From 6d559deae56dd6aaae2af7adee7069d16357c63c Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Mon, 26 Jul 2021 14:02:42 -0400 Subject: [PATCH] move all other boards (but KGPE-D16) to coreboot 4.13 - xx30 legacy boards (x230, x230-flash, t430, t430-flash) now rely also on coreboot 4.13 - DOWNSIDE: x230 and t430 legacy boards now rely on WHIPTAIL (NOT FBWhiptail) to have enough space to fit under 7mb) - xx20 boards moved to 4.13 (no need of xx20-flash boards here since single SPI boards with 7.5mb useable since blobs scripts are required) - DOWNSIDE: all xx20 boards now have dropbear deactivated, while still having ethernet driver in. - qemu-coreboot and qemu-coreboot-fbwhiptail switched to coreboot 4.13 WITHOUT TPM SUPPORT (with cryptsetup 2.x support) - DOWNSIDE: - coreboot-qemu board CBFS_SIZE=0x700000 -> 0x750000 - coreboot-qemu-fbwhiptail CBFS_SIZE=0x750000 -> 0x780000 - CircleCi build recipe removes 4.8.1 boards altogether - KGPE-D16 workstation is used as new base build to save workspace layer (we removed one workspace layer) - Removing one workspace layer will save approx 2 hours of build time on fresh builds - Removing one coreboot version will save us approx 2 hours of build time on fresh builds - KGPE-D16 will stay to coreboot 4.11 until forward notice. - All other board configs SHOULD be built on latest coreboot versions --- .circleci/config.yml | 15 ++++--- .../qemu-coreboot-fbwhiptail.config | 18 +++++++-- boards/qemu-coreboot/qemu-coreboot.config | 9 +++-- .../t420-hotp-maximized.config | 4 ++ boards/t420-maximized/t420-maximized.config | 5 ++- boards/t430-flash/t430-flash.config | 2 +- .../t430-hotp-maximized.config | 2 +- boards/t430/t430.config | 40 ++++++++++++------- .../x220-hotp-maximized.config | 4 ++ boards/x220-maximized/x220-maximized.config | 6 ++- boards/x220/x220.config | 8 ++-- boards/x230-flash/x230-flash.config | 3 +- .../x230-hotp-maximized.config | 2 +- .../x230-hotp-verification.config | 38 ++++++++++++------ boards/x230/x230.config | 38 ++++++++++++------ config/coreboot-qemu-fbwhiptail.config | 11 +++-- config/coreboot-qemu.config | 11 +++-- config/coreboot-t420-hotp-maximized.config | 2 +- config/coreboot-t420-maximized.config | 2 +- config/coreboot-t420.config | 2 +- config/coreboot-t430-flash.config | 16 ++++---- config/coreboot-t430-hotp-maximized.config | 2 +- config/coreboot-t430-maximized.config | 2 +- config/coreboot-t430.config | 13 +++--- config/coreboot-x220-hotp-maximized.config | 2 +- config/coreboot-x220-maximized.config | 2 +- config/coreboot-x220.config | 23 +++++------ config/coreboot-x230-flash.config | 15 ++++--- config/coreboot-x230-hotp-maximized.config | 2 +- config/coreboot-x230-hotp-verification.config | 10 +++-- config/coreboot-x230-maximized.config | 2 +- config/coreboot-x230.config | 12 +++--- 32 files changed, 192 insertions(+), 131 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 5fdbea504..48b9a104c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -165,19 +165,12 @@ workflows: # version. The last board in the sequence is the dependency # for the parallel boards built at the end, and also save_cache. - # Coreboot 4.8.1 - - build_and_persist: - name: qemu-coreboot - target: qemu-coreboot - requires: - - prep_env - # Coreboot 4.11 - build_and_persist: name: kgpe-d16_workstation target: kgpe-d16_workstation requires: - - qemu-coreboot + - prep_env # Coreboot 4.13 - build_and_persist: @@ -275,6 +268,12 @@ workflows: requires: - librem_mini + - build: + name: qemu-coreboot + target: qemu-coreboot + requires: + - librem_mini + - build: name: qemu-coreboot-fbwhiptail target: qemu-coreboot-fbwhiptail diff --git a/boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config b/boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config index 3b89241bf..b57744b73 100644 --- a/boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config +++ b/boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config @@ -1,8 +1,9 @@ # Configuration for building a coreboot ROM that works in # the qemu emulator in GUI mode thanks to FBWhiptail - +# +# Note that the TPM does not work. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 CONFIG_COREBOOT_CONFIG=config/coreboot-qemu-fbwhiptail.config @@ -19,16 +20,21 @@ CONFIG_FLASHTOOLS=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y -CONFIG_CRYPTSETUP=y +CONFIG_CRYPTSETUP2=y CONFIG_GPG2=y CONFIG_LVM2=y CONFIG_MBEDTLS=y CONFIG_DROPBEAR=y CONFIG_MSRTOOLS=y +#Uncomment only one of the following block #Required for graphical gui-init (FBWhiptail) CONFIG_CAIRO=y CONFIG_FBWHIPTAIL=y +# +#text-based init (generic-init and gui-init) +#CONFIG_NEWT=y +#CONFIG_SLANG=y endif @@ -37,13 +43,17 @@ CONFIG_LINUX_AHCI=y CONFIG_LINUX_USB=y CONFIG_LINUX_E1000=y +#Uncomment only one BOOTSCRIPT: #Whiptail-based init (text-based or FBWhiptail) export CONFIG_BOOTSCRIPT=/bin/gui-init +# +#text-based original init: +#export CONFIG_BOOTSCRIPT=/bin/generic-init export CONFIG_TPM=n export CONFIG_BOOT_DEV="/dev/sda1" -export CONFIG_BOARD_NAME="QEMU-fbwhiptail" +export CONFIG_BOARD_NAME="qemu-coreboot-fbwhiptail" #borrowed from https://github.com/orangecms/webboot/blob/boot-via-qemu/run-webboot.sh run: diff --git a/boards/qemu-coreboot/qemu-coreboot.config b/boards/qemu-coreboot/qemu-coreboot.config index 79643a5e1..c2f65099a 100644 --- a/boards/qemu-coreboot/qemu-coreboot.config +++ b/boards/qemu-coreboot/qemu-coreboot.config @@ -1,8 +1,10 @@ # Configuration for building a coreboot ROM that works in the. -# the qemu emulator. Note that the TPM does not work, so this +# the qemu emulator. +# +# Note that the TPM does not work, so this # will just drop into the recovery shell. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 CONFIG_COREBOOT_CONFIG=config/coreboot-qemu.config @@ -19,7 +21,7 @@ CONFIG_FLASHTOOLS=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y -CONFIG_CRYPTSETUP=y +CONFIG_CRYPTSETUP2=y CONFIG_GPG2=y CONFIG_LVM2=y CONFIG_MBEDTLS=y @@ -52,6 +54,7 @@ export CONFIG_BOOTSCRIPT=/bin/generic-init export CONFIG_TPM=n export CONFIG_BOOT_DEV="/dev/sda1" +export CONFIG_BOARD_NAME="qemu-coreboot" #borrowed from https://github.com/orangecms/webboot/blob/boot-via-qemu/run-webboot.sh run: diff --git a/boards/t420-hotp-maximized/t420-hotp-maximized.config b/boards/t420-hotp-maximized/t420-hotp-maximized.config index e052bc4c9..00d0c4242 100644 --- a/boards/t420-hotp-maximized/t420-hotp-maximized.config +++ b/boards/t420-hotp-maximized/t420-hotp-maximized.config @@ -4,6 +4,10 @@ # - Deactivated+neutered ME and expended consequent IFD BIOS regions # - Forged 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx20/extract.sh) # - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set +# +# Doesn't include (to fit in 7mb image) +# - dropbear + export CONFIG_COREBOOT=y export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 diff --git a/boards/t420-maximized/t420-maximized.config b/boards/t420-maximized/t420-maximized.config index 09c538746..33327dbc1 100644 --- a/boards/t420-maximized/t420-maximized.config +++ b/boards/t420-maximized/t420-maximized.config @@ -4,6 +4,9 @@ # - Deactivated+neutered ME