From 63d78dbe8c93b7235366a52cf17b317932ec1320 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 4 Nov 2020 12:18:54 -0500 Subject: [PATCH] WIP: x230-external-flash coreboot 4.8.1, master musl-cross-make. --- .../x230-external-flash.config | 4 +- .../x230-hotp-verification.config | 2 +- config/coreboot-x230-external-flash.config | 20 +-- config/linux-x230.config | 150 +++++++++--------- modules/coreboot | 2 +- modules/musl-cross | 6 +- 6 files changed, 86 insertions(+), 98 deletions(-) diff --git a/boards/x230-external-flash/x230-external-flash.config b/boards/x230-external-flash/x230-external-flash.config index bd9a6155e..dba39c136 100644 --- a/boards/x230-external-flash/x230-external-flash.config +++ b/boards/x230-external-flash/x230-external-flash.config @@ -1,8 +1,8 @@ # Configuration for a x230 running Qubes and other OSes #Includes deactivated+neutered ME and expended consequent IFD export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.12 -export CONFIG_LINUX_VERSION=5.4.69 +export CONFIG_COREBOOT_VERSION=4.8.1 +export CONFIG_LINUX_VERSION=4.14.62 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-external-flash.config CONFIG_LINUX_CONFIG=config/linux-x230.config diff --git a/boards/x230-hotp-verification/x230-hotp-verification.config b/boards/x230-hotp-verification/x230-hotp-verification.config index c14c78384..a0aa199e5 100644 --- a/boards/x230-hotp-verification/x230-hotp-verification.config +++ b/boards/x230-hotp-verification/x230-hotp-verification.config @@ -47,7 +47,7 @@ export CONFIG_BOOT_REQ_ROLLBACK=n export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off" export CONFIG_BOOT_KERNEL_REMOVE="quiet" export CONFIG_BOOT_DEV="/dev/sda1" -export CONFIG_BOARD_NAME="Thinkpad X230" +export CONFIG_BOOT_GUI_MENU_NAME="Thinkpad X230-HOTP-dongle Heads Boot Menu" export CONFIG_FLASHROM_OPTIONS="--force --noverify-all -p internal --ifd --image bios" # This board has two SPI flash chips, an 8 MB that holds the IFD, diff --git a/config/coreboot-x230-external-flash.config b/config/coreboot-x230-external-flash.config index c231b6001..c140f2d61 100644 --- a/config/coreboot-x230-external-flash.config +++ b/config/coreboot-x230-external-flash.config @@ -1,26 +1,20 @@ CONFIG_ANY_TOOLCHAIN=y -CONFIG_NO_STAGE_CACHE=y +CONFIG_MEASURED_BOOT=y CONFIG_VENDOR_LENOVO=y -CONFIG_NO_POST=y -CONFIG_ONBOARD_VGA_IS_PRIMARY=y CONFIG_CBFS_SIZE=0xB80000 -# CONFIG_DRIVERS_INTEL_WIFI is not set +CONFIG_HAVE_IFD_BIN=y +CONFIG_HAVE_ME_BIN=y +CONFIG_HAVE_GBE_BIN=y