WiP: t480 boots without known regressions

.circleci/config.yml

@@ -16,7 +16,8 @@ commands:
             echo "Sourcing /devenv.sh since docker entrypoint doesn't do it as expected"
             source /devenv.sh
             rm -rf build/<< parameters.arch >>/<< parameters.target >>/* build/<< parameters.arch >>/log/*
-            make V=1 BOARD=<< parameters.target >> << parameters.subcommand >>  | ts || touch ./tmpDir/failed_build
+            #Force -j8 so that each make subtask consumes 1gb max and force respect of minimal requirements of CircleCI which otherwise randomly fails
+            make V=1 BOARD=<< parameters.target >> << parameters.subcommand >> AVAILABLE_MEM_GB=8  | ts || touch ./tmpDir/failed_build
           no_output_timeout: 3h
       - run:
           name: Output hashes
@@ -188,6 +189,7 @@ jobs:
             - build/ppc64/musl-cross-make-38e52db8358c043ae82b346a2e6e66bc86a53bc1
             - build/x86/coreboot-4.11
             - build/x86/coreboot-24.02.01
+            - build/x86/coreboot-24.12
             - build/x86/coreboot-dasharo
             - build/x86/coreboot-purism
             - build/x86/musl-cross-make-38e52db8358c043ae82b346a2e6e66bc86a53bc1
@@ -244,6 +246,14 @@ workflows:
           requires:
             - x230-hotp-maximized
 
+      # t480 is based on 24.12 coreboot release, not sharing any buildstack from now, depend on muscl-cross cache
+      - build_and_persist:
+          name: t480-hotp-maximized
+          target: t480-hotp-maximized
+          subcommand: ""
+          requires:
+            - x86-musl-cross-make
+
       # coreboot nitropad
       # Nitropads depending on x230-hotp-maximized cache since kernel is 6.x and coreboot is git is unshared
       # We use nitropad's coreboot's fork crossgcc
@@ -510,6 +520,14 @@ workflows:
           requires:
             - librem_14
 
+      # t480 is based on 24.12 coreboot release, not sharing any buildstack from now, depend on muscl-cross cache
+      - build:
+          name: t480-maximized
+          target: t480-maximized
+          subcommand: ""
+          requires:
+            - t480-hotp-maximized
+
       # dasharo release, share 24.02.01 utils/crossgcc
       - build:
           name: UNTESTED_nitropad-ns50
@@ -525,34 +543,3 @@ workflows:
           requires:
             - x230-hotp-maximized
 
-      # coreboot 4.11
-      - build:
-          name: UNMAINTAINED_kgpe-d16_workstation
-          target: UNMAINTAINED_kgpe-d16_workstation
-          subcommand: ""
-          requires:
-            - librem_l1um
-
-      # coreboot 4.11
-      - build:
-          name: UNMAINTAINED_kgpe-d16_workstation-usb_keyboard
-          target: UNMAINTAINED_kgpe-d16_workstation-usb_keyboard
-          subcommand: ""
-          requires:
-            - librem_l1um
-
-      # coreboot 4.11
-      - build:
-          name: UNMAINTAINED_kgpe-d16_server
-          target: UNMAINTAINED_kgpe-d16_server
-          subcommand: ""
-          requires:
-            - librem_l1um
-
-      # coreboot 4.11
-      - build:
-          name: UNMAINTAINED_kgpe-d16_server-whiptail
-          target: UNMAINTAINED_kgpe-d16_server-whiptail
-          subcommand: ""
-          requires:
-            - librem_l1um

BOARD_TESTERS.md

@@ -32,6 +32,10 @@ xx4x(Haswell):
 - [ ] t440p: @fhvyhjriur @ThePlexus @srgrint @akunterkontrolle @rbreslow
 - [ ] w541 (similar to t440p): @ResendeGHF @gaspar-ilom (Always tested late: Needs more responsive board testers or risk to become unmaintained.)
 
