_FLASH_BUS=0
 CONFIG_BOARD_CLEVO_ADLP_COMMON=y
 CONFIG_BOARD_CLEVO_NV40PZ_BASE=y
-CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NV41"
+CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="NV4xPZ"
 CONFIG_CONSOLE_POST=y
 # CONFIG_USE_PM_ACPI_TIMER is not set
 CONFIG_TPM_PIRQ=0x27

When comparing against dasharo/coreboot fork coreboot config saved in oldconfig format, diffs:
diff --git a/config/coreboot-novacustom_nv4x_adl.config b/config/coreboot-novacustom_nv4x_adl.config
index 235f255a31..41bdd7889c 100644
--- a/config/coreboot-novacustom_nv4x_adl.config
+++ b/config/coreboot-novacustom_nv4x_adl.config
@@ -7,19 +7,19 @@
 # General setup
 #
 CONFIG_COREBOOT_BUILD=y
-CONFIG_LOCALVERSION=""
+CONFIG_LOCALVERSION="v1.7.2"
 CONFIG_CBFS_PREFIX="fallback"
 CONFIG_COMPILER_GCC=y
 # CONFIG_COMPILER_LLVM_CLANG is not set
 CONFIG_ARCH_SUPPORTS_CLANG=y
 # CONFIG_ANY_TOOLCHAIN is not set
-# CONFIG_CCACHE is not set
+CONFIG_CCACHE=y
 # CONFIG_IWYU is not set
 # CONFIG_FMD_GENPARSER is not set
 # CONFIG_UTIL_GENPARSER is not set
-# CONFIG_OPTION_BACKEND_NONE is not set
-CONFIG_USE_OPTION_TABLE=y
-# CONFIG_STATIC_OPTION_TABLE is not set
+CONFIG_OPTION_BACKEND_NONE=y
+# CONFIG_USE_OPTION_TABLE is not set
+# CONFIG_USE_UEFI_VARIABLE_STORE is not set
 CONFIG_COMPRESS_RAMSTAGE_LZMA=y
 # CONFIG_COMPRESS_RAMSTAGE_LZ4 is not set
 CONFIG_INCLUDE_CONFIG_FILE=y
@@ -35,12 +35,7 @@ CONFIG_HAVE_ASAN_IN_RAMSTAGE=y
 # CONFIG_NO_STAGE_CACHE is not set
 CONFIG_TSEG_STAGE_CACHE=y
 # CONFIG_UPDATE_IMAGE is not set
-CONFIG_BOOTSPLASH_IMAGE=y
-CONFIG_BOOTSPLASH_FILE="@BRAND_DIR@/bootsplash.jpg"
-CONFIG_BOOTSPLASH_CONVERT=y
-CONFIG_BOOTSPLASH_CONVERT_QUALITY=90
-# CONFIG_BOOTSPLASH_CONVERT_RESIZE is not set
-# CONFIG_BOOTSPLASH_CONVERT_COLORSWAP is not set
+# CONFIG_BOOTSPLASH_IMAGE is not set
 # CONFIG_FW_CONFIG is not set

 #
@@ -111,14 +106,14 @@ CONFIG_VENDOR_NOVACUSTOM=y
 # CONFIG_VENDOR_UP is not set
 CONFIG_MAINBOARD_FAMILY="Not Applicable"
 CONFIG_MAINBOARD_PART_NUMBER="nv40pz"
-CONFIG_MAINBOARD_VERSION="nv40pz"
+CONFIG_MAINBOARD_VERSION="v2.1"
 CONFIG_MAINBOARD_DIR="clevo/adl-p"
 CONFIG_DIMM_MAX=4
 CONFIG_DIMM_SPD_SIZE=512
-CONFIG_FMDFILE=""
+CONFIG_FMDFILE="src/mainboard/$(CONFIG_MAINBOARD_DIR)/vboot-rwa.fmd"
 # CONFIG_NO_POST is not set
 CONFIG_MAINBOARD_VENDOR="Notebook"
-CONFIG_CBFS_SIZE=0x1000000
+CONFIG_CBFS_SIZE=0xA00000
 # CONFIG_CONSOLE_SERIAL is not set
 CONFIG_MAX_CPUS=24
 CONFIG_ONBOARD_VGA_IS_PRIMARY=y
@@ -126,8 +121,9 @@ CONFIG_ONBOARD_VGA_IS_PRIMARY=y
 # CONFIG_POST_IO is not set
 CONFIG_UART_FOR_CONSOLE=0
 CONFIG_DEVICETREE="devicetree.cb"
-# CONFIG_VBOOT is not set
+CONFIG_VBOOT=y
 CONFIG_VBOOT_VBNV_OFFSET=0x28
+CONFIG_RO_REGION_ONLY=""
 CONFIG_VARIANT_DIR="nv40pz"
 CONFIG_OVERRIDE_DEVICETREE="variants/$(CONFIG_VARIANT_DIR)/overridetree.cb"
 # CONFIG_VGA_BIOS is not set
@@ -143,10 +139,12 @@ CONFIG_BOARD_CLEVO_NV40PZ_BASE=y
 CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="NV4xPZ"
 CONFIG_CONSOLE_POST=y
 # CONFIG_USE_PM_ACPI_TIMER is not set
-CONFIG_TPM_PIRQ=0x27
+CONFIG_VBOOT_SLOTS_RW_A=y
+CONFIG_TPM_PIRQ=0x0
 # CONFIG_SOC_INTEL_CSE_SEND_EOP_EARLY is not set
 CONFIG_VBOOT_FWID_VERSION="$(CONFIG_LOCALVERSION)"
 CONFIG_EC_SYSTEM76_EC_BAT_THRESHOLDS=y
+CONFIG_PXE_ROM_ID="10ec,8168"
 CONFIG_ECAM_MMCONF_BASE_ADDRESS=0xc0000000
 CONFIG_ECAM_MMCONF_BUS_NUMBER=256
 CONFIG_MEMLAYOUT_LD_FILE="src/arch/x86/memlayout.ld"
@@ -156,20 +154,28 @@ CONFIG_C_ENV_BOOTBLOCK_SIZE=0x40000
 CONFIG_DCACHE_BSP_STACK_SIZE=0x80400
 CONFIG_MAX_ACPI_TABLE_SIZE_KB=144
 CONFIG_HAVE_INTEL_FIRMWARE=y
+CONFIG_VBOOT_NO_BOARD_SUPPORT=y
+CONFIG_RW_REGION_ONLY=""
 CONFIG_MRC_SETTINGS_CACHE_SIZE=0x10000
 CONFIG_DRIVERS_INTEL_WIFI=y
 CONFIG_IFD_BIN_PATH="3rdparty/dasharo-blobs/novacustom/nv4x_adl/descriptor.bin"
 CONFIG_ME_BIN_PATH="3rdparty/dasharo-blobs/novacustom/nv4x_adl/me.bin"
-CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x20000
+# CONFIG_VBOOT_ALWAYS_ALLOW_UDC is not set
+CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x100000
+CONFIG_EDK2_BOOT_TIMEOUT=2
 CONFIG_VBT_DATA_SIZE_KB=9
+CONFIG_VBOOT_FWID_MODEL="$(CONFIG_MAINBOARD_VENDOR)_$(CONFIG_MAINBOARD_PART_NUMBER)"
+CONFIG_VBOOT_STARTS_IN_BOOTBLOCK=y
 CONFIG_CARDBUS_PLUGIN_SUPPORT=y
 CONFIG_SPI_FLASH_DONT_INCLUDE_ALL_DRIVERS=y
 # CONFIG_USE_LEGACY_8254_TIMER is not set
+CONFIG_GBB_HWID=""
 # CONFIG_DEBUG_SMI is not set
 CONFIG_HAVE_IFD_BIN=y
 CONFIG_PCIEXP_HOTPLUG_BUSES=42
 CONFIG_PCIEXP_HOTPLUG_MEM=0xc200000
 CONFIG_PCIEXP_HOTPLUG_PREFETCH_MEM=0x1c000000
+# CONFIG_VBOOT_SLOTS_RW_AB is not set
 CONFIG_PS2K_EISAID="PNP0303"
 CONFIG_PS2M_EISAID="PNP0F13"

@@ -193,8 +199,8 @@ CONFIG_PCIEXP_CLK_PM=y
 CONFIG_PC_CMOS_BASE_PORT_BANK1=0x72
 CONFIG_HEAP_SIZE=0x10000
 CONFIG_EC_GPE_SCI=0x50
+CONFIG_EDK2_BOOTSPLASH_FILE="3rdparty/dasharo-blobs/novacustom/bootsplash.bmp"
 CONFIG_TPM_MEASURED_BOOT=y
-CONFIG_LINUX_COMMAND_LINE="quiet loglevel=2"
 CONFIG_BOARD_ROMSIZE_KB_32768=y
 # CONFIG_COREBOOT_ROMSIZE_KB_256 is not set
 # CONFIG_COREBOOT_ROMSIZE_KB_512 is not set
@@ -399,7 +405,7 @@ CONFIG_SOC_INTEL_COMMON_BLOCK_TCO=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_TCO_ENABLE_THROUGH_SMBUS=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_SMM=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_IO_TRAP=y
-# CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_TCO_ENABLE is not set
+CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_TCO_ENABLE=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_S5_DELAY_MS=0
 CONFIG_SOC_INTEL_COMMON_BLOCK_SPI=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_SA=y
@@ -417,7 +423,7 @@ CONFIG_SOC_INTEL_COMMON_BLOCK_USB4_PCIE=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_USB4_XHCI=y
 CONFIG_SOC_INTEL_ENABLE_USB4_PCIE_RESOURCES=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_VTD=y
-# CONFIG_ENABLE_EARLY_DMA_PROTECTION is not set
+CONFIG_ENABLE_EARLY_DMA_PROTECTION=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_XDCI=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_XHCI=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_XHCI_ELOG=y
@@ -508,15 +514,15 @@ CONFIG_EC_SYSTEM76_EC_DGPU=y
 #
 # Intel Firmware
 #
-CONFIG_IFDTOOL_DISABLE_ME=y
+# CONFIG_IFDTOOL_DISABLE_ME is not set
 CONFIG_HAVE_ME_BIN=y
 # CONFIG_STITCH_ME_BIN is not set
 # CONFIG_ME_REGION_ALLOW_CPU_READ_ACCESS is not set
 CONFIG_HAVE_INTEL_ME_HAP=y
 # CONFIG_INTEL_ME_DISABLED_HECI is not set
-CONFIG_INTEL_ME_DISABLED_HAP=y
-# CONFIG_INTEL_ME_ENABLED is not set
-CONFIG_INTEL_ME_DEFAULT_STATE=2
+# CONFIG_INTEL_ME_DISABLED_HAP is not set
+CONFIG_INTEL_ME_ENABLED=y
+CONFIG_INTEL_ME_DEFAULT_STATE=0
 # CONFIG_DO_NOT_TOUCH_DESCRIPTOR_REGION is not set
 # CONFIG_LOCK_MANAGEMENT_ENGINE is not set
 CONFIG_UNLOCK_FLASH_REGIONS=y
@@ -529,7 +535,7 @@ CONFIG_BIOS_VENDOR="3mdeb"
 #
 # Dasharo Configuration
 #
-CONFIG_DASHARO_PREFER_S3_SLEEP=y
+# CONFIG_DASHARO_PREFER_S3_SLEEP is not set
 # end of Dasharo Configuration

 CONFIG_UDK_BASE=y
@@ -550,8 +556,6 @@ CONFIG_X86_CUSTOM_BOOTMEDIA=y
 CONFIG_PC80_SYSTEM=y
 CONFIG_HAVE_CMOS_DEFAULT=y
 CONFIG_POSTCAR_STAGE=y
-CONFIG_BOOTBLOCK_SIMPLE=y
-# CONFIG_BOOTBLOCK_NORMAL is not set
 CONFIG_COLLECT_TIMESTAMPS_TSC=y
 CONFIG_IDT_IN_EVERY_STAGE=y
 CONFIG_HAVE_CF9_RESET=y
@@ -575,9 +579,10 @@ CONFIG_NO_EARLY_GFX_INIT=y
 #
 # Display
 #
+CONFIG_WANT_LINEAR_FRAMEBUFFER=y
 CONFIG_GENERIC_LINEAR_FRAMEBUFFER=y
 CONFIG_LINEAR_FRAMEBUFFER=y
-CONFIG_BOOTSPLASH=y
+# CONFIG_BOOTSPLASH is not set
 # end of Display

 CONFIG_PCI=y
@@ -610,17 +615,21 @@ CONFIG_I2C_TRANSFER_TIMEOUT_US=500000
 # Generic Drivers
 #
 CONFIG_CRB_TPM_BASE_ADDRESS=0xfed40000
-# CONFIG_DRIVERS_EFI_VARIABLE_STORE is not set
+CONFIG_DRIVERS_EFI_VARIABLE_STORE=y
 # CONFIG_ELOG is not set
 CONFIG_CACHE_MRC_SETTINGS=y
 CONFIG_MRC_SETTINGS_PROTECT=y
-# CONFIG_SMMSTORE is not set
+CONFIG_HAS_RECOVERY_MRC_CACHE=y
+CONFIG_MRC_SAVE_HASH_IN_TPM=y
+CONFIG_SMMSTORE=y
+CONFIG_SMMSTORE_V2=y
+CONFIG_SMMSTORE_SIZE=0x40000
 CONFIG_SPI_FLASH=y
 CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP=y
 CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP_EARLY=y
+CONFIG_SPI_FLASH_SMM=y
 # CONFIG_SPI_FLASH_NO_FAST_READ is not set
-CONFIG_TPM_INIT_RAMSTAGE=y
-# CONFIG_TPM_PPI is not set
+CONFIG_TPM_PPI=y
 CONFIG_DRIVERS_UART=y
 CONFIG_NO_UART_ON_SUPERIO=y
 CONFIG_DRIVERS_UART_8250MEM=y
@@ -669,7 +678,7 @@ CONFIG_DRIVERS_INTEL_PMC=y
 # CONFIG_DRIVERS_NXP_UWB_SR1XX is not set
 # CONFIG_DRIVERS_PS2_KEYBOARD is not set
 CONFIG_DRIVERS_MC146818=y
-# CONFIG_USE_PC_CMOS_ALTCENTURY is not set
+CONFIG_USE_PC_CMOS_ALTCENTURY=y
 CONFIG_PC_CMOS_BASE_PORT_BANK0=0x70
 CONFIG_MEMORY_MAPPED_TPM=y
 CONFIG_TPM_TIS_BASE_ADDRESS=0xfed40000
@@ -695,6 +704,50 @@ CONFIG_DRIVERS_INTEL_USB4_RETIMER=y
 # Verified Boot (vboot)
 #
 CONFIG_VBOOT_LIB=y
+CONFIG_VBOOT_VBNV_CMOS=y
+CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH=y
+# CONFIG_VBOOT_MOCK_SECDATA is not set
+CONFIG_VBOOT_MUST_REQUEST_DISPLAY=y
+CONFIG_VBOOT_ALWAYS_ENABLE_DISPLAY=y
+CONFIG_VBOOT_HAS_REC_HASH_SPACE=y
+CONFIG_CBFS_MCACHE_RW_PERCENTAGE=50
+CONFIG_VBOOT_CLEAR_RECOVERY_EACH_BOOT=y
+# CONFIG_VBOOT_EC_EFS is not set
+CONFIG_VBOOT_X86_SHA256_ACCELERATION=y
+
+#
+# GBB configuration
+#
+CONFIG_GBB_BMPFV_FILE=""
+# CONFIG_GBB_FLAG_DEV_SCREEN_SHORT_DELAY is not set
+# CONFIG_GBB_FLAG_LOAD_OPTION_ROMS is not set
+# CONFIG_GBB_FLAG_ENABLE_ALTERNATE_OS is not set
+# CONFIG_GBB_FLAG_FORCE_DEV_SWITCH_ON is not set
+CONFIG_GBB_FLAG_FORCE_DEV_BOOT_USB=y
+CONFIG_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK=y
+# CONFIG_GBB_FLAG_ENTER_TRIGGERS_TONORM is not set
+# CONFIG_GBB_FLAG_FORCE_DEV_BOOT_ALTFW is not set
+# CONFIG_GBB_FLAG_RUNNING_FAFT is not set
+CONFIG_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC=y
+# CONFIG_GBB_FLAG_DEFAULT_DEV_BOOT_ALTFW is not set
+CONFIG_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC=y
+CONFIG_GBB_FLAG_DISABLE_LID_SHUTDOWN=y
+# CONFIG_GBB_FLAG_FORCE_MANUAL_RECOVERY is not set
+CONFIG_GBB_FLAG_DISABLE_FWMP=y
+# CONFIG_GBB_FLAG_ENABLE_UDC is not set
+# end of GBB configuration
+
+#
+# Vboot Keys
+#
+CONFIG_VBOOT_ROOT_KEY="$(VBOOT_SOURCE)/tests/devkeys/root_key.vbpubk"
+CONFIG_VBOOT_RECOVERY_KEY="$(VBOOT_SOURCE)/tests/devkeys/recovery_key.vbpubk"
+CONFIG_VBOOT_FIRMWARE_PRIVKEY="$(VBOOT_SOURCE)/tests/devkeys/firmware_data_key.vbprivk"
+CONFIG_VBOOT_KERNEL_KEY="$(VBOOT_SOURCE)/tests/devkeys/kernel_subkey.vbpubk"
+CONFIG_VBOOT_KEYBLOCK="$(VBOOT_SOURCE)/tests/devkeys/firmware.keyblock"
+CONFIG_VBOOT_KEYBLOCK_VERSION=1
+CONFIG_VBOOT_KEYBLOCK_PREAMBLE_FLAGS=0x0
+# end of Vboot Keys
 # end of Verified Boot (vboot)

