Commit Graph

2704 Commits

Author SHA1 Message Date
Jonathon Hall
e32a417ed1
targets/qemu.mk: Fix skip-if-exist in swtpm_setup
Commit 46cad549 ("WiP flake.nix: make docker image usable for...")
added 'root' to the swtpm_setup call, but broke skip-if-exist because
the flags are supposed to be comma-separated.  swtpm_setup was ignoring
skip-if-exist and would fail if the config files exist.

Put a comma there so it works again.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2024-08-06 08:57:37 -04:00
Jonathon Hall
16f0793648
initrd/bin/change-time: Label parameters of get_date
Use local named variables instead of $1-$4 throughout the function.
This makes the implementation clearer and documents the usage.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2024-08-06 08:57:24 -04:00
Thierry Laurion
de0bc7517e
Merge pull request #1743 from tlaurion/fix_top_down_allocation_up_to_haswell
coreboot 24.02.04: Fix top down allocation for platforms up to Haswell
2024-08-05 13:38:34 -04:00
Thierry Laurion
e6382176a0
coreboot 24.02.01: redo save in oldconfig with patch for sandy/ivy/haswell: configs updated
repro saving all boards configs to oldconfig
grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place  > /dev/null 2>&1; then echo $board failed;fi; done

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-08-05 05:42:12 -04:00
Thierry Laurion
db9eed7ac5
coreboot 24.02.01: add upstream patch for Intel CONFIG_DOMAIN_RESOURCE_32BIT_LIMIT to fix CONFIG_RESOURCE_ALLOCATION_TOP_DOWN peripherals disappearing
repro:
git fetch https://review.coreboot.org/coreboot refs/changes/07/80207/3 && git format-patch -1 --stdout FETCH_HEAD > ~/heads/patches/coreboot-24.02.01/0003-CONFIG_RESOURCE_ALLOCATION_TOP_DOWN-CONFIG_DOMAIN_RESOURCE_32BIT_LIMIT.patch
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=x230-maximized real.remove_canary_files-extract_patch_rebuild_what_changed
grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place  > /dev/null 2>&1; then echo $board failed;fi; done

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-08-05 05:40:51 -04:00
Thierry Laurion
27d09d4a23
Merge pull request #1738 from tlaurion/arhabd_patch-1
kgpe-d16: add nvme support under linux kernel configs - PR superseeding #1727
2024-07-30 13:24:08 -04:00
Thierry Laurion
211aeabf35
kgpe-d16 linux configs: generalize nvme support
Repro applying patch of past commit on other linux configs of kgpe-d16:
git diff osresearch/master > patch
find config/linux-kgpe* | while read config; do sudo patch $config patch; done
git status | grep modified | awk -F ":" {'print $2'}| xargs git add
git commit --signoff -m "kgpe-d16 linux configs: generalize nvme support"

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 11:36:58 -04:00
Thierry Laurion
439eb35816
Merge remote-tracking branch 'osresearch/master' into HEAD 2024-07-29 11:26:02 -04:00
arhabd
3b66c538ac
add nvme support
add nvme support works as boot device hopefully

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 11:25:51 -04:00
Thierry Laurion
f4ce047167
gui-init: put change-time under TOTP mismatch where it should be, remove unneeded duplicate menu options to change system time
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 10:32:34 -04:00
Thierry Laurion
a99298acb2
change-time script: syntax, spcaing, wording and typo fixes
Signed-off-by: Thierry Laurion <insurgo@riseup.net>

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 10:12:20 -04:00
alexgithublab
07a6b7819a
UTC statment + menu order
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 10:12:14 -04:00
alexgithublab
a3b9a1d9e9
chmod
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 10:12:08 -04:00
alexgithublab
ff9dd5f667
change system time feature
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 10:12:03 -04:00
Thierry Laurion
2ea14bcbeb
Merge pull request #1719 from tlaurion/Guidelines-code_of_conduct_and_contributing_md
Guidelines for contributing under CONTRIBUTING.md
2024-07-29 08:52:53 -04:00
Thierry Laurion
9f8aee7ed8
CONTRIBUTING.md: signing notes formatting fix
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 08:50:22 -04:00
Thierry Laurion
1d9ecf620b
CONTRIBUTING.md: add notes in case users won't use GitHub
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 08:37:29 -04:00
Thierry Laurion
ddfcd86cd3
Update CONTRIBUTING.md
Add suggestion for signing/review process