CONFIG_IFD_BIN_PATH="../../blobs/xx30/ifd.bin" CONFIG_ME_BIN_PATH="../../blobs/xx30/me.bin" CONFIG_GBE_BIN_PATH="../../blobs/xx30/gbe.bin" -CONFIG_HAVE_IFD_BIN=y CONFIG_BOARD_LENOVO_X230=y -CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" +CONFIG_NO_POST=y CONFIG_UART_PCI_ADDR=0 -CONFIG_VALIDATE_INTEL_DESCRIPTOR=y -CONFIG_HAVE_ME_BIN=y -CONFIG_HAVE_GBE_BIN=y -CONFIG_GENERIC_LINEAR_FRAMEBUFFER=y -# CONFIG_INTEL_GMA_ADD_VBT is not set -CONFIG_DRIVERS_PS2_KEYBOARD=y -CONFIG_TPM_MEASURED_BOOT=y +CONFIG_NO_GFX_INIT=y CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000 CONFIG_DEFAULT_CONSOLE_LOGLEVEL_5=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="../../build/x230-external-flash/bzImage" +CONFIG_LINUX_COMMAND_LINE="intel_iommu=igfx_off quiet" CONFIG_LINUX_INITRD="../../build/x230-external-flash/initrd.cpio.xz" diff --git a/config/linux-x230.config b/config/linux-x230.config index a7d516285..dd5af0c15 100644 --- a/config/linux-x230.config +++ b/config/linux-x230.config @@ -3,8 +3,8 @@ CONFIG_LOCALVERSION="-heads" CONFIG_KERNEL_XZ=y # CONFIG_SWAP is not set # CONFIG_CROSS_MEMORY_ATTACH is not set +# CONFIG_FHANDLE is not set CONFIG_NO_HZ_IDLE=y -CONFIG_PREEMPT_VOLUNTARY=y CONFIG_LOG_BUF_SHIFT=18 CONFIG_BLK_DEV_INITRD=y CONFIG_INITRAMFS_SOURCE="../../../blobs/dev.cpio" @@ -16,35 +16,38 @@ CONFIG_INITRAMFS_SOURCE="../../../blobs/dev.cpio" CONFIG_CC_OPTIMIZE_FOR_SIZE=y # CONFIG_SGETMASK_SYSCALL is not set # CONFIG_SYSFS_SYSCALL is not set -# CONFIG_FHANDLE is not set # CONFIG_BASE_FULL is not set # CONFIG_SIGNALFD is not set # CONFIG_TIMERFD is not set # CONFIG_EVENTFD is not set # CONFIG_AIO is not set # CONFIG_ADVISE_SYSCALLS is not set -# CONFIG_KALLSYMS is not set +# CONFIG_MEMBARRIER is not set CONFIG_EMBEDDED=y # CONFIG_VM_EVENT_COUNTERS is not set # CONFIG_SLUB_DEBUG is not set # CONFIG_COMPAT_BRK is not set +CONFIG_JUMP_LABEL=y +CONFIG_CC_STACKPROTECTOR_STRONG=y +CONFIG_MODULES=y +# CONFIG_IOSCHED_DEADLINE is not set +# CONFIG_IOSCHED_CFQ is not set CONFIG_SMP=y -# CONFIG_RETPOLINE is not set # CONFIG_X86_EXTENDED_PLATFORM is not set CONFIG_PROCESSOR_SELECT=y -# CONFIG_CPU_SUP_AMD is not set -# CONFIG_CPU_SUP_HYGON is not set # CONFIG_CPU_SUP_CENTAUR is not set -# CONFIG_CPU_SUP_ZHAOXIN is not set +CONFIG_PREEMPT_VOLUNTARY=y CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y -# CONFIG_PERF_EVENTS_INTEL_UNCORE is not set +# CONFIG_X86_MCE_AMD is not set # CONFIG_PERF_EVENTS_INTEL_RAPL is not set -# CONFIG_PERF_EVENTS_INTEL_CSTATE is not set # CONFIG_MICROCODE is not set +# CONFIG_SPARSEMEM_VMEMMAP is not set +# CONFIG_COMPACTION is not set +# CONFIG_BOUNCE is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=65536 CONFIG_X86_PMEM_LEGACY=y # CONFIG_MTRR is not set # CONFIG_X86_SMAP is not set -# CONFIG_X86_INTEL_UMIP is not set # CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS is not set # CONFIG_SECCOMP is not set CONFIG_KEXEC=y @@ -53,37 +56,28 @@ CONFIG_KEXEC_FILE=y CONFIG_PHYSICAL_ALIGN=0x1000000 # CONFIG_MODIFY_LDT_SYSCALL is not set # CONFIG_SUSPEND is not set -# CONFIG_ISA_DMA_API is not set -# CONFIG_FIRMWARE_MEMMAP is not set -# CONFIG_DMIID is not set -# CONFIG_VIRTUALIZATION is not set -CONFIG_JUMP_LABEL=y -CONFIG_MODULES=y -CONFIG_MODULE_COMPRESS=y -CONFIG_MODULE_COMPRESS_XZ=y -# CONFIG_UNUSED_SYMBOLS is not set -CONFIG_TRIM_UNUSED_KSYMS=y -# CONFIG_MQ_IOSCHED_KYBER is not set +CONFIG_ACPI_VIDEO=y +CONFIG_PCI_MSI=y +# CONFIG_HT_IRQ is not set +CONFIG_PCI_IOV=y +CONFIG_PCI_PRI=y # CONFIG_COREDUMP is not set -# CONFIG_SPARSEMEM_VMEMMAP is not set -# CONFIG_COMPACTION is not set -# CONFIG_BOUNCE is not set -CONFIG_DEFAULT_MMAP_MIN_ADDR=65536 CONFIG_NET=y CONFIG_PACKET=y CONFIG_UNIX=y CONFIG_INET=y CONFIG_SYN_COOKIES=y +# CONFIG_INET_XFRM_MODE_TRANSPORT is not set +# CONFIG_INET_XFRM_MODE_TUNNEL is not set +# CONFIG_INET_XFRM_MODE_BEET is not set # CONFIG_INET_DIAG is not set # CONFIG_IPV6 is not set # CONFIG_WIRELESS is not set -CONFIG_PCI=y -CONFIG_PCI_MSI=y -CONFIG_PCI_IOV=y -CONFIG_PCI_PRI=y +# CONFIG_UEVENT_HELPER is not set CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y # CONFIG_STANDALONE is not set +# CONFIG_FIRMWARE_IN_KERNEL is not set # CONFIG_ALLOW_DEV_COREDUMP is not set CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_RAM=y @@ -98,74 +92,64 @@ CONFIG_CHR_DEV_SG=y CONFIG_SCSI_SCAN_ASYNC=y CONFIG_ISCSI_TCP=y CONFIG_ATA=y +CONFIG_SATA_AHCI=y # CONFIG_ATA_SFF is not set CONFIG_MD=y CONFIG_BLK_DEV_DM=y CONFIG_DM_CRYPT=y +CONFIG_DM_VERITY=y +CONFIG_DM_VERITY_FEC=y CONFIG_NETDEVICES=y # CONFIG_NET_VENDOR_3COM is not set # CONFIG_NET_VENDOR_ADAPTEC is not set # CONFIG_NET_VENDOR_AGERE is not set -# CONFIG_NET_VENDOR_ALACRITECH is not set # CONFIG_NET_VENDOR_ALTEON is not set # CONFIG_NET_VENDOR_AMAZON is not set # CONFIG_NET_VENDOR_AMD is not set -# CONFIG_NET_VENDOR_AQUANTIA is not set # CONFIG_NET_VENDOR_ARC is not set # CONFIG_NET_VENDOR_ATHEROS is not set -# CONFIG_NET_VENDOR_AURORA is not set +# CONFIG_NET_CADENCE is not set # CONFIG_NET_VENDOR_BROADCOM is not set # CONFIG_NET_VENDOR_BROCADE is