ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-19 04:57:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7cbcdd8ed7
heads/boards/z220-cmt-maximized/z220-cmt-maximized.config
Thierry Laurion 7cbcdd8ed7
Tethering refresh for CDC NCM/CDC EEM mobile phones (tested on GrapheneOS Pixel 6a, no more RNDIS support) 
- Add additional requirements to linux config
- Add additional CONFIG_MOBILE_TETHERING=y to all maximized board configs
- Fix issue under network-recovery-init to NTP sync against NTP server pool
- Extend network-recovery-init to first try NTP sync against DNS server returned by DHCP answer
- Remove network-recovery-init earlytty and tty0 redirection (console should be setuped properly by init in all cases)
- If CONFIG_MOBILE_TETHERING=y added to board config and network-recovery-init called, wait to user input on instructions and warning 30 secs before proceeding (non-blocking)
- Machines having STATIC_IP under board config won't benefit of autoatic NTP sync

Since network-recovery-init can only be called from recovery shell now, and recovery shell can be guarded by GPG auth, this is PoC code to be used to complement TOTP being out of sync

TODO(Future PR):
- Refactor into functions and reuse into TOTP/HOTP being out of sync automatically.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-02-21 13:50:18 -05:00

76 lines
2.9 KiB
Makefile
Raw Blame History

# Configuration for HP Z220 CMT
#
#The board supports Intel LGA1155, which allows for ME removal (both neuter+disable as claimed by me_cleaner),
#ME region resize/shrinking (aka 'maximized' board), as well as VSCC table modification.
#In this respect it is similar to the ASUS P8Z77 motherboards, but comes with the bonus of ECC RAM compatibility.
#
#The blob download script uses the manufacturer supplied ME and IFD and performs the necessary
#hashing. The download script also removes the VSCC table by overwriting a NULL at the VSCC
#length table and FF bytes at the VSCC identifier table - using a printf with dd
#and resizes the rom layout and minimizes ME while maximizing space.
#The Computer comes as standard with an 16MB Flash chip, which means that no modification is
#needed to replace the chip is order to use heads as we shrink ME and 'maximize' this board by
#default. It is soldered onto the board, as is the TPM1 chip.
#
#Test platform
#BOARD: HP Z220 CMT
#RAM: 16GB - 2x ATP DDR3 ECC
#CPU: Intel E3-1275v2
#Even though this has been tested with a discrete graphics card installed, like on other Sandy/Ivy Bridge boards Heads is configured to use the iGPU, i.e. to get a display output while running Heads please
#avoid the 1230, 1270v2, etc in favour of 1245v2, 2600k etc.
#
#note: nohz=off is an optional CONFIG_LINUX_COMMAND_LINE parameter to supress repeated NOHZ: local_softirq_pending console output
#
CONFIG_LINUX_CONFIG=config/linux-c216.config
CONFIG_COREBOOT_CONFIG=config/coreboot-z220-cmt.config
export CONFIG_COREBOOT=y
export CONFIG_COREBOOT_VERSION=4.19
export CONFIG_LINUX_VERSION=5.10.5
CONFIG_CRYPTSETUP2=y
CONFIG_FLASHROM=y
CONFIG_FLASHTOOLS=y
CONFIG_GPG2=y
CONFIG_KEXEC=y
CONFIG_UTIL_LINUX=y
CONFIG_LVM2=y
CONFIG_MBEDTLS=y
CONFIG_PCIUTILS=y
CONFIG_POPT=y
CONFIG_QRENCODE=y
CONFIG_TPMTOTP=y
#platform locking finalization (PR0)
CONFIG_IO386=y
export CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE=y
# Dependencies for a graphical menu. Enable CONFIG_SLANG and CONFIG_NEWT instead
# for a console-based menu.
CONFIG_CAIRO=y
CONFIG_FBWHIPTAIL=y
CONFIG_LINUX_USB=y
CONFIG_MOBILE_TETHERING=y
export CONFIG_TPM=y
export CONFIG_BOOTSCRIPT=/bin/gui-init
export CONFIG_BOOT_REQ_HASH=n
export CONFIG_BOOT_REQ_ROLLBACK=n
export CONFIG_BOOT_KERNEL_ADD=""
export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off"
export CONFIG_BOOT_DEV="/dev/sda1"
export CONFIG_BOARD_NAME="Hewlett-Packard Z220 Convertible Minitower"
export CONFIG_FLASHROM_OPTIONS="-p internal"
# Make the Coreboot build depend on the following 3rd party blobs:
$(build)/coreboot-$(CONFIG_COREBOOT_VERSION)/$(BOARD)/.build: \
$(pwd)/blobs/z220/me.bin $(pwd)/blobs/z220/ifd.bin
$(pwd)/blobs/z220/me.bin:
COREBOOT_DIR="$(build)/$(coreboot_base_dir)" \
$(pwd)/blobs/z220/download_BIOS_clean.sh
$(pwd)/blobs/z220/ifd.bin:
COREBOOT_DIR="$(build)/$(coreboot_base_dir)" \
$(pwd)/blobs/z220/download_BIOS_clean.sh
Reference in New Issue View Git Blame Copy Permalink