+xx8x(Kaby Lake Refresh):
+===
+- [ ] t480: @gaspar-ilom @doritos4mlady @MattClifton76
+
 Librems:
 ===
 - [ ] Librem 11(JasperLake): @JonathonHall-Purism

bin/fetch_coreboot_crossgcc_archive.sh

@@ -105,7 +105,7 @@ case "$PKG_NAME" in
 	acpica)
 		# Original acpica sources are gone.  Most of the older releases
 		# can be found here
-		PKG_BASEURL="https://distfiles.macports.org/acpica/"
+		PKG_BASEURL="https://mirror.math.princeton.edu/pub/libreboot/misc/acpica/"
 		# Version 20220331 (currently used by talos_2) isn't there, but
 		# there is an old link from Intel that is still up.  This is
 		# specific to this release.

blobs/xx80/.gitignore

@@ -0,0 +1 @@
+me.bin

blobs/xx80/README

@@ -0,0 +1,30 @@
+The ME blobs dumped in this directory come from the following link: https://dl.dell.com/FOLDER04573471M/1/Inspiron_5468_1.3.0.exe
+
+This provides ME version 11.6.0.1126. In this version CVE-2017-5705 has not yet been fixed.
+See https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00086.html
+Therefore, Bootguard can be disabled by deguard with a patched ME.
+
+1.0.0:Automatically extract, neuter and deguard me.bin
+download_clean_me.sh : Downloads vulnerable ME from Dell verify checksum, extract ME, neuters ME, relocate and trim it, then apply deguard patch and place it into me.bin
+
+sha256sum:
+1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b  me.bin
+
+1.0.1: Extract blobs from original rom:
+extract.sh: takes backup, unlocks ifd, apply me_cleaner to neuter, relocate, trim and deguard it, modify BIOS and ME region of IFD and place output files into this dir.
+
+sha256sum: will vary depending of IFD and ME extracted where IFD regions of BIOS and ME should be consistent.
+
+1.1: More blobs
+--------------------
+ifd.bin was extracted from a T480 from an external flashrom backup.
+
+sha256sum:
+f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf  ifd.bin
+
+sha256sum:
+6b7f3912995fb87ae62956e009470b35b72b5b9a4bfd7bed48da429af9804866  gbe.bin
+------------------------
+
+Notes: as specified in first link, this ME can be deployed to:
+    T480 and T480s

