diff options
| author | Leah Rowe <leah@libreboot.org> | 2023-07-08 23:00:00 +0100 | 
|---|---|---|
| committer | Leah Rowe <leah@libreboot.org> | 2023-07-08 23:45:57 +0100 | 
| commit | 0f09c0d72b0e76cbf29d633e44fbf4495f1f2f56 (patch) | |
| tree | ebcd223063c694cf5657c21104f43f3d54b53d4c /resources | |
| parent | 2bbb4c839a8224b17c7929b7ea612085d1351d20 (diff) | |
download/coreboot: re-add book-burning support
see:
https://en.wikipedia.org/wiki/Book_burning
i'll actually update blobs.list for each coreboot rev
in a subsequent commit. this logic was taken from an
old libreboot revision, which uses different coreboot
revisions. as i write this, i'm running deblob-check
from linux-libre deblob scripts.
my process is: i just check each file and decide whether
it's a blob, or like, test data. in some cases it flags
other false positives, like... a C source file that has
a bunch of magic numbers in it for things (not a blob)
Signed-off-by: Leah Rowe <leah@libreboot.org>
Diffstat (limited to 'resources')
| -rw-r--r-- | resources/coreboot/cros/blobs.list | 22 | ||||
| -rw-r--r-- | resources/coreboot/default/blobs.list | 22 | ||||
| -rwxr-xr-x | resources/scripts/update/module/coreboot | 91 | 
3 files changed, 134 insertions, 1 deletions
| diff --git a/resources/coreboot/cros/blobs.list b/resources/coreboot/cros/blobs.list new file mode 100644 index 00000000..05d3ee48 --- /dev/null +++ b/resources/coreboot/cros/blobs.list @@ -0,0 +1,22 @@ +src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch05000119.c +3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_hotplug.c +3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_mcdi.c +3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_suspend.c +3rdparty/arm-trusted-firmware/plat/rockchip/rk3368/drivers/ddr/rk3368_ddr_reg_resume_V1.05.bin +3rdparty/chromeec/test/legacy_nvmem_dump.h +3rdparty/vboot/tests/futility/data/bios_link_mp.bin +3rdparty/vboot/tests/futility/data/bios_peppy_mp.bin +src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch0500000B.c +src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch0500001A.c +src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch05000029.c +src/vendorcode/amd/agesa/f14/Proc/GNB/Nb/Family/0x14/F14NbSmuFirmware.h +src/vendorcode/amd/agesa/f14/Proc/GNB/PCIe/Family/0x14/F14PcieAlibSsdt.h +src/vendorcode/amd/agesa/f15tn/Proc/CPU/Family/0x15/TN/F15TnMicrocodePatch0600111F_Enc.c +src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/GnbSmuFirmwareTN.h +src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieAlibSsdtTNFM2.h +src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieAlibSsdtTNFS1.h +src/vendorcode/amd/agesa/f16kb/Proc/CPU/Family/0x16/KB/F16KbId7001MicrocodePatch.c +src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/AlibSsdtKB.h +src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/GnbSamuPatchKB.h +src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/GnbSmuFirmwareKB.h +3rdparty/chromeec/third_party/bmi260/accelgyro_bmi260_config_tbin.h diff --git a/resources/coreboot/default/blobs.list b/resources/coreboot/default/blobs.list new file mode 100644 index 00000000..05d3ee48 --- /dev/null +++ b/resources/coreboot/default/blobs.list @@ -0,0 +1,22 @@ +src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch05000119.c +3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_hotplug.c +3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_mcdi.c +3rdparty/arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_suspend.c +3rdparty/arm-trusted-firmware/plat/rockchip/rk3368/drivers/ddr/rk3368_ddr_reg_resume_V1.05.bin +3rdparty/chromeec/test/legacy_nvmem_dump.h +3rdparty/vboot/tests/futility/data/bios_link_mp.bin +3rdparty/vboot/tests/futility/data/bios_peppy_mp.bin +src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch0500000B.c +src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch0500001A.c +src/vendorcode/amd/agesa/f14/Proc/CPU/Family/0x14/F14MicrocodePatch05000029.c +src/vendorcode/amd/agesa/f14/Proc/GNB/Nb/Family/0x14/F14NbSmuFirmware.h +src/vendorcode/amd/agesa/f14/Proc/GNB/PCIe/Family/0x14/F14PcieAlibSsdt.h +src/vendorcode/amd/agesa/f15tn/Proc/CPU/Family/0x15/TN/F15TnMicrocodePatch0600111F_Enc.c +src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/GnbSmuFirmwareTN.h +src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieAlibSsdtTNFM2.h +src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieAlibSsdtTNFS1.h +src/vendorcode/amd/agesa/f16kb/Proc/CPU/Family/0x16/KB/F16KbId7001MicrocodePatch.c +src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/AlibSsdtKB.h +src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/GnbSamuPatchKB.h +src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/GnbSmuFirmwareKB.h +3rdparty/chromeec/third_party/bmi260/accelgyro_bmi260_config_tbin.h diff --git a/resources/scripts/update/module/coreboot b/resources/scripts/update/module/coreboot index 2e78636b..70618412 100755 --- a/resources/scripts/update/module/coreboot +++ b/resources/scripts/update/module/coreboot @@ -27,6 +27,16 @@ _board=""  cbtree=""  cbrevision="" +# NODELETE= ./download coreboot +# usage: NODELETE= ./download coreboot +# if you do this, .git* won't be removed, nor will blobs +# this is useful for working on patches to a coreboot tree, +# in git, then then add in the build system +nodelete="false" +if [ "x${NODELETE+set}" = 'xset' ]; then +	nodelete="true" +fi +  cbcfgsdir="resources/coreboot"  main() @@ -49,6 +59,7 @@ main()  		download_coreboot_for_board "${board}"  	done +	censor_blobs  	rm -f ${cbcfgsdir}/*/seen  } @@ -153,7 +164,7 @@ prepare_new_coreboot_tree()  		|| err "cannot cd to coreboot/${cbtree}"  	git reset --hard ${cbrevision} \  		|| err "cannot reset coreboot revision for tree, ${cbtree}" -	git submodule update --init --checkout \ +	git submodule update --init \  		|| err "cannot update coreboot submodules for tree, ${cbtree}"  	for patch in ../../"${cbcfgsdir}"/"${cbtree}"/patches/*.patch; do @@ -174,6 +185,84 @@ prepare_new_coreboot_tree()  	)  } +censor_blobs() +{ +	if [ "${nodelete}" = "true" ]; then +		return +	fi + +	printf "Doing this to coreboot: https://en.wikipedia.org/wiki/Book_burning\n" +	printf "Whatever you do, don't read: https://libreboot.org/news/policy.html\n" + +	rm -Rf coreboot/coreboot/ +	rm -Rf coreboot/.git* coreboot/*/.git* \ +			coreboot/*/3rdparty/*/.git* +	rm -Rf coreboot/*/util/nvidia/cbootimage/.git* + +	# Also delete that nasty evil documentation that +	# tells users how to install coreboot, because those +	# evil coreboot people recommend blobs sometimes. /s +	rm -Rf coreboot/*/Documentation + +	# it's basically book-burning. GNU FSDG policy == censorship. +	# https://en.wikipedia.org/wiki/Book_burning + +	# there is a much better way: +	# https://libreboot.org/news/policy.html + +	# but this version of libreboot is designed for the FSF +	# to use in their GNU Boot project. + +	# and i guarantee you, they will remove the above comments +	# if they fork this code. + +	# *they* will call it FREEDOM. + +	# but it's not. they're removing your freedom to choose. +	# and censoring everything they don't like. + +	# they will decide what is good for you. +	# they will decide against you. +	# and if you fell for their propaganda, you'll feel +	# pure. despite the fact that your machine is still +	# full of blobs, even if the boot flash is blob-free. +	# see: +	# https://libreboot.org/faq.html#what-other-firmware-exists-outside-of-libreboot + +	# this, despite the fact that libreboot is a free software +	# project. they call it non-free. the truth is written here: + +	# https://libreboot.org/freedom-status.html + +	for cbdir in coreboot/*; do +		if [ ! -d "${cbdir}" ]; then continue; fi +		cbtree="${cbdir##coreboot/}" +		cbtree="${cbtree%/}" +		if [ ! -d "coreboot/${cbtree}" ]; then continue; fi +		bloblist="resources/coreboot/${cbtree}/blobs.list" +		if [ -f "${bloblist}" ]; then +			for blobfile in $(cat "${bloblist}"); do +				printf "Deleting blob: 'coreboot/%s/%s'\n" \ +						"${cbtree}" "${blobfile}" +				rm -f "coreboot/${cbtree}/${blobfile}" +			done +		else +			printf "WARNING blobs.list unavailable for %s" \ +				${cbtree} 1>&2 +		fi +		rmlist="resources/coreboot/${cbtree}/rm.list" +		if [ -f "${rmlist}" ]; then +			for rmentry in $(cat "${rmlist}"); do +				printf "Deleting directory to save space: " +				printf "'coreboot/%s/%s'\n" \ +						"${cbtree}" "${rmentry}" +				rm -Rf "coreboot/${cbtree}/${rmentry}" +			done +		fi +	done + +} +  err()  {  	printf "ERROR: %s: %s\n" $0 $1 1>&2 | 
