Age | Commit message (Collapse) | Author |
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Without that fix it still builds fine with makepkg but it fails
because python-setuptool is missing:
| Traceback (most recent call last):
| File "/build/libreboot-utils/src/libreboot-20211122_src/coreboot/default/util/me_cleaner/setup.py", line 3, in <module>
| from setuptools import setup
| ModuleNotFoundError: No module named 'setuptools'
| ==> ERROR: A failure occurred in build().
| Aborting...
In addition the 'python' package provides 'python3', but it's probably
more clear if we use the 'python' package as dependency instead of
what it provides.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Recent (post 2006) Intel computers typically have a flash chip that
contains several partitions:
- An "Intel flash descriptor" partition that contains a partition
table, permission settings for read/write access to these
partitions. various configuration settings like the flash chip
speed, and so on.
- A partition for the BIOS that contains the BIOS, Coreboot, EFI,
Libreboot, UEFI, etc.
- A partition for the Management Engine firmware.
- A partition for some Gigabit Ethernet settings (the MAC address,
LEDs settings, etc).
- A partition named "Platform data" that probably contains some serial
numbers or other data on some computers.
The ifdtool utility can display these partitions, various settings
present in Intel flash descriptor, extract or replace these partitions
content, etc.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Recent (post 2006) Intel computers typically have a flash chip that
contains several partitions:
- A partition that contains a partition table, permission settings
for read/write access to these partitions. various configuration
settings like the flash chip speed, and so on.
- A partition for the BIOS that contains the BIOS, Coreboot, EFI,
Libreboot, UEFI, etc.
- A partition for the Management Engine firmware.
- A partition for some Gigabit Ethernet settings (the MAC address,
LEDs settings, etc).
- A partition named "Platform data" that probably contains some serial
numbers or other data on some computers.
The Management Engine firmware is signed, so its code cannot be
modified. However the Management Engine firmware also contains its own
partitioning scheme, and it's possible to remove some of its partitions
in a way that enable computers to still boot and function normally.
The me_cleaner utility can do that (so it still lives part of the
Management Engine code or Operating system).
The me_cleaner can also tell the Management Engine OS (with
--soft-disable), that once its booted, it should not try to load
additional applications.
In addition me_cleaner can also verify the Management Engine firmware
signatures.
Note that me_cleaner cannot be used to completely remove the
Management Engine firmware. To do that you need to use Libreboot
instead. Libreboot removes completely the Management Engine
firmware. However the method used by Libreboot only works with
computers with the Intel GM45 chipset.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
This utility enables to dump the registers of various chips (CPU,
chipset, etc) on Intel computers.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
The cbmem utility enables to retrieve the Coreboot and Libreboot boot
logs. This requires Coreboot or Libreboot to be built with
CONFIG_CONSOLE_CBMEM=y to work.
In addition cbmem also supports retrieving additional boot information
like timestamps (which requires CONFIG_COLLECT_TIMESTAMPS=y), and so
on.
GRUB also has a cbmem console, so if configured to use it we can also
retrieve the GRUB boot log.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
The bincfg utility enable to convert various binary formats to text
file and vice-versa.
It supports the GM45 Intel Flash Descriptor (IFD) which is contains
the flash chip partition table and various settings including
read/write permissions for the various flash partitions.
Beware when changing the values in ways that have not been tested
before as it could lead to non-booting computers. This is for instance
the case when trying to set the BIOS partition read-only for all "CPUs"
(Management Engine, main CPU, and Gigabit Ethernet).
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
When building Coreboot or Libreboot with CONFIG_SPKMODEM, the boot
messages data is encoded as sound and sent to the sound card.
To receive them you can record them with another computer (and ideally
you need an audio cable for that and to make sure that the volume is
not too low or not too high), and you can then decode them in real
time with a command similar to that one:
parec --channels=1 --rate=48000 --format=s16le | spkmodem-recv
This also works with grub spkmodem console output.
Note that the messages speed is relatively slow, so if you build
Coreboot or Libreboot with that option, your boot might take a long
time (like 30min for instance) if you have a lot of messages.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
This makes sure that all the tools are installed. Some tools like
cbfstool also have other tools like fmaptool that are really useful.
fmaptool can be used to work with Chromebook images for instance.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
The warning about bucts was removed as in fact most of these tools are
probably dangerous in one way or another if used improperly.
Flashrom which is packaged in most GNU/Linux distributions is also very
dangerous if used improperly, though it comes with warnings and safe
defaults.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Now that it builds for all architectures we can also ship it.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
On i686, cbfstool wasn't build because it failed to compile, and on
armv7h, the build fail with an error similar to this one:
host/lib/extract_vmlinuz.c: In function ‘ExtractVmlinuz’:
host/lib/extract_vmlinuz.c:67:9: warning:
‘memcpy’ specified bound between 2147483648 and 4294967295
exceeds maximum object size 2147483647 [-Wstringop-overflow=]
67 | memcpy(vmlinuz, kpart_data + vmlinuz_header_offset,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
68 | vmlinuz_header_size);
| ~~~~~~~~~~~~~~~~~~~~
This fixes that build error and enables cbfstool to be built on all the
architectures supported by Parabola.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Since there is more than one utility in this package it's
more clear if it is named libreboot-utils.
In addition, this packages has part from the nvramtool I made
from scratch so I added myself in the header in addition of
Wael Karramas who is the main author of this package.
I also fixed the Maintainers line as more than one person involved in
Parabola has some knowledge about Libreboot and Coreboot.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Without that fix, it wokrs fine with makepkg but fails with libremakepkg
with the following error:
| ==> Starting prepare()...
| /startdir/PKGBUILD: line 141: unzip: command not found
| ==> ERROR: A failure occurred in prepare().
| Aborting...
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
The cglib project has the following in its README.md:
IMPORTANT NOTE: cglib is unmaintained and does not work well (or
possibly at all?) in newer JDKs, particularly JDK17+. If you need
to support newer JDKs, we will accept well-tested well-thought-out
patches... but you'll probably have better luck migrating to
something like ByteBuddy.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
The http://excalibur.apache.org/ website has a banner that states on its main
page:
2010/12/15 - Apache Excalibur has been retired.
For more information, please explore the Attic.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
We now have a package named libreboot-utils that contain nvramtool and
other Libreboot/Coreboot related utilities.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
The 1.2 version of log4j is not only unmaintained / End of life, but it
also has lot of security vulnerabilities[1] including at least one
critical CVE, 4 high CVEs and 1 moderate CVE.
[1]https://logging.apache.org/log4j/1.2/
Link: https://labs.parabola.nu/issues/3261
Reported-by: gap
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Despite what its name suggest, the PCR repository is not only for
PKGBUILDs that come from AUR.
In the Parabola wiki[1], there is the criteria for packages meant to
go in PCR, and we can deduce from what is written there that PCR is
for packages that both:
* "are not included on official repos of Arch Linux"[1]
* "are not considered to be essential enough for the base system."[1]
So here even if the nvramtool PKGBUILD doesn't come from AUR, it is
meant to go in PCR.
[1]https://wiki.parabola.nu/Repositories#.5Bpcr.5D
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
The status quo is that any Parabola hacker is expected to (be able to)
modify any packages, and having a single maintainer of a package
discourages that practice as people would typically send a patch to
the maintainer instead of pushing it directly.
So for a start we can add common maintainership on package lacking any
"Maintainer: " header for packages in repositories that are supposed
to be maintained.
As for finding who worked on a given package (in case it could be
needed), the git log should have all the information.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
The status quo is that any Parabola hacker is expected to (be able to)
modify any packages, and having a single maintainer of a package
discourages that practice as people would typically send a patch to
the maintainer instead of pushing it directly.
So for a start we can add common maintainership on package lacking any
"Maintainer: " header for packages in repositories that are supposed
to be maintained.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Not only it is already in community, but it also needs to be removed
(along with the community version) due to licensing issue: some artworks
are under a CC-BY-NC license.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
asciidoctor is already in Arch Linux community, and it is more
recent.
On armv7h we have:
community/asciidoctor 2.0.17-1
An implementation of AsciiDoc in Ruby
and on i686 we have:
community/asciidoctor 2.0.17-1.0 [installed]
An implementation of AsciiDoc in Ruby
and on x86_64 we have:
community/asciidoctor 2.0.17-1
An implementation of AsciiDoc in Ruby
So we don't need the pakcage from pcr anymore.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|