Skip to content

Ec build #2062

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
macpijan wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Ec build #2062

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
fe3d278
modules/dasharo-ec: new module
macpijan Feb 27, 2026
f263fa2
toolchain: add sdcc and xxd
macpijan Feb 27, 2026
0edc272
Prepare nix based docker image to be bumped to v0.2.8 to include mini…
tlaurion Feb 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,8 @@ commands:
jobs:
prep_env:
docker:
# Docker image: tlaurion/heads-dev-env:v0.2.7
- image: tlaurion/heads-dev-env@sha256:5f890f3d1b6b57f9e567191695df003a2ee880f084f5dfe7a5633e3e8f937479
# Docker image: tlaurion/heads-dev-env:v0.2.9
Copy link
Collaborator

@tlaurion tlaurion Mar 13, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's v0.2.9 (commit msg says v0.2.8)

- image: tlaurion/heads-dev-env@sha256:96f8f91c6464305c4a990d59f9ef93910c16c7fd0501a46b43b34a4600a368de
resource_class: large
working_directory: ~/heads
steps:
Expand Down Expand Up @@ -124,8 +124,8 @@ jobs:

build_and_persist:
docker:
# Docker image: tlaurion/heads-dev-env:v0.2.7
- image: tlaurion/heads-dev-env@sha256:5f890f3d1b6b57f9e567191695df003a2ee880f084f5dfe7a5633e3e8f937479
# Docker image: tlaurion/heads-dev-env:v0.2.9
- image: tlaurion/heads-dev-env@sha256:96f8f91c6464305c4a990d59f9ef93910c16c7fd0501a46b43b34a4600a368de
resource_class: large
working_directory: ~/heads
parameters:
Expand Down Expand Up @@ -153,8 +153,8 @@ jobs:

build:
docker:
# Docker image: tlaurion/heads-dev-env:v0.2.7
- image: tlaurion/heads-dev-env@sha256:5f890f3d1b6b57f9e567191695df003a2ee880f084f5dfe7a5633e3e8f937479
# Docker image: tlaurion/heads-dev-env:v0.2.9
- image: tlaurion/heads-dev-env@sha256:96f8f91c6464305c4a990d59f9ef93910c16c7fd0501a46b43b34a4600a368de
resource_class: large
working_directory: ~/heads
parameters:
Expand All @@ -175,8 +175,8 @@ jobs:

save_cache:
docker:
# Docker image: tlaurion/heads-dev-env:v0.2.7
- image: tlaurion/heads-dev-env@sha256:5f890f3d1b6b57f9e567191695df003a2ee880f084f5dfe7a5633e3e8f937479
# Docker image: tlaurion/heads-dev-env:v0.2.9
- image: tlaurion/heads-dev-env@sha256:96f8f91c6464305c4a990d59f9ef93910c16c7fd0501a46b43b34a4600a368de
resource_class: large
working_directory: ~/heads
steps:
Expand Down
13 changes: 8 additions & 5 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -436,17 +436,19 @@ docker_hub_repo="tlaurion/heads-dev-env"
# Update pinned packages to latest if needed, modify flake.nix as required
nix flake update

# Commit flake changes
git add flake.nix flake.lock
git commit --signoff -m "Bump nix develop based docker image to $docker_version"

# Build new docker image with helper and uncommited changes to flake* files above
./docker_local_dev.sh
# OR
# Verify reproducibility: ensure the local build matches (no further changes to flake files)
nix develop --ignore-environment --command true

# Build the new Docker image
nix build .#dockerImage
docker load < result

# Commit flake changes
git add flake.nix flake.lock
git commit --signoff -m "Bump nix develop based docker image to $docker_version"

# Verify you can extract the digest (for fully reproducible builds, flake.nix/flake.lock must be committed)
docker inspect --format='{{.Id}}' linuxboot/heads:dev-env