and expended consequent IFD BIOS regions # - Forged 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx20/extract.sh) # - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set +# +# Doesn't include (to fit in 7mb image) +# - dropbear export CONFIG_COREBOOT=y export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 @@ -48,7 +51,7 @@ CONFIG_FBWHIPTAIL=y #Additional tools: #SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E) -CONFIG_DROPBEAR=y +CONFIG_DROPBEAR=n export CONFIG_BOOTSCRIPT=/bin/gui-init export CONFIG_BOOT_REQ_HASH=n diff --git a/boards/t430-flash/t430-flash.config b/boards/t430-flash/t430-flash.config index 2d7b20a2c..5f8b0c258 100644 --- a/boards/t430-flash/t430-flash.config +++ b/boards/t430-flash/t430-flash.config @@ -2,7 +2,7 @@ BOARD=t430.flash export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 CONFIG_FLASHROM=y diff --git a/boards/t430-hotp-maximized/t430-hotp-maximized.config b/boards/t430-hotp-maximized/t430-hotp-maximized.config index 5a1bc2696..0bcf33da2 100644 --- a/boards/t430-hotp-maximized/t430-hotp-maximized.config +++ b/boards/t430-hotp-maximized/t430-hotp-maximized.config @@ -17,7 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230.config CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y -CONFIG_CRYPTSETUP=y +CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y CONFIG_GPG2=y diff --git a/boards/t430/t430.config b/boards/t430/t430.config index f32115c0a..a99fdc760 100644 --- a/boards/t430/t430.config +++ b/boards/t430/t430.config @@ -1,17 +1,21 @@ -# Configuration for a t430 running Qubes and other OSes +# Configuration for a t430 running Qubes 4.1 and other OSes # STATIC_OPTION_TABLE is set inside of coreboot config # # Deactivated to fit in coreboot's CONFIG_CBFS_SIZE=0x700000 : # dropbear support(ssh client/server) # e1000e (ethernet driver) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 CONFIG_COREBOOT_CONFIG=config/coreboot-t430.config CONFIG_LINUX_CONFIG=config/linux-x230.config -CONFIG_CRYPTSETUP=y +#Additional hardware support +CONFIG_LINUX_USB=y +CONFIG_LINUX_E1000E=n + +CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y CONFIG_GPG2=y @@ -20,26 +24,32 @@ CONFIG_UTIL_LINUX=y CONFIG_LVM2=y CONFIG_MBEDTLS=y CONFIG_PCIUTILS=y + +#Remote attestation support +#TPM based requirements +export CONFIG_TPM=y CONFIG_POPT=y CONFIG_QRENCODE=y CONFIG_TPMTOTP=y +#HOTP based remote attestation for supported USB Security dongle +#With/Without TPM support +CONFIG_HOTPKEY=n -#Whiptail in console mode -#CONFIG_SLANG=y -#CONFIG_NEWT=y +#Nitrokey Storage admin tool +CONFIG_NKSTORECLI=n -#whiptail in graphical mode -CONFIG_CAIRO=y -CONFIG_FBWHIPTAIL=y +#GUI Support +#Console based Whiptail support(Console based, no FB): +CONFIG_SLANG=y +CONFIG_NEWT=y +#FBWhiptail based (Graphical): +#CONFIG_CAIRO=y +#CONFIG_FBWHIPTAIL=y -CONFIG_LINUX_USB=y - -#SSH client/server +#Additional tools: +#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E) CONFIG_DROPBEAR=n -#Ethernet driver (Heads only) -CONFIG_LINUX_E1000E=n -export CONFIG_TPM=y export CONFIG_BOOTSCRIPT=/bin/gui-init export CONFIG_BOOT_REQ_HASH=n export CONFIG_BOOT_REQ_ROLLBACK=n diff --git a/boards/x220-hotp-maximized/x220-hotp-maximized.config b/boards/x220-hotp-maximized/x220-hotp-maximized.config index 2a118eec8..72efc2539 100644 --- a/boards/x220-hotp-maximized/x220-hotp-maximized.config +++ b/boards/x220-hotp-maximized/x220-hotp-maximized.config @@ -4,6 +4,10 @@ # - Deactivated+neutered ME and expended consequent IFD BIOS regions # - Forged 