Staging linuxboot#1381

Moved boards to 5.10.5
kernel configs to not cause regression on crypto backend, both with cryptsetup and current gpg toolstack
modules/linux added 5.10.178 but nothing migrated at this stage.
modules/linux includes Android tethering modules to be packed when needed per board configs (maximized only)
Kernel configs for x230 good to go.
 - Removed unneedead crypto support for ivy and sandy bridge (no AVX2, and AVX support needed only for AES (ctypestup is XTS-AES on most deployments)
 - Added required crypto hash HMAC

Note: those two commands are really useful to analyse in-kernel sizes.
Summary, to dig down in directory reported as being biggest:
user@heads-tests:~/heads/build/x86/linux-5.10.5/linux-x230-maximized$ for f in */built-in.a; do size -t $f | tail -1 | sed "s|(TOTALS)|$f|"; done | sort -nr
Detailed view of biggest built-in components and objects linked:
user@heads-tests:~/heads/build/x86/linux-5.10.5/linux-x230-maximized$ size -t $(find ./ -name built-in.a) | tail -n +2 | sort -n -r -k 4|less
Then follow those amazing guides to axe/hammer kernel size:
Axing: https://lwn.net/Articles/746780/
General: https://elinux.org/Kernel_Size_Tuning_Guide
And analyse needs of each module/kernel config option: https://www.kernelconfig.io

u-root module containing bases for using exp/tcz and wget (with only root ca module included)
qemu kernel config includes changes needed to support CGROUPS and
busybox upgraded and config changed to include adduser/addgroup/delgoup/deluser per determist/systems requirements, but still failing
Makefile: adds packing of u-root under initrd if requested
initrd/bin/tinycorePoC: requires manual activation of libraries under u-root module

kexec patch still carries old multiboot patch. Not sure wasa good idea to remove since user could decide to use old default multiboot1 (default is now multiboot2 under kexec 2.0.26 under master)
CircleCI changes revisioning to 4.19 (textual, not changing any behavior)

Author: tlaurion

.circleci/config.yml

@@ -209,7 +209,7 @@ workflows:
 # version. The last board in the sequence is the dependency
 # for the parallel boards built at the end, and also save_cache.
 
-      # Coreboot 4.13
+      # Coreboot 4.19
       - build_and_persist:
           name: x230-hotp-maximized
           target: x230-hotp-maximized

Makefile

@@ -51,6 +51,7 @@ include $(CONFIG)
 
 # Unless otherwise specified, we are building for heads
 CONFIG_HEADS	?= y
+CONFIG_UROOT	?= n
 
 # Unless otherwise specified, we are building bash to have non-interactive shell for scripts (arrays and bashisms)
 CONFIG_BASH	?= y
@@ -529,6 +530,7 @@ initrd-y += $(pwd)/blobs/dev.cpio
 initrd-y += $(build)/$(initrd_dir)/modules.cpio
 initrd-y += $(build)/$(initrd_dir)/tools.cpio
 initrd-$(CONFIG_HEADS) += $(build)/$(initrd_dir)/heads.cpio
+initrd-$(CONFIG_UROOT) += $(build)/$(initrd_dir)/u-root.cpio
 
 #$(build)/$(initrd_dir)/.build: $(build)/$(initrd_dir)/initrd.cpio.xz
 

boards/p8z77-m_pro-tpm1-maximized/p8z77-m_pro-tpm1-maximized.config

@@ -39,7 +39,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config
 CONFIG_COREBOOT_CONFIG=config/coreboot-p8z77-m_pro-tpm1.config
 
 export CONFIG_COREBOOT=y
-export CONFIG_COREBOOT_VERSION=4.17
+export CONFIG_COREBOOT_VERSION=4.19
 export CONFIG_LINUX_VERSION=5.10.5
 
 CONFIG_CRYPTSETUP2=y

boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config

@@ -5,7 +5,7 @@
 # Nitrokey Pro can also be used by forwarding the USB device from the host to
 # the VM.
 export CONFIG_COREBOOT=y
-export CONFIG_COREBOOT_VERSION=4.13
+export CONFIG_COREBOOT_VERSION=4.19
 export CONFIG_LINUX_VERSION=5.10.5
 
 #Enable DEBUG output

boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config

@@ -3,7 +3,7 @@
 #
 # TPM can be used with a qemu software TPM (TIS, 1.2).
 export CONFIG_COREBOOT=y
-export CONFIG_COREBOOT_VERSION=4.13
+export CONFIG_COREBOOT_VERSION=4.19
 export CONFIG_LINUX_VERSION=5.10.5
 
 #Enable DEBUG output

boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config

@@ -4,7 +4,7 @@
 #
 # TPM can be used with a qemu software TPM (TIS, 2.0).
 export CONFIG_COREBOOT=y
-export CONFIG_COREBOOT_VERSION=4.13
+export CONFIG_COREBOOT_VERSION=4.19
 export CONFIG_LINUX_VERSION=5.10.5
 
 #Enable DEBUG output

boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config

@@ -3,7 +3,7 @@
 #
 # TPM can be used with a qemu software TPM (TIS, 2.0).
 export CONFIG_COREBOOT=y
-export CONFIG_COREBOOT_VERSION=4.13
+export CONFIG_COREBOOT_VERSION=4.19
 export CONFIG_LINUX_VERSION=5.10.5
 
 #Enable DEBUG output

boards/qemu-coreboot-fbwhiptail/qemu-coreboot-fbwhiptail.config

@@ -3,7 +3,7 @@
 #
 # Note that the TPM does not work.
 export CONFIG_COREBOOT=y
-export CONFIG_COREBOOT_VERSION=4.13
+export CONFIG_COREBOOT_VERSION=4.19
 export CONFIG_LINUX_VERSION=5.10.5
 
 CONFIG_COREBOOT_CONFIG=config/coreboot-qemu-fbwhiptail.config

boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config

@@ -5,7 +5,7 @@
 # Nitrokey Pro can also be used by forwarding the USB device from the host to
 # the VM.
 export CONFIG_COREBOOT=y
-export CONFIG_COREBOOT_VERSION=4.13
+export CONFIG_COREBOOT_VERSION=4.19
 export CONFIG_LINUX_VERSION=5.10.5
 
 #Enable DEBUG output

boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config

@@ -3,19 +3,22 @@
 #
 # TPM can be used with a qemu software TPM (TIS, 1.2).
 export CONFIG_COREBOOT=y
-export CONFIG_COREBOOT_VERSION=4.13
+export CONFIG_COREBOOT_VERSION=4.19
 export CONFIG_LINUX_VERSION=5.10.5
 
+
 #Enable DEBUG output
 export CONFIG_DEBUG_OUTPUT=y
 export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y
 
 CONFIG_COREBOOT_CONFIG=config/coreboot-qemu-tpm1.config
 CONFIG_LINUX_CONFIG=config/linux-qemu.config
 
-ifeq "$(CONFIG_UROOT)" "y"
-CONFIG_BUSYBOX=n
-else
+#Testing
+CONFIG_UROOT=y
+#CONFIG_TINYCORE_ROOTFS=y
+export CONFIG_SYNC_TIME_ON_NETWORK_INIT=n
+
 CONFIG_KEXEC=y
 CONFIG_QRENCODE=y
 CONFIG_TPMTOTP=y
@@ -41,8 +44,6 @@ CONFIG_MSRTOOLS=y
 CONFIG_NEWT=y
 CONFIG_SLANG=y
 
-endif
-
 export CONFIG_LINUX_USB_COMPANION_CONTROLLER=y
 CONFIG_LINUX_USB=y
 CONFIG_LINUX_E1000=y