-
-
Notifications
You must be signed in to change notification settings - Fork 188
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add xx30-maximized and xx30-hotp-maximized boards (11.5mb flashable BIOS regions, reproducible me.bin and generated gbe.bin and totally externally and internally flashable roms) #703
Conversation
If you have any advice into putting innoextract calls into a module Makefile, I could remove ME from the xx30 directory and only have x230-ifd.bin (that might generalize into ifd.bin after other xx30 boards are tested by community.) Waiting on your input guys! |
4282fe5
to
960efdc
Compare
@osresearch @merge @jan23 @flawedworld @MrChromebox @shamen123 @eganonoa |
Will merge myself in the next coming days. This project stands still and this is really, really sad. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not able to review the CI bits, but as for the rest:
- blobs look sane
- why a separate linux config for this board? it's exactly the same as linux-x230.config -- why not just use that?
- I realize you just duped/edited the coreboot-x230 config, but there's a lot in there that doesn't make sense / isn't needed:
-- why not include the config file in CBFS?
-- why not include timestamps in cbmem?
-- USE_BLOBS is useless since it only affects coreboot checking out the blobs repo, which we do manually
-- deselecting POST_IO and POST_DEVICE is better done viaCONFIG_NO_POST=y
-- makes no sense to select DRIVERS_UART_8250IO then disable CONSOLE_SERIAL
-- DRIVERS_PS2_KEYBOARD isn't needed for linux payload
-- UART_PCI_ADDR is default and doesn't need to be set
-- PXE is deselected by default, no need to explicitly deselect
-- no need for DEBUG_SMM_RELOCATION
the above changes drop the config from 29 lines to 19 - for the ROM split, any particular reason to use a 64kb block size, vs say 4M (assuming you wanted to use the same for both)?
@MrChromebox : thanks for the review!
Agreed. More modules inclusion in the main linux config to come. Actually, I would go forward and also upgrade the kernel to at least the latest LTS kernel of that branch, or even better, move kernel support to 5.x branch. Will do in seperate PR. The reasoning on this is that the x230 board has actually changed in time. For example, the MMC controller passed from Ricoh to Realtek. Unfortunately, Realtek MMC kernel support is not in the current kernel nor config. In the meantime I will point to the linux-x230.config
Added
Added
Added
Removed
Removed
Removed
Removed
Removed
Removed
Same result
Just reused an old recipe of Trammel that just worked (in tree) that didn't made any sense back then because of faked IFD and absence of ME, creating invalid 4Mb and 8Mb images from invalid 12Mb image (since back then an external flash map was used to instruct older version of flashrom to only flash BIOS region of it, which is now replaced by flashrom IFD statement specifying BIOS region. With blobs included, we remove the need to specify that IFD BIOS region since the image is valid and can be flashed internally as a whole. It BS size doesn't really change anything really here, unless you have a concise reason to change it. The important part is the skip statement, the rest is just arithmetic. Edit: those statements produce the actual externally flashable rom images, removing the need to have the x230-flash board config and produce those top and bottom rom images from coreboot.rom which is flashable internally, using flashrom differencial against 12Mb opaque combined SPI flash. The goal of this board proposition is exactly that: having a 12Mb image which can be verified/flashed internally while removing first flash requirement with x230-flash board config. Did I missed your point? |
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
assume these commits will get squashed when merged, so doesn't really matter than the config delete is here vs the other commit
Received FSFE Legal advice today. Read here |
@MrChromebox : following the legal advice above. Is there any trick i've missed that would permit to use innoextract or cabextract against the ME executable to automatize this without having to host the blob? @osresearch was ok fdor github to distribute IFD but not so confortable distributing ME. I have no clue how to accomplis this. |
Process is documented in readme to reproduce me.bin, not automatized. As a result the me.bin is in the PR, not code that would produce that me.bin without hosting it.
On April 19, 2020 6:06:14 PM UTC, MrChromebox ***@***.***> wrote:
@tlaurion you had ME extraction working from FL2 via innoextract per your comments in #307 [here](#307 (comment)), is that not sufficient?