blobs/xx80/download_clean_deguard_me.sh

@@ -0,0 +1,132 @@
+#!/usr/bin/env bash
+
+# These variables are all for the deguard tool.
+# They would need to be changed if using the tool for other devices like the T480s or with a different ME version...
+ME_delta="thinkpad_t480"
+ME_version="11.6.0.1126"
+ME_sku="2M"
+ME_pch="LP"
+
+# Integrity checks for the vendor provided ME blob...
+ME_DOWNLOAD_HASH="ddfbc51430699e0dfcb24a60bcb5b6e5481b325ebecf1ac177e069013189e4b0"
+# ...and the cleaned and deguarded version from that blob.
+DEGUARDED_ME_BIN_HASH="1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b"
+
+function usage() {
+	echo -n \
+		"Usage: $(basename "$0") path_to_output_directory
+Download Intel ME firmware from Dell, neutralize and shrink keeping the MFS.
+"
+}
+
+function chk_sha256sum() {
+	sha256_hash="$1"
+	filename="$2"
+	echo "$sha256_hash" "$filename" "$(pwd)"
+	sha256sum "$filename"
+	if ! echo "${sha256_hash} ${filename}" | sha256sum --check; then
+		echo "ERROR: SHA256 checksum for ${filename} doesn't match."
+		exit 1
+	fi
+}
+
+function chk_exists() {
+	if [ -e "$me_deguarded" ]; then
+		echo "me.bin already exists"
+		if echo "${DEGUARDED_ME_BIN_HASH} $me_deguarded" | sha256sum --check; then
+			echo "SKIPPING: SHA256 checksum for me.bin matches."
+			exit 0
+		fi
+		retry="y"
+		echo "me.bin exists but checksum doesn't match. Continuing..."
+	fi
+}
+
+function download_and_clean() {
+	me_output="$(realpath "${1}")"
+
+	# Download and unpack the Dell installer into a temporary directory and
+	# extract the deguardable Intel ME blob.
+	pushd "$(mktemp -d)" || exit
+
+	# Download the installer that contains the ME blob
+	me_installer_filename="Inspiron_5468_1.3.0.exe"
+	user_agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"
+	curl -A "$user_agent" -s -O "https://dl.dell.com/FOLDER04573471M/1/${me_installer_filename}"
+	chk_sha256sum "$ME_DOWNLOAD_HASH" "$me_installer_filename"
+
+	# Download the tool to unpack Dell's installer and unpack the ME blob.
+	git clone https://github.com/platomav/BIOSUtilities
+	git -C BIOSUtilities checkout ef50b75ae115ae8162fa8b0a7b8c42b1d2db894b
+
+	python "BIOSUtilities/Dell_PFS_Extract.py" "${me_installer_filename}" -e || exit
+
+	extracted_me_filename="1 Inspiron_5468_1.3.0 -- 3 Intel Management Engine (Non-VPro) Update v${ME_version}.bin"
+
+	mv "${me_installer_filename}_extracted/Firmware/${extracted_me_filename}" "${COREBOOT_DIR}/util/me_cleaner"
+	rm -rf ./*
+	popd || exit
+
+	# Neutralize and shrink Intel ME. Note that this doesn't include
+	# --soft-disable to set the "ME Disable" or "ME Disable B" (e.g.,
+	# High Assurance Program) bits, as they are defined within the Flash
+	# Descriptor.
+	# However, the HAP bit must be enabled to make the deguarded ME work. We only clean the ME in this function.
+	# https://github.com/corna/me_cleaner/wiki/External-flashing#neutralize-and-shrink-intel-me-useful-only-for-coreboot
+	pushd "${COREBOOT_DIR}/util/me_cleaner" || exit
+
+	# MFS is needed for deguard so we whitelist it here and also do not relocate the FTPR partition
+	python me_cleaner.py --whitelist MFS -t -O "$me_output" "$extracted_me_filename"
+	rm -f "$extracted_me_filename"
+	popd || exit
+}
+
+function deguard() {
+	me_input="$(realpath "${1}")"
+	me_output="$(realpath "${2}")"
+
+	# Download the deguard tool into a temporary directory and apply the patch to the cleaned ME blob.
+	pushd "$(mktemp -d)" || exit
+	git clone https://review.coreboot.org/deguard.git
+	pushd deguard || exit
+	git checkout 0ed3e4ff824fc42f71ee22907d0594ded38ba7b2
+
+	python ./finalimage.py \
+		--delta "data/delta/$ME_delta" \
+		--version "$ME_version" \
+		--pch "$ME_pch" \
+		--sku "$ME_sku" \
+		--fake-fpfs data/fpfs/zero \
+		--input "$me_input" \
+		--output "$me_output"
+
+	popd || exit
+	#Cleanup
+	rm -rf ./*
+	popd || exit
+}
+
+if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
+	if [[ "${1:-}" == "--help" ]]; then
+		usage
+	else
+
+		output_dir="$(realpath "${1:-./}")"
+		me_cleaned="${output_dir}/me_cleaned.bin"
+		me_deguarded="${output_dir}/me.bin"
+		chk_exists
+
+		if [[ -z "${COREBOOT_DIR}" ]]; then
+			echo "ERROR: No COREBOOT_DIR variable defined."
+			exit 1
+		fi
+
+		if [[ ! -f "$me_deguarded" ]] || [ "$retry" = "y" ]; then
+			download_and_clean "$me_cleaned"
+			deguard "$me_cleaned" "$me_deguarded"
+			rm -f "$me_cleaned"
+		fi
+
+		chk_sha256sum "$DEGUARDED_ME_BIN_HASH" "$me_deguarded"
+	fi
+fi

blobs/xx80/hashes.txt

@@ -0,0 +1,3 @@
+d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642  gbe.bin
+f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf  ifd.bin
+1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b  me.bin

