Age | Commit message (Collapse) | Author |
|
Don't assume "install" is the correct command.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
The user might wish to uninstall, but not remove the
build that they just did.
The user can still do make clean if they wish.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
DESTDIR is the root directory where it goes, which
is normally an empty string; PREFIX is where the
bin directory is located, relative to DESTDIR
Default to /usr/local for PREFIX, not /usr, because
/usr/bin is for system utilities.
nvmutil is a local utility.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
We don't want to clobber anything that the user set themselves.
Instead, we should respect the user's choice.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
This makes the code easier to understand.
All 2-byte words, stored in little endian order within
the 128-byte GbE NVM area, must add up to 0xBABA.
If it doesn't, then software is supposed to reject that
GbE config. The nvmutil software works on that basis.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
make it look like hexdump -C, where individual bytes are
spaced, and there is an additional space after 8 bytes,
per row.
i won't bother with a character display, since that is
meaningless on gbe nvm words.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i also removed that printf, because the path it prints is
actually wrong sometimes; in the recent re-write of vendor.sh,
it prints the correct path instead
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
There was also a condition in run_make_command that is now
an OR, where it was an AND, on script/trees, to fix the use
of mixed (and erroneous) OR/AND operators.
I'm planning a much more invasive audit than this. These are
light fixes, intended for Libreboot 20241206 rev8.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i made modifications to them in 2025, so
update them to 2025
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Don't extract to bin/release/
Modify the tarball instead. Previously, the tarball would
not be modified, but a lot of users thought the tarball was
being modified and ignored bin/release/, where the injected
images were actually being saved to.
Don't copy the tarball either. Just modify it in-place.
Don't allow single-rom injection either; only allow the
tarball-based method.
The command syntax has changed, but:
./mk inject tarball.tar.xz
This is the same. What has changed is nuke, and MAC address
modification. Observe:
./mk inject tarball.tar.xz nuke
./mk inject tarball.tar.xz setmac
./mk inject tarball.tar.xz setmac ??:??:??:??:??:??
./mk inject tarball.tar.xz setmac 00:1f:16:??:22:aa
These are just a few examples. The MAC address syntax is
the same as used for nvmutil, which means you can set it
randomly. Also:
./mk inject tarball.tar.xz setmac
You can use the *setmac* command *repeatedly*, even if
you've already injected a given archive. It'll just
update the archive, but skip injecting other files
that were already injected.
If you use setmac without a MAC address, it will randomise
the MAC address. This is therefore very similar to the
command structure used in nvmutil.
The code for injection is generally more robust, with
stronger error checks. This design change was done, so
that the user doesn't accidentally brick their machine.
The non-injected images have a prefix in the file name
saying "DO_NOT_FLASH", and those non-injected images are
padded by 1 byte. That way, the user knows not to flash it
and if they try, flashprog will throw an error.
The prefix and padding is removed on injection. Old images
without the padding/prefix can still be injected, via
tarballs; this new code is backwards-compatible with tarballs
from older Libreboot releases.
A common thing I see sometimes is a user will say they have
a black screen or something, and I say: did you insert vendor
files? And they say yes. And they did. But they extracted and
flashed from the tarball, which wasn't injected, because
they didn't release about bin/release/
No amount of RTFM is justified. The previous design flaw
is a bug. We must always observe user safety first, no matter
what, so that has now been done.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Must not exceed 79 lines. Some variables and functions have
been renamed, and there has been some minor re-factoring.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
I don't like using SPDX for actual copyright declarations.
I only want it to be used for the license identifier.
Also:
I made a *single* change to nvmutil.c in 2024, which means
that I have copyright in all years since and including 2022;
the file said 2022, 2023, 2025, but it's actually 2022-2025.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
I don't like using strings this way, it looks unclean.
Once again, use good old fashioned if/else.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
I wasn't too happy using shorthand for strings like that.
Tidy it up and use good old fashioned if/else.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
I believed that the compressed nature of refcode was the only
non-reproducible thing, but turns out you also need to run
rmodtool on the refcode to make the binary relocatable in
cbfs. This is based on my reading of the coreboot Makefile.
With this change, I can now provide release binaries for
the HP EliteBook 820 G2.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
it seems to be required for uuid/uuid.h
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
dnf reinstall package
or
dnf install package
for reinstall, do this:
./mk dependencies fedora41 re
this is an example command
the 4th argument prefixes "install" in dnf install
a bit hacky but it should work
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i forgot this when rebasing on the recent uprev
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
This brings in a *single* change from SeaBIOS, because there
has only been one change in the main branch, and it's a bug fix.
