this mitigates buggy video converters e.g. displayport
to hdmi, where sometimes the display doesn't come up.
sometimes you have to probe them twice. this is apparently
what linux does, according to nicholas chin's interpretation.
this is a really quick and dirty patch that worked for
Noisytoot on IRC, tested on their Dell OptiPlex 5050 SFF
which they are porting; the port otherwise works, and this
patch enables them to use their displayport adapter.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This was a problem when I did it before, because individual
target builds weren't automatically re-compiled when needed.
The recent design improvements in lbmk enable this to be
done again.
Cached images in elf/ have no payloads, so they are a liability,
therefore they are padded by one byte to prevent flashing. This
solves the problem that the previous caching had.
With this change, modifying payloads can be tested without
needing to re-build coreboot each time.
The cached coreboot builds are also automatically re-built when
needed, which is another improvement this time, compared to
the last time coreboot builds were cached in this manner.
Signed-off-by: Leah Rowe <leah@libreboot.org>
as opposed to target/
for example:
image the command:
./mk -b u-boot amd64coreboot
This would put the U-Boot binaries here:
elf/u-boot/amd64coreboot/default/
With this change, they now go here:
elf/u-boot/x86_64/amd64coreboot/default/
This solves a problem that existed previously, where
you could modify a given tree in a multi-tree project,
but cached builds for targets branching separately off
of each tree would not be deleted, and thus not re-built.
This accomplishes such a result, without needing to
further check hashes of individual targets.
The latter will still be done, in a future change, because
this change doesn't fix another problem:
If you change a given config, e.g. targetname "foo" which
uses tree "bar", elf/foo/ would not be removed automatically
for re-build.
So this change only deletes individual target builds when
their master tree changes.
Where the target and tree are the same, this also means
elf/tree/target/
for example: seabios/default would create binaries in:
elf/seabios/default/default/
not:
elf/seabios/default/
Signed-off-by: Leah Rowe <leah@libreboot.org>
Many other changes were imported into the wider pcsx-redux
tree, but we're mainly concerned with the OpenBIOS diffs.
This update brings in the following upstream changes, for
PCSX-Redux OpenBIOS:
* 35de25bb Fixing realloc's edge case.
* b8a9080d OpenBIOS: Annotate sio0/driver.c with enums
* c7cec91e OpenBIOS: Refactor card driver
* 4e42a6b6 Move OpenBIOS SIO to a seperate header and add enums
* a50434c5 Remove OpenBIOS dead sio1 code
* 9c3d3a1e Renaming readAligned to load32Aligned.
* 1b8312e5 [Chores] Format code
* 8b9df484 Simplifying openbios allocation scenario.
* a658a18d Brand new memory allocator.
* ba48f01b Bumped copyright date to 2025
* 64b63a13 Bumped copyright date to 2025
* 3ada28e3 [Chores] Format code
* d25af104 Fixing setjmp/longjmp attributes.
* e51ffafa Assign _bu_init alias to 0x55.
* ae1dd51e Split out the common thread structures to its own file.
