From 3ea6f7030106933988d6ff92f5ab2fea14ed2b81 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 3 May 2023 11:43:37 -0400 Subject: [PATCH] Staging https://github.com/osresearch/heads/pull/1381 Moved boards to 5.10.5 kernel configs to not cause regression on crypto backend, both with cryptsetup and current gpg toolstack modules/linux added 5.10.178 but nothing migrated at this stage. modules/linux includes Android tethering modules to be packed when needed per board configs (maximized only) Kernel configs for x230 good to go. - Removed unneedead crypto support for ivy and sandy bridge (no AVX2, and AVX support needed only for AES (ctypestup is XTS-AES on most deployments) - Added required crypto hash HMAC Note: those two commands are really useful to analyse in-kernel sizes. Summary, to dig down in directory reported as being biggest: user@heads-tests:~/heads/build/x86/linux-5.10.5/linux-x230-maximized$ for f in */built-in.a; do size -t $f | tail -1 | sed "s|(TOTALS)|$f|"; done | sort -nr Detailed view of biggest built-in components and objects linked: user@heads-tests:~/heads/build/x86/linux-5.10.5/linux-x230-maximized$ size -t $(find ./ -name built-in.a) | tail -n +2 | sort -n -r -k 4|less Then follow those amazing guides to axe/hammer kernel size: Axing: https://lwn.net/Articles/746780/ General: https://elinux.org/Kernel_Size_Tuning_Guide And analyse needs of each module/kernel config option: https://www.kernelconfig.io u-root module containing bases for using exp/tcz and wget (with only root ca module included) qemu kernel config includes changes needed to support CGROUPS and busybox upgraded and config changed to include adduser/addgroup/delgoup/deluser per determist/systems requirements, but still failing Makefile: adds packing of u-root under initrd if requested initrd/bin/tinycorePoC: requires manual activation of libraries under u-root module kexec patch still carries old multiboot patch. Not sure wasa good idea to remove since user could decide to use old default multiboot1 (default is now multiboot2 under kexec 2.0.26 under master) CircleCI changes revisioning to 4.19 (textual, not changing any behavior) --- .circleci/config.yml | 2 +- Makefile | 2 + .../p8z77-m_pro-tpm1-maximized.config | 2 +- .../qemu-coreboot-fbwhiptail-tpm1-hotp.config | 2 +- .../qemu-coreboot-fbwhiptail-tpm1.config | 2 +- .../qemu-coreboot-fbwhiptail-tpm2-hotp.config | 2 +- .../qemu-coreboot-fbwhiptail-tpm2.config | 2 +- .../qemu-coreboot-fbwhiptail.config | 2 +- .../qemu-coreboot-whiptail-tpm1-hotp.config | 2 +- .../qemu-coreboot-whiptail-tpm1.config | 13 +- .../qemu-coreboot-whiptail-tpm2-hotp.config | 2 +- .../qemu-coreboot-whiptail-tpm2.config | 2 +- boards/qemu-coreboot/qemu-coreboot.config | 2 +- .../t420-hotp-maximized.config | 2 +- boards/t420-maximized/t420-maximized.config | 2 +- boards/t420/t420.config | 2 +- .../t430-hotp-legacy/t430-hotp-legacy.config | 2 +- .../t430-hotp-maximized.config | 2 +- .../t430-legacy-flash.config | 2 +- boards/t430-legacy/t430-legacy.config | 2 +- boards/t430-maximized/t430-maximized.config | 2 +- .../t520-hotp-maximized.config | 2 +- boards/t520-maximized/t520-maximized.config | 2 +- .../t530-dgpu-hotp-maximized.config | 2 +- .../t530-dgpu-maximized.config | 2 +- .../t530-hotp-maximized.config | 2 +- boards/t530-maximized/t530-maximized.config | 2 +- .../w530-dgpu-K1000m-hotp-maximized.config | 2 +- .../w530-dgpu-K1000m-maximized.config | 2 +- .../w530-dgpu-K2000m-hotp-maximized.config | 2 +- .../w530-dgpu-K2000m-maximized.config | 2 +- .../w530-hotp-maximized.config | 2 +- boards/w530-maximized/w530-maximized.config | 2 +- .../x220-hotp-maximized.config | 2 +- boards/x220-maximized/x220-maximized.config | 2 +- boards/x220/x220.config | 2 +- .../x230-hotp-legacy/x230-hotp-legacy.config | 2 +- .../x230-hotp-maximized-fhd_edp.config | 2 +- .../x230-hotp-maximized.config | 2 +- .../x230-hotp-maximized_usb-kb.config | 2 +- .../x230-legacy-flash.config | 2 +- boards/x230-legacy/x230-legacy.config | 2 +- .../x230-maximized-fhd_edp.config | 2 +- boards/x230-maximized/x230-maximized.config | 2 +- config/busybox.config | 114 ++++++---- config/coreboot-librem_13v2.config | 1 + config/coreboot-librem_13v4.config | 1 + config/coreboot-librem_14.config | 1 + config/coreboot-librem_15v3.config | 1 + config/coreboot-librem_15v4.config | 1 + config/coreboot-librem_mini.config | 1 + config/coreboot-librem_mini_v2.config | 1 + config/coreboot-t440p.config | 1 + config/linux-qemu.config | 213 ++++++++---------- config/linux-x230-flash.config | 6 +- config/linux-x230-legacy.config | 36 +-- config/linux-x230-maximized.config | 78 +++++-- initrd/bin/kexec-boot | 1 + initrd/bin/kexec-iso-init | 5 +- initrd/bin/kexec-parse-boot | 5 +- initrd/bin/kexec-select-boot | 2 +- initrd/bin/media-scan | 6 +- initrd/bin/network-init-recovery | 55 +++-- initrd/bin/tinycorePoC | 4 + initrd/bin/usb-init | 2 +- initrd/init | 3 +- modules/bash | 2 +- modules/busybox | 4 +- modules/coreboot | 7 + modules/linux | 14 +- modules/u-root | 70 ++++-- patches/bash-5.1.16.patch | 11 + .../coreboot-4.19/0001-x230-fhd-variant.patch | 198 ++++++++++++++++ patches/kexec-2.0.26.patch | 32 +++ ...ubcmd_Fix_use-after-free-for-realloc.patch | 64 ++++++ patches/linux-5.10.178/0001-fake-acpi.patch | 32 +++ patches/linux-5.10.178/0002-nmi-squelch.patch | 20 ++ .../linux-5.10.178/0003-fake-trampoline.patch | 28 +++ .../linux-5.10.178/0010-winterfell-ahci.patch | 18 ++ ...ubcmd_Fix_use-after-free-for-realloc.patch | 64 ++++++ 80 files changed, 903 insertions(+), 298 deletions(-) create mode 100755 initrd/bin/tinycorePoC create mode 100644 patches/bash-5.1.16.patch create mode 100644 patches/coreboot-4.19/0001-x230-fhd-variant.patch create mode 100644 patches/linux-4.14.62/0004-libsubcmd_Fix_use-after-free-for-realloc.patch create mode 100644 patches/linux-5.10.178/0001-fake-acpi.patch create mode 100644 patches/linux-5.10.178/0002-nmi-squelch.patch create mode 100644 patches/linux-5.10.178/0003-fake-trampoline.patch create mode 100644 patches/linux-5.10.178/0010-winterfell-ahci.patch create mode 100644 patches/linux-5.10.5/0004-libsubcmd_Fix_use-after-free-for-realloc.patch diff --git a/.circleci/config.yml b/.circleci/config.yml index 94037dd3e..09c87ae50 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -209,7 +209,7 @@ workflows: # version. The last board in the sequence is the dependency # for the parallel boards built at the end, and also save_cache. - # Coreboot 4.13 + # Coreboot 4.19 - build_and_persist: name: x230-hotp-maximized target: x230-hotp-maximized diff --git a/Makefile b/Makefile index 41a800e60..4254d156d 100644 --- a/Makefile +++ b/Makefile @@ -51,6 +51,7 @@ include $(CONFIG) # Unless otherwise specified, we are building for heads CONFIG_HEADS ?= y +CONFIG_UROOT ?= n # Unless otherwise specified, we are building bash to have non-interactive shell for scripts (arrays and bashisms) CONFIG_BASH ?= y @@ -529,6 +530,7 @@ initrd-y += $(pwd)/blobs/dev.cpio initrd-y += $(build)/$(initrd_dir)/modules.cpio initrd-y += $(build)/$(initrd_dir)/tools.cpio initrd-$(CONFIG_HEADS) += $(build)/$(initrd_dir)/heads.cpio +initrd-$(CONFIG_UROOT) += $(build)/$(initrd_dir)/u-root.cpio #$(build)/$(initrd_dir)/.build: $(build)/$(initrd_dir)/initrd.cpio.xz diff --git a/boards/p8z77-m_pro-tpm1-maximized/p8z77-m_pro-tpm1-maximized.config b/boards/p8z77-m_pro-tpm1-maximized/p8z77-m_pro-tpm1-maximized.config index a22b2deeb..0dde6a475 100644 --- a/boards/p8z77-m_pro-tpm1-maximized/p8z77-m_pro-tpm1-maximized.config +++ b/boards/p8z77-m_pro-tpm1-maximized/p8z77-m_pro-tpm1-maximized.config @@ -39,7 +39,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config CONFIG_COREBOOT_CONFIG=config/coreboot-p8z77-m_pro-tpm1.config export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.17 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_CRYPTSETUP2=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config b/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config index 971cecaff..c2a9e5f04 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config @@ -5,7 +5,7 @@ # Nitrokey Pro can also be used by forwarding the USB device from the host to # the VM. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 #Enable DEBUG output diff --git a/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config b/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config index 819959af2..c85d304b8 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config @@ -3,7 +3,7 @@ # # TPM can be used with a qemu software TPM (TIS, 1.2). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 #Enable DEBUG output diff --git a/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config b/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config index 5242e7a0d..5a5aa8a43 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config @@ -4,7 +4,7 @@ # # TPM can be used with a qemu software TPM (TIS, 2.0). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 #Enable DEBUG output diff --git a/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config b/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config index f21340b1e..d5921c7f5 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config @@ -3,7 +3,7 @@ # # TPM can be used with a qemu software TPM (TIS, 2.0). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 #Enable DEBUG output diff --git a/boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config b/boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config index 35b1c3d33..0efb606a9 100644 --- a/boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config +++ b/boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config @@ -3,7 +3,7 @@ # # Note that the TPM does not work. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-qemu-fbwhiptail.config diff --git a/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config b/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config index c3e870ab0..358dc5d6c 100644 --- a/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config +++ b/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config @@ -5,7 +5,7 @@ # Nitrokey Pro can also be used by forwarding the USB device from the host to # the VM. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 #Enable DEBUG output diff --git a/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config b/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config index 37ae90a5d..278fd1af0 100644 --- a/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config +++ b/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config @@ -3,9 +3,10 @@ # # TPM can be used with a qemu software TPM (TIS, 1.2). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 + #Enable DEBUG output export CONFIG_DEBUG_OUTPUT=y export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y @@ -13,9 +14,11 @@ export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y CONFIG_COREBOOT_CONFIG=config/coreboot-qemu-tpm1.config CONFIG_LINUX_CONFIG=config/linux-qemu.config -ifeq "$(CONFIG_UROOT)" "y" -CONFIG_BUSYBOX=n -else +#Testing +CONFIG_UROOT=y +#CONFIG_TINYCORE_ROOTFS=y +export CONFIG_SYNC_TIME_ON_NETWORK_INIT=n + CONFIG_KEXEC=y CONFIG_QRENCODE=y CONFIG_TPMTOTP=y @@ -41,8 +44,6 @@ CONFIG_MSRTOOLS=y CONFIG_NEWT=y CONFIG_SLANG=y -endif - export CONFIG_LINUX_USB_COMPANION_CONTROLLER=y CONFIG_LINUX_USB=y CONFIG_LINUX_E1000=y diff --git a/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config b/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config index 1cfe6a04b..2b595eaae 100644 --- a/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config +++ b/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config @@ -4,7 +4,7 @@ # # TPM can be used with a qemu software TPM (TIS, 2.0). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 #Enable DEBUG output diff --git a/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config b/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config index 273d500ae..142cfb5ad 100644 --- a/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config +++ b/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config @@ -3,7 +3,7 @@ # # TPM can be used with a qemu software TPM (TIS, 2.0). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 #Enable DEBUG output diff --git a/boards/qemu-coreboot/qemu-coreboot.config b/boards/qemu-coreboot/qemu-coreboot.config index 2243e51c4..7902f805c 100644 --- a/boards/qemu-coreboot/qemu-coreboot.config +++ b/boards/qemu-coreboot/qemu-coreboot.config @@ -4,7 +4,7 @@ # Note that the TPM does not work, so this # will just drop into the recovery shell. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-qemu.config diff --git a/boards/t420-hotp-maximized/t420-hotp-maximized.config b/boards/t420-hotp-maximized/t420-hotp-maximized.config index d0ca6db2e..0f18fb870 100644 --- a/boards/t420-hotp-maximized/t420-hotp-maximized.config +++ b/boards/t420-hotp-maximized/t420-hotp-maximized.config @@ -9,7 +9,7 @@ # - dropbear export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t420-maximized.config diff --git a/boards/t420-maximized/t420-maximized.config b/boards/t420-maximized/t420-maximized.config index c5761712f..90572392a 100644 --- a/boards/t420-maximized/t420-maximized.config +++ b/boards/t420-maximized/t420-maximized.config @@ -8,7 +8,7 @@ # Doesn't include (to fit in 7mb image) # - dropbear export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t420-maximized.config diff --git a/boards/t420/t420.config b/boards/t420/t420.config index 660bc999c..e8a664911 100644 --- a/boards/t420/t420.config +++ b/boards/t420/t420.config @@ -1,6 +1,6 @@ # Configuration for a t420 running Qubes 4.1 and other OS, X220 is identical to X230 on the Linux Side of things. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t420.config diff --git a/boards/t430-hotp-legacy/t430-hotp-legacy.config b/boards/t430-hotp-legacy/t430-hotp-legacy.config index af7f3c54e..a7d82c498 100644 --- a/boards/t430-hotp-legacy/t430-hotp-legacy.config +++ b/boards/t430-hotp-legacy/t430-hotp-legacy.config @@ -8,7 +8,7 @@ # Addition vs standard x230 board config: # HOTP_KEY: HOTP challenge for currently supported USB Security dongles export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t430-legacy.config diff --git a/boards/t430-hotp-maximized/t430-hotp-maximized.config b/boards/t430-hotp-maximized/t430-hotp-maximized.config index 00f21ebc2..3e8835960 100644 --- a/boards/t430-hotp-maximized/t430-hotp-maximized.config +++ b/boards/t430-hotp-maximized/t430-hotp-maximized.config @@ -7,7 +7,7 @@ # # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t430-maximized.config diff --git a/boards/t430-legacy-flash/t430-legacy-flash.config b/boards/t430-legacy-flash/t430-legacy-flash.config index 2d9d2332d..78d8bc361 100644 --- a/boards/t430-legacy-flash/t430-legacy-flash.config +++ b/boards/t430-legacy-flash/t430-legacy-flash.config @@ -1,7 +1,7 @@ # Minimal configuration for a t430 to support flashrom and USB export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_BASH=n diff --git a/boards/t430-legacy/t430-legacy.config b/boards/t430-legacy/t430-legacy.config index 580dab268..46f2303de 100644 --- a/boards/t430-legacy/t430-legacy.config +++ b/boards/t430-legacy/t430-legacy.config @@ -5,7 +5,7 @@ # dropbear support(ssh client/server) # e1000e (ethernet driver) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t430-legacy.config diff --git a/boards/t430-maximized/t430-maximized.config b/boards/t430-maximized/t430-maximized.config index 8a7320dfe..a2b5a4067 100644 --- a/boards/t430-maximized/t430-maximized.config +++ b/boards/t430-maximized/t430-maximized.config @@ -7,7 +7,7 @@ # # - DOES NOT INCLUDE Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t430-maximized.config diff --git a/boards/t520-hotp-maximized/t520-hotp-maximized.config b/boards/t520-hotp-maximized/t520-hotp-maximized.config index 8e530cef3..3a1764843 100644 --- a/boards/t520-hotp-maximized/t520-hotp-maximized.config +++ b/boards/t520-hotp-maximized/t520-hotp-maximized.config @@ -5,7 +5,7 @@ # - Forged 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx20/extract.sh) # - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t520-maximized.config diff --git a/boards/t520-maximized/t520-maximized.config b/boards/t520-maximized/t520-maximized.config index c5c10d142..d6631c6b6 100644 --- a/boards/t520-maximized/t520-maximized.config +++ b/boards/t520-maximized/t520-maximized.config @@ -5,7 +5,7 @@ # - Forged 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx20/extract.sh) # - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t520-maximized.config diff --git a/boards/t530-dgpu-hotp-maximized/t530-dgpu-hotp-maximized.config b/boards/t530-dgpu-hotp-maximized/t530-dgpu-hotp-maximized.config index fb1e8613e..265d734fa 100644 --- a/boards/t530-dgpu-hotp-maximized/t530-dgpu-hotp-maximized.config +++ b/boards/t530-dgpu-hotp-maximized/t530-dgpu-hotp-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board is designed for a t530 with a dGPU. Initialization of the dGPU is necessary in order to use an external monitor via the DisplayPort (either the in-built mini-DisplayPort or the DisplayPort in the dock). In order to build this the relevant script in the blobs directory must be run (or self-pulled roms placed in that directory) and after building the rom, the nvramtool must be run on the 12MB rom to change the default graphics mode away from integrated-only graphics (see README_vbios in the blobs directory). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t530-dgpu-maximized.config diff --git a/boards/t530-dgpu-maximized/t530-dgpu-maximized.config b/boards/t530-dgpu-maximized/t530-dgpu-maximized.config index efa3174fc..18385e604 100644 --- a/boards/t530-dgpu-maximized/t530-dgpu-maximized.config +++ b/boards/t530-dgpu-maximized/t530-dgpu-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board is designed for a t530 with a dGPU. Initialization of the dGPU is necessary in order to use an external monitor via the DisplayPort (either the in-built mini-DisplayPort or the DisplayPort in the dock). In order to build this the relevant script in the blobs directory must be run (or self-pulled roms placed in that directory) and after building the rom, the nvramtool must be run on the 12MB rom to change the default graphics mode away from integrated-only graphics (see README_vbios in the blobs directory). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t530-dgpu-maximized.config diff --git a/boards/t530-hotp-maximized/t530-hotp-maximized.config b/boards/t530-hotp-maximized/t530-hotp-maximized.config index fab9c97be..cf53d268d 100644 --- a/boards/t530-hotp-maximized/t530-hotp-maximized.config +++ b/boards/t530-hotp-maximized/t530-hotp-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board is designed for a t530 without a dGPU. It will work just fine for a board with a dGPU, except you will not be able to use an external monitor via the mini-displayport or the dock's displayport, though external monitors will work via VGA ports. To initialize the dGPU please use one of the dgpu boards. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t530-maximized.config diff --git a/boards/t530-maximized/t530-maximized.config b/boards/t530-maximized/t530-maximized.config index 0ef23b98c..facc490d8 100644 --- a/boards/t530-maximized/t530-maximized.config +++ b/boards/t530-maximized/t530-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board is designed for a t530 without a dGPU. It will work just fine for a board with a dGPU, except you will not be able to use an external monitor via the mini-displayport or the dock's displayport, though external monitors will work via VGA ports. To initialize the dGPU please use one of the dgpu boards. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-t530-maximized.config diff --git a/boards/w530-dgpu-K1000m-hotp-maximized/w530-dgpu-K1000m-hotp-maximized.config b/boards/w530-dgpu-K1000m-hotp-maximized/w530-dgpu-K1000m-hotp-maximized.config index d0cf996f1..744b887d5 100644 --- a/boards/w530-dgpu-K1000m-hotp-maximized/w530-dgpu-K1000m-hotp-maximized.config +++ b/boards/w530-dgpu-K1000m-hotp-maximized/w530-dgpu-K1000m-hotp-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board is designed for a w530 with the K1000M Nvidia Quadro dGPU. Initialization of the dGPU is necessary in order to use an external monitor whether through the in-build VGA or mini-DisplayPort or via the dock. In order to build this the relevant script in the blobs directory must be run (or self-pulled roms placed in that directory) and after building the rom, the nvramtool must be run on the 12MB rom to change the default graphics mode away from integrated-only graphics (see README_vbios in the blobs directory). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-w530-dgpu-K1000m-maximized.config diff --git a/boards/w530-dgpu-K1000m-maximized/w530-dgpu-K1000m-maximized.config b/boards/w530-dgpu-K1000m-maximized/w530-dgpu-K1000m-maximized.config index 8185ae244..6e73d347a 100644 --- a/boards/w530-dgpu-K1000m-maximized/w530-dgpu-K1000m-maximized.config +++ b/boards/w530-dgpu-K1000m-maximized/w530-dgpu-K1000m-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board is designed for a w530 with the K1000M Nvidia Quadro dGPU. Initialization of the dGPU is necessary in order to use an external monitor whether through the in-build VGA or mini-DisplayPort or via the dock. In order to build this the relevant script in the blobs directory must be run (or self-pulled roms placed in that directory) and after building the rom, the nvramtool must be run on the 12MB rom to change the default graphics mode away from integrated-only graphics (see README_vbios in the blobs directory). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-w530-dgpu-K1000m-maximized.config diff --git a/boards/w530-dgpu-K2000m-hotp-maximized/w530-dgpu-K2000m-hotp-maximized.config b/boards/w530-dgpu-K2000m-hotp-maximized/w530-dgpu-K2000m-hotp-maximized.config index 43417a591..baa95deec 100644 --- a/boards/w530-dgpu-K2000m-hotp-maximized/w530-dgpu-K2000m-hotp-maximized.config +++ b/boards/w530-dgpu-K2000m-hotp-maximized/w530-dgpu-K2000m-hotp-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board is designed for a w530 with the K2000M Nvidia Quadro dGPU. Initialization of the dGPU is necessary in order to use an external monitor whether through the in-build VGA or mini-DisplayPort or via the dock. In order to build this the relevant script in the blobs directory must be run (or self-pulled roms placed in that directory) and after building the rom, the nvramtool must be run on the 12MB rom to change the default graphics mode away from integrated-only graphics (see README_vbios in the blobs directory). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-w530-dgpu-K2000m-maximized.config diff --git a/boards/w530-dgpu-K2000m-maximized/w530-dgpu-K2000m-maximized.config b/boards/w530-dgpu-K2000m-maximized/w530-dgpu-K2000m-maximized.config index 1e80aeeac..37accefad 100644 --- a/boards/w530-dgpu-K2000m-maximized/w530-dgpu-K2000m-maximized.config +++ b/boards/w530-dgpu-K2000m-maximized/w530-dgpu-K2000m-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board is designed for a w530 with the K2000M Nvidia Quadro dGPU. Initialization of the dGPU is necessary in order to use an external monitor whether through the in-build VGA or mini-DisplayPort or via the dock. In order to build this the relevant script in the blobs directory must be run (or self-pulled roms placed in that directory) and after building the rom, the nvramtool must be run on the 12MB rom to change the default graphics mode away from integrated-only graphics (see README_vbios in the blobs directory). export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-w530-dgpu-K2000m-maximized.config diff --git a/boards/w530-hotp-maximized/w530-hotp-maximized.config b/boards/w530-hotp-maximized/w530-hotp-maximized.config index 5012365b0..c05b95809 100644 --- a/boards/w530-hotp-maximized/w530-hotp-maximized.config +++ b/boards/w530-hotp-maximized/w530-hotp-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board ignores the in-built dGPU that comes with all w530's. In doing so the dGPU will not be initialized. This has some benefits in terms of reduced complexity in working with OS's with poor support for NVIDIA, better battery life and lower heat (making use of the thicker heatsink from a dGPU). Conversely, if you do not initialize the dGPU you will be unable to use an external monitor. To initialize the dGPU please use the dGPU boards that corresponds with the model of dGPU included with your device. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-w530-maximized.config diff --git a/boards/w530-maximized/w530-maximized.config b/boards/w530-maximized/w530-maximized.config index b699c97d1..689a35f2f 100644 --- a/boards/w530-maximized/w530-maximized.config +++ b/boards/w530-maximized/w530-maximized.config @@ -8,7 +8,7 @@ # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # This board ignores the in-built dGPU that comes with all w530's. In doing so the dGPU will not be initialized. This has some benefits in terms of reduced complexity in working with OS's with poor support for NVIDIA, better battery life and lower heat (making use of the thicker heatsink from a dGPU). Conversely, if you do not initialize the dGPU you will be unable to use an external monitor. To initialize the dGPU please use the dGPU boards that corresponds with the model of dGPU included with your device. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-w530-maximized.config diff --git a/boards/x220-hotp-maximized/x220-hotp-maximized.config b/boards/x220-hotp-maximized/x220-hotp-maximized.config index d6be80af5..41df9bfcb 100644 --- a/boards/x220-hotp-maximized/x220-hotp-maximized.config +++ b/boards/x220-hotp-maximized/x220-hotp-maximized.config @@ -9,7 +9,7 @@ # - dropbear export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x220-maximized.config diff --git a/boards/x220-maximized/x220-maximized.config b/boards/x220-maximized/x220-maximized.config index bf1a22429..d779622e6 100644 --- a/boards/x220-maximized/x220-maximized.config +++ b/boards/x220-maximized/x220-maximized.config @@ -9,7 +9,7 @@ # - dropbear export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x220-maximized.config diff --git a/boards/x220/x220.config b/boards/x220/x220.config index 2f8093888..9dab293ee 100644 --- a/boards/x220/x220.config +++ b/boards/x220/x220.config @@ -1,6 +1,6 @@ # Configuration for a x220 running Qubes 4.1 and other OS, X220 is identical to X230 on the Linux Side of things. export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x220.config diff --git a/boards/x230-hotp-legacy/x230-hotp-legacy.config b/boards/x230-hotp-legacy/x230-hotp-legacy.config index 86c1a7f72..b1cfcef7b 100644 --- a/boards/x230-hotp-legacy/x230-hotp-legacy.config +++ b/boards/x230-hotp-legacy/x230-hotp-legacy.config @@ -8,7 +8,7 @@ # Addition vs standard x230 board config: # HOTP_KEY: HOTP challenge for currently supported USB Security dongles export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-legacy.config diff --git a/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config b/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config index 35ac69be6..57d6c0451 100644 --- a/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config +++ b/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config @@ -19,7 +19,7 @@ # # - Includes: Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-maximized-fhd_edp.config diff --git a/boards/x230-hotp-maximized/x230-hotp-maximized.config b/boards/x230-hotp-maximized/x230-hotp-maximized.config index df574ab56..d3960628b 100644 --- a/boards/x230-hotp-maximized/x230-hotp-maximized.config +++ b/boards/x230-hotp-maximized/x230-hotp-maximized.config @@ -7,7 +7,7 @@ # # - Includes: Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-maximized.config diff --git a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config index 4a270b326..3cd42e239 100644 --- a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config +++ b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config @@ -9,7 +9,7 @@ # Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) # USB Keyboard support export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-maximized.config diff --git a/boards/x230-legacy-flash/x230-legacy-flash.config b/boards/x230-legacy-flash/x230-legacy-flash.config index ead59ea94..273f4ab04 100644 --- a/boards/x230-legacy-flash/x230-legacy-flash.config +++ b/boards/x230-legacy-flash/x230-legacy-flash.config @@ -1,7 +1,7 @@ # Minimal configuration for a x230 to support flashrom and USB export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_BASH=n diff --git a/boards/x230-legacy/x230-legacy.config b/boards/x230-legacy/x230-legacy.config index 1d8edabeb..553898bdd 100644 --- a/boards/x230-legacy/x230-legacy.config +++ b/boards/x230-legacy/x230-legacy.config @@ -4,7 +4,7 @@ # dropbear support(ssh client/server) # e1000e (ethernet driver) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-legacy.config diff --git a/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config b/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config index edbf3abaf..59a028bae 100644 --- a/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config +++ b/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config @@ -19,7 +19,7 @@ # # - DOES NOT INCLUDE Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-maximized-fhd_edp.config diff --git a/boards/x230-maximized/x230-maximized.config b/boards/x230-maximized/x230-maximized.config index 00945a08b..d766004b9 100644 --- a/boards/x230-maximized/x230-maximized.config +++ b/boards/x230-maximized/x230-maximized.config @@ -7,7 +7,7 @@ # # - DOES NOT INCLUDE Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code) export CONFIG_COREBOOT=y -export CONFIG_COREBOOT_VERSION=4.13 +export CONFIG_COREBOOT_VERSION=4.19 export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-maximized.config diff --git a/config/busybox.config b/config/busybox.config index 23c8fd3fd..28ca8684d 100644 --- a/config/busybox.config +++ b/config/busybox.config @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit -# Busybox version: 1.33.2 -# Fri Jan 7 12:33:00 2022 +# Busybox version: 1.36.0 +# Mon May 1 16:17:04 2023 # CONFIG_HAVE_DOT_CONFIG=y @@ -93,10 +93,16 @@ CONFIG_FEATURE_BUFFERS_USE_MALLOC=y # CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set CONFIG_PASSWORD_MINLEN=6 CONFIG_MD5_SMALL=1 +CONFIG_SHA1_SMALL=3 +CONFIG_SHA1_HWACCEL=y +CONFIG_SHA256_HWACCEL=y CONFIG_SHA3_SMALL=1 -# CONFIG_FEATURE_FAST_TOP is not set -# CONFIG_FEATURE_ETC_NETWORKS is not set -# CONFIG_FEATURE_ETC_SERVICES is not set +CONFIG_FEATURE_NON_POSIX_CP=y +# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set +CONFIG_FEATURE_USE_SENDFILE=y +CONFIG_FEATURE_COPYBUF_KB=4 +CONFIG_MONOTONIC_SYSCALL=y +CONFIG_IOCTL_HEX2STR_ERROR=y CONFIG_FEATURE_EDITING=y CONFIG_FEATURE_EDITING_MAX_LEN=1024 # CONFIG_FEATURE_EDITING_VI is not set @@ -120,14 +126,9 @@ CONFIG_LAST_SUPPORTED_WCHAR=767 # CONFIG_UNICODE_BIDI_SUPPORT is not set # CONFIG_UNICODE_NEUTRAL_TABLE is not set # CONFIG_UNICODE_PRESERVE_BROKEN is not set -CONFIG_FEATURE_NON_POSIX_CP=y -# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set -CONFIG_FEATURE_USE_SENDFILE=y -CONFIG_FEATURE_COPYBUF_KB=4 -CONFIG_FEATURE_SKIP_ROOTFS=y -CONFIG_MONOTONIC_SYSCALL=y -CONFIG_IOCTL_HEX2STR_ERROR=y -CONFIG_FEATURE_HWIB=y +# CONFIG_LOOP_CONFIGURE is not set +# CONFIG_NO_LOOP_CONFIGURE is not set +CONFIG_TRY_LOOP_CONFIGURE=y # # Applets @@ -162,6 +163,8 @@ CONFIG_FEATURE_BZIP2_DECOMPRESS=y CONFIG_CPIO=y CONFIG_FEATURE_CPIO_O=y CONFIG_FEATURE_CPIO_P=y +CONFIG_FEATURE_CPIO_IGNORE_DEVNO=y +CONFIG_FEATURE_CPIO_RENUMBER_INODES=y # CONFIG_DPKG is not set # CONFIG_DPKG_DEB is not set CONFIG_GZIP=y @@ -197,6 +200,22 @@ CONFIG_FEATURE_UNZIP_CDF=y # # Coreutils # +CONFIG_FEATURE_VERBOSE=y + +# +# Common options for date and touch +# +# CONFIG_FEATURE_TIMEZONE is not set + +# +# Common options for cp and mv +# +CONFIG_FEATURE_PRESERVE_HARDLINKS=y + +# +# Common options for df, du, ls +# +CONFIG_FEATURE_HUMAN_READABLE=y CONFIG_BASENAME=y CONFIG_CAT=y CONFIG_FEATURE_CATN=y @@ -207,11 +226,13 @@ CONFIG_CHMOD=y # CONFIG_FEATURE_CHOWN_LONG_OPTIONS is not set CONFIG_CHROOT=y # CONFIG_CKSUM is not set +CONFIG_CRC32=y # CONFIG_COMM is not set CONFIG_CP=y CONFIG_FEATURE_CP_LONG_OPTIONS=y CONFIG_FEATURE_CP_REFLINK=y CONFIG_CUT=y +CONFIG_FEATURE_CUT_REGEX=y CONFIG_DATE=y CONFIG_FEATURE_DATE_ISOFMT=y # CONFIG_FEATURE_DATE_NANO is not set @@ -223,6 +244,7 @@ CONFIG_FEATURE_DD_IBS_OBS=y CONFIG_FEATURE_DD_STATUS=y CONFIG_DF=y CONFIG_FEATURE_DF_FANCY=y +CONFIG_FEATURE_SKIP_ROOTFS=y CONFIG_DIRNAME=y # CONFIG_DOS2UNIX is not set # CONFIG_UNIX2DOS is not set @@ -316,13 +338,13 @@ CONFIG_TEST2=y CONFIG_FEATURE_TEST_64=y # CONFIG_TIMEOUT is not set CONFIG_TOUCH=y -CONFIG_FEATURE_TOUCH_NODEREF=y CONFIG_FEATURE_TOUCH_SUSV3=y CONFIG_TR=y CONFIG_FEATURE_TR_CLASSES=y CONFIG_FEATURE_TR_EQUIV=y CONFIG_TRUE=y # CONFIG_TRUNCATE is not set +CONFIG_TSORT=y CONFIG_TTY=y CONFIG_UNAME=y CONFIG_UNAME_OSNAME="GNU/Linux" @@ -332,7 +354,7 @@ CONFIG_UNIQ=y CONFIG_USLEEP=y # CONFIG_UUDECODE is not set CONFIG_BASE32=y -CONFIG_BASE64=n +# CONFIG_BASE64 is not set # CONFIG_UUENCODE is not set CONFIG_WC=y CONFIG_FEATURE_WC_LARGE=y @@ -342,21 +364,6 @@ CONFIG_FEATURE_WC_LARGE=y # CONFIG_WHOAMI is not set # CONFIG_YES is not set -# -# Common options -# -CONFIG_FEATURE_VERBOSE=y - -# -# Common options for cp and mv -# -CONFIG_FEATURE_PRESERVE_HARDLINKS=y - -# -# Common options for df, du, ls -# -CONFIG_FEATURE_HUMAN_READABLE=y - # # Console Utilities # @@ -420,6 +427,7 @@ CONFIG_VI=y CONFIG_FEATURE_VI_MAX_LEN=4096 # CONFIG_FEATURE_VI_8BIT is not set CONFIG_FEATURE_VI_COLON=y +CONFIG_FEATURE_VI_COLON_EXPAND=y CONFIG_FEATURE_VI_YANKMARK=y CONFIG_FEATURE_VI_SEARCH=y # CONFIG_FEATURE_VI_REGEX_SEARCH is not set @@ -433,6 +441,7 @@ CONFIG_FEATURE_VI_ASK_TERMINAL=y CONFIG_FEATURE_VI_UNDO=y CONFIG_FEATURE_VI_UNDO_QUEUE=y CONFIG_FEATURE_VI_UNDO_QUEUE_MAX=256 +CONFIG_FEATURE_VI_VERBOSE_STATUS=y CONFIG_FEATURE_ALLOW_EXEC=y # @@ -441,7 +450,11 @@ CONFIG_FEATURE_ALLOW_EXEC=y CONFIG_FIND=y CONFIG_FEATURE_FIND_PRINT0=y CONFIG_FEATURE_FIND_MTIME=y +CONFIG_FEATURE_FIND_ATIME=y +CONFIG_FEATURE_FIND_CTIME=y CONFIG_FEATURE_FIND_MMIN=y +CONFIG_FEATURE_FIND_AMIN=y +CONFIG_FEATURE_FIND_CMIN=y CONFIG_FEATURE_FIND_PERM=y CONFIG_FEATURE_FIND_TYPE=y CONFIG_FEATURE_FIND_EXECUTABLE=y @@ -449,6 +462,7 @@ CONFIG_FEATURE_FIND_XDEV=y CONFIG_FEATURE_FIND_MAXDEPTH=y CONFIG_FEATURE_FIND_NEWER=y CONFIG_FEATURE_FIND_INUM=y +CONFIG_FEATURE_FIND_SAMEFILE=y CONFIG_FEATURE_FIND_EXEC=y CONFIG_FEATURE_FIND_EXEC_PLUS=y CONFIG_FEATURE_FIND_USER=y @@ -512,20 +526,20 @@ CONFIG_INIT_TERMINAL_TYPE="" # CONFIG_USE_BB_CRYPT_SHA is not set # CONFIG_ADD_SHELL is not set # CONFIG_REMOVE_SHELL is not set -# CONFIG_ADDGROUP is not set -# CONFIG_FEATURE_ADDUSER_TO_GROUP is not set -# CONFIG_ADDUSER is not set +CONFIG_ADDGROUP=y +CONFIG_FEATURE_ADDUSER_TO_GROUP=y +CONFIG_ADDUSER=y # CONFIG_FEATURE_CHECK_NAMES is not set -CONFIG_LAST_ID=0 -CONFIG_FIRST_SYSTEM_ID=0 -CONFIG_LAST_SYSTEM_ID=0 +CONFIG_LAST_ID=60000 +CONFIG_FIRST_SYSTEM_ID=100 +CONFIG_LAST_SYSTEM_ID=999 # CONFIG_CHPASSWD is not set CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="" # CONFIG_CRYPTPW is not set # CONFIG_MKPASSWD is not set -# CONFIG_DELUSER is not set -# CONFIG_DELGROUP is not set -# CONFIG_FEATURE_DEL_USER_FROM_GROUP is not set +CONFIG_DELUSER=y +CONFIG_DELGROUP=y +CONFIG_FEATURE_DEL_USER_FROM_GROUP=y # CONFIG_GETTY is not set # CONFIG_LOGIN is not set # CONFIG_LOGIN_SESSION_AS_CHILD is not set @@ -739,6 +753,7 @@ CONFIG_FEATURE_VOLUMEID_XFS=y # Miscellaneous Utilities # # CONFIG_ADJTIMEX is not set +CONFIG_ASCII=y # CONFIG_BBCONFIG is not set # CONFIG_FEATURE_COMPRESS_BBCONFIG is not set # CONFIG_BC is not set @@ -819,10 +834,12 @@ CONFIG_PARTPROBE=y # CONFIG_RFKILL is not set # CONFIG_RUNLEVEL is not set # CONFIG_RX is not set +CONFIG_SEEDRNG=y CONFIG_SETFATTR=y CONFIG_SETSERIAL=y CONFIG_STRINGS=y CONFIG_TIME=y +CONFIG_TREE=y # CONFIG_TS is not set # CONFIG_TTYSIZE is not set # CONFIG_UBIATTACH is not set @@ -834,6 +851,7 @@ CONFIG_TIME=y # CONFIG_UBIRENAME is not set # CONFIG_VOLNAME is not set # CONFIG_WATCHDOG is not set +# CONFIG_FEATURE_WATCHDOG_OPEN_TWICE is not set # # Networking Utilities @@ -842,6 +860,9 @@ CONFIG_TIME=y # CONFIG_FEATURE_UNIX_LOCAL is not set # CONFIG_FEATURE_PREFER_IPV4_ADDRESS is not set # CONFIG_VERBOSE_RESOLUTION_ERRORS is not set +# CONFIG_FEATURE_ETC_NETWORKS is not set +# CONFIG_FEATURE_ETC_SERVICES is not set +CONFIG_FEATURE_HWIB=y # CONFIG_FEATURE_TLS_SHA1 is not set CONFIG_ARP=y # CONFIG_ARPING is not set @@ -860,6 +881,7 @@ CONFIG_ARP=y # CONFIG_HOSTNAME is not set # CONFIG_DNSDOMAINNAME is not set # CONFIG_HTTPD is not set +CONFIG_FEATURE_HTTPD_PORT_DEFAULT=0 # CONFIG_FEATURE_HTTPD_RANGES is not set # CONFIG_FEATURE_HTTPD_SETUID is not set # CONFIG_FEATURE_HTTPD_BASIC_AUTH is not set @@ -952,6 +974,7 @@ CONFIG_SSL_CLIENT=y # CONFIG_FEATURE_TELNET_WIDTH is not set # CONFIG_TELNETD is not set # CONFIG_FEATURE_TELNETD_STANDALONE is not set +CONFIG_FEATURE_TELNETD_PORT_DEFAULT=0 # CONFIG_FEATURE_TELNETD_INETD_WAIT is not set CONFIG_TFTP=y CONFIG_FEATURE_TFTP_PROGRESS_BAR=y @@ -972,6 +995,7 @@ CONFIG_VCONFIG=y CONFIG_WGET=y