mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-18 20:47:55 +00:00
36c04f19e4
* xx30-*-maximized: update flashrom options removing --ifd bios option, keeping whole flash of rom internally. WARNING: ifd needs to be initially unlocked through ifdtool -u on 8mb bottom SPI backup. YOU CANNOT COME FROM 1VYRAIN. IF COMING FROM SKULLS, YOU MUST HAVE RAN OPTIONAL -u OPTION FROM SKULLS. PLEASE UPGRADE ONLY AFTER HAVING A PHYSICAL BACKUP OF BOTH SPI FLASH CHIPS. MORE INFORMATION UNDER https://github.com/osresearch/heads/pull/703. This will guarantee that future flash of produced rom will reflash the ROM totally, where heads make sure of adding users customizations (public key, /etc/config.user) when internally flashed. Unfortunately, if you flash externally, you will have to reinject your public key and readd /etc/config customizations. * Adding generated bincfg coreboot 4.8.1 patch (merged under coreboot 4.13 and backported here to 4.8.1), resulting in gbe.bin under blobs/xx30/gbe.bin and instructions to replicate in README prior of automation (under repo). Note that MAC under gbe.bin is fixed to DE:AD:C0:FF:EE unless extract.sh script is ran on external backup to keep current user's MAC (Thanks to @Thrilleratplay's contribution!) * xx30 blobs: add two blobs management scripts for xx30: extract from local backup/download+neuter ME extract.sh: extract from external backup: gbe.bin, neuter under me.bin and maximize BIOS+reduce ME regions under unlocked ifd.bin. download_clean_me.sh: download and verify Lenovo latest ME version from website, and drop me.bin in place. Note: me.bin is 98kb, containing only BUP and ROMP partitions which cannot be modified nor deleted else computer won't boot. As a result, BIOS region is maximized in ifd.bin to 11.5mb and coreboot config takes advantage of that freed space. * CircleCI: xx30-*-maximized additional step to call download_clean_me.sh prior of building boards so that me.bin is dopped in place. This should be done by users prior of building xx30-*-maximized boards locally, which is imitated in CircleCI builds (look at .circleci/config.yaml for innoextract host added dependency and board buildings. Results on github for each commit).
423 lines
17 KiB
YAML
423 lines
17 KiB
YAML
version: 2
|
|
jobs:
|
|
build:
|
|
docker:
|
|
- image: debian:10
|
|
steps:
|
|
- run:
|
|
name: Install dependencies
|
|
command: |
|
|
apt update
|
|
apt install -y build-essential zlib1g-dev uuid-dev libdigest-sha-perl libelf-dev bc bzip2 bison flex git gnupg iasl m4 nasm patch python wget gnat cpio ccache pkg-config cmake libusb-1.0-0-dev autoconf texinfo ncurses-dev doxygen graphviz udev libudev1 libudev-dev automake libtool rsync innoextract
|
|
- checkout
|
|
|
|
- run:
|
|
name: git reset
|
|
command: |
|
|
git reset --hard "$CIRCLE_SHA1" \
|
|
|
|
- run:
|
|
name: Creating all modules and patches digest
|
|
command: |
|
|
find ./patches/ ./modules/ -type f | sort -h |xargs sha256sum > /tmp/all_modules_and_patches.sha256sums \
|
|
|
|
- run:
|
|
name: Creating musl-cross-make and musl-cross-make patches digest
|
|
command: |
|
|
find modules/musl-cross* -type f | sort -h | xargs sha256sum > /tmp/musl-cross_module_and_patches.sha256sums \
|
|
|
|
|
|
- restore_cache:
|
|
keys:
|
|
#Restore existing cache for modules checksums validated to be exactly the same as in github current commit
|
|
- heads-modules-and-patches-{{ checksum "/tmp/all_modules_and_patches.sha256sums" }}{{ .Environment.CACHE_VERSION }}
|
|
#If precedent fails. Restore cache for musl-cross module checksum validated to be exactly the same as in github current commit
|
|
- heads-cross-musl-{{ checksum "/tmp/musl-cross_module_and_patches.sha256sums" }}{{ .Environment.CACHE_VERSION }}
|
|
|
|
# linuxboot steps need something to pass in the kernel header path
|
|
# skipping for now
|
|
# - run:
|
|
# name: qemu-linuxboot-edk2
|
|
# command: |
|
|
# ./build/make-4.2.1/make \
|
|
# CROSS=/cross/bin/x86_64-linux-musl- \
|
|
# BOARD=qemu-linuxboot \
|
|
# `/bin/pwd`/build/linuxboot-git/build/qemu/.configured \
|
|
# # Run first to avoid too many processes
|
|
#
|
|
# - run:
|
|
# name: qemu-linuxboot
|
|
# command: |
|
|
# ./build/make-4.2.1/make \
|
|
# CROSS=/cross/bin/x86_64-linux-musl- \
|
|
# CPUS=4 \
|
|
# V=1 \
|
|
# BOARD=qemu-linuxboot \
|
|
#
|
|
# - store-artifacts:
|
|
# path: build/qemu-linuxboot/linuxboot.rom
|
|
# - store-artifacts:
|
|
# path: build/qemu-linuxboot/hashes.txt
|
|
|
|
- run:
|
|
name: librem_l1um
|
|
command: |
|
|
