Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change board name from nitropad-nv41 -> novacustom_nv4x_adl #1793

Merged

Conversation

tlaurion
Copy link
Collaborator

@tlaurion tlaurion commented Sep 11, 2024

See commit log 0b8f7e5 to make sure the changes are compatible.

This is a follow up on agreed board name change from #1662 (comment) discussions.

NS50 not sold by Novacustom: only applies to nitropad-nv41 renaming. Suggestions welcome.


Notes:

Last comment on which this PR acts upon: #1662 (comment) on which I clarified this PR being needed at #1662 (comment) without any answer.

--

This historical situation will be used in my QubesOS mini-summit last talk (discussion): https://cfp.3mdeb.com/qubes-os-summit-2024/talk/HL9MSV/ as the main example of upstream/downstream versioning, cooperation/collaboration to better the process for the future and clarify expectations of all parties.

Points:

  • Heads is rolling release. The more bug opened upstream, the more fixes are done early.
    • If Heads upstream results in early beta tests downstream (from users wanting new Heads features, pushing downstream for releases), those would result in more issues opened upstreamed and less bugs when downstream do releases on top of a Heads commit they select in their release automated testing.
    • Those beta releases should result in more upstream rolling releases (downloadable and flashable through traditional internal flashing from Heads users) in PR, more eyes, more bugs found, more fixes and better UX in downstream forks and releases.

Thoughts welcome here. No issue raised, no fixes. Then users complaining downstream.


Ideal process would be (my proposition).

Actual board offerings (sold downstream):

  • Issues should be raised upstream for a Heads commit ID (system information clear on this, less clear with downstream builds: mapping of downstream release hides Heads master used commit ID. Fix: point users into BOM, or me having clear mapping of commits from downstream BOM to upstream Heads commit ID. Not a problem but could be optimized process)
  • Issues raised downstream should result in issues opened upstream and closed downstream. BOM releated Heads commit ID ideally should be referred in opened upstream issue opened from downstream issue closed.
  • Collaboration should happen upstream, not downstream: a PR should close upstream issue, and downstream issue should show that upstream issue is closed, leading to downstream issue also be closed.
    • Issues closed upstream will result in testable PR artifacts, tested to fix issue.
  • Issue closed upstream -> downstream means that PR fixed the issue, and should eventually result in a new beta build downstream, linking to closed upstream/downstream issues in BOM.

New board offering from downstream:

  • Once coreboot+UEFI is functional, start collaboration for coreboot+heads upstream
    • Open WiP PR where collaboration can happen to make things testable, leading to rolling release testable builds from CircleCI, leading to issues opened/closed until satisfaction of rolling release
    • Once rolling release is satisfying, open beta builds to be testable by early adopters ddownstream
      • Same process as above for next steps.

@tlaurion
Copy link
Collaborator Author

tlaurion commented Oct 2, 2024

@pietrushnic prioritize accordingly please.
Note presence of https://github.com/linuxboot/heads/labels/release%20cycle tag.

@tlaurion
Copy link
Collaborator Author

tlaurion commented Oct 23, 2024

@macpijan ping :)
Even more important considering users think nv41 is valid for many gens, where Heads (and downstream forks) should be clear about this board to be Alder lake only (nv4x_adl).

Please comment on anything preventing this to go forward for so long in actionnable items. I cannot be clearer i'm afraid, then in OP.

@tlaurion
Copy link
Collaborator Author

@macpijan ping. Would be needed as base for newer novacustom port of Heads, including verification of strings and identification needed for dts/future fwupd compatibility.

@tlaurion
Copy link
Collaborator Author

Rebasing on master

@tlaurion tlaurion force-pushed the move_nitropad-nv41_to_novacustom-v41 branch 2 times, most recently from fb1e8fd to 81e786d Compare November 4, 2024 17:51
@tlaurion
Copy link
Collaborator Author

tlaurion commented Nov 4, 2024

@macpijan ping for checking BOARD_NAME and review coreboot string for board references prior of #1821
Refer to OP please.

@tlaurion tlaurion force-pushed the move_nitropad-nv41_to_novacustom-v41 branch from 618a367 to f693b7f Compare November 4, 2024 20:17
@tlaurion
Copy link
Collaborator Author

ping @pietrushnic

@tlaurion tlaurion force-pushed the move_nitropad-nv41_to_novacustom-v41 branch from f693b7f to 6596e38 Compare November 13, 2024 17:18
@pietrushnic
Copy link

@tlaurion, what is my expected action? I am trying to understand why the naming convention is mixed with your Qubes OS Summit talk and your vision of the relationship between downstream and upstream. Maybe we should have separate threads for separate topics.

@tlaurion
Copy link
Collaborator Author

See commit log 0b8f7e5 to make sure the changes are compatible.

  • board name OK?
  • board name under board config OK?
  • strings in coreboot config OK?
  • rebranding process clear enough?
  • Oppositions? Suggestions?

This is a follow up on agreed board name change from #1662 (comment) discussions.

NS50 not sold by Novacustom: only applies to nitropad-nv41 renaming. Suggestions welcome.

Actions items are check marks in OP @pietrushnic, quoted in this message.Rest is historical traces.

You answered off channel you would want nv41 to be novacustom-nv41_adl. That resolves the first checkmark. I will change board name accordingly.

@@ -111,7 +111,7 @@ CONFIG_VENDOR_NOVACUSTOM=y
# CONFIG_VENDOR_UP is not set
CONFIG_MAINBOARD_FAMILY="Not Applicable"
CONFIG_MAINBOARD_PART_NUMBER="nv40pz"
CONFIG_MAINBOARD_VERSION="v2.1"
CONFIG_MAINBOARD_VERSION="nv40pz"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mkopec Have you double checked that this is the same we have had in previous Dasharo + heads release?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I missed it, no, it should be v2.1 as it was

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mkopec @macpijan :
Right. reference config https://github.com/Dasharo/coreboot/blob/3a9aa3a4692f3dd49732f5b4e3ec54be385f0969/configs/config.novacustom_nv4x_adl also changes LOCALVERSION to 1.7.2:

--- a/config/coreboot-novacustom_nv4x_adl.config
+++ b/config/coreboot-novacustom_nv4x_adl.config
@@ -7,7 +7,7 @@
 # General setup
 #
 CONFIG_COREBOOT_BUILD=y
-CONFIG_LOCALVERSION=""
+CONFIG_LOCALVERSION="v1.7.2"
 CONFIG_CBFS_PREFIX="fallback"
 CONFIG_COMPILER_GCC=y
 # CONFIG_COMPILER_LLVM_CLANG is not set
@@ -111,7 +111,7 @@ CONFIG_VENDOR_NOVACUSTOM=y
 # CONFIG_VENDOR_UP is not set
 CONFIG_MAINBOARD_FAMILY="Not Applicable"
 CONFIG_MAINBOARD_PART_NUMBER="nv40pz"
-CONFIG_MAINBOARD_VERSION="nv40pz"
+CONFIG_MAINBOARD_VERSION="v2.1"
 CONFIG_MAINBOARD_DIR="clevo/adl-p"
 CONFIG_DIMM_MAX=4
 CONFIG_DIMM_SPD_SIZE=512

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

user@localhost:~/heads$ grep BIOS modules/coreboot
CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME ?= $(BOARD)
	sed -i '/^CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME/d' $(build)/$(coreboot_dir)/.config; \
	echo 'CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="$(CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME)"' >> $(build)/$(coreboot_dir)/.config; \
	if [ ! -z "$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)" ]; then \
		sed -i '/^CONFIG_MAINBOARD_SMBIOS_MANUFACTURER/d' $(build)/$(coreboot_dir)/.config; \
		echo 'CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)"' >> $(build)/$(coreboot_dir)/.config; \

@jans23
Copy link

jans23 commented Nov 14, 2024

Board renaming is ok for me.