Expand All @@ -471,6 +473,7 @@ sed -i "s|# Version: .*|# Version: $docker_version|" docker/DOCKER_REPRO_DIGEST
# fresh "# Docker image: $docker_hub_repo:$docker_version" comment immediately above the
# matching "- image: $docker_hub_repo@<digest>" line while preserving indentation.
sed -i -e "/^[[:space:]]*# Docker image: /d" -e "/^[[:space:]]*- image: ${docker_hub_repo//\//\\/}@/ s|^\([[:space:]]*\)\(- image: ${docker_hub_repo//\//\\/}@\)|\\1# Docker image: $docker_hub_repo:$docker_version\n\\1\\2|" .circleci/config.yml
sed -i "s|$prev_digest|$new_digest|" docker/DOCKER_REPRO_DIGEST .circleci/config.yml

# Commit the digest and config changes
git add docker/DOCKER_REPRO_DIGEST .circleci/config.yml
Expand Down
1 change: 1 addition & 0 deletions boards/novacustom-v540tu/novacustom-v540tu.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@

export CONFIG_COREBOOT=y
export CONFIG_COREBOOT_VERSION=dasharo
export CONFIG_DASHARO_EC=y
export CONFIG_LINUX_VERSION=6.1.8

CONFIG_COREBOOT_CONFIG=config/coreboot-novacustom-v540tu.config
Expand Down
1 change: 1 addition & 0 deletions boards/novacustom-v560tu/novacustom-v560tu.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@

export CONFIG_COREBOOT=y
export CONFIG_COREBOOT_VERSION=dasharo
export CONFIG_DASHARO_EC=y
export CONFIG_LINUX_VERSION=6.1.8

CONFIG_COREBOOT_CONFIG=config/coreboot-novacustom-v560tu.config
Expand Down
5 changes: 3 additions & 2 deletions config/coreboot-novacustom-v540tu.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -543,8 +543,9 @@ CONFIG_RCBA_LENGTH=0x4000
# Embedded Controllers
#
CONFIG_EC_ACPI=y
CONFIG_EC_SYSTEM76_EC=y
# CONFIG_EC_SYSTEM76_EC_UPDATE is not set
CONFIG_EC_DASHARO_EC=y
CONFIG_EC_DASHARO_EC_UPDATE=y
CONFIG_EC_DASHARO_EC_UPDATE_FILE="ec.rom"

#
# Intel Firmware
Expand Down
5 changes: 3 additions & 2 deletions config/coreboot-novacustom-v560tu.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -543,8 +543,9 @@ CONFIG_RCBA_LENGTH=0x4000
# Embedded Controllers
#
CONFIG_EC_ACPI=y
CONFIG_EC_SYSTEM76_EC=y
# CONFIG_EC_SYSTEM76_EC_UPDATE is not set
CONFIG_EC_DASHARO_EC=y
CONFIG_EC_DASHARO_EC_UPDATE=y
CONFIG_EC_DASHARO_EC_UPDATE_FILE="ec.rom"

#
# Intel Firmware
Expand Down
4 changes: 2 additions & 2 deletions docker/DOCKER_REPRO_DIGEST
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,5 @@
# sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

# Place the digest on the first non-comment line below (remove the leading '#')
# Version: v0.2.7
sha256:5f890f3d1b6b57f9e567191695df003a2ee880f084f5dfe7a5633e3e8f937479
# Version: v0.2.9
sha256:96f8f91c6464305c4a990d59f9ef93910c16c7fd0501a46b43b34a4600a368de
19 changes: 18 additions & 1 deletion flake.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 8 additions & 0 deletions flake.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,23 @@
# Inputs define external dependencies and their sources.
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; # Using the unstable channel for the latest packages, while flake.lock fixates the commit reused until changed.
# No flake for 3.8.0
# Pinned nixpkgs for sdcc 4.2.0 - matches: https://github.com/Dasharo/ec-sdk/pull/2
# sdcc 4.5.0 has optimizer bug: https://github.com/Dasharo/dasharo-issues/issues/1785
nixpkgs-sdcc.url = "github:nixos/nixpkgs/7a339d87931bba829f68e94621536cad9132971a";
flake-utils.url = "github:numtide/flake-utils"; # Utilities for flake functionality.
};
# Outputs are the result of the flake, including the development environment and Docker image.
outputs = {
self,
flake-utils,
nixpkgs,
nixpkgs-sdcc,
...
}:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system}; # Accessing the legacy package set.
pkgs-sdcc = nixpkgs-sdcc.legacyPackages.${system}; # Pinned for sdcc 4.2.0
lib = pkgs.lib; # The standard Nix packages library.

