Commit Graph

1513 Commits

Author SHA1 Message Date
HardenedVault
da7f6f734f make cryptsetup1/cryptsetup2 optional 2021-01-30 07:28:28 +02:00
tlaurion
22396fba75
Merge pull request #964 from tlaurion/xx30_boards_documentation_fix
xx30 boards: correct documentation, typos
2021-01-23 11:17:05 -05:00
Thierry Laurion
041f3f1188
xx30 boards: correct documentation, typos 2021-01-17 13:47:53 -05:00
tlaurion
0d5b3d75e7
Merge pull request #962 from MrChromebox/update_hotp_verification
modules/hotp-verification: Update module to latest version
2021-01-13 12:52:40 -05:00
Matt DeVillier
df02fd934a
modules/hotp-verification: Update module to latest version
Update nitrokey-hotp-verification to upstream master, which
pulls in 2 changes:
- update OTP secret length from 20 bytes to 40 bytes
- fixes handling for branding strings containing spaces

Test: build/boot Librem 13v4, verify LK verification working

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2021-01-13 10:35:13 -06:00
Thomas Clarke
31edd87c89
Add CONFIG_CPU_MICROCODE_CBFS_NONE=y to KGPE-D16 Coreboot configs. This disables microcode being included and loaded by Coreboot because of a current issue in which newer kernels panic when doing so.
Added note to KGPE-D16 configs about the current microcode bug, why microcode is not included and encouraging AMD Opteron 6300 series users to make sure their operating system loads microcode.
2021-01-07 19:24:10 +00:00
Thomas Clarke
9bdf3e01dc
Update all Librem and KGPE-D16 board to build with Linux 5.10.5. Update KGPE-D16 and Librem linux configs to 5.10.5 with make savedefconfig. 2021-01-07 19:24:09 +00:00
Thomas Clarke
194edf5424
modules/linux: Add support for building against Linux 5.10.5. All patches besides 0000-efi_bds.patch port cleanly. As a result of 0000-efi_bds.patch missing, it is strongly encouraged that no linuxboot boards use Linux 5.10.5 until a proper review has been done. 2021-01-07 19:24:03 +00:00
tlaurion
6bc40d7a70
Merge pull request #943 from Tonux599/kgpe-d16-flashrom-fix
Kgpe d16 flashrom fix
2021-01-06 20:13:41 -05:00
tlaurion
9af0981473
Merge pull request #954 from tlaurion/coreboot_remove_any_toolchain
coreboot configs : remove CONFIG_ANY_TOOLCHAIN in coreboot configs
2021-01-05 21:24:25 -05:00
Thierry Laurion
7d10edb661
coreboot configs : CONFIG_ANY_TOOLCHAIN=y is not needed anymore since built against coreboot's version muslcross built toolchain. 2021-01-05 13:20:17 -05:00
tlaurion
5f0a0ac3cc
Merge pull request #952 from tlaurion/xx30-flash_remove_12mb_image
xx30-flash boards: produce top.rom and remove 12mb rom for clarity
2021-01-05 10:47:10 -05:00
tlaurion
d8c0ef0735
Merge pull request #950 from tlaurion/CircleCI_coreboot_cache
CircleCI: Add coreboot+musl-cross cache
2021-01-04 18:25:16 -05:00
Thierry Laurion
d364336913
xx30-flash boards: produce top.rom and remove 12mb rom for clarity 2021-01-04 12:19:09 -05:00
Thierry Laurion
7d2ba3d0b8
coreboot module: CPUS=$$CPUS -> CPUS=$(CPUS) 2021-01-03 23:07:51 -05:00
Thierry Laurion
bbaa049ad1
coreboot buildgcc: TEMPORARY HACK: gnu mirrors are failing because of https errors. Falling back to http. 2021-01-03 21:14:50 -05:00
Thierry Laurion
62a90ed3be
CircleCI: Add coreboot+musl-cross cache
The idea here is a cache to restore from (musl-cross from coreboot version bound crosscomipler, from which coreboot is built)

1- Reuse existing cache for all modules and patches created digest's hash past build matching cache.
(If a single module or patch changes, we have cache miss.)
2- Reuse existing coreboot and musl-cross-make created digest's hash past build's matching cache
(If a patch was added to current coreboot, or new coreboot version was added in coreboot module definition, we have a cache miss.)
3- Reuse existing musl-cross-make created digest's hash past build matching cache
(If musl-cross-make module didn't change, we don't rebuild it.)

