vimuser (Leah Rowe)

vimuser pushed to master at libreboot/lbwww

b716e3fedd remove redundant/finished tasks from todo Signed-off-by: Leah Rowe <info@minifree.org>

1 hour ago

vimuser pushed to master at libreboot/libreboot

e5cc3e557a Merge pull request 'dell-flash-unlock: add NetBSD support' (#194) from linear/lbmk:master into master Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/194
e119ffa54d dell-flash-unlock: add NetBSD support
View comparison for these 2 commits »

3 hours ago

vimuser pushed to master at libreboot/lbmk

e5cc3e557a Merge pull request 'dell-flash-unlock: add NetBSD support' (#194) from linear/lbmk:master into master Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/194
e119ffa54d dell-flash-unlock: add NetBSD support
View comparison for these 2 commits »

3 hours ago

vimuser pushed to master at libreboot/libreboot

c0b4ba2eea build/roms: update help, pertaining to status Signed-off-by: Leah Rowe <leah@libreboot.org>

4 hours ago

vimuser pushed to master at libreboot/lbmk

c0b4ba2eea build/roms: update help, pertaining to status Signed-off-by: Leah Rowe <leah@libreboot.org>

4 hours ago

vimuser pushed to master at libreboot/libreboot

d88783b734 build/roms: let "list" specify status types for example: ./build roms list this will list every now, still. same behaviour. now see: ./build roms list stable this will list all stable roms ./build roms list untested this lists untested roms. but wait! ./build roms list untested broken unstable ./build roms list broken unstable yes. it works this way. now you can use lbmk to easily see what rom status are, during maintenance. Signed-off-by: Leah Rowe <leah@libreboot.org>

5 hours ago

vimuser pushed to master at libreboot/lbmk

d88783b734 build/roms: let "list" specify status types for example: ./build roms list this will list every now, still. same behaviour. now see: ./build roms list stable this will list all stable roms ./build roms list untested this lists untested roms. but wait! ./build roms list untested broken unstable ./build roms list broken unstable yes. it works this way. now you can use lbmk to easily see what rom status are, during maintenance. Signed-off-by: Leah Rowe <leah@libreboot.org>

5 hours ago

vimuser pushed to master at libreboot/libreboot

b6014a65ac erroneous return Signed-off-by: Leah Rowe <leah@libreboot.org>

6 hours ago

vimuser pushed to master at libreboot/lbmk

b6014a65ac erroneous return Signed-off-by: Leah Rowe <leah@libreboot.org>

6 hours ago

vimuser pushed to master at libreboot/libreboot

ce7fd754a3 build/roms: report status when building images export LBMK_VERSION_TYPE=x x can be: stable, unstable in target.cfg files, specify: status=x x can be: stable, unstable, broken, untested if unset, lbmk defaults to "unknown" if LBMK_VERSION_TYPE is set, no confirmation is asked if the given target matches what's set (but what's set in that environmental variable can only be stable or unstable) if LBMK_RELEASE="y", no confirmation is asked, unless the target is something other than stable/unstable "unstable" means it works, but has a few non-breaking bugs, e.g. broken s3 on dell e6400 whereas, if raminit regularly fails or it is so absolutely unreliable as to be unusable, then the board should be declared "broken" untested means: it has not been tested With this change, it should now be easier to track whether a given board is tested, in preparation for releases. When working on trees/boards, status can be set for targets. Also: in the board directory, you can add a "warn.txt" file which will display a message. For example, if a board has a particular quirk to watch out for, write that there. The message will be printed during the build process, to stdout. If status is anything *other* than stable, or it is unstable but LBMK_VERSION_TYPE is not set to "unstable", and not building a release, a confirmation is passed. If the board is not specified as stable or unstable, during a release build, the build is skipped and the ROM is not provided in that release; this is in *addition* to release="n" or release="y" that can be set in target.cfg, which will skip the release build for that target if "n" Signed-off-by: Leah Rowe <leah@libreboot.org>