CONFIG_FEATURE_WGET_LONG_OPTIONS=y # CONFIG_FEATURE_WGET_STATUSBAR is not set +CONFIG_FEATURE_WGET_FTP=y # CONFIG_FEATURE_WGET_AUTHENTICATION is not set CONFIG_FEATURE_WGET_TIMEOUT=y CONFIG_FEATURE_WGET_HTTPS=y @@ -988,6 +1012,7 @@ CONFIG_UDHCPC=y CONFIG_FEATURE_UDHCPC_ARPING=y CONFIG_FEATURE_UDHCPC_SANITIZEOPT=y CONFIG_UDHCPC_DEFAULT_SCRIPT="/sbin/config-dhcp.sh" +CONFIG_UDHCPC6_DEFAULT_SCRIPT="" # CONFIG_UDHCPC6 is not set # CONFIG_FEATURE_UDHCPC6_RFC3646 is not set # CONFIG_FEATURE_UDHCPC6_RFC4704 is not set @@ -997,6 +1022,7 @@ CONFIG_UDHCPC_DEFAULT_SCRIPT="/sbin/config-dhcp.sh" # # Common options for DHCP applets # +CONFIG_UDHCPC_DEFAULT_INTERFACE="eth0" # CONFIG_FEATURE_UDHCP_PORT is not set CONFIG_UDHCP_DEBUG=9 CONFIG_UDHCPC_SLACK_FOR_BUGGY_SERVERS=80 @@ -1014,17 +1040,19 @@ CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS="" # # Mail Utilities # +CONFIG_FEATURE_MIME_CHARSET="" # CONFIG_MAKEMIME is not set # CONFIG_POPMAILDIR is not set # CONFIG_FEATURE_POPMAILDIR_DELIVERY is not set # CONFIG_REFORMIME is not set # CONFIG_FEATURE_REFORMIME_COMPAT is not set # CONFIG_SENDMAIL is not set -CONFIG_FEATURE_MIME_CHARSET="" # # Process Utilities # +# CONFIG_FEATURE_FAST_TOP is not set +CONFIG_FEATURE_SHOW_THREADS=y # CONFIG_FREE is not set # CONFIG_FUSER is not set # CONFIG_IOSTAT is not set @@ -1063,7 +1091,6 @@ CONFIG_FEATURE_TOPMEM=y # CONFIG_UPTIME is not set # CONFIG_FEATURE_UPTIME_UTMP_SUPPORT is not set # CONFIG_WATCH is not set -CONFIG_FEATURE_SHOW_THREADS=y # # Runit Utilities @@ -1103,7 +1130,7 @@ CONFIG_SH_IS_ASH=y # CONFIG_SH_IS_NONE is not set # CONFIG_BASH_IS_ASH is not set # CONFIG_BASH_IS_HUSH is not set -# CONFIG_BASH_IS_NONE is not set +CONFIG_BASH_IS_NONE=y CONFIG_SHELL_ASH=y CONFIG_ASH=y CONFIG_ASH_OPTIMIZE_FOR_SIZE=y @@ -1120,6 +1147,7 @@ CONFIG_ASH_EXPAND_PRMT=y CONFIG_ASH_ECHO=y CONFIG_ASH_PRINTF=y CONFIG_ASH_TEST=y +CONFIG_ASH_SLEEP=y CONFIG_ASH_HELP=y CONFIG_ASH_GETOPTS=y CONFIG_ASH_CMDCMD=y @@ -1128,8 +1156,8 @@ CONFIG_ASH_CMDCMD=y # CONFIG_SHELL_HUSH is not set # CONFIG_HUSH_BASH_COMPAT is not set # CONFIG_HUSH_BRACE_EXPANSION is not set -# CONFIG_HUSH_LINENO_VAR is not set # CONFIG_HUSH_BASH_SOURCE_CURDIR is not set +# CONFIG_HUSH_LINENO_VAR is not set # CONFIG_HUSH_INTERACTIVE is not set # CONFIG_HUSH_SAVEHISTORY is not set # CONFIG_HUSH_JOB is not set diff --git a/config/coreboot-librem_13v2.config b/config/coreboot-librem_13v2.config index dedd8e612..512cd7049 100644 --- a/config/coreboot-librem_13v2.config +++ b/config/coreboot-librem_13v2.config @@ -6,6 +6,7 @@ CONFIG_BOARD_PURISM_LIBREM13_V2=y CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS=y CONFIG_CPU_UCODE_BINARIES="3rdparty/purism-blobs/mainboard/purism/librem_skl/cpu_microcode_blob.bin" CONFIG_HAVE_ME_BIN=y +CONFIG_NO_GFX_INIT=y CONFIG_TPM_MEASURED_BOOT=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage" diff --git a/config/coreboot-librem_13v4.config b/config/coreboot-librem_13v4.config index 827474d50..ef583ca99 100644 --- a/config/coreboot-librem_13v4.config +++ b/config/coreboot-librem_13v4.config @@ -6,6 +6,7 @@ CONFIG_BOARD_PURISM_LIBREM13_V4=y CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS=y CONFIG_CPU_UCODE_BINARIES="3rdparty/purism-blobs/mainboard/purism/librem_kbl/cpu_microcode_blob.bin" CONFIG_HAVE_ME_BIN=y +CONFIG_NO_GFX_INIT=y CONFIG_TPM_MEASURED_BOOT=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage" diff --git a/config/coreboot-librem_14.config b/config/coreboot-librem_14.config index 82c31b2ce..871a9afd6 100644 --- a/config/coreboot-librem_14.config +++ b/config/coreboot-librem_14.config @@ -6,6 +6,7 @@ CONFIG_BOARD_PURISM_LIBREM_14=y CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS=y CONFIG_CPU_UCODE_BINARIES="3rdparty/purism-blobs/mainboard/purism/librem_cnl/cpu_microcode_blob.bin" CONFIG_HAVE_ME_BIN=y +CONFIG_NO_GFX_INIT=y CONFIG_TPM_MEASURED_BOOT=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage" diff --git a/config/coreboot-librem_15v3.config b/config/coreboot-librem_15v3.config index 0e2848f11..f9e088f6e 100644 --- a/config/coreboot-librem_15v3.config +++ b/config/coreboot-librem_15v3.config @@ -6,6 +6,7 @@ CONFIG_BOARD_PURISM_LIBREM15_V3=y CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS=y CONFIG_CPU_UCODE_BINARIES="3rdparty/purism-blobs/mainboard/purism/librem_skl/cpu_microcode_blob.bin" CONFIG_HAVE_ME_BIN=y +CONFIG_NO_GFX_INIT=y CONFIG_TPM_MEASURED_BOOT=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage" diff --git a/config/coreboot-librem_15v4.config b/config/coreboot-librem_15v4.config index 3255bc5a5..26ab7cfd4 100644 --- a/config/coreboot-librem_15v4.config +++ b/config/coreboot-librem_15v4.config @@ -6,6 +6,7 @@ CONFIG_BOARD_PURISM_LIBREM15_V4=y CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS=y CONFIG_CPU_UCODE_BINARIES="3rdparty/purism-blobs/mainboard/purism/librem_kbl/cpu_microcode_blob.bin" CONFIG_HAVE_ME_BIN=y +CONFIG_NO_GFX_INIT=y CONFIG_TPM_MEASURED_BOOT=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage" diff --git a/config/coreboot-librem_mini.config b/config/coreboot-librem_mini.config index fb1f425a7..71b2b7dca 100644 --- a/config/coreboot-librem_mini.config +++ b/config/coreboot-librem_mini.config @@ -8,6 +8,7 @@ CONFIG_BOARD_PURISM_LIBREM_MINI=y CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS=y CONFIG_CPU_UCODE_BINARIES="3rdparty/purism-blobs/mainboard/purism/librem_cnl/cpu_microcode_blob.bin" CONFIG_HAVE_ME_BIN=y +CONFIG_NO_GFX_INIT=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage" CONFIG_LINUX_INITRD="@BOARD_BUILD_DIR@/initrd.cpio.xz" diff --git a/config/coreboot-librem_mini_v2.config b/config/coreboot-librem_mini_v2.config index a6fce2fe4..849851694 100644 --- a/config/coreboot-librem_mini_v2.config +++ b/config/coreboot-librem_mini_v2.config @@ -7,6 +7,7 @@ CONFIG_BOARD_PURISM_LIBREM_MINI_V2=y CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS=y CONFIG_CPU_UCODE_BINARIES="3rdparty/purism-blobs/mainboard/purism/librem_cnl/cpu_microcode_blob.bin" CONFIG_HAVE_ME_BIN=y +CONFIG_NO_GFX_INIT=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage" CONFIG_LINUX_INITRD="@BOARD_BUILD_DIR@/initrd.cpio.xz" diff --git a/config/coreboot-t440p.config b/config/coreboot-t440p.config index a6140b852..c70c0e6a6 100644 --- a/config/coreboot-t440p.config +++ b/config/coreboot-t440p.config @@ -13,6 +13,7 @@ CONFIG_HAVE_MRC=y CONFIG_MRC_FILE="@BLOB_DIR@/haswell/mrc.bin" CONFIG_HAVE_ME_BIN=y CONFIG_HAVE_GBE_BIN=y +CONFIG_NO_GFX_INIT=y CONFIG_PAYLOAD_LINUX=y CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage" CONFIG_LINUX_INITRD="@BOARD_BUILD_DIR@/initrd.cpio.xz" diff --git a/config/linux-qemu.config b/config/linux-qemu.config index db48bd46d..cf5a42d7d 100644 --- a/config/linux-qemu.config +++ b/config/linux-qemu.config @@ -157,7 +157,12 @@ CONFIG_CGROUP_DEVICE=y CONFIG_CGROUP_CPUACCT=y CONFIG_CGROUP_PERF=y CONFIG_CGROUP_DEBUG=y -# CONFIG_NAMESPACES is not set +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_TIME_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y # CONFIG_CHECKPOINT_RESTORE is not set # CONFIG_SCHED_AUTOGROUP is not set # CONFIG_SYSFS_DEPRECATED is not set @@ -355,7 +360,7 @@ CONFIG_X86_IOPL_IOPERM=y CONFIG_MICROCODE=y CONFIG_MICROCODE_INTEL=y # CONFIG_MICROCODE_AMD is not set -CONFIG_MICROCODE_OLD_INTERFACE=y +# CONFIG_MICROCODE_OLD_INTERFACE is not set CONFIG_X86_MSR=y # CONFIG_X86_CPUID is not set # CONFIG_X86_5LEVEL is not set @@ -614,7 +619,8 @@ CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION=y CONFIG_ARCH_WANT_OLD_COMPAT_IPC=y CONFIG_HAVE_ARCH_SECCOMP=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y -# CONFIG_SECCOMP is not set +CONFIG_SECCOMP=y +CONFIG_SECCOMP_FILTER=y CONFIG_HAVE_ARCH_STACKLEAK=y CONFIG_HAVE_STACKPROTECTOR=y CONFIG_STACKPROTECTOR=y @@ -708,12 +714,11 @@ CONFIG_BLK_MQ_VIRTIO=y # # IO Schedulers # -CONFIG_MQ_IOSCHED_DEADLINE=y -CONFIG_MQ_IOSCHED_KYBER=y +# CONFIG_MQ_IOSCHED_DEADLINE is not set +# CONFIG_MQ_IOSCHED_KYBER is not set # CONFIG_IOSCHED_BFQ is not set # end of IO Schedulers -CONFIG_ASN1=m CONFIG_INLINE_SPIN_UNLOCK_IRQ=y CONFIG_INLINE_READ_UNLOCK=y CONFIG_INLINE_READ_UNLOCK_IRQ=y @@ -1896,10 +1901,6 @@ CONFIG_DRM_FBDEV_OVERALLOC=100 # CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM is not set # CONFIG_DRM_LOAD_EDID_FIRMWARE is not set # CONFIG_DRM_DP_CEC is not set -CONFIG_DRM_TTM=y -CONFIG_DRM_TTM_DMA_PAGE_POOL=y -CONFIG_DRM_VRAM_HELPER=y -CONFIG_DRM_TTM_HELPER=y CONFIG_DRM_GEM_SHMEM_HELPER=y # @@ -1928,7 +1929,7 @@ CONFIG_DRM_GEM_SHMEM_HELPER=y # CONFIG_DRM_AST is not set # CONFIG_DRM_MGAG200 is not set # CONFIG_DRM_QXL is not set -CONFIG_DRM_BOCHS=y +# CONFIG_DRM_BOCHS is not set CONFIG_DRM_VIRTIO_GPU=y CONFIG_DRM_PANEL=y @@ -2013,7 +2014,7 @@ CONFIG_FB_DEFERRED_IO=y # CONFIG_FB_VIRTUAL is not set # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set -CONFIG_FB_SIMPLE=y +# CONFIG_FB_SIMPLE is not set # CONFIG_FB_SM712 is not set # end of Frame buffer Devices @@ -2807,18 +2808,14 @@ CONFIG_CRYPTO_SKCIPHER=y CONFIG_CRYPTO_SKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y -CONFIG_CRYPTO_RNG=y CONFIG_CRYPTO_RNG2=y -CONFIG_CRYPTO_RNG_DEFAULT=m CONFIG_CRYPTO_AKCIPHER2=y -CONFIG_CRYPTO_AKCIPHER=m CONFIG_CRYPTO_KPP2=y CONFIG_CRYPTO_ACOMP2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y CONFIG_CRYPTO_USER=y CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y -CONFIG_CRYPTO_GF128MUL=y CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_NULL2=y # CONFIG_CRYPTO_PCRYPT is not set @@ -2831,7 +2828,7 @@ CONFIG_CRYPTO_GLUE_HELPER_X86=y # # Public-key cryptography # -CONFIG_CRYPTO_RSA=m +# CONFIG_CRYPTO_RSA is not set # CONFIG_CRYPTO_DH is not set # CONFIG_CRYPTO_ECDH is not set # CONFIG_CRYPTO_ECRDSA is not set @@ -2842,27 +2839,27 @@ CONFIG_CRYPTO_RSA=m # # Authenticated Encryption with Associated Data # -CONFIG_CRYPTO_CCM=m -CONFIG_CRYPTO_GCM=m -CONFIG_CRYPTO_CHACHA20POLY1305=m +# CONFIG_CRYPTO_CCM is not set +# CONFIG_CRYPTO_GCM is not set +# CONFIG_CRYPTO_CHACHA20POLY1305 is not set # CONFIG_CRYPTO_AEGIS128 is not set # CONFIG_CRYPTO_AEGIS128_AESNI_SSE2 is not set -CONFIG_CRYPTO_SEQIV=m -CONFIG_CRYPTO_ECHAINIV=m +# CONFIG_CRYPTO_SEQIV is not set +# CONFIG_CRYPTO_ECHAINIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CFB is not set -CONFIG_CRYPTO_CTR=m -CONFIG_CRYPTO_CTS=m +# CONFIG_CRYPTO_CTR is not set +# CONFIG_CRYPTO_CTS is not set CONFIG_CRYPTO_ECB=y -CONFIG_CRYPTO_LRW=y +# CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_OFB is not set -CONFIG_CRYPTO_PCBC=m +# CONFIG_CRYPTO_PCBC is not set CONFIG_CRYPTO_XTS=y -CONFIG_CRYPTO_KEYWRAP=m +# CONFIG_CRYPTO_KEYWRAP is not set # CONFIG_CRYPTO_NHPOLY1305_SSE2 is not set # CONFIG_CRYPTO_NHPOLY1305_AVX2 is not set # CONFIG_CRYPTO_ADIANTUM is not set @@ -2871,34 +2868,33 @@ CONFIG_CRYPTO_ESSIV=y # # Hash modes # -CONFIG_CRYPTO_CMAC=m -CONFIG_CRYPTO_HMAC=y -CONFIG_CRYPTO_XCBC=m -CONFIG_CRYPTO_VMAC=m +# CONFIG_CRYPTO_CMAC is not set +# CONFIG_CRYPTO_HMAC is not set +# CONFIG_CRYPTO_XCBC is not set +# CONFIG_CRYPTO_VMAC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y CONFIG_CRYPTO_CRC32C_INTEL=y -CONFIG_CRYPTO_CRC32=m -CONFIG_CRYPTO_CRC32_PCLMUL=m +# CONFIG_CRYPTO_CRC32 is not set +# CONFIG_CRYPTO_CRC32_PCLMUL is not set # CONFIG_CRYPTO_XXHASH is not set # CONFIG_CRYPTO_BLAKE2B is not set # CONFIG_CRYPTO_BLAKE2S is not set # CONFIG_CRYPTO_BLAKE2S_X86 is not set -CONFIG_CRYPTO_CRCT10DIF=y -CONFIG_CRYPTO_CRCT10DIF_PCLMUL=m -CONFIG_CRYPTO_GHASH=m -CONFIG_CRYPTO_POLY1305=m -CONFIG_CRYPTO_POLY1305_X86_64=m -CONFIG_CRYPTO_MD4=m +# CONFIG_CRYPTO_CRCT10DIF is not set +# CONFIG_CRYPTO_GHASH is not set +# CONFIG_CRYPTO_POLY1305 is not set +# CONFIG_CRYPTO_POLY1305_X86_64 is not set +# CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y -CONFIG_CRYPTO_MICHAEL_MIC=m -CONFIG_CRYPTO_RMD128=m -CONFIG_CRYPTO_RMD160=m -CONFIG_CRYPTO_RMD256=m -CONFIG_CRYPTO_RMD320=m +# CONFIG_CRYPTO_MICHAEL_MIC is not set +# CONFIG_CRYPTO_RMD128 is not set +# CONFIG_CRYPTO_RMD160 is not set +# CONFIG_CRYPTO_RMD256 is not set +# CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y CONFIG_CRYPTO_SHA1_SSSE3=y CONFIG_CRYPTO_SHA256_SSSE3=y @@ -2908,77 +2904,65 @@ CONFIG_CRYPTO_SHA512=y # CONFIG_CRYPTO_SHA3 is not set # CONFIG_CRYPTO_SM3 is not set # CONFIG_CRYPTO_STREEBOG is not set -CONFIG_CRYPTO_TGR192=m -CONFIG_CRYPTO_WP512=m -CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m +# CONFIG_CRYPTO_TGR192 is not set +# CONFIG_CRYPTO_WP512 is not set +# CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL is not set # # Ciphers # CONFIG_CRYPTO_AES=y -# CONFIG_CRYPTO_AES_TI is not set +CONFIG_CRYPTO_AES_TI=y CONFIG_CRYPTO_AES_NI_INTEL=y -CONFIG_CRYPTO_ANUBIS=m -CONFIG_CRYPTO_ARC4=m -CONFIG_CRYPTO_BLOWFISH=m -CONFIG_CRYPTO_BLOWFISH_COMMON=m -CONFIG_CRYPTO_BLOWFISH_X86_64=m -CONFIG_CRYPTO_CAMELLIA=m -CONFIG_CRYPTO_CAMELLIA_X86_64=m -CONFIG_CRYPTO_CAMELLIA_AESNI_AVX_X86_64=m -CONFIG_CRYPTO_CAMELLIA_AESNI_AVX2_X86_64=m -CONFIG_CRYPTO_CAST_COMMON=m -CONFIG_CRYPTO_CAST5=m -CONFIG_CRYPTO_CAST5_AVX_X86_64=m -CONFIG_CRYPTO_CAST6=m -CONFIG_CRYPTO_CAST6_AVX_X86_64=m -CONFIG_CRYPTO_DES=m -CONFIG_CRYPTO_DES3_EDE_X86_64=m -CONFIG_CRYPTO_FCRYPT=m -CONFIG_CRYPTO_KHAZAD=m -CONFIG_CRYPTO_SALSA20=m -CONFIG_CRYPTO_CHACHA20=m -CONFIG_CRYPTO_CHACHA20_X86_64=m -CONFIG_CRYPTO_SEED=m -CONFIG_CRYPTO_SERPENT=m -CONFIG_CRYPTO_SERPENT_SSE2_X86_64=m -CONFIG_CRYPTO_SERPENT_AVX_X86_64=m -CONFIG_CRYPTO_SERPENT_AVX2_X86_64=m +# CONFIG_CRYPTO_BLOWFISH is not set +# CONFIG_CRYPTO_BLOWFISH_X86_64 is not set +# CONFIG_CRYPTO_CAMELLIA is not set +# CONFIG_CRYPTO_CAMELLIA_X86_64 is not set +# CONFIG_CRYPTO_CAMELLIA_AESNI_AVX_X86_64 is not set +# CONFIG_CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 is not set +# CONFIG_CRYPTO_CAST5 is not set +# CONFIG_CRYPTO_CAST5_AVX_X86_64 is not set +# CONFIG_CRYPTO_CAST6 is not set +# CONFIG_CRYPTO_CAST6_AVX_X86_64 is not set +# CONFIG_CRYPTO_DES is not set +# CONFIG_CRYPTO_DES3_EDE_X86_64 is not set +# CONFIG_CRYPTO_FCRYPT is not set +# CONFIG_CRYPTO_SALSA20 is not set +# CONFIG_CRYPTO_CHACHA20 is not set +# CONFIG_CRYPTO_CHACHA20_X86_64 is not set +CONFIG_CRYPTO_SERPENT=y +CONFIG_CRYPTO_SERPENT_SSE2_X86_64=y +CONFIG_CRYPTO_SERPENT_AVX_X86_64=y +CONFIG_CRYPTO_SERPENT_AVX2_X86_64=y # CONFIG_CRYPTO_SM4 is not set -CONFIG_CRYPTO_TEA=m -CONFIG_CRYPTO_TWOFISH=m -CONFIG_CRYPTO_TWOFISH_COMMON=m -CONFIG_CRYPTO_TWOFISH_X86_64=m -CONFIG_CRYPTO_TWOFISH_X86_64_3WAY=m -CONFIG_CRYPTO_TWOFISH_AVX_X86_64=m +# CONFIG_CRYPTO_TWOFISH is not set +CONFIG_CRYPTO_TWOFISH_COMMON=y +CONFIG_CRYPTO_TWOFISH_X86_64=y +CONFIG_CRYPTO_TWOFISH_X86_64_3WAY=y +CONFIG_CRYPTO_TWOFISH_AVX_X86_64=y # # Compression # -CONFIG_CRYPTO_DEFLATE=m -CONFIG_CRYPTO_LZO=y -CONFIG_CRYPTO_842=m -CONFIG_CRYPTO_LZ4=m -CONFIG_CRYPTO_LZ4HC=m +# CONFIG_CRYPTO_DEFLATE is not set +# CONFIG_CRYPTO_LZO is not set +# CONFIG_CRYPTO_842 is not set +# CONFIG_CRYPTO_LZ4 is not set +# CONFIG_CRYPTO_LZ4HC is not set # CONFIG_CRYPTO_ZSTD is not set # # Random Number Generation # -CONFIG_CRYPTO_ANSI_CPRNG=m -CONFIG_CRYPTO_DRBG_MENU=m -CONFIG_CRYPTO_DRBG_HMAC=y -CONFIG_CRYPTO_DRBG_HASH=y -CONFIG_CRYPTO_DRBG_CTR=y -CONFIG_CRYPTO_DRBG=m -CONFIG_CRYPTO_JITTERENTROPY=m +# CONFIG_CRYPTO_ANSI_CPRNG is not set +# CONFIG_CRYPTO_DRBG_MENU is not set +# CONFIG_CRYPTO_JITTERENTROPY is not set CONFIG_CRYPTO_USER_API=y CONFIG_CRYPTO_USER_API_HASH=y CONFIG_CRYPTO_USER_API_SKCIPHER=y -CONFIG_CRYPTO_USER_API_RNG=y -# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set +# CONFIG_CRYPTO_USER_API_RNG is not set CONFIG_CRYPTO_USER_API_AEAD=y -CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y +# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE is not set # CONFIG_CRYPTO_STATS is not set CONFIG_CRYPTO_HASH_INFO=y @@ -2986,16 +2970,10 @@ CONFIG_CRYPTO_HASH_INFO=y # Crypto library routines # CONFIG_CRYPTO_LIB_AES=y -CONFIG_CRYPTO_LIB_ARC4=m # CONFIG_CRYPTO_LIB_BLAKE2S is not set -CONFIG_CRYPTO_ARCH_HAVE_LIB_CHACHA=m -CONFIG_CRYPTO_LIB_CHACHA_GENERIC=m # CONFIG_CRYPTO_LIB_CHACHA is not set # CONFIG_CRYPTO_LIB_CURVE25519 is not set -CONFIG_CRYPTO_LIB_DES=m CONFIG_CRYPTO_LIB_POLY1305_RSIZE=11 -CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305=m -CONFIG_CRYPTO_LIB_POLY1305_GENERIC=m # CONFIG_CRYPTO_LIB_POLY1305 is not set # CONFIG_CRYPTO_LIB_CHACHA20POLY1305 is not set CONFIG_CRYPTO_LIB_SHA256=y @@ -3015,7 +2993,7 @@ CONFIG_GENERIC_STRNCPY_FROM_USER=y CONFIG_GENERIC_STRNLEN_USER=y CONFIG_GENERIC_NET_UTILS=y CONFIG_GENERIC_FIND_FIRST_BIT=y -CONFIG_CORDIC=m +# CONFIG_CORDIC is not set # CONFIG_PRIME_NUMBERS is not set CONFIG_RATIONAL=y CONFIG_GENERIC_PCI_IOMAP=y @@ -3023,10 +3001,10 @@ CONFIG_GENERIC_IOMAP=y CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y CONFIG_ARCH_HAS_FAST_MULTIPLIER=y CONFIG_ARCH_USE_SYM_ANNOTATIONS=y -CONFIG_CRC_CCITT=m +# CONFIG_CRC_CCITT is not set CONFIG_CRC16=y -CONFIG_CRC_T10DIF=y -CONFIG_CRC_ITU_T=m +# CONFIG_CRC_T10DIF is not set +# CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC32_SELFTEST is not set CONFIG_CRC32_SLICEBY8=y @@ -3035,30 +3013,21 @@ CONFIG_CRC32_SLICEBY8=y # CONFIG_CRC32_BIT is not set # CONFIG_CRC64 is not set # CONFIG_CRC4 is not set -CONFIG_CRC7=m +# CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y -CONFIG_CRC8=m +# CONFIG_CRC8 is not set CONFIG_XXHASH=y # CONFIG_RANDOM32_SELFTEST is not set -CONFIG_842_COMPRESS=m -CONFIG_842_DECOMPRESS=m -CONFIG_ZLIB_INFLATE=m -CONFIG_ZLIB_DEFLATE=m -CONFIG_LZO_COMPRESS=y -CONFIG_LZO_DECOMPRESS=y -CONFIG_LZ4_COMPRESS=m -CONFIG_LZ4HC_COMPRESS=m -CONFIG_LZ4_DECOMPRESS=m CONFIG_ZSTD_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y CONFIG_XZ_DEC_POWERPC=y -CONFIG_XZ_DEC_IA64=y -CONFIG_XZ_DEC_ARM=y -CONFIG_XZ_DEC_ARMTHUMB=y -CONFIG_XZ_DEC_SPARC=y +# CONFIG_XZ_DEC_IA64 is not set +# CONFIG_XZ_DEC_ARM is not set +# CONFIG_XZ_DEC_ARMTHUMB is not set +# CONFIG_XZ_DEC_SPARC is not set CONFIG_XZ_DEC_BCJ=y -CONFIG_XZ_DEC_TEST=m +# CONFIG_XZ_DEC_TEST is not set CONFIG_DECOMPRESS_XZ=y CONFIG_DECOMPRESS_ZSTD=y CONFIG_GENERIC_ALLOCATOR=y @@ -3081,9 +3050,7 @@ CONFIG_DQL=y CONFIG_GLOB=y # CONFIG_GLOB_SELFTEST is not set CONFIG_NLATTR=y -CONFIG_CLZ_TAB=y CONFIG_IRQ_POLL=y -CONFIG_MPILIB=m CONFIG_HAVE_GENERIC_VDSO=y CONFIG_GENERIC_GETTIMEOFDAY=y CONFIG_GENERIC_VDSO_TIME_NS=y diff --git a/config/linux-x230-flash.config b/config/linux-x230-flash.config index 72151e3b0..24d611f66 100644 --- a/config/linux-x230-flash.config +++ b/config/linux-x230-flash.config @@ -347,8 +347,8 @@ CONFIG_HOTPLUG_CPU=y # CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set # CONFIG_DEBUG_HOTPLUG_CPU0 is not set # CONFIG_LEGACY_VSYSCALL_EMULATE is not set -CONFIG_LEGACY_VSYSCALL_XONLY=y -# CONFIG_LEGACY_VSYSCALL_NONE is not set +# CONFIG_LEGACY_VSYSCALL_XONLY is not set +CONFIG_LEGACY_VSYSCALL_NONE=y # CONFIG_CMDLINE_BOOL is not set # CONFIG_MODIFY_LDT_SYSCALL is not set CONFIG_HAVE_LIVEPATCH=y @@ -2375,7 +2375,7 @@ CONFIG_LIBCRC32C=y CONFIG_ZLIB_DEFLATE=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y -CONFIG_XZ_DEC_POWERPC=y +# CONFIG_XZ_DEC_POWERPC is not set # CONFIG_XZ_DEC_IA64 is not set # CONFIG_XZ_DEC_ARM is not set # CONFIG_XZ_DEC_ARMTHUMB is not set diff --git a/config/linux-x230-legacy.config b/config/linux-x230-legacy.config index 69ec555a4..09f9e3903 100644 --- a/config/linux-x230-legacy.config +++ b/config/linux-x230-legacy.config @@ -1178,7 +1178,7 @@ CONFIG_ETHERNET=y # CONFIG_NET_VENDOR_I825XX is not set CONFIG_NET_VENDOR_INTEL=y # CONFIG_E100 is not set -# CONFIG_E1000 is not set +CONFIG_E1000=m CONFIG_E1000E=m CONFIG_E1000E_HWTS=y # CONFIG_IGB is not set @@ -1875,7 +1875,7 @@ CONFIG_DUMMY_CONSOLE_ROWS=25 CONFIG_FRAMEBUFFER_CONSOLE=y CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y # CONFIG_FRAMEBUFFER_CONSOLE_ROTATION is not set -CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER=y +# CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER is not set # end of Console display driver support # CONFIG_LOGO is not set @@ -2148,7 +2148,8 @@ CONFIG_RTC_MC146818_LIB=y CONFIG_RTC_CLASS=y CONFIG_RTC_HCTOSYS=y CONFIG_RTC_HCTOSYS_DEVICE="rtc0" -# CONFIG_RTC_SYSTOHC is not set +CONFIG_RTC_SYSTOHC=y +CONFIG_RTC_SYSTOHC_DEVICE="rtc0" # CONFIG_RTC_DEBUG is not set CONFIG_RTC_NVMEM=y @@ -2624,20 +2625,23 @@ CONFIG_CRYPTO_SKCIPHER=y CONFIG_CRYPTO_SKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_AKCIPHER2=y CONFIG_CRYPTO_KPP2=y CONFIG_CRYPTO_ACOMP2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y -# CONFIG_CRYPTO_USER is not set +CONFIG_CRYPTO_USER=y CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_NULL2=y # CONFIG_CRYPTO_PCRYPT is not set -# CONFIG_CRYPTO_CRYPTD is not set +CONFIG_CRYPTO_CRYPTD=y CONFIG_CRYPTO_AUTHENC=y # CONFIG_CRYPTO_TEST is not set +CONFIG_CRYPTO_SIMD=y +CONFIG_CRYPTO_GLUE_HELPER_X86=y # # Public-key cryptography @@ -2668,11 +2672,11 @@ CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CFB is not set # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set -# CONFIG_CRYPTO_ECB is not set +CONFIG_CRYPTO_ECB=y # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_OFB is not set # CONFIG_CRYPTO_PCBC is not set -# CONFIG_CRYPTO_XTS is not set +CONFIG_CRYPTO_XTS=y # CONFIG_CRYPTO_KEYWRAP is not set # CONFIG_CRYPTO_NHPOLY1305_SSE2 is not set # CONFIG_CRYPTO_NHPOLY1305_AVX2 is not set @@ -2683,7 +2687,7 @@ CONFIG_CRYPTO_ESSIV=y # Hash modes # # CONFIG_CRYPTO_CMAC is not set -# CONFIG_CRYPTO_HMAC is not set +CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_VMAC is not set @@ -2727,7 +2731,7 @@ CONFIG_CRYPTO_SHA512=y # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_TI is not set -# CONFIG_CRYPTO_AES_NI_INTEL is not set +CONFIG_CRYPTO_AES_NI_INTEL=y # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_BLOWFISH_X86_64 is not set # CONFIG_CRYPTO_CAMELLIA is not set @@ -2770,15 +2774,19 @@ CONFIG_CRYPTO_SHA512=y # CONFIG_CRYPTO_ANSI_CPRNG is not set # CONFIG_CRYPTO_DRBG_MENU is not set # CONFIG_CRYPTO_JITTERENTROPY is not set -# CONFIG_CRYPTO_USER_API_HASH is not set -# CONFIG_CRYPTO_USER_API_SKCIPHER is not set -# CONFIG_CRYPTO_USER_API_RNG is not set -# CONFIG_CRYPTO_USER_API_AEAD is not set +CONFIG_CRYPTO_USER_API=y +CONFIG_CRYPTO_USER_API_HASH=y +CONFIG_CRYPTO_USER_API_SKCIPHER=y +CONFIG_CRYPTO_USER_API_RNG=y +CONFIG_CRYPTO_USER_API_AEAD=y +# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE is not set +# CONFIG_CRYPTO_STATS is not set CONFIG_CRYPTO_HASH_INFO=y # # Crypto library routines # +CONFIG_CRYPTO_LIB_AES=y # CONFIG_CRYPTO_LIB_BLAKE2S is not set # CONFIG_CRYPTO_LIB_CHACHA is not set # CONFIG_CRYPTO_LIB_CURVE25519 is not set @@ -2829,7 +2837,7 @@ CONFIG_LIBCRC32C=y CONFIG_ZLIB_DEFLATE=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y -CONFIG_XZ_DEC_POWERPC=y +# CONFIG_XZ_DEC_POWERPC is not set # CONFIG_XZ_DEC_IA64 is not set # CONFIG_XZ_DEC_ARM is not set # CONFIG_XZ_DEC_ARMTHUMB is not set diff --git a/config/linux-x230-maximized.config b/config/linux-x230-maximized.config index 3b9ba7ec3..46d8594ba 100644 --- a/config/linux-x230-maximized.config +++ b/config/linux-x230-maximized.config @@ -1123,6 +1123,7 @@ CONFIG_DM_VERITY_FEC=y # CONFIG_MACINTOSH_DRIVERS is not set CONFIG_NETDEVICES=y +CONFIG_MII=m CONFIG_NET_CORE=y # CONFIG_BONDING is not set # CONFIG_DUMMY is not set @@ -1244,7 +1245,48 @@ CONFIG_E1000E_HWTS=y # CONFIG_PPP is not set # CONFIG_SLIP is not set -# CONFIG_USB_NET_DRIVERS is not set +CONFIG_USB_NET_DRIVERS=m +# CONFIG_USB_CATC is not set +# CONFIG_USB_KAWETH is not set +# CONFIG_USB_PEGASUS is not set +# CONFIG_USB_RTL8150 is not set +# CONFIG_USB_RTL8152 is not set +# CONFIG_USB_LAN78XX is not set +CONFIG_USB_USBNET=m +# CONFIG_USB_NET_AX8817X is not set +# CONFIG_USB_NET_AX88179_178A is not set +CONFIG_USB_NET_CDCETHER=m +CONFIG_USB_NET_CDC_EEM=m +# CONFIG_USB_NET_CDC_NCM is not set +# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set +# CONFIG_USB_NET_CDC_MBIM is not set +# CONFIG_USB_NET_DM9601 is not set +# CONFIG_USB_NET_SR9700 is not set +# CONFIG_USB_NET_SR9800 is not set +# CONFIG_USB_NET_SMSC75XX is not set +# CONFIG_USB_NET_SMSC95XX is not set +# CONFIG_USB_NET_GL620A is not set +# CONFIG_USB_NET_NET1080 is not set +# CONFIG_USB_NET_PLUSB is not set +# CONFIG_USB_NET_MCS7830 is not set +CONFIG_USB_NET_RNDIS_HOST=m +CONFIG_USB_NET_CDC_SUBSET=m +# CONFIG_USB_ALI_M5632 is not set +# CONFIG_USB_AN2720 is not set +# CONFIG_USB_BELKIN is not set +# CONFIG_USB_ARMLINUX is not set +# CONFIG_USB_EPSON2888 is not set +# CONFIG_USB_KC2190 is not set +# CONFIG_USB_NET_ZAURUS is not set +# CONFIG_USB_NET_CX82310_ETH is not set +# CONFIG_USB_NET_KALMIA is not set +# CONFIG_USB_NET_QMI_WWAN is not set +# CONFIG_USB_NET_INT51X1 is not set +# CONFIG_USB_IPHETH is not set +# CONFIG_USB_SIERRA_NET is not set +# CONFIG_USB_VL600 is not set +# CONFIG_USB_NET_CH9200 is not set +# CONFIG_USB_NET_AQC111 is not set # CONFIG_WLAN is not set # @@ -1901,7 +1943,7 @@ CONFIG_DUMMY_CONSOLE_ROWS=25 CONFIG_FRAMEBUFFER_CONSOLE=y CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y # CONFIG_FRAMEBUFFER_CONSOLE_ROTATION