boards/t480-hotp-maximized/t480-hotp-maximized.config

@@ -0,0 +1,96 @@
+# Configuration for a T480 running Qubes 4.2.3 and other Linux Based OSes (through kexec)
+#
+# CAVEATS:
+# This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running.
+# This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash.
+# Also it can be used to extract FDE keys from a TPM.
+# The related coreboot issue contains more information: https://ticket.coreboot.org/issues/576
+# Make sure you understand the implications of the attack for your threat model before using this board.
+#
+# Includes
+# - Deactivated+neutered+deguarded ME and expanded consequent IFD BIOS regions 
+# - Forged GBE MAC address to 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx80/extract.sh)
+#   - Note that this MAC address can be modified under build/coreboot-VER/util/bincfg/gbe-82579LM.set
+#
+# - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code)
+
+export CONFIG_COREBOOT=y
+export CONFIG_COREBOOT_VERSION=24.12
+export CONFIG_LINUX_VERSION=6.1.8
+
+CONFIG_COREBOOT_CONFIG=config/coreboot-t480-maximized.config
+# TODO: Make a ThinkPad-common Linux config file.
+CONFIG_LINUX_CONFIG=config/linux-t480.config
+
+#On-demand hardware support (modules.cpio)
+CONFIG_LINUX_USB=y
+CONFIG_LINUX_E1000E=y
+CONFIG_MOBILE_TETHERING=y
+
+#Modules packed into tools.cpio
+CONFIG_CRYPTSETUP2=y
+CONFIG_FLASHPROG=y
+CONFIG_FLASHTOOLS=y
+CONFIG_GPG2=y
+CONFIG_KEXEC=y
+CONFIG_UTIL_LINUX=y
+CONFIG_LVM2=y
+CONFIG_MBEDTLS=y
+CONFIG_PCIUTILS=y
+
+#platform locking finalization (PR0)
+CONFIG_IO386=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y
+
+
+#Remote attestation support
+# TPM2 requirements
+CONFIG_TPM2_TSS=y
+CONFIG_OPENSSL=y
+#Remote Attestation common tools
+CONFIG_POPT=y
+CONFIG_QRENCODE=y
+CONFIG_TPMTOTP=y
+#HOTP based remote attestation for supported USB Security dongle
+#With/Without TPM support
+CONFIG_HOTPKEY=y
+#Nitrokey Storage admin tool (deprecated)
+#CONFIG_NKSTORECLI=n
+
+#GUI Support
+#Console based Whiptail support(Console based, no FB):
+#CONFIG_SLANG=y
+#CONFIG_NEWT=y
+#FBWhiptail based (Graphical):
+CONFIG_CAIRO=y
+CONFIG_FBWHIPTAIL=y
+
+#Additional tools (tools.cpio):
+#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E)
+CONFIG_DROPBEAR=y
+
+#Runtime configuration
+#Automatically boot if HOTP is valid
+export CONFIG_AUTO_BOOT_TIMEOUT=5
+#TPM2 requirements
+export CONFIG_TPM2_TOOLS=y
+export CONFIG_PRIMARY_KEY_TYPE=ecc
+#TPM1 requirements
+#export CONFIG_TPM=y
+#Enable DEBUG output, debug output probably a good idea for first tests TODO:remove prior of merge
+export CONFIG_DEBUG_OUTPUT=y
+export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y
+#Enable TPM2 pcap output under /tmp
+export CONFIG_TPM2_CAPTURE_PCAP=n
+#Enable quiet mode: technical information logged under /tmp/debug.log, not quiet for first test
+export CONFIG_QUIET_MODE=n
+export CONFIG_BOOTSCRIPT=/bin/gui-init
+export CONFIG_BOOT_REQ_HASH=n
+export CONFIG_BOOT_REQ_ROLLBACK=n
+export CONFIG_BOOT_KERNEL_ADD=""
+export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off"
+export CONFIG_BOARD_NAME="Thinkpad T480-hotp-maximized"
+export CONFIG_FLASH_OPTIONS="flashprog --progress --programmer internal"
+
+#Include bits related to ivybridge ME blob download/neutering down to BUP+ROMP
+BOARD_TARGETS := xx80_me_blobs