-
-
Notifications
You must be signed in to change notification settings - Fork 187
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
x230-hotp-verification: Add x230-hotp-verification board to have a HO…
…TP supported remote attestation for Nitrokey Pro 2, Nitrokey Storage 2 and Librem Key
- Loading branch information
Showing
3 changed files
with
78 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
48 changes: 48 additions & 0 deletions
48
boards/x230-hotp-verification/x230-hotp-verification.config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| # Configuration for a x230-hotp-verification (Nitrokey/Purism USB Security dongle enabled HOTP support) | ||
| # running Qubes and other OSes | ||
| export CONFIG_COREBOOT=y | ||
| CONFIG_COREBOOT_CONFIG=config/coreboot-x230-hotp-verification.config | ||
| CONFIG_LINUX_CONFIG=config/linux-x230.config | ||
|
|
||
| CONFIG_CRYPTSETUP=y | ||
| CONFIG_FLASHROM=y | ||
| CONFIG_FLASHTOOLS=y | ||
| CONFIG_GPG2=y | ||
| CONFIG_KEXEC=y | ||
| CONFIG_UTIL_LINUX=y | ||
| CONFIG_LVM2=y | ||
| CONFIG_MBEDTLS=y | ||
| CONFIG_PCIUTILS=y | ||
| CONFIG_POPT=y | ||
| CONFIG_QRENCODE=y | ||
| CONFIG_TPMTOTP=y | ||
| CONFIG_DROPBEAR=y | ||
|
|
||
| #CONFIG_SLANG=y | ||
| #CONFIG_NEWT=y | ||
| CONFIG_CAIRO=y | ||
| CONFIG_FBWHIPTAIL=y | ||
| CONFIG_LIBREMKEY=y | ||
|
|
||
| CONFIG_LINUX_USB=y | ||
| CONFIG_LINUX_E1000E=y | ||
|
|
||
| export CONFIG_TPM=y | ||
| export CONFIG_BOOTSCRIPT=/bin/gui-init | ||
| export CONFIG_BOOT_REQ_HASH=n | ||
| export CONFIG_BOOT_REQ_ROLLBACK=n | ||
| export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off" | ||
| export CONFIG_BOOT_KERNEL_REMOVE="quiet" | ||
| export CONFIG_BOOT_DEV="/dev/sda1" | ||
| export CONFIG_BOOT_GUI_MENU_NAME="Thinkpad X230 Heads Boot Menu" | ||
| export CONFIG_WARNING_BG_COLOR="--background-gradient 0 0 0 150 125 0" | ||
| export CONFIG_ERROR_BG_COLOR="--background-gradient 0 0 0 150 0 0" | ||
| export CONFIG_FLASHROM_OPTIONS="--force --noverify-all -p internal --ifd --image bios" | ||
|
|
||
| # This board has two SPI flash chips, an 8 MB that holds the IFD, | ||
| # the ME image and part of the coreboot image, and a 4 MB one that | ||
| # has the rest of the coreboot and the reset vector. | ||
| # | ||
| # Only flashing to the bios region is safe to do. The easiest is to | ||
| # flash internally when the IFD is unlocked for writing, and x230-flash | ||
| # is installed first. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| CONFIG_LOCALVERSION="heads" | ||
| CONFIG_ANY_TOOLCHAIN=y | ||
| CONFIG_MEASURED_BOOT=y | ||
| CONFIG_VENDOR_LENOVO=y | ||
| CONFIG_CBFS_SIZE=0x800000 | ||
| CONFIG_BOARD_LENOVO_X230=y | ||
| CONFIG_NO_POST=y | ||
| CONFIG_UART_PCI_ADDR=0 | ||
| CONFIG_NO_GFX_INIT=y | ||
| CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 | ||
| CONFIG_DEFAULT_CONSOLE_LOGLEVEL_5=y | ||
| CONFIG_PAYLOAD_LINUX=y | ||
| CONFIG_PAYLOAD_FILE="../../build/x230-hotp-verification/bzImage" | ||
| CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" | ||
| CONFIG_LINUX_INITRD="../../build/x230-hotp-verification/initrd.cpio.xz" |