Signed-off-by: Leah Rowe <leah@libreboot.org>
NOTE: gfxterm_menu module removed, because of this
change by upstream:
commit ca2a91f43bf6e1df23a07c295534f871ddf2d401
Author: Glenn Washburn <development@efficientek.com>
Date: Mon May 5 16:11:36 2025 -0500
tests: Disable gfxterm_menu and cmdline_cat tests
This brings in the following changes from upstream:
* a68a7dece loader/i386/pc/linux: Fix resource leak
* de80acf36 loader/efi/linux: Unload previous Linux kernel/initrd before updating kernel size
* 249db11d8 loader/efi/linux: Correctly terminate load_options member
* f3b339af1 loader/efi/linux: Use sizeof() instead of constant
* c2b2e0dcf loader/efi/linux: Use proper type for len variable
* de4e8e2aa loader/efi/linux: Do not pass excessive size for source string
* 8c8f96664 loader/efi/linux: Remove useless assignment
* 8ebf155af include/grub/charset.h: Update documentation
* 2f2ed28d5 Revert "lzma: Make sure we don't dereference past array"
* 2539ede82 tests/util/grub-shell: Correct netboot and file_filter test failure
* 8c2d4e64f normal/charset: Fix underflow and overflow in loop init
* ba8eadde6 dl: Provide a fake grub_dl_set_persistent() and grub_dl_is_persistent() for the emu target
* 409e72ced util/grub-protect: Correct uninit "err" variable
* 5eca564b1 gnulib: Bring back the fix for resolving unused variable issue
* ac1512b87 gnulib: Add patch to allow GRUB w/GCC-15 compile
* db506b3b8 gnulib/regexec: Fix resource leak
* bba7dd736 gnulib/regcomp: Fix resource leak
* 91cb7ff6b tests/tpm2_key_protector_test: Add tests for SHA-384 PCR bank
* 451e227e5 tpm2_key_protector: Dump the PCR bank for key unsealing
* 11caacdb2 util/grub-protect: Fix the hash algorithm of PCR digest
* ce23919ca build: Add new header files to dist to allow building from tar
* e3b15bafd build: Remove extra_deps.lst from EXTRA_DIST
* 40e261b89 lib/LzmaEnc: Validate "len" before subtracting
* 86e8f2c4b osdep/unix/hostdisk: Fix signed integer overflow
* 438f05581 disk/luks2: Add attempting to decrypt message to align with luks and geli modules
* 20e6d0c4a osdep/linux/getroot: Detect DDF container similar to IMSM
* b71bc0f8b fs/fshelp: Avoid possible NULL pointer deference
* 272ff81cb fs/ntfs: Correct possible infinite loops/hangs
* 8c95307a0 fs/ntfs: Correct possible access violations
* 06914b614 fs/ntfs: Correct attribute vs attribute list validation
* 0e1762c8a fs/ntfs: Correct regression with run list calculation
* be303f8c1 lib/envblk: Ignore empty new lines while parsing env files
* 34bd00ee2 fs/zfs: Fix another memory leak in ZFS code
* ca2a91f43 tests: Disable gfxterm_menu and cmdline_cat tests
Signed-off-by: Leah Rowe <leah@libreboot.org>
This brings in the following changes:
* b686f460 sercon: Fix keycodes for F11 and F12
* b52ca86e docs: Note v1.17.0 release
* a6c8e8bb ahci: Fix hangs due to controller reset
The serial console fix is useful to us, as is the AHCI
fix; the latter was previously mitigated by removing
SeaBIOS's AHCI reset patch.
Upstream realised that the AHCI controllers need to have
a timeout on them when resetting them, because they don't
always react immediately to commands.
This makes the AHCI behaviour more correct, in SeaBIOS.
Signed-off-by: Leah Rowe <leah@libreboot.org>
coreboot already unlocks the regions during build, by default,
anyway, and this was present in the submitter's patch.
however, it's also good to unlock the IFD regions. like so:
ifdtool --unlock ifd.bin -O ifd.bin
this has been done, on the ifd for hp pro 3500
Signed-off-by: Leah Rowe <leah@libreboot.org>
ifdtool --altmedisable 1 ifd.bin -O ifd.bin
always remember to do this, when adding a new
ifd to lbmk. i merged the 3500 port anyway, since
the submitted already used me_cleaner anyway, but
setting the HAP bit is also useful. for example, if
someone was to only flash the BIOS region, which is
possible in this case since the submitter also
didn't truncate the ME region or enlarge the BIOS
region.
in that case, flashing IFD and BIOS is another valid
way to do it, where IFD's HAP bit is set
Signed-off-by: Leah Rowe <leah@libreboot.org>
We want graphics cards to work out of the box. This is
why SeaGRUB is default, on desktops; SeaBIOS also has
better code quality and is less likely to break, so it
provides a nice fallback in case the GRUB payload is ever
buggy during development (this decision was made ever
since the botched May 2024 release)
Signed-off-by: Leah Rowe <leah@libreboot.org>
it mainly does general tasks, like handling utils
and enabling ccache. the vfiles are a small part.
rename the function accordingly. it is called by
premake, so let's call it corebootpremake.
this change will also make sense when cherry-picked
into cbmk, which does not handle vfiles at all.
Signed-off-by: Leah Rowe <leah@libreboot.org>
define it with a single variable, rather than several.
this allows several checks to be greatly simplified.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Futility tests enlarge the src tarballs, without much utility.
Uttterly futile.