6 hours ago

vimuser pushed to master at libreboot/lbmk

ce7fd754a3 build/roms: report status when building images export LBMK_VERSION_TYPE=x x can be: stable, unstable in target.cfg files, specify: status=x x can be: stable, unstable, broken, untested if unset, lbmk defaults to "unknown" if LBMK_VERSION_TYPE is set, no confirmation is asked if the given target matches what's set (but what's set in that environmental variable can only be stable or unstable) if LBMK_RELEASE="y", no confirmation is asked, unless the target is something other than stable/unstable "unstable" means it works, but has a few non-breaking bugs, e.g. broken s3 on dell e6400 whereas, if raminit regularly fails or it is so absolutely unreliable as to be unusable, then the board should be declared "broken" untested means: it has not been tested With this change, it should now be easier to track whether a given board is tested, in preparation for releases. When working on trees/boards, status can be set for targets. Also: in the board directory, you can add a "warn.txt" file which will display a message. For example, if a board has a particular quirk to watch out for, write that there. The message will be printed during the build process, to stdout. If status is anything *other* than stable, or it is unstable but LBMK_VERSION_TYPE is not set to "unstable", and not building a release, a confirmation is passed. If the board is not specified as stable or unstable, during a release build, the build is skipped and the ROM is not provided in that release; this is in *addition* to release="n" or release="y" that can be set in target.cfg, which will skip the release build for that target if "n" Signed-off-by: Leah Rowe <leah@libreboot.org>

6 hours ago

vimuser pushed to master at libreboot/libreboot

a2f4235358 i945: switch boards to 20230625 coreboot revision On T60 with Libreboot 20231106 and the GRUB payload, a user reported this error in GRUB when a battery was connected: "alloc magic is broken at 0x7b1aedf0: 0" This error disappears when a battery is not connected, or when using Libreboot 20230625. The issue has persisted through to LIbreboot 20240225 and after, and I believe the issue will be somewhere in coreboot, not in GRUB itself. For now, switch i945 laptops (X60, T60, Macbook2,1) back to the February 2023 coreboot revision used in Libreboot 20230625. A bisect can be done before the next Libreboot release, ETA May 2024, if time permits. Otherwise, this revert should solve the problem for now, at least so far as Libreboot is concerned. The following coreboot patches have been backported: commit 29030d0f3dad2ec6b86000dfe2c8e951ae80bf94 Author: Bill Xie <persmule@hardenedlinux.org> Date: Sat Oct 7 01:32:51 2023 +0800 drivers/pc80/rtc/option.c: Stop resetting CMOS during s3 resume Further patches from upstream: commit 432e92688eca0e85cbaebca3232f65936b305a98 Author: Bill Xie <persmule@hardenedlinux.org> Date: Fri Nov 3 12:34:01 2023 +0800 drivers/pc80/rtc/option.c: Reset only CMOS range covered by checksum These patches fixed S3 on GM45 machines, though it will be useful on the i945 machines aswell. The reason I'm doing it this way it is because I don't have a battery for my X60 or T60, and my T60 isn't in a very good state either, so I can't reproduce the error myself yet. Signed-off-by: Leah Rowe <leah@libreboot.org>

17 hours ago

vimuser pushed to master at libreboot/lbmk

a2f4235358 i945: switch boards to 20230625 coreboot revision On T60 with Libreboot 20231106 and the GRUB payload, a user reported this error in GRUB when a battery was connected: "alloc magic is broken at 0x7b1aedf0: 0" This error disappears when a battery is not connected, or when using Libreboot 20230625. The issue has persisted through to LIbreboot 20240225 and after, and I believe the issue will be somewhere in coreboot, not in GRUB itself. For now, switch i945 laptops (X60, T60, Macbook2,1) back to the February 2023 coreboot revision used in Libreboot 20230625. A bisect can be done before the next Libreboot release, ETA May 2024, if time permits. Otherwise, this revert should solve the problem for now, at least so far as Libreboot is concerned. The following coreboot patches have been backported: commit 29030d0f3dad2ec6b86000dfe2c8e951ae80bf94 Author: Bill Xie <persmule@hardenedlinux.org> Date: Sat Oct 7 01:32:51 2023 +0800 drivers/pc80/rtc/option.c: Stop resetting CMOS during s3 resume Further patches from upstream: commit 432e92688eca0e85cbaebca3232f65936b305a98 Author: Bill Xie <persmule@hardenedlinux.org> Date: Fri Nov 3 12:34:01 2023 +0800 drivers/pc80/rtc/option.c: Reset only CMOS range covered by checksum These patches fixed S3 on GM45 machines, though it will be useful on the i945 machines aswell. The reason I'm doing it this way it is because I don't have a battery for my X60 or T60, and my T60 isn't in a very good state either, so I can't reproduce the error myself yet. Signed-off-by: Leah Rowe <leah@libreboot.org>

