New system setup: Coreboot + Grub + Luks + Btrfs + Alpine

I used Arch Linux for some time, should switch to Alpine Linux for simplicity. The setup will be on thinkpad x220 brought from Kai Hendry, thanks to him for keeping his laptop in good state. :)

Quick overview:

Bootloader: Coreboot + Grub payload (testing)
Encryption: Dm-crypt LUKS + key file from sd card
Filesystem: Btrfs raid 0 (data) + raid 1 (metadata)
Root setup: Alpine Linux

Setting up Coreboot

Why switch to coreboot? Default firmware took 8s to boot. Now x < 2s. Haha!

Preparation
1. Get raspberry pi 2 and SOIC clip + probe cables
2. Install flashrom and build coreboot with grub2 payload
3. Prerequisite: make crossgcc-i386 CPUS=4, make iasl
Set up flasher - coreboot wiki and tylercipriani
1. Lenovo guide to remove keyboard and palm rest
2. Purge any power source of laptop & programmer (rpi2)
3. Connect the probe cables between programmer and chip
4. Then only turn on the power source of programmer
(Optional) Extracting the VGA BIOS which is better than SeaVGABios
1. More info available at nroach44 and coreboot wiki
2. Download, build uefitool, open factory.rom with uefitool
3. Search for text "VGA Compatible BIOS" with unicode unchecked
4. Double click matching result, then extract body of Raw section
5. (Optional) check word "VGA Display controller" with romheaders
(Optional) Cleaning up me.bin (now this option is in nconfig)
1. More info available at nroach44
2. Necessary: util/me_cleaner/me_cleaner.py build/coreboot.bin
3. (Optional) Verify that util/intelmetool/intelmetool -s show output "Firmware Init Complete" as "NO"
4. To proceed - util/me_cleaner/me_cleaner.py me.bin and make
5. hexdump me.bin and check last byte which have tons of ffff
6. dd if=me.bin of=truc.bin bs=1 count=$(printf '%d' 0x00dbc90)
(Optional) Setting battery threshold
1. More info available at vej's blog
2. Build util/ectool
3. Battery start threshold 75% - util/ectool -w 0xb1 -z 0x4b
4. Battery stop threshold 80% - util/ectool -w 0xb1 -z 0x50
Building coreboot
1. More info available at coreboot wiki x220 page
2. First check flashrom -p linux_spi:dev=/dev/spidev0.0
3. If it gets an error: poweroff, reconnect pin and boot
4. flashrom -p linux_spi:dev=/dev/spidev0.0 -r orig.bin
5. Check orig.bin hash & redo step 4-5, not same? step 2
6. Extract the factory binary blob: ifdtool -x orig.bin
7. Move outputs to 3rdparty/blobs/mainboard/lenovo/x220
8. Rename files as "descriptor.bin", "gbe.bin", "me.bin"
9. make nconfig and tune it accordingly .config (dead)
10. If it builds, verify with step 4-5 twice and finally:
```
flashrom -p linux_spi:dev=/dev/spidev0.0 -w build/coreboot.rom
```
After coreboot is flashed, internal flashing can be done by:
- iomem=relaxed in cmdline
- flashrom -p internal:laptop=force_I_want_a_brick -c MX25L6405 -w build/coreboot.rom --ifd -i bios -n
Tips and tricks:
- Find bootorder with CONFIG_USE_OPTION_TABLE, CONFIG_CONSOLE_CBMEM, DEFAULT_CONSOLE_LOGLEVEL_6, then util/cbmem/cbmem -c | grep booto.
- The extra config such as bootorder, config_seabios can be set with $(top)/src/mainboard/$(MAINBOARDDIR)/* where you can store it inside src/mainboard/lenovo/x220/ to differentiate between different boards.

Setting up a testing environment

This is just some random stuff how I tested it out with qemu, might help.

Setting up full disk encryption

For how it is now, I will just draw an image:

+------------------------+     +------------------------+
| /dev/sda1 111GB (root) |---->| /dev/mapper/p0 (crypt) |-------------+
+------------------------+     +------------------------+             v
| /dev/sda2   8GB (swap) |                                   +-----------------+
+------------------------+                                   | / - btrfs raid0 |
                                                             +-----------------+
+------------------------+     +------------------------+             ^
| /dev/sdb  119GB (root) |---->| /dev/mapper/p1 (crypt) |-------------+ 
+------------------------+     +------------------------+