rm -rf build/librem_l1um/* build/log/* && make CPUS=4 V=1 BOARD=librem_l1um || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi \
|
|
- run:
|
|
name: Output librem_l1um hashes
|
|
command: |
|
|
cat build/librem_l1um/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for librem_l1um
|
|
command: |
|
|
tar zcvf build/librem_l1um/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/librem_l1um
|
|
|
|
- run:
|
|
name: librem_mini
|
|
command: |
|
|
rm -rf build/librem_mini/* build/log/* && make CPUS=4 V=1 BOARD=librem_mini || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output librem_mini hashes
|
|
command: |
|
|
cat build/librem_mini/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for librem_mini
|
|
command: |
|
|
tar zcvf build/librem_mini/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/librem_mini
|
|
|
|
- run:
|
|
name: librem_mini_v2
|
|
command: |
|
|
rm -rf build/librem_mini_v2/* build/log/* && make CPUS=4 V=1 BOARD=librem_mini_v2 || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output librem_mini_v2 hashes
|
|
command: |
|
|
cat build/librem_mini_v2/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for librem_mini_v2
|
|
command: |
|
|
tar zcvf build/librem_mini_v2/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/librem_mini_v2
|
|
|
|
- run:
|
|
name: x230-flash
|
|
command: |
|
|
rm -rf build/x230-flash/* build/log/* && make CPUS=4 V=1 BOARD=x230-flash || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output x230-flash hashes
|
|
command: |
|
|
cat build/x230-flash/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for x230-flash
|
|
command: |
|
|
tar zcvf build/x230-flash/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/x230-flash
|
|
|
|
- run:
|
|
name: t430-flash
|
|
command: |
|
|
rm -rf build/t430-flash/* build/log/* && make CPUS=4 V=1 BOARD=t430-flash || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output t430-flash hashes
|
|
command: |
|
|
cat build/t430-flash/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for t430-flash
|
|
command: |
|
|
tar zcvf build/t430-flash/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/t430-flash
|
|
|
|
- run:
|
|
name: t430
|
|
command: |
|
|
rm -rf build/t430/* build/log/* && make CPUS=4 V=1 BOARD=t430 || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output t430 hashes
|
|
command: |
|
|
cat build/t430/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for t430
|
|
command: |
|
|
tar zcvf build/t430/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/t430
|
|
|
|
- run:
|
|
name: x230
|
|
command: |
|
|
rm -rf build/x230/* build/log/* && make CPUS=4 V=1 BOARD=x230 || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output x230 hashes
|
|
command: |
|
|
cat build/x230/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for x230
|
|
command: |
|
|
tar zcvf build/x230/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/x230
|
|
|
|
- run:
|
|
name: x230-hotp-verification
|
|
command: |
|
|
rm -rf build/x230-hotp-verification/* build/log/* && make CPUS=4 V=1 BOARD=x230-hotp-verification || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output x230-hotp-verification hashes
|
|
command: |
|
|
cat build/x230-hotp-verification/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for x230-hotp-verification
|
|
command: |
|
|
tar zcvf build/x230-hotp-verification/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/x230-hotp-verification
|
|
|
|
- run:
|
|
name: x230-nkstorecli
|
|
command: |
|
|
rm -rf build/x230-nkstorecli/* build/log/* && make CPUS=4 V=1 BOARD=x230-nkstorecli || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output x230-nkstorecli hashes
|
|
command: |
|
|
cat build/x230-nkstorecli/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for x230-nkstorecli
|
|
command: |
|
|
tar zcvf build/x230-nkstorecli/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/x230-nkstorecli
|
|
|
|
- run:
|
|
name: Download and neuter xx30 ME (keep generated GBE and extracted IFD in tree)
|
|
command: |
|
|
./blobs/xx30/download_clean_me.sh
|
|
- run:
|
|
name: x230-maximized
|
|
command: |
|
|
rm -rf build/x230-maximized/* build/log/* && make CPUS=4 V=1 BOARD=x230-maximized || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output x230-maximized hashes
|
|
command: |
|
|
cat build/x230-maximized/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for x230-maximized
|
|
command: |
|
|
tar zcvf build/x230-maximized/logs.tar.gz ./build/log/*
|
|
- store-artifacts:
|
|
path: build/x230-maximized
|
|
|
|