17 hours ago

vimuser pushed to master at libreboot/libreboot

64177dbb8e exports variables from err.sh, not build LC_COLLATE and LBMK_RELEASE are important variables. we want to make sure that these are seen by everything. since err.sh is included from all scripts, doing it there will accomplish just that. Signed-off-by: Leah Rowe <leah@libreboot.org>

19 hours ago

vimuser pushed to master at libreboot/lbmk

64177dbb8e exports variables from err.sh, not build LC_COLLATE and LBMK_RELEASE are important variables. we want to make sure that these are seen by everything. since err.sh is included from all scripts, doing it there will accomplish just that. Signed-off-by: Leah Rowe <leah@libreboot.org>

19 hours ago

vimuser pushed to master at libreboot/libreboot

a5082de43c GRUB: bump to today's latest revision GRUB has not pushed many patches to master since the recent 2.12 release, but there are a number of interesting fixes. libreboot is doing a release soon. bump to latest grub revision. Some of the new patches in GRUB are interesting: XFS fixes: "fs/xfs: Handle non-continuous data blocks in directory extents" 68dd65cfdaad08b1f8ec01b84949b0bf88bc0d8c Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2254370 Apparently, XFS could not boot in some reports, though this was likely with BIOS or UEFI GRUB; no such reports were made to libreboot "gfxmenu/view: Resolve false grub_errno disrupting boot process" 39c927df66c7ca62d97905d1385054ac9ce67209 "util/grub-fstest: Add a new command zfs-bootfs" 28c4405208cfb6e2cea737f6cbaf17e631bac6cd The gnulib revision does not need to be updated at this time. Signed-off-by: Leah Rowe <leah@libreboot.org>
ddfe71a366 9020 sff/mt: actually enable the TPM (by default) i added mkukri's patch but didn't enable it. this was intentional. this patch enables tpm by default, on all 9020 sff/mt targets. most users probably won't need it, but enabling it won't hurt. Signed-off-by: Leah Rowe <leah@libreboot.org>
2d7debd33c 9020 sff/mt: add tpm enable patch from mate kukri Signed-off-by: Leah Rowe <leah@libreboot.org>
View comparison for these 3 commits »

22 hours ago

vimuser pushed to master at libreboot/lbmk

a5082de43c GRUB: bump to today's latest revision GRUB has not pushed many patches to master since the recent 2.12 release, but there are a number of interesting fixes. libreboot is doing a release soon. bump to latest grub revision. Some of the new patches in GRUB are interesting: XFS fixes: "fs/xfs: Handle non-continuous data blocks in directory extents" 68dd65cfdaad08b1f8ec01b84949b0bf88bc0d8c Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2254370 Apparently, XFS could not boot in some reports, though this was likely with BIOS or UEFI GRUB; no such reports were made to libreboot "gfxmenu/view: Resolve false grub_errno disrupting boot process" 39c927df66c7ca62d97905d1385054ac9ce67209 "util/grub-fstest: Add a new command zfs-bootfs" 28c4405208cfb6e2cea737f6cbaf17e631bac6cd The gnulib revision does not need to be updated at this time. Signed-off-by: Leah Rowe <leah@libreboot.org>
ddfe71a366 9020 sff/mt: actually enable the TPM (by default) i added mkukri's patch but didn't enable it. this was intentional. this patch enables tpm by default, on all 9020 sff/mt targets. most users probably won't need it, but enabling it won't hurt. Signed-off-by: Leah Rowe <leah@libreboot.org>
2d7debd33c 9020 sff/mt: add tpm enable patch from mate kukri Signed-off-by: Leah Rowe <leah@libreboot.org>
View comparison for these 3 commits »