@pietrushnic
Copy link

@tlaurion I see nothing about the rebranding process, so it's hard to take action on that. Other things seem to be technical, which IIUC has already approved here by the 3mdeb team.

@tlaurion
Copy link
Collaborator Author

@tlaurion I see nothing about the rebranding process, so it's hard to take action on that. Other things seem to be technical, which IIUC has already approved here by the 3mdeb team.

@pietrushnic OP #1793 (comment):

This master...Nitrokey:heads:nitropad-release-v2.5.0#diff-1aa063ec528a5753e685e3e8c0d35336015074f1746351e1a221b177e999f622 points to site-local/config which is example of rebranding process. Something missing/unclear?

@pietrushnic
Copy link

Something missing/unclear?

I expect documentation on how new OEMs can brand whatever Heads supported hardware today. I get a hash showing the application of branding-related configurations, IIUC. If it works, I'm very happy, but I cannot test it nor imagine the result of such branding and how it is exposed to users. Also, I need to find out how other brands are in the pipeline, what part of SMBIOS is preserved, and what is dropped. If there is a new OEM in the Heads ecosystem, we need a path to follow instead of just linking to an implementation commit from which it is hard to decode what is what if you are not the Heads developer. I'm not Heads developer, so I'm trying to understand that at the business level. Heads should welcome not only new users but also new OEMs.

@tlaurion
Copy link
Collaborator Author

tlaurion commented Nov 14, 2024

Something missing/unclear?

I expect documentation on how new OEMs can brand whatever Heads supported hardware today. I get a hash showing the application of branding-related configurations, IIUC. If it works, I'm very happy, but I cannot test it nor imagine the result of such branding and how it is exposed to users. Also, I need to find out how other brands are in the pipeline, what part of SMBIOS is preserved, and what is dropped. If there is a new OEM in the Heads ecosystem, we need a path to follow instead of just linking to an implementation commit from which it is hard to decode what is what if you are not the Heads developer. I'm not Heads developer, so I'm trying to understand that at the business level. Heads should welcome not only new users but also new OEMs.

@pietrushnic

user@localhost:~/heads$ grep BIOS modules/coreboot
CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME ?= $(BOARD)
	sed -i '/^CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME/d' $(build)/$(coreboot_dir)/.config; \
	echo 'CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="$(CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME)"' >> $(build)/$(coreboot_dir)/.config; \
	if [ ! -z "$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)" ]; then \
		sed -i '/^CONFIG_MAINBOARD_SMBIOS_MANUFACTURER/d' $(build)/$(coreboot_dir)/.config; \
		echo 'CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)"' >> $(build)/$(coreboot_dir)/.config; \

Which is OP's

strings in coreboot config OK?

Which was asked elsewhere (in historical traces pointed...) without answers yet. If no issue was raised, no comment done when/where pinged, then I consider current implementation and overrides to be ok until an issue/pr is opened about it? I ping you when those changes happen: No answers to me means ok, until an issue opened means not ok.

- Move/rename board config
- Rename coreboot config
- Applies changes to coreboot config from defconfig+dasharo coreboot fork config + fixes
- Rename CircleCI board for rom build

-----
Repro:

First: change some oldconfig defaults from dasharo coreboot fork
git checkout -b move_nitropad-nv41_to_novacustom-v41
mv boards/nitropad-nv41 boards/novacustom_nv4x_adl
mv boards/novacustom_nv4x_adl/nitropad-nv41.config boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
vim boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
vim config/coreboot-nitropad-nv41.config
mv config/coreboot-nitropad-nv41.config config/coreboot-novacustom_nv4x_adl.config
vim boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=novacustom_nv4x_adl coreboot.modify_and_save_oldconfig_in_place
cd /home/user/heads/build/x86/coreboot-dasharo
sudo make menuconfig
cd ~/heads
sudo meld /home/user/heads/build/x86/coreboot-dasharo/.config config/coreboot-novacustom_nv4x_adl.config
git status
git add boards/nitropad-nv41/nitropad-nv41.config config/coreboot-nitropad-nv41.config config/coreboot-novacustom_nv4x_adl.config config/coreboot-novacustom_nv4x_adl.config
git add boards/novacustom_nv4x_adl/novacustom_nv4x_adl.config
sed -i 's/nitropad-nv41/novacustom_nv4x_adl/g' .circleci/config.yml
git add .circleci/config.yml
git commit --sigoff -m
git push tlaurion-github --force
...
(and multiple 'git commit --signoff --amend' to add traces below)

----

Relevant changes from nitropad-nv41 coreboot configs:
diff --git a/config/coreboot-nitropad-nv41.config b/config/coreboot-novacustom_nv4x_adl.config
index 9484aaf512..235f255a31 100644
--- a/config/coreboot-nitropad-nv41.config
+++ b/config/coreboot-novacustom_nv4x_adl.config
@@ -111,7 +111,7 @@ CONFIG_VENDOR_NOVACUSTOM=y
 # CONFIG_VENDOR_UP is not set
 CONFIG_MAINBOARD_FAMILY="Not Applicable"
 CONFIG_MAINBOARD_PART_NUMBER="nv40pz"
-CONFIG_MAINBOARD_VERSION="v2.1"
+CONFIG_MAINBOARD_VERSION="nv40pz"
 CONFIG_MAINBOARD_DIR="clevo/adl-p"
 CONFIG_DIMM_MAX=4
 CONFIG_DIMM_SPD_SIZE=512
@@ -131,7 +131,7 @@ CONFIG_VBOOT_VBNV_OFFSET=0x28
 CONFIG_VARIANT_DIR="nv40pz"
 CONFIG_OVERRIDE_DEVICETREE="variants/$(CONFIG_VARIANT_DIR)/overridetree.cb"
 # CONFIG_VGA_BIOS is not set
-CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="Nitrokey"
+CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="Notebook"
 CONFIG_INTEL_GMA_VBT_FILE="src/mainboard/$(MAINBOARDDIR)/variants/$(VARIANT_DIR)/data.vbt"
 # CONFIG_DISABLE_HECI1_AT_PRE_BOOT is not set
 CONFIG_PRERAM_CBMEM_CONSOLE_SIZE=0x4000
@@ -140,7 +140,7 @@ CONFIG_CMOS_LAYOUT_FILE="src/mainboard/$(MAINBOARDDIR)/cmos.layout"
 CONFIG_BOOT_DEVICE_SPI_FLASH_BUS=0
 CONFIG_BOARD_CLEVO_ADLP_COMMON=y
 CONFIG_BOARD_CLEVO_NV40PZ_BASE=y
-CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NV41"
+CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="NV4xPZ"
 CONFIG_CONSOLE_POST=y
 # CONFIG_USE_PM_ACPI_TIMER is not set
 CONFIG_TPM_PIRQ=0x27

