at present, the inject scripts compress refcode in a way
that is not reproducible, so there's no way to verify
that the firmware is correct, via checksum verification,
when injecting vendor code on release images
the lack of reproducibility in recompression will have to be
addressed, but the issue is that lbmk does not provide its own
sources for compression utilities, instead opting to use the
system's own compression utility
so the solution might be for lbmk not to use the host's utility,
and compile its own, or insert the refcode uncompressed. for now,
simply disable the hp 820 g2 target in libreboot releases
this uses the same logic recently implemented for excluding
mrc-based haswell images in libreboot releases
Signed-off-by: Leah Rowe <leah@libreboot.org>
release="n" is set in target.cfg on haswell build targets
that use mrc.bin
script/update/release exports LBMK_RELEASE="y"
script/build/roms skips building a given target if release="n"
in target.cfg *and* LBMK_RELEASE="y"
you could also do the export yourself before running ./build roms,
for example:
export LBMK_RELEASE="y"
./build roms all
This would skip these ROM images. The native haswell raminit is
now stable enough in my testing, that I wish to delete the MRC-based
targets. This is in line with Libreboot's Binary Blob Reduction Policy,
which states: if a blob can be avoided, it should be avoided.
The problem is that users often run the inject script in *lbmk* from
Git, instead of from the src release archive. I forsee some users
running this on modern lbmk with older release images. If the mrc-based
target isn't there, the user may use an NRI-based target name, and
think it works; they will insert without MRC. I foresaw this ages
ago, which is why Caleb and I ensured that the script checks hashes,
and hashes are included in releases.
Therefore: for the time being, keep the MRC-based configs in lbmk
but do not include images for them in releases. This can be done
indefinitely, but I'll probably remove those configs entirely at
some point.
On the following boards, Libreboot now will *only* provide NRI-based
ROM images for the following machines:
* Dell OptiPlex 9020 SFF
* Dell OptiPlex 9020 MT
* Lenovo ThinkPad T440p
* Lenovo ThinkPad W541/W540
I now recommend exclusive use of NRI-based images, on Haswell
hardware. It's stable enough in my testing, and now supports S3.
Signed-off-by: Leah Rowe <leah@libreboot.org>
sff happened to work, but mt would not boot with the patch,
because it called die() on unknown chassis type, and the gpio
happened to have a bad value in the old patch, because it wasn't
reading the right gpio.
i tested the fix on the old patch, but then decided to use
mate's new patch because instead of calling die(), it simply
boots with fan control disabled (max fan speed in that case),
if this happens again.
mt and sff have both been tested with this new version of the
patch. both of them boot, and they both have proper fan control.
Signed-off-by: Leah Rowe <leah@libreboot.org>
a hangover from earlier days, but i still disable it. i forgot
to do so on this config, when updating the nri code. do it now.
Signed-off-by: Leah Rowe <leah@libreboot.org>
hell added a patch fixing S3 on haswell NRI, but it seems
you still need to set 8MB CBFS size as with the MRC
tested on a t440p. S3 now works on haswell NRI.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the t440p/w541 configs were re-done from scratch, because
the coreboot revisions are nearly two years apart.
i also added corebootfb configs.
hell updated their patchset. this patchset uses the following patch:
https://review.coreboot.org/c/coreboot/+/81948/1
it uses this, along with parent patches in the haswell nri patch series
Signed-off-by: Leah Rowe <leah@libreboot.org>
see:
https://review.coreboot.org/c/coreboot/+/81529
what i've merged is patchset 4. i had to rebase it slightly,
because the libreboot version has the iommu toggle on cmos
configs, which are files that mate's patch also changes,
leading to merge conflict.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the grub payload was previously disabled, because the libre
mrc code sets up xhci rather than ehci, and grub did not have
xhci support (not natively).
libreboot now has xhci support in the grub payload, so enable
grub on these configurations.
Signed-off-by: Leah Rowe <leah@libreboot.org>
broadwell mrc enables both igpu and dgpu to be enabled
at any given time. if the onboard (intel) gpu is set as
primary, the logic to disable it is not executed within
coreboot; instead, the igpu is used for vga decode.
on some t440p/w541 thinkpads, both an intel and nvidia
gpu are present. in this setup, the intel gpu must be
used for vga, and all output, but rendering can be
offloaded to the nvidia gpu (nvidia optimus).
optimus would never work on haswell mrc.bin, because it
always disables the igpu when a dgpu is present, so a hack
exists in coreboot that hides the dgpu from mrc, so that the
igpu remains enabled. broadwell mrc doesn't do this, so the
option to hide PEG devices has been disabled in these
configs.
the broadwell mrc has better peg device handling, and can
support 16gb modules on broadwell hardware; it may well
support these modules on haswell hardware too, though ddr3
sodimms are very hard to find (and expensive). (and currently
untested, with this patch)
Signed-off-by: Leah Rowe <leah@libreboot.org>
broadwell mrc has better peg handling and can support 16gb
modules on broadwell machines - the blob can be used on haswell
machines too, instead of haswell mrc, and it might support 16gb
modules on these machines (not yet tested, but using broadwell
mrc does at least boot as reliably as haswell mrc anyway)
one little quirk with haswell mrc is that it actually handles
vga decode, disabling the igpu entirely, when a dgpu is used.
the broadwell mrc enables both GPUs and does not handle vga
decoding, so we must handle this the usual way; my patch for
this was merged upstream and i'm also adding it to libreboot,
which currently uses an older coreboot revision. this is needed
for dgpu to work. see patch:
0040-nb-haswell-Disable-iGPU-when-dGPU-is-used.patch
broadwell mrc may also make dealing with nvidia optimus setups
more reliable, on laptops that have nvidia GPUs, but this patch
does not add bmrc configs for t440p/w541
NOTE: on t440p/w541 laptops with nvidia graphics, the video output
is wired to intel but rendering can be offloaded to nvidia. in this
setup, we want vga decode to be done on intel, so i've set these
configs to enable CONFIG_ONBOARD_VGA_IS_PRIMARY (set it to y)
Signed-off-by: Leah Rowe <leah@libreboot.org>
see:
https://github.com/9elements/grub/commits/xhci-module-upstreaming-squash_v4/
grub only supports xhci on bios/uefi targets, but not coreboot.
some newer machines don't have ps/2 controllers, and boot in a
way where ehci isn't available at startup; the controller can't
be used by ehci code, there must be xhci support.
the code is from Patrick Rudolph working on behalf of 9elements.
the code was also sent here for review:
https://lists.gnu.org/archive/html/grub-devel/2020-12/msg00111.html
however, upstream never merged these patches. libreboot will have
to maintain these from now on. the patches have been rebased for
use with grub 2.12.
Signed-off-by: Leah Rowe <leah@libreboot.org>
3rd sata slot (of 3) broken on 9020 sff, and the 3rd and 4th (of 4)
slots are broken on 9020 mt
this patch fixes them on both, so that all ports work properly
Signed-off-by: Leah Rowe <leah@libreboot.org>
Needed to make graphics cards work. Turn it on if you're using
only the Intel GPU.
With IOMMU *enabled*, graphics cards do not work reliably at all.
The cause still needs to be investigated, but the symptoms are
graphical corruption on the screen, and Xorg usually crashes.
In some cases (on some cards), TTYs can still be used; the payload
can still be used reliably, on a graphics card, but Xorg fails to
work properly.
This could be a bug in Linux drivers, instead of anything that
coreboot does (not yet tested in factory BIOS).
Leaving it off by default will ensure reliable operation on all
setups, whether an iGPU or dGPU is used.
