summaryrefslogtreecommitdiff
path: root/resources
diff options
context:
space:
mode:
authorLeah Rowe <leah@libreboot.org>2023-07-08 23:00:00 +0100
committerLeah Rowe <leah@libreboot.org>2023-07-08 23:45:57 +0100
commit0f09c0d72b0e76cbf29d633e44fbf4495f1f2f56 (patch)
treeebcd223063c694cf5657c21104f43f3d54b53d4c /resources
parent2bbb4c839a8224b17c7929b7ea612085d1351d20 (diff)
download/coreboot: re-add book-burning support
see: https://en.wikipedia.org/wiki/Book_burning i'll actually update blobs.list for each coreboot rev in a subsequent commit. this logic was taken from an old libreboot revision, which uses different coreboot revisions. as i write this, i'm running deblob-check from linux-libre deblob scripts. my process is: i just check each file and decide whether it's a blob, or like, test data. in some cases it flags other false positives, like... a C source file that has a bunch of magic numbers in it for things (not a blob) Signed-off-by: Leah Rowe <leah@libreboot.org>
Diffstat (limited to 'resources')
-rw-r--r--resources/coreboot/cros/blobs.list22
-rw-r--r--resources/coreboot/default/blobs.list22
-rwxr-xr-xresources/scripts/update/module/coreboot91
3 files changed, 134 insertions, 1 deletions
diff --git a/resources/coreboot/cros/blobs.list b/resources/coreboot/cros/blobs.list
new file mode 100644
index 00000000..05d3ee48
--- /dev/null
+++ b/resources/coreboot/cros/blobs.list
@@ -0,0 +1,22 @@
+src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch05000119.c
+3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_hotplug.c
+3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_mcdi.c
+3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_suspend.c
+3rdparty/arm-trusted-firmware/plat/rockchip/rk3368/drivers/ddr/rk3368_ddr_reg_resume_V1.05.bin
+3rdparty/chromeec/test/legacy_nvmem_dump.h
+3rdparty/vboot/tests/futility/data/bios_link_mp.bin
+3rdparty/vboot/tests/futility/data/bios_peppy_mp.bin
+src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch0500000B.c
+src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch0500001A.c
+src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch05000029.c
+src/vendorcode/amd/agesa/f14/Proc/GNB/Nb/Family/0x14/F14NbSmuFirmware.h
+src/vendorcode/amd/agesa/f14/Proc/GNB/PCIe/Family/0x14/F14PcieAlibSsdt.h
+src/vendorcode/amd/agesa/f15tn/Proc/CPU/Family/0x15/TN/F15TnMicrocodePatch0600111F_Enc.c
+src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/GnbSmuFirmwareTN.h
+src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieAlibSsdtTNFM2.h
+src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieAlibSsdtTNFS1.h
+src/vendorcode/amd/agesa/f16kb/Proc/CPU/Family/0x16/KB/F16KbId7001MicrocodePatch.c
+src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/AlibSsdtKB.h
+src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/GnbSamuPatchKB.h
+src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/GnbSmuFirmwareKB.h
+3rdparty/chromeec/third_party/bmi260/accelgyro_bmi260_config_tbin.h
diff --git a/resources/coreboot/default/blobs.list b/resources/coreboot/default/blobs.list
new file mode 100644
index 00000000..05d3ee48
--- /dev/null
+++ b/resources/coreboot/default/blobs.list
@@ -0,0 +1,22 @@
+src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch05000119.c
+3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_hotplug.c
+3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_mcdi.c
+3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_suspend.c
+3rdparty/arm-trusted-firmware/plat/rockchip/rk3368/drivers/ddr/rk3368_ddr_reg_resume_V1.05.bin
+3rdparty/chromeec/test/legacy_nvmem_dump.h
+3rdparty/vboot/tests/futility/data/bios_link_mp.bin
+3rdparty/vboot/tests/futility/data/bios_peppy_mp.bin
+src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch0500000B.c
+src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch0500001A.c
+src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch05000029.c
+src/vendorcode/amd/agesa/f14/Proc/GNB/Nb/Family/0x14/F14NbSmuFirmware.h
+src/vendorcode/amd/agesa/f14/Proc/GNB/PCIe/Family/0x14/F14PcieAlibSsdt.h
+src/vendorcode/amd/agesa/f15tn/Proc/CPU/Family/0x15/TN/F15TnMicrocodePatch0600111F_Enc.c
+src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/GnbSmuFirmwareTN.h