# Dependencies are the packages required for the Heads project.
Expand Down Expand Up @@ -63,11 +69,13 @@
psmisc #process tools like killall, pstree, etc
python3 # me_cleaner, coreboot
rsync # coreboot
pkgs-sdcc.sdcc # Dasharo EC build — pinned to 4.2.0 (matches Debian oldstable, 4.5 has optimizer bug)
sharutils
texinfo
unzip
wget
which
xxd # Dasharo EC build
xz
zip
zlib
Expand Down
50 changes: 50 additions & 0 deletions modules/dasharo-ec
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
ifeq "$(CONFIG_DASHARO_EC)" "y"

modules-y += dasharo-ec

dasharo-ec_repo := https://github.com/Dasharo/ec
dasharo-ec_commit_hash := d198b641195e60e13afc17be9464e4f402d1c2fa

# Map BOARD to the EC board model
ifeq "$(BOARD)" "novacustom-v540tu"
DASHARO_EC_BOARD_MODEL := v540tu
else ifeq "$(BOARD)" "novacustom-v560tu"
DASHARO_EC_BOARD_MODEL := v560tu
else
$(error "$(BOARD): no Dasharo EC board model mapping defined")
Comment on lines +10 to +14
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lines in this conditional use a leading tab before the variable assignment (e.g., DASHARO_EC_BOARD_MODEL := ...). In GNU make, a line starting with a tab outside of a rule body is treated as a recipe line and can trigger "recipe commences before first target" parse errors. Remove the leading tab/indentation on these assignments (use no leading whitespace or spaces).

Suggested change
DASHARO_EC_BOARD_MODEL := v540tu
else ifeq "$(BOARD)" "novacustom-v560tu"
DASHARO_EC_BOARD_MODEL := v560tu
else
$(error "$(BOARD): no Dasharo EC board model mapping defined")
DASHARO_EC_BOARD_MODEL := v540tu
else ifeq "$(BOARD)" "novacustom-v560tu"
DASHARO_EC_BOARD_MODEL := v560tu
else
$(error "$(BOARD): no Dasharo EC board model mapping defined")

Copilot uses AI. Check for mistakes.
endif

dasharo-ec_version := $(dasharo-ec_commit_hash)
dasharo-ec_base_dir := dasharo-ec-$(dasharo-ec_version)
dasharo-ec_dir := dasharo-ec-$(dasharo-ec_version)

# Use .built sentinel since the real output is in a dynamic path
dasharo-ec_output := .built

Comment on lines +21 to +23
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dasharo-ec_output is set to .built, but the generic module framework only guarantees creation of $(build)/$(dasharo-ec_dir)/.build (it touches that file after running make). Unless .built is created as part of the module's make invocation, the build will be forced every time and any downstream rules expecting ec.rom may fail. Define the module output as an actual produced artifact (e.g., ec.rom) and add an explicit rule to create it, or ensure .built is created by the invoked make target.

Copilot uses AI. Check for mistakes.
# No-op configure: submodules are handled by the EC Makefile's canary rule
# for git repos
dasharo-ec_configure :=

# Build the EC firmware following the upstream build.sh process:
# 1. make BOARD=novacustom/<model> (compile with SDCC)
# 2. Copy ec.rom from the dynamic output path to a known location
# 3. Extend ec.rom to 128KB (zero-padded) as required by coreboot
# Note: the && chain after make -C runs in the parent cwd, so use
# absolute paths. Use sh -c so the shell expands the glob.
dasharo-ec_target := \
BOARD=novacustom/$(DASHARO_EC_BOARD_MODEL) \
&& sh -c 'cp $(build)/$(dasharo-ec_dir)/build/novacustom/$(DASHARO_EC_BOARD_MODEL)/*/ec.rom $(build)/$(dasharo-ec_dir)/ec.rom' \
&& dd if=/dev/zero of=$(build)/$(dasharo-ec_dir)/ec.rom bs=1 seek=128k count=0 \
&& touch $(build)/$(dasharo-ec_dir)/.built