When comparing against dasharo/coreboot fork coreboot config saved in oldconfig format, diffs:
diff --git a/config/coreboot-novacustom_nv4x_adl.config b/config/coreboot-novacustom_nv4x_adl.config
index 235f255a31..41bdd7889c 100644
--- a/config/coreboot-novacustom_nv4x_adl.config
+++ b/config/coreboot-novacustom_nv4x_adl.config
@@ -7,19 +7,19 @@
 # General setup
 #
 CONFIG_COREBOOT_BUILD=y
-CONFIG_LOCALVERSION=""
+CONFIG_LOCALVERSION="v1.7.2"
 CONFIG_CBFS_PREFIX="fallback"
 CONFIG_COMPILER_GCC=y
 # CONFIG_COMPILER_LLVM_CLANG is not set
 CONFIG_ARCH_SUPPORTS_CLANG=y
 # CONFIG_ANY_TOOLCHAIN is not set
-# CONFIG_CCACHE is not set
+CONFIG_CCACHE=y
 # CONFIG_IWYU is not set
 # CONFIG_FMD_GENPARSER is not set
 # CONFIG_UTIL_GENPARSER is not set
-# CONFIG_OPTION_BACKEND_NONE is not set
-CONFIG_USE_OPTION_TABLE=y
-# CONFIG_STATIC_OPTION_TABLE is not set
+CONFIG_OPTION_BACKEND_NONE=y
+# CONFIG_USE_OPTION_TABLE is not set
+# CONFIG_USE_UEFI_VARIABLE_STORE is not set
 CONFIG_COMPRESS_RAMSTAGE_LZMA=y
 # CONFIG_COMPRESS_RAMSTAGE_LZ4 is not set
 CONFIG_INCLUDE_CONFIG_FILE=y
@@ -35,12 +35,7 @@ CONFIG_HAVE_ASAN_IN_RAMSTAGE=y
 # CONFIG_NO_STAGE_CACHE is not set
 CONFIG_TSEG_STAGE_CACHE=y
 # CONFIG_UPDATE_IMAGE is not set
-CONFIG_BOOTSPLASH_IMAGE=y
-CONFIG_BOOTSPLASH_FILE="@BRAND_DIR@/bootsplash.jpg"
-CONFIG_BOOTSPLASH_CONVERT=y
-CONFIG_BOOTSPLASH_CONVERT_QUALITY=90
-# CONFIG_BOOTSPLASH_CONVERT_RESIZE is not set
-# CONFIG_BOOTSPLASH_CONVERT_COLORSWAP is not set
+# CONFIG_BOOTSPLASH_IMAGE is not set
 # CONFIG_FW_CONFIG is not set

 #
@@ -111,14 +106,14 @@ CONFIG_VENDOR_NOVACUSTOM=y
 # CONFIG_VENDOR_UP is not set
 CONFIG_MAINBOARD_FAMILY="Not Applicable"
 CONFIG_MAINBOARD_PART_NUMBER="nv40pz"
-CONFIG_MAINBOARD_VERSION="nv40pz"
+CONFIG_MAINBOARD_VERSION="v2.1"
 CONFIG_MAINBOARD_DIR="clevo/adl-p"
 CONFIG_DIMM_MAX=4
 CONFIG_DIMM_SPD_SIZE=512
-CONFIG_FMDFILE=""
+CONFIG_FMDFILE="src/mainboard/$(CONFIG_MAINBOARD_DIR)/vboot-rwa.fmd"
 # CONFIG_NO_POST is not set
 CONFIG_MAINBOARD_VENDOR="Notebook"
-CONFIG_CBFS_SIZE=0x1000000
+CONFIG_CBFS_SIZE=0xA00000
 # CONFIG_CONSOLE_SERIAL is not set
 CONFIG_MAX_CPUS=24
 CONFIG_ONBOARD_VGA_IS_PRIMARY=y
@@ -126,8 +121,9 @@ CONFIG_ONBOARD_VGA_IS_PRIMARY=y
 # CONFIG_POST_IO is not set
 CONFIG_UART_FOR_CONSOLE=0
 CONFIG_DEVICETREE="devicetree.cb"
-# CONFIG_VBOOT is not set
+CONFIG_VBOOT=y
 CONFIG_VBOOT_VBNV_OFFSET=0x28
+CONFIG_RO_REGION_ONLY=""
 CONFIG_VARIANT_DIR="nv40pz"
 CONFIG_OVERRIDE_DEVICETREE="variants/$(CONFIG_VARIANT_DIR)/overridetree.cb"
 # CONFIG_VGA_BIOS is not set
@@ -143,10 +139,12 @@ CONFIG_BOARD_CLEVO_NV40PZ_BASE=y
 CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="NV4xPZ"
 CONFIG_CONSOLE_POST=y
 # CONFIG_USE_PM_ACPI_TIMER is not set
-CONFIG_TPM_PIRQ=0x27
+CONFIG_VBOOT_SLOTS_RW_A=y
+CONFIG_TPM_PIRQ=0x0
 # CONFIG_SOC_INTEL_CSE_SEND_EOP_EARLY is not set
 CONFIG_VBOOT_FWID_VERSION="$(CONFIG_LOCALVERSION)"
 CONFIG_EC_SYSTEM76_EC_BAT_THRESHOLDS=y
+CONFIG_PXE_ROM_ID="10ec,8168"
 CONFIG_ECAM_MMCONF_BASE_ADDRESS=0xc0000000
 CONFIG_ECAM_MMCONF_BUS_NUMBER=256
 CONFIG_MEMLAYOUT_LD_FILE="src/arch/x86/memlayout.ld"
@@ -156,20 +154,28 @@ CONFIG_C_ENV_BOOTBLOCK_SIZE=0x40000
 CONFIG_DCACHE_BSP_STACK_SIZE=0x80400
 CONFIG_MAX_ACPI_TABLE_SIZE_KB=144
 CONFIG_HAVE_INTEL_FIRMWARE=y
+CONFIG_VBOOT_NO_BOARD_SUPPORT=y
+CONFIG_RW_REGION_ONLY=""
 CONFIG_MRC_SETTINGS_CACHE_SIZE=0x10000
 CONFIG_DRIVERS_INTEL_WIFI=y
 CONFIG_IFD_BIN_PATH="3rdparty/dasharo-blobs/novacustom/nv4x_adl/descriptor.bin"
 CONFIG_ME_BIN_PATH="3rdparty/dasharo-blobs/novacustom/nv4x_adl/me.bin"
-CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x20000
+# CONFIG_VBOOT_ALWAYS_ALLOW_UDC is not set
+CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x100000
+CONFIG_EDK2_BOOT_TIMEOUT=2
 CONFIG_VBT_DATA_SIZE_KB=9
+CONFIG_VBOOT_FWID_MODEL="$(CONFIG_MAINBOARD_VENDOR)_$(CONFIG_MAINBOARD_PART_NUMBER)"
+CONFIG_VBOOT_STARTS_IN_BOOTBLOCK=y
 CONFIG_CARDBUS_PLUGIN_SUPPORT=y
 CONFIG_SPI_FLASH_DONT_INCLUDE_ALL_DRIVERS=y
 # CONFIG_USE_LEGACY_8254_TIMER is not set
+CONFIG_GBB_HWID=""
 # CONFIG_DEBUG_SMI is not set
 CONFIG_HAVE_IFD_BIN=y
 CONFIG_PCIEXP_HOTPLUG_BUSES=42
 CONFIG_PCIEXP_HOTPLUG_MEM=0xc200000
 CONFIG_PCIEXP_HOTPLUG_PREFETCH_MEM=0x1c000000
+# CONFIG_VBOOT_SLOTS_RW_AB is not set
 CONFIG_PS2K_EISAID="PNP0303"
 CONFIG_PS2M_EISAID="PNP0F13"