is not set -CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER=y +# CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER is not set # end of Console display driver support # CONFIG_LOGO is not set @@ -2198,7 +2240,8 @@ CONFIG_RTC_MC146818_LIB=y CONFIG_RTC_CLASS=y CONFIG_RTC_HCTOSYS=y CONFIG_RTC_HCTOSYS_DEVICE="rtc0" -# CONFIG_RTC_SYSTOHC is not set +CONFIG_RTC_SYSTOHC=y +CONFIG_RTC_SYSTOHC_DEVICE="rtc0" # CONFIG_RTC_DEBUG is not set CONFIG_RTC_NVMEM=y @@ -2674,20 +2717,23 @@ CONFIG_CRYPTO_SKCIPHER=y CONFIG_CRYPTO_SKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_AKCIPHER2=y CONFIG_CRYPTO_KPP2=y CONFIG_CRYPTO_ACOMP2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y -# CONFIG_CRYPTO_USER is not set +CONFIG_CRYPTO_USER=y CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_NULL2=y # CONFIG_CRYPTO_PCRYPT is not set -# CONFIG_CRYPTO_CRYPTD is not set +CONFIG_CRYPTO_CRYPTD=y CONFIG_CRYPTO_AUTHENC=y # CONFIG_CRYPTO_TEST is not set +CONFIG_CRYPTO_SIMD=y +CONFIG_CRYPTO_GLUE_HELPER_X86=y # # Public-key cryptography @@ -2718,11 +2764,11 @@ CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CFB is not set # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set -# CONFIG_CRYPTO_ECB is not set +CONFIG_CRYPTO_ECB=y # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_OFB is not set # CONFIG_CRYPTO_PCBC is not set -# CONFIG_CRYPTO_XTS is not set +CONFIG_CRYPTO_XTS=y # CONFIG_CRYPTO_KEYWRAP is not set # CONFIG_CRYPTO_NHPOLY1305_SSE2 is not set # CONFIG_CRYPTO_NHPOLY1305_AVX2 is not set @@ -2733,7 +2779,7 @@ CONFIG_CRYPTO_ESSIV=y # Hash modes # # CONFIG_CRYPTO_CMAC is not set -# CONFIG_CRYPTO_HMAC is not set +CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_VMAC is not set @@ -2777,7 +2823,7 @@ CONFIG_CRYPTO_SHA512=y # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_TI is not set -# CONFIG_CRYPTO_AES_NI_INTEL is not set +CONFIG_CRYPTO_AES_NI_INTEL=y # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_BLOWFISH_X86_64 is not set # CONFIG_CRYPTO_CAMELLIA is not set @@ -2820,15 +2866,19 @@ CONFIG_CRYPTO_SHA512=y # CONFIG_CRYPTO_ANSI_CPRNG is not set # CONFIG_CRYPTO_DRBG_MENU is not set # CONFIG_CRYPTO_JITTERENTROPY is not set -# CONFIG_CRYPTO_USER_API_HASH is not set -# CONFIG_CRYPTO_USER_API_SKCIPHER is not set -# CONFIG_CRYPTO_USER_API_RNG is not set -# CONFIG_CRYPTO_USER_API_AEAD is not set +CONFIG_CRYPTO_USER_API=y +CONFIG_CRYPTO_USER_API_HASH=y +CONFIG_CRYPTO_USER_API_SKCIPHER=y +CONFIG_CRYPTO_USER_API_RNG=y +CONFIG_CRYPTO_USER_API_AEAD=y +# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE is not set +# CONFIG_CRYPTO_STATS is not set CONFIG_CRYPTO_HASH_INFO=y # # Crypto library routines # +CONFIG_CRYPTO_LIB_AES=y # CONFIG_CRYPTO_LIB_BLAKE2S is not set # CONFIG_CRYPTO_LIB_CHACHA is not set # CONFIG_CRYPTO_LIB_CURVE25519 is not set @@ -2879,7 +2929,7 @@ CONFIG_LIBCRC32C=y CONFIG_ZLIB_DEFLATE=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y -CONFIG_XZ_DEC_POWERPC=y +# CONFIG_XZ_DEC_POWERPC is not set # CONFIG_XZ_DEC_IA64 is not set # CONFIG_XZ_DEC_ARM is not set # CONFIG_XZ_DEC_ARMTHUMB is not set diff --git a/initrd/bin/kexec-boot b/initrd/bin/kexec-boot index 9577b3586..2ed6c8092 100755 --- a/initrd/bin/kexec-boot +++ b/initrd/bin/kexec-boot @@ -62,6 +62,7 @@ adjust_cmd_line() { } if [ "$CONFIG_DEBUG_OUTPUT" = "y" ];then + #If expecting debug output, have kexec load (-l) output debug info kexeccmd="$kexeccmd -d" fi diff --git a/initrd/bin/kexec-iso-init b/initrd/bin/kexec-iso-init index 0a3da0420..c62eb9b59 100755 --- a/initrd/bin/kexec-iso-init +++ b/initrd/bin/kexec-iso-init @@ -27,7 +27,8 @@ mount -t iso9660 -o loop $MOUNTED_ISO_PATH /boot \ || die '$MOUNTED_ISO_PATH: Unable to mount /boot' DEV_UUID=`blkid $DEV | tail -1 | tr " " "\n" | grep UUID | cut -d\" -f2` -ADD="fromiso=/dev/disk/by-uuid/$DEV_UUID/$ISO_PATH img_dev=/dev/disk/by-uuid/$DEV_UUID iso-scan/filename=/${ISO_PATH} img_loop=$ISO_PATH" +#ISO boot additional requirements to be passed to KERNEL_ADD can be seen at https://github.com/u-root/webboot/#currently-supported +ADD="fromiso=/dev/disk/by-uuid/$DEV_UUID/$ISO_PATH img_dev=/dev/disk/by-uuid/$DEV_UUID iso-scan/filename=/${ISO_PATH} img_loop=$ISO_PATH iso=$DEV_UUID/$ISO_PATH" REMOVE="" paramsdir="/media/kexec_iso/$ISO_PATH" @@ -47,7 +48,7 @@ if [ -r $REMOVE_FILE ]; then fi # Call kexec and indicate that hashes have been verified -kexec-select-boot -b /boot -d /media -p "$paramsdir" \ +DO_WITH_DEBUG kexec-select-boot -b /boot -d /media -p "$paramsdir" \ -a "$ADD" -r "$REMOVE" -c "*.cfg" -u -i die "Something failed in selecting boot" diff --git a/initrd/bin/kexec-parse-boot b/initrd/bin/kexec-parse-boot index ada8c13d4..d751b6332 100755 --- a/initrd/bin/kexec-parse-boot +++ b/initrd/bin/kexec-parse-boot @@ -38,7 +38,10 @@ check_path() { local checkpath firstval checkpath="$1" firstval="$(echo "$checkpath" | cut -d\ -f1)" - if ! [ -r "$bootdir$firstval" ]; then return 1; fi + if ! [ -r "$bootdir$firstval" ]; then + DEBUG "$bootdir$firstval doesn't exist" + return 1; + fi return 0 } diff --git a/initrd/bin/kexec-select-boot b/initrd/bin/kexec-select-boot index e58c7e59e..219b91de6 100755 --- a/initrd/bin/kexec-select-boot +++ b/initrd/bin/kexec-select-boot @@ -182,7 +182,7 @@ scan_options() { option_file="/tmp/kexec_options.txt" if [ -r $option_file ]; then rm $option_file; fi for i in `find $bootdir -name "$config"`; do - kexec-parse-boot "$bootdir" "$i" >> $option_file + DO_WITH_DEBUG kexec-parse-boot "$bootdir" "$i" >> $option_file done # FC29/30+ may use BLS format grub config files # https://fedoraproject.org/wiki/Changes/BootLoaderSpecByDefault diff --git a/initrd/bin/media-scan b/initrd/bin/media-scan index 28a612741..d64be05d9 100755 --- a/initrd/bin/media-scan +++ b/initrd/bin/media-scan @@ -86,7 +86,7 @@ if [ `cat /tmp/iso_menu.txt | wc -l` -gt 0 ]; then if [ -n "$option" ]; then MOUNTED_ISO=$option ISO=${option:7} # remove /media/ to get device relative path - kexec-iso-init $MOUNTED_ISO $ISO $USB_BOOT_DEV + DO_WITH_DEBUG kexec-iso-init $MOUNTED_ISO $ISO $USB_BOOT_DEV die "Something failed in iso init" fi @@ -95,9 +95,9 @@ fi echo "!!! Could not find any ISO, trying bootable USB" # Attempt to pull verified config from device if [ -x /bin/whiptail ]; then - kexec-select-boot -b /media -c "*.cfg" -u -g -s + DO_WITH_DEBUG kexec-select-boot -b /media -c "*.cfg" -u -g -s else - kexec-select-boot -b /media -c "*.cfg" -u -s + DO_WITH_DEBUG kexec-select-boot -b /media -c "*.cfg" -u -s fi die "Something failed in selecting boot" diff --git a/initrd/bin/network-init-recovery b/initrd/bin/network-init-recovery index c7b93b84f..dc678ef26 100755 --- a/initrd/bin/network-init-recovery +++ b/initrd/bin/network-init-recovery @@ -14,7 +14,24 @@ for module in `echo $network_modules`; do fi done -if [ -e /sys/class/net/eth0 ]; then +#Tethering over Android 11+ PoC +if [ -e /lib/modules/rndis_host.ko ]; then + #first enable USB controllers + enable_usb + network_modules="mii usbnet cdc_eem cdc_ether rndis_host" + + for module in `echo $network_modules`; do + if [ -f /lib/modules/$module.ko ]; then + insmod /lib/modules/$module.ko + fi + done + #other prep needed +fi + +if [ -e /sys/class/net/usb0 ]; then + echo "Tethering on..." + dev=usb0 +elif [ -e /sys/class/net/eth0 ]; then #Randomize eth0 MAC address of maximized boards if echo "$CONFIG_BOARD" | grep -q maximized; then ifconfig eth0 down @@ -28,15 +45,21 @@ if [ -e /sys/class/net/eth0 ]; then # Set up static IP if [ ! -z "$CONFIG_BOOT_STATIC_IP" ]; then ifconfig eth0 $CONFIG_BOOT_STATIC_IP - #Get ip from DHCP - elif [ -e /sbin/udhcpc ];then - if udhcpc -T 1 -q; then - if [ -e /sbin/ntpd ]; then + fi + dev=eth0 +fi + +#Get ip from DHCP +if [ -e /sbin/udhcpc ];then + if udhcpc -T 1 -i $dev -q; then + if [ -e /sbin/ntpd ]; then + if [ ! "$CONFIG_SYNC_TIME_ON_NETWORK_INIT" == "n" ]; then DNS_SERVER=$(grep nameserver /etc/resolv.conf|awk -F " " {'print $2'}) killall ntpd 2&>1 > /dev/null if ! ntpd -d -N -n -q -p $DNS_SERVER > /dev/ttyprintk; then if ! ntpd -d -d -N -n -q -p ntp.pool.org> /dev/ttyprintk; then echo "NTP sync unsuccessful." > /dev/tty0 + #TODO: clean time sync. Not always successful fi fi hwclock -w @@ -44,18 +67,16 @@ if [ -e /sys/class/net/eth0 ]; then date=`date "+%Y-%m-%d %H:%M:%S %Z"` echo "Time: $date" > /dev/tty0 fi - fi - fi - - ifconfig eth0 > /dev/ttyprintk - - if [ -e /bin/dropbear ]; then - # Set up the ssh server, allow root logins and log to stderr - if [ ! -d /etc/dropbear ]; then - mkdir /etc/dropbear fi - dropbear -B -R 2>/dev/ttyprintk + fi +fi + +if [ -e /bin/dropbear ]; then + # Set up the ssh server, allow root logins and log to stderr + if [ ! -d /etc/dropbear ]; then + mkdir /etc/dropbear fi - echo "" > /dev/tty0 - ifconfig eth0 | head -2 > /dev/tty0 + dropbear -B -R 2>/dev/ttyprintk fi +echo "" > /dev/tty0 +ifconfig > /dev/tty0 diff --git a/initrd/bin/tinycorePoC b/initrd/bin/tinycorePoC new file mode 100755 index 000000000..cc98e637e --- /dev/null +++ b/initrd/bin/tinycorePoC @@ -0,0 +1,4 @@ +network-init-recovery +mount -o remount,rw /boot +tcz -r /boot/tcz -v 14.x -d bash +mount -o remount,ro /boot diff --git a/initrd/bin/usb-init b/initrd/bin/usb-init index b2d3783f5..ea1d72bda 100755 --- a/initrd/bin/usb-init +++ b/initrd/bin/usb-init @@ -11,5 +11,5 @@ if [ "$CONFIG_TPM" = "y" ]; then tpmr extend -ix 4 -ic usb fi -media-scan usb +DO_WITH_DEBUG media-scan usb recovery "Something failed during USB boot" diff --git a/initrd/init b/initrd/init index a92557450..8d1ba5c7c 100755 --- a/initrd/init +++ b/initrd/init @@ -6,7 +6,8 @@ mknod /dev/ttyprintk c 5 3 echo "hello world" > /dev/ttyprintk # Setup our path -export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin +export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/bbin:/usr/local/sbin +export LD_LIBRARY_PATH=/usr/local/lib:/usr/lib # This is the very first script invoked by the Linux kernel and is # running out of the ram disk. There are no fileysstems mounted. diff --git a/modules/bash b/modules/bash index 8ada15774..327b5dd50 100644 --- a/modules/bash +++ b/modules/bash @@ -7,7 +7,7 @@ bash_tar := bash-$(bash_version).tar.gz bash_url := https://ftpmirror.gnu.org/bash/$(bash_tar) bash_hash := 5bac17218d3911834520dad13cd1f85ab944e1c09ae1aba55906be1f8192f558 -bash_configure := CFLAGS=-Os ./configure \ +bash_configure := CFLAGS="-g0 -Os" LDFLAGS="-s" ./configure \ $(CROSS_TOOLS) \ --host $(target) \ --prefix="/usr" \ diff --git a/modules/busybox b/modules/busybox index 03ec0a41d..2429f057c 100644 --- a/modules/busybox +++ b/modules/busybox @@ -2,11 +2,11 @@ CONFIG_BUSYBOX ?= y modules-$(CONFIG_BUSYBOX) += busybox -busybox_version := 1.33.2 +busybox_version := 1.36.0 busybox_dir := busybox-$(busybox_version) busybox_tar := busybox-$(busybox_version).tar.bz2 busybox_url := https://busybox.net/downloads/$(busybox_tar) -busybox_hash := 6843ba7977081e735fa0fdb05893e3c002c8c5ad7c9c80da206e603cc0ac47e7 +busybox_hash := 542750c8af7cb2630e201780b4f99f3dcceeb06f505b479ec68241c1e6af61a5 busybox_configure := $(MAKE) CC="$(heads_cc)" oldconfig busybox_config := config/busybox.config diff --git a/modules/coreboot b/modules/coreboot index 4eb5dae1a..4131b5c21 100644 --- a/modules/coreboot +++ b/modules/coreboot @@ -35,6 +35,12 @@ else ifeq "$(CONFIG_COREBOOT_VERSION)" "4.17" coreboot-blobs_hash := a2277fe7a2b2aab5da0aa335158460e00b852382f6736f2179992805702eb607 coreboot_depends := $(if $(CONFIG_PURISM_BLOBS), purism-blobs) EXTRA_FLAGS := -fdebug-prefix-map=$(pwd)=heads -gno-record-gcc-switches -Wno-error=packed-not-aligned -Wno-error=address-of-packed-member +else ifeq "$(CONFIG_COREBOOT_VERSION)" "4.19" + coreboot_version := 4.19 + coreboot_hash := 65ccb2f46535b996e0066a1b76f81c8cf1ff3e27df84b3f97d8ad7b3e7cf0a43 + coreboot-blobs_hash := 30214caed07b25f11e47bec022ff6234841376e36689eb674de2330a3e980cbc + coreboot_depends := $(if $(CONFIG_PURISM_BLOBS), purism-blobs) + EXTRA_FLAGS := -fdebug-prefix-map=$(pwd)=heads -gno-record-gcc-switches -Wno-error=packed-not-aligned -Wno-error=address-of-packed-member else ifeq "$(CONFIG_COREBOOT_VERSION)" "talos_2" coreboot_version = git coreboot_commit_hash = b2d4cc237c51b84c0b465976a56c6deb21b9f263 @@ -92,6 +98,7 @@ coreboot_target := \ CROSS="$(COREBOOT_CROSS)" \ IASL="$(COREBOOT_IASL)" \ DOTCONFIG="$(build)/$(coreboot_dir)/.config" \ + xcompile="$(build)/$(coreboot_base_dir)/.xcompile" \ BUILD_TIMELESS=1 \ CFLAGS_x86_32="$(EXTRA_FLAGS)" \ CFLAGS_x86_64="$(EXTRA_FLAGS)" \ diff --git a/modules/linux