Since we (unfortunately) need to use different forks of flashrom for
different platforms, flashrom must be overrideable. Moving it into
the ownerboot packageset is the way to do that.
This bumps the kernel version on gru-kevin to 5.10.148, which has
fixes for the notorious Linux kernel wifi RCE exploits:
CVE-2022-41674, CVE-2022-42719, and CVE-2022-42720.
On all other platforms the ownerboot kernel is used only to kexec()
another long-lived kernel, and is therefore built without wifi
support and not vulnerable.
The gru-kevin laptop cannot use kexec() due to unfixable bugs in
mid-2010s versions of ARM's GICv3.
In some cases this bug can be worked around by having the
pre-kexec() kernel not fully initialize the GIC:
https://lore.kernel.org/lkml/20180921195954.21574-1-marc.zyngier@arm.com/
Unfortunately this workaround leaves the gru-kevin's screen in a
glitchy state post-kexec() which makes the laptop mostly unusable.
Adam Joseph