Signed-off-by: Leah Rowe <leah@libreboot.org>
It is now possible to disable the IOMMU on Haswell
boards, by doing this on your ROM image:
./nvramtool -C libreboot.rom -w iommu=Disable
To enable it again, do this:
./nvramtool -C libreboot.rom -w iommu=Enable
If not specified, the default behaviour is *on*.
A follow-up patch will turn IOMMU *off* by default,
on Dell OptiPlex 9020 SFF/MT, by setting it as such
in cmos.default. This is to make graphics cards work
properly to work around a bug when it's turned on.
Leaving the IOMMU enabled is recommended, if it works.
It works in most cases, including on 9020 SFF/MT when
using the Intel GPU without a graphics card inserted.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the current entry is fine, but it would then not support
other configs of different flash sizes, unless they are
explicitly defined.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This is required by the Latitude E5530, which uses a Broadcom NIC
instead of the Intel ones. The original port was missing this file.
Signed-off-by: Nicholas Chin <nic.c3.14@gmail.com>
Iru Cai's port from Gerrit:
https://review.coreboot.org/c/coreboot/+/39398
Now with the proper MXM structure, which removes the 30 second POST
delay. Tested with i7-2670QM, Quadro 2000M and 32GB RAM.
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
this merges the fix from:
https://codeberg.org/libreboot/pico-serprog/pulls/1
however, PRs are not to be sent there. riku merged it in
his repository, and i pulled it in the mirror hosted
on libreboot codeberg
Signed-off-by: Leah Rowe <leah@libreboot.org>
The OptiPlex 9020/7020 port was merged first and was numbered 31.
Increment the numbering of the Latitude patches to reflect this.
Signed-off-by: Nicholas Chin <nic.c3.14@gmail.com>
i enabled it but it's buggy according to comments on gerrit.
disable for now. dgpu didn't work anyway, even with it turned
off, when i had this tested.
Signed-off-by: Leah Rowe <leah@libreboot.org>
keep dell9020mt_12mb
dell9020mtvga_12mb doesn't actually work (was tried for
running a graphics card on its own, with no igpu init)
Signed-off-by: Leah Rowe <leah@libreboot.org>
this was done automatically by running:
./update trees -u coreboot
this has to be done when adding patches for now board ports,
because of the way lbmk and also coreboot's build systems work.
the configs just have to be re-generated to include a line
that says the entry for the newly added boards isn't set. look
at the diff of this commit as an example.
Signed-off-by: Leah Rowe <leah@libreboot.org>
on a dgpu setup, igpu was still in use, when tested
by a user. do separate roms that don't enable anything
vga in coreboot, relying instead only on seabios to
execute a vga rom. these roms will only work if you
have a graphics card.
Signed-off-by: Leah Rowe <info@minifree.org>
Specifically the MT versions. The SFF versions will
be added separately, in a later commit.
See: https://review.coreboot.org/c/coreboot/+/55232
This patch has been added, from patchset 31. It still
has some unresolved issues, on that patchset, but
it should boot. See commit message there.
Of note: I've enabled PCI REBAR, though it's unknown
whether it will work (some comments there about it though,
on that gerrit page).
I've also set CBFS size to 8MB, not the full size of
the BIOS region; this is required on the T440p which
uses the same mrc.bin file, to get S3 working.
TSEG stage cache disabled, as on other Haswell boards.
The setup: SeaBIOS-only as first payload, but with GRUB
enabled as secondary payload. The _grubonly setup has
been enabled here. This way, the config will work on
iGPU and dGPU setups without issue.
Signed-off-by: Leah Rowe <info@minifree.org>
coreboot gerrit patch 55232, patchset 31
the actual board will be enabled in a follow-up patch.
merging the patch on its own first is better practise,
to run ./update trees -u coreboot
this way, there won't be a revision that breaks builds,
due to the idiosyncratic nature of coreboot configuration.
Signed-off-by: Leah Rowe <info@minifree.org>
Riku introduced three new patches:
* Add support for multiple chip selects. This allows you to
control multiple chips from the same clip, on systems with
dual flash setups, at least theoretically.
* Enable pull-up on unused chip selects - pull them high so
that chips you connect that to are deactivated while flashing
the target chip. This could be used on thinkpad W541 for
instance, where miso/mosi have 0ohm between them via the two
flash ICs. You could pull the other chip select high.
* Documentation for the above, in the pico-serprog readme.
This goes in tandem with a patch from Riku, present in the
recently integrated flashprog project, namely:
commit ddb6d926783d4f9cbee04c7392718ed8f89daa0e
Author: Riku Viitanen <riku.viitanen@protonmail.com>
Date: Mon Jan 15 19:15:49 2024 +0200
serprog: Add support for multiple SPI chip selects
This functionality will therefore be present in the next
release of Libreboot.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Nico Huber is the rightful project lead. I do not support
the coup that occured within the flashrom project. Nico
has always been of great service to the Libreboot project,
by virtue of his work on both coreboot and flashrom.
Nico Huber was unfairly removed from the flashrom project
infrastructure, due to unfounded accusations hurled at him
by flashrom's new project lead. The accusations are unfounded
because no evidence was given.
Use Nico Huber's fork, named flashprog. We will work with
flashprog from now on.
Signed-off-by: Leah Rowe <leah@libreboot.org>
CONFIG_PS2M_EISAID. this is a a string used for the
identifier on the mouse, in ACPI.
CONFIG_PS2K_EISAID this is used for the keyboard.
IASL comes back with this build error:
dsdt.asl 1884: Name(_HID, EISAID("DLLK0534"))
Error 6045 - ^ EISAID string must be of the form "UUUXXXX" (3 uppercase, 4 hex digits) (DLLK0534)
Change DLLK0534 back to PNP0303 and
change DLL0534 back to PNP0F13. These are generic identifiers
for PS/2 keyboard and mouse. Any generic driver will work with
the onboard mouse/keyboard on these machines. They do not need
to be changed. These are the default values anyway. Just leave
them explicitly defined to the default values, for now; if these
options are not set, coreboot will default to these values.
This shouldn't break anything for the users. I've reported this
to Nicholas Chin, author of those patches. Libreboot imported
the new versions of E6430/E6530 board patches in the coreboot
revision update, but the new (technically correct) values broke
IASL, so I've decided to use the old values for now.
Signed-off-by: Leah Rowe <leah@libreboot.org>
re-use the same patches, and drop the same patches.
this tree uses hell's special ddr2 fix, which we apply
for the dell latitude e6400.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Base revision changed to:
commit b6cbfa977f63d57d5d6b9e9f7c1cef30162f575a
Author: Morris Hsu <morris-hsu@quanta.corp-partner.google.com>
Date: Fri Jan 5 16:48:17 2024 +0800
mb/google/dedede/var/metaknight:Add fw_config probe for multi codec
and amplifier
Of note:
Several out-of-tree ports have been adjusted to use the new SPD config
style, where it is defined in devicetree. I manually updated the E6530
patch myself, based on the update that Nicholas did on E6430 (Nicholas
will later update the E6530 patch himself, and I'll re-merge the patch).
Several upstream patches now exist in this revision, that we were able
to remove from lbmk.
The heap size patch was reverted upstream, as we did, but see:
https://review.coreboot.org/c/coreboot/+/80023https://review.coreboot.org/c/coreboot/+/79525
Although we still disable the TSEG Stage Cache, ivy/sandy/haswell should
be reliable on S3 now (leaving TSEG Stage Cache disabled, for now, anyway).