Also, I already removed certain files within these directories,
so those definitions have been removed, since removing the
entire directory also removes those files.
Signed-off-by: Leah Rowe <leah@libreboot.org>
also pcsx-redux
this way, commands like "./mk -u" without argument
will not fail. these fake makefile commands do nothing.
otherwise, an error errors because their makefiles
do not define these options.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This brings in several changes from upstream:
* 73d1c959e cryptocheck: Add --quiet option
* dbc0eb5bd disk/cryptodisk: Wipe the passphrase from memory
* 301b4ef25 disk/cryptodisk: Add the "erase secrets" function
* 23ec4535f docs: Document available crypto disks checks
* 10d778c4b commands/search: Add the diskfilter support
* 7a584fbde disk/diskfilter: Introduce the "cryptocheck" command
* ed691c0e0 commands/search: Introduce the --cryptodisk-only argument
* c448f511e kern/rescue_reader: Block the rescue mode until the CLI authentication
* 4abac0ad5 fs/xfs: Fix large extent counters incompat feature support
This commit is of particular interest:
* dbc0eb5bd disk/cryptodisk: Wipe the passphrase from memory
Signed-off-by: Leah Rowe <leah@libreboot.org>
already present on a few other config files, e.g. arch
i noticed on debian-experimental that i needed to explicitly
install it, whereas it was implicitly installed on debian 12
Signed-off-by: Leah Rowe <leah@libreboot.org>
aka a l l o f t h e m
On Intel Sandybridge, IvyBridge and Haswell platforms,
the flash is divided into these partitions:
* Intel Flash Descriptor (IFD)
* Intel Management Engine (ME)
* Intel Gigabit Ethernet NVM (GbE)
* Platform Data
* BIOS
IFD contains many configuration details of the entire
machine, but for our purpose, you might compare this
to the MBR or GPT section (partition table) on an HDD
or SSD. It does, among other things, define these regions.
Intel Management Engine is a coprocessor that handles,
among other things, certain power management and OOB
execution for things like Intel AMT, providing remote
management features; it also implements a soft TPM on
some platforms, and (on later platforms) Intel Boot Guard.
GbE contains configuration data for the onboard ethernet
chipset, if it's an Intel chipset. It also stores the
MAC address.
Platform Data is essentially just text, where you can
store any number of things. Vendors will sometimes put
information here e.g. version information for firmware.
The BIOS region contains actual boot firmware, for
example Canoeboot.
The Intel ME is a binary blob, so it cannot be included
in Canoeboot. On *Libreboot*, we handle this where needed,
by automatically downloading it from a vendor, and
processing it with the me_cleaner utility which disables
the ME after early bringup; only the ROMP and BUP modules
remain. These are essentially an analog of coreboot, as
they initialise the Intel ME. The Intel ME's own bootrom
executes the ME firmware stored in system flash, from
the ME region.
The *Canoeboot* setup differs greatly from Libreboot, in
that the Intel ME is not handled at all, on these platforms.
It is possible to still disable early ME bringup, by setting
the HAP (ME AltDisable) bit in the IFD; coreboot also has
an option called ME Soft Temporary Disable, and we use this
by default.
With use of either HAP and/or Temporary Disable, a full ME
region, with nothing removed (no me_cleaner) is functionally
identical, as this means only the ROMP and BUP modules will
run, and other modules are disabled.
Libreboot handles Intel ME by generating a *full* image,
including Intel ME, downloading the ME firmware at build
time; Libreboot's way of doing it violates GNU FSDG, and
thus could not be used in Canoeboot.
Canoeboot *does not* handle the Intel ME, but it doesn't
need to. We simply provide images where the Intel ME region
in the ROM is all zeroes. If you then flash the ME region
with that, it will result in a brick; however, you can avoid
flashing the ME region.
The flashprog software (also flashrom which we no longer
use) can be made to flash only specific parts of the flash,
by using either the --ifd option, or by using a layout file.
To generate a layout file, do this on a Canoeboot ROM:
./ifdtool -f layout.txt canoeboot.rom
You can then do e.g.:
./flashprog -l layout.txt -i fd canoeboot.rom
./flashprog -l layout.txt -i gbe canoeboot.rom
./flashprog -l layout.txt -i bios canoeboot.rom
In these examples, fd means IFD, gbe means GbE and
bios means BIOS, so you flash these regions. If you
wanted to flash Intel ME, you could use -i me, but
Canoeboot users migrating from factory firmware or
Libreboot can simply leave the ME region alone.