b/modules/linux index 2de1fdd61..185445bd0 100644 --- a/modules/linux +++ b/modules/linux @@ -31,6 +31,9 @@ linux_hash := a6fbd4ee903c128367892c2393ee0d9657b6ed3ea90016d4dc6f1f6da20b2330 else ifeq "$(CONFIG_LINUX_VERSION)" "5.10.5" linux_version := 5.10.5 linux_hash := 3991a9e16a187d78d5f414d89236ae5d7f404a69e60c4c42a9d262ee19612ef4 +else ifeq "$(CONFIG_LINUX_VERSION)" "5.10.178" +linux_version := 5.10.178 +linux_hash := 1acfade3715e560f00fb30615d5471e24b3940b549381558787aee9734e7a8af else $(error "$(BOARD): does not specify linux kernel version under CONFIG_LINUX_VERSION") endif @@ -71,6 +74,7 @@ $(INSTALL)/include/linux/limits.h: $(build)/$(linux_base_dir)/.canary -C "$(build)/$(linux_base_dir)" \ ARCH="$(LINUX_ARCH)" \ INSTALL_HDR_PATH="$(INSTALL)" \ + CROSS_COMPILE="$(CROSS)" \ O="$(linux_dir)" \ KCONFIG_CONFIG="$(pwd)/$(linux_kconfig)" \ headers_install @@ -121,6 +125,13 @@ linux_modules-$(CONFIG_LINUX_USB) += drivers/usb/storage/usb-storage.ko #USB modules when a USB keyboard is defined in board config linux_modules-$(CONFIG_USB_KEYBOARD) += drivers/hid/usbhid/usbhid.ko +#USB modules for Android USB Internet Tethering +linux_modules-$(CONFIG_ANDROID_TETHERING) += drivers/net/usb/cdc_eem.ko +linux_modules-$(CONFIG_ANDROID_TETHERING) += drivers/net/usb/rndis_host.ko +linux_modules-$(CONFIG_ANDROID_TETHERING) += drivers/net/usb/cdc_ether.ko +linux_modules-$(CONFIG_ANDROID_TETHERING) += drivers/net/usb/usbnet.ko +linux_modules-$(CONFIG_ANDROID_TETHERING) += drivers/net/mii.ko + # NVMe driver for winterfell and other servers linux_modules-$(CONFIG_LINUX_NVME) += drivers/nvme/host/nvme.ko linux_modules-$(CONFIG_LINUX_NVME) += drivers/nvme/host/nvme-core.ko @@ -263,6 +274,7 @@ linux.save_in_versioned_defconfig_format: && $(MAKE) -C "$(build)/$(linux_base_dir)" \ O="$(build)/$(linux_dir)" \ ARCH="$(LINUX_ARCH)" \ + CROSS_COMPILE="$(CROSS)" \ savedefconfig \ && mv "$(build)/$(linux_dir)/defconfig" "$(pwd)/$(linux_kconfig)_defconfig_$(CONFIG_LINUX_VERSION)" @@ -273,7 +285,7 @@ linux.save_in_oldconfig_format_in_place: O="$(build)/$(linux_dir)" \ ARCH="$(LINUX_ARCH)" \ CROSS_COMPILE="$(CROSS)" \ - oldefconfig \ + oldconfig \ && mv "$(build)/$(linux_dir)/.config" "$(pwd)/$(linux_kconfig)" linux.save_in_versioned_oldconfig: diff --git a/modules/u-root b/modules/u-root index c943bef43..943a0befc 100644 --- a/modules/u-root +++ b/modules/u-root @@ -1,50 +1,74 @@ -# # u-root go runtime # # This is not a normal Heads module, since it builds all of its # own dependencies. # -u-root_url := github.com/u-root/u-root +ifeq "$(CONFIG_UROOT)" "y" +u-root_url := https://github.com/u-root/u-root u-root_output := $(build)/$(BOARD)/u-root.cpio -UROOT_CMDS ?= +tinycore_lib_path=$(build)/tinycorelibs +tinycore_core_gz=$(tinycore_lib_path)/rootfs64.gz +tinycore_rootfs_files=lib/ld-linux-x86-64.so.2 lib/libanl.so.1 lib/libc.so.6 lib/libdl.so.2 lib/libm.so.6 lib/libpthread.so.0 lib/librt.so.1 usr/lib/libgcc_s.so.1 lib/libcrypt.so.1 lib/libutil.so.1 +# +# + + +#UROOT_CMDS ?= exp/tcz +UROOT_CMDS ?= core/wget + +export GOPATH=$(build)/u-root +UROOT_PATH=$(GOPATH)/src/github.com/u-root +UROOT_BUILT_PATH=$(GOPATH)/src/github.com/u-root/u-root -export GOPATH=$(build)/go +#Substitutions +#translate paths so that user can only specify what is found under u-root/cmds/ directory under UROOT_CMDS from board config to overwrite default above u-root_src_cmds := $(foreach cmd,$(UROOT_CMDS),github.com/u-root/u-root/cmds/$(cmd)) +#translate tinycore extracted rootfs real path into initramfs desired path. tinycore embeds lib/xyz already +#tinycore_libs_to_path := $(foreach libfile,$(tinycore_rootfs_files),$(tinycore_lib_path)/$(libfile):$(libfile)) +#translate each libs from tinycore_lib_path to usable u-root -files tuple (/real/local/path:desired/initramfs/path) +#u-root_files_statement:= $(foreach libfile,$(tinycore_rootfs_files),-files $(tinycore_lib_path)/$(libfile):$(libfile)) +u-root_files_statement:= -files /etc/ssl/certs/ca-certificates.crt -u-root_build := $(GOPATH)/bin/u-root -$(GOPATH)/bin/u-root: - go get github.com/u-root/u-root/... -# +u-root_build := $(UROOT_BUILT_PATH) + +$(UROOT_BUILT_PATH): + mkdir -p $(GOPATH)/src/github.com/u-root/ + git clone https://github.com/u-root/u-root.git $(UROOT_PATH) + cd $(UROOT_PATH) && go build + # If the board directory has its own go commands, copy them # into the u-root tree so that they will be bundled into the go initrd # TODO: generalize this to support more commands # TODO: fix this sort that it doesn't leave commands lying around -# +# ifeq "y" "$(shell [ -r 'boards/$(BOARD)/uinit.go' ] && echo y)" u-root_uinit := $(GOPATH)/src/github.com/u-root/u-root/cmds/uinit/uinit.go $(u-root_uinit): $(u-root_build) boards/$(BOARD)/uinit.go $(call install,boards/$(BOARD)/uinit.go,$@) endif -$(u-root_output): $(u-root_build) $(u-root_uinit) - $(call do,U-ROOT,$@,\ - $(GOPATH)/bin/u-root \ - -build=bb \ - -format=cpio \ - -o $@ \ - $(u-root_src_cmds)\ - ) +#TODO: put anchor here for rootfs download path to download if not present +$(tinycore_core_gz): + mkdir -p $(tinycore_lib_path) + cd $(tinycore_lib_path) \ + && wget http://tinycorelinux.net/14.x/x86_64/release/distribution_files/rootfs64.gz \ + && zcat rootfs64.gz | cpio -i > /dev/null 2>&1 || true + +$(u-root_output): $(u-root_build) $(u-root_uinit) $(tinycore_core_gz) + $(UROOT_BUILT_PATH) \ + -uroot-source $(UROOT_PATH) \ + -initcmd="" \ + -build=gbb \ + -defaultsh="" \ + $(u-root_files_statement) \ + -format=cpio \ + -o $@ \ + $(u-root_src_cmds) # Override the initrd inputs and add in the kernel modules initrd-$(CONFIG_UROOT) += $(u-root_output) - -ifeq "$(CONFIG_UROOT)" "y" -# If we are building for u-root, disable the default CONFIG_HEADS -# so that the heads/initrd/etc directories will not be included -CONFIG_HEADS=n - # Since we do not include u-root in modules-y, we have to define our # own intermediate and clean targets here $(build)/$(u-root_dir)/.build: $(u-root_output) diff --git a/patches/bash-5.1.16.patch b/patches/bash-5.1.16.patch new file mode 100644 index 000000000..ef59ceaa5 --- /dev/null +++ b/patches/bash-5.1.16.patch @@ -0,0 +1,11 @@ +--- clean/bash-5.1.16/Makefile.in 2020-12-16 16:13:10.000000000 -0600 ++++ bash-5.1.16/Makefile.in 2023-04-25 14:16:38.849618679 -0600 +@@ -626,7 +626,7 @@ + @${MAKE} ${MFLAGS} tests TESTSCRIPT=run-gprof + + version.h: $(SOURCES) config.h Makefile patchlevel.h +- $(SHELL) $(SUPPORT_SRC)mkversion.sh -b -S ${topdir} -s $(RELSTATUS) -d $(Version) -o newversion.h \ ++ $(SHELL) $(SUPPORT_SRC)mkversion.sh -S ${topdir} -s $(RELSTATUS) -d $(Version) -o newversion.h \ + && mv newversion.h version.h + + bashversion$(EXEEXT): buildversion.o $(SUPPORT_SRC)bashversion.c diff --git a/patches/coreboot-4.19/0001-x230-fhd-variant.patch b/patches/coreboot-4.19/0001-x230-fhd-variant.patch new file mode 100644 index 000000000..0cd25c5e5 --- /dev/null +++ b/patches/coreboot-4.19/0001-x230-fhd-variant.patch @@ -0,0 +1,198 @@ +From 06fe32bb5f65c784e7819b875c505fcceab11b99 Mon Sep 17 00:00:00 2001 +From: Alexander Couzens +Date: Sat, 19 Mar 2022 13:42:33 +0000 +Subject: [PATCH] lenovo/x230: introduce FHD variant + +There is a modification for the x230 which uses the 2nd DP from the dock +as the integrated panel's connection, which allows using a custom eDP +panel instead of the stock LVDS display. + +There are several adapter boards present on the market and all of them +uses the same method of enabling the custom eDP panel. + +To make this work with coreboot, the internal LVDS connector should be +disabled in libgfxinit. The VBT has been modified as well, which allows +brightness controls to work out of the box. + +The modifications done to the VBT are: +- Remove the LVDS port entry. +- Move the DP-3 (which is the 2nd DP on the dock) entry to the first + position on the list. +- Set the DP-3 as internally connected. + +This has been reported to work with the following panels: +- LP125WF2-SPB4 (1920*1080, 12.5") +- LQ125T1JW02 (2560*1440, 12.5") +- LQ133M1JW21 (1920*1080, 13.3") +- LTN133HL10-201 (1920*1080, 13.3") +- B133HAN04.6 (1920*1080, 13.3") +- B133QAN02.0 (2560*1600, 13.3") + +Other eDP panels not on this list should work as well. + +Change-Id: I0355d39a61956792e69bccd5274cfc2749d72bf0 +Signed-off-by: Alexander Couzens +Signed-off-by: Felix Singer +--- + src/mainboard/lenovo/x230/Kconfig | 15 ++++++++----- + src/mainboard/lenovo/x230/Kconfig.name | 3 +++ + src/mainboard/lenovo/x230/Makefile.inc | 5 +++++ + .../lenovo/x230/variants/x230_edp/data.vbt | Bin 0 -> 4281 bytes + .../x230/variants/x230_edp/gma-mainboard.ads | 21 ++++++++++++++++++ + 5 files changed, 38 insertions(+), 6 deletions(-) + create mode 100644 src/mainboard/lenovo/x230/variants/x230_edp/data.vbt + create mode 100644 src/mainboard/lenovo/x230/variants/x230_edp/gma-mainboard.ads + +diff --git a/src/mainboard/lenovo/x230/Kconfig b/src/mainboard/lenovo/x230/Kconfig +index a6fd796206..7aa5af6d85 100644 +--- a/src/mainboard/lenovo/x230/Kconfig ++++ b/src/mainboard/lenovo/x230/Kconfig +@@ -1,4 +1,4 @@ +-if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T || BOARD_LENOVO_X230S ++if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T || BOARD_LENOVO_X230S || BOARD_LENOVO_X230_EDP + + config BOARD_SPECIFIC_OPTIONS + def_bool y +@@ -11,7 +11,7 @@ + select H8_HAS_BAT_THRESHOLDS_IMPL + select H8_HAS_PRIMARY_FN_KEYS if BOARD_LENOVO_X230S + select NO_UART_ON_SUPERIO +- select BOARD_ROMSIZE_KB_12288 if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T ++ select BOARD_ROMSIZE_KB_12288 if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T || BOARD_LENOVO_X230_EDP + select BOARD_ROMSIZE_KB_16384 if BOARD_LENOVO_X230S + select HAVE_ACPI_TABLES + select HAVE_OPTION_TABLE +@@ -20,7 +20,7 @@ + select INTEL_INT15 + select DRIVERS_RICOH_RCE822 + select MEMORY_MAPPED_TPM +- select MAINBOARD_HAS_TPM1 if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T ++ select MAINBOARD_HAS_TPM1 if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T || BOARD_LENOVO_X230_EDP + select MAINBOARD_HAS_LIBGFXINIT + select GFX_GMA_PANEL_1_ON_LVDS if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T + select INTEL_GMA_HAVE_VBT +@@ -51,17 +51,20 @@ + default "lenovo/x230" + + config VARIANT_DIR +- default "x230" if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T ++ default "x230" if BOARD_LENOVO_X230 || BOARD_LENOVO_X230T || BOARD_LENOVO_X230_EDP + default "x230s" if BOARD_LENOVO_X230S + + config MAINBOARD_PART_NUMBER +- default "ThinkPad X230" if BOARD_LENOVO_X230 ++ default "ThinkPad X230" if BOARD_LENOVO_X230 || BOARD_LENOVO_X230_EDP + default "ThinkPad X230t" if BOARD_LENOVO_X230T + default "ThinkPad X230s" if BOARD_LENOVO_X230S + + config OVERRIDE_DEVICETREE + default "variants/\$(CONFIG_VARIANT_DIR)/overridetree.cb" + ++config INTEL_GMA_VBT_FILE ++ default "variants/x230_edp/data.vbt" if BOARD_LENOVO_X230_EDP ++ + config USBDEBUG_HCD_INDEX + int + default 2 +@@ -83,4 +86,4 @@ + config THINKPADEC_HKEY_EISAID + default "LEN0068" + +-endif # BOARD_LENOVO_X230 || BOARD_LENOVO_X230T || BOARD_LENOVO_X230S ++endif # BOARD_LENOVO_X230 || BOARD_LENOVO_X230T || BOARD_LENOVO_X230S || BOARD_LENOVO_X230_EDP +diff --git a/src/mainboard/lenovo/x230/Kconfig.name b/src/mainboard/lenovo/x230/Kconfig.name +index 1a01436879..e7290a12dd 100644 +--- a/src/mainboard/lenovo/x230/Kconfig.name ++++ b/src/mainboard/lenovo/x230/Kconfig.name +@@ -6,3 +6,6 @@ config BOARD_LENOVO_X230T + + config BOARD_LENOVO_X230S + bool "ThinkPad X230s" ++ ++config BOARD_LENOVO_X230_EDP ++ bool "ThinkPad X230 eDP Mod (2K/FHD)" +diff --git a/src/mainboard/lenovo/x230/Makefile.inc b/src/mainboard/lenovo/x230/Makefile.inc +index 8e801f145d..6e6f9f90b9 100644 +--- a/src/mainboard/lenovo/x230/Makefile.inc ++++ b/src/mainboard/lenovo/x230/Makefile.inc +@@ -5,4 +5,9 @@ bootblock-y += variants/$(VARIANT_DIR)/gpio.c + romstage-y += variants/$(VARIANT_DIR)/early_init.c + romstage-y += variants/$(VARIANT_DIR)/gpio.c + ramstage-y += variants/$(VARIANT_DIR)/hda_verb.c ++ ++ifeq ($(CONFIG_BOARD_LENOVO_X230_EDP),y) ++ramstage-$(CONFIG_MAINBOARD_USE_LIBGFXINIT) += variants/x230_edp/gma-mainboard.ads ++else + ramstage-$(CONFIG_MAINBOARD_USE_LIBGFXINIT) += variants/$(VARIANT_DIR)/gma-mainboard.ads ++endif +diff --git a/src/mainboard/lenovo/x230/variants/x230_edp/data.vbt b/src/mainboard/lenovo/x230/variants/x230_edp/data.vbt +new file mode 100644 +index 0000000000000000000000000000000000000000..13384d45571ff76e592335143d01315e37893186 +GIT binary patch +literal 4281 +zcmdT`Z)_aZ5&ym0y}P}=-MjTVC6^p6b={56T^4V^SA+LolmX+RUx+79#iSqiP~ars*|P{j#W<|Sw32Qpw?S@B$TK! +zT%y8#_th3_%L^xJRhpi?y+F#XZ5B@+U98gh$p??rmIq1sVr%N_-*;O-QJ>e_m+#Gc +zeSJjvzQO*1!F<1Mj*JdZ9IBMcg_+XCI898^NNKt-Jw1A;SiXxYQxjvQVrgb{#5RMi +z3_rAVdim%B-#tOO;ZDl)3wi>F!IEkCq2;B0R9IZ3DP?n3(8mm!Gbk$bf{?ofjp)+WX;f0xKuMreM_FPop&M`zu|-4&b{lx} +z6dXr%nIN^a1Q1g^?g`SApyQo+We^Ju;y^Soa0Kxp0ExE)gG^{(s5wk=5)@Iwe?zpD +z@%1v$crW@+c=`T;{ewfYIC5a@V7W3iGdp+pJ^l}V_@k99K7NB27i?KEp$JF`50mi@ +zjG1XXrseRG7Qw69ek|x~_*Klqd$9}}jBGpu*K}~RX~1KAld;P%uwb}2&iFCo7mQyT +zCSGP-Wc-%#2gY9*A29yLh$l?6F>Yks%;;r&gE7oF#P|+lf$=@YNyZt*N3Nz%%kOxj$xHTH_I6i5-#j$7@-%=}( +z?1954MnX?xAuk79(< +zSr6;_4gTc~tacpa=As!xD;@CT7xX)U4}W57_`9~2NpCP65!