@@ -193,8 +199,8 @@ CONFIG_PCIEXP_CLK_PM=y
 CONFIG_PC_CMOS_BASE_PORT_BANK1=0x72
 CONFIG_HEAP_SIZE=0x10000
 CONFIG_EC_GPE_SCI=0x50
+CONFIG_EDK2_BOOTSPLASH_FILE="3rdparty/dasharo-blobs/novacustom/bootsplash.bmp"
 CONFIG_TPM_MEASURED_BOOT=y
-CONFIG_LINUX_COMMAND_LINE="quiet loglevel=2"
 CONFIG_BOARD_ROMSIZE_KB_32768=y
 # CONFIG_COREBOOT_ROMSIZE_KB_256 is not set
 # CONFIG_COREBOOT_ROMSIZE_KB_512 is not set
@@ -399,7 +405,7 @@ CONFIG_SOC_INTEL_COMMON_BLOCK_TCO=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_TCO_ENABLE_THROUGH_SMBUS=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_SMM=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_IO_TRAP=y
-# CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_TCO_ENABLE is not set
+CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_TCO_ENABLE=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_S5_DELAY_MS=0
 CONFIG_SOC_INTEL_COMMON_BLOCK_SPI=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_SA=y
@@ -417,7 +423,7 @@ CONFIG_SOC_INTEL_COMMON_BLOCK_USB4_PCIE=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_USB4_XHCI=y
 CONFIG_SOC_INTEL_ENABLE_USB4_PCIE_RESOURCES=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_VTD=y
-# CONFIG_ENABLE_EARLY_DMA_PROTECTION is not set
+CONFIG_ENABLE_EARLY_DMA_PROTECTION=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_XDCI=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_XHCI=y
 CONFIG_SOC_INTEL_COMMON_BLOCK_XHCI_ELOG=y
@@ -508,15 +514,15 @@ CONFIG_EC_SYSTEM76_EC_DGPU=y
 #
 # Intel Firmware
 #
-CONFIG_IFDTOOL_DISABLE_ME=y
+# CONFIG_IFDTOOL_DISABLE_ME is not set
 CONFIG_HAVE_ME_BIN=y
 # CONFIG_STITCH_ME_BIN is not set
 # CONFIG_ME_REGION_ALLOW_CPU_READ_ACCESS is not set
 CONFIG_HAVE_INTEL_ME_HAP=y
 # CONFIG_INTEL_ME_DISABLED_HECI is not set
-CONFIG_INTEL_ME_DISABLED_HAP=y
-# CONFIG_INTEL_ME_ENABLED is not set
-CONFIG_INTEL_ME_DEFAULT_STATE=2
+# CONFIG_INTEL_ME_DISABLED_HAP is not set
+CONFIG_INTEL_ME_ENABLED=y
+CONFIG_INTEL_ME_DEFAULT_STATE=0
 # CONFIG_DO_NOT_TOUCH_DESCRIPTOR_REGION is not set
 # CONFIG_LOCK_MANAGEMENT_ENGINE is not set
 CONFIG_UNLOCK_FLASH_REGIONS=y
@@ -529,7 +535,7 @@ CONFIG_BIOS_VENDOR="3mdeb"
 #
 # Dasharo Configuration
 #
-CONFIG_DASHARO_PREFER_S3_SLEEP=y
+# CONFIG_DASHARO_PREFER_S3_SLEEP is not set
 # end of Dasharo Configuration

 CONFIG_UDK_BASE=y
@@ -550,8 +556,6 @@ CONFIG_X86_CUSTOM_BOOTMEDIA=y
 CONFIG_PC80_SYSTEM=y
 CONFIG_HAVE_CMOS_DEFAULT=y
 CONFIG_POSTCAR_STAGE=y
-CONFIG_BOOTBLOCK_SIMPLE=y
-# CONFIG_BOOTBLOCK_NORMAL is not set
 CONFIG_COLLECT_TIMESTAMPS_TSC=y
 CONFIG_IDT_IN_EVERY_STAGE=y
 CONFIG_HAVE_CF9_RESET=y
@@ -575,9 +579,10 @@ CONFIG_NO_EARLY_GFX_INIT=y
 #
 # Display
 #
+CONFIG_WANT_LINEAR_FRAMEBUFFER=y
 CONFIG_GENERIC_LINEAR_FRAMEBUFFER=y
 CONFIG_LINEAR_FRAMEBUFFER=y
-CONFIG_BOOTSPLASH=y
+# CONFIG_BOOTSPLASH is not set
 # end of Display

 CONFIG_PCI=y
@@ -610,17 +615,21 @@ CONFIG_I2C_TRANSFER_TIMEOUT_US=500000
 # Generic Drivers
 #
 CONFIG_CRB_TPM_BASE_ADDRESS=0xfed40000
-# CONFIG_DRIVERS_EFI_VARIABLE_STORE is not set
+CONFIG_DRIVERS_EFI_VARIABLE_STORE=y
 # CONFIG_ELOG is not set
 CONFIG_CACHE_MRC_SETTINGS=y
 CONFIG_MRC_SETTINGS_PROTECT=y
-# CONFIG_SMMSTORE is not set
+CONFIG_HAS_RECOVERY_MRC_CACHE=y
+CONFIG_MRC_SAVE_HASH_IN_TPM=y
+CONFIG_SMMSTORE=y
+CONFIG_SMMSTORE_V2=y
+CONFIG_SMMSTORE_SIZE=0x40000
 CONFIG_SPI_FLASH=y
 CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP=y
 CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP_EARLY=y
+CONFIG_SPI_FLASH_SMM=y
 # CONFIG_SPI_FLASH_NO_FAST_READ is not set
-CONFIG_TPM_INIT_RAMSTAGE=y
-# CONFIG_TPM_PPI is not set
+CONFIG_TPM_PPI=y
 CONFIG_DRIVERS_UART=y
 CONFIG_NO_UART_ON_SUPERIO=y
 CONFIG_DRIVERS_UART_8250MEM=y
@@ -669,7 +678,7 @@ CONFIG_DRIVERS_INTEL_PMC=y
 # CONFIG_DRIVERS_NXP_UWB_SR1XX is not set
 # CONFIG_DRIVERS_PS2_KEYBOARD is not set
 CONFIG_DRIVERS_MC146818=y
-# CONFIG_USE_PC_CMOS_ALTCENTURY is not set
+CONFIG_USE_PC_CMOS_ALTCENTURY=y
 CONFIG_PC_CMOS_BASE_PORT_BANK0=0x70
 CONFIG_MEMORY_MAPPED_TPM=y
 CONFIG_TPM_TIS_BASE_ADDRESS=0xfed40000
@@ -695,6 +704,50 @@ CONFIG_DRIVERS_INTEL_USB4_RETIMER=y
 # Verified Boot (vboot)
 #
 CONFIG_VBOOT_LIB=y
+CONFIG_VBOOT_VBNV_CMOS=y
+CONFIG_VBOOT_VBNV_CMOS_BACKUP_TO_FLASH=y
+# CONFIG_VBOOT_MOCK_SECDATA is not set
+CONFIG_VBOOT_MUST_REQUEST_DISPLAY=y
+CONFIG_VBOOT_ALWAYS_ENABLE_DISPLAY=y
+CONFIG_VBOOT_HAS_REC_HASH_SPACE=y
+CONFIG_CBFS_MCACHE_RW_PERCENTAGE=50
+CONFIG_VBOOT_CLEAR_RECOVERY_EACH_BOOT=y
+# CONFIG_VBOOT_EC_EFS is not set
+CONFIG_VBOOT_X86_SHA256_ACCELERATION=y
+
+#
+# GBB configuration
+#
+CONFIG_GBB_BMPFV_FILE=""
+# CONFIG_GBB_FLAG_DEV_SCREEN_SHORT_DELAY is not set
+# CONFIG_GBB_FLAG_LOAD_OPTION_ROMS is not set
+# CONFIG_GBB_FLAG_ENABLE_ALTERNATE_OS is not set
+# CONFIG_GBB_FLAG_FORCE_DEV_SWITCH_ON is not set
+CONFIG_GBB_FLAG_FORCE_DEV_BOOT_USB=y
+CONFIG_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK=y
+# CONFIG_GBB_FLAG_ENTER_TRIGGERS_TONORM is not set
+# CONFIG_GBB_FLAG_FORCE_DEV_BOOT_ALTFW is not set
+# CONFIG_GBB_FLAG_RUNNING_FAFT is not set
+CONFIG_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC=y
+# CONFIG_GBB_FLAG_DEFAULT_DEV_BOOT_ALTFW is not set
+CONFIG_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC=y
+CONFIG_GBB_FLAG_DISABLE_LID_SHUTDOWN=y
+# CONFIG_GBB_FLAG_FORCE_MANUAL_RECOVERY is not set
+CONFIG_GBB_FLAG_DISABLE_FWMP=y
+# CONFIG_GBB_FLAG_ENABLE_UDC is not set
+# end of GBB configuration
+
+#
+# Vboot Keys
+#
+CONFIG_VBOOT_ROOT_KEY="$(VBOOT_SOURCE)/tests/devkeys/root_key.vbpubk"
+CONFIG_VBOOT_RECOVERY_KEY="$(VBOOT_SOURCE)/tests/devkeys/recovery_key.vbpubk"
+CONFIG_VBOOT_FIRMWARE_PRIVKEY="$(VBOOT_SOURCE)/tests/devkeys/firmware_data_key.vbprivk"
+CONFIG_VBOOT_KERNEL_KEY="$(VBOOT_SOURCE)/tests/devkeys/kernel_subkey.vbpubk"
+CONFIG_VBOOT_KEYBLOCK="$(VBOOT_SOURCE)/tests/devkeys/firmware.keyblock"
+CONFIG_VBOOT_KEYBLOCK_VERSION=1
+CONFIG_VBOOT_KEYBLOCK_PREAMBLE_FLAGS=0x0
+# end of Vboot Keys
 # end of Verified Boot (vboot)