Per https://github.com/osresearch/heads/pull/947#issuecomment-753507412 proposition
2021-01-03 21:14:44 -05:00
tlaurion
69075fa738
Merge pull request #948 from tlaurion/gpg2_default_RSA3072
oem-factory-reset: set default KEY_LENGTH to 3072 and change expectation management message to console
2021-01-03 12:32:43 -05:00
tlaurion
817e6a3068
Merge pull request #945 from tlaurion/busybox-fix-1.32
busybox: CONFIG_BASH_IS_ASH is incompatible with CONFIG_BASH_IS_NONE
2020-12-30 20:36:31 -05:00
Thierry Laurion
ee23fe9d3b
busybox: CONFIG_BASH_IS_ASH is incompatible with CONFIG_BASH_IS_NONE. Disabling the latter. 2020-12-30 20:31:37 -05:00
Thomas Clarke
a1f29410be
modules/flashrom: Enable AST1100 in flashrom. This will allow user to flash the BMC internally for KGPE-D16. 2020-12-30 19:18:04 +00:00
Thomas Clarke
aba13a9c55
modules/flashrom: Fixes two issues:
* Flashrom was being fetched with git and was always using `master`
* No patches were being applied (i.e. `0100-enable-kgpe-d16.patch` was being ignored).
2020-12-30 19:17:54 +00:00
tlaurion
69eb819958
Merge pull request #909 from Thrilleratplay/bash_is_ash
feat(busybox): set CONFIG_BASH_IS_ASH
2020-12-30 13:06:04 -05:00
tlaurion
4addeab3f5
Merge pull request #900 from tlaurion/busybox-1_32
Upgrade busybox to 1.32
2020-12-30 13:05:49 -05:00
tlaurion
7c686d576f
Merge pull request #938 from tlaurion/revert-coreboot_musl-cross-make
coreboot: revert building coreboot against musl-cross-make.
2020-12-30 13:04:50 -05:00
Thierry Laurion
8e4485347e
coreboot: revert building coreboot against musl-cross-make.
coreboot: correct $$CPUS -> $(CPUS)
2020-12-29 17:06:54 -05:00
tlaurion
b06a26f814
Merge pull request #932 from MrChromebox/coreboot_4.13
modules/coreboot: bump 4.12 build option to 4.13
2020-12-29 16:57:35 -05:00
Thierry Laurion
e9eedc4717
Upgrade busybox to 1.32
+CONFIG_STACK_OPTIMIZATION_386=y
+CONFIG_FLOAT_DURATION=y
+CONFIG_FEATURE_RTMINMAX_USE_LIBC_DEFINITIONS=y
+CONFIG_FEATURE_EDITING_WINCH=y
+CONFIG_BZIP2_SMALL=8
+CONFIG_FEATURE_CP_REFLINK=y
+CONFIG_MKTEMP=y
+CONFIG_PRINTF=y
+CONFIG_SYNC=y
+CONFIG_FEATURE_SYNC_FANCY=y
+CONFIG_CMP=y
+CONFIG_DIFF=y
+CONFIG_PATCH=y
+CONFIG_FEATURE_FIND_EXECUTABLE=y
+CONFIG_FEATURE_FIND_QUIT=y
+CONFIG_FEATURE_FIND_EMPTY=y
+CONFIG_FEATURE_GPT_LABEL=y
+CONFIG_MKFS_VFAT=y
+CONFIG_DC=y
+CONFIG_FEATURE_LESS_RAW=y
+CONFIG_FEATURE_LESS_ENV=y
+CONFIG_FEATURE_NSLOOKUP_BIG=y
+CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS=y
+CONFIG_FEATURE_NTP_AUTH=y
+CONFIG_FEATURE_TFTP_HPA_COMPAT=y
+CONFIG_PIDOF=y
+CONFIG_FEATURE_PIDOF_SINGLE=y
+CONFIG_FEATURE_PIDOF_OMIT=y
+CONFIG_SHELL_ASH=y
+CONFIG_ASH_BASH_NOT_FOUND_HOOK=y
+CONFIG_FEATURE_SH_MATH_BASE=y
+CONFIG_FEATURE_SH_EMBEDDED_SCRIPTS=y

This commit changes used compressed space from 6851524 -> 6863812.
Coherent reduction of free available space being 143768 -> 131480 before saturation.

