Novacustom nv4x adl heads v0.9.2 rc2

.envrc

@@ -0,0 +1 @@
+has nix && use flake

.github/ISSUE_TEMPLATE/bug-report-for-everything-except-build-errors.md

@@ -11,90 +11,92 @@ assignees: ''
 
 ### A. Provide Hardware Details
 
-**1. What board are you using (see list of boards [here](https://github.com/eganonoa/heads/tree/master/boards))?**
-
-**2. Does your computer have a dGPU or is it iGPU-only?**
-- [ ] dGPU
-- [ ] iGPU-only
-
-**3. Who installed Heads on this computer?**
-- [ ] Insurgo
-- [ ] Nitrokey
-- [ ] Purism
-- [ ] Other provider
-- [ ] Self-installed
-
-**4. What PGP key is being used?**
-- [ ] Librem Key
-- [ ] Nitrokey Pro 2
-- [ ] Nitrokey Storage
-- [ ] Yubikey
-- [ ] Other
-
-**5. Are you using the PGP key to provide HOTP verification?**
-- [ ] Yes
-- [ ] No
-- [ ] I don't know
+1. What board are you using? (Choose from the list of boards [here](https://github.com/eganonoa/heads/tree/master/boards))
+
+2. Does your computer have a dGPU or is it iGPU-only?
+    - [ ] dGPU (Distinct GPU other then internal GPU)
+    - [ ] iGPU-only (Internal GPU, normally Intel GPU)
+
+3. Who installed Heads on this computer?
+    - [ ] Insurgo (Issues to be reported at https://github.com/linuxboot/heads/issues)
+    - [ ] Nitrokey (Issues to be reported at https://github.com/Nitrokey/heads/issues)
+    - [ ] Purism (Issues to be reported at https://source.puri.sm/firmware/pureboot/-/issues)
+    - [ ] Novacustom (Issues to be reported at https://github.com/Dasharo/dasharo-issues)
+    - [ ] HardnenedVault (Issues to be reported at https://github.com/hardenedvault/vaultboot/issues)
+    - [ ] Other provider
+    - [ ] Self-installed
+
+4. What PGP key is being used?
+    - [ ] Librem Key (Nitrokey Pro 2 rebranded)
+    - [ ] Nitrokey Pro
+    - [ ] Nitrokey Pro 2
+    - [ ] Nitrokey 3 NFC
+    - [ ] Nitrokey 3 NFC Mini
+    - [ ] Nitrokey Storage
+    - [ ] Nitrokey Storage 2
+    - [ ] Yubikey
+    - [ ] Other
+
+5. Are you using the PGP key to provide HOTP verification?
+    - [ ] Yes
+    - [ ] No
+    - [ ] I don't know
 
 ### B. Identify how the board was flashed
 
-**1. Is this problem related to updating heads or flashing it for the first time?**
-- [ ] First-time flash
-- [ ] Updating heads 
+1. Is this problem related to updating heads or flashing it for the first time?
+    - [ ] First-time flash
+    - [ ] Updating heads 
 
-**2. If the problem is related to an update, how did you attempt to apply the update?**
-- [ ] Using the Heads GUI
-- [ ] Flashrom via the Recovery Shell
-- [ ] External flashing
+2. If the problem is related to an update, how did you attempt to apply the update?
+    - [ ] Using the Heads menus
+    - [ ] Flashrom via the Recovery Shell
+    - [ ] External flashing
 
-**3. How was Heads initially flashed**
-- [ ] External flashing
-- [ ] Internal-only / 1vyrain
-- [ ] Don't know
+3. How was Heads initially flashed?
+    - [ ] External flashing
+    - [ ] Internal-only / 1vyprep+1vyrain / skulls
+    - [ ] Don't know
 
-**4. Was the board flashed with a maximized or non-maximized/legacy rom?**
-- [ ] Maximized
-- [ ] Non-maximized / legacy
-- [ ] I don't know
+4. Was the board flashed with a maximized or non-maximized/legacy rom?
+    - [ ] Maximized
+    - [ ] Non-maximized / legacy
+    - [ ] I don't know
 
