Commit Graph

16 Commits

Author SHA1 Message Date
Thierry Laurion
fb616f416a
WiP 4.22.01 fhd patch test + bump all 4.19 boards to 4.22.01
- patches/coreboot-4.22.01/0001-x230-fhd-variant.patch created per
  - git fetch https://review.coreboot.org/coreboot refs/changes/50/28950/23 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-4.22.01/0001-x230-fhd-variant.patch
- all boards configs bumped with:
  - grep -Rn 4.22 boards/ | awk -F "/" {'print $2'}| while read line; do make BOARD=$line coreboot.save_in_oldconfig_format_in_place ; done

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-03-25 15:14:42 -04:00
Thierry Laurion
7cbcdd8ed7
Tethering refresh for CDC NCM/CDC EEM mobile phones (tested on GrapheneOS Pixel 6a, no more RNDIS support)
- Add additional requirements to linux config
- Add additional CONFIG_MOBILE_TETHERING=y to all maximized board configs
- Fix issue under network-recovery-init to NTP sync against NTP server pool
- Extend network-recovery-init to first try NTP sync against DNS server returned by DHCP answer
- Remove network-recovery-init earlytty and tty0 redirection (console should be setuped properly by init in all cases)
- If CONFIG_MOBILE_TETHERING=y added to board config and network-recovery-init called, wait to user input on instructions and warning 30 secs before proceeding (non-blocking)
- Machines having STATIC_IP under board config won't benefit of autoatic NTP sync

Since network-recovery-init can only be called from recovery shell now, and recovery shell can be guarded by GPG auth, this is PoC code to be used to complement TOTP being out of sync

TODO(Future PR):
- Refactor into functions and reuse into TOTP/HOTP being out of sync automatically.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-02-21 13:50:18 -05:00
Thierry Laurion
a2ebf251e0
hotp boards: enable autoboot after 5 seconds if reverse HOTP against USB Security Dongle is successful by default
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-01-09 15:06:04 -05:00
Thierry Laurion
77f9933538
xx20/xx30 blob based boards: move ME blobs target outside of board configs (targets/xx*_blobs.mk)
Makefile: have inclusion of all defined $BOARD BOARD_TARGETS (me, split_8mb4mb, ...)

TODO: VBIOS scripts for W530/T530 need way more work. To be done later.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-01-04 15:32:09 -05:00
Thierry Laurion
197914b396
xx20 boards and circleci: Have boards download extract and neuter me by board config
Fix https://github.com/linuxboot/heads/issues/1569 part of error linked to me not being available in blobs/xx20/me.bin

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-01-04 14:21:08 -05:00
Thierry Laurion
2fcef4a979
FB_EFI next step: remove CONFIG_BOOT_KERNEL_ADD=intel_iommu=on intel_iommu=igfx_off, add CONFIG_BOOT_KERNEL_REMOVE=intel_iommu=on intel_iommu=igfx_off, remove quiet removal from CONFIG_BOOT_KERNEL_REMOVE. TLDR: do not interfere with OS setting its own boot policies
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2023-11-20 09:40:39 -05:00
Thierry Laurion
e02228407f
boards: bump non-tpm qemu*, xx20 and xx30 boards to use linux kernel 5.10.5 2023-06-27 11:21:06 -04:00
Thierry Laurion
9830c6c4ed
io386 platform lockdown: enable on sandy/ivy/haswell maximized board configs 2023-06-20 12:36:45 -04:00
Thierry Laurion
6300dd178a
Pass all coreboot 4.13 boards to 4.19
- Add 4.19 under modules/coreboot
- point all 4.13 boards to 4.19
- adapt x230 FHD/EDP patch under patches/coreboot-4.19/0001-x230-fhd-variant.patch (poked upstream to fix patch under https://review.coreboot.org/c/coreboot/+/28950)
- correct versioning info under .circleci/config/yml
2023-02-27 18:07:06 -05:00
Thierry Laurion
225741b4cd
remove coreboot-hotp* duplicates, have boards configs point to non-hotp maximized equivalents 2023-02-09 12:34:33 -05:00
Thierry Laurion
0bfd696fbf
xx20 and xx30: split kernel configs to legacy and maximized and board configs point to them 2022-06-10 09:52:07 -04:00
Thierry Laurion
37ee3f37ad
boards/* : Add/uniformize missing CONFIG_BOARD_NAME for coreboot boards 2022-01-28 14:17:22 -05:00
Thierry Laurion
41847f5cd2 move all other boards (but KGPE-D16) to coreboot 4.13
- xx30 legacy boards (x230, x230-flash, t430, t430-flash) now rely also on coreboot 4.13
  - DOWNSIDE: x230 and t430 legacy boards now rely on WHIPTAIL (NOT FBWhiptail) to have enough space to fit under 7mb)
- xx20 boards moved to 4.13 (no need of xx20-flash boards here since single SPI boards with 7.5mb useable since blobs scripts are required)
  - DOWNSIDE: all xx20 boards now have dropbear deactivated, while still having ethernet driver in.
- qemu-coreboot and qemu-coreboot-fbwhiptail switched to coreboot 4.13 WITHOUT TPM SUPPORT (with cryptsetup 2.x support)
  - DOWNSIDE:
    - coreboot-qemu board CBFS_SIZE=0x700000 -> 0x750000
    - coreboot-qemu-fbwhiptail CBFS_SIZE=0x750000 -> 0x780000
- CircleCi build recipe removes 4.8.1 boards altogether
  - KGPE-D16 workstation is used as new base build to save workspace layer (we removed one workspace layer)
  - Removing one workspace layer will save approx 2 hours of build time on fresh builds
  - Removing one coreboot version will save us approx 2 hours of build time on fresh builds
  - KGPE-D16 will stay to coreboot 4.11 until forward notice.
  - All other board configs SHOULD be built on latest coreboot versions
2021-12-04 15:51:53 -05:00
Thierry Laurion
c7e651d663 xx20/xx30 boards uniformisation when switching to coreboot 4.13
- all: coreboot NO_POST for all boards
- all: coreboot NO_GFX_INIT (linux payload does the graphic init)
- all: coreboot TPM_MEASURED_BOOT (no more patches under Heads for measured boot)
- all: coreboot DRIVERS_PS2_KEYBOARD (fixes no keyboard on soft reboot and potentially xx30t xx20t fix for random raw keyboard (to be tested)
- all: coreboot removal of DEFAULT_CONSOLE_LOGLEVEL_5 under some boards
- all: coreboot removal of "loglevel=3" under some linux command line options booting Heads kernel
- all: coreboot removal of DEBUG_SMM_RELOCATION (unneeded)
- all: coreboot INCLUDE_CONFIG_FILE and COLLECT_TIMESTAMPS for all boards
- all: coreboot CONSOLE_SERIAL present on all boards
- all: coreboot add VBT
- all: board configs switch to cryptsetup2

xx20 hotp-maximized boards:
- removal of dropbear (not enough space to have htop + dropbear)

txx0 boards coreboot:
- USE_OPTION_TABLE and STATIC_OPTION_TABLE added (todo: check T430 boards optimization and find issue/PR and ammend this commit)
2021-12-04 15:51:53 -05:00
Thierry Laurion
164d991a69
xx30 boards: remove NKSTORECLI from all boards. Par with xx20. 2020-12-12 22:11:20 -05:00
Thierry Laurion
16488fb21a
xx20 boards: add xx20-hotp-maximized boards, remove hotp support from xx20-boards. Modify CircleCI conf accordingly. 2020-12-12 12:44:06 -05:00