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx20/extract.sh) # - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set +# +# Doesn't include (to fit in 7mb image) +# - dropbear + export CONFIG_COREBOOT=y export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 diff --git a/boards/x220-maximized/x220-maximized.config b/boards/x220-maximized/x220-maximized.config index cd1478023..74750ede7 100644 --- a/boards/x220-maximized/x220-maximized.config +++ b/boards/x220-maximized/x220-maximized.config @@ -4,6 +4,10 @@ # - Deactivated+neutered ME and expended consequent IFD BIOS regions # - Forged 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx20/extract.sh) # - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set +# +# Doesn't include (to fit in 7mb image) +# - dropbear + export CONFIG_COREBOOT=y export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 @@ -48,7 +52,7 @@ CONFIG_FBWHIPTAIL=y #Additional tools: #SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E) -CONFIG_DROPBEAR=y +CONFIG_DROPBEAR=n export CONFIG_BOOTSCRIPT=/bin/gui-init export CONFIG_BOOT_REQ_HASH=n diff --git a/boards/x220/x220.config b/boards/x220/x220.config index ffa8f5ba0..33b8b751d 100644 --- a/boards/x220/x220.config +++ b/boards/x220/x220.config @@ -1,12 +1,12 @@ -# Configuration for a x220 running Qubes and other OS, X220 is identical to X230 on the Linux Side of things. +# Configuration for a x220 running Qubes 4.1 and other OS, X220 is identical to X230 on the Linux Side of things. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 CONFIG_COREBOOT_CONFIG=config/coreboot-x220.config CONFIG_LINUX_CONFIG=config/linux-x230.config -CONFIG_CRYPTSETUP=y +CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y CONFIG_GPG2=y @@ -18,7 +18,7 @@ CONFIG_PCIUTILS=y CONFIG_POPT=y CONFIG_QRENCODE=y CONFIG_TPMTOTP=y -CONFIG_DROPBEAR=y +CONFIG_DROPBEAR=n CONFIG_CAIRO=y CONFIG_FBWHIPTAIL=y diff --git a/boards/x230-flash/x230-flash.config b/boards/x230-flash/x230-flash.config index ca6ec2af1..8462c8cd7 100644 --- a/boards/x230-flash/x230-flash.config +++ b/boards/x230-flash/x230-flash.config @@ -1,8 +1,7 @@ # Minimal configuration for a x230 to support flashrom, USB and networking -BOARD=x230.flash export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 CONFIG_FLASHROM=y diff --git a/boards/x230-hotp-maximized/x230-hotp-maximized.config b/boards/x230-hotp-maximized/x230-hotp-maximized.config index 649956891..7fe317d60 100644 --- a/boards/x230-hotp-maximized/x230-hotp-maximized.config +++ b/boards/x230-hotp-maximized/x230-hotp-maximized.config @@ -17,7 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230.config CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y -CONFIG_CRYPTSETUP=y +CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y CONFIG_GPG2=y diff --git a/boards/x230-hotp-verification/x230-hotp-verification.config b/boards/x230-hotp-verification/x230-hotp-verification.config index c14c78384..a1c62171c 100644 --- a/boards/x230-hotp-verification/x230-hotp-verification.config +++ b/boards/x230-hotp-verification/x230-hotp-verification.config @@ -1,5 +1,5 @@ -# Configuration for a x230-hotp-verification (Nitrokey/Purism USB Security dongle enabled HOTP support) -# running Qubes and other OSes. +# Configuration for a x230 with HOTP (Nitrokey/Purism USB Security dongle enabled HOTP support) +# running Qubes 4.1 and other OSes. # # Deactivated to fit in coreboot's CONFIG_CBFS_SIZE=0x700000 : # dropbear support(ssh client/server) @@ -8,13 +8,17 @@ # Addition vs standard x230 board config: # HOTP_KEY: HOTP challenge for currently supported USB