22 hours ago

vimuser pushed to 9020tpm at libreboot/libreboot

2d7debd33c 9020 sff/mt: add tpm enable patch from mate kukri Signed-off-by: Leah Rowe <leah@libreboot.org>
08859bb4a5 lbmk: export TMPDIR from err.sh, not build lbmk sets TMPDIR to /tmp, and then creates a tmpdir, then exports *that* as the value of TMPDIR. this unified TMPDIR location then contains all subsequent files and directories, when any script or program makes use of /tmp, via mktemp. at least, that's the theory! in practise, because it was only being properly exported from the main build scripts, subscripts that are then called were not exporting it, at least that is my assumption because in some cases, i found that the coreboot build system was leaving errant files behind outside of our own TMPDIR, and that build system did not seem to be setting TMPDIR itself; more debugging is needed. anyway: use the exact same logic, but do it from err.sh. since err.sh is included from every lbmk script, that means it will always be exported when running every single part of lbmk. this should reduce the chance that mktemp creates files and directories outside of our custom TMPDIR location. this is because in lbmk, we mitigate unhandled tmpdirs/files by unifying it in the manner described, then deleting the entire TMPDIR on exit from the main lbmk parent process (the main script that the user called from, which is always the "build" file). in lbmk, effort is made to clean up temporary files properly, without relying on this catch-all, but we can't rely on that. the catch-all should also be as robust as possible. Signed-off-by: Leah Rowe <leah@libreboot.org>
f5f2c58a0e build/roms: add missing deletion of tmp file the temporary rom per build was not being deleted after finishing the current target. this adds up in /tmp during large builds, when building for many targets. fix this! Signed-off-by: Leah Rowe <leah@libreboot.org>
02e4c0b28e hp820g2: allow building, but don't do release ROMs at present, the inject scripts compress refcode in a way that is not reproducible, so there's no way to verify that the firmware is correct, via checksum verification, when injecting vendor code on release images the lack of reproducibility in recompression will have to be addressed, but the issue is that lbmk does not provide its own sources for compression utilities, instead opting to use the system's own compression utility so the solution might be for lbmk not to use the host's utility, and compile its own, or insert the refcode uncompressed. for now, simply disable the hp 820 g2 target in libreboot releases this uses the same logic recently implemented for excluding mrc-based haswell images in libreboot releases Signed-off-by: Leah Rowe <leah@libreboot.org>
ed0678ae2e haswell: only provide NRI-based ROMs in releases release="n" is set in target.cfg on haswell build targets that use mrc.bin script/update/release exports LBMK_RELEASE="y" script/build/roms skips building a given target if release="n" in target.cfg *and* LBMK_RELEASE="y" you could also do the export yourself before running ./build roms, for example: export LBMK_RELEASE="y" ./build roms all This would skip these ROM images. The native haswell raminit is now stable enough in my testing, that I wish to delete the MRC-based targets. This is in line with Libreboot's Binary Blob Reduction Policy, which states: if a blob can be avoided, it should be avoided. The problem is that users often run the inject script in *lbmk* from Git, instead of from the src release archive. I forsee some users running this on modern lbmk with older release images. If the mrc-based target isn't there, the user may use an NRI-based target name, and think it works; they will insert without MRC. I foresaw this ages ago, which is why Caleb and I ensured that the script checks hashes, and hashes are included in releases. Therefore: for the time being, keep the MRC-based configs in lbmk but do not include images for them in releases. This can be done indefinitely, but I'll probably remove those configs entirely at some point. On the following boards, Libreboot now will *only* provide NRI-based ROM images for the following machines: * Dell OptiPlex 9020 SFF * Dell OptiPlex 9020 MT * Lenovo ThinkPad T440p * Lenovo ThinkPad W541/W540 I now recommend exclusive use of NRI-based images, on Haswell hardware. It's stable enough in my testing, and now supports S3. Signed-off-by: Leah Rowe <leah@libreboot.org>