 #
@@ -730,10 +783,14 @@ CONFIG_INTEL_TXT_LIB=y
 # CONFIG_INTEL_TXT is not set
 # CONFIG_STM is not set
 # CONFIG_INTEL_CBNT_SUPPORT is not set
-CONFIG_BOOTMEDIA_LOCK_NONE=y
-# CONFIG_BOOTMEDIA_LOCK_CONTROLLER is not set
+# CONFIG_BOOTMEDIA_LOCK_NONE is not set
+CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y
 # CONFIG_BOOTMEDIA_LOCK_CHIP is not set
-# CONFIG_BOOTMEDIA_SMM_BWP is not set
+# CONFIG_BOOTMEDIA_LOCK_WHOLE_RO is not set
+# CONFIG_BOOTMEDIA_LOCK_WHOLE_NO_ACCESS is not set
+CONFIG_BOOTMEDIA_LOCK_WPRO_VBOOT_RO=y
+CONFIG_BOOTMEDIA_LOCK_IN_VERSTAGE=y
+CONFIG_BOOTMEDIA_SMM_BWP=y
 # end of Security

 CONFIG_ACPI_HAVE_PCAT_8259=y
@@ -772,8 +829,8 @@ CONFIG_DEFAULT_CONSOLE_LOGLEVEL_7=y
 # CONFIG_DEFAULT_CONSOLE_LOGLEVEL_1 is not set
 # CONFIG_DEFAULT_CONSOLE_LOGLEVEL_0 is not set
 CONFIG_DEFAULT_CONSOLE_LOGLEVEL=7
-CONFIG_CONSOLE_USE_LOGLEVEL_PREFIX=y
-CONFIG_CONSOLE_USE_ANSI_ESCAPES=y
+# CONFIG_CONSOLE_USE_LOGLEVEL_PREFIX is not set
+# CONFIG_CONSOLE_USE_ANSI_ESCAPES is not set
 # CONFIG_CMOS_POST is not set
 CONFIG_HWBASE_DEBUG_CB=y
 # end of Console
@@ -804,12 +861,89 @@ CONFIG_MAINBOARD_SERIAL_NUMBER="123456789"
 # CONFIG_PAYLOAD_LINUXBOOT is not set
 # CONFIG_PAYLOAD_SEABIOS is not set
 # CONFIG_PAYLOAD_UBOOT is not set
-# CONFIG_PAYLOAD_EDK2 is not set
-CONFIG_PAYLOAD_LINUX=y
-CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage"
+CONFIG_PAYLOAD_EDK2=y
+# CONFIG_PAYLOAD_LINUX is not set
+CONFIG_PAYLOAD_FILE="novacustom_nv4x_adl/UEFIPAYLOAD.fd"
 CONFIG_PAYLOAD_OPTIONS=""
-# CONFIG_PXE is not set
-CONFIG_LINUX_INITRD="@BOARD_BUILD_DIR@/initrd.cpio.xz"
+CONFIG_EDK2_UEFIPAYLOAD=y
+# CONFIG_EDK2_UNIVERSAL_PAYLOAD is not set
+CONFIG_EDK2_REPO_MRCHROMEBOX=y
+# CONFIG_EDK2_REPO_OFFICIAL is not set
+# CONFIG_EDK2_REPO_CUSTOM is not set
+CONFIG_EDK2_REPOSITORY="https://github.com/Dasharo/edk2"
+CONFIG_EDK2_TAG_OR_REV="b7274c98697e972e772236caf830c0780ec498bd"
+CONFIG_EDK2_USE_EDK2_PLATFORMS=y
+CONFIG_EDK2_PLATFORMS_REPOSITORY="https://github.com/Dasharo/edk2-platforms"
+CONFIG_EDK2_PLATFORMS_TAG_OR_REV="3323ed481d35096fb6a7eae7b49f35eff00f86cf"
+# CONFIG_EDK2_DEBUG is not set
+CONFIG_EDK2_RELEASE=y
+# CONFIG_EDK2_BOOT_MANAGER_ESCAPE is not set
+CONFIG_EDK2_CBMEM_LOGGING=y
+CONFIG_EDK2_SYSTEM76_EC_LOGGING=y
+CONFIG_EDK2_CPU_TIMER_LIB=y
+CONFIG_EDK2_FOLLOW_BGRT_SPEC=y
+CONFIG_EDK2_FULL_SCREEN_SETUP=y
+CONFIG_EDK2_HAVE_EFI_SHELL=y
+CONFIG_EDK2_PRIORITIZE_INTERNAL=y
+CONFIG_EDK2_PS2_SUPPORT=y
+CONFIG_EDK2_SKIP_PS2_DETECT=y
+CONFIG_EDK2_SD_MMC_TIMEOUT=10
+CONFIG_EDK2_SERIAL_SUPPORT=y
+CONFIG_EDK2_ENABLE_IPXE=y
+CONFIG_EDK2_IPXE_OPTION_NAME="iPXE Network Boot"
+CONFIG_EDK2_SECURE_BOOT=y
+# CONFIG_EDK2_SECURE_BOOT_DEFAULT_ENABLE is not set
+# CONFIG_EDK2_SATA_PASSWORD is not set
+# CONFIG_EDK2_OPAL_PASSWORD is not set
+CONFIG_EDK2_SETUP_PASSWORD=y
+CONFIG_EDK2_PERFORMANCE_MEASUREMENT_ENABLE=y
+CONFIG_EDK2_DASHARO_SYSTEM_FEATURES=y
+CONFIG_EDK2_DASHARO_SECURITY_OPTIONS=y
+CONFIG_EDK2_SHOW_CAMERA_OPTION=y
+CONFIG_EDK2_SHOW_WIFI_BT_OPTION=y
+CONFIG_EDK2_DASHARO_INTEL_ME_OPTIONS=y
+CONFIG_EDK2_DASHARO_USB_CONFIG=y
+CONFIG_EDK2_DASHARO_NETWORK_CONFIG=y
+# CONFIG_EDK2_DASHARO_CHIPSET_CONFIG is not set
+CONFIG_EDK2_DASHARO_POWER_CONFIG=y
+CONFIG_EDK2_SLEEP_TYPE_OPTION=y
+CONFIG_EDK2_FAN_CURVE_OPTION=y
+CONFIG_EDK2_BATTERY_CONFIG_OPTION=y
+# CONFIG_EDK2_DASHARO_PCI_CONFIG is not set
+# CONFIG_EDK2_DASHARO_MEMORY_CONFIG is not set
+# CONFIG_EDK2_DASHARO_NETWORK_BOOT_DEFAULT_ENABLE is not set
+# CONFIG_EDK2_DASHARO_SERIAL_REDIRECTION_DEFAULT_ENABLE is not set
+CONFIG_EDK2_BOOT_MENU_KEY=0x0011
+CONFIG_EDK2_SETUP_MENU_KEY=0x000C
+CONFIG_EDK2_DISABLE_MTRR_PROGRAMMING=y
+CONFIG_EDK2_ENABLE_BATTERY_CHECK=y
+# CONFIG_EDK2_DISABLE_OPTION_ROMS is not set
+CONFIG_EDK2_PRINT_SOL_STRINGS=y
+# CONFIG_EDK2_RAM_DISK_ENABLE is not set
+CONFIG_EDK2_CUSTOM_BUILD_PARAMS="-D VARIABLE_SUPPORT=SMMSTORE"
+CONFIG_EDK2_LAN_ROM_DRIVER=""
+# CONFIG_EDK2_CREATE_PREINSTALLED_BOOT_OPTIONS is not set
+CONFIG_PXE=y
+
+#
+# PXE Options
+#
+# CONFIG_PXE_ROM is not set
+CONFIG_BUILD_IPXE=y
+CONFIG_IPXE_STABLE=y
+# CONFIG_IPXE_MASTER is not set
+# CONFIG_PXE_SERIAL_CONSOLE is not set
+# CONFIG_PXE_NO_PROMPT is not set
+CONFIG_PXE_ADD_SCRIPT=y
+CONFIG_PXE_SCRIPT="3rdparty/dasharo-blobs/dasharo/dasharo.ipxe"
+CONFIG_PXE_HAS_HTTPS=y
+CONFIG_PXE_CUSTOM_BUILD_ID="0123456789"
+CONFIG_PXE_TRUST_CMD=y
+# end of PXE Options
+
+# CONFIG_COMPRESSED_PAYLOAD_NONE is not set
+CONFIG_COMPRESSED_PAYLOAD_LZMA=y
+# CONFIG_COMPRESSED_PAYLOAD_LZ4 is not set
 CONFIG_COMPRESS_SECONDARY_PAYLOAD=y