- run:
|
|
name: Download and neuter xx30 ME (keep generated GBE and extracted IFD in tree)
|
|
command: |
|
|
./blobs/xx30/download_clean_me.sh
|
|
- run:
|
|
name: t430-hotp-maximized
|
|
command: |
|
|
rm -rf build/t430-hotp-maximized/* build/log/* && make CPUS=4 V=1 BOARD=t430-hotp-maximized || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output t430-hotp-maximized hashes
|
|
command: |
|
|
cat build/t430-hotp-maximized/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for t430-hotp-maximized
|
|
command: |
|
|
tar zcvf build/t430-hotp-maximized/logs.tar.gz ./build/log/*
|
|
- store-artifacts:
|
|
path: build/t430-hotp-maximized
|
|
|
|
- run:
|
|
name: Download and neuter xx30 ME (keep generated GBE and extracted IFD in tree)
|
|
command: |
|
|
./blobs/xx30/download_clean_me.sh
|
|
- run:
|
|
name: x230-maximized
|
|
command: |
|
|
rm -rf build/x230-maximized/* build/log/* && make CPUS=4 V=1 BOARD=x230-maximized || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output x230-maximized hashes
|
|
command: |
|
|
cat build/x230-maximized/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for x230-maximized
|
|
command: |
|
|
tar zcvf build/x230-maximized/logs.tar.gz ./build/log/*
|
|
- store-artifacts:
|
|
path: build/x230-maximized
|
|
|
|
- run:
|
|
name: Download and neuter xx30 ME (keep generated GBE and extracted IFD in tree)
|
|
command: |
|
|
./blobs/xx30/download_clean_me.sh
|
|
- run:
|
|
name: x230-hotp-maximized
|
|
command: |
|
|
rm -rf build/x230-hotp-maximized/* build/log/* && make CPUS=4 V=1 BOARD=x230-hotp-maximized || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output x230-hotp-maximized hashes
|
|
command: |
|
|
cat build/x230-hotp-maximized/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for x230-hotp-maximized
|
|
command: |
|
|
tar zcvf build/x230-hotp-maximized/logs.tar.gz ./build/log/*
|
|
- store-artifacts:
|
|
path: build/x230-hotp-maximized
|
|
|
|
|
|
- run:
|
|
name: Download and neuter xx30 ME (keep generated GBE and extracted IFD in tree)
|
|
command: |
|
|
./blobs/xx30/download_clean_me.sh
|
|
- run:
|
|
name: t430-maximized
|
|
command: |
|
|
rm -rf build/t430-maximized/* build/log/* && make CPUS=4 V=1 BOARD=t430-maximized || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output t430-maximized hashes
|
|
command: |
|
|
cat build/t430-maximized/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for t430-maximized
|
|
command: |
|
|
tar zcvf build/t430-maximized/logs.tar.gz ./build/log/*
|
|
- store-artifacts:
|
|
path: build/t430-maximized
|
|
|
|
- run:
|
|
name: qemu-coreboot
|
|
command: |
|
|
rm -rf build/qemu-coreboot/* build/log/* && make CPUS=4 V=1 BOARD=qemu-coreboot || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output qemu-coreboot hashes
|
|
command: |
|
|
cat build/qemu-coreboot/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for qemu-coreboot
|
|
command: |
|
|
tar zcvf build/qemu-coreboot/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/qemu-coreboot
|
|
|
|
- run:
|
|
name: qemu-coreboot-fbwhiptail
|
|
command: |
|
|
rm -rf build/qemu-coreboot-fbwhiptail/* build/log/* && make CPUS=4 V=1 BOARD=qemu-coreboot-fbwhiptail || touch /tmp/failed_build
|
|
no_output_timeout: 3h
|
|
- run:
|
|
name: Output build failing logs
|
|
command: |
|
|
if [[ -f /tmp/failed_build ]]; then find ./build/ -name "*.log" -type f -mmin -1|while read log; do echo ""; echo '==>' "$log" '<=='; echo ""; cat $log;done; exit 1;else echo "Not failing. Continuing..."; fi
|
|
- run:
|
|
name: Output qemu-coreboot-fbwhiptail hashes
|
|
command: |
|
|
cat build/qemu-coreboot-fbwhiptail/hashes.txt \
|
|
- run:
|
|
name: Archiving build logs for qemu-coreboot-fbwhiptail
|
|
command: |
|
|
tar zcvf build/qemu-coreboot-fbwhiptail/logs.tar.gz build/log/*
|
|
- store-artifacts:
|
|
path: build/qemu-coreboot-fbwhiptail
|
|
|
|
- save_cache:
|
|
#Generate cache for the same musl-cross module definition if hash is not previously existing
|
|
key: heads-cross-musl-{{ checksum "/tmp/musl-cross_module_and_patches.sha256sums" }}{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- crossgcc
|
|
- build/musl-cross-*
|
|
|
|
- save_cache:
|
|
#Generate cache for the exact same modules definitions if hash is not previously existing
|
|
key: heads-modules-and-patches-{{ checksum "/tmp/all_modules_and_patches.sha256sums" }}{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- packages
|
|
- crossgcc
|
|
- build
|
|
|
|
workflows:
|
|
version: 2
|
|
build_and_test:
|
|
jobs:
|
|
- build
|