Security dongles export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-hotp-verification.config CONFIG_LINUX_CONFIG=config/linux-x230.config -CONFIG_CRYPTSETUP=y +#Additional hardware support +CONFIG_LINUX_USB=y +CONFIG_LINUX_E1000E=n + +CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y CONFIG_GPG2=y @@ -23,24 +27,34 @@ CONFIG_UTIL_LINUX=y CONFIG_LVM2=y CONFIG_MBEDTLS=y CONFIG_PCIUTILS=y + +#Remote attestation support +#TPM based requirements +export CONFIG_TPM=y CONFIG_POPT=y CONFIG_QRENCODE=y CONFIG_TPMTOTP=y - -#CONFIG_SLANG=y -#CONFIG_NEWT=y -CONFIG_CAIRO=y -CONFIG_FBWHIPTAIL=y +#HOTP based remote attestation for supported USB Security dongle +#With/Without TPM support CONFIG_HOTPKEY=y -CONFIG_LINUX_USB=y +#Nitrokey Storage admin tool +CONFIG_NKSTORECLI=n -#SSH client/server +#GUI Support +#Console based Whiptail support(Console based, no FB): +CONFIG_SLANG=y +CONFIG_NEWT=y +#FBWhiptail based (Graphical): +#CONFIG_CAIRO=y +#CONFIG_FBWHIPTAIL=y + +#Additional tools: +#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E) CONFIG_DROPBEAR=n #Ethernet driver (Heads only) CONFIG_LINUX_E1000E=n -export CONFIG_TPM=y export CONFIG_BOOTSCRIPT=/bin/gui-init export CONFIG_BOOT_REQ_HASH=n export CONFIG_BOOT_REQ_ROLLBACK=n diff --git a/boards/x230/x230.config b/boards/x230/x230.config index 0b454f12b..0f5eafefd 100644 --- a/boards/x230/x230.config +++ b/boards/x230/x230.config @@ -1,17 +1,20 @@ -# Configuration for a x230 running Qubes and other OSes -# STATIC_OPTION_TABLE is set inside of coreboot config +# Configuration for a X230 running Qubes 4.1 and other Linux Based OSes (through kexec) # # Deactivated to fit in coreboot's CONFIG_CBFS_SIZE=0x700000 : # dropbear support(ssh client/server) # e1000e (ethernet driver) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_COREBOOT_VERSION=4.13 export CONFIG_LINUX_VERSION=4.14.62 CONFIG_COREBOOT_CONFIG=config/coreboot-x230.config CONFIG_LINUX_CONFIG=config/linux-x230.config -CONFIG_CRYPTSETUP=y +#Additional hardware support +CONFIG_LINUX_USB=y +CONFIG_LINUX_E1000E=n + +CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y CONFIG_GPG2=y @@ -20,23 +23,32 @@ CONFIG_UTIL_LINUX=y CONFIG_LVM2=y CONFIG_MBEDTLS=y CONFIG_PCIUTILS=y + +#Remote attestation support +#TPM based requirements +export CONFIG_TPM=y CONFIG_POPT=y CONFIG_QRENCODE=y CONFIG_TPMTOTP=y +#HOTP based remote attestation for supported USB Security dongle +#With/Without TPM support +CONFIG_HOTPKEY=n -#CONFIG_SLANG=y -#CONFIG_NEWT=y -CONFIG_CAIRO=y -CONFIG_FBWHIPTAIL=y +#Nitrokey Storage admin tool +CONFIG_NKSTORECLI=n -CONFIG_LINUX_USB=y +#GUI Support +#Console based Whiptail support(Console based, no FB): +CONFIG_SLANG=y +CONFIG_NEWT=y +#FBWhiptail based (Graphical): +#CONFIG_CAIRO=y +#CONFIG_FBWHIPTAIL=y -#SSH client/server +#Additional tools: +#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E) CONFIG_DROPBEAR=n -#Ethernet driver (Heads only) -CONFIG_LINUX_E1000E=n -export CONFIG_TPM=y export CONFIG_BOOTSCRIPT=/bin/gui-init export CONFIG_BOOT_REQ_HASH=n export CONFIG_BOOT_REQ_ROLLBACK=n diff --git a/config/coreboot-qemu-fbwhiptail.config b/config/coreboot-qemu-fbwhiptail.config index 2334ecd2d..5952dad0f 100644 --- a/config/coreboot-qemu-fbwhiptail.config +++ b/config/coreboot-qemu-fbwhiptail.config @@ -1,17 +1,16 @@ # CONFIG_INCLUDE_CONFIG_FILE is not set -CONFIG_CBFS_SIZE=0x750000 +CONFIG_CBFS_SIZE=0x780000 # CONFIG_POST_IO is not set -CONFIG_BOARD_EMULATION_QEMU_X86_Q35=y # CONFIG_POST_DEVICE is not set -CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_BOARD_EMULATION_QEMU_X86_Q35=y +# CONFIG_CONSOLE_SERIAL is not set +CONFIG_LINUX_COMMAND_LINE="debug" CONFIG_COREBOOT_ROMSIZE_KB_8192=y CONFIG_PCIEXP_ASPM=y CONFIG_PCIEXP_COMMON_CLOCK=y CONFIG_UART_PCI_ADDR=0 -CONFIG_CPU_MICROCODE_CBFS_GENERATE=y -# CONFIG_CONSOLE_SERIAL is not set +CONFIG_DRIVERS_PS2_KEYBOARD=y CONFIG_DEFAULT_CONSOLE_LOGLEVEL_6=y CONFIG_PAYLOAD_LINUX=y -CONFIG_LINUX_COMMAND_LINE="debug" CONFIG_PAYLOAD_FILE="../../build/qemu-coreboot-fbwhiptail/bzImage" CONFIG_LINUX_INITRD="../../build/qemu-coreboot-fbwhiptail/initrd.cpio.xz" diff --git a/config/coreboot-qemu.config b/config/coreboot-qemu.config index 5e9171259..9aed56225 100644 --- a/config/coreboot-qemu.config +++ b/config/coreboot-qemu.config @@ -1,17 +1,16 @@ # CONFIG_INCLUDE_CONFIG_FILE is not set -CONFIG_CBFS_SIZE=0x700000 +CONFIG_CBFS_SIZE=0x750000 # CONFIG_POST_IO is not set -CONFIG_BOARD_EMULATION_QEMU_X86_Q35=y # CONFIG_POST_DEVICE is not set -CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_BOARD_EMULATION_QEMU_X86_Q35=y +# CONFIG_CONSOLE_SERIAL is not set +CONFIG_LINUX_COMMAND_LINE="debug console=ttyS0 vga=786" CONFIG_COREBOOT_ROMSIZE_KB_8192=y CONFIG_PCIEXP_ASPM=y CONFIG_PCIEXP_COMMON_CLOCK=y CONFIG_UART_PCI_ADDR=0 -CONFIG_CPU_MICROCODE_CBFS_GENERATE=y -# CONFIG_CONSOLE_SERIAL is not set +CONFIG_DRIVERS_PS2_KEYBOARD=y CONFIG_DEFAULT_CONSOLE_LOGLEVEL_6=y CONFIG_PAYLOAD_LINUX=y -CONFIG_LINUX_COMMAND_LINE="debug console=ttyS0 vga=786" CONFIG_PAYLOAD_FILE="../../build/qemu-coreboot/bzImage" CONFIG_LINUX_INITRD="../../build/qemu-coreboot/initrd.cpio.xz" diff --git a/config/coreboot-t420-hotp-maximized.config b/config/coreboot-t420-hotp-maximized.config index 8ee9f3a36..84e7dcfe4 100644 --- a/config/coreboot-t420-hotp-maximized.config +++ b/config/coreboot-t420-hotp-maximized.config @@ -1,4 +1,4 @@ -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_USE_OPTION_TABLE=y CONFIG_STATIC_OPTION_TABLE=y CONFIG_VENDOR_LENOVO=y diff --git a/config/coreboot-t420-maximized.config b/config/coreboot-t420-maximized.config index ddad909b6..4a5aa616f 100644 --- a/config/coreboot-t420-maximized.config +++ b/config/coreboot-t420-maximized.config @@ -1,4 +1,4 @@ -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_USE_OPTION_TABLE=y CONFIG_STATIC_OPTION_TABLE=y CONFIG_VENDOR_LENOVO=y diff --git a/config/coreboot-t420.config b/config/coreboot-t420.config index cca7c7cc0..8d543806c 100644 --- a/config/coreboot-t420.config +++ b/config/coreboot-t420.config @@ -1,6 +1,6 @@ # CONFIG_INCLUDE_CONFIG_FILE is not set # CONFIG_COLLECT_TIMESTAMPS is not set -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_MEASURED_BOOT=y CONFIG_VENDOR_LENOVO=y CONFIG_CBFS_SIZE=0x750000 diff --git a/config/coreboot-t430-flash.config b/config/coreboot-t430-flash.config index e068b2944..3dcc2d576 100644 --- a/config/coreboot-t430-flash.config +++ b/config/coreboot-t430-flash.config @@ -1,14 +1,14 @@ -# CONFIG_INCLUDE_CONFIG_FILE is not set -# CONFIG_COLLECT_TIMESTAMPS is not set -CONFIG_USE_BLOBS=y -CONFIG_MEASURED_BOOT=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y -CONFIG_CBFS_SIZE=0x400000 -# CONFIG_POST_DEVICE is not set -CONFIG_DRIVERS_UART_8250IO=y -CONFIG_BOARD_LENOVO_THINKPAD_T430=y +CONFIG_NO_POST=y +CONFIG_CBFS_SIZE=0x700000 +CONFIG_BOARD_LENOVO_X230=y CONFIG_DRIVERS_PS2_KEYBOARD=y CONFIG_UART_PCI_ADDR=0 +CONFIG_CPU_MICROCODE_CBFS_NONE=y +CONFIG_NO_GFX_INIT=y +CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_TPM_MEASURED_BOOT=y CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 CONFIG_DEFAULT_CONSOLE_LOGLEVEL_8=y CONFIG_PAYLOAD_LINUX=y diff --git a/config/coreboot-t430-hotp-maximized.config b/config/coreboot-t430-hotp-maximized.config index 64ff4bb75..2a2362a0b 100644 --- a/config/coreboot-t430-hotp-maximized.config +++ b/config/coreboot-t430-hotp-maximized.config @@ -1,4 +1,4 @@ -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_USE_OPTION_TABLE=y CONFIG_STATIC_OPTION_TABLE=y CONFIG_VENDOR_LENOVO=y diff --git a/config/coreboot-t430-maximized.config b/config/coreboot-t430-maximized.config index 1098c3989..d2bdf5269 100644 --- a/config/coreboot-t430-maximized.config +++ b/config/coreboot-t430-maximized.config @@ -1,4 +1,4 @@ -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_USE_OPTION_TABLE=y CONFIG_STATIC_OPTION_TABLE=y CONFIG_VENDOR_LENOVO=y diff --git a/config/coreboot-t430.config b/config/coreboot-t430.config index 088572201..0b7fbf6a4 100644 --- a/config/coreboot-t430.config +++ b/config/coreboot-t430.config @@ -1,12 +1,15 @@ -CONFIG_MEASURED_BOOT=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y -CONFIG_CBFS_SIZE=0x700000 -CONFIG_BOARD_LENOVO_THINKPAD_T430=y CONFIG_NO_POST=y +CONFIG_CBFS_SIZE=0x700000 +CONFIG_BOARD_LENOVO_X230=y +CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" CONFIG_UART_PCI_ADDR=0 -# CONFIG_CONSOLE_SERIAL is not set +CONFIG_CPU_MICROCODE_CBFS_NONE=y +CONFIG_NO_GFX_INIT=y +CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_TPM_MEASURED_BOOT=y CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 -CONFIG_DEFAULT_CONSOLE_LOGLEVEL_5=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="../../build/t430/bzImage" CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" diff --git a/config/coreboot-x220-hotp-maximized.config b/config/coreboot-x220-hotp-maximized.config index b716c4f68..63f489275 100644 --- a/config/coreboot-x220-hotp-maximized.config +++ b/config/coreboot-x220-hotp-maximized.config @@ -1,4 +1,4 @@ -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y CONFIG_NO_POST=y CONFIG_CBFS_SIZE=0x750000 diff --git a/config/coreboot-x220-maximized.config b/config/coreboot-x220-maximized.config index 6cd9fa0be..b47974ed7 100644 --- a/config/coreboot-x220-maximized.config +++ b/config/coreboot-x220-maximized.config @@ -1,4 +1,4 @@ -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y CONFIG_NO_POST=y CONFIG_CBFS_SIZE=0x750000 diff --git a/config/coreboot-x220.config b/config/coreboot-x220.config index 10063a73f..c83e001b4 100644 --- a/config/coreboot-x220.config +++ b/config/coreboot-x220.config @@ -1,23 +1,20 @@ -# CONFIG_INCLUDE_CONFIG_FILE is not set -# CONFIG_COLLECT_TIMESTAMPS is not set -CONFIG_USE_BLOBS=y -CONFIG_MEASURED_BOOT=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y +CONFIG_NO_POST=y CONFIG_CBFS_SIZE=0x750000 -CONFIG_ONBOARD_VGA_IS_PRIMARY=y +CONFIG_IFD_BIN_PATH="../../blobs/xx20/ifd.bin" +CONFIG_ME_BIN_PATH="../../blobs/xx20/me.bin" +CONFIG_GBE_BIN_PATH="../../blobs/xx20/gbe.bin" CONFIG_HAVE_IFD_BIN=y +CONFIG_BOARD_LENOVO_X220=y +CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" +CONFIG_UART_PCI_ADDR=0 CONFIG_HAVE_ME_BIN=y CONFIG_HAVE_GBE_BIN=y -CONFIG_IFD_BIN_PATH="../../blobs/x220/ifd.bin" -CONFIG_ME_BIN_PATH="../../blobs/x220/me.bin" -CONFIG_BOARD_LENOVO_X220=y +CONFIG_NO_GFX_INIT=y CONFIG_DRIVERS_PS2_KEYBOARD=y -CONFIG_NO_POST=y -CONFIG_GBE_BIN_PATH="../../blobs/x220/gbe.bin" -#CONFIG_DEBUG_TPM=y +CONFIG_TPM_MEASURED_BOOT=y CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="../../build/x220/bzImage" -CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet loglevel=3" CONFIG_LINUX_INITRD="../../build/x220/initrd.cpio.xz" -CONFIG_DEBUG_SMM_RELOCATION=y