-**5. If Heads was externally flashed, was IFD unlocked?**
-- [ ] Yes
-- [ ] No
-- [ ] Don't know
+5. If Heads was externally flashed, was IFD unlocked?
+    - [ ] Yes
+    - [ ] No
+    - [ ] Don't know
 
 ### C. Identify the rom related to this bug report
 
-**1. Did you download or build the rom at issue in this bug report?**
-- [ ] I downloaded it
-- [ ] I built it
-
-**2. If you downloaded your rom, where did you get it from?**
-- [ ] Heads CircleCi
-- [ ] Purism
-- [ ] Nitrokey
-- [ ] Somewhere else (please identify)
-
-*Please provide the release number or otherwise identify the rom downloaded*
-
-**3. If you built your rom, which repository:branch did you use?**
-- [ ] Heads:Master
-- [ ] Other (please identify)
-
-**4. What version of coreboot did you use in building?**
-- [ ] 4.8.1 (current default in heads:master)
-- [ ] 4.13
-- [ ] 4.14
-- [ ] 4.15
-- [ ] Other (please specify)
-- [ ] I don't know
-
-**5. In building the rom where did you get the blobs?**
-- [ ] No blobs required
-- [ ] Provided by the company that installed Heads on the device
-- [ ] Extracted from a backup rom taken from this device
-- [ ] Extracted from another backup rom taken from another device (please identify the board model)
-- [ ] Extracted from the online bios using the automated tools provided in Heads
-- [ ] I don't know
+1. Did you download or build the rom at issue in this bug report?
+    - [ ] I downloaded it
+    - [ ] I built it
+
+2. If you downloaded your rom, where did you get it from?
+    - [ ] Heads CircleCi
+    - [ ] Purism
+    - [ ] Nitrokey
+    - [ ] Dasharo DTS (Novacustom)
+    - [ ] Somewhere else (please identify)
+
+    *Please provide the release number or otherwise identify the rom downloaded*
+
+3. If you built your rom, which repository:branch did you use?
+    - [ ] Heads:Master
+    - [ ] Other (please identify)
+
+4. What version of coreboot did you use in building?
+{ You can find this information from github commit ID or once flashed, by giving the complete version from Sytem Information under Options --> menu}
+
+5. In building the rom, where did you get the blobs?
+    - [ ] No blobs required
+    - [ ] Provided by the company that installed Heads on the device
+    - [ ] Extracted from a backup rom taken from this device
+    - [ ] Extracted from another backup rom taken from another device (please identify the board model)
+    - [ ] Extracted from the online bios using the automated tools provided in Heads
+    - [ ] I don't know
 
 ## Please describe the problem
 

.github/ISSUE_TEMPLATE/bug-report-for-heads-build-errors.md

@@ -16,11 +16,7 @@ assignees: ''
 - [ ] Other (please specify)
 
 **3. What version of coreboot are you trying to build**
-- [ ] 4.13
-- [ ] 4.14
-- [ ] 4.15
-- [ ] 4.17
-- [ ] Other (please specify)
+<!-- Please provide GitHub commit ID, or if firmware flashed, the information found under System Information for version -->
 
 **4. In building the rom where did you get the blobs?**
 - [ ] No blobs required

.gitignore

@@ -1,25 +1,25 @@
-.*.sw*
-*.xz
+*.bad
 *.bz2
+*.cpio
+*.dep
+*.ffs
+*.fv
 *.gz
-*.sign
-*.rom
-*.o
-*.gz
-*.tgz
 *.img
-*.rom
-*.cpio
-typescript*
-config/*.old
 *.log
-*~
-crossgcc
-clean
+*.lz
+*.o
+*.rom
 *.sec
-*.dep
-*.ffs
+*.sign
+*.tgz
 *.vol
-*.lz
-*.fv
-*.bad
+*.xz
+*~
+.*.sw*
+/.direnv
+clean
+config/*.old
+crossgcc
+typescript*
+result

BOARD_TESTERS.md

@@ -0,0 +1,61 @@
+Live list of community supported platform testers per last coreboot/linux version bump
+==
+
+Heads is a community project, where boards under boards/* need to be tested by board owners when coreboot/linux version bumps happen prior of a Pull Request (PR) merge.
+This list will be maintained per coreboot/linux version bumps PRs.
+
+Please see boards/BOARD_NAME/BOARD_NAME.config for HCL details.
+
+----
+
+As per https://github.com/linuxboot/heads/issues/692, currently built CircleCI boards ROMs are:
+
+Laptops
+==
+
+xx20 (Sandy):
+===
+- [ ] t420 (xx20): @notgivenby @alexmaloteaux @akfhasodh @doob85
+- [ ] x220 (xx20): @srgrint @Thrilleratplay
+
+xx30 (Ivy):
+===
+- [ ] t430 (xx30): @notgivenby @nestire(t430-legacy, t430-maximized) @Thrilleratplay @alexmaloteaux @lsafd @bwachter(iGPU maximized) @shamen123 @eganonoa(iGPU) @nitrosimon @jans23 @icequbes1 (iGPU) @weyounsix (t430-dgpu)
+- [ ] w530 (xx30): @eganonoa @zifxify @weyounsix (dGPU: w530-k2000m) @jnscmns (dGPU K1000M) @computer-user123 (w530 / & w530 k2000 : prefers iGPU) @tlaurion
+- [ ] x230 (xx30): @nestire(x230-legacy, x230-maximized) @tlaurion(maximized) @osresearch @merge @jan23 @MrChromebox @shamen123 @eganonoa @bwachter @Thrilleratplay @jnscmns 
+- [ ] x230-fhd/edp variant: @n4ru @computer-user123 (nitro caster board) @Tonux599 @househead @pcm720 (eDP 4.0 board and 1440p display) @doob85 https://matrix.to/#/@rsabdpy:matrix.org (agan mod board)
+- [ ] x230t : @fhvyhjriur
+- [ ] t530 (xx30): @fhvyhjriur @3hhh (Opportunity to mainstream and close https://github.com/linuxboot/heads/issues/1682)
+- [ ] Optiplex 7010/9010 SFF/DT: @tlaurion (owns DT variant)
+
+xx4x(Haswell):
+===
+- [ ] t440p: @fhvyhjriur @ThePlexus @srgrint @akunterkontrolle @rbreslow
+- [ ] w541 (similar to t440p): @ResendeGHF @gaspar-ilom (Always tested late: Needs more responsive board testers or risk to become unmaintained.)
+
+xx8x(Kaby Lake Refresh):
+===
+- [ ] t480: @gaspar-ilom @doritos4mlady @MattClifton76 @notgivenby @akunterkontrolle
+
+Librems:
+===
+- [ ] Librem 11(JasperLake): @JonathonHall-Purism
+- [ ] Librem 13v2 (Skylake): @JonathonHall-Purism
+- [ ] Librem 13v4 (Kabylake): @JonathonHall-Purism
+- [ ] Librem 14 (CometLake): @JonathonHall-Purism
+- [ ] Librem 15v3 (Skylake): @JonathonHall-Purism
+- [ ] Librem 15v4 (Kabylake): @JonathonHall-Purism
+
+Clevo:
+===
+- [ ] Nitropad NS50 (AlderLake) : @daringer
+- [ ] Novacustom NV4x (AlderLake) : @tlaurion @daringer
+- [ ] Novacustom v560tu (MeteorLake) : @tlaurion @daringer @mkopec 
+
+Desktops/Servers
+==
+- [ ] kgpe-d16 (AMD fam15h) (dropped in coreboot 4.12): @arhabd @Tonux599 @zifxify https://matrix.to/#/@rsabdpy:matrix.org
+- [ ] Librem L1UM v1 (Broadwell): @JonathonHall-Purism
+- [ ] Librem L1Um v2 (CoffeeLake): @JonathonHall-Purism
+- [ ] Talos II (PPC64LE, Power9) : @tlaurion (Will become untested, no other known users, not worth my time nor effort even though massive investment of all forms)
+- [ ] z220-cmt (HP Z220 CMT): @d-wid

CONTRIBUTING.md

@@ -0,0 +1,73 @@
+# Contributing to LinuxBoot/Heads
+
+Thank you for your interest in contributing to LinuxBoot/Heads! We welcome contributions
+from everyone. Following these contribution guidelines will make handling of issues and
+PRs a faster and smoother process, so please try to adhere to them.
+
+## Communication Channels
+
+For the most up-to-date information on our community channels, please visit:
+https://osresearch.net/community/
+
+## Best Practices for Issues and Contributions
+
+Before opening an issue or submitting a contribution, please:
+
+1. Search existing resources (GitHub issues, wiki, Matrix channel history).
+2. Review the documentation at https://osresearch.net.
+3. Choose the appropriate channel for your contribution or question.
+
+If you're unsure about what kind of issue you're looking at or whether it's an actual issue 
+ with the project rather than your usage mistake, feel free to post a quick question briefly 
+ (actual amount of details depends on the situation) describing the situation and expect to 
+ either get a suitable answer or a request to provide a detailed problem report on GitHub 
+ which will be treated with more attention. In case of an absence of a GitHub account and 
+ unwillingness to create one, detailed report can also be submitted via Matrix and an issue 
+ will be opened on GitHub by a maintainer.
+
+### When Starting a Discussion on Matrix
+
+- Clearly state your topic or question.
+- Provide context, including your environment (OS, hardware, etc.) if relevant.
+- Be patient and respectful while waiting for responses. Feel free to "ping" (draw attention) after some time if it looks like your question wasn't noticed.
+- Structure your topic effectively with a clear title and organized content.
+- Use code blocks for command outputs or error messages.
+- Consider breaking complex topics into smaller, manageable questions.
+- Tag your topic with relevant keywords.
+
+### When Opening an Issue on GitHub
+- Search globally on linuxboot organization for related keywords first.
+  - EG: yubikey search in issues: https://github.com/search?q=org%3Alinuxboot+yubikey&type=issues
+- Choose a clear and descriptive title.
+- Clearly describe the problem or suggestion:
+  - Summarize the issue or feature request.
+  - Explain current behavior and expected behavior.
+  - For bugs, provide steps to reproduce.
+  - For feature requests, explain use case and benefits.
+- Mention your environment details.
+- If you have a proposed solution, describe it briefly.
+- Check for related issues or pull requests and link them.
+- Format your issue for readability using Markdown. 
+  - Here is a nice advanced online editor alternative to GitHub: https://stackedit.io/app#
+- Be responsive to follow-up questions.
+
+### For Pull Requests
+
+- Link to related issues or discussions.
+- Provide a clear description of the changes and their purpose.
+- Be responsive to feedback and prepared to make adjustments.
+- **Important**: All commits to linuxboot/heads (*not heads-wiki!*) must be signed. 
+  - For instructions, see: [Signing commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
+  - If you won't GPG-sign your commits (GitHub signature doesn't count), they will get signed by a maintainer after a successful review, but it's strongly preferred you do it yourself.
+
+## GitHub Repositories
+
+- **linuxboot/heads**: https://github.com/linuxboot/heads
+  - Main repository for code, development, and user experience improvements.
+  - All commits must be signed.
+- **linuxboot/heads-wiki**: https://github.com/linuxboot/heads-wiki
+  - Repository for project documentation.
+  - Content is rendered and searchable at https://osresearch.net
+  - *Commits don't have to be signed to lower bar for contribution*.
+
+We appreciate your contributions to the LinuxBoot/Heads project!

FAQ.md

@@ -112,8 +112,8 @@ your disk password, which is perhaps an improvement.
 
 Disk key in TPM (LUKS TPM Disk Unlock Key) or user passphrase?
 ---
-Depends on your threat model.  With the disk key in the TPM an attacker
-would need to have the entire machine (or a backdoor in the TPM)
+Depends on your threat model.  With the Disk Unlock Key in the TPM an
+attacker would need to have the entire machine (or a backdoor in the TPM)
 to get the key and their attempts to unlock it can be rate limited
 by the TPM hardware.