1 day ago

vimuser created new branch 9020tpm at libreboot/libreboot

1 day ago

vimuser pushed to 9020tpm at libreboot/lbmk

2d7debd33c 9020 sff/mt: add tpm enable patch from mate kukri Signed-off-by: Leah Rowe <leah@libreboot.org>
08859bb4a5 lbmk: export TMPDIR from err.sh, not build lbmk sets TMPDIR to /tmp, and then creates a tmpdir, then exports *that* as the value of TMPDIR. this unified TMPDIR location then contains all subsequent files and directories, when any script or program makes use of /tmp, via mktemp. at least, that's the theory! in practise, because it was only being properly exported from the main build scripts, subscripts that are then called were not exporting it, at least that is my assumption because in some cases, i found that the coreboot build system was leaving errant files behind outside of our own TMPDIR, and that build system did not seem to be setting TMPDIR itself; more debugging is needed. anyway: use the exact same logic, but do it from err.sh. since err.sh is included from every lbmk script, that means it will always be exported when running every single part of lbmk. this should reduce the chance that mktemp creates files and directories outside of our custom TMPDIR location. this is because in lbmk, we mitigate unhandled tmpdirs/files by unifying it in the manner described, then deleting the entire TMPDIR on exit from the main lbmk parent process (the main script that the user called from, which is always the "build" file). in lbmk, effort is made to clean up temporary files properly, without relying on this catch-all, but we can't rely on that. the catch-all should also be as robust as possible. Signed-off-by: Leah Rowe <leah@libreboot.org>
f5f2c58a0e build/roms: add missing deletion of tmp file the temporary rom per build was not being deleted after finishing the current target. this adds up in /tmp during large builds, when building for many targets. fix this! Signed-off-by: Leah Rowe <leah@libreboot.org>
02e4c0b28e hp820g2: allow building, but don't do release ROMs at present, the inject scripts compress refcode in a way that is not reproducible, so there's no way to verify that the firmware is correct, via checksum verification, when injecting vendor code on release images the lack of reproducibility in recompression will have to be addressed, but the issue is that lbmk does not provide its own sources for compression utilities, instead opting to use the system's own compression utility so the solution might be for lbmk not to use the host's utility, and compile its own, or insert the refcode uncompressed. for now, simply disable the hp 820 g2 target in libreboot releases this uses the same logic recently implemented for excluding mrc-based haswell images in libreboot releases Signed-off-by: Leah Rowe <leah@libreboot.org>
ed0678ae2e haswell: only provide NRI-based ROMs in releases release="n" is set in target.cfg on haswell build targets that use mrc.bin script/update/release exports LBMK_RELEASE="y" script/build/roms skips building a given target if release="n" in target.cfg *and* LBMK_RELEASE="y" you could also do the export yourself before running ./build roms, for example: export LBMK_RELEASE="y" ./build roms all This would skip these ROM images. The native haswell raminit is now stable enough in my testing, that I wish to delete the MRC-based targets. This is in line with Libreboot's Binary Blob Reduction Policy, which states: if a blob can be avoided, it should be avoided. The problem is that users often run the inject script in *lbmk* from Git, instead of from the src release archive. I forsee some users running this on modern lbmk with older release images. If the mrc-based target isn't there, the user may use an NRI-based target name, and think it works; they will insert without MRC. I foresaw this ages ago, which is why Caleb and I ensured that the script checks hashes, and hashes are included in releases. Therefore: for the time being, keep the MRC-based configs in lbmk but do not include images for them in releases. This can be done indefinitely, but I'll probably remove those configs entirely at some point. On the following boards, Libreboot now will *only* provide NRI-based ROM images for the following machines: * Dell OptiPlex 9020 SFF * Dell OptiPlex 9020 MT * Lenovo ThinkPad T440p * Lenovo ThinkPad W541/W540 I now recommend exclusive use of NRI-based images, on Haswell hardware. It's stable enough in my testing, and now supports S3. Signed-off-by: Leah Rowe <leah@libreboot.org>

1 day ago