The change from upstream is as follows:
commit 1602647f1be24fe63d11138d802e735c8e674e63
Author: Daniel Khodabakhsh <d.khodabakhsh@gmail.com>
Date: Thu Nov 7 18:46:16 2024 -0800
boot: Force display of the boot menu when boot-menu-wait is a negative number
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Although this is for a stable release revision, namely
Libreboot 20241206 revision 8, I've carefully audited the
upstream changes and they all seem fine.
Several important bug fixes have been imported with this change.
Most interestly, GRUB has also added support for TPM2 Key
Protectors; we don't use this feature yet, and probably won't
for the time being, since TPM is largely security threatre for
our purposes anyway. There's no harm including all upstream
revisions, up to those ones, since those modules are not yet
added in lbmk.
Most notably, there are several file system fixes, and minor fixes
to the graphics terminal of GRUB. Minor fixes only, in terms of
what Libreboot actually uses at present.
The full list of imported changes are as follows, relative to the
previous GRUB revision, which was b53ec06a1 from 17 June 2024:
* 6811f6f09 tpm2_key_protector: Enable build for powerpc_ieee1275
* ff14b89bd ieee1275/tcg2: Add TCG2 driver for ieee1275 PowerPC firmware
* 72092a864 ieee1275/tcg2: Refactor grub_ieee1275_tpm_init()
* 8c0b5f200 ieee1275/ibmvpm: Move TPM initialization functions to own file
* 7344b3c7c ieee1275: Consolidate repeated definitions of IEEE1275_IHANDLE_INVALID
* 29d1bd2a9 term/ieee1275/serial: Cast 0 to proper type
* 99ee68a01 tss2: Adjust bit fields for big endian targets
* 3770a6905 docs: Document TPM2 key protector
* f898440cc tests: Add tpm2_key_protector_test
* 76a2bcb99 tpm2_key_protector: Add grub-emu support
* 135e0bc88 diskfilter: Look up cryptodisk devices first
* b35480b48 cryptodisk: Wipe out the cached keys from protectors
* 6abf8af3c cryptodisk: Fallback to passphrase
* fba3a474e tpm2_key_protector: Implement NV index
* 550ada7d6 tpm2_key_protector: Support authorized policy
* 5f6a2fd51 util/grub-protect: Add new tool
* ad0c52784 cryptodisk: Support key protectors
* 48e230c31 key_protector: Add TPM2 Key Protector
* 35c9904df tss2: Add TPM2 Software Stack (TSS2) support
* 63a78f4b4 tss2: Add TPM2 types and Marshal/Unmarshal functions
* 2ad159d9b tss2: Add TPM2 buffer handling functions
* 5d260302d key_protector: Add key protectors framework
* 3d60732f9 libtasn1: Add the documentation
* 99cda6788 asn1_test: Test module for libtasn1
* 504058e82 libtasn1: Compile into asn1 module
* 8a0fedef2 asn1_test: Enable the testcase only when GRUB_LONG_MAX is larger than GRUB_INT_MAX
* 66cf4cb14 asn1_test: Use the grub-specific functions and types
* 0d0913fc6 asn1_test: Print the error messages with grub_printf()
* 2e93a8e4b asn1_test: Remove "verbose" and the unnecessary printf()
* b7568e335 asn1_test: Return either 0 or 1 to reflect the results
* d60a04bae asn1_test: Rename the main functions to the test names
* 54e0e19a2 asn1_test: Include asn1_test.h only
* 0ad1d4ba8 libtasn1: Fix the potential buffer overrun
* 4160ca983 libtasn1: Use grub_divmod64() for division
* 8f56e5e5c libtasn1: Adjust the header paths in libtasn1.h
* d86df91cb libtasn1: Replace strcat() with _asn1_str_cat()
* 32fdfe600 libtasn1: Replace strcat() with strcpy() in _asn1_str_cat()
* fa498af7b libtasn1: Disable code not needed in GRUB
* 9a26abbc3 libtasn1: Import libtasn1-4.19.0
* c85c2b9f5 posix_wrap: Tweaks in preparation for libtasn1
* 4f6c46091 kern/fs: Honour file->read_hook() in grub_fs_blocklist_read()
* 792132c72 docs: Fix incorrect and potentially confusing language and minor formatting