Also included in upstream now:
commit 29030d0f3dad2ec6b86000dfe2c8e951ae80bf94
Author: Bill Xie <persmule@hardenedlinux.org>
Date: Sat Oct 7 01:32:51 2023 +0800
drivers/pc80/rtc/option.c: Stop resetting CMOS during s3 resume
Further patches from upstream:
commit 432e92688eca0e85cbaebca3232f65936b305a98
Author: Bill Xie <persmule@hardenedlinux.org>
Date: Fri Nov 3 12:34:01 2023 +0800
drivers/pc80/rtc/option.c: Reset only CMOS range covered by checksum
This should fix S3 on GM45 thinkpads.
Signed-off-by: Leah Rowe <leah@libreboot.org>
these should be using the rdimm tree for crossgcc,
so define it explicitly. the build system creates
a symlink too, but it's still best that we use it.
Signed-off-by: Leah Rowe <leah@libreboot.org>
in a build test, canoeboot 0.1 builds, but master doesn't,
and neither does lbmk. i changed a few of them when doing
the crossgcc build optimisation patches.
i'm just copying the configs from there. unlike in the
canoeboot version of this patch, i've re-enabled microcode
updates in these lbmk configs.
Signed-off-by: Leah Rowe <leah@libreboot.org>
a tree can specify:
tree_depend="treename"
this will make the other tree be downloaded. this is
used for coreboot trees, to ensure that dependency
trees are downloaded, because trees can now re-use
crossgcc from other trees.
Signed-off-by: Leah Rowe <leah@libreboot.org>
let them specific it, rather than falling back
to coreboot/default (can also be used for coreboot boards)
Signed-off-by: Leah Rowe <leah@libreboot.org>
There is no need to add multiple keymap files, because
GRUB can load keymaps from CBFS. The current build logic
is designed to avoid building multiple GRUB binaries,
which are expensive computationally because each one
would then have to be compressed for each board.
This patch provides the best of both worlds: less space
used in flash like in the old lbmk design (1 keymap per
board), but retaining the current build speeds and therefore
not re-introducing the slowness of lbmk's previous GRUB
build logic.
The grub.cfg file has been modified, accordingly. It now
only loads a keymap.gkb file from CBFS, by default. It does
this, only if that file exists; if not, GRUB already defaults
to US Qwerty layout anyway.
ALSO: compress all keymap gkb files with xz -6
GRUB automatically decompresses files when accessed.
This results in about 2KB of flash space saved in CBFS.
Here is real-world data, showing the increased flash space:
< fallback/payload 0x3eb80 simple elf 548821 none
< keymap.cfg 0xc4bc0 raw 16 none
< (empty) 0xc4c00 null 11633316 none
---
> fallback/payload 0x3eb80 simple elf 546787 none
> keymap.gkb 0xc43c0 raw 344 none
> (empty) 0xc4540 null 11635044 none
This was taken by diffing the cbfstool "print" output,
both before and after. The *after* result is with this change.
11633316. In this example, 1728 bytes have been saved. Therefore,
with compression taken into account, this patch saves about 1.7KB
of space in CBFS.
This change means that lbmk can now scale to support hundreds
of keymaps, without increasing the amount of flash space used,
in each given image. Since the keymap files are compressed in
lbmk.git, in advance, we spend no additional time on compression
at build time. The resulting change in build speed in negligible.
Adding your own keymap.gkb file was already possible, for changing
the keymap in libreboot images, if you didn't want to change the
memdisk (and thus re-compile grub.elf). Now, this is the default
behaviour, and the only way to do it. It's much more efficient.
The original keymap files can be restored, by running unxz.
Signed-off-by: Leah Rowe <leah@libreboot.org>
with neutered ME, fan control fails. while there are
ways to mitigate it, many users will not, and will
likely see their system overheat, which is very
dangerous.
this bug (failed fan control on neutered ME) only
affects arrandale machines such as lenovo x201.
the newer machines are not affected by this.
other arrandale machines will probably not be added
to libreboot because of this, or they will be subject
to further testing.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This is of Broadwell platform, one generation above Haswell.
Of note: this uses HP Sure Start. Although the flash is 16MB,
our CBFS section (and IFD configuration) assumes 12MB flash,
so the final 4MB will be left unflashed on installation,
after blanking the private flash. The coreboot documents have
more information about this.
Some minor design changes in lbmk were made, to accomodate
this port:
Support for extracting refcode binaries added (pulled from
Google recovery images). The refcode file is an ELF that
initialises the MRC and the PCH. It is also responsible for
enabling or disabling the Intel GbE device, where Google
does not enable it, but lbmk modifies it per the instructions
on the coreboot documentation, so as to enable Intel GbE.
Google's recovery image stores the refcode as a stage file,
but coreboot changed the format (for CBFS files) after 4.13
so coreboot 4.13's cbfstool is used to extract refcode. This
realisation made me also change the script logic to use a
cbfstool and ifdtool version matching the coreboot tree, for
all parts of lbmk, whereas lbmk previously used only the
default tree for cbfstool/ifdtool, on insertion and deletion
of vendor files - it was 81dc20e744 that broke extraction of
refcode on google's recovery images, where google used an older
version of cbfstool to insert the files in their coreboot ROMs.
A further backported patch has been added, copying coreboot
revision f22f408956 which is a build fix from Nico Huber.
Iru Cai submitted an ACPI bugfix after the revision lbmk
currently uses, for coreboot/default, and this fix is
needed for rebooting to work on Linux 6.1 or higher. This
patch has been backported to lbmk, while it still uses the
same October 2023 revision of coreboot.
Broadwell MRC is inserted at the same offset as Haswell,
so I didn't need to tweak that.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Actually, it's 2 commits after 2.12, because there was a
patch added afterwards, fixing a build issue on Gentoo.
These changes are present in GRUB 2.12, relative to the
revision that we previously used on lbmk:
* b835601c7 build: Include grub-core/extra_deps.lst in dist
* 8961305b4 Bump version to 2.13
* 5ca9db22e Release 2.12
* 477a0dbd5 efi: Add support for reproducible builds
* dcc1af5d6 efi: Generate stack protector canary at build time if urandom is available
* e424e945c efi: Initialize canary to non-zero value
* 7c8ae7dcb gfxmenu/gui_image: Fix double free of bitmap
* 63fc253fc commands/acpi: Fix calculation of ACPI tables addresses when processing RSDT and XSDT
* f20123072 libnvpair: Support prefixed nvlist symbol names as found on NetBSD
* a13df3d15 bootstrap: Don't check gettext version
* 6d2aa7ee0 kern/mm: Use %x and cast for displaying sizeof()
* b3d49a697 configure: Add RPATH for freetype on NetBSD
* 52dbf66ea configure: Add *BSD font paths
* 2d6a89980 autogen: Accept python3.10 as a python alternative
* 3d4cb5a43 build: Rename HAVE_LIBZFS to USE_LIBZFS
* e4dbe5cfa gnulib: Tolerate always_inline attribute being ignored
* 31e47cfe2 util/editenv: Don't use %m formatter
* f5905f656 osdep/bsd/hostdisk: Fix NetBSD compilation
* cb1824a87 osdep/generic/blocklist: Fix compilation
* 2f3faf02c disk/diskfilter: Remove unused variable
* 3815acc57 build: Tolerate unused-but-set in generated lexer/bison files
* c129e44e7 loader/i386/bsdXX: Fix loading after unaligned module
* 89fbe0cac grub-core/Makefile.am: Make path to extra_deps.lst relative to $(top_srcdir)/grub-core
* 353beb80c util/grub-install: Move platdir path canonicalization after files were copied to grubdir
* f18a899ab util/grub-mkstandalone: Ensure deterministic tar file creation by sorting contents
* ed74bc376 util/grub-mkstandalone: Ensure stable timestamps for generated images
* 069cc46c9 net/http: Fix gcc-13 errors relating to type signedness
* e7a831963 templates: Reinstate unused version comparison functions with warning
* 3f9eace2d util/grub-install: Delay copying files to {grubdir,platdir} after install_device was validated
* e60015f57 efi: Set shim_lock_enabled even if validation is disabled
* e35683317 docs: Improve bli module documentation
* 57059ccb6 bli: Add explicit dependency on the part_gpt module
* 154dcb1ae build: Allow explicit module dependencies
* 17c68472d kern/ieee1275/init/ppc64: Display upper_mem_limit when debugging
* 5f8e091b6 kern/ieee1275/init/ppc64: Fix a comment
* dc569b077 kern/ieee1275/ieee1275: Display successful memory claims when debugging
* 0ac3d938a loader/powerpc/ieee1275: Use new allocation function for kernel and initrd
* 2a9a8518e kern/ieee1275/cmain/ppc64: Introduce flags to identify KVM and PowerVM
* 679691a13 kern/ieee1275/init/ppc64: Rename regions_claim() to grub_regions_claim()
* d49e86db2 kern/ieee1275/init/ppc64: Add support for alignment requirements
* fe5d5e857 kern/ieee1275/init/ppc64: Return allocated address using context
* ea2c93484 kern/ieee1275/init/ppc64: Decide by request whether to initialize region
* 0bb59fa9a kern/ieee1275/init/ppc64: Introduce a request for regions_claim()
* aa7c13226 fs/xfs: Add large extent counters incompat feature support
Most notable in the above log, that are beneficial to Libreboot
users, are:
aa7c13226 which improves XFS support (large extents), which is default
now on many setups.
