bump common boards to coreboot 415 and kernel 510 #1061
Conversation
…g inactive at reboot and potentially x230t which is raw sometimes on boot.
…ant log timestamps and also want to provide active configuration)
- all: coreboot NO_POST for all boards - all: coreboot NO_GFX_INIT (linux payload does the graphic init) - all: coreboot TPM_MEASURED_BOOT (no more patches under Heads for measured boot) - all: coreboot DRIVERS_PS2_KEYBOARD (fixes no keyboard on soft reboot and potentially xx30t xx20t fix for random raw keyboard (to be tested) - all: coreboot removal of DEFAULT_CONSOLE_LOGLEVEL_5 under some boards - all: coreboot removal of "loglevel=3" under some linux command line options booting Heads kernel - all: coreboot removal of DEBUG_SMM_RELOCATION (unneeded) - all: coreboot INCLUDE_CONFIG_FILE and COLLECT_TIMESTAMPS for all boards - all: coreboot CONSOLE_SERIAL present on all boards - all: coreboot add VBT - all: board configs switch to cryptsetup2 xx20 hotp-maximized boards: - removal of dropbear (not enough space to have htop + dropbear) txx0 boards coreboot: - USE_OPTION_TABLE and STATIC_OPTION_TABLE added (todo: check T430 boards optimization and find issue/PR and ammend this commit)
- xx30 legacy boards (x230, x230-flash, t430, t430-flash) now rely also on coreboot 4.13
- DOWNSIDE: x230 and t430 legacy boards now rely on WHIPTAIL (NOT FBWhiptail) to have enough space to fit under 7mb)
- xx20 boards moved to 4.13 (no need of xx20-flash boards here since single SPI boards with 7.5mb useable since blobs scripts are required)
- DOWNSIDE: all xx20 boards now have dropbear deactivated, while still having ethernet driver in.
- qemu-coreboot and qemu-coreboot-fbwhiptail switched to coreboot 4.13 WITHOUT TPM SUPPORT (with cryptsetup 2.x support)
- DOWNSIDE:
- coreboot-qemu board CBFS_SIZE=0x700000 -> 0x750000
- coreboot-qemu-fbwhiptail CBFS_SIZE=0x750000 -> 0x780000
- CircleCi build recipe removes 4.8.1 boards altogether
- KGPE-D16 workstation is used as new base build to save workspace layer (we removed one workspace layer)
- Removing one workspace layer will save approx 2 hours of build time on fresh builds
- Removing one coreboot version will save us approx 2 hours of build time on fresh builds
- KGPE-D16 will stay to coreboot 4.11 until forward notice.
- All other board configs SHOULD be built on latest coreboot versions
…ree more building time.
…lobs/t420/* presence.
…O: change when 4.13 boards bumped to 4.14)
… x230-hotp-verification board
When files in /boot fail hash verification, the list of files can sometimes overflow the whiptail msgbox, preventing the prompt and buttons to update checksums from showing. To mitigate this, if # of files is > 10, use less to show the file list and present a separate prompt to update the checksums once the file list has been viewed. Signed-off-by: Matt DeVillier <[email protected]>
- me_cleaner downloaded from https://github.com/corna/me_cleaner/blob/43612a630c79f3bc6f2653bfe90dfe0b7b137e08/me_cleaner.py - placed under xx30 blobs dir - CircleCI uses it locally without downloading it everytime (me_cleaner hasn<t changed since 2018)
re-uploading executable.
|
Last tests shows that a different kernel config will be necessary for xx30-flash legacy and maximized boards, where only legacy and maximized currently exists. As far as we are concerned, and since no gpg nor encryption nor network operations are happening under xx30-flash boards, the kernel could be axed more and have network support and crypto algos completely removed under kernel configurations. That is next step. I will push local changes in a hit so collaboration can happen. No, a simple kernel version is not possible under 4mb CBFS available total space for xx30-flash boards. Another solution is to keep 4.14 kernel there, but as far as build time is important, this would be less desirable both for local and CI builds. The more shared the happier will be CircleCI free tier at the end of the month |
|
The simplest solution as of now is to keep legacy xx30-flash boards on kernel 4.14 and bump others to newer kernel version. Will test that, but as we know, that means longer build times on CI because multiple kernel versions will need to be built, so maybe building only for releases, if releases comes to Heads at some point, since the task of that board is only to flash internally. And the costs of time investment into making 4mb ROM and stripping and axing down kernel size for each kernel bump... this is really a burden at this point I will notninvest time in. Otherwise, we now know that if all boards share the same kernel version and coreboot versions, with new CircleCI 30 parallelizes steps, we could build each new commit for all boards under 1h if we have proper cache from a past 30 days build, or a little more then one hour otherwise: https://app.circleci.com/pipelines/github/tlaurion/heads/884/workflows/d8c4ed84-360c-408b-8269-7407a50eaf57 |
|
Replaced by #1381 |
WiP