* 1763d83f5 docs: Correct GRUB config file name for network boot
* 097fd9d9a docs: Correct chainloader UEFI secure boot info
* f48e6af11 docs: Correct PXE environment variables descriptions
* dd743ba42 loader/multiboot: Do not add modules before successful download
* 9a9082b50 grub-mkimage: Add SBAT metadata into ELF note for PowerPC targets
* f97d4618a grub-mkimage: Create new ELF note for SBAT
* f26b39860 commands/legacycfg: Avoid closing file twice
* 337cb2486 nx: Rename GRUB_DL_ALIGN to DL_ALIGN
* 31de991de kern/acpi: Fix out of bounds access in grub_acpi_xsdt_find_table()
* f5bb766e6 nx: Set the NX compatible flag for the GRUB EFI images
* 94649c026 nx: Set page permissions for loaded modules
* 09ca66673 nx: Add memory attribute get/set API
* 9fb80dd57 modules: Load module sections at page-aligned addresses
* 6e2fe134e modules: Don't allocate space for non-allocable sections
* 2b79d550f modules: Strip .llvm_addrsig sections and similar
* 246c82cda modules: Make .module_license read-only
* 616adeb80 i386/memory: Rename PAGE_SIZE to GRUB_PAGE_SIZE and make it global
* 95a7bfef5 i386/memory: Rename PAGE_SHIFT to GRUB_PAGE_SHIFT
* 1b1061409 i386/msr: Extract and improve MSR support detection code
* 929fafdf5 i386/msr: Rename grub_msr_read() and grub_msr_write()
* d96cfd7bf i386/msr: Merge rdmsr.h and wrmsr.h into msr.h
* 86ec48882 commands/tpm: Skip loopback image measurement
* 3808b1a9b net/drivers/efi/efinet: Skip virtual VLAN devices during card enumeration
* e5f047be0 efi/console: Properly clear leftover artifacts from the screen
* c5ae124e1 kern/riscv/efi/init: Use time register in grub_efi_get_time_ms()
* 9c34d56c2 loader/efi/linux: Reset freed pointer
* 92bed41bf loader/efi/linux: Reuse len variable
* 33cb8aecd lib/x86_64/relocator_asm: Use .quad instead of .long
* 77cd623de lib/x86_64/relocator_asm: Fix comment in code
* 95145eea5 loader/efi/linux: Update comment
* d333e8bb3 util/grub-mkimagexx: Explicitly move modules to __bss_start for MIPS targets
* 34b7f3721 include/grub/offsets.h: Set mod_align to 4 on MIPS
* ed0651673 gentpl: Put boot/mips/startup_raw.S into beginning of the image
* 648f2d16c configure: Add -mno-gpopt option for mips and mipsel targets
* f0710d2d8 lib/xzembed/xz_dec_bcj: Silence warning when no BCJ is available
* e61157bbd fs/erofs: Replace 64-bit modulo with bitwise operations
* 5313fa839 configure: Look for .otf fonts
* 33b94f2a9 loader/efi/chainloader: Do not print device path of chainloaded file
* ab1e6fc04 docs: Document all GRUB modules
* 9537f4403 commands/bli: Fix crash in get_part_uuid()
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
The T480 has no option table, because it lacks nvram, so the
default option applies, which seems to be power on after power
failure. This is undesirable on a laptop.
It's triggered simply when your laptop battery runs out, and
once triggered, it couldn't be configured at all.
Hard-code this. The documentation will be updated later on
after this patch is pushed, telling those users who want
to change this behaviour how to modify/remove the patch,
if they wish to to do so, because some people may actually
want to run a server on the OptiPlex 3050 Micro (or if they're
crazy like I am, they will host libreboot.org on a ThinkPad).
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
We haven't seen any build errors, but it seems flashprog
sets -Werror on CFLAGS. If you provide WARNERROR=no as
a make argument, it avoids -Werror entirely.
This is a preventative fix, for over-zealous compilers.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
This brings in several important bug fixes from upstream.
