ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-19 04:57:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,831 Commits 27 Branches 6 Tags 21 MiB
fc572e25b9
Commit Graph

2831 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michał Kopeć
fc572e25b9
modules/coreboot: bump dasharo fork for FSP submodule fix 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-18 16:29:33 +01:00
Michał Kopeć
f1299c1ce7
modules/coreboot: update for HAP disable fix 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-18 14:10:30 +01:00
Thierry Laurion
1dba3e932f
CircleCI v560tu/v540tu: build atop x230-hotp-maximized workspace cache to reuse 24.02.01 coreboot buildstack, no point waiting for novacustom_nv4x_adl to be built. Gonna clear cache for next run and build clean 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-18 14:10:30 +01:00
Thierry Laurion
f45452b736
nv4x_adl/ns50 coreboot config bumped to 24.02.01 with save in old config helper 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-18 14:10:30 +01:00
Thierry Laurion
a09b64d390
v560tu/v540tu coreboot configs: add bootsplash, remove ME HAP bit to be applied by IFDTOOL to https://github.com/linuxboot/heads/pull/1846 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-18 14:10:30 +01:00
Thierry Laurion
b98492377c
v560tu/v540tu board configs: adapt FLASH_OPTIONS to not overwrite GBE region, document S3/S01x/Hibernation limitation which is lackking from https://github.com/linuxboot/heads/pull/1846 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-18 14:10:29 +01:00
Thierry Laurion
bf06be9017
config/coreboot-novacustom-v560tu.config: reuse changes proposed under https://github.com/linuxboot/heads/pull/1871 but not yet taken under https://github.com/linuxboot/heads/pull/1846 
BOOTSPLASH section missing, as well as ME still enabled...

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-18 14:10:29 +01:00
Thierry Laurion
fffc3a88c4
v540tu/v560tu: remove MSRTOOL, reuse proposed changes not taken from https://github.com/linuxboot/heads/pull/1871 for https://github.com/linuxboot/heads/pull/1846 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-18 14:10:29 +01:00
Thierry Laurion
6ee05c3dce
CircleCI: Add v560tu missing into https://github.com/linuxboot/heads/pull/1846 
Redoing diffs already proposed under https://github.com/linuxboot/heads/pull/1871 but not taken yet....

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-18 14:10:29 +01:00
Michał Kopeć
602e281f2f
config/coreboot-novacustom-v5.0tu.config: add bootsplash 
Co-authored-by: Thierry Laurion <insurgo@riseup.net>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-11 18:43:39 +01:00
Michał Kopeć
c516918fac
patches/coreboot-dasharo-unreleased: add back JPEG patches 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-11 18:31:30 +01:00
Michał Kopeć
7323fef604
modules/coreboot: bump for MTL S3 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-10 18:24:47 +01:00
Michał Kopeć
b5fe89903d
config/coreboot-novacustom-v5*: set ME HAP, prefer S3 sleep 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-10 18:22:00 +01:00
Michał Kopeć
ac43d5e78b
config/coreboot-novacustom-v5*: bump version to rc2 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-10 13:10:06 +01:00
Michał Kopeć
1d7b442668
novacustom-v560tu: sync to v540tu 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-10 12:41:39 +01:00
Michał Kopeć
5b444119ca
config/coreboot-novacustom-v540tu.config: disable serial console 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-09 16:30:16 +01:00
Michał Kopeć
6174b63a12
novacustom-v540tu: enable PR0 lockdown in SMM 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-09 16:21:45 +01:00
Michał Kopeć
bb6c83de49
modules/coreboot: add commented out patch version 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 18:13:07 +01:00
Michał Kopeć
34ee256dd2
modules/coreboot: bump dasharo fork for PRR lockdown 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 18:11:54 +01:00
Michał Kopeć
0f339496a7
Add NovaCustom V560TU 
as a copy of V540TU

Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 13:51:55 +01:00
Michał Kopeć
ad6605d84b
config/coreboot-novacustom-v540tu.config: set version to rc1 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 13:51:49 +01:00
Michał Kopeć
0cdba412ef
modules/coreboot: dasharo: reuse 24.02.1 toolchain 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 12:46:38 +01:00
Michał Kopeć
b6f5c6d245
modules/coreboot: update comment about Dasharo coreboot fork 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 12:46:37 +01:00
Michał Kopeć
4a3667b78c
boards/novacustom-v540tu/novacustom-v540tu.config: remove unneeded debug options 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 12:46:37 +01:00
Michał Kopeć
cf02a2914e
config/coreboot-novacustom-v540tu.config: disable debug console 
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
 2024-12-04 12:46:37 +01:00
Thierry Laurion
059a60e43e
.circleci/config.yml nitropad-nv41 name changed -> novacustom_nv4x_adl 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-04 12:46:37 +01:00
Thierry Laurion
4394052b72
modules/linux: add Linux 6.11.9 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-04 12:46:37 +01:00
Michał Kopeć
ce2b051a48
Add NovaCustom V540TU board 
Co-authored-by: Michał Kopeć <michal.kopec@3mdeb.com>
Co-authored-by: Thierry Laurion <insurgo@riseup.net>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-12-04 12:46:35 +01:00
Thierry Laurion
99157f2291
Merge pull request #1802 from tlaurion/talos_2-kernel_version_bump_to_6.6.16 
talos-2: kernel version bump to 6.6.16
 2024-11-29 14:19:25 -05:00
Thierry Laurion
e31afc58b3
Merge pull request #1818 from tlaurion/pr0_skylake_and_more_recent 
WiP: PR0 (SPI write prevention through chipset locking) for nv4x_adl, setting base for other platforms/downstream forks supporting >=Skylake+
 2024-11-29 13:22:21 -05:00
Sergii Dmytruk
7ca7488474
config/linux-talos-2.config: update 
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-29 12:38:30 -05:00
Sergii Dmytruk
e97b379796
talos2: port 2 more Linux patches to 6.6.16 
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-29 12:38:24 -05:00
Thierry Laurion
a03857d85f
talos-2 kernel 6.6.16: review needed patches and config: cbmem missing, maybe some more patches needs porting 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-29 12:38:18 -05:00
Thierry Laurion
3ed0f2df35
talos-2 6.6.16 kernel config: deactivate CONFIG_COMPAT (32 bit support) 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-29 12:38:12 -05:00
Thierry Laurion
d7ff890c78
WiP: talos-2: kernel version bump to 6.6.16 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-29 12:38:05 -05:00
Thierry Laurion
03ba3864db
Merge remote-tracking branch 'osresearch/master' into pr0_skylake_and_more_recent 2024-11-29 11:38:36 -05:00
Thierry Laurion
f8b03b3087
nitropad-ns50: remove PR0 until tested and readded in seperate PR 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-29 11:17:02 -05:00
Thierry Laurion
87732b71ce
Merge pull request #1865 from tlaurion/bump-flashprog_latest-meteor_lake_support 
modules/flashprog: bump to latest commit, including support for meteor lake
 2024-11-28 15:33:22 -05:00
Thierry Laurion
43b03fbe60
Revert "coreboot dasharo fork patch: bump patchset to upstream reviewed" 
This reverts commit f5fdf9a97e.
Unfortunately, patch doesn't apply to dasharo current fork pointed under modules/coreboot

Waiting for Dasharo to provide a patch updated to heads used fork/dasahro bumping to newer coreboot version for which patchset applies clealy

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-28 13:24:30 -05:00
Thierry Laurion
3de473c409
modules/flashprog: bump to latest commit, including support for meteor lake 
We use eb2c04185f (2024-11-21 1.3+ bugfixes)
Where meteor lake is 5e0d9b04a0 is from 1.3 (3 weeks ago)

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-28 12:06:42 -05:00
Thierry Laurion
6f2ea7c7bf
Merge remote-tracking branch 'osresearch/master' into pr0_skylake_and_more_recent 2024-11-28 11:53:48 -05:00
Thierry Laurion
f5fdf9a97e
coreboot dasharo fork patch: bump patchset to upstream reviewed 
repro:
git fetch https://review.coreboot.org/coreboot refs/changes/78/85278/3 && git format-patch -1 --stdout FETCH_HEAD > patches/coreboot-dasharo-unreleased/0002-pr0_chipset_locking-post_skylake.patch
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-28 11:52:22 -05:00
Thierry Laurion
4f1405853f
Merge pull request #1861 from tlaurion/oem-factory_reset_hide-detach-sign-user-pin 
bugfix: oem-factory-reset: debug mode; hide passphrase output on screen/debug log on gpg --detach-sign of /boot hash digest
 2024-11-25 11:02:30 -05:00
Thierry Laurion
5501cd0744
oem-factory-reset: debug mode; hide passphrase output on screen/debug.log on gpg --detach-sign of /boot hash digest 
Before:
[  155.845101] DEBUG: gpg --pinentry-mode loopback --passphrase Please Change Me --digest-algo SHA256 --detach-sign -a

After:
[  131.272954] DEBUG: gpg --pinentry-mode loopback --passphrase <hidden> --digest-algo SHA256 --detach-sign -a

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-25 10:57:44 -05:00
Thierry Laurion
45696a4c8a
Merge pull request #1860 from tlaurion/fix_initrd_unpack_for_repacking 
initrd/bin/unpack_initramfs.sh: add xz unpacking support.
 2024-11-22 17:50:23 -05:00
Thierry Laurion
95c6eb5c49
initrd/bin/unpack_initramfs.sh: add xz to unpack logic (add commented: bzip2, lzma, lzo and lz4) 
xz: tested working with tails test build and 6.8.1's initrd
latest ubuntu 24.10: switched back to zstd, works as expected (tested)

Magic numbers referred at:
- 28eb75e178/scripts/extract-vmlinux (L52C1-L58C43)
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/lib/decompress.c#n51

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-22 17:30:17 -05:00
Thierry Laurion
71a8075125
initrd/bin/unpack_initramfs.sh: no functional change, just format with tabs 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-22 17:29:41 -05:00
Thierry Laurion
573f48dd11
Merge pull request #1858 from tlaurion/bugfix-fix_lvm_reproducibility 
modules/lvm2: define /run relative paths (not sure why circleci remote docker default run dir != local run dir)
 2024-11-22 11:51:29 -05:00
Thierry Laurion
1a07bf7b68
modules/lvm2: define /run relative paths (not sure why circleci remote docker default run dir != local run dir) 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-11-22 09:41:32 -05:00
Thierry Laurion
be0aac6914
Merge pull request #1856 from tlaurion/docker_helpers_conditional_usb_passthrough 
docker_* helpers: pass usb host controllers to docker only if usb devices are connected, unify, bugfixes
 2024-11-21 17:46:38 -05:00