diff options
author | Leah Rowe <leah@libreboot.org> | 2023-04-14 01:36:54 +0100 |
---|---|---|
committer | Leah Rowe <leah@libreboot.org> | 2023-04-14 01:41:07 +0100 |
commit | 668de6d81f66c336c7a780edfd8af6550c50a057 (patch) | |
tree | 7a0d5bc72ed766a8318e4ca0c28343205e3aacbe /resources | |
parent | 9df1a1774fdcf37bf363db20b75dad2eeef2b405 (diff) |
blobutil: support extracting ME from full ROMs
In cases where the vendor update file contains a full
ROM image encompassing IFD+GbE+ME+BIOS, blobutil was
saving the *entire* ROM containing those, as me.bin.
For example, if it's an 8MB ROM, blobutil would create
a me.bin file that is actually the whole ROM containing:
* Vendor IFD region
* Vendor GbE(if it has one)
* Vendor ME region
* Vendor BIOS region
This fix tries with -M and -O first. In this combination,
me_cleaner shall extract me.bin (neutered) and save it.
If that fails, then the normal method with just -O is
tried, which by this logic would always be a lone ME
image if it succeeds.
I tested downloading ME images on existing boards with
this, and it didn't break them, and this fixes the bug.
This is done for HP 8200 SFF which Riku_V is adding to
lbmk. I'm on IRC with Riku_V as I write this commit
message! Super hot hotfix patch.
Diffstat (limited to 'resources')
-rwxr-xr-x | resources/scripts/blobs/download | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/resources/scripts/blobs/download b/resources/scripts/blobs/download index 14da9067..259dd865 100755 --- a/resources/scripts/blobs/download +++ b/resources/scripts/blobs/download @@ -186,6 +186,9 @@ Bruteforce_extract_me() { return 0 fi + sdir="$(mktemp -d)" + mkdir -p "${sdir}" || return 1 + ( printf "Entering %s\n" "${cdir}" cd "${cdir}" || exit 1 @@ -197,6 +200,8 @@ Bruteforce_extract_me() { # symlinks are a security risk, in this context continue elif [ -f "${i}" ]; then + "${mecleaner}" -r -t -O "${sdir}/vendorfile" -M "${_me_destination}" "${i}" \ + && break # (we found me.bin) "${mecleaner}" -r -t -O "${_me_destination}" "${i}" \ && break # (we found me.bin) "${me7updateparser}" -O ${_me_destination} "${i}" \ @@ -215,6 +220,9 @@ Bruteforce_extract_me() { fi done ) + + rm -Rf "${sdir}" + if [ ! -f "${_me_destination}" ]; then printf "me.bin not found in vendor update for board: %s\n" ${board} return 1 |