With this, the following upstream changes have been imported:
* eb2c041 cli_wp: Fix bail-out when multiple chips are detected
* e05e334 cli_common: Rename local `optarg' variable
* efad610 manibuilder: Include NetBSD (anita tags) in `native' target
* 09289fb manibuilder: Replace unmaintained DEFAULT_TAGS list
* 1457cc6 manibuilder: Stop build testing oldest, EOL targets
* 1faffa5 manibuilder: Fix Ubuntu Noble Numbat (24.04) for amd64
* 61dbe36 udev rules: Use `uaccess' tag instead of `plugdev' group
* 63d30a2 install: Install binary into bin/, not sbin/
* 6ce26a7 flashchips: add Winbond W25R512NW / W74M51NW
* 612519b ichspi: Add Intel Arrow Lake support
* d5a61ef ichspi: Add Intel Lunar Lake support
* 5e0d9b0 ichspi: Add Intel Meteor Lake SoC
* 0ef2eb8 ichspi: Add Intel Snow Ridge SoC
* 42daab1 ichspi: Properly add Emmitsburg PCH
* af26008 ich_descriptors_tool: Add missing options for EHL & C620
* 82fe123 ich_descriptors: Hard code number of masters for newer gens
* 157b818 ich_descriptors: Guard MCH strap handling by chipset version
* db878fb ich_descriptors: Drop chipset detection based on `freq_read`
* b3cc2c6 ich_descriptors: Unify pretty printing of PCH100+ masters
* 8e4151d chipset_enable: Remove hidden-spidev workaround for Elkhart Lake
* 6d72efa chipset_enable: Remove hidden-spidev workaround for all 14nm PCHs
* 092a699 chipset_enable: Remove hidden-spidev workaround for TGP+
* 5bbd324 chipset_enable: Add missing PCI ID for Intel PCH H410
* a088475 chipset_enable: Factor PCH100 hidden-spidev workaround out
* 5eb7a58 Drop 1s delay before automatic verification
* 7427569 libflashprog: Run programmer_shutdown() on failed setup
* 5a9d6ea chipset_enable: Fix memory leaks introduced with AMD SPI100
* e149fbe Only try to check erase opcodes for SPI25 chips
* 07ebc68 Avoid NULL deref in check_block_eraser()
* 2405310 chipset_enable: Mark Intel QM87 as DEP
* 9897063 flashchips: Allow volatile register writes for W25Q128.V
* c972aed flashchips: Configure WP for MX25L25635F/45G
* 8f7122c cli: Add new write-protect CLI
* eed122d layout: Implement flashprog_layout_get_region_range()
* 1f693db cli: Add new `config' CLI for status/config registers
* 85c2cf8 cli: Implement "command" option parser
* 24c0977 cli: Add print function for generic CLI options
* b82aadc cli: Move some declarations into `cli.h`
* a705043 cli: Add a new CLI wrapper
* d39c7d6 cli: Extract basic CLI init into cli_common
* df6ce9f cli: Extract log argument parsing into cli_common
* 0da839b cli: Extract layout argument processing
* d91822a cli: Extract layout argument parsing into cli_common
* e7899a9 cli: Move all long-option keys into cli.h
* 34e783a cli: Extract flash argument parsing into cli_common
* e68b08b cli_classic: Rewrite programmer argument parsing
* 6898f5b spi25_statusreg: Prefer volatile status register writes
* 55e7884 Introduce FLASHPROG_FLAG_NON_VOLATILE_WRSR
* fbba454 Install udev rules
* 768cfc4 flashchips: Add GigaDevice GD25LR512ME
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
In Debian dependencies files. These are available in
Debian Stable, but liblz4-tool is a transitional
package referring to lz4; liblz4-tool transition
package is unavailable in Debian sid, so remove it
from the dependencies files.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
./mk dependencies debian --reinstall
Add --reinstall and it'll do:
apt-get install --reinstall
This can be useful when updating from a stable release
to a testing release. The variable, "reinstall" can be
configured for other distros, but it's currently only
configured for Debian-based distros.
Also, it can be anything. For example, you could add -y;
however, a 4th argument will not be accepted. For example,
you cannot do:
./mk dependencies debian --reinstall -y
If you do this, it'll only see --reinstall; similarly, if
you did this command:
./mk dependencies debian -y --reinstall
then -y would be passed, but not --reinstall. This is an
intentional design decision, in case you accidentally pasted
or subshelled something that outputted something undesirable,
to prevent possible abuse.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
When doing ./mk release, the build system would create
symlinks inside xbmkpath/ relative to the current work tree,
which will differ from what's in PATH.
Since XBMK_CACHE is already set globally, from the main work
tree and the release-build work tree, that means we can know
reliably that PATH is always correct if we put xbmkpath/
inside XBMK_CACHE.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
This reverts commit 781320514623653077cda2d910b9baf150949bd1.
I'm doing changes for 20241206 rev8. It was a mistake to
remove these; they will be removed again, after rev8.
The documentation standardised on ./mk a while ago now, and
it's almost time to remove these commands. However, anyone
using the old commands ought to be able to, up to and including
any revision of the Libreboot 20241206 release.
It is my intention that these legacy commands finally be
removed for the next testing release, as part of a much wider
build system audit that I'm doing between now and then.