ed74bc376 which introduces more stable timestamp generation when using
grub-mkstandalone. this is what lbmk uses to generate grub.elf, whereas
grub previously only implemented this fix on mkimage which we don't use
f18a899ab which ensures deterministic (reproducible) tar file creation
by sorting contents (file names / directories). this is done by sorting
the entries
f5905f656 which improves grub build system reliability on netbsd and
openbsd systems - useful for us because an ambition of lbmk is to port
the build system to run on bsd systems, and we will still want grub -
several other of the changes here are beneficial for BSD aswell, all
or most of them by Vladimir Serbinenko
Signed-off-by: Leah Rowe <leah@libreboot.org>
this is now used in grub, for the FS_PAYLOAD_MODULES
option in the make command
lbmk should generalise as much logic as possible. in
some parts of it, logic is hurrently hardcoded, specific
to a given project that lbmk uses, but lbmk is essentially
a source-based package manager, like what you might find
on a small linux distro, so we need to try to
be as generic as possible.
lbmk is the "build system of build systems", so it has to
work generically with as many of them as possible
Signed-off-by: Leah Rowe <leah@libreboot.org>
it is no longer hardcoded just to be handled for uefiextract.
it is now defined as cmakedir in target.cfg, for a single or
multi tree project. if multi tree, it is applied to the specific
tree, and has to be defined per tree
the way it works is: as per cmakelist, a project will define
which directory is to be built, and it will then generate
a makefile in the main source tree (the build tree in cmake
language, where the main CMakeLists.txt file exists)
when the makefile has been generated, the project is then treated
like any other project. the way cmake works, if a makefile has
already been generated by it, in a given directory, running it
again will fail and not affect anything; if it fails but the
makefile doesn't exist, then something is wrong, but if the
makefile does exist, then it's all fine and nothing happens
at present, this is only used for uefiextract, which is part
of src/uefitool
Signed-off-by: Leah Rowe <leah@libreboot.org>
at present, the bootstrap and configure script is only
directly executed for grub, because grub is the only
project that uses them in lbmk
however, when i start adding linuxboot support, i will
have to start building a lot of projects, some of which
make use autoconf and bootstrap scripts
e.g.
./bootstrap --foo
./configure --bar
the "bootstrap" script is often used on GNU programs,
because they like to over-engineer absolutely everything
Signed-off-by: Leah Rowe <leah@libreboot.org>
arch no longer needs to be set, on multi-tree projects,
and it has been renamed to xarch
the new behaviour is: if xarch is set, treat it as a
list of crossgcc targets and go through the list. set
the first one as the target, for what lbmk builds, but
build all of the defined crossgccc targets
crossgcc_ada is now xlang, and defines which languages
to build, rather than whether to build gcc-gnat
Signed-off-by: Leah Rowe <leah@libreboot.org>
i had to run make-oldconfig on all of them, because
of the port that riku added the other day. lbmk doesn't
use defconfigs, it uses full configs, so we have to
make sure they're kept in sync
this patch is the result of running the following command
in a fresh clone of lbmk:
./update trees -u coreboot
i should probably switch to defconfigs.
Signed-off-by: Leah Rowe <leah@libreboot.org>
riku committed a new patch, that fixes build errors
when PICO_DEFAULT_LED_PIN is not defined, on a given
board. in such cases, riku's new patch just disables
handling of the status LED, but LEDs continue to work
on boards where it is defined.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the new revision sets drive level to 12mA instead
of the default 4mA. 16-20mA is the maximum tolerated
level for data lines, on most flash ICs, so 12mA is
relatively safe.
riku did this a while ago, tested on pico pi.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the e6400_4mb target has libgfxinit and (if seabios) vgarom
initialisation, but has issues on the nvidia model, even when
using nomodeset. with this target, e6400nvidia_4mb, only
the vgarom initialisation is used, libgfxinit is disabled.
on nvidia models, this one should work a little bit better.
specifically: nouveau crashes on this machine, with libreboot
installed, but you can use nomodeset. however, when libgfxinit
is also enabled, nomodeset no longer works properly.
so this target disables all video initialisation in coreboot.
only seabios will initialise anything video-related, by
executing the vga option rom.
Signed-off-by: Leah Rowe <leah@libreboot.org>
at present, lbmk can remove microcode updates on images for
a given target, if the target specifies
microcode_required="n" in target.cfg
lbmk then provides images with microcode, and images without,
in a given release. although the user can also remove them
manually, this just makes it a bit more convenient, for those
users who do wish to run without the updates. this functionality
is provided only on those platforms where no-microcode is tested.
well, this behaviour implements a compromise on libreboot policy,
which is to always include microcode updates by default. see:
Binary Blob Reduction Policy
the *canoeboot* project now exists, developed in parallel with
libreboot, and it ships without microcode updates, on the same
targets where lbmk also handled this.
running without microcode updates is foolish, and should not
be encouraged. clean up lbmk by not providing this kludge.
the libreboot documentation will be updated, telling such users
to try canoeboot instead, or to remove the update from a given
libreboot rom - this is still possible, and mitigations such as
PECI disablement on GM45 are still in place (and will be kept),
so that this continues to work well.
Signed-off-by: Leah Rowe <leah@libreboot.org>
this affects 8460p and 8470p only, as the others' updates
aren't common across different boards
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
don't handle "romtype" at all, in board target.cfg files
add /dev/null as pike2008 rom on amd boards. this serves
the same purpose, adding them as empty vga roms, to add
an empty rom in cbfs. pike2008 cards cause seabios to hang,
when their oproms are executed, so we insert a fake rom
on i945 thinkpads, use the coreboot config option:
CONFIG_INTEL_ADD_TOP_SWAP_BOOTBLOCK
when set, this enables the same bootblock copy, for use
with bucts. these two cases, namely pike2008 roms and
i945 bootblock copies, no longer need to be handled in code
Signed-off-by: Leah Rowe <leah@libreboot.org>
the x220 edp patch invalidated lots of configs, so
i did: ./update trees -u coreboot
this is the resulting patch
Signed-off-by: Leah Rowe <leah@libreboot.org>
only call crossgcc for coreboot and u-boot, but use
hostcc for everything else. simplify the checking of
which architecture to compile for. "arch" in target.cfg
files has been modified, to allow further simplification.
without this patch, the logic currently only *barely* avoids
using crossgcc on things like utils, and only works in practise
because, in practise, lbmk only works on x86_64 anyway.
the new logic, as per this patch, is simpler and more robust.