not set -# CONFIG_NET_VENDOR_CADENCE is not set # CONFIG_NET_VENDOR_CAVIUM is not set # CONFIG_NET_VENDOR_CHELSIO is not set # CONFIG_NET_VENDOR_CISCO is not set -# CONFIG_NET_VENDOR_CORTINA is not set # CONFIG_NET_VENDOR_DEC is not set # CONFIG_NET_VENDOR_DLINK is not set # CONFIG_NET_VENDOR_EMULEX is not set # CONFIG_NET_VENDOR_EZCHIP is not set -# CONFIG_NET_VENDOR_GOOGLE is not set +# CONFIG_NET_VENDOR_EXAR is not set # CONFIG_NET_VENDOR_HP is not set -# CONFIG_NET_VENDOR_HUAWEI is not set -# CONFIG_NET_VENDOR_I825XX is not set CONFIG_E1000=m CONFIG_E1000E=m +# CONFIG_NET_VENDOR_I825XX is not set # CONFIG_NET_VENDOR_MARVELL is not set # CONFIG_NET_VENDOR_MELLANOX is not set # CONFIG_NET_VENDOR_MICREL is not set -# CONFIG_NET_VENDOR_MICROCHIP is not set -# CONFIG_NET_VENDOR_MICROSEMI is not set # CONFIG_NET_VENDOR_MYRI is not set # CONFIG_NET_VENDOR_NATSEMI is not set -# CONFIG_NET_VENDOR_NETERION is not set # CONFIG_NET_VENDOR_NETRONOME is not set -# CONFIG_NET_VENDOR_NI is not set # CONFIG_NET_VENDOR_NVIDIA is not set # CONFIG_NET_VENDOR_OKI is not set -# CONFIG_NET_VENDOR_PACKET_ENGINES is not set -# CONFIG_NET_VENDOR_PENSANDO is not set +# CONFIG_NET_PACKET_ENGINE is not set # CONFIG_NET_VENDOR_QLOGIC is not set # CONFIG_NET_VENDOR_QUALCOMM is not set -# CONFIG_NET_VENDOR_RDC is not set # CONFIG_NET_VENDOR_REALTEK is not set # CONFIG_NET_VENDOR_RENESAS is not set +# CONFIG_NET_VENDOR_RDC is not set # CONFIG_NET_VENDOR_ROCKER is not set # CONFIG_NET_VENDOR_SAMSUNG is not set # CONFIG_NET_VENDOR_SEEQ is not set -# CONFIG_NET_VENDOR_SOLARFLARE is not set # CONFIG_NET_VENDOR_SILAN is not set # CONFIG_NET_VENDOR_SIS is not set # CONFIG_NET_VENDOR_SMSC is not set -# CONFIG_NET_VENDOR_SOCIONEXT is not set # CONFIG_NET_VENDOR_STMICRO is not set # CONFIG_NET_VENDOR_SUN is not set -# CONFIG_NET_VENDOR_SYNOPSYS is not set # CONFIG_NET_VENDOR_TEHUTI is not set # CONFIG_NET_VENDOR_TI is not set # CONFIG_NET_VENDOR_VIA is not set # CONFIG_NET_VENDOR_WIZNET is not set -# CONFIG_NET_VENDOR_XILINX is not set +# CONFIG_NET_VENDOR_SYNOPSYS is not set # CONFIG_USB_NET_DRIVERS is not set # CONFIG_WLAN is not set # CONFIG_INPUT_MOUSE is not set @@ -181,8 +165,10 @@ CONFIG_SERIAL_8250=y CONFIG_TTY_PRINTK=y CONFIG_HW_RANDOM=y CONFIG_HW_RANDOM_TIMERIOMEM=m -# CONFIG_HW_RANDOM_AMD is not set -# CONFIG_HW_RANDOM_VIA is not set +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_HW_RANDOM_TPM=m CONFIG_TCG_TPM=y CONFIG_TCG_TIS=y # CONFIG_I2C_COMPAT is not set @@ -198,6 +184,9 @@ CONFIG_MFD_SYSCON=y