^@JyGbYMG6B#@{r1i&qF#431THdvdmK?gb!}@x&d86kH8RtSun)L +zMg&qo8p@sxlqPr)H*t1i5Xc8fNK*dW_}wA77I--u)J{nAs;))bo8vk&YfS^jD1^rM=s>0ytuB(VlIOTx;M223I$qhjl3%0pyLp$ECQ*_^UYE{?(M!zFMP3W9I_cUj9w4&M7&s8K0k@rirz}Oms94I6gg>kPulEG+g%^&e&n+7+xV#SfijjY{5o+C7V}H- +zZs9PGrN7SK-OZ8YGZ>yr(&i#tdss~q`sQ|0&fnIIOUJ;O2*-=b;v=kW?O}6KsoH4P +z0smI&%EQn#cd@w$RZTVP=TtP?l7~|?nRTSIQO2qkgO+Z!=3#T$D-XeMvn68}T3Ey8 +zHleye(7mkLXe*JtfA{Q*lj!gc)Wck4IFj|C#q&~HiNmA&>Z|kF4(Uvj%v~DWNT8*x>a2}rST)i~8vd61DwO!2$JZMNNi6hyH +z2d_)6&979w%w$-vyatVrqw??t&t%}iZhDAP3%j_I#cGANdzLq>W;J(F=Xwkxxj%^H +zwQDmn=w}|@-y`RG{*wz0>A(ZGtk~AM=#-fE(LV1uZE98+Nk>UmiyyuJ8?## Disabled); ++ ++end GMA.Mainboard; +-- +2.30.2 + diff --git a/patches/kexec-2.0.26.patch b/patches/kexec-2.0.26.patch index 012807823..71c84abaf 100644 --- a/patches/kexec-2.0.26.patch +++ b/patches/kexec-2.0.26.patch @@ -102,6 +102,38 @@ index 14263b0..55291d6 100644 real_mode->lfb_width = var.xres; real_mode->lfb_height = var.yres; real_mode->lfb_depth = var.bits_per_pixel; +diff --git a/kexec/kexec.c b/kexec/kexec.c +index 0e92d96..f7984a8 100644 +--- a/kexec/kexec.c ++++ b/kexec/kexec.c +@@ -807,6 +807,27 @@ static int my_load(const char *type, int fileind, int argc, char **argv, + if (sort_segments(&info) < 0) { + return -1; + } ++ ++#if 1 ++ // force segment 0 to have memsz == bufsz ++ // so that it won't overwrite EBDA ++ if (info.segment[0].mem == 0) ++ { ++ if (kexec_debug) ++ printf("hack ebda into segment 0!\n"); ++ ++ uint8_t * ebda = calloc(1, info.segment[0].memsz); ++ memcpy(ebda, info.segment[0].buf, info.segment[0].bufsz); ++ info.segment[0].bufsz = info.segment[0].memsz; ++ info.segment[0].buf = ebda; ++ ++ // install some default EBDA values that are off scale, ++ // which will force Xen to use the multiboot info ++ *(uint16_t*)(ebda + 0x40e) = 0xFFFF; // segment ++ *(uint16_t*)(ebda + 0x413) = 0xFFFF; // size ++ } ++#endif ++ + /* if purgatory is loaded update it */ + update_purgatory(&info); + if (entry) diff --git a/purgatory/Makefile b/purgatory/Makefile index 4d2d071..ee5c642 100644 --- a/purgatory/Makefile diff --git a/patches/linux-4.14.62/0004-libsubcmd_Fix_use-after-free-for-realloc.patch b/patches/linux-4.14.62/0004-libsubcmd_Fix_use-after-free-for-realloc.patch new file mode 100644 index 000000000..57d0d5038 --- /dev/null +++ b/patches/linux-4.14.62/0004-libsubcmd_Fix_use-after-free-for-realloc.patch @@ -0,0 +1,64 @@ +From 52a9dab6d892763b2a8334a568bd4e2c1a6fde66 Mon Sep 17 00:00:00 2001 +From: Kees Cook +Date: Sun, 13 Feb 2022 10:24:43 -0800 +Subject: [PATCH] libsubcmd: Fix use-after-free for realloc(..., 0) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC 12 correctly reports a potential use-after-free condition in the +xrealloc helper. Fix the warning by avoiding an implicit "free(ptr)" +when size == 0: + +In file included from help.c:12: +In function 'xrealloc', + inlined from 'add_cmdname' at help.c:24:2: subcmd-util.h:56:23: error: pointer may be used after 'realloc' [-Werror=use-after-free] + 56 | ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ +subcmd-util.h:52:21: note: call to 'realloc' here + 52 | void *ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ +subcmd-util.h:58:31: error: pointer may be used after 'realloc' [-Werror=use-after-free] + 58 | ret = realloc(ptr, 1); + | ^~~~~~~~~~~~~~~ +subcmd-util.h:52:21: note: call to 'realloc' here + 52 | void *ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ + +Fixes: 2f4ce5ec1d447beb ("perf tools: Finalize subcmd independence") +Reported-by: Valdis Klētnieks +Signed-off-by: Kees Kook +Tested-by: Valdis Klētnieks +Tested-by: Justin M. Forbes +Acked-by: Josh Poimboeuf +Cc: linux-hardening@vger.kernel.org +Cc: Valdis Klētnieks +Link: http://lore.kernel.org/lkml/20220213182443.4037039-1-keescook@chromium.org +Signed-off-by: Arnaldo Carvalho de Melo +--- + tools/lib/subcmd/subcmd-util.h | 11 ++--------- + 1 file changed, 2 insertions(+), 9 deletions(-) + +diff --git a/tools/lib/subcmd/subcmd-util.h b/tools/lib/subcmd/subcmd-util.h +index 794a375dad3601..b2aec04fce8f67 100644 +--- a/tools/lib/subcmd/subcmd-util.h ++++ b/tools/lib/subcmd/subcmd-util.h +@@ -50,15 +50,8 @@ static NORETURN inline void die(const char *err, ...) + static inline void *xrealloc(void *ptr, size_t size) + { + void *ret = realloc(ptr, size); +- if (!ret && !size) +- ret = realloc(ptr, 1); +- if (!ret) { +- ret = realloc(ptr, size); +- if (!ret && !size) +- ret = realloc(ptr, 1); +- if (!ret) +- die("Out of memory, realloc failed"); +- } ++ if (!ret) ++ die("Out of memory, realloc failed"); + return ret; + } + + diff --git a/patches/linux-5.10.178/0001-fake-acpi.patch b/patches/linux-5.10.178/0001-fake-acpi.patch new file mode 100644 index 000000000..0c8b3b546 --- /dev/null +++ b/patches/linux-5.10.178/0001-fake-acpi.patch @@ -0,0 +1,32 @@ +diff --recursive -u ./clean/linux-4.9.80/drivers/acpi/acpica/evxfevnt.c linux-4.9.80/drivers/acpi/acpica/evxfevnt.c +--- ./clean/linux-4.9.80/drivers/acpi/acpica/evxfevnt.c 2018-02-03 11:05:43.000000000 -0500 ++++ linux-4.9.80/drivers/acpi/acpica/evxfevnt.c 2018-02-07 15:51:28.786502597 -0500 +@@ -111,6 +111,8 @@ + } + + ACPI_ERROR((AE_INFO, "Hardware did not enter ACPI mode")); ++printk("%s:%d faking ACPI mode\n", __func__, __LINE__); ++ return_ACPI_STATUS(AE_OK); + return_ACPI_STATUS(AE_NO_HARDWARE_RESPONSE); + } + +diff --recursive -u ./clean/linux-4.9.80/drivers/acpi/acpica/hwacpi.c linux-4.9.80/drivers/acpi/acpica/hwacpi.c +--- ./clean/linux-4.9.80/drivers/acpi/acpica/hwacpi.c 2018-02-03 11:05:43.000000000 -0500 ++++ linux-4.9.80/drivers/acpi/acpica/hwacpi.c 2018-02-07 15:51:35.126557868 -0500 +@@ -168,12 +168,16 @@ + + status = acpi_read_bit_register(ACPI_BITREG_SCI_ENABLE, &value); + if (ACPI_FAILURE(status)) { ++printk("%s:%d faking ACPI mode\n", __func__, __LINE__); ++ return_UINT32(ACPI_SYS_MODE_ACPI); + return_UINT32(ACPI_SYS_MODE_LEGACY); + } + + if (value) { + return_UINT32(ACPI_SYS_MODE_ACPI); + } else { ++//printk("%s:%d faking ACPI mode\n", __func__, __LINE__); ++// return_UINT32(ACPI_SYS_MODE_ACPI); + return_UINT32(ACPI_SYS_MODE_LEGACY); + } + } diff --git a/patches/linux-5.10.178/0002-nmi-squelch.patch b/patches/linux-5.10.178/0002-nmi-squelch.patch new file mode 100644 index 000000000..bce1cd2f0 --- /dev/null +++ b/patches/linux-5.10.178/0002-nmi-squelch.patch @@ -0,0 +1,20 @@ +diff --recursive -u ./clean/linux-4.9.80/arch/x86/kernel/nmi.c linux-4.9.80/arch/x86/kernel/nmi.c +--- ./clean/linux-4.9.80/arch/x86/kernel/nmi.c 2018-02-03 11:05:43.000000000 -0500 ++++ linux-4.9.80/arch/x86/kernel/nmi.c 2018-02-07 18:56:10.475613884 -0500 +@@ -303,6 +303,8 @@ + + __this_cpu_add(nmi_stats.unknown, 1); + ++#if 0 ++// qemu generates these for some reason + pr_emerg("Uhhuh. NMI received for unknown reason %02x on CPU %d.\n", + reason, smp_processor_id()); + +@@ -311,6 +313,7 @@ + nmi_panic(regs, "NMI: Not continuing"); + + pr_emerg("Dazed and confused, but trying to continue\n"); ++#endif + } + NOKPROBE_SYMBOL(unknown_nmi_error); + diff --git a/patches/linux-5.10.178/0003-fake-trampoline.patch b/patches/linux-5.10.178/0003-fake-trampoline.patch new file mode 100644 index 000000000..e6ec15c9b --- /dev/null +++ b/patches/linux-5.10.178/0003-fake-trampoline.patch @@ -0,0 +1,28 @@ +diff --recursive -u ./clean/linux-4.9.80/arch/x86/realmode/init.c linux-4.9.80/arch/x86/realmode/init.c +--- ./clean/linux-4.9.80/arch/x86/realmode/init.c 2018-02-03 11:05:43.000000000 -0500 ++++ linux-4.9.80/arch/x86/realmode/init.c 2018-02-07 15:51:28.538500435 -0500 +@@ -35,8 +35,8 @@ + /* Has to be under 1M so we can execute real-mode AP code. */ + mem = memblock_find_in_range(0, 1<<20, size, PAGE_SIZE); + if (!mem) { +- pr_info("No sub-1M memory is available for the trampoline\n"); +- return; ++ mem = 0x4000; ++ pr_info("No sub-1M memory is available for the trampoline, guessing %p\n", mem); + } + + memblock_reserve(mem, size); +@@ -138,7 +138,12 @@ + static int __init init_real_mode(void) + { + if (!real_mode_header) +- panic("Real mode trampoline was not allocated"); ++ { ++ // ignore for now ++ //panic("Real mode trampoline was not allocated"); ++ pr_warn("Real mode trampoline was not allocated"); ++ return 0; ++ } + + setup_real_mode(); + set_real_mode_permissions(); diff --git a/patches/linux-5.10.178/0010-winterfell-ahci.patch b/patches/linux-5.10.178/0010-winterfell-ahci.patch new file mode 100644 index 000000000..9c4df7e28 --- /dev/null +++ b/patches/linux-5.10.178/0010-winterfell-ahci.patch @@ -0,0 +1,18 @@ +diff --recursive -u ./clean/linux-4.9.80/drivers/ata/libahci.c linux-4.9.80/drivers/ata/libahci.c +--- ./clean/linux-4.9.80/drivers/ata/libahci.c 2018-02-03 11:05:43.000000000 -0500 ++++ linux-4.9.80/drivers/ata/libahci.c 2018-02-07 18:02:32.526535910 -0500 +@@ -537,8 +537,12 @@ + } + + /* fabricate port_map from cap.nr_ports for < AHCI 1.3 */ +- if (!port_map && vers < 0x10300) { +- port_map = (1 << ahci_nr_ports(cap)) - 1; ++ if (!port_map) { // && vers < 0x10300) { ++ printk("%s: saved_port=%02x\n", __func__, hpriv->saved_port_map); ++ writel(0x1, mmio + HOST_PORTS_IMPL); ++ port_map = readl(mmio + HOST_PORTS_IMPL); ++ ++ //port_map = (1 << ahci_nr_ports(cap)) - 1; + dev_warn(dev, "forcing PORTS_IMPL to 0x%x\n", port_map); + + /* write the fixed up value to the PI register */ diff --git a/patches/linux-5.10.5/0004-libsubcmd_Fix_use-after-free-for-realloc.patch b/patches/linux-5.10.5/0004-libsubcmd_Fix_use-after-free-for-realloc.patch new file mode 100644 index 000000000..57d0d5038 --- /dev/null +++ b/patches/linux-5.10.5/0004-libsubcmd_Fix_use-after-free-for-realloc.patch @@ -0,0 +1,64 @@ +From 52a9dab6d892763b2a8334a568bd4e2c1a6fde66 Mon Sep 17 00:00:00 2001 +From: Kees Cook +Date: Sun, 13 Feb 2022 10:24:43 -0800 +Subject: [PATCH] libsubcmd: Fix use-after-free for realloc(..., 0) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC 12 correctly reports a potential use-after-free condition in the +xrealloc helper. Fix the warning by avoiding an implicit "free(ptr)" +when size == 0: + +In file included from help.c:12: +In function 'xrealloc', + inlined from 'add_cmdname' at help.c:24:2: subcmd-util.h:56:23: error: pointer may be used after 'realloc' [-Werror=use-after-free] + 56 | ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ +subcmd-util.h:52:21: note: call to 'realloc' here + 52 | void *ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ +subcmd-util.h:58:31: error: pointer may be used after 'realloc' [-Werror=use-after-free] + 58 | ret = realloc(ptr, 1); + | ^~~~~~~~~~~~~~~ +subcmd-util.h:52:21: note: call to 'realloc' here + 52 | void *ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ + +Fixes: 2f4ce5ec1d447beb ("perf tools: Finalize subcmd independence") +Reported-by: Valdis Klētnieks +Signed-off-by: Kees Kook +Tested-by: Valdis Klētnieks +Tested-by: Justin M. Forbes +Acked-by: Josh Poimboeuf +Cc: linux-hardening@vger.kernel.org +Cc: Valdis Klētnieks +Link: http://lore.kernel.org/lkml/20220213182443.4037039-1-keescook@chromium.org +Signed-off-by: Arnaldo Carvalho de Melo +--- + tools/lib/subcmd/subcmd-util.h | 11 ++--------- + 1 file changed, 2 insertions(+), 9 deletions(-) + +diff --git a/tools/lib/subcmd/subcmd-util.h b/tools/lib/subcmd/subcmd-util.h +index 794a375dad3601..b2aec04fce8f67 100644 +--- a/tools/lib/subcmd/subcmd-util.h ++++ b/tools/lib/subcmd/subcmd-util.h +@@ -50,15 +50,8 @@ static NORETURN inline void die(const char *err, ...) + static inline void *xrealloc(void *ptr, size_t size) + { + void *ret = realloc(ptr, size); +- if (!ret && !size) +- ret = realloc(ptr, 1); +- if (!ret) { +- ret = realloc(ptr, size); +- if (!ret && !size) +- ret = realloc(ptr, 1); +- if (!ret) +- die("Out of memory, realloc failed"); +- } ++ if (!ret) ++ die("Out of memory, realloc failed"); + return ret; + } + +