Net increase of 24kB for busybox binary:

    busybox 1.28 : 484kB
    busybox 1.32: 508kB

Increase of 15kB of needed BIOS region space:

    ROM's initrd.cpio.xz with busybox 1.28: 3839kB
    ROM's initrd.cpio.xz with busybox 1.32: 3854kB
2020-12-29 16:49:08 -05:00
tlaurion
46ff6c56cb
Merge pull request #942 from tlaurion/circleci_kgpe-d16_fix
CircleCI: seperate build error from details for KGPE-D16 (par to other boards)
2020-12-28 21:39:46 -05:00
Thierry Laurion
2da03d2ef0
CircleCI: seperate build error from details for KGPE-D16 (par to other boards) 2020-12-27 17:33:57 -05:00
tlaurion
ba8ddd2308
Merge pull request #941 from synackd/coreboot-cpus
coreboot: Pass $CPUS to coreboot make target unerroneously
2020-12-27 17:16:16 -05:00
Devon Bautista
d2b41c5249
modules/coreboot: $$CPUS --> $(CPUS) 2020-12-26 13:37:36 -08:00
tlaurion
6ed1f3ab31
Merge pull request #940 from synackd/qemu-linuxboot-cpus
linuxboot: Pass $CPUS to edk2/OvmfPkg/build.sh unerroneously
2020-12-26 16:13:49 -05:00
Devon Bautista
b85dadee76
modules/linuxboot: $$CPUS --> $(CPUS) 2020-12-26 12:19:10 -08:00
Matt DeVillier
883ac669a8
modules/coreboot: bump 4.12 build option to 4.13
- update module hash and blobs hash
- drop patches no longer needed; migrate those that remain
- adjust Librem Mini/Mini v2 board configs

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-12-14 21:03:32 -06:00
tlaurion
a81ae6ed5b
Merge pull request #930 from tlaurion/xx20_hotp_fix
xx20-hotp-maximized: forgot to fix path to initrd, failed under CI.
2020-12-13 12:22:15 -05:00
Thierry Laurion
bead24c4eb
xx20-hotp-maximized: forgot to fix path to initrd, failed under CI. 2020-12-13 12:17:15 -05:00
tlaurion
0f1f547eb1
Merge pull request #928 from tlaurion/xx20_boards_correction
(WiP) xx20 boards: add xx20-hotp-maximized & remove HOTP and NITROCLI support from xxx0-maximized boards
2020-12-13 11:36:22 -05:00
Thierry Laurion
164d991a69
xx30 boards: remove NKSTORECLI from all boards. Par with xx20. 2020-12-12 22:11:20 -05:00
Thierry Laurion
16488fb21a
xx20 boards: add xx20-hotp-maximized boards, remove hotp support from xx20-boards. Modify CircleCI conf accordingly. 2020-12-12 12:44:06 -05:00
Thierry Laurion
64b1712e78
oem-factory-reset: set default KEY_LENGTH to 3072 and change expectation management message to console (Fixes #919) 2020-12-10 10:33:02 -05:00
tlaurion
671522eff4
Merge pull request #912 from Thrilleratplay/xx20_blobs_extraction_fix
xx20-maximized t420 and x220 boards addition  (ME downloaded from Lenovo and cleaned per @Thrilleratplay me_cleaner adaptation)
2020-12-03 16:39:36 -05:00
Tom Hiller
75e11cbb8d circleci: add xx20 maximized builds 2020-12-03 13:13:47 -05:00
Tom Hiller
5b898e369c boards: add t420-maximized 2020-12-03 13:11:05 -05:00
Tom Hiller
d7ccd87d49 boards: add x220-maximized 2020-12-03 13:10:21 -05:00
Tom Hiller
646ddee748 blobs: add blobs/xx20 2020-12-02 19:18:35 -05:00
tlaurion
1661e5dcb0
Merge pull request #867 from Tonux599/kgpe-d16_411_measured-boot
KGPE-D16 Coreboot 4.11 + Measured Boot
2020-12-02 18:23:55 -05:00
tlaurion
014e59210d
Merge pull request #906 from Nitrokey/gpg-default-keylength
Default to 4096 bit for OEM factory reset (fixes #831)
2020-12-02 18:20:39 -05:00
tlaurion
4d570523f8
Merge pull request #908 from osresearch/pr/non-coreboot-builds
non-coreboot-builds: do not error if CONFIG_COREBOOT_VERSION is not set
2020-12-02 18:04:55 -05:00
tlaurion
05e212d9bf
Merge pull request #917 from tlaurion/quick_typo_fixes
xx30-*-maximized boards: typo fix in comments expend -> expand
2020-12-02 17:40:05 -05:00