 #
@@ -730,10 +783,14 @@ CONFIG_INTEL_TXT_LIB=y
 # CONFIG_INTEL_TXT is not set
 # CONFIG_STM is not set
 # CONFIG_INTEL_CBNT_SUPPORT is not set
-CONFIG_BOOTMEDIA_LOCK_NONE=y
-# CONFIG_BOOTMEDIA_LOCK_CONTROLLER is not set
+# CONFIG_BOOTMEDIA_LOCK_NONE is not set
+CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y
 # CONFIG_BOOTMEDIA_LOCK_CHIP is not set
-# CONFIG_BOOTMEDIA_SMM_BWP is not set
+# CONFIG_BOOTMEDIA_LOCK_WHOLE_RO is not set
+# CONFIG_BOOTMEDIA_LOCK_WHOLE_NO_ACCESS is not set
+CONFIG_BOOTMEDIA_LOCK_WPRO_VBOOT_RO=y
+CONFIG_BOOTMEDIA_LOCK_IN_VERSTAGE=y
+CONFIG_BOOTMEDIA_SMM_BWP=y
 # end of Security

 CONFIG_ACPI_HAVE_PCAT_8259=y
@@ -772,8 +829,8 @@ CONFIG_DEFAULT_CONSOLE_LOGLEVEL_7=y
 # CONFIG_DEFAULT_CONSOLE_LOGLEVEL_1 is not set
 # CONFIG_DEFAULT_CONSOLE_LOGLEVEL_0 is not set
 CONFIG_DEFAULT_CONSOLE_LOGLEVEL=7
-CONFIG_CONSOLE_USE_LOGLEVEL_PREFIX=y
-CONFIG_CONSOLE_USE_ANSI_ESCAPES=y
+# CONFIG_CONSOLE_USE_LOGLEVEL_PREFIX is not set
+# CONFIG_CONSOLE_USE_ANSI_ESCAPES is not set
 # CONFIG_CMOS_POST is not set
 CONFIG_HWBASE_DEBUG_CB=y
 # end of Console
@@ -804,12 +861,89 @@ CONFIG_MAINBOARD_SERIAL_NUMBER="123456789"
 # CONFIG_PAYLOAD_LINUXBOOT is not set
 # CONFIG_PAYLOAD_SEABIOS is not set
 # CONFIG_PAYLOAD_UBOOT is not set
-# CONFIG_PAYLOAD_EDK2 is not set
-CONFIG_PAYLOAD_LINUX=y
-CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage"
+CONFIG_PAYLOAD_EDK2=y
+# CONFIG_PAYLOAD_LINUX is not set
+CONFIG_PAYLOAD_FILE="novacustom_nv4x_adl/UEFIPAYLOAD.fd"
 CONFIG_PAYLOAD_OPTIONS=""
-# CONFIG_PXE is not set
-CONFIG_LINUX_INITRD="@BOARD_BUILD_DIR@/initrd.cpio.xz"
+CONFIG_EDK2_UEFIPAYLOAD=y
+# CONFIG_EDK2_UNIVERSAL_PAYLOAD is not set
+CONFIG_EDK2_REPO_MRCHROMEBOX=y
+# CONFIG_EDK2_REPO_OFFICIAL is not set
+# CONFIG_EDK2_REPO_CUSTOM is not set
+CONFIG_EDK2_REPOSITORY="https://github.com/Dasharo/edk2"
+CONFIG_EDK2_TAG_OR_REV="b7274c98697e972e772236caf830c0780ec498bd"
+CONFIG_EDK2_USE_EDK2_PLATFORMS=y
+CONFIG_EDK2_PLATFORMS_REPOSITORY="https://github.com/Dasharo/edk2-platforms"
+CONFIG_EDK2_PLATFORMS_TAG_OR_REV="3323ed481d35096fb6a7eae7b49f35eff00f86cf"
+# CONFIG_EDK2_DEBUG is not set
+CONFIG_EDK2_RELEASE=y
+# CONFIG_EDK2_BOOT_MANAGER_ESCAPE is not set
+CONFIG_EDK2_CBMEM_LOGGING=y
+CONFIG_EDK2_SYSTEM76_EC_LOGGING=y
+CONFIG_EDK2_CPU_TIMER_LIB=y
+CONFIG_EDK2_FOLLOW_BGRT_SPEC=y
+CONFIG_EDK2_FULL_SCREEN_SETUP=y
+CONFIG_EDK2_HAVE_EFI_SHELL=y
+CONFIG_EDK2_PRIORITIZE_INTERNAL=y
+CONFIG_EDK2_PS2_SUPPORT=y
+CONFIG_EDK2_SKIP_PS2_DETECT=y
+CONFIG_EDK2_SD_MMC_TIMEOUT=10
+CONFIG_EDK2_SERIAL_SUPPORT=y
+CONFIG_EDK2_ENABLE_IPXE=y
+CONFIG_EDK2_IPXE_OPTION_NAME="iPXE Network Boot"
+CONFIG_EDK2_SECURE_BOOT=y
+# CONFIG_EDK2_SECURE_BOOT_DEFAULT_ENABLE is not set
+# CONFIG_EDK2_SATA_PASSWORD is not set
+# CONFIG_EDK2_OPAL_PASSWORD is not set
+CONFIG_EDK2_SETUP_PASSWORD=y
+CONFIG_EDK2_PERFORMANCE_MEASUREMENT_ENABLE=y
+CONFIG_EDK2_DASHARO_SYSTEM_FEATURES=y
+CONFIG_EDK2_DASHARO_SECURITY_OPTIONS=y
+CONFIG_EDK2_SHOW_CAMERA_OPTION=y
+CONFIG_EDK2_SHOW_WIFI_BT_OPTION=y
+CONFIG_EDK2_DASHARO_INTEL_ME_OPTIONS=y
+CONFIG_EDK2_DASHARO_USB_CONFIG=y
+CONFIG_EDK2_DASHARO_NETWORK_CONFIG=y
+# CONFIG_EDK2_DASHARO_CHIPSET_CONFIG is not set
+CONFIG_EDK2_DASHARO_POWER_CONFIG=y
+CONFIG_EDK2_SLEEP_TYPE_OPTION=y
+CONFIG_EDK2_FAN_CURVE_OPTION=y
+CONFIG_EDK2_BATTERY_CONFIG_OPTION=y
+# CONFIG_EDK2_DASHARO_PCI_CONFIG is not set
+# CONFIG_EDK2_DASHARO_MEMORY_CONFIG is not set
+# CONFIG_EDK2_DASHARO_NETWORK_BOOT_DEFAULT_ENABLE is not set
+# CONFIG_EDK2_DASHARO_SERIAL_REDIRECTION_DEFAULT_ENABLE is not set
+CONFIG_EDK2_BOOT_MENU_KEY=0x0011
+CONFIG_EDK2_SETUP_MENU_KEY=0x000C
+CONFIG_EDK2_DISABLE_MTRR_PROGRAMMING=y
+CONFIG_EDK2_ENABLE_BATTERY_CHECK=y
+# CONFIG_EDK2_DISABLE_OPTION_ROMS is not set
+CONFIG_EDK2_PRINT_SOL_STRINGS=y
+# CONFIG_EDK2_RAM_DISK_ENABLE is not set
+CONFIG_EDK2_CUSTOM_BUILD_PARAMS="-D VARIABLE_SUPPORT=SMMSTORE"
+CONFIG_EDK2_LAN_ROM_DRIVER=""
+# CONFIG_EDK2_CREATE_PREINSTALLED_BOOT_OPTIONS is not set
+CONFIG_PXE=y
+
+#
+# PXE Options
+#
+# CONFIG_PXE_ROM is not set
+CONFIG_BUILD_IPXE=y
+CONFIG_IPXE_STABLE=y
+# CONFIG_IPXE_MASTER is not set
+# CONFIG_PXE_SERIAL_CONSOLE is not set
+# CONFIG_PXE_NO_PROMPT is not set
+CONFIG_PXE_ADD_SCRIPT=y
+CONFIG_PXE_SCRIPT="3rdparty/dasharo-blobs/dasharo/dasharo.ipxe"
+CONFIG_PXE_HAS_HTTPS=y
+CONFIG_PXE_CUSTOM_BUILD_ID="0123456789"
+CONFIG_PXE_TRUST_CMD=y
+# end of PXE Options
+
+# CONFIG_COMPRESSED_PAYLOAD_NONE is not set
+CONFIG_COMPRESSED_PAYLOAD_LZMA=y
+# CONFIG_COMPRESSED_PAYLOAD_LZ4 is not set
 CONFIG_COMPRESS_SECONDARY_PAYLOAD=y