(Libreboot Build System Audit 7 is underway, and several of
these early audit7 changes are going on 20241206 rev8; after
that, I will create a branch named 20241206_branch off of rev8,
and anything in master from then on will contain much wilder
changes, with more conservative changes in 20241206_branch)
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Tested on Debian Sid, as of 30 December 2024, which uses
Swig 4.3.0. Context here:
commit a63456b9191fae2fe49f4b121e025792022e3950
Author: Markus Volk <f_l_k@t-online.de>
Date: Wed Oct 30 06:07:16 2024 +0100
scripts/dtc/pylibfdt/libfdt.i_shipped: Use SWIG_AppendOutput
This patch from U-Boot upstream has been backported to the
release revision used by Libreboot. Swig has, since 4.3.0,
changed the language-specific AppendOutput functions, but
the helper macro SWIG_AppendOutput is identical; therefore,
upstream switched to this function.
The benefit of this fix is that since the newly used macro
is also the same on older Swig versions, and behaves the same,
this shouldn't fix building on older Swig versions. For reference,
the initial Libreboot 20241206 release, and revisions of it before
revision 8, was built on Debian 12 which uses Swig 4.1.0.
The rev8 release will still be compiled on Debian 12, but with
this change, it should also compile on Debian Sid, and bleeding
edge distros like Arch Linux.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
which is a non-standard command, whereas command is part of posix
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
In general, we don't want to mess with the hostcc, unless
we have to. To avoid other breakage, clear what we did
after crossgcc has compiled.
This is a follow-up to the previous patches, matching gcc
to gnat versions and vice versa, when compiling crossgcc.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i intend for this function to work generically,
matching gnat to gcc or gcc to gnat, but there was
a hangover from the previous code where it specifically
assumed we were matching gnat
this bug manifested when i tested with gnat being v13
and gcc being v14 in path, where gcc-13 was also
available in path.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
on debian trixie/sid after updating from stable,
sometimes gcc 13 and gnat 13 are both available, but
gcc resolves to gcc-14 and gnat-14 isn't available.
even when gnat-14 and gcc-14 are available, gnat will
still either resolve to gnat-13, or nothing at all.
in cases where gnat-14 is unavailable, but gcc and gnat 13
are both available, we should match gcc to gnat.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
The code is simple enough now that I'm happy for it
to just be part of the main script.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Remove all symlinks each time, to ensure that no
stragglers are left behind, since they are being
re-generated each time anyway.
The code for determining version numbers has now
been unified under gnu_setver()
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
We were checking the shorthand version number, but
the precise version numbers need to match.
Also: when we searched $PATH/gnat-$gccver, we assumed
that the full version would then match, without checking
it, so now it is checked precisely.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
When doing e.g. $@ we should use double quotes to prevent globbing.
Thanks go to XRevan86 for pointing this out.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
because if it says yes to everything, and the package
manager would otherwise ask whether you want to give
it your first born son, you are therefore agreeing to it.
so remove -y for safety
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
When I tested Debian Trixie, and Debian Sid, I saw that
GCC in PATH pointed to gcc-14, but gnat in path pointed
to GNAT-13, even if you manually install gnat-14.
GNAT 14 was marked experimental, but GCC 14 was marked
for use, in the apt repositories.
So this patch doesn't address the mismatch when doing e.g.
apt-get install gcc gnat
I will address the actual package dependency in a follow-up
patch, on the Debian dependencies config.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Hyperthreading is a risk factor for spectre/meltdown
and other attacks.
Disabling it is a best practise. Those who need it
can always turn this option back on. Otherwise, disabling
it by default is a simply courtesy to the average user,
in the interest of security.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
SeaBIOS was lagging a lot, on startup and when executing
almost any payload, especially when doing anything in the
ESC menu.
I set the debug level to *21*, and thoroughly analysed the
logs. I found entries such as this:
Checking for bootsplash
WARNING - Timeout at wait_reg8:81!
TCGBIOS: Return value from sending TPM2_CC_StirRandom = 0x00000000
WARNING - Timeout at wait_reg8:81!
TCGBIOS: Return value from sending TPM2_CC_GetRandom = 0x00000000
WARNING - Timeout at wait_reg8:81!
TCGBIOS: Return value from sending TPM2_CC_HierarchyChangeAuth = 0x00000000
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc16e
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc1c5
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc211
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc25d
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc2a9
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc2f5
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc341
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc38d
WARNING - Timeout at wait_reg8:81!
TCGBIOS: LASA = 0x7a9fc000, next entry = 0x7a9fc3d9
Searching bootorder for: HALT
Mapping hd drive 0x000f49e0 to 0
I'm not quite certain what the problem is, but disabling TPM2
made the problem go away; SeaBIOS is snappy again.
TPM is security threatre anyway.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|