Co-authored-by: SergiiDmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 08:24:47 -04:00
Thierry Laurion
95cd578915
Update CONTRIBUTING.md
Add pinging suggestions

Co-authored-by: SergiiDmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 08:24:31 -04:00
Thierry Laurion
05f4993257
Update CONTRIBUTING.md
Fix wording to ease contribution acceptance

Co-authored-by: SergiiDmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 08:24:11 -04:00
Thierry Laurion
e2e4d3deac
CONTRIBUTING.md: add baselines and refer in README.md
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-29 08:21:59 -04:00
Thierry Laurion
1516320960
Merge pull request #1735 from tlaurion/fix_fsp_error_wifi_generic_nv41_ns50
nitropad-nv41/ns50: readd Intel WIFI otherwise fsp error to fix previous PR regression (preventing master to build)
2024-07-26 22:34:19 -04:00
Thierry Laurion
3b436e53ea
nitropad-nv41/ns50: readd Intel WIFI otherwise fsp error
Enabling CONFIG_DRIVERS_INTEL_WIFI=y in turn enables CONFIG_DRIVERS_WIFI_GENERIC=y which is needed.

Bugfix, pushed on master without review: this is regression preventing master to report succcess for last master commit.

nv41:
CC         generated/ramstage.o
/home/user/heads/build/x86/coreboot-dasharo/util/crossgcc/xgcc/bin/i386-elf-ld.bfd: nitropad-nv41/romstage/soc/intel/alderlake/romstage/fsp_params.o: in function `fill_fspm_misc_params':
/home/user/heads/build/x86/coreboot-dasharo/src/soc/intel/alderlake/romstage/fsp_params.c:235: undefined reference to `wifi_generic_cnvi_ddr_rfim_enabled'
make[1]: *** [src/arch/x86/Makefile.inc:196: nitropad-nv41/cbfs/fallback/romstage.debug] Error 1

ns50:
CC         generated/ramstage.o
/home/user/heads/build/x86/coreboot-dasharo/util/crossgcc/xgcc/bin/i386-elf-ld.bfd: nitropad-ns50/romstage/soc/intel/alderlake/romstage/fsp_params.o: in function `fill_fspm_misc_params':
/home/user/heads/build/x86/coreboot-dasharo/src/soc/intel/alderlake/romstage/fsp_params.c:235: undefined reference to `wifi_generic_cnvi_ddr_rfim_enabled'

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 22:29:20 -04:00
Thierry Laurion
e313c18e00
Merge pull request #1723 from tlaurion/ivy_coreboot_2402-defconfig_unification_to_oldconfig
xx20/xx30/qemu q35/xx4x : coreboot 4.22.01 -> 24.02.01 VERSION BUMP + defconfig unification to oldconfig
2024-07-26 17:51:57 -04:00
Thierry Laurion
a9e6dfe851
config/coreboot-*: Turn off WIFI support in coreboot. If regression, will turn on case by case.
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 17:39:18 -04:00
Thierry Laurion
d0b0eef844
boards/UNTESTED_w541-hotp-maximized/UNTESTED_w541-hotp-maximized.config: Path is hardcoded to non hotp variant inclusion...
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 16:51:31 -04:00
Thierry Laurion
1b6d26a888
w541: rename/move board flavors to UNTESTED since untested for coreboot 24.02.01 version bumped and no news from expected board testers in time for merge
Replication notes:
- w541-hotp-maximized is a makefile inclusion of w541-maximized so order of ops is important

docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.1 -- make -d BOARD=w541-hotp-maximized board.move_tested_to_untested
time docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.1 -- make -d BOARD=w541-maximized board.move_tested_to_untested
git status
git add boards/UNTESTED_w541-hotp-maximized/UNTESTED_w541-hotp-maximized.config boards/UNTESTED_w541-maximized/UNTESTED_w541-maximized.config boards/w541-hotp-maximized/w541-hotp-maximized.config boards/w541-maximized/w541-maximized.config .circleci/config.yml
git commit --signoff