Signed-off-by: Leah Rowe <leah@libreboot.org>
The component 1 and 2 densities were still set to 8 MiB and 4 MiB
respectively, which is incorrect for 16 MiB only configurations.
Change the component 1 density to 16 MiB so that the address space
gets properly mapped to SPI 1. In addition, change the number of
components field (byte 0x15) to 0x00 to indicate 1 flash chip.
Signed-off-by: Nicholas Chin <nic.c3.14@gmail.com>
Inside the BIOS update, there's 68SCE and 68SCF variants.
Based on Qubes HCL and browsing linux-hardware.org, these are
Probook 6360b and Elitebook 8460p respectively.
I checked the KBC1126 EC Firmwares within the update file, both
use the exact same firmware images. Following-up will be a very
similar but untested port for 6360b.
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
there are special menuentries just for loading
configs, without handling luks, lvm and whatnot.
it's intended for users of cd/dvd drives. well,
now we support both extlinux and grub, with this patch.
Signed-off-by: Leah Rowe <leah@libreboot.org>
isolinux/syslinux/extlinux config files should all work,
using the syslinux parser function in grub
the current behaviour is to only search for grub.cfg,
so extlinux users can't use the default libreboot setup.
with this change, their systems should hopefully work.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the so-called EFI System Partition (ESP) is used
on many UEFI-based setups. some users may be
migrating to libreboot, so let's support it.
on BIOS setups, it would be e.g.
/boot/syslinux/syslinux.conf
on UEFI setups, it would be e.g.
/boot/EFI/syslinux/syslinux.conf
additionally, support scanning for extlinux.conf
Signed-off-by: Leah Rowe <leah@libreboot.org>
lvm/* is slow to resolve in grub, on some machines,
because grub enumeration is very slow in general.
however, many people will install distros with any
number of lvm configurations, so we should try to
support them.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This reverts commit 20389655e4.
If the user actually has encryption, but has /boot unencrypted,
this will considerably slow down the boot, so the patch has
been reverted.
The patch was originally meant to favour encrypted /boot
setups, but the old behaviour also still works there.
when the user sets up an encrypted machine, grub.cfg
defaults to non-encrypted setups if found, first
this patch reverses the order, deferring to
non-encrypted installations only when encrypted ones
are unavailable
Signed-off-by: Leah Rowe <leah@libreboot.org>
install libfreetype-dev, instead of libfreetype6-dev
this still works in debian stable (currently 12.2) but
fixes debian sid, as of 15 November 2023. my test machine
with debian sid could not install libfreetype6-dev, but
could install libfreetype-dev
Signed-off-by: Leah Rowe <leah@libreboot.org>
apparently some people use fat file systems for /boot
on linux systems
this is apparently a thing
it's ridiculous, but also a thing
a user reported they could not boot their t400 because
of those, because they have such a distro installed
on their machine
apparently it was a gentoo user
i don't really care. re-add 1980s dos file system support.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Now the revision is:
64e3cee72ab8f5876abfebb263b5e6cf7c4a9a4e
The old revision was:
e58b870ff926415e23fc386af41ff81b2f588763
With this new revision update, the following patches have
been imported from the upstream GRUB project:
* 64e3cee72 gpt: Add compile time asserts for guid and gpt_partentry sizes
* 7de6fe963 types: Split aligned and packed guids
* 5fc985bfd gpt_partition: Mark grub_gpt_partentry as having natural alignment
* 7ad30299d efi: Deduplicate configuration table search function
* c6cf807fc lsefi: Add missing static qualifier
* a964e359b types: Fix typo
* 3f79e3b15 util/grub-mount: Check file path sanity
* 85e40b36e configure: Make the DJVU_FONT_SOURCE configurable with --with-dejavufont=FILE
* 2d6631d2a configure: Make the Unifont FONT_SOURCE configurable with --with-unifont=FILE
* 07318ee7e fs/xfs: Fix XFS directory extent parsing
* ad7fb8e2e fs/xfs: Incorrect short form directory data boundary check
* 4e10213de Revert "zfsinfo: Correct a check for error allocating memory"
* 4266fd2bb disk/i386/pc/biosdisk: Read up to 63 sectors in LBA mode
* cab04dcda kern/i386/pc/init: Flush cache only on VIA C3 and earlier
* 3c7e84257 fs/btrfs: Zero file data not backed by extents
* 4bcf6f747 kern/ieee1275/init: Restrict high memory in presence of fadump on ppc64
* cf58eca2a tests/util/grub-shell: Enable RNG device to better test stack smashing
* c3bdf263f kern/efi/init: Disable stack smashing protection on grub_efi_init()
* 95963d97f disk/cryptodisk: Add support for LUKS2 in (proc)/luks_script
* 016f14257 disk/cryptodisk: Optimize luks_script_get()
* f7a663c00 term/serial: Ensure proper NULL termination after grub_strncpy()
* a19e47ca4 commands/efi/lsefisystab: Print the UEFI specification revision in human readable form
Signed-off-by: Leah Rowe <leah@libreboot.org>
Fix a few issues with the E6430 configs to make it consistent with
configs for other boards and function as intended.
- Add VBT to CBFS: Although the VBT was enabled at the board level
Kconfig in a previous commit (CONFIG_INTEL_GMA_HAVE_VBT), the config
to actually add the VBT to CBFS was still unset.
- Enable the static option table: The old config would always use the
fallback values hard coded in the coreboot tree, rather than the
settings in the cmos.default file
- Enable DRAM clear on boot: This was not set previously, even though
most other boards set this for security.
Signed-off-by: Nicholas Chin <nic.c3.14@gmail.com>
now the docs are complete, in releases. they
contain the libreboot site, libreboot images,
the untitled static site generator and untitled
static site generator documentation.
Signed-off-by: Leah Rowe <leah@libreboot.org>
this replaces the previous behaviour, which erred
on a specific value of grub_errno, which was a
problem if other types of errors used that value.
due to the way i patch out the prefix error messages,
this new patch ensures that only those errors are
silenced. all other messages will be printed.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it still printed "error: ." on screen, instead
of the prefix message.
now it's silent. it just says:
Welcome to GRUB!
Signed-off-by: Leah Rowe <leah@libreboot.org>
it can annoy some users, so just silence it. we don't need
a lot of modules so we only have a few, but some distro
grub configs can load modules frivilously.
Signed-off-by: Leah Rowe <leah@libreboot.org>
TSEG Stage Cache enabled again, because disabling it
did not affect S3 in any way.
Many configs have changed, and debug level is set to 7.
In testing with V-T60 on IRC, it wasn't just removal of
the DDR2 patch that I did, but I re-did the configs too,
in exactly the same way I've done them here, when testing
on an X200 to fix boot issues.
Libreboot does not use defconfigs, instead it uses full
configs, and these have to be updated. I normally just
run make-oldconfig on every config, for revision updates.
However, every now and then, we need to re-do them.