 #

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
…NAME=NovaCustom NV4x 12th Gen', nv40pz in title. Remove forgotten Nitrokey Nitropad NV41 reference

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
@@ -131,7 +131,7 @@ CONFIG_VBOOT_VBNV_OFFSET=0x28
CONFIG_VARIANT_DIR="nv40pz"
CONFIG_OVERRIDE_DEVICETREE="variants/$(CONFIG_VARIANT_DIR)/overridetree.cb"
# CONFIG_VGA_BIOS is not set
CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="Nitrokey"
CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="Notebook"
Copy link
Collaborator Author

@tlaurion tlaurion Nov 14, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pietrushnic so per reference config in dasharo fork, this is one of the SMBIOS strings dasharo configured.

@macpijan please confirm valid.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

user@localhost:~/heads$ grep BIOS modules/coreboot
CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME ?= $(BOARD)
	sed -i '/^CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME/d' $(build)/$(coreboot_dir)/.config; \
	echo 'CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="$(CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME)"' >> $(build)/$(coreboot_dir)/.config; \
	if [ ! -z "$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)" ]; then \
		sed -i '/^CONFIG_MAINBOARD_SMBIOS_MANUFACTURER/d' $(build)/$(coreboot_dir)/.config; \
		echo 'CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)"' >> $(build)/$(coreboot_dir)/.config; \

Copy link
Collaborator Author

@tlaurion tlaurion Nov 14, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pietrushnic pretty sure you don't want the manufacturer to be Notebook, but you tell me.
Nitrokey overrided this to Nitrokey which this PR changes and is part of the string I asked numerous tims to review for the sake of DTS/DMIDECODE/FWUPD and other things depending of those strings, those strings changes that would break if we are not careful.

This come from Dasharo fork's reference config, and what coreboot fork's defconfig (vs oldconfig resulting of defconfig) results in Notebook as per that release: https://github.com/Dasharo/coreboot/blob/3a9aa3a4692f3dd49732f5b4e3ec54be385f0969/configs/config.novacustom_nv4x_adl

Copy link
Contributor

@mkopec mkopec Nov 14, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Notebook is correct. Those are the strings in Insyde firmware, and they have to match in Dasharo so that Windows autoinstalls the drivers that Clevo uploaded to Windows Update :(

I suppose it's not a big concern for Heads but I think they should match the UEFI firmware variant. fwupd also includes this SMBIOS string when looking for updates

Copy link

@pietrushnic pietrushnic Nov 14, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I asked numerous tims to review

This part was not needed.


@tlaurion, as @mkopec said, Dasharo (coreboot+UEFI) is concerned because of drivers delivered by Windows Update. fwupd uses the same mechanics, but if Novacustom or Nitrokey register in LVFS or Dasharo Team starts its instance, we could leverage that for much simpler updates. We will cross that bridge when we get there. Premature optimization is the root of all evil, so I would treat it as a no-op now.

Only when we can describe to OEMs precisely how to set that up to leverage LVFS can we create rules around that; without these tests and documentation, we should leave it as close to upstream as possible. If OEMs need to adjust that for some reason, we should also give them that freedom unless we can explain the implications for integration, which has not existed so far.

The impact of DTS does not belong to this repository and to this issue, IMHO. @mkopec, can you create an issue for DTS and determine how BOARD will impact DTS by assigning the problem to someone from Zarhus Team? Ideally, deliverables would be guidelines for naming conventions that do not break the way DTS works. Maybe we should mimic NV41 Dasharo (coreboot+Heads) behavior. Please note that the goal is to support both Novacustom and Nitrokey devices in Dasharo (coreboot+Heads).

…ION to v2.1 as per fork reference config

TODO: config LOCALVERSION and SMBIOS strings...

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
@tlaurion tlaurion force-pushed the move_nitropad-nv41_to_novacustom-v41 branch from 6596e38 to 6746058 Compare November 14, 2024 14:39
@@ -140,7 +140,7 @@ CONFIG_CMOS_LAYOUT_FILE="src/mainboard/$(MAINBOARDDIR)/cmos.layout"
CONFIG_BOOT_DEVICE_SPI_FLASH_BUS=0
CONFIG_BOARD_CLEVO_ADLP_COMMON=y
CONFIG_BOARD_CLEVO_NV40PZ_BASE=y
CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="Nitropad NV41"
CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="NV4xPZ"
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pietrushnic so per reference config in dasharo fork, this is one of the SMBIOS strings dasharo configured.

@macpijan please confirm valid.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

user@localhost:~/heads$ grep BIOS modules/coreboot
CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME ?= $(BOARD)
	sed -i '/^CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME/d' $(build)/$(coreboot_dir)/.config; \
	echo 'CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="$(CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME)"' >> $(build)/$(coreboot_dir)/.config; \
	if [ ! -z "$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)" ]; then \
		sed -i '/^CONFIG_MAINBOARD_SMBIOS_MANUFACTURER/d' $(build)/$(coreboot_dir)/.config; \
		echo 'CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)"' >> $(build)/$(coreboot_dir)/.config; \

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dmidecode provides Product Name: novacustom_nv4x_adl as per #1793 (comment)

@tlaurion
Copy link
Collaborator Author

tlaurion commented Nov 14, 2024

Rebranding logic:

  • Proper strings in coreboot config under Heads tree if no rebranding considered possible for those from Dasharo or
  • BOARD name must be defined (board config) to match strings expected by downstream (fwupd requirements etc) BECAUSE
  • Logic under modules/coreboot only overrides if NOT specified under .config put under coreboot build dir

Logic of all this was added a while ago, discussed a lot at multiple places, one example being #1662 (comment).

