diff --git a/device/testing/device-lenovo-21bx/APKBUILD b/device/testing/device-lenovo-21bx/APKBUILD
index 69b16d37aff35232409de6629ee0704225f18d7f..e8f34a33affa0422f6b8d843cafb7da8350a92ed 100644
--- a/device/testing/device-lenovo-21bx/APKBUILD
+++ b/device/testing/device-lenovo-21bx/APKBUILD
@@ -3,15 +3,24 @@
# Reference: <https://postmarketos.org/devicepkg>
pkgname=device-lenovo-21bx
pkgdesc="Lenovo ThinkPad X13s"
-pkgver=6
+pkgver=7
pkgrel=0
url="https://postmarketos.org"
license="MIT"
arch="aarch64"
options="!check !archcheck !strip"
depends="
+ bootmac
+ firmware-lenovo-21bx
+ libmbim-tools
+ linux-firmware-ath11k
+ linux-firmware-qca
+ linux-firmware-qcom
linux-lenovo-21bx
+ pd-mapper
+ pd-mapper-openrc
postmarketos-base
+ qmi-utils
systemd-boot
"
makedepends="devicepkg-dev"
@@ -19,11 +28,13 @@ source="
deviceinfo
modules-initfs
firmware.files
+ usbguard.conf
"
subpackages="
- $pkgname-nonfree-firmware:nonfree_firmware
+ $pkgname-usbguard
$pkgname-vulkan
"
+install="$pkgname.post-install"
build() {
devicepkg_build $startdir $pkgname
@@ -31,25 +42,9 @@ build() {
package() {
devicepkg_package $startdir $pkgname
-}
-
-nonfree_firmware() {
- pkgdesc="Firmware for Bluetooth, Modem, WiFi, etc."
- depends="
- bootmac
- firmware-lenovo-21bx
- libmbim-tools
- linux-firmware-ath11k
- linux-firmware-qca
- linux-firmware-qcom
- pd-mapper
- pd-mapper-openrc
- qmi-utils
- "
- install="$subpkgname.post-install"
install -Dm644 "$srcdir/"/firmware.files \
- -t "$subpkgdir"/usr/share/mkinitfs/files/
+ -t "$pkgdir"/usr/share/mkinitfs/files/
}
vulkan() {
@@ -58,8 +53,16 @@ vulkan() {
mkdir "$subpkgdir"
}
+usbguard() {
+ install_if="$pkgname=$pkgver-r$pkgrel usbguard"
+ install -Dm600 "$srcdir"/usbguard.conf \
+ "$subpkgdir"/etc/usbguard/rules.d/"$pkgname".conf
+ devicepkg_package $startdir $pkgname
+}
+
sha512sums="
-994173797adbbd79b0c33d3427d5e71f369e7506cc200b11d920d5b8854b2be28035a66602fe34254738c2eecd7d3e63c846424f5dad70e3e41e202dbd1393b6 deviceinfo
+c3570f44cd0134fd7400a5467cfddb3c1877a771fda8006228d1b0fd81536171ece53bf7562fc0e11dcc1fd3c6830e324e0d5ad9fdc4e16b53107fa3a04004fb deviceinfo
5e91aebdd5aa84eef2660c5cbecd27b1c3662f1707538d53764a74dc1e6cbac451b1041b9aaab92f087d44630036b10e5155a993dd4b2e54cba81637ddb47593 modules-initfs
82f7719285434d8c7a5268ddc21d513bb3f3788eb3dd2df099e1c245add9d19719047b003a47edb077e095ebe09d9601b1312c001578e7dfa4ed61d72098ef74 firmware.files
+0d0412eb1f01af39000c39391f622640461305d83dae1a53aa7eef640cc17fd265cabca4e4e57dea053c47a4e50f9feb90f12ee5310d5b6425783e83efc5f9d8 usbguard.conf
"
diff --git a/device/testing/device-lenovo-21bx/device-lenovo-21bx-nonfree-firmware.post-install b/device/testing/device-lenovo-21bx/device-lenovo-21bx.post-install
similarity index 100%
rename from device/testing/device-lenovo-21bx/device-lenovo-21bx-nonfree-firmware.post-install
rename to device/testing/device-lenovo-21bx/device-lenovo-21bx.post-install
diff --git a/device/testing/device-lenovo-21bx/deviceinfo b/device/testing/device-lenovo-21bx/deviceinfo
index c096688fc1507aa63e473885829761fa66510c35..e2d678c988275bbb42ff28f41f724b4d9965f8e9 100644
--- a/device/testing/device-lenovo-21bx/deviceinfo
+++ b/device/testing/device-lenovo-21bx/deviceinfo
@@ -15,7 +15,7 @@ deviceinfo_gpu_accelerated="true"
deviceinfo_chassis="laptop"
deviceinfo_keyboard="true"
deviceinfo_external_storage="true"
-deviceinfo_kernel_cmdline="console=null quiet clk_ignore_unused pd_ignore_unused arm64.nopauth efi=noruntime"
+deviceinfo_kernel_cmdline="console=null quiet clk_ignore_unused pd_ignore_unused arm64.nopauth"
# Bootloader related
deviceinfo_flash_method="none"
diff --git a/device/testing/device-lenovo-21bx/usbguard.conf b/device/testing/device-lenovo-21bx/usbguard.conf
new file mode 100644
index 0000000000000000000000000000000000000000..d895215c6a6ac245d80dc9dd702ff8af73b3dcfa
--- /dev/null
+++ b/device/testing/device-lenovo-21bx/usbguard.conf
@@ -0,0 +1,7 @@
+# DO NOT EDIT - File provided by device package. Create a new .conf file in the
+# parent dir to add more configuration.
+
+allow id 1d6b:0002 serial "xhci-hcd.1.auto" name "xHCI Host Controller" hash "zudmI6U09mqNqdDQFDl/v78sOaZF0oIyao7ytE4OTEA=" parent-hash "DwdjrnwHrPli4MUlhfk91L1O/PV9JpF3Cj10hApOu24=" with-interface 09:00:00 with-connect-type ""
+allow id 1d6b:0003 serial "xhci-hcd.1.auto" name "xHCI Host Controller" hash "8fbUIh9yXWdUPXenfR++1FaXbSeiKw8fP8gi+VrJFak=" parent-hash "DwdjrnwHrPli4MUlhfk91L1O/PV9JpF3Cj10hApOu24=" with-interface 09:00:00 with-connect-type ""
+allow id 1d6b:0002 serial "xhci-hcd.2.auto" name "xHCI Host Controller" hash "vJXibZL8AhVxYamsx328R5RtWUtfXn9eudDfwxfdv28=" parent-hash "6TEUANlvYmc1/nYS1z1jF1R9nMMJZzxSR7B4kCw1qaY=" with-interface 09:00:00 with-connect-type ""
+allow id 1d6b:0003 serial "xhci-hcd.2.auto" name "xHCI Host Controller" hash "5dJdsDXseViKEHPhPwLZN3gGUgFEvF8FMDfXElS+cq4=" parent-hash "6TEUANlvYmc1/nYS1z1jF1R9nMMJZzxSR7B4kCw1qaY=" with-interface 09:00:00 with-connect-type ""