Play it safe and re-do every config. I've double- and
triple-checked that the configs are correct.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the ddr2 fix broke *ddr3* on gm45 thinkpads in
testing, depending on memory modules. this was
established by removing patches, re-doing
configs etc, on a user's X200 (testing gentoo
and freebsd). the X200 kept randomly rebooting
or having random glitches.
the configs themselves (gm45 thinkpads) will
also be re-done, because i found minor issues
unrelated, but this patch moves dell e6400 to
its own tree. the ddr2 fix is no longer present
in coreboot/default, only coreboot/dell.
i noticed minor differences in gm45 thinkpad
configs, when re-doing the configs, versus
what are currently in lbmk master; for instance,
vbt was not enabled anymore, on thinkpad x200.
modifications to these will be done separately.
Signed-off-by: Leah Rowe <leah@libreboot.org>
The original E6430 patch included the Intel VBT file, but did not
actually enable it in Kconfig. Update the patch to enable it and
update the E6430 configs.
with this, you can just do:
cd src/docs
./build
the html files would then be available for
publishing, if you wish, or you could set up
a local httpd to view them.
if you have pandoc installed, this will build the
markdown files into html
untitled static site generator is what generates
the html files, from the markdown files, on the
website. it will now also be included in releases.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it didn't work in the past, but it does work nowadays;
specifically, it only worked with libgfxinit in the past,
but not on VGA ROMs.
now it does work on VGA ROMs, tested on e6400 and t1650 so
it was enabled there.
in this setup, a special image is provided where SeaBIOS is
the main payload, but it only loads GRUB; nothing else, every.
this is called SeaGRUB. this setup is useful in cases where
the user only has a GPU that lacks libgfxinit support.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's preferable that the vram setting be as high as
feasible, for users. we overlooked this on some
newer platforms that were added, over several
releases. these levels won't offend most users,
and people who want less can always turn it down
Signed-off-by: Leah Rowe <leah@libreboot.org>
Faulty keyboards make GRUB unusable. Normally it happens
when a user plugs in a faulty USB keyboard, but if it's
the laptop keyboard, then GRUB becomes unusable and the
user cannot boot anything.
So, your laptop keyboard is a ticking timebomb if you use
GRUB; with this patch, that's no longer the case.
Signed-off-by: Leah Rowe <leah@libreboot.org>
My previous fix to revert didn't fix S3 on GM45, one
of the platforms reported fixed by 78263; I'm merging
that instead, at patch set 10.
It is referenced by 78815/1 which was split from it,
so merge that too (restores overrides of higher values,
on certain platforms that we don't use yet).
https://review.coreboot.org/c/coreboot/+/78623/10https://review.coreboot.org/c/coreboot/+/78815/1
Accordingly, update configs to match the new default.
Signed-off-by: Leah Rowe <leah@libreboot.org>
also, enable seabios_withgrub on e6400, but not grubfirst;
right now, we also support dgpu which would brick on
grubfirst. on my tested nvidia model, loading grub from
seabios worked, so i'm going to re-add seabios_grubfirst
functionality like in older libreboot revisions, enabled
selectively on a given target.
e6430 currently only has igpu support anyway, but i've done
the same thing there, in anticipation of future dgpu support.
e6400 and e6430 ec report scancode set 2 with translation
by default, but only actually output scancode set 1
grub is trying to use scancode set 2 without scancode
translation, so the key inputs get messed up
fix it by forcing scancode set 2 with translation, but
only on coreboot; other build targets on GRUB will
retain the same behaviour as before
courtesy goes to Nicholas Chin who inspired me, and
helped me to fix this. tested on Nicholas's E6400
and E6430, and my E6400; Riku also tested it on
non-Dell, as did I (some thinkpads), and all seems OK.
The new behaviour in coreboot GRUB is essentially no
different to that of SeaBIOS, which does the same.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the patch included in this revision is pulled from:
https://review.coreboot.org/c/coreboot/+/54024/2
contrary to hell's assertion of "not for merge", this does
in fact work nicely on a dell e6400; nicholas chin tested
on e6400 and found that those RCOMP values are the same
nicholas was testing some errant modules that seemed to
fail raminit in coreboot. in some cases, dell e6400 would
regularly fail coldboot even though reboot was ok; this was
therefore the cause of suspicioun for it being raminit-related
with this patch from hell (Angel Pons, but knows as hell
on IRC) it should fix boot issue on Dell Latitude E6400
Signed-off-by: Leah Rowe <leah@libreboot.org>
note: me6_update_parser needs to be written, similar
to me7_update_parser, to generate the partition
tables within intel me6 on lenovo bios updates.
the current logic in lbmk goes like this:
mkdir -p vendorfiles/cache/
and save your factory dump as:
vendorfiles/cache/x201_factory.rom
the build system has been modified, in such a way
as to support extracting me.bin (which is the full
one) and then neutering from this.
this is done automatically, if the file is present,
but you must first insert that file there, which means
you'll need a dump of the original boot flash on your
thinkpad x201
Signed-off-by: Leah Rowe <leah@libreboot.org>
the patch:
https://review.coreboot.org/c/coreboot/+/78270
this has been reverted, because it caused s3 resume
issues on most intel laptops in libreboot.
i was going to merge this instead:
https://review.coreboot.org/c/coreboot/+/78623
however, it's under review, and this doesn't change
to the old behaviour; it keeps the new universal
config, but changes the default
we know the old logic works, so keep that for now.
in fact, the offending patch was only merged to
main in coreboot, one day before i recently
updated coreboot revs in coreboot/default - i used
a 12 october revision, the patch above is 11 october
i then ran "./update trees -u coreboot" which updated
the heap sizes back to the old defaults. this should
fix s3 suspend/resume where it was broken, in the
libreboot 20231021 release - a point release with this
and a few other fixes is planned soon.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the logic for naming coreboot roms is based on whether
cpu_microcode_blob.bin would exist in cbfs, and whether
deletion was therefore successful.
lbmk was naming nomicrocode on fam15h roms on this basis,
but the microcode was being inserted as microcode_amd.bin
and microcode_amd_fam15h.bin
in the recent 20231021 release, the roms were exclusively
labeled _nomicrocode in the rom names, but they do in fact
contain microcode.
i'm fixing it by telling lbmk *not* to delete microcode.
if microcode_required is not set, or it's set to y, then
only roms *with* microcode updates are provided; even if
the rom doesn't actually contain it, lbmk will only label
it _nomicrocode if that setting is set to n.
i'm not bothering to add further complexity to the rom
handling logic, because canoeboot now exists anyway (at
website https://canoeboot.org/) which is my new version
re-implementing the older, inferior version of libreboot
so i'm going to:
1) document this as errata in the release
2) cross reference in the freedom status page
3) if someone still isn't happy, i'll say use canoeboot
job done.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Add a U-Boot build for the qemu_x86_12mb board. The config is a copy of
the upstream "coreboot" defconfig, but with OF_EMBED=y.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Add my upstream U-Boot series enabling video console support by default
for QEMU ARM virtual machines. Similarly, enable the related config
options for our builds using savedefconfig and olddefconfig.
The resulting ROM can be booted with a command line like:
qemu-system-aarch64 \
-machine virt,secure=on,virtualization=on \
-cpu cortex-a72 -m 1G \
-serial stdio -device VGA \
-device qemu-xhci \
-device usb-kbd -device usb-mouse \
-bios bin/qemu_arm64_12mb/*.rom
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
gru_bob fails to build without python-setuptools. this isn't a huge issue,
because most users probably have it already as many other python programs
depend on it too. that's probably why no one noticed until now,
when i tried to do this on a fresh artix install uncontaminated by python.
i also sorted and deduplicated the packages with 'sort -u'.
github's httpd b0rked the fuck out and i didn't want to wait
for them to fix it (ssl cert error) before i continued a build.
i now host the relevant acpica tarball on libreboot rsync,
mirrored to princeton.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's not used by anywhere else in lbmk, but the release build
script will automatically download each project named as per
file names in config/git/
this is a stupidly simply way to prove documentation in
libreboot releases, and i've used current revisions corresponding
to the Libreboot 20231021 release, for this 20231021 release
of lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's been a while since we did encrypted /boot
and the current name sucks.
it's unlikely that anyone still uses it, but
people will soon
change the default assumed lvm name to grubcrypt
and stick to that.
Signed-off-by: Leah Rowe <leah@libreboot.org>
notabug is unreliable, even as a backup.
why, just today, it was offline! all day.
i originally moved libreboot away from notabug,
to codeberg instead, but kept the notabug account
online, and i still push to it when it's online.
however, notabug seems to be in a terminal state
of neglect by its admins, so lbmk should not use it.
Signed-off-by: Leah Rowe <leah@libreboot.org>
flashrom-stable isn't really going anywhere
i'll decide at some future point what to do
with flashrom. for now, just give latest rev
Signed-off-by: Leah Rowe <leah@libreboot.org>
the grub backup was the same gnu server
i decided to host grub on codeberg, as backup
(gnu links as primary is ok)
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's ok for now to use it as a backup.
where only github was specified, i mirrored each
given repository to codeberg as main repo for lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's not actually needed in lbmk
flashrom can be downloaded separately by the user,
if they want to flash their chip
Signed-off-by: Leah Rowe <leah@libreboot.org>
don't put multiple downloads in the same files, except
when they are dependencies that go inside the directory
of another download.
by doing this, the following functionality will become
possible: clean every project or build every project,
or maybe fetch every project, based entirely on the
names of these files.
this will be used later to simplify the release script.
Signed-off-by: Leah Rowe <leah@libreboot.org>
as opposed to the current 3-level structure.
recent build system simplifications have enabled
this change, thus:
./build fw coreboot -> ./build roms
./build fw grub -> ./build grub
./build fw serprog -> ./build serprog
./update project release -> ./update release
./update project trees -> ./update trees
./update vendor download -> ./vendor download
./update vendor inject -> ./vendor inject
alper criticised that the commands were too long,
so i made them shorter!
Signed-off-by: Leah Rowe <leah@libreboot.org>
i previously added this just for kicks, but it's not
actually needed; gnat isn't used on fam15h boards so
lbmk doesn't even use it (it's disabled).
in fact, i tested lbmk with crossgcc_ada handling
taken out, but with said patch; i still got build
errors with gnat anyway, on that old coreboot
revision (but gnat isn't needed there anymore).
Signed-off-by: Leah Rowe <leah@libreboot.org>
We don't really need a custom coreboot tree for Chromebooks. I had added
one, because at a cursory glance to the available config/coreboot/board
subdirectories I had the impression that I should. But upstreams have
one tree for every board and I think we should move towards that too.
Move the one important BL31 makefile patch into the default coreboot
patches, update the gru boards' configs by running savedefconfig in the
cros tree and then running olddefconfig in the default tree.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
By default U-Boot stores EFI variables in a ubootefi.var file in
whatever EFI System Partition it finds, which would be a FAT filesystem.
I'm occasionally finding out while testing that my ESPs somehow end up
with a corrupted filesystem, and I'm suspecting it's this.
For now, disable storing EFI environment variables on disk so that
U-Boot doesn't try to manipulate the filesystem.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Enable U-Boot commands to manipulate EFI environment storage, to
self-test EFI implementation, and to run a basic EFI test application.
These are so that we can test and debug EFI functionality easier.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
U-Boot upstream is switching to a new code framework for discovering and
booting OSes ("Standard Boot", or "bootstd"). Enable more features for
it, including commands we can use for introspection and debugging.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Normally U-Boot immediately resets the board on a panic. I had run into
"Synchronous Abort"s from shim and rEFInd, and having a traceback in
those cases can be useful. Hang instead of resetting, so the panic
reason stays on the screen.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
We should be able to power the board off from U-Boot command line.
Enable the "poweroff" command for gru boards so we can.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
U-Boot can keep a "copy" framebuffer to read from, for devices where
reading from hardware framebuffer is expensive. This needs the video
driver to support it. The Rockchip video driver doesn't need or support
it, so this option does nothing on gru boards. Disable it.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
U-Boot upstream used to have 16KB for EFI variables, and this was
causing problems with shim. Commit f0236acbc6 ("u-boot: Increase EFI
variable buffer size") fixed this by raising it to 32KB in our builds.
It has now been raised to 64K upstream, so raise it here as well.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
For Rockchip boards U-Boot tries to build SPI and MMC images that
require an externally built BL31 file to be provided, and the build
fails otherwise. This is not really as configurable as it should be.
In Libreboot, we only care about the build outputs for U-Boot proper.
There is a BL31 built during our coreboot builds, but using that in
U-Boot builds is a chicken-and-egg problem. Building BL31 outside the
coreboot build and passing it to both projects is possible, but needs
work.
For now, stop trying to build these U-Boot-only images as a workaround,
by removing the binman image descriptions from the device-tree sources.
Additionally, disable in our configs the BINMAN_FDT functionality that
allows using these at runtime as it requires them to be present.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
U-Boot upstream has added a reference counting for regulator enable
actions which somehow makes gru-kevin unbootable. Add a workaround
that makes it work again.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Set default U-Boot revision to v2023.01 and rebase patches on top of
that. Another series about 16x32 fonts was merged upstream, so drop some
now-unnecessary patches we had for that. For the video damage tracking
series, switch to the version I'm trying to upstream.
Upstream kconfig status is a bit unstable, so updating configs with
`make oldconfig` would miss important upstream changes, since they rely
on carrying defaults via upstream defconfigs. Update the configs as
such:
- Turn old configs into defconfigs (./update project trees -s u-boot)
- Save the diff from old upstream defconfig (diffconfig $theirs $ours)
- Update U-Boot revision, rebase patches, and clean old trees
- Prepare new U-Boot tree (./update project trees -f u-boot)
- Review the diffconfigs to see if any options were renamed upstream
- Copy over the new upstream defconfigs and apply earlier diff
- Turn new defconfigs into configs (./update project trees -l u-boot)
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
The U-Boot build for qemu_arm64_12mb board refers to a code revision
whereas it uses the common "default" tree, remove the bad reference.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
The "u-boot.bin" file generated by U-Boot builds is a raw binary. When
adding payloads to a CBFS, we need to use ELF files with add-payload
or manually pass the entry point and load address of the payload binary
with add-flat-binary.
We primarily use the "u-boot.elf" which gets build with the REMAKE_ELF
option, as it also has the necessary device-tree binary that U-Boot
usually needs to work. When the option is not set (e.g. for QEMU), we
need to use the "u-boot" file which is an ELF.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Riku's mSATA patch for HP8300USDT was merged upstream, so the
patch has been dropped from lbmk because it is contained within
this new coreboot revision.
Signed-off-by: Leah Rowe <leah@libreboot.org>
coreboot closely matches upstream, whose current release
is version 1.2 from 2018, and coreboot has not changed it
in any meaningful way.
the upstream did add patches since, but they are documentation
patches only.
this means: we do not need to use the upstream version
Signed-off-by: Leah Rowe <leah@libreboot.org>
this is for the latest ubuntu release.
the ubuntu2004 config (for ubuntu 20.04) still exists,
and will remain in place.
