m900 tower port (rebased on tpm1_fixes)

[tlaurion]

Summary

Board port for the Lenovo m900 tower (mini PC), rebased on the TPM1 counter auth fix from PR #2117.

Board port:

• Board configs for m900 tower (maximized and hotp-maximized variants)
• Coreboot config, linux config, ME blob handling
• Review comments addressed: typos, blob names, board name includes 'tower'
• CircleCI integration for both variants (requires seed:coreboot-25.09)
• CircleCI x86_blobs step added for m900 ME download/deguard
• Blob download script refactored to use shared blobs/lib.sh

Inherited from tpm1_fixes (PR #2117):

• TPM1 counter auth regression fix: empty counter auth restored per TCG spec

Additional fixes from review:

• Fixed missing execute permission on blobs/m900/m900_download_clean_deguard_me.sh
• Added IFD/GBE blob hash verification (.hashes-verified stamp target) to catch blob divergence at build time
• Removed placeholder TODO URL from README flashing guide documentation

[Copilot]

Pull request overview

This PR ports the Lenovo M900 Tower (Skylake/Kaby Lake LGA1151 mini-tower) to Heads with two board variants (maximized, hotp-maximized), plus targeted TPM1 reliability fixes in tpmr.sh so that auth-failure detection and tpm1_reset() recover from the TPM_DEFEND_LOCK_RUNNING state after multiple bad passphrases. Documentation in doc/tpm.md is expanded with TPM1 vs TPM2 error-stream conventions, auth grep patterns, and the defend-lock recovery flow.

Changes:

• New EOL_m900_tower-{maximized,hotp-maximized} boards with shared coreboot/linux configs and an ME blob preparation pipeline (download → me_cleaner → deguard).
• TPM1 auth grep patterns extended to include defend/0x98e/0x149; tpm1_reset() cycles physical presence on defend lock running after forceclear.
• CircleCI: two new build jobs (depend on the existing EOL_t480-hotp-maximized 25.09 seed).

Reviewed changes

Copilot reviewed 10 out of 14 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config	New maximized board config (no HOTP).
boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config	New hotp-maximized variant.
config/coreboot-m900-maximized.config	Coreboot 25.09 config for Lenovo M900.
config/linux-m900.config	Linux 6.1.8 kernel config for the board.
targets/m900_me_blobs.mk	Make rules tying the ME blob script into the board build.
blobs/m900/m900_download_clean_deguard_me.sh	Downloads ASRock BIOS, neuters/deguards ME 11.6.0.1126.
blobs/m900/README.md	Blob layout, sources and integrity notes.
blobs/m900/hashes.txt	SHA256 of ME/IFD/GBE blobs.
blobs/m900/.gitignore	Ignores generated me.bin/m900_me.bin.
initrd/bin/tpmr.sh	Adds defend-lock detection in auth-retry grep and tpm1_reset() recovery sequence.
doc/tpm.md	New sections on TPM1/TPM2 auth error patterns and defend-lock recovery.
.circleci/config.yml	Adds the two M900 board build jobs (depending on the 25.09 seed).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 10 out of 14 changed files in this pull request and generated 5 comments.

[Copilot]

Pull request overview

Copilot reviewed 10 out of 14 changed files in this pull request and generated no new comments.

[Copilot]

Pull request overview

Copilot reviewed 10 out of 14 changed files in this pull request and generated no new comments.

[notgivenby]

debug.log
measuring_trace.log

the fix did not help.

[tlaurion]

debug.log measuring_trace.log

the fix did not help.

went down the rabbit hole and found the regression and created fix pushed onto #2117 and rebased on top of it.

[tlaurion]

@notgivenby hopefully this works. Added m900 blobs download in circleci so it downloads it once and reuses cache if already there and checksums match, reworked the script to reuse lib added, and fixups for tpm1.

Keep me posted. Hopefully #2117 (we are based on it here) fixes your issue.

[notgivenby]

debug.log
measuring_trace.log

You invested really a lot of time into debugging...I do not want to misuse you and your time here. Please let me known if @tlaurion you think we need to stop the attempts to port let us say not most popular board for only few people. The issue still maybe releveant for other ports who knows. For future attemps, perhaps I need to select a desktop board from other vendor perhaps with tpm2?

[tlaurion]

debug.log measuring_trace.log

You invested really a lot of time into debugging...I do not want to misuse you and your time here. Please let me known if @tlaurion you think we need to stop the attempts to port let us say not most popular board for only few people. The issue still maybe releveant for other ports who knows. For future attemps, perhaps I need to select a desktop board from other vendor perhaps with tpm2?

debug.log measuring_trace.log

You invested really a lot of time into debugging...I do not want to misuse you and your time here. Please let me known if @tlaurion you think we need to stop the attempts to port let us say not most popular board for only few people. The issue still maybe releveant for other ports who knows. For future attemps, perhaps I need to select a desktop board from other vendor perhaps with tpm2?

@notgivenby this has nothing specific to m900, outside of the fact that as opposed to tpm2, we do not configure the dictionary attack config (how many attempt per timeframe nor resolution period).

As said under #2117 , master contains a regression for how we do counter create and how we increment the counter.

Your platform has DA lockout, might be 24h before automatic resolution. i've worked a bit on it today but haven't finished adding code to troubleshot this properly. Maybe tomorrow, most probably monday

[tlaurion]

@notgivenby can you test artifacts one last time? tpm reset up to tpm duk setup? changed #2117 to do bare minimal to fix #2068 regression with increment which was using tpm owner passphrase where not needed by spec. Will move all other fixes in pending pr for when I'll have time again; my x230 doesn't have proper 1.2 spec imlementation which makes it impossible to do proper things (da lockout policy cannot be asked for....) while swtpm on qemu is way too permissive and doesn't trigger da defend for long enough to test properly.

If this works for you, we can merge #2117 since its a regression fix and move proper da lockout (tpmr.sh da_state /bad_auth) probing tooling for later, and proceed to even merging this m900 tower board addition when you are satisfied with the results and my changes

[notgivenby]

@notgivenby can you test artifacts one last time? tpm reset up to tpm duk setup? changed #2117 to do bare minimal to fix #2068 regression with increment which was using tpm owner passphrase where not needed by spec. Will move all other fixes in pending pr for when I'll have time again; my x230 doesn't have proper 1.2 spec imlementation which makes it impossible to do proper things (da lockout policy cannot be asked for....) while swtpm on qemu is way too permissive and doesn't trigger da defend for long enough to test properly.

If this works for you, we can merge #2117 since its a regression fix and move proper da lockout (tpmr.sh da_state /bad_auth) probing tooling for later, and proceed to even merging this m900 tower board addition when you are satisfied with the results and my changes

@tlaurion I agree :-)
Tested: everything is okay, but the tpm duk set up does not work. erased all settings > added gpg key > reboot > reseted tpm > added default boot > set duk password > reboot > TOTP matches > enter duk password got error (this was probably where I got locked last time) . The duk password was like 1234567890qw. So the probability to mistype it several times is very low. Here are the logs from setting up the duk. duk_set_up_debug.log
duk_set_up_measuring_trace.log

Here are the logs after failed duk entering attempt.
debug.log
measuring_trace.log
new totp generation as suggested does not help.