 #

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-14 08:52:08 -05:00
Thierry Laurion
068c977e73
boards/qemu*: add "prod" variants, not built by CircleCI as of now, to test Heads prod console output 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-11 19:46:52 -05:00
Thierry Laurion
a8ba6bafb7
talos-2: move(tag) board to untested: I won't have time any time soon to test nor report issues for this unknowingly used board prior of feature freeze planned for 2024-11-20 
repro: helper used
time docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=talos-2 board.move_tested_to_untested

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-08 13:26:08 -05:00
Thierry Laurion
9d656fceb5
Merge pull request #1840 from tlaurion/d16_cryptsetup2 
d16 boards: bump CONFIG_CRYPTSETUP=y to CONFIG_CRYPTSETUP2=y
 2024-11-06 19:11:42 -05:00
Thierry Laurion
8fad71ec73
d16 boards: bump CONFIG_CRYPTSETUP=y to CONFIG_CRYPTSETUP2=y (were still using 1.7.3 which failed to build with newer muslc version bump) 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-06 17:06:07 -05:00
Thierry Laurion
b36ed46c11
boards/librems: remove CONFIG_SUPPORT_USB_KEYBOARD which is now offered by default if kernel config enable it as compiled as module 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-05 15:27:40 -05:00
Thierry Laurion
ef0b70a89a
ns50: add PR0 chipset locking requirements to board config and coreboot config 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-31 10:23:12 -04:00
Thierry Laurion
e999c90a16
codebase: CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE -> CONFIG_FINALIZE_PLATFORM_LOCKING 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-31 10:23:06 -04:00
Thierry Laurion
eac77efc9b
nv41: add lock_chip current requirements for pre-skylake in board config 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-31 10:22:54 -04:00
Thierry Laurion
d59b4d9e90
w541/t440p hotp variants including non-htop: fix path to non-hotp board variants (this is annoying) 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-30 19:29:49 -04:00
Thierry Laurion
fb975d0642
t440p/w541: move to untested so that people don't flash those without external programmer for now 
repro:
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=w541-hotp-maximized board.move_tested_to_untested
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=w541-maximized board.move_tested_to_untested
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=t440p-hotp-maximized board.move_tested_to_untested
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=t440p-maximized board.move_tested_to_untested

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-30 16:18:22 -04:00
Thierry Laurion
ae421f4c1f
Optiplex boards: linux kernel bump 5.10.5 -> 6.1.8 
Optiplex already uses CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config, so nothing else to do here

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-30 09:59:45 -04:00
Thierry Laurion
853541c6a9
most boards: bump kernel version from 5.10.5 to 6.1.8 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-30 09:59:28 -04:00
Thierry Laurion
d128fa3f87 Optiplex boards: switch flashrom-> flashprog 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
de99b412ba move w541 boards back to tested to dodge drama. Still this board has no known testers 
Repro
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=UNTESTED_w541-hotp-maximized board.move_untested_to_tested
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=UNTESTED_w541-maximized board.move_untested_to_tested
git status
git add .circleci/config.yml boards/UNTESTED_w541-hotp-maximized/UNTESTED_w541-hotp-maximized.config boards/UNTESTED_w541-maximized/UNTESTED_w541-maximized.config boards/w541-hotp-maximized/ boards/w541-maximized/
git commit --signoff -m

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
36efff4848 x230 legacy boards: move to unmaintained 
Also add Makefile helper to move from tested to unmaintained

Done by:
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=x230-hotp-legacy board.move_tested_to_unmaintained
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=x230-legacy board.move_tested_to_unmaintained
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=x230-legacy-flash board.move_tested_to_unmaintained
git difftool -d
git add .circleci/config.yml boards/x230-hotp-legacy/x230-hotp-legacy.config boards/x230-legacy-flash/x230-legacy-flash.config boards/x230-legacy/x230-legacy.config unmaintained_boards/UNMAINTAINED_x230-hotp-legacy/ unmaintained_boards/UNMAINTAINED_x230-legacy-flash/ unmaintained_boards/UNMAINTAINED_x230-legacy/
git commit --signoff -m

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
2c2af013c5 board t440p: move board away from UNTESTED_ with improved Makefile helper board.move_untested_to_tested 
Update Makefile helper to be able to do it with these steps
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=UNTESTED_t440p-hotp-maximized board.move_untested_to_tested
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=UNTESTED_t440p-maximized board.move_untested_to_tested
git status
git add boards/t440p-hotp-maximized/t440p-hotp-maximized.config boards/t440p-maximized/t440p-maximized.config .circleci/config.yml boards/UNTESTED_t440p-hotp-maximized/UNTESTED_t440p-hotp-maximized.config boards/UNTESTED_t440p-maximized/UNTESTED_t440p-maximized.config

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
3f4104d068 Haswell boards : renamed to UNTESTED_* while still built by CircleCI per new policy (not blocking tested boards from being merged and downloaded without risks of possible bricks, leading UNTESTED_ boards untested until reported tested in seperate issue and ideally a PR from board testers). 
Fix Haswell board HOTP variants wrongly sourcing old non-hotp variants paths through Makefile inclusion. Fixing Makefile helper

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
ebdfad3655 boards CONFIG_FLASH_OPTIONS: 'flashprog memory' -> 'flashprog' since flashprog aims to be compatible with flashrom 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
a36aa2562d kgpe-d16 server: TODO AST1100 patch still missing @i-c-o-n https://github.com/linuxboot/heads/blob/master/patches/flashrom-b1f858f65b2abd276542650d8cb9e382da258967/0100-enable-kgpe-d16.patch 
This is not a blocker, but it used to be possible to flash BMC chip from Heads. PAtch is missing to flashprog

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
66b6b52106 xx20 boards: reintroduce hwseq for flashprog 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
b9495130cf boards FLASH_OPTIONS: remove --noverify/--noverify-all for now 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
d9ad27f372 boards FLASH_OPTIONS: add --noverify. No point verifying flash with internal programmer? 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
9b101f1454 flash.sh: FLASHROM_OPTIONS->FLASH_OPTIONS: require FLASH_OPTIONS to specify flash program in board configs 
- boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal

TODO: check, Might break:
- xx20 : x220/t420/t520: used hwseq: verify compat
- legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...)
- talos: linux_mtd is used: verify compat

Tested:
- x230 works with awesome progress bar on read, erase and write.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
2bf173c59a add flashprog support: failed attempt to use review.sourcearcade.org for tarballs download 
- Add Makefile new app dep verification
- Add modules/flashprog pointing to review.sourcearcade.org: website faisl to produce reproducible tarballs.

Notes:
- Unfortunately, we cannot use review platform to renerate reproducible tarballs, those don't have the same checksum on each download:
user@heads-tests-deb12-nix:~/heads$ wget https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz -O test.tar.gz
--2024-08-31 09:38:14--  https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz
Resolving review.sourcearcade.org (review.sourcearcade.org)... 88.99.35.89
Connecting to review.sourcearcade.org (review.sourcearcade.org)|88.99.35.89|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ‘test.tar.gz’

test.tar.gz                                              [        <=>                                                                                                           ] 508.19K   225KB/s    in 2.3s

2024-08-31 09:38:18 (225 KB/s) - ‘test.tar.gz’ saved [520389]

user@heads-tests-deb12-nix:~/heads$ sha256sum test.tar.gz
af2fb823c2699d37db284c1b3066352a59446b7ea491a585df4eeaa25d932a29  test.tar.gz
user@heads-tests-deb12-nix:~/heads$ sha256sum test.tar.gz
af2fb823c2699d37db284c1b3066352a59446b7ea491a585df4eeaa25d932a29  test.tar.gz
user@heads-tests-deb12-nix:~/heads$ wget https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz -O test.tar.gz
--2024-08-31 09:38:37--  https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz
Resolving review.sourcearcade.org (review.sourcearcade.org)... 88.99.35.89
Connecting to review.sourcearcade.org (review.sourcearcade.org)|88.99.35.89|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ‘test.tar.gz’

test.tar.gz                                              [   <=>                                                                                                                ] 508.22K   855KB/s    in 0.6s