Signed-off-by: Leah Rowe <leah@libreboot.org>
a user installed these dependencies in popos, but autopoint
was missing during the grub build.
add autopoint to the debian dependencies config.
Signed-off-by: Leah Rowe <leah@libreboot.org>
some users reported build errors. technically, there's
nothing wrong with lbmk but it relies on hostcc, and
hostcc is hit or miss when it comes to cross compiling
32-bit, depending on the build system of whatever project.
lbmk needs to handle cross compilation. for now, i'm just
disabling memtest86plus on non-64-bit hosts.
Signed-off-by: Leah Rowe <leah@libreboot.org>
most of the changes since last revision aren't very
useful to us; most of them pertain to fs/ntfs, but
there is one that is interesting:
48f569c78a496d3e11a4605b0999bc34fa5bc977
kern/acpi: Skip NULL entries in RSDT and XSDT
Signed-off-by: Leah Rowe <leah@libreboot.org>
in the future, we may start downloading files that aren't
blobs, such as mxm port configs (on mainboards that use
MXM graphics)
this directory will contain all of those files
generally change the language used, across lbmk, to make
use of "vendorfile" instead of "blob"
Signed-off-by: Leah Rowe <leah@libreboot.org>
We don't have a directory names "srces", just "src".
Ditto ecs, mrcs <-- it's just ec and mrc
When referring to a file, e.g. blob/t1650/me.bin, that
makes much more sense, because it's a single blob, not
multiple blobs.
Don't pluralise what isn't plural
Signed-off-by: Leah Rowe <leah@libreboot.org>
build/release/src was partly re-written to accomodate this
memtest86plus was patched to have a central Makefile, and
lbmk modified to use that, rather than mess with build32
and build64. the central Makefile just builds both targets
or cleans both targets
Signed-off-by: Leah Rowe <leah@libreboot.org>
The pager causes trouble in some cases, where the user has
to press enter at boot time depending on the configuration.
Interactive use is one thing, but we should leave this
disabled for smoother experience. If the user *wishes* to
use the shell, they can always just enable the pager
themselves by doing:
set pager=1
Signed-off-by: Leah Rowe <leah@libreboot.org>
mrc.bin is now handled by include/mrc.sh, adapted
from now-deleted script/update/blobs/mrc
much of the logic has been re-written or adapted for
inside script/update/blobs/download
mrc links/hashes now defined in config/blobs/sources
the new code is simpler (and smaller). in addition,
lbmk can now easily handle mrc.bin files for other
platforms such as broadwell. watch this space.
the full .zip download is now cached, like with other
vendor downloads. this means it won't be re-downloaded
if it was already downloaded before.
Signed-off-by: Leah Rowe <leah@libreboot.org>
With this change, it's still possible to have a single
file at config/git/revisions, but this has been scrapped.
Instead, multiple files now exist under config/git/ with
the same modules declared, but the files are separated
logically. List of files under config/git:
* bios_extract
* biosutilities
* coreboot
* flashrom
* grub (gnulib also defined here)
* me_cleaner
* memtest86plus
* seabios
* serprog (multiple projects defined)
* u-boot
* uefitool
The rationale behind this change is simple: in the future,
we will stop relying on build systems within imported
projects for the import of git submodules. Instead, we
will handle them directly in lbmk.
Additionally, a Linux payload is planned for Libreboot, made
easier by the recent audit (script handle/make/config makes
it easy to integrate Linux, and handle cross-compilers for
userland utilities); a "linux" file under config/git/ could
also define rules for each project besides linux, such as
musl libc, busybox and other utilities.
Signed-off-by: Leah Rowe <leah@libreboot.org>
It's now 44 revisions above 2.12-rc1, not 17 above.
The additional patches (in GRUB master) contain several
important fixes, including cryptodisk and ZFS fixes plus
a few other interesting changes, namely:
14c95e57fddb6c826bee7755232de62efc8eb45b:
kern/misc: Make grub_vsnprintf() C99/POSIX conformant
296d3ec835ed6e3b90d740e497bb534f14fe4b79:
disk/cryptodisk: Fix missing change when updating to use grub_uuidcasecmp()
42a831d7462ec3a114156d56ef8a03e1d47f19e7:
ZFS: support inode type embed into its ID
96446ce14e2d1fe9f5b36ec4ac45a2efd92a40d1:
ZFS: Fix invalid memcmp
444089eec6042250ce3a7184cb09bd8a2ab16808:
ZFS: Don't iterate over null objsets
7ce5b4911005b2a0bfd716d92466b6711844068c:
ZFS: Check bonustype in addition to dnode type
There are more patches than this, but these are the
ones that strike me as interesting for Libreboot.
Signed-off-by: Leah Rowe <leah@libreboot.org>
sha-1 has known collision issues, which may not be readily
exploitable yet (in our context), but we should ideally use
a more secure method for checking file integrity.
therefore, use sha-2 (sha512sum) for checking files. this is
slower than sha-1, but checksum verification is only a minor
part of what lbmk does, so the overall effect on build times
is quite negligible.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Tested on a Nucleo-F042K6.
That has an onboard stlink:
`st-flash --format ihex write bin/serprog_stm32/serprog_nucleo-f042k6.hex`
The usb port used for flashing is separate, its is exposed on
the pin header instead. Check boards/nucleo-f042k6.h for usb pinout.
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
target.cfg can now specify e.g.
grub_timeout=20
this would then be inserted as timeout.cfg in cbfs,
containing the instruction:
set timeout=20
HP laptops need a bit of extra time, due to the delay
caused by the EC bug workaround deployed in GRUB
desktops in general need extra time. this too is set to
10s, like the HP laptops.
only insert timeout.cfg if actually needed (declared in
target.cfg), otherwise grub.cfg will default to 5s
Signed-off-by: Leah Rowe <leah@libreboot.org>
for example, the beep sound in debian's installer needs
this module.
the cute ding in the arch/artix menu also needs it
Signed-off-by: Leah Rowe <leah@libreboot.org>
now under coreboot mainboards, target.cfg can specify
a background. if not specified, the 1280x800 one is
assumed, and used by default. it can be overridden.
the path should be relative to:
config/grub/background/
Signed-off-by: Leah Rowe <leah@libreboot.org>
this causes a saving of about 131KB uncompressed, when
i tested. we don't need mach kernel support. nobody will
ever use it.
Signed-off-by: Leah Rowe <leah@libreboot.org>
this causes a 6.7% decrease in the payload size
these file systems are microsoft(fat, ntfs) or mostly
oldschool amiga and beos file systems
also remove minix modules, and some old linux file
systems that nobody will use in 2023
Signed-off-by: Leah Rowe <leah@libreboot.org>
it doesn't really make sense for them to be under
blobs/ - nominally, they are blobs, but they are
well-understood data files containing config data,
that is easily parsed by tools like ich9show or
ifdtool (and tools like bincfg or nvmutil)
blobs/ has been re-purposed: this directory no longer
exists in lbmk, but it is created (and on .gitignore)
when needed, by blobutil
thus, the blobs/ directory shall only contain vendor
files, and only those files that libreboot scrubs from
releases. therefore, build/release/src can (and has
been) simplified; it currently copies just the ifd and
gbe files from blobs/, selectively, and this logic is
quite error prone, requiring maintenance. now, the
build/release/src script simply copies config/ (which
only ever contains distributable files) and entirely
ignores the blobs/ directory
the blob download script already creates the required
directory, except for the sch5545 download; this is
now fixed
lbmk code size is slightly smaller, due to this patch
Signed-off-by: Leah Rowe <leah@libreboot.org>