--
You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub:
#703 (comment)
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
|
@MrChromebox: still trying to find a way. New attempt is to make a xx30 submodule depending on me_cleaner and have innoextract downloaded on host system (CIs). Trying to make it work. |
Seems like without gbe blob, no ethernet. @hughies? Could we extract that from LVFS archive from a download script without hosting the blobs ourselves anywhere? |
…gawk error fixed upstream). Goal of this is to show that x230 board will die if we do not resolve linuxboot#590, or move along with linuxboot#703.
since this is going in after the flashrom 1.2 bump, can update CONFIG_FLASHROM_OPTIONS to drop the unnecessary params now |
@MrChromebox : Will change FLASHROM_OPTIONS, thanks for the heads up. But with gbe now thought to be needed to be inserted in coreboot to have a working ethernet port on final host system, there is still be work needed, added with live extraction of ME and neutering+deactivation of while unlocking of ifd from CIs for this PR to be pertinent... There is still work needed to go forward with this PR: |
it seems like we're jumping thru a lot of hoops to try and build a reproducible full flash image, rather than a reproducible coreboot/Heads one. Any reason we don't simply focus on the BIOS region only, and let the IFD/ME/GBE be the user's (or a downstream) problem? |
@MrChromebox The problem i'm attacking here is to be able to add more stuff in the BIOS region, which is actually limited to 7Mb and near saturation, while permitting CIs to prove that SPI content and bult reproducible images ARE reproducible and that the content on SPI flash IS identical and verifiable on unlocked IFDs to permit reflashing/read/write of whole 12Mb opaque flash chip.
My goal here is, once again, to give a chance to Heads to do (and continue to do) what it actually does already well and stop relying on patches (measured boot patch -> coreboot vboot+measured boot upstreamed) to do its job, while maximizing available space for other tool integration, while at the same time permitting CIs to build those reproducible images it is supposed to produce (not the case currently #640 #571) reproducibly out of the box. This is multiple birds one stone proposition to permit Heads to attract more developers, both from the community but also to be integrated in other projects and be customized further more, which is right now locked down because no more space is available. As of now, there is no possibility of building x220 nor other boards actually, automatically from CIs. This is problematic on a lot of levels. If we only pick one, no CI, and no LVFS, and no FWUPD for firmware upgrades under QubesOS, to be released soon. We would all benefit to be able to tackle this problem for transparency and not target only high technical people who are able to compile software, verify reproducibility (where?) and manually upgrade their firmware internally. Continuing with using only the BIOS region (7Mb CBFS region not touching ME) path is not only limiting, but doesn't permit to neither internally validate signed OEM rom image completely, nor verify ME region against external source, nor would permit FWUPD to completely reflash/upgrade the whole 12mb flash, but would require the user to be tech-savvy/blind trust us as OEMs, which is not really consistent with Heads promises and leaves it to a PoC state or hack our ways to download a whole image from somewhere else and extract the binaries in a script by CIs to accomplish the same result, requiring OEMs reselling other models to miss that transparency point. |
599e0ab
to
a6b936d
Compare
For some reason, cache has expired so builds will take longer then expected under last commit linked CI, happening under yellow dot now on last commit. |
Is it possible to change the MAC before flashing with a tool like the old ich9gen, or is a local build required for that? |
@tlaurion While we have talked about the path to migrate Lenovo models @bwachter As of coreboot 4.13, a |
a6b936d
to
64fb450
Compare
As of right now @bwachter : you can change the mac here. |
Those were specified here, mainly:
As for deprecating xx20 and xx30 boards, @flammit showed opposition. Considering BIOS region is measured, sealed, and revalidated just before boot with Disk Unlock Key passphrase (so nothing went to recovery sed'ing our policies), i would go forward and even implement a flashrom verification of ME partition prior of booting into another PR (with proper additional flag in board config). Otherwise, no other solution were proposed, and xx20 and xx30 platforms, with their limited SPI space being already saturated, I will give the maintainsership of those original platforms (with their x230-flash, x230-hotp and others, without neutered ME and that space made available for BIOS region) to someone else. I'm out of ideas, like said so many times before under #590 and all tagged issues. |
Al always, I'm open to debate and go forward with constructive solutions. |
…al-flash boards, seperate build from output of build errors as for other boards. xx30 Boards: clarify requirements, blobs extraction scripts and categorize dependencies in groups bfor better user/dev understanding xx30 Boards: rename boards : x230-external-flash -> x230-maximized, t430-external-flash -> t430-maximized. Changes inside of CircleCI accordingly. xx30 Boards: Add x230-hotp-maximized and t430-hotp-maximized. Changes in CircleCI accordingly.