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:45:34 -04:00
Thierry Laurion
cf9d10adeb
t530(-hotp)-maximized: move+ rename to boards/* + unify with x230-maximized boards for 24.02.01 + add Makefile helper + add back to CircleCI
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:40:09 -04:00
Thierry Laurion
549c2e4504
BOARD_TESTERS.md: Add known board owners with external programmer (testers)
Those are currently known to be willing testers of coreboot/linux version bumps PRs to not cause bricks under Heads master

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:40:03 -04:00
Thierry Laurion
acc6493492
coreboot configs: unify turning CONFIG_USBDEBUG off
sed -i '$a CONFIG_USBDEBUG=n' config/coreboot-*.config
grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place  > /dev/null 2>&1; then echo $board failed;fi; done

Note:
Boards that are unmaintained accumulates settings addition per the sed call.

Why deactivate:
- Well, this is equivalent of cbmem -c which gives way too much information from attacker.

TODO: add an helper later on so that builds aimed at testing coreboot version bump pass to release mode or something.

As of this commit, we accept that bricks might happen and that troubleshooting will be made in a case basis?!

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:39:58 -04:00
Jonathon Hall
d20333f081
modules/coreboot: Reuse 24.02.01 toolchain for coreboot-purism
Reuse the toolchain from coreboot-24.02.01 for coreboot-purism (based
on 24.02.01) instead of compiling a separate toolchain.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2024-07-26 15:39:52 -04:00
Thierry Laurion
2253f6f3a3
nv41/ns50 coreboot configs: unset 'CONFIG_RESOURCE_ALLOCATION_TOP_DOWN=y': turns nv41 into a brick under current used coreboot Dasharo fork
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:39:46 -04:00
Thierry Laurion
df1e6d7540
coreboot configs: put back all maintained boards (boards/*)'s coreboot configs in oldconfig format
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:39:40 -04:00
Thierry Laurion
296772a628
coreboot configs: add CONFIG_DRIVERS_INTEL_WIFI
This is needed so that ACPI tables are generated from coreboot for final OS to not apply quirks to support wifi cards

TODO: bluethooth not activated here, maybe we should.

sed -i '/# CONFIG_DRIVERS_INTEL_WIFI is not set/d' config/coreboot-*.config

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:39:34 -04:00
Thierry Laurion
446c98a3f8
coreboot configs: add CONFIG_USBDEBUG
sed -i '$a CONFIG_USBDEBUG=y' config/coreboot-*.config
grep -R CONFIG_COREBOOT_VERSION boards/ | awk -F "/" {'print $2'} | while read board; do if ! sudo make BOARD=$board coreboot.save_in_defconfig_format_in_place > /dev/null 2>&1; then echo $board failed;fi; done

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:39:28 -04:00
Thierry Laurion
d44fe53731
coreboot configs: add CONFIG_RESOURCE_ALLOCATION_TOP_DOWN
sed -i '/# CONFIG_RESOURCE_ALLOCATION_TOP_DOWN is not set/d' config/*.config

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:39:22 -04:00
Thierry Laurion
38bd342475
coreboot configs: add CONFIG_COLLECT_TIMESTAMPS
sed -i '/# CONFIG_COLLECT_TIMESTAMPS is not set/d' config/*.config

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:39:16 -04:00
Thierry Laurion
88cec3ab87
coreboot configs: put in defconfig to ease comparison and unification of configs
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:39:10 -04:00
Thierry Laurion
b8a87ff579
CircleCI: modify comments/cache relative to version bump 4.22.01->24.02.01
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:38:53 -04:00
Thierry Laurion
6e237d9edd
config/coreboot*: save new coreboot 24.02.01 coreboot configs in oldconfig (see new defaults from 4.22.01)
grep -R 24.02.01 boards/ | awk -F "/" {'print $2'} | while read board; do sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place; done