diff --git a/config/coreboot-x230-flash.config b/config/coreboot-x230-flash.config index d5f7601d5..6d1af3eaf 100644 --- a/config/coreboot-x230-flash.config +++ b/config/coreboot-x230-flash.config @@ -1,17 +1,16 @@ -# CONFIG_INCLUDE_CONFIG_FILE is not set -# CONFIG_COLLECT_TIMESTAMPS is not set -CONFIG_USE_BLOBS=y -CONFIG_MEASURED_BOOT=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y -CONFIG_CBFS_SIZE=0x400000 -# CONFIG_POST_DEVICE is not set -CONFIG_DRIVERS_UART_8250IO=y +CONFIG_NO_POST=y +CONFIG_CBFS_SIZE=0x700000 CONFIG_BOARD_LENOVO_X230=y CONFIG_DRIVERS_PS2_KEYBOARD=y CONFIG_UART_PCI_ADDR=0 +CONFIG_CPU_MICROCODE_CBFS_NONE=y +CONFIG_NO_GFX_INIT=y +CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_TPM_MEASURED_BOOT=y CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 CONFIG_DEFAULT_CONSOLE_LOGLEVEL_8=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="../../build/x230-flash/bzImage" CONFIG_LINUX_INITRD="../../build/x230-flash/initrd.cpio.xz" -CONFIG_DEBUG_SMM_RELOCATION=y diff --git a/config/coreboot-x230-hotp-maximized.config b/config/coreboot-x230-hotp-maximized.config index d59e790c8..e5f0e436a 100644 --- a/config/coreboot-x230-hotp-maximized.config +++ b/config/coreboot-x230-hotp-maximized.config @@ -1,4 +1,4 @@ -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y CONFIG_NO_POST=y CONFIG_CBFS_SIZE=0xB80000 diff --git a/config/coreboot-x230-hotp-verification.config b/config/coreboot-x230-hotp-verification.config index e8eab0096..1e421f7f9 100644 --- a/config/coreboot-x230-hotp-verification.config +++ b/config/coreboot-x230-hotp-verification.config @@ -1,13 +1,15 @@ -CONFIG_MEASURED_BOOT=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y +CONFIG_NO_POST=y CONFIG_CBFS_SIZE=0x700000 CONFIG_BOARD_LENOVO_X230=y -CONFIG_NO_POST=y +CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" CONFIG_UART_PCI_ADDR=0 +CONFIG_CPU_MICROCODE_CBFS_NONE=y CONFIG_NO_GFX_INIT=y +CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_TPM_MEASURED_BOOT=y CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 -CONFIG_DEFAULT_CONSOLE_LOGLEVEL_5=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="../../build/x230-hotp-verification/bzImage" -CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" CONFIG_LINUX_INITRD="../../build/x230-hotp-verification/initrd.cpio.xz" diff --git a/config/coreboot-x230-maximized.config b/config/coreboot-x230-maximized.config index 4648a9541..9fad47aa3 100644 --- a/config/coreboot-x230-maximized.config +++ b/config/coreboot-x230-maximized.config @@ -1,4 +1,4 @@ -CONFIG_USE_BLOBS=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y CONFIG_NO_POST=y CONFIG_CBFS_SIZE=0xB80000 diff --git a/config/coreboot-x230.config b/config/coreboot-x230.config index 89e68c262..2f799e7ab 100644 --- a/config/coreboot-x230.config +++ b/config/coreboot-x230.config @@ -1,15 +1,15 @@ -CONFIG_MEASURED_BOOT=y +# CONFIG_USE_BLOBS is not set CONFIG_VENDOR_LENOVO=y +CONFIG_NO_POST=y CONFIG_CBFS_SIZE=0x700000 CONFIG_BOARD_LENOVO_X230=y -CONFIG_NO_POST=y +CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" CONFIG_UART_PCI_ADDR=0 +CONFIG_CPU_MICROCODE_CBFS_NONE=y CONFIG_NO_GFX_INIT=y +CONFIG_DRIVERS_PS2_KEYBOARD=y +CONFIG_TPM_MEASURED_BOOT=y CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 -CONFIG_DEFAULT_CONSOLE_LOGLEVEL_5=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="../../build/x230/bzImage" -CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" CONFIG_LINUX_INITRD="../../build/x230/initrd.cpio.xz" -CONFIG_USE_OPTION_TABLE=y -CONFIG_STATIC_OPTION_TABLE=y