+src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieAlibSsdtTNFM2.h
+src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieAlibSsdtTNFS1.h
+src/vendorcode/amd/agesa/f16kb/Proc/CPU/Family/0x16/KB/F16KbId7001MicrocodePatch.c
+src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/AlibSsdtKB.h
+src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/GnbSamuPatchKB.h
+src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/GnbSmuFirmwareKB.h
+3rdparty/chromeec/third_party/bmi260/accelgyro_bmi260_config_tbin.h
diff --git a/resources/scripts/update/module/coreboot b/resources/scripts/update/module/coreboot
index 2e78636b..70618412 100755
--- a/resources/scripts/update/module/coreboot
+++ b/resources/scripts/update/module/coreboot
@@ -27,6 +27,16 @@ _board=""
cbtree=""
cbrevision=""
+# NODELETE= ./download coreboot
+# usage: NODELETE= ./download coreboot
+# if you do this, .git* won't be removed, nor will blobs
+# this is useful for working on patches to a coreboot tree,
+# in git, then then add in the build system
+nodelete="false"
+if [ "x${NODELETE+set}" = 'xset' ]; then
+ nodelete="true"
+fi
+
cbcfgsdir="resources/coreboot"
main()
@@ -49,6 +59,7 @@ main()
download_coreboot_for_board "${board}"
done
+ censor_blobs
rm -f ${cbcfgsdir}/*/seen
}
@@ -153,7 +164,7 @@ prepare_new_coreboot_tree()
|| err "cannot cd to coreboot/${cbtree}"
git reset --hard ${cbrevision} \
|| err "cannot reset coreboot revision for tree, ${cbtree}"
- git submodule update --init --checkout \
+ git submodule update --init \
|| err "cannot update coreboot submodules for tree, ${cbtree}"
for patch in ../../"${cbcfgsdir}"/"${cbtree}"/patches/*.patch; do
@@ -174,6 +185,84 @@ prepare_new_coreboot_tree()
)
}
+censor_blobs()
+{
+ if [ "${nodelete}" = "true" ]; then
+ return
+ fi
+
+ printf "Doing this to coreboot: https://en.wikipedia.org/wiki/Book_burning\n"
+ printf "Whatever you do, don't read: https://libreboot.org/news/policy.html\n"
+
+ rm -Rf coreboot/coreboot/
+ rm -Rf coreboot/.git* coreboot/*/.git* \
+ coreboot/*/3rdparty/*/.git*
+ rm -Rf coreboot/*/util/nvidia/cbootimage/.git*
+
+ # Also delete that nasty evil documentation that
+ # tells users how to install coreboot, because those
+ # evil coreboot people recommend blobs sometimes. /s
+ rm -Rf coreboot/*/Documentation
+
+ # it's basically book-burning. GNU FSDG policy == censorship.
+ # https://en.wikipedia.org/wiki/Book_burning
+
+ # there is a much better way:
+ # https://libreboot.org/news/policy.html
+
+ # but this version of libreboot is designed for the FSF
+ # to use in their GNU Boot project.
+
+ # and i guarantee you, they will remove the above comments
+ # if they fork this code.
+
+ # *they* will call it FREEDOM.
+
+ # but it's not. they're removing your freedom to choose.
+ # and censoring everything they don't like.
+
+ # they will decide what is good for you.
+ # they will decide against you.
+ # and if you fell for their propaganda, you'll feel
+ # pure. despite the fact that your machine is still
+ # full of blobs, even if the boot flash is blob-free.
+ # see:
+ # https://libreboot.org/faq.html#what-other-firmware-exists-outside-of-libreboot
+
+ # this, despite the fact that libreboot is a free software
+ # project. they call it non-free. the truth is written here:
+
+ # https://libreboot.org/freedom-status.html
+
+ for cbdir in coreboot/*; do
+ if [ ! -d "${cbdir}" ]; then continue; fi
+ cbtree="${cbdir##coreboot/}"
+ cbtree="${cbtree%/}"
+ if [ ! -d "coreboot/${cbtree}" ]; then continue; fi
+ bloblist="resources/coreboot/${cbtree}/blobs.list"
+ if [ -f "${bloblist}" ]; then
+ for blobfile in $(cat "${bloblist}"); do
+ printf "Deleting blob: 'coreboot/%s/%s'\n" \
+ "${cbtree}" "${blobfile}"
+ rm -f "coreboot/${cbtree}/${blobfile}"
+ done
+ else
+ printf "WARNING blobs.list unavailable for %s" \
+ ${cbtree} 1>&2
+ fi
+ rmlist="resources/coreboot/${cbtree}/rm.list"
+ if [ -f "${rmlist}" ]; then
+ for rmentry in $(cat "${rmlist}"); do
+ printf "Deleting directory to save space: "
+ printf "'coreboot/%s/%s'\n" \
+ "${cbtree}" "${rmentry}"
+ rm -Rf "coreboot/${cbtree}/${rmentry}"
+ done
+ fi
+ done
+
+}
+
err()
{
printf "ERROR: %s: %s\n" $0 $1 1>&2