2024-08-31 09:38:38 (855 KB/s) - ‘test.tar.gz’ saved [520417]

user@heads-tests-deb12-nix:~/heads$ sha256sum test.tar.gz
9225002d508bd8e2fc42a2bdcd0741cb93ed2cfc811fcd7e03b0242205d4954b  test.tar.gz
user@heads-tests-deb12-nix:~/heads$ wget https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz -O test.tar.gz
--2024-08-31 09:38:43--  https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz
Resolving review.sourcearcade.org (review.sourcearcade.org)... 88.99.35.89
Connecting to review.sourcearcade.org (review.sourcearcade.org)|88.99.35.89|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ‘test.tar.gz’

test.tar.gz                                              [     <=>                                                                                                              ] 508.18K   367KB/s    in 1.4s

2024-08-31 09:38:45 (367 KB/s) - ‘test.tar.gz’ saved [520378]

user@heads-tests-deb12-nix:~/heads$ sha256sum test.tar.gz
ebdb7ac0c964178bc312d50547cc7ec82c1c5ffb7d04167fe0ac83deca94ee81  test.tar.gz

  - Github mirror is only for commited code. Will have to work around that somehow : https://github.com/SourceArcade/flashprog

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-29 08:58:09 -04:00
Thierry Laurion
83707c7631 Optiplex boards: add HOTP variants, unify against x230-*-maximized board config formats 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
4496d1bf1e Optiplex 7010/9010 SFF: add ifd.bin from libreboot's t16650 in tree, change optiplex_blobs.mk target and point coreboot config to this IFD 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
23cee75efd boards/optiplex-7010_9010_TXT-maximized: add new TXT board, poitn coreboot to blobs, add to CI 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
8cf7d49fe8 Dell Optiplex 7019/9010 SFF inclusion based on coreboot master 24.02.01 for now 
- CircleCI: add build based on coreboot 24.02.01 release (might be old but unclear to my eyes now)
- Add board non-HOTP board config as a start, reuse x230 linux config
- Add coreboot config modified ans saved theourh coreboot Makefile file helper

Next steps
- Create blobs extraction scripts automating https://docs.dasharo.com/variants/dell_optiplex/initial-deployment/#firmware-preparation

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
3574e12be9
board configs: remove CONFIG_BOOT_DEV so detect_boot_device detects it prior of oem-factory-reset usage 
repro:
sed -i '/CONFIG_BOOT_DEV/d' boards/*/*.config unmaintained_boards/*/*.config

qemu debug trace on preinstalled OS:
[    3.999725] [U] hello world
[    4.286215] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)
[    4.315239] TRACE: Under init
[    4.369379] DEBUG: Applying panic_on_oom setting to sysctl
[    4.588333] TRACE: /bin/cbfs-init(5): main
[    4.728310] TRACE: /bin/cbfs-init(24): main
[    4.867039] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/pubring.kbx
[    4.946757] TRACE: /bin/tpmr(788): main
[    5.006987] DEBUG: TPM: Extending PCR[7] with hash 7ccf4f64044946cf4e5b0efe3d959f00562227ae
[    5.068692] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/pubring.kbx
[    5.326365] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/pubring.kbx
[    5.399511] TRACE: /bin/tpmr(788): main
[    5.460618] DEBUG: TPM: Extending PCR[7] with hash 547ca343719d3aa62af4763357d8c10cb35eae55
[    5.524608] DEBUG: exec tpm extend -ix 7 -if /.gnupg/pubring.kbx
[    5.752340] TRACE: /bin/cbfs-init(24): main
[    5.908677] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/trustdb.gpg
[    5.988169] TRACE: /bin/tpmr(788): main
[    6.044996] DEBUG: TPM: Extending PCR[7] with hash 7236ea8e612c1435259a8a0f8e0a8f1f5dba7042
[    6.101604] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/trustdb.gpg
[    6.371341] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/trustdb.gpg
[    6.451878] TRACE: /bin/tpmr(788): main
[    6.511948] DEBUG: TPM: Extending PCR[7] with hash 4697c489f359b40dd8aec55df52a33b1f580a3df
[    6.572785] DEBUG: exec tpm extend -ix 7 -if /.gnupg/trustdb.gpg
[    6.879519] TRACE: /bin/key-init(6): main
[    8.239618] TRACE: Under /etc/ash_functions:combine_configs
[    8.323781] TRACE: Under /etc/ash_functions:pause_recovery
!!! Hit enter to proceed to recovery shell !!!
[    8.572855] TRACE: /bin/setconsolefont.sh(6): main
[    8.631296] DEBUG: Board does not ship setfont, not checking console font
[    8.887295] TRACE: /bin/gui-init(641): main
[    8.920627] TRACE: /etc/functions(715): detect_boot_device
[    9.251212] TRACE: /etc/functions(682): mount_possible_boot_device
[    9.312602] TRACE: /etc/functions(642): is_gpt_bios_grub
[    9.410830] TRACE: /dev/vda1 is partition 1 of vda
[    9.540007] TRACE: /etc/functions(619): find_lvm_vg_name
[    9.707187] TRACE: Try mounting /dev/vda1 as /boot
[    9.766843] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null)
[    9.825028] TRACE: /bin/gui-init(319): clean_boot_check

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-09 10:35:03 -04:00
Thierry Laurion
501419b2b7
qemu-coreboot-whiptail-tpm2 board: reenable DEBUG + TRACING 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-09 09:06:37 -04:00
Thierry Laurion
77d4be1dc6
TPM extend ops: Augment output of TPM1/TMP22 for filename and file content hash ops 
Debug logtrace, screenshots of non-debug will be added in PR #1758

TPM1:
[    4.815559] [U] hello world
[    5.099000] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)
[    5.122059] TRACE: Under init
[    5.165917] DEBUG: Applying panic_on_oom setting to sysctl
[    5.388757] TRACE: /bin/cbfs-init(5): main
[    5.516637] TRACE: /bin/cbfs-init(24): main
[    5.662271] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/pubring.kbx
[    5.732223] TRACE: /bin/tpmr(790): main
[    5.785372] DEBUG: TPM: Extending PCR[7] with hash 7ccf4f64044946cf4e5b0efe3d959f00562227ae
[    5.838082] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/pubring.kbx
[    6.081466] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/pubring.kbx
[    6.147455] TRACE: /bin/tpmr(790): main
[    6.196545] DEBUG: TPM: Extending PCR[7] with hash ee79223a3b9724ad1aab290a3785132805c79eae
[    6.251251] DEBUG: exec tpm extend -ix 7 -if /.gnupg/pubring.kbx
[    6.445119] TRACE: /bin/cbfs-init(24): main
[    6.585854] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/trustdb.gpg
[    6.659172] TRACE: /bin/tpmr(790): main
[    6.707564] DEBUG: TPM: Extending PCR[7] with hash 7236ea8e612c1435259a8a0f8e0a8f1f5dba7042
[    6.757645] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/trustdb.gpg
[    7.013547] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/trustdb.gpg
[    7.082863] TRACE: /bin/tpmr(790): main
[    7.131022] DEBUG: TPM: Extending PCR[7] with hash ca8898407cacd96d6f2de90ae90825351be81c62
[    7.183344] DEBUG: exec tpm extend -ix 7 -if /.gnupg/trustdb.gpg
[    7.413787] TRACE: /bin/key-init(6): main
[    8.718367] TRACE: Under /etc/ash_functions:combine_configs
[    8.803914] TRACE: Under /etc/ash_functions:pause_recovery
!!! Hit enter to proceed to recovery shell !!!
[    9.045341] TRACE: /bin/setconsolefont.sh(6): main
[    9.096853] DEBUG: Board does not ship setfont, not checking console font
[    9.320494] TRACE: /bin/gui-init(641): main
[    9.356729] TRACE: Under /etc/ash_functions:enable_usb
[    9.445981] TRACE: /sbin/insmod(9): main
[    9.609464] TRACE: /sbin/insmod(53): main
[    9.660145] DEBUG: No module parameters, extending only with the module's content
[    9.791896] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ehci-hcd.ko
[    9.860477] TRACE: /bin/tpmr(790): main
[    9.914849] DEBUG: TPM: Extending PCR[5] with hash bc9ff28a99e314cda69695ba34b26ed0d8b1e4ed
[    9.976867] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ehci-hcd.ko
[   10.146966] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod
[   10.184086] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[   10.276564] TRACE: /sbin/insmod(9): main
[   10.433503] TRACE: /sbin/insmod(53): main
[   10.486272] DEBUG: No module parameters, extending only with the module's content
[   10.620200] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/uhci-hcd.ko
[   10.698710] TRACE: /bin/tpmr(790): main
[   10.750637] DEBUG: TPM: Extending PCR[5] with hash bcb2f15c7eb52484072a76fc8a0d7399f6cf2189
[   10.808379] DEBUG: exec tpm extend -ix 5 -if /lib/modules/uhci-hcd.ko
[   10.996254] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod
[   11.026108] uhci_hcd: USB Universal Host Controller Interface driver
[   11.040703] uhci_hcd 0000:00:1d.0: UHCI Host Controller
[   11.053129] uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1
[   11.061568] uhci_hcd 0000:00:1d.0: detected 2 ports
[   11.070973] uhci_hcd 0000:00:1d.0: irq 16, io base 0x0000ff00
[   11.089004] hub 1-0:1.0: USB hub found
[   11.097535] hub 1-0:1.0: 2 ports detected
[   11.114890] uhci_hcd 0000:00:1d.1: UHCI Host Controller
[   11.123848] uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2
[   11.134989] uhci_hcd 0000:00:1d.1: detected 2 ports
[   11.142404] uhci_hcd 0000:00:1d.1: irq 17, io base 0x0000fee0
[   11.153338] hub 2-0:1.0: USB hub found
[   11.160572] hub 2-0:1.0: 2 ports detected
[   11.176481] uhci_hcd 0000:00:1d.2: UHCI Host Controller
[   11.183898] uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3
[   11.193509] uhci_hcd 0000:00:1d.2: detected 2 ports
[   11.201574] uhci_hcd 0000:00:1d.2: irq 18, io base 0x0000fec0
[   11.211182] hub 3-0:1.0: USB hub found
[   11.219256] hub 3-0:1.0: 2 ports detected
[   11.314467] TRACE: /sbin/insmod(9): main
[   11.468430] TRACE: /sbin/insmod(53): main
[   11.521914] DEBUG: No module parameters, extending only with the module's content
[   11.656647] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ohci-hcd.ko
[   11.726721] TRACE: /bin/tpmr(790): main
[   11.778253] DEBUG: TPM: Extending PCR[5] with hash f563e46fbbed46423a1e10219953233d310792f5
[   11.831718] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ohci-hcd.ko
[   12.010752] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod
[   12.044192] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[   12.136462] TRACE: /sbin/insmod(9): main
[   12.293409] TRACE: /sbin/insmod(53): main
[   12.345947] DEBUG: No module parameters, extending only with the module's content
[   12.481562] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ohci-pci.ko
[   12.547754] TRACE: /bin/tpmr(790): main
[   12.604827] DEBUG: TPM: Extending PCR[5] with hash a24699fdaac9976cc9447fd0cd444a469299ad2f
[   12.661256] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ohci-pci.ko
[   12.847247] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod
[   12.870986] ohci-pci: OHCI PCI platform driver
[   12.959387] TRACE: /sbin/insmod(9): main
[   13.112275] TRACE: /sbin/insmod(53): main
[   13.163112] DEBUG: No module parameters, extending only with the module's content
[   13.291360] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ehci-pci.ko
[   13.364853] TRACE: /bin/tpmr(790): main
[   13.438536] DEBUG: TPM: Extending PCR[5] with hash b80a90e11a01eba40bb7e566f3374d0aad326acb
[   13.505500] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ehci-pci.ko
[   13.679865] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod
[   13.704539] ehci-pci: EHCI PCI platform driver
[   13.725570] ehci-pci 0000:00:1d.7: EHCI Host Controller
[   13.735562] ehci-pci 0000:00:1d.7: new USB bus registered, assigned bus number 4
[   13.745092] ehci-pci 0000:00:1d.7: irq 19, io mem 0xfcf80000
[   13.773286] ehci-pci 0000:00:1d.7: USB 2.0 started, EHCI 1.00
[   13.783544] hub 4-0:1.0: USB hub found
[   13.791110] hub 4-0:1.0: 6 ports detected
[   13.800844] hub 1-0:1.0: USB hub found
[   13.807808] hub 1-0:1.0: 2 ports detected
[   13.823094] hub 2-0:1.0: USB hub found
[   13.829910] hub 2-0:1.0: 2 ports detected
[   13.839182] hub 3-0:1.0: USB hub found
[   13.846231] hub 3-0:1.0: 2 ports detected
[   13.946297] TRACE: /sbin/insmod(9): main
[   14.099143] TRACE: /sbin/insmod(53): main
[   14.149765] DEBUG: No module parameters, extending only with the module's content
[   14.291413] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/xhci-hcd.ko
[   14.372815] TRACE: /bin/tpmr(790): main
[   14.426919] DEBUG: TPM: Extending PCR[5] with hash 1fc55e846b9d5c93e58c6c8b6f867e744fa694bc
[   14.482815] DEBUG: exec tpm extend -ix 5 -if /lib/modules/xhci-hcd.ko
[   14.670419] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod
[   14.783374] TRACE: /sbin/insmod(9): main
[   14.939364] TRACE: /sbin/insmod(53): main
[   14.995136] DEBUG: No module parameters, extending only with the module's content
[   15.135482] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/xhci-pci.ko
[   15.204263] TRACE: /bin/tpmr(790): main
[   15.255478] DEBUG: TPM: Extending PCR[5] with hash bbdd85242570aa438b908420a43b8d7042db8b4f
[   15.305598] DEBUG: exec tpm extend -ix 5 -if /lib/modules/xhci-pci.ko
[   15.480844] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod
[   15.512476] xhci_hcd 0000:00:04.0: xHCI Host Controller
[   15.528230] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 5
[   15.540456] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010
[   15.554225] hub 5-0:1.0: USB hub found
[   15.562061] hub 5-0:1.0: 4 ports detected
[   15.572058] xhci_hcd 0000:00:04.0: xHCI Host Controller
[   15.589966] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 6
[   15.598116] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed
[   15.606150] usb usb6: We don't know the algorithms for LPM for this host, disabling LPM.
[   15.616354] hub 6-0:1.0: USB hub found
[   15.623767] hub 6-0:1.0: 4 ports detected
[   15.909854] usb 5-1: new high-speed USB device number 2 using xhci_hcd
[   16.193548] usb 6-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd
[   16.345381] usb 5-3: new full-speed USB device number 3 using xhci_hcd
[   17.674973] TRACE: /etc/functions(715): detect_boot_device
[   17.718114] TRACE: /etc/functions(682): mount_possible_boot_device
[   17.759829] TRACE: /etc/functions(642): is_gpt_bios_grub
[   17.833271] TRACE: /dev/vda1 is partition 1 of vda
[   17.925490] TRACE: /etc/functions(619): find_lvm_vg_name
[   18.068352] TRACE: Try mounting /dev/vda1 as /boot
[   18.114444] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null)
[   18.158648] TRACE: /bin/gui-init(319): clean_boot_check
[   18.247883] TRACE: /bin/gui-init(348): check_gpg_key
[   18.338052] TRACE: /bin/gui-init(185): update_totp
[   18.419286] TRACE: /bin/unseal-totp(8): main
[   18.511352] TRACE: /bin/tpmr(614): tpm1_unseal
[   18.624811] DEBUG: Running at_exit handlers
[   18.661992] TRACE: /bin/tpmr(390): cleanup_shred
[   18.692897]  !!! ERROR: Unable to unseal TOTP secret !!!
[   21.295284] TRACE: /bin/unseal-totp(8): main
[   21.386377] TRACE: /bin/tpmr(614): tpm1_unseal
[   21.496183] DEBUG: Running at_exit handlers
[   21.527060] TRACE: /bin/tpmr(390): cleanup_shred
[   21.558625]  !!! ERROR: Unable to unseal TOTP secret !!!
[   24.162881] TRACE: /bin/unseal-totp(8): main
[   24.249549] TRACE: /bin/tpmr(614): tpm1_unseal
[   24.362331] DEBUG: Running at_exit handlers
[   24.394154] TRACE: /bin/tpmr(390): cleanup_shred
[   24.427400]  !!! ERROR: Unable to unseal TOTP secret !!!
[   26.475340] DEBUG: CONFIG_TPM: y
[   26.521538] DEBUG: CONFIG_TPM2_TOOLS:
[   26.578490] DEBUG: Show PCRs
[   26.730805] DEBUG: PCR-00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.751488] PCR-01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.778571] PCR-02: C0 A9 54 C8 45 5C 78 49 80 EC 1C DB D8 E8 9B CC 65 11 58 BF
[   26.808771] PCR-03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.830508] PCR-04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.849538] PCR-05: 2C 3A 40 05 70 DB 21 89 4F CD C2 F8 D6 AE 40 DA 56 E1 B6 74
[   26.878951] PCR-06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.895421] PCR-07: 7A 8A 4C E6 BA B0 AA 26 22 B1 26 A2 F6 36 BD F3 86 23 50 B6

TPM2:
[    5.305235] [U] hello world
[    5.591175] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)
[    5.615802] TRACE: Under init
[    5.657823] DEBUG: Applying panic_on_oom setting to sysctl
[    5.831457] TRACE: /bin/tpmr(349): tpm2_startsession
[    6.567984] TRACE: /bin/cbfs-init(5): main
[    6.695758] TRACE: /bin/cbfs-init(24): main
[    6.811665] TRACE: /bin/tpmr(832): main
[    6.870411] DEBUG: TPM: Extending PCR[7] with /.gnupg/pubring.kbx
[    6.907262] TRACE: /bin/tpmr(234): tpm2_extend
[    6.983504] TRACE: /bin/tpmr(247): tpm2_extend
[    7.037543] DEBUG: TPM: Will extend PCR[7] with hash of string /.gnupg/pubring.kbx
[    7.192665] TRACE: /bin/tpmr(265): tpm2_extend
[    7.246318] DEBUG: TPM: Extended PCR[7] with hash 96ab5053e4630a040d55549ba73cff2178d401d763147776771f9774597b86a1
[    7.355327] TRACE: /bin/tpmr(832): main
[    7.409042] DEBUG: TPM: Extending PCR[7] with /.gnupg/pubring.kbx
[    7.446920] TRACE: /bin/tpmr(234): tpm2_extend
[    7.485782] TRACE: /bin/tpmr(252): tpm2_extend
[    7.540496] DEBUG: TPM: Will extend PCR[7] with hash of file content /.gnupg/pubring.kbx
[    7.759033] TRACE: /bin/tpmr(265): tpm2_extend
[    7.811693] DEBUG: TPM: Extended PCR[7] with hash f196f9cae98362568d31638e7522eee5042286b2c18627b06b30a0275207872e
[    7.903033] TRACE: /bin/cbfs-init(24): main
[    8.026099] TRACE: /bin/tpmr(832): main
[    8.077074] DEBUG: TPM: Extending PCR[7] with /.gnupg/trustdb.gpg
[    8.108061] TRACE: /bin/tpmr(234): tpm2_extend
[    8.180580] TRACE: /bin/tpmr(247): tpm2_extend
[    8.234748] DEBUG: TPM: Will extend PCR[7] with hash of string /.gnupg/trustdb.gpg
[    8.412522] TRACE: /bin/tpmr(265): tpm2_extend
[    8.469868] DEBUG: TPM: Extended PCR[7] with hash 53b843fe9bb52894d3a7d00197c776d56f3059f6a285124c7916724cd5013b0b
[    8.596316] TRACE: /bin/tpmr(832): main
[    8.655651] DEBUG: TPM: Extending PCR[7] with /.gnupg/trustdb.gpg
[    8.690508] TRACE: /bin/tpmr(234): tpm2_extend
[    8.723206] TRACE: /bin/tpmr(252): tpm2_extend
[    8.782554] DEBUG: TPM: Will extend PCR[7] with hash of file content /.gnupg/trustdb.gpg
[    8.999969] TRACE: /bin/tpmr(265): tpm2_extend
[    9.066744] DEBUG: TPM: Extended PCR[7] with hash abf745ef9f960af5d8b19a1acd4bc0a19da056f607b06cce6b920eab83cbbdec
[    9.215143] TRACE: /bin/key-init(6): main
[   10.661503] TRACE: Under /etc/ash_functions:combine_configs
[   10.749050] TRACE: Under /etc/ash_functions:pause_recovery
!!! Hit enter to proceed to recovery shell !!!
[   10.998267] TRACE: /bin/setconsolefont.sh(6): main
[   11.059640] DEBUG: Board does not ship setfont, not checking console font
[   11.303012] TRACE: /bin/gui-init(641): main
[   11.334099] TRACE: Under /etc/ash_functions:enable_usb
[   11.421487] TRACE: /sbin/insmod(9): main
[   11.578754] TRACE: /sbin/insmod(53): main
[   11.630500] DEBUG: No module parameters, extending only with the module's content
[   11.741780] TRACE: /bin/tpmr(832): main
[   11.789365] DEBUG: TPM: Extending PCR[5] with /lib/modules/ehci-hcd.ko
[   11.823496] TRACE: /bin/tpmr(234): tpm2_extend
[   11.862739] TRACE: /bin/tpmr(252): tpm2_extend
[   11.920404] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ehci-hcd.ko
[   12.123507] TRACE: /bin/tpmr(265): tpm2_extend
[   12.175292] DEBUG: TPM: Extended PCR[5] with hash 40c5206f06702e45d8e6632632255258af433be0641c96f514ea75ac14523a30
[   12.234130] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod
[   12.278479] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[   12.371875] TRACE: /sbin/insmod(9): main
[   12.523874] TRACE: /sbin/insmod(53): main
[   12.578418] DEBUG: No module parameters, extending only with the module's content
[   12.697785] TRACE: /bin/tpmr(832): main
[   12.753607] DEBUG: TPM: Extending PCR[5] with /lib/modules/uhci-hcd.ko
[   12.786940] TRACE: /bin/tpmr(234): tpm2_extend
[   12.819199] TRACE: /bin/tpmr(252): tpm2_extend
[   12.879805] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/uhci-hcd.ko
[   13.088925] TRACE: /bin/tpmr(265): tpm2_extend
[   13.158660] DEBUG: TPM: Extended PCR[5] with hash 1877332107fb8737a5636da26d4db2c10ffe4d1db2bcbde30b47774cdf05e02f
[   13.223888] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod
[   13.253700] uhci_hcd: USB Universal Host Controller Interface driver
[   13.269580] uhci_hcd 0000:00:1d.0: UHCI Host Controller
[   13.278675] uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1
[   13.287280] uhci_hcd 0000:00:1d.0: detected 2 ports
[   13.296481] uhci_hcd 0000:00:1d.0: irq 16, io base 0x0000ff00
[   13.314557] hub 1-0:1.0: USB hub found
[   13.332614] hub 1-0:1.0: 2 ports detected
[   13.352400] uhci_hcd 0000:00:1d.1: UHCI Host Controller
[   13.361016] uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2
[   13.368653] uhci_hcd 0000:00:1d.1: detected 2 ports
[   13.376700] uhci_hcd 0000:00:1d.1: irq 17, io base 0x0000fee0
[   13.395046] hub 2-0:1.0: USB hub found
[   13.403107] hub 2-0:1.0: 2 ports detected
[   13.418573] uhci_hcd 0000:00:1d.2: UHCI Host Controller
[   13.426975] uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3
[   13.434733] uhci_hcd 0000:00:1d.2: detected 2 ports
[   13.442497] uhci_hcd 0000:00:1d.2: irq 18, io base 0x0000fec0
[   13.460237] hub 3-0:1.0: USB hub found
[   13.467466] hub 3-0:1.0: 2 ports detected
[   13.579102] TRACE: /sbin/insmod(9): main
[   13.730892] TRACE: /sbin/insmod(53): main
[   13.781345] DEBUG: No module parameters, extending only with the module's content
[   13.891152] TRACE: /bin/tpmr(832): main
[   13.954015] DEBUG: TPM: Extending PCR[5] with /lib/modules/ohci-hcd.ko
[   13.995207] TRACE: /bin/tpmr(234): tpm2_extend
[   14.031074] TRACE: /bin/tpmr(252): tpm2_extend
[   14.095694] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ohci-hcd.ko
[   14.315253] TRACE: /bin/tpmr(265): tpm2_extend
[   14.369608] DEBUG: TPM: Extended PCR[5] with hash 8a12ce4abfc87f11a023d4f1c26c225f5cffae248f9dad1fd30e78022996df02
[   14.425800] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod
[   14.455207] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[   14.548050] TRACE: /sbin/insmod(9): main
[   14.693175] TRACE: /sbin/insmod(53): main
[   14.742761] DEBUG: No module parameters, extending only with the module's content
[   14.855233] TRACE: /bin/tpmr(832): main
[   14.908035] DEBUG: TPM: Extending PCR[5] with /lib/modules/ohci-pci.ko
[   14.940321] TRACE: /bin/tpmr(234): tpm2_extend
[   14.970307] TRACE: /bin/tpmr(252): tpm2_extend
[   15.018421] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ohci-pci.ko
[   15.226408] TRACE: /bin/tpmr(265): tpm2_extend
[   15.279951] DEBUG: TPM: Extended PCR[5] with hash 2065ee6544d78a5d31e67983166a9b8cf60dbe61bf0ee99c39e92816cc3a98db
[   15.335930] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod
[   15.360537] ohci-pci: OHCI PCI platform driver
[   15.446600] TRACE: /sbin/insmod(9): main
[   15.597149] TRACE: /sbin/insmod(53): main
[   15.649850] DEBUG: No module parameters, extending only with the module's content
[   15.753738] TRACE: /bin/tpmr(832): main
[   15.809086] DEBUG: TPM: Extending PCR[5] with /lib/modules/ehci-pci.ko
[   15.847559] TRACE: /bin/tpmr(234): tpm2_extend
[   15.878030] TRACE: /bin/tpmr(252): tpm2_extend
[   15.930320] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ehci-pci.ko
[   16.131948] TRACE: /bin/tpmr(265): tpm2_extend
[   16.190395] DEBUG: TPM: Extended PCR[5] with hash 116145df2c495dfd58354025799fe5bb9b4d8e078960e8d0d7ceda746e4f2d06
[   16.247675] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod
[   16.275465] ehci-pci: EHCI PCI platform driver
[   16.296704] ehci-pci 0000:00:1d.7: EHCI Host Controller
[   16.306151] ehci-pci 0000:00:1d.7: new USB bus registered, assigned bus number 4
[   16.316293] ehci-pci 0000:00:1d.7: irq 19, io mem 0xfcf80000
[   16.340527] ehci-pci 0000:00:1d.7: USB 2.0 started, EHCI 1.00
[   16.357688] hub 4-0:1.0: USB hub found
[   16.365707] hub 4-0:1.0: 6 ports detected
[   16.376687] hub 1-0:1.0: USB hub found
[   16.384573] hub 1-0:1.0: 2 ports detected
[   16.393986] hub 2-0:1.0: USB hub found
[   16.401424] hub 2-0:1.0: 2 ports detected
[   16.410387] hub 3-0:1.0: USB hub found
[   16.418087] hub 3-0:1.0: 2 ports detected
[   16.513839] TRACE: /sbin/insmod(9): main
[   16.670778] TRACE: /sbin/insmod(53): main
[   16.721953] DEBUG: No module parameters, extending only with the module's content
[   16.835964] TRACE: /bin/tpmr(832): main
[   16.888003] DEBUG: TPM: Extending PCR[5] with /lib/modules/xhci-hcd.ko
[   16.919798] TRACE: /bin/tpmr(234): tpm2_extend
[   16.957470] TRACE: /bin/tpmr(252): tpm2_extend
[   17.013535] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/xhci-hcd.ko
[   17.225097] TRACE: /bin/tpmr(265): tpm2_extend
[   17.281099] DEBUG: TPM: Extended PCR[5] with hash 7f5a6bd0f7de6104e49374e1e5ce421e11795fcc4f53014ef9259d630d7876bc
[   17.337551] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod
[   17.448660] TRACE: /sbin/insmod(9): main
[   17.595458] TRACE: /sbin/insmod(53): main
[   17.653305] DEBUG: No module parameters, extending only with the module's content
[   17.763612] TRACE: /bin/tpmr(832): main
[   17.817350] DEBUG: TPM: Extending PCR[5] with /lib/modules/xhci-pci.ko
[   17.849196] TRACE: /bin/tpmr(234): tpm2_extend
[   17.879069] TRACE: /bin/tpmr(252): tpm2_extend
[   17.927859] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/xhci-pci.ko
[   18.126778] TRACE: /bin/tpmr(265): tpm2_extend
[   18.188056] DEBUG: TPM: Extended PCR[5] with hash 5502fa8c101f7e509145b9826094f06dd0e225c2311a14edc9ae9c812518a250
[   18.247945] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod
[   18.286509] xhci_hcd 0000:00:04.0: xHCI Host Controller
[   18.294553] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 5
[   18.308276] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010
[   18.320288] hub 5-0:1.0: USB hub found
[   18.328425] hub 5-0:1.0: 4 ports detected
[   18.337635] xhci_hcd 0000:00:04.0: xHCI Host Controller
[   18.344430] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 6
[   18.351769] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed
[   18.360900] usb usb6: We don't know the algorithms for LPM for this host, disabling LPM.
[   18.371095] hub 6-0:1.0: USB hub found
[   18.378046] hub 6-0:1.0: 4 ports detected
[   18.673695] usb 5-1: new high-speed USB device number 2 using xhci_hcd
[   18.960744] usb 6-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd
[   19.112485] usb 5-3: new full-speed USB device number 3 using xhci_hcd
[   20.433294] TRACE: /etc/functions(715): detect_boot_device
[   20.489580] TRACE: /etc/functions(682): mount_possible_boot_device
[   20.546126] TRACE: /etc/functions(642): is_gpt_bios_grub
[   20.653417] TRACE: /dev/vda1 is partition 1 of vda
[   20.777737] TRACE: /etc/functions(619): find_lvm_vg_name
[   20.946450] TRACE: Try mounting /dev/vda1 as /boot
[   20.997145] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null)
[   21.053058] TRACE: /bin/gui-init(319): clean_boot_check
[   21.157752] TRACE: /bin/gui-init(348): check_gpg_key
[   21.260339] TRACE: /bin/gui-init(185): update_totp
[   21.376906] TRACE: /bin/unseal-totp(8): main
[   21.497372] TRACE: /bin/tpmr(569): tpm2_unseal
[   21.574501] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[   22.212056] DEBUG: Running at_exit handlers
[   22.247818] TRACE: /bin/tpmr(374): cleanup_session
[   22.301292] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[   22.423005]  !!! ERROR: Unable to unseal TOTP secret !!!
[   25.058227] TRACE: /bin/unseal-totp(8): main
[   25.205031] TRACE: /bin/tpmr(569): tpm2_unseal
[   25.284388] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[   25.914243] DEBUG: Running at_exit handlers
[   25.947988] TRACE: /bin/tpmr(374): cleanup_session
[   26.001694] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[   26.126464]  !!! ERROR: Unable to unseal TOTP secret !!!
[   28.766165] TRACE: /bin/unseal-totp(8): main
[   28.898452] TRACE: /bin/tpmr(569): tpm2_unseal
[   28.982708] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[   29.609216] DEBUG: Running at_exit handlers
[   29.643372] TRACE: /bin/tpmr(374): cleanup_session
[   29.696741] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[   29.822748]  !!! ERROR: Unable to unseal TOTP secret !!!
[   31.890980] DEBUG: CONFIG_TPM: y
[   31.945147] DEBUG: CONFIG_TPM2_TOOLS: y
[   31.999643] DEBUG: Show PCRs
[   32.157607] DEBUG:   sha256:
[   32.190288] 0 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.221302] 1 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.251240] 2 : 0x9FC171D45D54BDD49D40E8438BCF15808427BA72B11EC2DF1ACE877CA0CF4F14
[   32.282127] 3 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.315382] 4 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.345767] 5 : 0xD76470232B7C3FD7D18D4DF3B77DACAFFDB876DBF3E84C996D74F7ECFA0FF60F
[   32.379099] 6 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.409630] 7 : 0x2E3147A8ADA1FEBEB2D32D7F50F25DC10F47D7CD48DF1D61A2D6BF958114A231
[   32.439780] 8 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.508514] 9 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.537395] 10: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.583510] 11: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.622661] 12: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.651831] 13: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.687298] 14: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.721766] 15: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.751345] 16: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.782919] 17: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.813071] 18: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.841994] 19: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.869358] 20: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.907215] 21: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.937346] 22: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.967810] 23: 0x0000000000000000000000000000000000000000000000000000000000000000

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-06 17:15:53 -04:00
gaspar-ilom
39be8303d7 move w541 back to tested 
Signed-off-by: gaspar-ilom <gasparilom@riseup.net>
 2024-08-07 00:02:50 +02:00
Thierry Laurion
d0b0eef844
boards/UNTESTED_w541-hotp-maximized/UNTESTED_w541-hotp-maximized.config: Path is hardcoded to non hotp variant inclusion... 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-07-26 16:51:31 -04:00
Thierry Laurion
1b6d26a888
w541: rename/move board flavors to UNTESTED since untested for coreboot 24.02.01 version bumped and no news from expected board testers in time for merge 
Replication notes:
- w541-hotp-maximized is a makefile inclusion of w541-maximized so order of ops is important

docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.1 -- make -d BOARD=w541-hotp-maximized board.move_tested_to_untested
time docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.1 -- make -d BOARD=w541-maximized board.move_tested_to_untested
git status
git add boards/UNTESTED_w541-hotp-maximized/UNTESTED_w541-hotp-maximized.config boards/UNTESTED_w541-maximized/UNTESTED_w541-maximized.config boards/w541-hotp-maximized/w541-hotp-maximized.config boards/w541-maximized/w541-maximized.config .circleci/config.yml
git commit --signoff

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-07-26 15:45:34 -04:00
Thierry Laurion
cf9d10adeb
t530(-hotp)-maximized: move+ rename to boards/* + unify with x230-maximized boards for 24.02.01 + add Makefile helper + add back to CircleCI 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-07-26 15:40:09 -04:00
Thierry Laurion
646db06eb6
boards/*/*.config: bump coreboot 4.22.01 boards config to use 24.02.01 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-07-26 15:35:56 -04:00