Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add NovaCustom V540TU and V560TU boards #1846

Open
wants to merge 11 commits into
base: master
Choose a base branch
from

Conversation

mkopec
Copy link
Contributor

@mkopec mkopec commented Nov 14, 2024

Add NovaCustom V540TU board (14" V54 Series, Meteor Lake, Integrated graphics)

@macpijan
Copy link
Contributor

@mkopec Do we plan to add here the rest of the variants as well?

@mkopec
Copy link
Contributor Author

mkopec commented Nov 14, 2024

@macpijan sure, after one starts working I'll do the rest too

@tlaurion
Copy link
Collaborator

@macpijan @mkopec similar commit needed for #1835

@tlaurion
Copy link
Collaborator

@mkopec this comment might be helpful #1835 (comment)

@tlaurion
Copy link
Collaborator

@mkopec

mkc: seems like kernel 6.7+ is bare minimal for meteor lake, with efifb fixes having landed under 6.8+?

Also, if you pass serial to kernel boot options under coreboot config, you should get logs of the kernel?

At https://matrix.to/#/!pAlHOfxQNPXOgFGTmo:matrix.org/$bVtsV3M_sz0MroFsDkXRGQ3ow7OhumKqtAllchkAyKs?via=matrix.org&via=nitro.chat&via=envs.net

@mkopec
Copy link
Contributor Author

mkopec commented Nov 22, 2024

mkc: seems like kernel 6.7+ is bare minimal for meteor lake, with efifb fixes having landed under 6.8+?

possible, in Ubuntu and Fedora we found it best to have Linux 6.8 or newer (6.9 also has a fix for s0ix but that's irrelevant for Heads)

@tlaurion do you think you can help with updating the kernel?

@tlaurion
Copy link
Collaborator

tlaurion commented Nov 22, 2024

I read that 6.12 will be next Lts but that is only speculation.

edit: We choose 6.11.9 for all novacustom boards?
I can give it a shot, yes, and leave traces in commit, taking this PR state as a base.

@mkopec did serial console passed per coreboot config to kernel gave you more info?
With debug as well. See qemu coreboot config, non-prod.

@tlaurion
Copy link
Collaborator

tlaurion commented Nov 22, 2024

@mkopec there is a lot to tune under 6.11.9 kernel config which writes over shared linux config with other novacustom (config/linux-nitrokey-x.config, should probably renamed and all board configs point to new name as well).

See branch https://github.com/tlaurion/heads/tree/dasharo-add_novacustom_v540tu and feel free to steal adapt/change whatever. If you have questions, poke me where/if needed.

Note: compare config changes in commit 510bc6e to see all the new olddefconfig stuff applied silently when using defconfig. Ie, what happened with TRUST_CPU and so many other stuff to care about once you have something that boots.

See also that I changed your coreboot config to pass linux kernel options to be in debug, with probably wrong serial ttyS0, adapt accordingly and keep me posted. Small iterations in board porting has known good track history.

If you decided to tackle #1835 instead, I could help (if you guide me into how you get serial console output [even though this work wasn't planned nor in my plate up to now]).

@tlaurion
Copy link
Collaborator

tlaurion commented Nov 22, 2024

Edit:yep. Cannot bump Sandy to 6.11.9: as can be seen, all those do not have enough free spi space without another phase of #590 (not planned.)

@mkopec
Copy link
Contributor Author

mkopec commented Nov 27, 2024

Thanks for the patches @tlaurion , I'm testing them now, i'm not getting a serial console yet, I suspect the LPSS UART driver is missing, will try to fix

@tlaurion
Copy link
Collaborator

@mkopec #1865 merged, please rebase

@tlaurion
Copy link
Collaborator

tlaurion commented Nov 28, 2024

Thanks for the patches @tlaurion , I'm testing them now, i'm not getting a serial console yet, I suspect the LPSS UART driver is missing, will try to fix

@mkopec This needs updates, since reported off-channel to be all good :)

@mkopec
Copy link
Contributor Author

mkopec commented Nov 29, 2024

@tlaurion rebased

@mkopec mkopec marked this pull request as ready for review November 29, 2024 12:16
@tlaurion
Copy link
Collaborator

tlaurion commented Nov 29, 2024

@mkopec awesome!!!


Trying to dodge politic issues from #1818 (comment) and going practical and specific.

@macpijan @mkopec : Can https://review.coreboot.org/c/coreboot/+/85278 be added to Dasharo fork (which nv41/ns50/v540TU/v560TU should build upon (modules/coreboot dasharo pointed commit), tested against #1818 so that we can merge #1818 (which changes configs for nv41) and here changes needed for PR0 for v540TU/V560TU?

Makes sense? Otherwise patches need do be under patches/coreboot-dasahro-unreleased, which I do not want to maintain since we talk of a new coreboot release.

Also, MSI(#1753 should build from same coreboot Dasharo fork commit pointed under modules/coreboot without breaking (otherwise multiple coreboot Dasahro forks will be built under Heads???? Is that the plan because multiple forks for different boards under Dasharo?)

cc @pietrushnic @macpijan

modules/coreboot Outdated
@@ -93,8 +93,7 @@ $(eval $(call coreboot_module,purism,24.02.01))

# MSI and Nitropad NV41 / NS50 boards are based on Dasharo coreboot port
coreboot-dasharo_repo := https://github.com/dasharo/coreboot
coreboot-dasharo_commit_hash := 3a9aa3a4692f3dd49732f5b4e3ec54be385f0969
coreboot-dasharo_patch_version := unreleased
coreboot-dasharo_commit_hash := db1d9cd59d0d7d5b708bbdf8670780914061410c
Copy link
Collaborator

@tlaurion tlaurion Nov 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mkopec this is shared between MSI/nv41/ns50/v540Tu/v560TU: tested for oldconfig expension/run time regression? #1818 related patch inclusion?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not regression tested yet, will report here with results

@@ -34,6 +34,9 @@ linux_hash := 40f014d53e81f204f6d2a364aae4201ae07970dd1b70dc602d7c66c1a140f558
else ifeq "$(CONFIG_LINUX_VERSION)" "6.1.8"
linux_version := 6.1.8
linux_hash := b60bb53ab8ba370a270454b11e93d41af29126fc72bd6ede517673e2e57b816d
else ifeq "$(CONFIG_LINUX_VERSION)" "6.11.9"
Copy link
Collaborator

@tlaurion tlaurion Nov 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was 6.11.9 verified needed for meteor lake as opposed to 6.1.8 which all other Heads boards depend on after serial console issue being fixed and ACPI related Kconfig addition under linux config added that was the cause of linux hang, maybe not efifb nor 6.1.8?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The cause of hang was X2APIC not being enabled in kernel config, now with that sorted I think I can try 6.1 again to check if we need 6.11 after all

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some patches against linux were removed and not readded with adaptation as compared to 6.1.8. If 6.11.9 required for meteor lake, missing patches need to be brought back if still needed

Copy link
Collaborator

@tlaurion tlaurion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mkopec Review dropped :)

modules/coreboot Outdated
@@ -93,8 +93,7 @@ $(eval $(call coreboot_module,purism,24.02.01))

# MSI and Nitropad NV41 / NS50 boards are based on Dasharo coreboot port
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mkopec "MSI/Novacustom n4x_adl / NS50 / V540TU /V560TU" ...

Meaning all those need to build(CI:ok) AND not have regression per commit below (at least no brick per this PR) and coreboot oldconfig changes for other boards when we do a coreboot bump to review changes across bump and do regression testing for boards affected per changes

MSI: still not merged under Heads (#1753) but affect nv4x_adl/ns50 and the new boards added per this coreboot commit support (coreboot version bump)

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also please note ~upstream coreboot base from which the fork is derived from (so that we can reuse coreboot buuildstack if possible to reduce CI build time).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, comment updated.

@tlaurion
Copy link
Collaborator

tlaurion commented Nov 29, 2024

@mkopec I decided to not do politics in words, but as code from now on. What is coreboot fork related will be coreboot fork related from now on.

#1818 was merged, if you rebase from/merge master in your PR, you will see that added PR0 patch under patches/coreboot-dasharo_unreleased don't apply as for nv4x_adl on master, where only ns50/n4x_adl were the only Heads master consumers of Dasharo forks, showing problem of having multiple forks for different platforms and delegating problem to whom it belongs, making sure patches/coreboot-dasharo_unreleased patches that were pending next downsteam fork release are picked up/adtapted in next downstream release, and for Heads to take for granted that coreboot base is working as expected for Heads to do its Heads stuff.

I will then participate/help adapting changes to coreboot configs/board configs if needed for Heads under #1868, which points to needed knowledge for Heads for PR0 to work as expected on skylake+, and will be used as base so coreboot upstream patch evolves to be useful for all and prevent OS persistent threat to be pushed to firmware (at least under Heads use case) leaving physical attack of tampering bootblock the only threat model to SPI flash for advanced users activating Heads Authenticated Heads, which I intend to push on next feature freeze (next downstream release).

@@ -91,7 +91,8 @@ coreboot-purism_repo := https://source.puri.sm/firmware/coreboot.git
coreboot-purism_commit_hash := bea9947a1279be7d4a72b38a601d0288d10d1cb8
$(eval $(call coreboot_module,purism,24.02.01))

# MSI and Nitropad NV41 / NS50 boards are based on Dasharo coreboot port
# MSI and NovaCustom NV4xPZ, NS5xPU, V540TU, V560TU boards are based on Dasharo
# coreboot fork, based on upstream coreboot version 24.02
Copy link
Collaborator

@tlaurion tlaurion Nov 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, which means we can reuse x230 24.02.01 buildstack (util/corssgcc built per coreboot fork base version, can be shared) as per prior lines, adapting:
$(eval $(call coreboot_module,dasahro,24.02.01))

(This means CI, passing cahce layers from prior build and persist workspaces, will reuse coreboot built buildstack, reducing precious build time. Note this is also why we love sharing same linux kernel versions where possible, not only to commpare configs between each other to guarantee some kind of baseline + needed platform requirements, but also have shared linux build dir, where module/(linux/coreboot) build artifacts is $BOARD_NAME. This permits to share build cache (somewhat equivalent of ccache) while having board specific modules for initrd and kernel bzimage outputed in board build dir.)

TLDR: those things save a lot of build time. This is more then desired, if not needed with forever added boards.
(If we do so, time is spent in downloading workpace caches (bandwidth doesn't count on credits) where compile time per board if modules/* hashes don't change is reused, resulting in build times of 10 minutes per board.

@tlaurion
Copy link
Collaborator

tlaurion commented Dec 2, 2024

@mkopec FYI on PR0

TLDR: from above comment this is not possible today because no >=skylake boards are using coreboot master today, therefore patches needs to be in forks ot be tested.

Ugh... I was not aware of that. Allright. Then I will focus on getting the patch merged upstream, then cherry-pick to dasharo.

Originally posted by @miczyg1 in #1818 (comment)

@mkopec mkopec changed the title Add NovaCustom V540TU board Add NovaCustom V540TU and V560TU boards Dec 4, 2024
@tlaurion
Copy link
Collaborator

tlaurion commented Dec 4, 2024

@mkopec See #1871. Pr0 missing.

Q:
1- So v540tu/v560tu needs kernel version bump to 6.11.9 and cannot depend on 6.1.8?
2- EC built and stitched in firmware?

@mkopec
Copy link
Contributor Author

mkopec commented Dec 4, 2024

Pr0 missing.

I know, I'm rebasing the patches and should upload the result today. There were a few conflicts to resolve

1- So v540tu/v560tu needs kernel version bump to 6.11.9 and cannot depend on 6.1.8?

untested yet

2- EC built and stitched in firmware?

Not yet, I think for the initial release I think it's not strictly required

@tlaurion
Copy link
Collaborator

tlaurion commented Dec 4, 2024

@mkopec changed board + coreboot configs adding PR0 related stuff and reviewed configs passed to new coreboot version in oldconfig format with use of helpers to do so, see repro notes under commits.

Review at #1871 (review)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants