Talos-2: bring changes to a working state outside of usage of GPG key…

… material backup as of now TODO: dirmngr is called even if disabled on ppc64 when detach signing (but not built and deactivated per configure script) Will seek help for that, but that would probably mean a gnupg tollstack version bump - Closes linuxboot#1452 - coreboot: Take Talos II 0.7 release coreboot config file that was inside of cbfs and use it as a base upstream. - linux: Readd sysctl and proc requirements for cbmem to work. - Adds extFAT requirements that were missing Signed-off-by: Thierry Laurion <[email protected]>
tlaurion · Nov 16, 2023 · eff2992 · eff2992
1 parent fbdd752
commit eff2992
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 5 deletions.
diff --git a/config/coreboot-talos-2.config b/config/coreboot-talos-2.config
@@ -1,4 +1,9 @@
 CONFIG_VENDOR_RAPTOR_CS=y
+CONFIG_MAX_CPUS=2
+CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x20000
+CONFIG_DRIVER_TPM_I2C_ADDR=0x20
 CONFIG_TALOS_2_INFINEON_TPM_1=y
+CONFIG_UART_PCI_ADDR=0x0
+CONFIG_I2C_TRANSFER_TIMEOUT_US=500000
 CONFIG_TPM_LOG_TPM2=y
 CONFIG_PAYLOAD_SKIBOOT=y
diff --git a/config/linux-talos-2.config b/config/linux-talos-2.config
@@ -32,7 +32,9 @@ CONFIG_KERNEL_GZIP=y
 CONFIG_DEFAULT_HOSTNAME="(none)"
 # CONFIG_SWAP is not set
 CONFIG_SYSVIPC=y
+CONFIG_SYSVIPC_SYSCTL=y
 CONFIG_POSIX_MQUEUE=y
+CONFIG_POSIX_MQUEUE_SYSCTL=y
 # CONFIG_CROSS_MEMORY_ATTACH is not set
 # CONFIG_USELIB is not set
 # CONFIG_AUDIT is not set
@@ -139,6 +141,7 @@ CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
 # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
 CONFIG_HAVE_LD_DEAD_CODE_DATA_ELIMINATION=y
 # CONFIG_LD_DEAD_CODE_DATA_ELIMINATION is not set
+CONFIG_SYSCTL=y
 CONFIG_SYSCTL_EXCEPTION_TRACE=y
 CONFIG_BPF=y
 CONFIG_EXPERT=y
@@ -416,7 +419,12 @@ CONFIG_HAVE_LIVEPATCH=y
 # Firmware Drivers
 #
 # CONFIG_FIRMWARE_MEMMAP is not set
-# CONFIG_GOOGLE_FIRMWARE is not set
+CONFIG_GOOGLE_FIRMWARE=y
+CONFIG_GOOGLE_COREBOOT_TABLE=y
+CONFIG_GOOGLE_COREBOOT_CBMEM=y
+CONFIG_GOOGLE_MEMCONSOLE=y
+CONFIG_GOOGLE_MEMCONSOLE_COREBOOT=y
+# CONFIG_GOOGLE_VPD is not set
 CONFIG_EFI_EARLYCON=y
 
 #
@@ -1233,7 +1241,36 @@ CONFIG_ATA_BMDMA=y
 CONFIG_MD=y
 # CONFIG_BLK_DEV_MD is not set
 # CONFIG_BCACHE is not set
-# CONFIG_BLK_DEV_DM is not set
+CONFIG_BLK_DEV_DM_BUILTIN=y
+CONFIG_BLK_DEV_DM=y
+# CONFIG_DM_DEBUG is not set
+CONFIG_DM_BUFIO=y
+# CONFIG_DM_DEBUG_BLOCK_MANAGER_LOCKING is not set
+CONFIG_DM_BIO_PRISON=y
+CONFIG_DM_PERSISTENT_DATA=y
+# CONFIG_DM_UNSTRIPED is not set
+CONFIG_DM_CRYPT=y
+CONFIG_DM_SNAPSHOT=y
+CONFIG_DM_THIN_PROVISIONING=y
+# CONFIG_DM_CACHE is not set
+# CONFIG_DM_WRITECACHE is not set
+# CONFIG_DM_ERA is not set
+# CONFIG_DM_CLONE is not set
+# CONFIG_DM_MIRROR is not set
+# CONFIG_DM_RAID is not set
+# CONFIG_DM_ZERO is not set
+# CONFIG_DM_MULTIPATH is not set
+# CONFIG_DM_DELAY is not set
+# CONFIG_DM_DUST is not set
+# CONFIG_DM_INIT is not set
+# CONFIG_DM_UEVENT is not set
+# CONFIG_DM_FLAKEY is not set
+CONFIG_DM_VERITY=y
+# CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG is not set
+CONFIG_DM_VERITY_FEC=y
+# CONFIG_DM_SWITCH is not set
+# CONFIG_DM_LOG_WRITES is not set
+# CONFIG_DM_INTEGRITY is not set
 # CONFIG_TARGET_CORE is not set
 # CONFIG_FUSION is not set
 