For all of these machines being added, the BIOS region
is entirely free software; even microcode updates are
excluded. The machines run just fine without microcode
updates, after extensive testing.
The IFD and GBE are not software; they are just config,
and their data format is fully documented by public
Intel datasheets. Canoeboot provides the nvmutil software
for changing GBE MAC addresses, and also ifdtool from
coreboot which can be used to modify IFD if you wish.
The general rule of thumb is this:
* If flashing Canoeboot from factory firmware, please
flash both the IFD and BIOS regions; you may also
modify the GBE region if you wish
* If flashing Canoeboot from Libreboot firmware, please
note that Libreboot *shrinks* the ME, and uses a different
IFD layout; some Dell mainboards also use 16KB GbE in
the Canoeboot setup, mirroring what the vendor did, where
Libreboot corrected this to 8KB:
* Therefore, if flashing Canoeboot from Libreboot, please
flash ONLY the GbE and BIOS regions; do not flash the IFD
region.
Libreboot's way of doing it is superior, because you don't
need to care what's in the original flash, since Intel ME
and other vendor files are automatically downloaded at
build time and inserted into images, or inserted after
the fact by use of a special script on release images.
Canoeboot's method has risks, because for example you might
ignore this entire commit message or the documentation that
I'm going to write covering these facts, and you would then
possibly overwrite the ME region with zeroes, or something
else stupid. If you did do that, you could always just build
Libreboot or something, and use that, but obviously We in
the Canoeboot project do not recommend this, as it would
be extremely unGNU.
Signed-off-by: Leah Rowe <leah@libreboot.org>
We are calling xbmkget in the same way, whether it's
a subfile or subrepo.
Rename these variables to subcurl and subgit, so that we
can call xbmkget unconditionally.
Signed-off-by: Leah Rowe <leah@libreboot.org>
See, coreboot bug report:
https://ticket.coreboot.org/issues/590
We hadn't noticed this for quite a while, since we always
just booted with iomem=relaxed when needing to run cbmem,
since in practise it was always combined with other tasks
that require access to lower memory.
GRUB currently matches coreboot's own mmap for cbmem, but
for example SeaBIOS marks cbmem as E820 reserved. Therefore,
this change replicates the SeaBIOS behaviour.
Without this patch, Linux needs to boot with iomem=relaxed
for cbmem access, for example when running ./cbmem -1
With this patch, cbmem is now accessible regardless. This
patch also prevents Linux from overwriting parts of CBMEM.
Thanks go to Paul Menzel, who wrote this GRUB patch.
Thanks also go to Nicholas Chin, who provided testing, all
the way from Coreboot 25.03 back to Coreboot 4.20. It seems
that this is just something the payloads have to handle.
This means that both SeaBIOS and GRUB no longer have this
bug, in Libreboot; now what remains is to replicate the
test with our U-Boot payload.
Signed-off-by: Leah Rowe <leah@libreboot.org>
remove it from mkhelper files, because rom.sh doesn't
initialise any variables globally, except one that
never changes.
Signed-off-by: Leah Rowe <leah@libreboot.org>
I fixed the AHCI bug, with a patch that I wrote. It works by
restoring the old SeaBIOS AHCI initialisation behaviour, whereby
the AHCI controller is enabled from its current state; the patch
that broke AHCI in coreboot (tested on ThinkPad T420), changed
AHCI initialisation behaviour so that the controller's state is
first reset, prior to enablement.
However, my patch also retains the new AHCI initialisation
behaviour, when a CSM is in use. The AHCI reset patch was done,
by the author, specifically for SeaBIOS in CSM mode, so it makes
sense to only change the behaviour conditionally according to that.
This reverts commit 8245f0b3211812ac818adadd6526b0b39c63f3f0.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This reverts commit a08b8d94fc58fa195adb0261539509d8ddaf4799.
From #libreboot IRC today:
07:02 <irys> ooh this is fun. seabios commit 8863cbbd15a73b03153553c562f5b1fb939ad4d7 (ahci: add controller reset) breaks ahci entirely on t420
07:05 <irys> cbmem console on that seabios commit has a timeout then "AHCI/0: device not ready"
07:07 <irys> AHCI works fine if i change config/seabios/default/target.cfg to use the immediate previous seabios commit (df9dd418b3b0e586cb208125094620fc7f90f23d)
07:07 <irys> works in grub payload either way though
07:31 <irys> here, `cbmem -c` after booting the broken rev: https://0x0.st/84oQ.log
07:31 <irys> compared to the working one https://0x0.st/84o1.log
07:33 <irys> i can't report to upstream myself *right now* but i figure you might want to know about this leah
I have downloaded those logs locally for reference, so that an upstream
report can be made to SeaBIOS. For the purposes of this Libreboot commit,
the diff of the logs is as follows (diff -u broken.log working.log):
Taking each diff line out of the log, the relevant entries
seem to be:
Searching bootorder for: /pci@i0cf8/*@1f,2/drive@0/disk@0
+AHCI/0: Set transfer mode to UDMA-6
+Searching bios-geometry for: /pci@i0cf8/*@1f,2/drive@0/disk@0
+AHCI/0: registering: "AHCI/0: Netac SSD 128GB ATA-11 Hard-Disk (119 GiBytes)"
-WARNING - Timeout at ahci_port_setup:477!
-AHCI/0: device not ready (tf 0x80)
-All threads complete.
-2. Payload [memtest]
+2. AHCI/0: Netac SSD 128GB ATA-11 Hard-Disk (119 GiBytes)
+3. Payload [memtest]
-Space available for UMB: c7000-eb800, f5880-f5ff0
-Returned 16777216 bytes of ZoneHigh
+drive 0x000f5fa0: PCHS=16383/16/63 translation=lba LCHS=1024/255/63 s=250069680
+Space available for UMB: c7000-eb800, f5880-f5fa0
+Returned 16773120 bytes of ZoneHigh
Therefore, the revision will be reverted back for now. It was
only about 8 additional patches imported in the update anyway.
while cherry picking other recent lbmk changes, i
skipped the coreboot updates, because the lbmk ones
were done in mayn commits. it's more efficient just
to do it all in bulk, when adapting for canoeboot.
Signed-off-by: Leah Rowe <leah@libreboot.org>
src/rp2_common/boot_stage2/boot2_w25x10cl.S:142: Error: junk at end of line, first unrecognized character is `0'
src/rp2_common/boot_stage2/boot2_w25x10cl.S:145: Error: garbage following instruction -- `beq 00b'
This should also fix it on Debian sid Experimental, where I'm testing
with GCC 15 and other bleeding edge dependencies.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Many users report bugs, so I'm reverting lbmk back to only
supporting the rp2040 dongles for the time being. The
documentation will be updated to reflect this.
Pico2 support will be re-added at a later date, once more
testing has been done, and fixes made if necessary.
This brings in the following improvements from upstream:
* 9029a010 kconfig: fix the check-lxdialog.sh to work with gcc 14+
* 8863cbbd ahci: add controller reset
* df9dd418 update pci_pad_mem64 handling
* a4fc1845 add romfile_loadbool()
* a2725e28 drop acpi tables and hex includes
* 35aa9a72 drop obsolete acpi table code
* 1b598a1d usb-hid: Support multiple USB HID devices by storing them in a linked list
Signed-off-by: Leah Rowe <leah@libreboot.org>
One of our SeaBIOS patches causes build errors with GCC 15:
src/romfile.c: In function 'romfile_loadfile_g':
src/romfile.c:65:18: error: too many arguments to function 'malloc_fn'; expected 0, have 1
65 | char *data = malloc_fn(filesize+add_len);
| ^~~~~~~~~ ~~~~~~~~~~~~~~~~
src/romfile.c: In function 'romfile_loadfile':
src/romfile.c:88:50: error: passing argument 3 of 'romfile_loadfile_g' from incompatible pointer type [-Wincompatible-pointer-types]
88 | char *data = romfile_loadfile_g(name, psize, &malloc_tmphigh, 1);
| ^~~~~~~~~~~~~~~
| |
| void * (*)(u32) {aka void * (*)(unsigned int)}
src/romfile.c:55:28: note: expected 'void * (*)(void)' but argument is of type 'void * (*)(u32)' {aka 'void * (*)(unsigned int)'}
55 | void *(*malloc_fn)(), int add_len)
| ~~~~~~~~^~~~~~~~~~~~
In file included from src/romfile.c:8:
src/malloc.h:42:21: note: 'malloc_tmphigh' declared here
42 | static inline void *malloc_tmphigh(u32 size) {
| ^~~~~~~~~~~~~~
make: *** [Makefile:142: out/src/romfile.o] Error 1
make: *** Waiting for unfinished jobs....
src/optionroms.c: In function 'vgarom_setup':
src/optionroms.c:468:60: error: passing argument 3 of 'romfile_loadfile_g' from incompatible pointer type [-Wincompatible-pointer-types]
468 | void *mxm_sis = romfile_loadfile_g("mxm-30-sis", NULL, &malloc_low, 0);
| ^~~~~~~~~~~
| |
| void * (*)(u32) {aka void * (*)(unsigned int)}
In file included from src/optionroms.c:18:
src/romfile.h:17:34: note: expected 'void * (*)(void)' but argument is of type 'void * (*)(u32)' {aka 'void * (*)(unsigned int)'}
17 | void *(*malloc_fn)(), int add_len);
| ~~~~~~~~^~~~~~~~~~~~
In file included from src/optionroms.c:16:
src/malloc.h:30:21: note: 'malloc_low' declared here
30 | static inline void *malloc_low(u32 size) {
| ^~~~~~~~~~
make: *** [Makefile:141: out/src/optionroms.o] Error 1
make: Leaving directory '/tmp/lbmk/src/seabios/default'
This is because the function pointer defined as `void *(*malloc_fn)()`
refers to a function that takes no arguments, unlike `malloc_tmphigh`
which takes an unsigned int. Add the missing argument type.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
The Debian package for libusb is "libusb-1.0-0". Fix the typo in the
list which is missing the suffix. While we're here, also fix a line
continuation.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Recently, gru boards were migrated to use common stack addresses with
U-Boot commit 5e7cd8a11995 ("rockchip: Use common bss and stack
addresses on RK3399") and commit 49f8131e5594 ("rockchip: rk3399-gru:
Use TPL with common bss and stack addresses"). This is done with the
ROCKCHIP_COMMON_STACK_ADDR config.
With POSITION_INDEPENDENT, INIT_SP_RELATIVE defaults to enabled as well.
However, ROCKCHIP_COMMON_STACK_ADDR selects HAS_CUSTOM_SYS_INIT_SP_ADDR,
which depends on INIT_SP_RELATIVE being disabled. So this results in a
configuration warning:
WARNING: unmet direct dependencies detected for HAS_CUSTOM_SYS_INIT_SP_ADDR
Depends on [n]: ARM [=y] && ARCH_KIRKWOOD [=n] || ARC [=n] || ARM [=y] && !INIT_SP_RELATIVE [=y] || MIPS [=n] || PPC [=n] || RISCV [=n]
Selected by [y]:
- ROCKCHIP_COMMON_STACK_ADDR [=y] && ARM [=y] && ARCH_ROCKCHIP [=y] && SPL_SHARES_INIT_SP_ADDR [=y]
I'm not sure if adhering to the Rockchip values means we can't be
position-independent. Disabling INIT_SP_RELATIVE still appears to keep
my kevin board working, so let's do that for now.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Apply our preserved changes to the new U-Boot defconfigs. Upstream
rearranged memory layouts for Rockchip boards to a unified layout, which
got rid of CUSTOM_SYS_INIT_SP_ADDR and HAS_CUSTOM_SYS_INIT_SP_ADDR, and
will need a change to a related INIT_SP_RELATIVE later.
Normalize the positions of each line in the config by regenerating the
defconfig by `./mk -l u-boot` and then `./mk -s u-boot`, so that the
diff looks all green when we actually expand it to the full config.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Set the U-Boot revision to the commit hash for v2025.04, and rebase the
patches for the default U-Boot tree to accommodate for upstream changes:
- The SPL/TPL/VPL phases are being unified under the xPL name, so
there's a config rename.
- Some test macros were renamed, for the video-related patches.
- Add some missing hunks for video damage series.
- Upstream Makefile adds another argument to the binman call.
- The SWIG related patch is merged upstream, drop it.
I'm not sure if src/u-boot/* directories are regenerated on new builds,
so it may be necessary to remove them manually after applying this.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Run diffconfig from Linux to track our modifications to the old upstream
defconfigs, so we can apply them to the new ones. Restore the original
defconfigs to highlight our changes here, and upstream changes in the
next commit. Done manually, but something like:
do_diff() {
ours="$1"
theirs="$2"
tree="$3"
diffconfig \
src/u-boot/${tree}/configs/${theirs}_defconfig \
config/u-boot/${ours}/config/default \
>config/u-boot/${ours}/config/diffconfig
cp src/u-boot/${tree}/configs/${theirs}_defconfig \
config/u-boot/${ours}/config/default
}
do_diff amd64coreboot coreboot64 x86_64
do_diff i386coreboot coreboot x86
do_diff gru_bob chromebook_bob default
do_diff gru_kevin chromebook_kevin default
do_diff qemu_arm64_12mb qemu_arm64 default
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Run `./mk -s u-boot` to convert our configs into defconfigs, so we can
keep our changes to the old upstream defconfigs and re-apply them to the
new upstream defconfigs.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
A number of regressions were caused by the recent CVE fixes,
many of which have since been fixed upstream. This includes
several ext4 file system bugs, which caused some systems not
to boot properly, when dealing with very large initramfs files.
No additional patching has been made. This will be tested, and
then used to provide a revision update for Libreboot 20241206.
After this, there are several additional OOT patches that will
be merged, for the next *testing release* of Libreboot.
Update to this revision, for all GRUB trees:
a4da71dafeea519b034beb159dfe80c486c2107c
This brings in the following changes from upstream:
* a4da71daf util/grub-install: Include raid5rec module for RAID 4 as well
* 223fcf808 loader/ia64/efi/linux: Reset grub_errno on failure to allocate
* 6504a8d4b lib/datetime: Specify license in emu module
* 8fef533cf configure: Add -mno-relax on riscv*
* 1fe094855 docs: Document the long options of tpm2_key_protect_init
* 6252eb97c INSTALL: Document the packages needed for TPM2 key protector tests
* 9d4b382aa docs: Update NV index mode of TPM2 key protector
* 2043b6899 tests/tpm2_key_protector_test: Add more NV index mode tests
* 9f66a4719 tests/tpm2_key_protector_test: Reset "ret" on fail
* b7d89e667 tests/tpm2_key_protector_test: Simplify the NV index mode test
* 5934bf51c util/grub-protect: Support NV index mode
* cd9cb944d tpm2_key_protector: Support NV index handles
* fa69deac5 tpm2_key_protector: Unseal key from a buffer
* 75c480885 tss2: Add TPM 2.0 NV index commands
* 041164d00 tss2: Fix the missing authCommand
* 46c9f3a8d tpm2_key_protector: Add tpm2_dump_pcr command
* 617dab9e4 tpm2_key_protector: Dump PCRs on policy fail
* 204a6ddfb loader/i386/linux: Update linux_kernel_params to match upstream
* 6b64f297e loader/xnu: Fix memory leak
* f94d257e8 fs/btrfs: Fix memory leaks
* 81146fb62 loader/i386/linux: Fix resource leak
* 1d0059447 lib/reloacator: Fix memory leaks
* f3f1fcecd disk/ldm: Fix memory leaks
* aae2ea619 fs/ntfs: Fix NULL pointer dereference and possible infinite loop
* 3b25e494d net/drivers/ieee1275/ofnet: Add missing grub_malloc()
* fee6081ec kern/ieee1275/init: Increase MIN_RMA size for CAS negotiation on PowerPC machines
* b66c6f918 fs/zfs: Fix a number of memory leaks in ZFS code
* 1d59f39b5 tests/util/grub-shell: Remove the work directory on successful run and debug is not on
* e0116f3bd tests/grub_cmd_cryptomount: Remove temporary directories if successful and debug is not on
* e6e2b73db tests/grub_cmd_cryptomount: Default TMPDIR to /tmp
* 32b02bb92 tests/grub_cmd_cryptomount: Cleanup the cryptsetup script unless debug is enabled
* c188ca5d5 tests: Cleanup generated files on expected failure in grub_cmd_cryptomount
* 50320c093 tests/util/grub-shell-luks-tester: Add missing line to create RET variable in cleanup
* bb6d3199b tests/util/grub-shell-luks-tester: Find cryptodisk by UUID
* 3fd163e45 tests/util/grub-shell: Default qemuopts to envvar $GRUB_QEMU_OPTS
* ff7f55307 disk/lvm: Add informational messages in error cases of ignored features
* a16b4304a disk/lvm: Add support for cachevol LV
* 9a37d6114 disk/lvm: Add support for integrity LV
* 6c14b87d6 lvm: Match all LVM segments before validation
* d34b9120e disk/lvm: Remove unused cache_pool
* 90848a1f7 disk/lvm: Make cache_lv more generic as ignored_feature_lv
* 488ac8bda commands/ls: Add directory header for dir args
* 096bf59e4 commands/ls: Print full paths for file args
* 90288fc48 commands/ls: Output path for single file arguments given with path
* 6337d84af commands/ls: Show modification time for file paths
* cbfb031b1 commands/ls: Merge print_files_long() and print_files() into print_file()
* 112d2069c commands/ls: Return proper GRUB_ERR_* for functions returning type grub_err_t
* da9740cd5 commands/acpi: Use options enum to index command options
* 1acf11fe4 docs: Capture additional commands restricted by lockdown
* 6a168afd3 docs: Document restricted filesystems in lockdown
* be0ae9583 loader/i386/bsd: Fix type passed for the kernel
* ee27f07a6 kern/partition: Unbreak support for nested partitions
* cb639acea lib/tss2/tss2_structs.h: Fix clang build - remove duplicate typedef
* 696e35b7f include/grub/mm.h: Remove duplicate inclusion of grub/err.h
* 187338f1a script/execute: Don't let trailing blank lines determine the return code
* ff173a1c0 gitignore: Ignore generated files from libtasn
* fbcc38891 util/grub.d/30_os-prober.in: Conditionally show or hide chain and efi menu entries
* 56ccc5ed5 util/grub.d/30_os-prober.in: Fix GRUB_OS_PROBER_SKIP_LIST for non-EFI
* 01f064064 docs: Do not reference non-existent --dumb option
* 3f440b5a5 docs: Replace @lbracechar{} and @rbracechar{} with @{ and @}
* f20988738 fs/xfs: Fix grub_xfs_iterate_dir() return value in case of failure
* 1ed2628b5 fs/xfs: Add new superblock features added in Linux 6.12/6.13
* 348cd416a fs/ext2: Rework out-of-bounds read for inline and external extents
* c730eddd2 disk/ahci: Remove conditional operator for endtime
* f0a08324d term/ns8250-spcr: Return if redirection is disabled
* 7161e2437 commands/file: Fix NULL dereference in the knetbsd tests
* 11b9c2dd0 gdb_helper: Typo hueristic
* 224aefd05 kern/efi/mm: Reset grub_mm_add_region_fn after ExitBootServices() call
* 531750f7b i386/tsc: The GRUB menu gets stuck due to unserialized rdtsc
* f2a1f66e7 kern/i386/tsc_pmtimer: The GRUB menu gets stuck due to failed calibration
* 13f005ed8 loader/i386/linux: Fix cleanup if kernel doesn't support 64-bit addressing
Signed-off-by: Leah Rowe <leah@libreboot.org>
instead of running pwd all the time, run it once in lib.sh,
and export PWD.
for cbmk-specific use of PWD, use xbmkpwd, which contains
the value of PWD as was set by the pwd utility in lib.sh.
many parts of cbmk rely on pwd, and it *must* be correct.
this change adds basic error handling, since pwd can in
fact return errors in some cases.
Signed-off-by: Leah Rowe <leah@libreboot.org>
PWD could be anything, if the user manually exported
it before running cbmk.
always run pwd instead, to get the real string.
Signed-off-by: Leah Rowe <leah@libreboot.org>
I was importing a patch for the z790 boards, but
Libreboot doesn't support this board yet, and the
patch was a hack that may affect other boards.
When I do later merge that board, and I find that the
hack is needed, I'll simply make another grub tree
within lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>