If defined under coreboot config, rebranding logic DOES NOT APPLY:

heads/modules/coreboot

Lines 115 to 119 in cd683b1

# coreboot builds are specialized on a per-target basis.
# The builds are done in a per-target subdirectory
CONFIG_COREBOOT_CONFIG ?= config/coreboot-$(BOARD).config
CONFIG_COREBOOT_LOCALVERSION ?= "$(BRAND_NAME)-$(HEADS_GIT_VERSION)"
CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME ?= $(BOARD)

heads/modules/coreboot

Lines 142 to 148 in cd683b1

sed -i '/^CONFIG_LOCALVERSION/d' $(build)/$(coreboot_dir)/.config; \
echo 'CONFIG_LOCALVERSION=$(CONFIG_COREBOOT_LOCALVERSION)' >> $(build)/$(coreboot_dir)/.config; \
sed -i '/^CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME/d' $(build)/$(coreboot_dir)/.config; \
echo 'CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="$(CONFIG_COREBOOT_SMBIOS_PRODUCT_NAME)"' >> $(build)/$(coreboot_dir)/.config; \
if [ ! -z "$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)" ]; then \
sed -i '/^CONFIG_MAINBOARD_SMBIOS_MANUFACTURER/d' $(build)/$(coreboot_dir)/.config; \
echo 'CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="$(CONFIG_COREBOOT_SMBIOS_MANUFACTURER)"' >> $(build)/$(coreboot_dir)/.config; \


This is why I say its politic:

  • if we say coreboot fork defines those strings: all good, rebranding DOES NOT affect SMBIOS strings and dmidecode etc
  • if we say downstream should have impact on SMBIOS strings, then those MUST NOT BE DEFINED uder coreboot config so BOARD in board config overrides the strings.

Are we all clear?
Let me know what needs to change @macpijan @pietrushnic @mkopec

Edit: opened linuxboot/heads-wiki#166 so that what was still unclear today is part of rebranding doc there. Please comment there for docs and here for strings needing to change in this PR before merge. PR approved but not really... see #1793 (comment) which led to last commit pushed 6746058

@tlaurion
Copy link
Collaborator Author

tlaurion commented Nov 14, 2024

So per latest commit of this PR 6746058

this is dmidecode output (qubes' dom0) on my nv41 flashed with it, analysis at end of this comment:

(1)$ sudo dmidecode 
# dmidecode 3.4
Getting SMBIOS data from sysfs.
SMBIOS 3.0 present.
20 structures occupying 1024 bytes.
Table at 0x76991040.

Handle 0x0000, DMI type 0, 26 bytes
BIOS Information
	Vendor: 3mdeb
	Version: Dasharo Heads-v0.2.0-2419-g9df69d9
	Release Date: 01/01/1970
	ROM Size: 32 MB
	Characteristics:
		PCI is supported
		PC Card (PCMCIA) is supported
		BIOS is upgradeable
		Selectable boot is supported
		ACPI is supported
		Targeted content distribution is supported
	BIOS Revision: 0.2
	Firmware Revision: 0.0

Handle 0x0001, DMI type 1, 27 bytes
System Information
	Manufacturer: Notebook
	Product Name: novacustom_nv4x_adl
	Version: v2.1
	Serial Number: 123456789
	UUID: Not Settable
	Wake-up Type: Power Switch
	SKU Number: Not Applicable
	Family: Not Applicable

Handle 0x0002, DMI type 2, 14 bytes
Base Board Information
	Manufacturer: Notebook
	Product Name: novacustom_nv4x_adl
	Version: v2.1
	Serial Number: 123456789
	Asset Tag: Not Specified
	Features: None
	Location In Chassis: Not Specified
	Chassis Handle: 0x0003
	Type: Motherboard

Handle 0x0003, DMI type 3, 22 bytes
Chassis Information
	Manufacturer: Notebook
	Type: Notebook
	Lock: Not Present
	Version: Not Specified
	Serial Number: Not Specified
	Asset Tag: Not Specified
	Boot-up State: Safe
	Power Supply State: Safe
	Thermal State: Safe
	Security Status: None
	OEM Information: 0x00000000
	Height: Unspecified
	Number Of Power Cords: 1
	Contained Elements: 0
	SKU Number: Not Specified

Handle 0x0004, DMI type 4, 48 bytes
Processor Information
	Socket Designation: CPU0
	Type: Central Processor
	Family: Pentium Pro
	Manufacturer: GenuineIntel
	ID: A3 06 09 00 FF FB EB BF
	Signature: Type 0, Family 6, Model 154, Stepping 3
	Flags:
		FPU (Floating-point unit on-chip)
		VME (Virtual mode extension)
		DE (Debugging extension)
		PSE (Page size extension)
		TSC (Time stamp counter)
		MSR (Model specific registers)
		PAE (Physical address extension)
		MCE (Machine check exception)
		CX8 (CMPXCHG8 instruction supported)
		APIC (On-chip APIC hardware supported)
		SEP (Fast system call)
		MTRR (Memory type range registers)
		PGE (Page global enable)
		MCA (Machine check architecture)
		CMOV (Conditional move instruction supported)
		PAT (Page attribute table)
		PSE-36 (36-bit page size extension)
		CLFSH (CLFLUSH instruction supported)
		DS (Debug store)
		ACPI (ACPI supported)
		MMX (MMX technology supported)
		FXSR (FXSAVE and FXSTOR instructions supported)
		SSE (Streaming SIMD extensions)
		SSE2 (Streaming SIMD extensions 2)
		SS (Self-snoop)
		HTT (Multi-threading)
		TM (Thermal monitor supported)
		PBE (Pending break enabled)
	Version: 12th Gen Intel(R) Core(TM) i7-1260P
	Voltage: 0.8 V
	External Clock: 100 MHz
	Max Speed: 4700 MHz
	Current Speed: 2500 MHz
	Status: Populated, Enabled
	Upgrade: <OUT OF SPEC>
	L1 Cache Handle: 0x0006
	L2 Cache Handle: 0x0007
	L3 Cache Handle: 0x0008
	Serial Number: Not Specified
	Asset Tag: Not Specified
	Part Number: Not Specified
	Core Count: 8
	Core Enabled: 8
	Thread Count: 16
	Characteristics:
		Hardware Thread
		Execute Protection
		Enhanced Virtualization

Handle 0x0005, DMI type 7, 27 bytes
Cache Information
	Socket Designation: CACHE1
	Configuration: Enabled, Not Socketed, Level 1
	Operational Mode: Unknown
	Location: Internal
	Installed Size: 384 kB
	Maximum Size: 384 kB
	Supported SRAM Types:
		Unknown
	Installed SRAM Type: Unknown
	Speed: Unknown
	Error Correction Type: Unknown
	System Type: Data
	Associativity: 12-way Set-associative

Handle 0x0006, DMI type 7, 27 bytes
Cache Information
	Socket Designation: CACHE1
	Configuration: Enabled, Not Socketed, Level 1
	Operational Mode: Unknown
	Location: Internal
	Installed Size: 256 kB
	Maximum Size: 256 kB
	Supported SRAM Types:
		Unknown
	Installed SRAM Type: Unknown
	Speed: Unknown
	Error Correction Type: Unknown
	System Type: Instruction
	Associativity: 8-way Set-associative

Handle 0x0007, DMI type 7, 27 bytes
Cache Information
	Socket Designation: CACHE2
	Configuration: Enabled, Not Socketed, Level 2
	Operational Mode: Unknown
	Location: Internal
	Installed Size: 2560 kB
	Maximum Size: 2560 kB
	Supported SRAM Types:
		Unknown
	Installed SRAM Type: Unknown
	Speed: Unknown
	Error Correction Type: Unknown
	System Type: Unified
	Associativity: Unknown