64fb450
to
1462bee
Compare
x230: @tlaurion @osresearch @merge @jan23 @flawedworld @MrChromebox @shamen123 @eganonoa @bwachter @Thrilleratplay @SebastianMcMillan Testers: Ready to merge unless told otherwise.
Look at the build results here Planning to merge this at the same time as #912 : |
It is impossible to unlock the IFD/ME, even with 1vyrain or other things when i only flashed the 4M top-chip with coreboot/skulls? In https://github.com/merge/skulls there is written that flashing the 8M-Chip is optional and that is why i have not flashed it. I also gave my external flasher to other people and dont have it any more because i thought i wont need it any more. Now i am not able to use the heads xx30-maximized images? |
@fhvyhjriur that's correct. The IFD can be unlocked only via external flashing, and doing so is required to use the -maximized Heads images |
blobs/xx30/README: corrections on ifd naming and sections name consistency
8cc7005
to
e8165fc
Compare
Ok. This is ready to merge to my eyes! @MrChromebox ? Some things my eyes missed? The magic operates here, prior of each maximized board being compiled. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Except for the NITs and extra file - this LGTM (without having tested it on real hardware).
Please also squash the commits before merging there is way too much noise for what is a straight forward blob/boards addition.
boards/x230-hotp-verification/x230-hotp-verification.config.orig
Outdated
Show resolved
Hide resolved
…ed on review prior of squashing and merging into master.
Misses documentation linuxboot/heads-wiki#55 |
See linuxboot/heads-wiki#25 (comment) Make sure to address @qubicrm linuxboot/heads-wiki#25 (comment) |
REQUIRES:
maximized-top.rom
on top SPI chip andmaximized-bottom.rom
counterpart on bottom SPI flash chip.or
ifdtool -u
on your bottom.rom stock backup prior of reflashing it?).If so, internal flashing is possible through a manual
flashrom --force --noverify-all -p internal -w maximized.rom
(12mb rom) from command line to switch from xx30 to xx30-maximized.Adds:
Might be generalizeable to ifd.bin: haven't tested on above boardsEDIT: Reported working)GitlabCI(EDIT: changed their caching system. Unusable for our use case now) and CirecleCI modifications,changing the default board compiled to be x230-external-flash (instead of x230)EDIT: no replace.(GitlabCI, CircleCI (1)(2)) and quick fixes (cleans make build and board local buildsthat are not properly declared in Makefile... To fix later, just want it to work right now)CI:
Permits:
Tested on x230 and x230t from latest commit CI build's artifacts. (Click on green checkmark to go on CircleCI, go in the artifacts section and download ROMs (both top and bootom roms to externally flash, or, full 12mb rom to flash internally, see REQUIREMENTS)
Tagging all x230 owners as per #691 : @osresearch @merge @jan23 @flawedworld @MrChromebox @shamen123 @eganonoa
T430 owners: want to adapt and test if x230-ifd.bin can be used on that board too?EDIT: reported to work.Would close #307.
Edit: put links everywhere to facilitate understanding implied changes.
Edit: As of now, this concept as been generalized to xx20 and xx30, with boards definitions having been created for x230-maximized, x230-hotp-maximized, t430-maximized, t430-htop-maximized, t420-maximized, t420-hotp-maximized, x220-maximized, x220-hotp-maximized.
Where:
-maximized
boards: Includes xxx0 ivy/sandy bridge initial board configs with additions which required additional space that were deleted over time under xxx0 initial board counterparts. For exemple, the initial board configs won't integrate cryptsetup2, might revert to gpgv1 if needed in later time. Remote attestation happens solely over TOTP at each boot.-hotp-maximized
boards: includes the above, with an additional dependency in bootpath against HOTP remote attestation, which depends on users having a HOTP compatible USB Security dongle (Librem Key, Nitrokey Pro, Nitrokey Storage) to challenge TPMTOTP measurements over HOTP with the USB Security dongle. As a result, both Heads and the USB Security Dongle will report the result of the remote attestation challenge. On screen with HOTP:Success while the LED will flash green. It is also to be noted that as opposed to boards not having a TPM, that challenge will fail if going into recovery and going back to gui-init, since the PCR being linked to Heads state (normal, recovey) will change and will invalidate measurements challenged at remote attestation.