@@ -1492,7 +1529,7 @@ CONFIG_NVRAM=y
 # CONFIG_RAW_DRIVER is not set
 # CONFIG_HANGCHECK_TIMER is not set
 CONFIG_TCG_TPM=y
-CONFIG_HW_RANDOM_TPM=n
+CONFIG_HW_RANDOM_TPM=y
 # CONFIG_TCG_TIS is not set
 # CONFIG_TCG_TIS_I2C_ATMEL is not set
 CONFIG_TCG_TIS_I2C_INFINEON=y
@@ -2713,7 +2750,7 @@ CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1"
 #
 CONFIG_PROC_FS=y
 CONFIG_PROC_KCORE=y
-# CONFIG_PROC_SYSCTL is not set
+CONFIG_PROC_SYSCTL=y
 CONFIG_PROC_PAGE_MONITOR=y
 # CONFIG_PROC_CHILDREN is not set
 CONFIG_KERNFS=y
@@ -2783,6 +2820,7 @@ CONFIG_NFS_V4=y
 CONFIG_NFS_V4_1=y
 CONFIG_NFS_V4_2=y
 CONFIG_PNFS_FILE_LAYOUT=y
+CONFIG_PNFS_BLOCK=y
 CONFIG_PNFS_FLEXFILE_LAYOUT=m
 CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org"
 CONFIG_NFS_V4_1_MIGRATION=y
@@ -2797,6 +2835,7 @@ CONFIG_NFS_COMMON=y
 CONFIG_SUNRPC=y
 CONFIG_SUNRPC_GSS=y
 CONFIG_SUNRPC_BACKCHANNEL=y
+# CONFIG_SUNRPC_DEBUG is not set
 # CONFIG_CEPH_FS is not set
 # CONFIG_CIFS is not set
 # CONFIG_CODA_FS is not set
@@ -3139,6 +3178,8 @@ CONFIG_XZ_DEC_BCJ=y
 # CONFIG_XZ_DEC_TEST is not set
 CONFIG_DECOMPRESS_XZ=y
 CONFIG_GENERIC_ALLOCATOR=y
+CONFIG_REED_SOLOMON=y
+CONFIG_REED_SOLOMON_DEC8=y
 CONFIG_INTERVAL_TREE=y
 CONFIG_ASSOCIATIVE_ARRAY=y
 CONFIG_HAS_IOMEM=y
@@ -3404,6 +3445,7 @@ CONFIG_RUNTIME_TESTING_MENU=y
 # CONFIG_TEST_BLACKHOLE_DEV is not set
 # CONFIG_FIND_BIT_BENCHMARK is not set
 # CONFIG_TEST_FIRMWARE is not set
+# CONFIG_TEST_SYSCTL is not set
 # CONFIG_TEST_UDELAY is not set
 # CONFIG_TEST_STATIC_KEYS is not set
 # CONFIG_TEST_MEMCAT_P is not set

diff --git a/modules/coreboot b/modules/coreboot
@@ -76,7 +76,7 @@ $(eval $(call coreboot_module,4.20.1,))
 # there is no point preparing another coreboot module that won't be shared with
 # anything.
 coreboot-talos_2_repo := https://github.com/Dasharo/coreboot
-coreboot-talos_2_commit_hash := c8aed443c631042ad2b0326c35cd0b774752b924
+coreboot-talos_2_commit_hash := fc47236e9877f4113dfcce07fa928f52d4d2c8ee
 $(eval $(call coreboot_module,talos_2,))
 
 # Similarly, purism is based on 4.21, but nothing builds against 4.21 itself