# Copy ec.rom into the coreboot source tree before coreboot configures.
# coreboot expects ec.rom in its root directory.
$(build)/$(coreboot_base_dir)/ec.rom: $(build)/$(dasharo-ec_dir)/.build
Comment on lines +32 to +42
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dasharo-ec_target is passed as arguments to $(MAKE) -C ... $($1_target) by the main build system. Including shell operators like &&, sh -c ..., dd ..., and touch ... here will make make interpret them as additional targets/arguments, which will fail. Move the post-build copy/pad steps into a separate Make rule (e.g., a rule that generates a stable output like ec.rom from $(build)/$(dasharo-ec_dir)/.build), and keep dasharo-ec_target limited to make arguments/targets (e.g., BOARD=...).

Suggested change
# Note: the && chain after make -C runs in the parent cwd, so use
# absolute paths. Use sh -c so the shell expands the glob.
dasharo-ec_target := \
BOARD=novacustom/$(DASHARO_EC_BOARD_MODEL) \
&& sh -c 'cp $(build)/$(dasharo-ec_dir)/build/novacustom/$(DASHARO_EC_BOARD_MODEL)/*/ec.rom $(build)/$(dasharo-ec_dir)/ec.rom' \
&& dd if=/dev/zero of=$(build)/$(dasharo-ec_dir)/ec.rom bs=1 seek=128k count=0 \
&& touch $(build)/$(dasharo-ec_dir)/.built
# Copy ec.rom into the coreboot source tree before coreboot configures.
# coreboot expects ec.rom in its root directory.
$(build)/$(coreboot_base_dir)/ec.rom: $(build)/$(dasharo-ec_dir)/.build
# Note: keep dasharo-ec_target limited to make arguments; post-build
# steps are handled by a dedicated Make rule that produces ec.rom.
dasharo-ec_target := \
BOARD=novacustom/$(DASHARO_EC_BOARD_MODEL)
# Generate a stable ec.rom in the Dasharo EC build directory, pad it to
# 128KB, and update the .built sentinel.
$(build)/$(dasharo-ec_dir)/ec.rom:
sh -c 'cp $(build)/$(dasharo-ec_dir)/build/novacustom/$(DASHARO_EC_BOARD_MODEL)/*/ec.rom $@'
dd if=/dev/zero of=$@ bs=1 seek=128k count=0
touch $(build)/$(dasharo-ec_dir)/.built
# Copy ec.rom into the coreboot source tree before coreboot configures.
# coreboot expects ec.rom in its root directory.
$(build)/$(coreboot_base_dir)/ec.rom: $(build)/$(dasharo-ec_dir)/ec.rom

Copilot uses AI. Check for mistakes.
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This rule copies $(build)/$(dasharo-ec_dir)/ec.rom but only depends on $(build)/$(dasharo-ec_dir)/.build. With the current module definition, .build does not guarantee that ec.rom exists at that stable path. Make the prerequisite the actual artifact you intend to copy (e.g., depend on $(build)/$(dasharo-ec_dir)/ec.rom once it is generated as the module output) so the dependency graph reflects the real inputs/outputs.

Suggested change
$(build)/$(coreboot_base_dir)/ec.rom: $(build)/$(dasharo-ec_dir)/.build
$(build)/$(coreboot_base_dir)/ec.rom: $(build)/$(dasharo-ec_dir)/ec.rom

Copilot uses AI. Check for mistakes.
$(call do,COPY,ec.rom -> coreboot, \
cp "$(build)/$(dasharo-ec_dir)/ec.rom" "$@" \
)

# Ensure coreboot's configure step depends on ec.rom being present
$(build)/$(coreboot_dir)/.configured: $(build)/$(coreboot_base_dir)/ec.rom

endif