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:36:02 -04:00
Thierry Laurion
646db06eb6
boards/*/*.config: bump coreboot 4.22.01 boards config to use 24.02.01
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:35:56 -04:00
Thierry Laurion
f29c16d977
modules/coreboot: add 24.02.01 version
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:35:50 -04:00
Thierry Laurion
119cebc44f
coreboot 24.02.01: add upstream pending patches for heap allocation failure on bootsplash and defaulting to 4mb of heap when bootsplash
Add upstreeam patches to downstream:
git fetch https://review.coreboot.org/coreboot refs/changes/75/83475/1 && git format-patch -1 --stdout FETCH_HEAD > 0001-prevent_bootsplash_heap_allocation_failure_to_booting.patch
git fetch https://review.coreboot.org/coreboot refs/changes/76/83476/2 && git format-patch -1 --stdout FETCH_HEAD > 0002-increase_heap_from1mb_to4mb_when_bootpslash_enabled.patch

Rebuilding coreboot version with patches applied:
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:v0.2.0 -- make BOARD=qemu-coreboot-whiptail-tpm1 real.remove_canary_files-extract_patch_rebuild_what_changed
Remove file added by patch when patching fails:
sudo rm build/x86/libgpg-error-1.46/src/syscfg/lock-obj-pub.powerpc64le-unknown-linux-musl.h

Applying patches touching coreboot version 24.02.01 defiend in board config to all boards:
grep -R 24.02.01 boards/ | awk -F "/" {'print $2'} | while read board; do sudo make BOARD=$board coreboot.save_in_oldconfig_format_in_place; done

Adding added/modified files to git tracked files for commit:
git status | grep -e modified -e added | awk -F ":" {'print $2'}| xargs git add

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 15:35:44 -04:00
Thierry Laurion
60ec2b9b45
Merge pull request #1734 from tlaurion/JonathonHall-Purism-module_checkout_submodules-flake_moreutils_for_timestamps_CircleCI_intermediary_arch_musl-cross-make_step
Fix master's CircleCI builds (Bandwidth throttling making all boards depending on coreboot forks to exceed 1h step's max build time)
2024-07-26 15:29:32 -04:00
Thierry Laurion
f0c951fa91
CircleCI: fix naming of cache: coreboot-nitrokey -> coreboot-dasharo
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 14:16:37 -04:00
Thierry Laurion
43f3570288
CircleCI: add CircleCI intermediary musl-cross build step per arch, cleanup
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 12:14:08 -04:00
Thierry Laurion
8ff19d17bc
Bump nix develop based docker image to tlaurion/heads-dev-env:v0.2.1: include moreutils to be able to use 'ts' in CircleCI builds ('make BOARD=xyz V=1 | ts') to give timestamps of each make step
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 11:44:33 -04:00
Jonathon Hall
1e54152f30
Makefile: Don't check out submodules when cloning a git module
Checking out submodules was much worse for coreboot, it has many
submodules and only a subset of them are actually used.  coreboot knows
to sync the needed submodules during its build.

Instead, just remove the errant command that did not actually work.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-07-26 11:44:27 -04:00
Jonathon Hall
a2876a26a1
Makefile: When cloning a repo from Git, update submodules correctly
When cloning a repo from Git, actually change to the repo directory to
check out the submodules as well.  Without the -C <dir>, the submodule
checkout happened in the Heads repo itself, which has no submodules.

This is important for coreboot being built in CI.  Without this, the
coreboot submodules will be checked out automatically by the coreboot
build system during the build, meaning they will not be in the
prepped module cache.

A trade-off though is that at this point, we don't know what submodules
are actually needed - we will clone some that are not needed.  coreboot
knows to skip some submodules during the build if they are not needed.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2024-07-24 15:54:18 -04:00
Thierry Laurion
0b494fea09
Merge pull request #1728 from tlaurion/fhvyhjriur_UNMAINTAINED_READMEmd
Update README.md : cherry-pick of PR #1696's commit with me signing.
2024-07-22 15:28:41 -04:00