CONFIG_DRM=y CONFIG_DRM_I915=y CONFIG_FB_VESA=y +CONFIG_BACKLIGHT_LCD_SUPPORT=y +# CONFIG_LCD_CLASS_DEVICE is not set +CONFIG_BACKLIGHT_CLASS_DEVICE=y # CONFIG_BACKLIGHT_GENERIC is not set CONFIG_FRAMEBUFFER_CONSOLE=y CONFIG_USB=y @@ -207,14 +196,20 @@ CONFIG_USB_EHCI_HCD=m CONFIG_USB_EHCI_HCD_PLATFORM=m CONFIG_USB_STORAGE=m CONFIG_RTC_CLASS=y -# CONFIG_VIRTIO_MENU is not set # CONFIG_X86_PLATFORM_DEVICES is not set CONFIG_INTEL_IOMMU=y +CONFIG_INTEL_IOMMU_SVM=y CONFIG_GENERIC_PHY=y # CONFIG_BLK_DEV_PMEM is not set # CONFIG_ND_BLK is not set # CONFIG_BTT is not set +# CONFIG_FIRMWARE_MEMMAP is not set +# CONFIG_DMIID is not set +CONFIG_GOOGLE_FIRMWARE=y +CONFIG_GOOGLE_MEMCONSOLE_X86_LEGACY=y +# CONFIG_EXT2_FS is not set CONFIG_EXT4_FS=y +CONFIG_EXT4_USE_FOR_EXT2=y # CONFIG_DNOTIFY is not set # CONFIG_INOTIFY_USER is not set CONFIG_ISO9660_FS=y @@ -223,14 +218,37 @@ CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y # CONFIG_PROC_SYSCTL is not set # CONFIG_PROC_PAGE_MONITOR is not set +CONFIG_TMPFS=y # CONFIG_MISC_FILESYSTEMS is not set CONFIG_NLS_DEFAULT="utf8" CONFIG_NLS_CODEPAGE_437=y CONFIG_NLS_ISO8859_1=y CONFIG_NLS_UTF8=y +CONFIG_PRINTK_TIME=y +CONFIG_BOOT_PRINTK_DELAY=y +# CONFIG_ENABLE_WARN_DEPRECATED is not set +# CONFIG_ENABLE_MUST_CHECK is not set +CONFIG_FRAME_WARN=1024 +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_MAGIC_SYSRQ=y +CONFIG_HARDLOCKUP_DETECTOR=y +CONFIG_WQ_WATCHDOG=y +# CONFIG_SCHED_DEBUG is not set +CONFIG_STACKTRACE=y +# CONFIG_DEBUG_BUGVERBOSE is not set +# CONFIG_RCU_TRACE is not set +# CONFIG_FTRACE is not set +# CONFIG_STRICT_DEVMEM is not set +# CONFIG_X86_VERBOSE_BOOTUP is not set +# CONFIG_DOUBLEFAULT is not set +CONFIG_IO_DELAY_0XED=y +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_X86_DEBUG_FPU is not set CONFIG_HARDENED_USERCOPY=y -CONFIG_CRYPTO_USER=y CONFIG_CRYPTO_RSA=m +CONFIG_CRYPTO_USER=y +CONFIG_CRYPTO_MCRYPTD=m +CONFIG_CRYPTO_AUTHENC=m CONFIG_CRYPTO_CCM=m CONFIG_CRYPTO_GCM=m CONFIG_CRYPTO_CHACHA20POLY1305=m @@ -292,35 +310,13 @@ CONFIG_CRYPTO_USER_API_SKCIPHER=y CONFIG_CRYPTO_USER_API_RNG=y CONFIG_CRYPTO_USER_API_AEAD=y # CONFIG_CRYPTO_HW is not set -CONFIG_CORDIC=m +# CONFIG_VIRTUALIZATION is not set CONFIG_CRC_CCITT=m CONFIG_CRC_T10DIF=y CONFIG_CRC_ITU_T=m CONFIG_CRC7=m CONFIG_LIBCRC32C=m CONFIG_CRC8=m -# CONFIG_XZ_DEC_POWERPC is not set -# CONFIG_XZ_DEC_ARM is not set -# CONFIG_XZ_DEC_ARMTHUMB is not set -# CONFIG_XZ_DEC_SPARC is not set +CONFIG_XZ_DEC_TEST=m +CONFIG_CORDIC=m CONFIG_IRQ_POLL=y -CONFIG_PRINTK_TIME=y -CONFIG_BOOT_PRINTK_DELAY=y -# CONFIG_ENABLE_MUST_CHECK is not set -CONFIG_FRAME_WARN=1024 -CONFIG_STRIP_ASM_SYMS=y -CONFIG_MAGIC_SYSRQ=y -# CONFIG_DEBUG_MISC is not set -CONFIG_HARDLOCKUP_DETECTOR=y -CONFIG_WQ_WATCHDOG=y -# CONFIG_SCHED_DEBUG is not set -# CONFIG_DEBUG_BUGVERBOSE is not set -# CONFIG_RCU_TRACE is not set -# CONFIG_FTRACE is not set -# CONFIG_RUNTIME_TESTING_MENU is not set -# CONFIG_STRICT_DEVMEM is not set -# CONFIG_X86_VERBOSE_BOOTUP is not set -# CONFIG_EARLY_PRINTK is not set -# CONFIG_DOUBLEFAULT is not set -CONFIG_IO_DELAY_0XED=y -# CONFIG_X86_DEBUG_FPU is not set diff --git a/modules/coreboot b/modules/coreboot index fee0112ee..a4664e94e 100644 --- a/modules/coreboot +++ b/modules/coreboot @@ -32,7 +32,7 @@ CONFIG_COREBOOT_CONFIG ?= config/coreboot-$(BOARD).config # Ensure that touching the config file will force a rebuild $(build)/$(coreboot_dir)/.configured: $(CONFIG_COREBOOT_CONFIG) -EXTRA_FLAGS := -fdebug-prefix-map=$(pwd)=heads -gno-record-gcc-switches -Wno-error=packed-not-aligned -Wno-address-of-packed-member -Wno-error=address-of-packed-member +EXTRA_FLAGS := -fdebug-prefix-map=$(pwd)=heads -gno-record-gcc-switches -Wno-error=packed-not-aligned coreboot_configure := \ mkdir -p "$(build)/$(coreboot_dir)" \ diff --git a/modules/musl-cross b/modules/musl-cross index 766e714e3..f9cf79db0 100644 --- a/modules/musl-cross +++ b/modules/musl-cross @@ -4,11 +4,11 @@ ifeq "$(MUSL_CROSS_ONCE)" "" MUSL_CROSS_ONCE := 1 modules-$(CONFIG_MUSL) += musl-cross -musl-cross_version := b12ded507831d0cac2dabd869aef14f3822a8770 +musl-cross_version := 38e52db8358c043ae82b346a2e6e66bc86a53bc1 musl-cross_dir := musl-cross-$(musl-cross_version) musl-cross_url := https://github.com/richfelker/musl-cross-make/archive/$(musl-cross_version).tar.gz musl-cross_tar := musl-cross-$(musl-cross_version).tar.gz -musl-cross_hash := 21fc8d4d5ac241e57c73dfb1e4cdd8b6dcfb32db1276aa71e89be498a39e1980 +musl-cross_hash := b4b85d6d3ddab0f2b8650a53e775673f8c346fa2fb07d652a9880bd206ade100 ifneq "$(CROSS)" "" @@ -35,8 +35,6 @@ else # have to build both x86_64 and i386 versions for coreboot musl-cross_configure := \ - /bin/echo -e >> config.mak 'GCC_CONFIG += --enable-languages=c,c++,lto,ada' ; \ - /bin/echo -e >> config.mak 'COMMON_CONFIG += --enable-gold --enable-lto --enable-plugins' ; \ /bin/echo -e >> Makefile 'both:' ; \ /bin/echo -e >> Makefile '\t$$$$(MAKE) TARGET=x86_64-linux-musl install' ; \ /bin/echo -e >> Makefile '\t$$$$(MAKE) TARGET=i386-linux-musl install' ; \