Handle 0x0008, DMI type 7, 27 bytes
Cache Information
	Socket Designation: CACHE3
	Configuration: Enabled, Not Socketed, Level 3
	Operational Mode: Unknown
	Location: Internal
	Installed Size: 18 MB
	Maximum Size: 18 MB
	Supported SRAM Types:
		Unknown
	Installed SRAM Type: Unknown
	Speed: Unknown
	Error Correction Type: Unknown
	System Type: Unified
	Associativity: 12-way Set-associative

Handle 0x0009, DMI type 11, 5 bytes
OEM Strings
	String 1: EC: open-source
	String 2: EC firmware version: 2023-12-08_2b2c17a

Handle 0x000A, DMI type 16, 23 bytes
Physical Memory Array
	Location: System Board Or Motherboard
	Use: System Memory
	Error Correction Type: None
	Maximum Capacity: 128 GB
	Error Information Handle: Not Provided
	Number Of Devices: 2

Handle 0x000B, DMI type 17, 40 bytes
Memory Device
	Array Handle: 0x000A
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 32 GB
	Form Factor: SODIMM
	Set: None
	Locator: Channel-0-DIMM-0
	Bank Locator: BANK 0
	Type: DDR4
	Type Detail: Unknown Synchronous
	Speed: 3200 MT/s
	Manufacturer: Kingston
	Serial Number: d9275738
	Asset Tag: Channel-0-DIMM-0-AssetTag
	Part Number: 9905744-111.A00G
	Rank: 2
	Configured Memory Speed: 3200 MT/s
	Minimum Voltage: 1.2 V
	Maximum Voltage: 1.2 V
	Configured Voltage: 1.2 V

Handle 0x000C, DMI type 17, 40 bytes
Memory Device
	Array Handle: 0x000A
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 32 GB
	Form Factor: SODIMM
	Set: None
	Locator: Channel-0-DIMM-0
	Bank Locator: BANK 0
	Type: DDR4
	Type Detail: Unknown Synchronous
	Speed: 3200 MT/s
	Manufacturer: Kingston
	Serial Number: d927571c
	Asset Tag: Channel-0-DIMM-0-AssetTag
	Part Number: 9905744-111.A00G
	Rank: 2
	Configured Memory Speed: 3200 MT/s
	Minimum Voltage: 1.2 V
	Maximum Voltage: 1.2 V
	Configured Voltage: 1.2 V

Handle 0x000D, DMI type 19, 31 bytes
Memory Array Mapped Address
	Starting Address: 0x00000000000
	Ending Address: 0x00FFFFFFFFF
	Range Size: 64 GB
	Physical Array Handle: 0x000A
	Partition Width: 2

Handle 0x000E, DMI type 20, 35 bytes
Memory Device Mapped Address
	Starting Address: 0x00000000000
	Ending Address: 0x007FFFFFFFF
	Range Size: 32 GB
	Physical Device Handle: 0x000B
	Memory Array Mapped Address Handle: 0x000D
	Partition Row Position: Unknown
	Interleave Position: Unknown
	Interleaved Data Depth: Unknown

Handle 0x000F, DMI type 20, 35 bytes
Memory Device Mapped Address
	Starting Address: 0x00800000000
	Ending Address: 0x00FFFFFFFFF
	Range Size: 32 GB
	Physical Device Handle: 0x000B
	Memory Array Mapped Address Handle: 0x000D
	Partition Row Position: Unknown
	Interleave Position: Unknown
	Interleaved Data Depth: Unknown

Handle 0x0010, DMI type 32, 11 bytes
System Boot Information
	Status: No errors detected

Handle 0x0011, DMI type 41, 11 bytes
Onboard Device
	Reference Designation: VGA compatible controller
	Type: Video
	Status: Enabled
	Type Instance: 0
	Bus Address: 0000:00:02.0

Handle 0x0012, DMI type 133, 5 bytes
OEM-specific Type
	Header and Data:
		85 05 12 00 01
	Strings:
		KHOIHGIUCCHHII

Handle 0x0013, DMI type 127, 4 bytes
End Of Table

Analysis:

  • LOCALVERSION overriden by Heads to Version: Dasharo Heads-v0.2.0-2419-g9df69d9
  • Manufacturer: Notebook
  • Product Name: novacustom_nv4x_adl
  • Version: v2.1
  • Serial Number: 123456789

To my eyes, we have a merge unless opposition.


Please +1 this and this will resolve pending comments saying this output is as expected.
Op's checklist updated. This is how I work, suggestions to the process (not smooth enough) to be under new issues, not here.

@mkopec @macpijan @pietrushnic : awaiting +1 to this comment, resolving pending comments of review, and 1 review approval by stakeholder, and I merge.

@pietrushnic
Copy link

Dasharo Heads-v0.2.0-2419-g9df69d9

@mkopec @macpijan, I guess we will override it anyway for the release version we publish.

@pietrushnic
Copy link

Docs: https://osresearch.net/Distributions/#branding is where the documentatiion is now, without anyone having opened an issue. No issue, docs considered ok.

This is the first time I have seen it. It is short, very concrete, and doesn't seem to impact anything. I don't feel I can exercise that document right now, but we can do that whenever a new OEM appears and see how many problems they will have with customization and understanding the flow.

@tlaurion
Copy link
Collaborator Author

tlaurion commented Nov 14, 2024

Dasharo Heads-v0.2.0-2419-g9df69d9

@mkopec @macpijan, I guess we will override it anyway for the release version we publish.

You can override LOCALVERSION and everything else referred above with Makefile parts responsible for it as described technically at #1793 (comment).

@tlaurion
Copy link
Collaborator Author

tlaurion commented Nov 14, 2024

Merge @pietrushnic ?

Waiting for approval of dmidecode output at #1793 (comment)

@tlaurion
Copy link
Collaborator Author

tlaurion commented Nov 14, 2024

Docs: https://osresearch.net/Distributions/#branding is where the documentatiion is now, without anyone having opened an issue. No issue, docs considered ok.

This is the first time I have seen it. It is short, very concrete, and doesn't seem to impact anything. I don't feel I can exercise that document right now, but we can do that whenever a new OEM appears and see how many problems they will have with customization and understanding the flow.

Exercising this document practically is this comment example of how Nitrokey override chosen Heads commit + rebranding at #1793 (comment) as long as those are not part of the coreboot config.

Purism do the same. Dowstream are examples of how this is accomplished in practice and yes, docs can improve with feedback/PR.

I would love to move this forward without saying more words, if that is possible. Waiting for approval for merge.

@pietrushnic
Copy link

Merge @pietrushnic ?

It has to be approved by @mkopec or @macpijan, if already provided approval is not enough.

@mkopec
Copy link
Contributor

mkopec commented Nov 15, 2024

Product Name: novacustom_nv4x_adl

Looks different to what we have in UEFI:

Handle 0x0001, DMI type 1, 27 bytes
System Information
	Manufacturer: Notebook
	Product Name: NV4xPZ
	Version: v2.1
	Serial Number: 123456789
	UUID: Not Settable
	Wake-up Type: Power Switch
	SKU Number: Not Applicable
	Family: Not Applicable

but from what I understand from #1793 (comment) this is not an issue, so LGTM

@tlaurion
Copy link
Collaborator Author

So if changes needs to be made upstream for strings to be the same as UEFI, that's gonna be proposed in separate PR.

@tlaurion tlaurion merged commit 045c71e into linuxboot:master Nov 15, 2024
47 checks passed
@tlaurion
Copy link
Collaborator Author

tlaurion commented Nov 15, 2024

Reviewing other stuff makes me realize LOCALVERSION should be = brandname otherwise getting default, see
https://github.com/linuxboot/heads/pull/1522/files#diff-323e0d751cc3cd35f5604f3ee75de1cb96fe0370b03aeec4c69ad4b0919a2027R24

Edit: it is. Fixing for Talos-2 and linuxboot(unmaintained) under #1848 (unrelated)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants