lbmk.git/include, branch master libreboot build system (LibreBoot MaKe) use old nvmutil for now, in lbmk 2026-04-21T12:39:29+00:00 Leah Rowe leah@libreboot.org 2026-04-21T12:39:29+00:00 7f4f07fc4039353ee499d76bb53b6c742adb6428 i'm trying to make nvmutil work on openbsd. the new code in lbutils is a bit buggy, likely somewhere in mkhtemp. i'm still debugging it. Signed-off-by: Leah Rowe <leah@libreboot.org> 
i'm trying to make nvmutil work on openbsd. the new code
in lbutils is a bit buggy, likely somewhere in mkhtemp.
i'm still debugging it.

Signed-off-by: Leah Rowe <leah@libreboot.org>
Revert "lbmk: use mkhtemp in libreboot's build system" 2026-03-29T15:25:41+00:00 Leah Rowe leah@libreboot.org 2026-03-29T15:25:41+00:00 01aa95ec15ed5a6e519f1d3887e105a40e17b84c This reverts commit e54862fcccca0325da8ae2879c1fa965267d3df0. nope. not ready yet. will fix it later. 
This reverts commit e54862fcccca0325da8ae2879c1fa965267d3df0.

nope. not ready yet. will fix it later.
lbmk: use mkhtemp in libreboot's build system 2026-03-29T15:08:00+00:00 Leah Rowe leah@libreboot.org 2026-03-29T14:48:49+00:00 e54862fcccca0325da8ae2879c1fa965267d3df0 i added a fake -t option, which doesn't actually read optarg, so that -t usage can just override the normal template. mkhtemp isn't ready for distros yet, but it's ready for lbmk. i hacked the makefile to also copy the binary to mktemp, and i set PATH in lbmk so that this binary is used insttead of the one on your system. that way, upstream projects use it. Signed-off-by: Leah Rowe <leah@libreboot.org> 
i added a fake -t option, which doesn't actually
read optarg, so that -t usage can just override
the normal template. mkhtemp isn't ready for
distros yet, but it's ready for lbmk.

i hacked the makefile to also copy the binary to
mktemp, and i set PATH in lbmk so that this binary
is used insttead of the one on your system.

that way, upstream projects use it.

Signed-off-by: Leah Rowe <leah@libreboot.org>
util/mkhtemp: extremely hardened mkhtemp 2026-03-26T06:59:42+00:00 Leah Rowe leah@libreboot.org 2026-03-20T04:02:51+00:00 718095b0fe41c05731ae062377f4fe113a970a86 This will also be used in lbmk itself at some point, which currently just uses regular mktemp, for tmpdir handling during the build process. Renamed util/nvmutil to util/libreboot-utils, which now contains two tools. The new tool, mkhtemp, is a hardened implementation of mktemp, which nvmutil also uses now. Still experimental, but good enough for nvmutil. Mkhtemp attempts to provide TOCTOU resistance on Linux, by using modern features in Linux such as Openat2 (syscall) with O_EXCL and O_TMPFILE, and many various security checks e.g. inode/dev during creation. Checks are done constantly, to try to detect race conditions. The code is very strict about things like sticky bits in world writeable directories, also ownership (it can be made to bar even root access on files and directories it doesn't own). It's a security-first implementation of mktemp, likely even more secure than the OpenBSD mkstemp, but more auditing and testing is needed - more features are also planned, including a compatibility mode to make it also work like traditional mktemp/mkstemp. The intention, once this becomes stable, is that it will become a modern drop-in replacement for mkstemp on Linux and BSD systems. Some legacy code has been removed, and in general cleaned up. I wrote mkhtemp for nvmutil, as part of its atomic write behaviour, but mktemp was the last remaining liability, so I rewrote that too! Docs/manpage/website will be made for mkhtemp once the code is mature. Other changes have also been made. This is from another experimental branch of Libreboot, that I'm pushing early. For example, nvmutil's state machine has been tidied up, moving more logic back into main. Mktemp is historically prone to race conditions, e.g. symlink attacks, directory replacement, remounting during operation, all sorts of things. Mkhtemp has been written to solve, or otherwise mitigate, that problem. Mkhtemp is currently experimental and will require a major cleanup at some point, but it already works well enough, and you can in fact use it; at this time, the -d, -p and -q flags are supported, and you can add a custom template at the end, e.g. mkhtemp -p test -d Eventually, I will make this have complete parity with the GNU and BSD implementations, so that it is fully useable on existing setups, while optionally providing the hardening as well. A lot of code has also been tidied up. I didn't track the changes I made with this one, because it was a major re-write of nvmutil; it is now libreboot-utils, and I will continue to write more programs in here over time. It's basically now a bunch of hardened wrappers around various libc functions, e.g. there is also a secure I/O wrapper for read/write. There is a custom randomisation function, rlong, which simply uses arc4random or getrandom, on BSD and Linux respectively. Efforts are made to make it as reliable as possible, to the extent that it never returns with failure; in the unlikely event that it fails, it aborts. It also sleeps between failure, to mitigate certain DoS attacks. You can just go in util/libreboot-utils and type make, then you will have the nvmutil and mkhtemp binaries, which you can just use. It all works. Everything was massively rewritten. Signed-off-by: Leah Rowe <leah@libreboot.org> 
This will also be used in lbmk itself at some point,
which currently just uses regular mktemp, for tmpdir
handling during the build process.

Renamed util/nvmutil to util/libreboot-utils, which
now contains two tools. The new tool, mkhtemp, is a
hardened implementation of mktemp, which nvmutil
also uses now. Still experimental, but good enough
for nvmutil.

Mkhtemp attempts to provide TOCTOU resistance on
Linux, by using modern features in Linux such as
Openat2 (syscall) with O_EXCL and O_TMPFILE,
and many various security checks e.g.
inode/dev during creation. Checks are done constantly,
to try to detect race conditions. The code is very
strict about things like sticky bits in world writeable
directories, also ownership (it can be made to bar even
root access on files and directories it doesn't own).

It's a security-first implementation of mktemp, likely
even more secure than the OpenBSD mkstemp, but more
auditing and testing is needed - more features are
also planned, including a compatibility mode to make
it also work like traditional mktemp/mkstemp. The
intention, once this becomes stable, is that it will
become a modern drop-in replacement for mkstemp on
Linux and BSD systems.

Some legacy code has been removed, and in general
cleaned up. I wrote mkhtemp for nvmutil, as part of
its atomic write behaviour, but mktemp was the last
remaining liability, so I rewrote that too!

Docs/manpage/website will be made for mkhtemp once
the code is mature.

Other changes have also been made. This is from another
experimental branch of Libreboot, that I'm pushing
early. For example, nvmutil's state machine has been
tidied up, moving more logic back into main.

Mktemp is historically prone to race conditions,
e.g. symlink attacks, directory replacement, remounting
during operation, all sorts of things. Mkhtemp has
been written to solve, or otherwise mitigate, that
problem. Mkhtemp is currently experimental and will
require a major cleanup at some point, but it
already works well enough, and you can in fact use
it; at this time, the -d, -p and -q flags are
supported, and you can add a custom template at
the end, e.g.

mkhtemp -p test -d

Eventually, I will make this have complete parity
with the GNU and BSD implementations, so that it is
fully useable on existing setups, while optionally
providing the hardening as well.

A lot of code has also been tidied up. I didn't
track the changes I made with this one, because
it was a major re-write of nvmutil; it is now
libreboot-utils, and I will continue to write
more programs in here over time. It's basically
now a bunch of hardened wrappers around various
libc functions, e.g. there is also a secure I/O
wrapper for read/write.

There is a custom randomisation function, rlong,
which simply uses arc4random or getrandom, on
BSD and Linux respectively. Efforts are made to
make it as reliable as possible, to the extent
that it never returns with failure; in the unlikely
event that it fails, it aborts. It also sleeps
between failure, to mitigate certain DoS attacks.

You can just go in util/libreboot-utils and
type make, then you will have the nvmutil and
mkhtemp binaries, which you can just use. It
all works. Everything was massively rewritten.

Signed-off-by: Leah Rowe <leah@libreboot.org>
util/nvmutil: call it nvmutil in makefile 2026-03-08T01:11:52+00:00 Leah Rowe leah@libreboot.org 2026-03-08T01:07:03+00:00 1d17a8ffcf78abaac95c098cedaa4085831581cc a package manager by the name "nvm" exists, as i discovered. this is a courtesy to them. Signed-off-by: Leah Rowe <leah@libreboot.org> 
a package manager by the name "nvm" exists, as
i discovered.

this is a courtesy to them.

Signed-off-by: Leah Rowe <leah@libreboot.org>
vendor.sh: handle mfs in find_me 2026-02-22T17:18:51+00:00 Leah Rowe leah@libreboot.org 2026-02-22T17:18:51+00:00 a55af90b6c324ec9fdea9c19b65451b72bf08faf This makes the argument handling easier to understand, since other arguments are also handled in find_me Signed-off-by: Leah Rowe <leah@libreboot.org> 
This makes the argument handling easier to understand,
since other arguments are also handled in find_me

Signed-off-by: Leah Rowe <leah@libreboot.org>
vendor.sh: handle me_cleaner -p separately 2026-02-22T17:15:24+00:00 Leah Rowe leah@libreboot.org 2026-02-22T17:12:32+00:00 a938309d35b01dfc88e8b126b28df0fec9046058 this is a special mode that skips FPTR checks, which is needed on the topton x2e_n150 we currently set this, when MEclean="n", but we may want to skip cleaning while still checking FPTR on some boards (in a future lbmk revision) Signed-off-by: Leah Rowe <leah@libreboot.org> 
this is a special mode that skips FPTR checks, which is
needed on the topton x2e_n150

we currently set this, when MEclean="n", but we may want to
skip cleaning while still checking FPTR on some boards (in
a future lbmk revision)

Signed-off-by: Leah Rowe <leah@libreboot.org>
vendor.sh: tidied up mecleaner argument handling 2026-02-22T17:06:12+00:00 Leah Rowe leah@libreboot.org 2026-02-22T17:06:12+00:00 177f45355ff77e3c6a70c7d821e02a4823b794f1 Signed-off-by: Leah Rowe <leah@libreboot.org> 
Signed-off-by: Leah Rowe <leah@libreboot.org>
get.sh: properly initialise _ua 2026-02-21T17:44:01+00:00 Leah Rowe leah@libreboot.org 2026-02-21T17:44:01+00:00 0f93368ea04cdc56530bb0b50bded12e823dd4b5 it is currently only initialised inside case conditions. this is fine on most shells, but some of them can be a bit buggy here. initialise it empty and then override. Signed-off-by: Leah Rowe <leah@libreboot.org> 
it is currently only initialised inside case
conditions. this is fine on most shells, but
some of them can be a bit buggy here.

initialise it empty and then override.

Signed-off-by: Leah Rowe <leah@libreboot.org>
Add ThinkPad X270 coreboot port from Kat Inskip 2026-02-21T08:26:44+00:00 Leah Rowe leah@libreboot.org 2026-02-19T21:57:19+00:00 2edd583aeef27f4f37d893db8342c71fd2268758 Courtesy of Kat Inskip who ported this board. Headphone output doesn't work at the moment, due to incorrect verb. Intel VBT is also wrong. Both are taken from another board. This will be amended later with the correct verb and VBT. Signed-off-by: Leah Rowe <leah@libreboot.org> 
Courtesy of Kat Inskip who ported this board.

Headphone output doesn't work at the moment, due to incorrect verb.
Intel VBT is also wrong. Both are taken from another board.

This will be amended later with the correct verb and VBT.

Signed-off-by: Leah Rowe <leah@libreboot.org>