summaryrefslogtreecommitdiff
path: root/include/vendor.sh
diff options
context:
space:
mode:
Diffstat (limited to 'include/vendor.sh')
-rw-r--r--include/vendor.sh444
1 files changed, 138 insertions, 306 deletions
diff --git a/include/vendor.sh b/include/vendor.sh
index 018e734b..c4e57069 100644
--- a/include/vendor.sh
+++ b/include/vendor.sh
@@ -3,10 +3,10 @@
# Copyright (c) 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com>
# Copyright (c) 2023-2025 Leah Rowe <leah@libreboot.org>
-e6400_unpack="$PWD/src/bios_extract/dell_inspiron_1100_unpacker.py"
-me7updateparser="$PWD/util/me7_update_parser/me7_update_parser.py"
-pfs_extract="$PWD/src/biosutilities/Dell_PFS_Extract.py"
-uefiextract="$PWD/elf/uefitool/uefiextract"
+e6400_unpack="$xbmkpwd/src/bios_extract/dell_inspiron_1100_unpacker.py"
+me7updateparser="$xbmkpwd/util/me7_update_parser/me7_update_parser.py"
+pfs_extract="$xbmkpwd/src/biosutilities/Dell_PFS_Extract.py"
+uefiextract="$xbmkpwd/elf/uefitool/uefiextract"
vendir="vendorfiles"
appdir="$vendir/app"
cbcfgsdir="config/coreboot"
@@ -14,17 +14,19 @@ hashfiles="vendorhashes blobhashes" # blobhashes for backwards compatibility
dontflash="!!! AN ERROR OCCURED! Please DO NOT flash if injection failed. !!!"
vfix="DO_NOT_FLASH_YET._FIRST,_INJECT_FILES_VIA_INSTRUCTIONS_ON_LIBREBOOT.ORG_"
vguide="https://libreboot.org/docs/install/ivy_has_common.html"
-tmpromdel="$PWD/tmp/DO_NOT_FLASH"
+tmpromdel="$xbmkpwd/tmp/DO_NOT_FLASH"
+nvm="util/nvmutil/nvm"
-cv="CONFIG_HAVE_ME_BIN CONFIG_ME_BIN_PATH CONFIG_INCLUDE_SMSC_SCH5545_EC_FW \
- CONFIG_SMSC_SCH5545_EC_FW_FILE CONFIG_KBC1126_FIRMWARE CONFIG_KBC1126_FW1 \
+cvchk="CONFIG_HAVE_MRC CONFIG_HAVE_ME_BIN CONFIG_KBC1126_FIRMWARE \
+ CONFIG_VGA_BIOS_FILE CONFIG_INCLUDE_SMSC_SCH5545_EC_FW \
+ CONFIG_LENOVO_TBFW_BIN CONFIG_FSP_M_FILE CONFIG_FSP_S_FILE"
+
+cv="CONFIG_ME_BIN_PATH CONFIG_SMSC_SCH5545_EC_FW_FILE CONFIG_KBC1126_FW1 \
CONFIG_KBC1126_FW2 CONFIG_KBC1126_FW1_OFFSET CONFIG_KBC1126_FW2_OFFSET \
- CONFIG_VGA_BIOS_FILE CONFIG_VGA_BIOS_ID CONFIG_BOARD_DELL_E6400 \
- CONFIG_HAVE_MRC CONFIG_MRC_FILE CONFIG_HAVE_REFCODE_BLOB \
- CONFIG_REFCODE_BLOB_FILE CONFIG_GBE_BIN_PATH CONFIG_IFD_BIN_PATH \
- CONFIG_LENOVO_TBFW_BIN CONFIG_FSP_FD_PATH CONFIG_FSP_M_FILE \
- CONFIG_FSP_S_FILE CONFIG_FSP_S_CBFS CONFIG_FSP_M_CBFS CONFIG_FSP_USE_REPO \
- CONFIG_FSP_FULL_FD"
+ CONFIG_VGA_BIOS_ID CONFIG_BOARD_DELL_E6400 CONFIG_FSP_S_CBFS \
+ CONFIG_HAVE_REFCODE_BLOB CONFIG_REFCODE_BLOB_FILE CONFIG_GBE_BIN_PATH \
+ CONFIG_IFD_BIN_PATH CONFIG_FSP_FD_PATH CONFIG_MRC_FILE CONFIG_FSP_M_CBFS \
+ CONFIG_FSP_USE_REPO CONFIG_FSP_FULL_FD $cvchk"
eval "`setvars "" has_hashes EC_hash DL_hash DL_url_bkup MRC_refcode_gbe vcfg \
E6400_VGA_DL_hash E6400_VGA_DL_url E6400_VGA_DL_url_bkup E6400_VGA_offset \
@@ -34,41 +36,30 @@ eval "`setvars "" has_hashes EC_hash DL_hash DL_url_bkup MRC_refcode_gbe vcfg \
_7ztest ME11bootguard ME11delta ME11version ME11sku ME11pch tmpromdir \
IFD_platform ifdprefix cdir sdir _me _metmp mfs TBFW_url_bkup TBFW_url \
TBFW_hash TBFW_size hashfile xromsize xchanged EC_url_bkup need_files \
- vfile $cv`"
+ vfile cbcfg $cv`"
vendor_download()
{
- [ $# -gt 0 ] || $err "No argument given"; export PATH="$PATH:/sbin"
- board="$1"; readcfg && readkconfig && bootstrap && getfiles; :
+ [ $# -gt 0 ] || $err "No argument given"
+ export PATH="$PATH:/sbin"
+ board="$1" && readcfg && readkconfig && bootstrap && getfiles; :
}
readkconfig()
{
- check_defconfig "$boarddir" 1>"$TMPDIR/vendorcfg.list" && return 1
-
- rm -f "$TMPDIR/tmpcbcfg" || $err "!rm $TMPDIR/tmpcbcfg - $dontflash"
- while read -r cbcfgfile; do
- for cbc in $cv; do
- rm -f "$TMPDIR/tmpcbcfg2" || \
- $err "!rm $TMPDIR/tmpcbcfg2 - $dontflash"
- grep "$cbc" "$cbcfgfile" 1>"$TMPDIR/tmpcbcfg2" \
- 2>/dev/null || :
- [ -f "$TMPDIR/tmpcbcfg2" ] || continue
- cat "$TMPDIR/tmpcbcfg2" >> "$TMPDIR/tmpcbcfg" || \
- $err "!cat $TMPDIR/tmpcbcfg2 - $dontflash"
- done
- done < "$TMPDIR/vendorcfg.list"
-
- eval "`setcfg "$TMPDIR/tmpcbcfg"`"
+ x_ rm -f "$xbmktmp/cbcfg"
+ cbcfg="`check_defconfig "$boarddir"`" || for cbc in $cv; do
+ grep "$cbc" "$cbcfg" 1>>"$xbmktmp/cbcfg" 2>/dev/null || :
+ done
+ eval "`setcfg "$xbmktmp/cbcfg" 1`"
- for c in CONFIG_HAVE_MRC CONFIG_HAVE_ME_BIN CONFIG_KBC1126_FIRMWARE \
- CONFIG_VGA_BIOS_FILE CONFIG_INCLUDE_SMSC_SCH5545_EC_FW \
- CONFIG_LENOVO_TBFW_BIN CONFIG_FSP_M_FILE CONFIG_FSP_S_FILE; do
+ for c in $cvchk; do
eval "[ \"\${$c}\" = \"/dev/null\" ] && continue"
eval "[ -z \"\${$c}\" ] && continue"
- eval "`setcfg "$vfile"`"; return 0
+ eval "`setcfg "$vfile"`"
+ return 0
done
- printf "Vendor files not needed for: %s\n" "$board" 1>&2; return 1
+ return 1
}
bootstrap()
@@ -78,7 +69,7 @@ bootstrap()
[ -d "${kbc1126_ec_dump%/*}" ] && x_ make -C "$cbdir/util/kbc1126"
[ -n "$MRC_refcode_cbtree" ] && \
cbfstoolref="elf/cbfstool/$MRC_refcode_cbtree/cbfstool" && \
- x_ ./mk -d coreboot "$MRC_refcode_cbtree"; return 0
+ x_ ./mk -d coreboot "$MRC_refcode_cbtree"; :
}
getfiles()
@@ -109,9 +100,14 @@ getfiles()
fetch()
{
- dl_type="$1"; dl="$2"; dl_bkup="$3"; dlsum="$4"; _dest="${5##*../}"
-
- [ "$5" = "/dev/null" ] && return 0; _dl="$XBMK_CACHE/file/$dlsum"
+ dl_type="$1"
+ dl="$2"
+ dl_bkup="$3"
+ dlsum="$4"
+ _dest="${5##*../}"
+
+ [ "$5" = "/dev/null" ] && return 0
+ _dl="$XBMK_CACHE/file/$dlsum"
if [ "$dl_type" = "fspm" ] || [ "$dl_type" = "fsps" ]; then
# HACK: if grabbing fsp from coreboot, fix the path for lbmk
for _cdl in dl dl_bkup; do
@@ -127,13 +123,13 @@ fetch()
rm -Rf "${_dl}_extracted" || $err "!rm ${_ul}_extracted. $dontflash"
e "$_dest" f && return 0
- mkdir -p "${_dest%/*}" || \
- $err "mkdirs: !mkdir -p ${_dest%/*} - $dontflash"
- remkdir "$appdir"; extract_archive "$_dl" "$appdir" "$dl_type" || \
- [ "$dl_type" = "e6400vga" ] || \
- $err "mkd $_dest $dl_type: !extract. $dontflash"
+ x_ mkdir -p "${_dest%/*}"
+ remkdir "$appdir"
+ extract_archive "$_dl" "$appdir" "$dl_type" || \
+ [ "$dl_type" = "e6400vga" ] || $err "$_dest $dl_type: !extract"
- eval "extract_$dl_type"; set -u -e
+ eval "extract_$dl_type"
+ set -u -e
e "$_dest" f missing && $err "!extract_$dl_type. $dontflash"; :
}
@@ -141,9 +137,9 @@ extract_intel_me()
{
e "$mecleaner" f not && $err "$cbdir: me_cleaner missing. $dontflash"
- cdir="$PWD/$appdir"
- _me="$PWD/$_dest"
- _metmp="$PWD/tmp/me.bin"
+ cdir="$xbmkpwd/$appdir"
+ _me="$xbmkpwd/$_dest"
+ _metmp="$xbmkpwd/tmp/me.bin"
mfs="" && [ "$ME11bootguard" = "y" ] && mfs="--whitelist MFS" && \
chkvars ME11delta ME11version ME11sku ME11pch
@@ -162,19 +158,17 @@ extract_intel_me()
extract_intel_me_bruteforce()
{
[ $# -gt 0 ] && cdir="$1"
-
e "$_metmp" f && return 0
[ -z "$sdir" ] && sdir="$(mktemp -d)"
- mkdir -p "$sdir" || \
- $err "extract_intel_me: !mkdir -p \"$sdir\" - $dontflash"
+ x_ mkdir -p "$sdir"
set +u +e
(
[ "${cdir#/a}" != "$cdir" ] && cdir="${cdir#/}"
cd "$cdir" || $err "extract_intel_me: !cd \"$cdir\" - $dontflash"
for i in *; do
- [ -f "$_metmp" ] && break
+ e "$_metmp" f && break
[ -L "$i" ] && continue
if [ -f "$i" ]; then
_r="-r" && [ -n "$mfs" ] && _r=""
@@ -193,7 +187,7 @@ extract_intel_me_bruteforce()
cdir="$1"; [ "${cdir#/a}" != "$cdir" ] && cdir="${cdir#/}"
cd "$cdir" || :
done
- )
+ ) || :
rm -Rf "$sdir" || $err "extract_intel_me: !rm -Rf $sdir - $dontflash"
}
@@ -201,11 +195,10 @@ apply_me11_deguard_mod()
{
(
x_ cd src/deguard/
- ./finalimage.py --delta "data/delta/$ME11delta" \
+ x_ ./finalimage.py --delta "data/delta/$ME11delta" \
--version "$ME11version" \
--pch "$ME11pch" --sku "$ME11sku" --fake-fpfs data/fpfs/zero \
- --input "$_metmp" --output "$_me" || \
- $err "Error running deguard for $_me - $dontflash"
+ --input "$_metmp" --output "$_me"
) || $err "Error running deguard for $_me - $dontflash"
}
@@ -231,32 +224,24 @@ decat_fspfd()
_fspdir="$2"
_fspsplit="$cbdir/3rdparty/fsp/Tools/SplitFspBin.py"
- $python "$_fspsplit" split -f "$_fspfd" -o "$_fspdir" -n "Fsp.fd" || \
- $err "decat_fspfd '$1' '$2': Can't de-concatenate; $dontflash"; :
+ x_ $python "$_fspsplit" split -f "$_fspfd" -o "$_fspdir" -n "Fsp.fd"
}
extract_kbc1126ec()
{
- e "$kbc1126_ec_dump" f missing && \
- $err "$cbdir: kbc1126 util missing - $dontflash"
+ x_ e "$kbc1126_ec_dump" f
(
- x_ cd "$appdir/"; mv Rompaq/68*.BIN ec.bin || :
+ x_ cd "$appdir/"
+ mv Rompaq/68*.BIN ec.bin || :
if [ ! -f "ec.bin" ]; then
unar -D ROM.CAB Rom.bin || unar -D Rom.CAB Rom.bin || \
- unar -D 68*.CAB Rom.bin || \
- $err "can't extract Rom.bin - $dontflash"
+ unar -D 68*.CAB Rom.bin || $err "kbc1126 unar failed"
x_ mv Rom.bin ec.bin
fi
- [ -f ec.bin ] || \
- $err "extract_kbc1126_ec $board: can't extract - $dontflash"
- "$kbc1126_ec_dump" ec.bin || \
- $err "!1126ec $board extract ecfw - $dontflash"
- ) || $err "can't extract kbc1126 ec firmware - $dontflash"
+ x_ e ec.bin f && x_ "$kbc1126_ec_dump" ec.bin
+ ) || $err "$board: can't extract kbc1126 ec firmware - $dontflash"
- e "$appdir/ec.bin.fw1" f not && \
- $err "$board: kbc1126ec fetch failed - $dontflash"
- e "$appdir/ec.bin.fw2" f not && \
- $err "$board: kbc1126ec fetch failed - $dontflash"
+ x_ e "$appdir/ec.bin.fw1" f && x_ e "$appdir/ec.bin.fw2" f
cp "$appdir/"ec.bin.fw* "${_dest%/*}/" || \
$err "!cp 1126ec $_dest - $dontflash"; :
@@ -269,12 +254,10 @@ extract_e6400vga()
tail -c +$E6400_VGA_offset "$_dl" | gunzip > "$appdir/bios.bin" || :
(
x_ cd "$appdir"
- [ -f "bios.bin" ] || \
- $err "extract_e6400vga: can't extract bios.bin - $dontflash"
+ x_ e "bios.bin" f
"$e6400_unpack" bios.bin || printf "TODO: fix dell extract util\n"
) || $err "can't extract e6400 vga rom - $dontflosh"
- cp "$appdir/$E6400_VGA_romname" "$_dest" || \
- $err "extract_e6400vga $board: can't cp $_dest - $dontflash"; :
+ x_ cp "$appdir/$E6400_VGA_romname" "$_dest"
}
extract_sch5545ec()
@@ -287,8 +270,7 @@ extract_sch5545ec()
_sch5545ec_fw="$_sch5545ec_fw/0 Raw section/body.bin" # <-- this!
"$uefiextract" "$_bios" || $err "sch5545 !extract - $dontflash"
- cp "$_sch5545ec_fw" "$_dest" || \
- $err "$_dest: !sch5545 copy - $dontflash"; :
+ x_ cp "$_sch5545ec_fw" "$_dest"
}
# Lenovo ThunderBolt firmware updates:
@@ -303,14 +285,11 @@ extract_tbfw()
while read -r f; do
[ -f "$f" ] || continue
[ -L "$f" ] && continue
- cp "$f" "tmp/tb.bin" || \
- $err "extract_tbfw $_dest: Can't copy TBT.bin - $dontflash"
+ x_ cp "$f" "tmp/tb.bin"
break
done < "tmp/tb.txt"
- dd if=/dev/null of=tmp/tb.bin bs=1 seek=$TBFW_size || \
- $err "extract_tbfw $_dest: Can't pad TBT.bin - $dontflash"
- cp "tmp/tb.bin" "$_dest" || \
- $err "extract_tbfw $_dest: copy error - $dontflash "; :
+ x_ dd if=/dev/null of=tmp/tb.bin bs=1 seek=$TBFW_size
+ x_ cp "tmp/tb.bin" "$_dest"
}
extract_fspm()
@@ -326,8 +305,7 @@ extract_fsps()
# this copies the fsp s/m; re-base is handled by ./mk inject
copy_fsp()
{
- cp "$appdir/Fsp_$1.fd" "$_dest" || \
- $err "copy_fsp: Can't copy $1 to $_dest - $dontflash"; :
+ x_ cp "$appdir/Fsp_$1.fd" "$_dest"
}
fail_inject()
@@ -337,112 +315,54 @@ fail_inject()
printf "\n\n%s\n\n" "$dontflash" 1>&2
printf "WARNING: File '%s' was NOT modified.\n\n" "$archive" 1>&2
printf "Please MAKE SURE vendor files are inserted before flashing\n\n"
- fail "$1"
+ err_ "$1"
}
vendor_inject()
{
- need_files="n" # will be set to "y" if vendorfiles needed
- _olderr="$err"
+ need_files="n"
err="fail_inject"
remkdir "$tmpromdel"
- set +u +e; [ $# -lt 1 ] && $err "No options specified. - $dontflash"
+ set +u +e
+ [ $# -lt 1 ] && $err "No options specified. - $dontflash"
eval "`setvars "" nukemode new_mac xchanged`"
- # randomise the MAC address by default
- # TODO: support setting CBFS MAC address for GA-G41M-ES2L
+ archive="$1";
new_mac="??:??:??:??:??:??"
- archive="$1";
[ $# -gt 1 ] && case "$2" in
nuke)
new_mac=""
nukemode="nuke" ;;
setmac)
[ $# -gt 2 ] && new_mac="$3" && \
- [ -z "$new_mac" ] && $err \
- "You set an empty MAC address string" ;;
+ [ -z "$new_mac" ] && $err "Empty MAC address specified" ;;
*) $err "Unrecognised inject mode: '$2'"
esac
-
- # allow the user to skip setting MAC addresses.
- # if new_mac is empty, this script skips running nvmutil
[ "$new_mac" = "keep" ] && new_mac=""
- # we don't allow the *user* to clear new_mac, in the setmac
- # command, in case the build system is being integrated with
- # another, where setmac is relied upon and is being set
- # explicitly. this is a preventative error handle, as a courtes
- # to that hypothetical user e.g. Linux distro package maintainer
- # integrating this build system into their distro. if they used
- # a variable for that, and they forgot to initialise it, they'll know.
-
- check_release "$archive" || \
- $err "You must run this script on a release archive. - $dontflash"
-
- [ "$new_mac" = "restore" ] && \
- printf "Restoring default GbE for '$archive', board '$board'\n"
+ check_release "$archive" || $err "'$archive' is not a release archive"
readcfg && need_files="y"
if [ "$need_files" = "y" ] || [ -n "$new_mac" ]; then
- [ "$nukemode" = "nuke" ] || x_ ./mk download "$board"
+ [ "$nukemode" != "nuke" ] && [ "$need_files" = "y" ] && \
+ x_ ./mk download "$board"
patch_release_roms
fi
- [ "$need_files" != "y" ] && printf \
- "\nTarball '%s' (board '%s) doesn't need vendorfiles.\n" \
- "$archive" "$board" 1>&2
xtype="patched" && [ "$nukemode" = "nuke" ] && xtype="nuked"
- [ "$xchanged" != "y" ] && \
- printf "\nRelease archive '%s' was *NOT* modified.\n" \
- "$archive" && [ "$has_hashes" = "y" ] && \
- printf "WARNING: '%s' contains '%s'. DO NOT FLASH!\n" \
- "$archive" "$hashfile" 1>&2 && \
- printf "(vendorfiles may be needed and aren't there)\n" \
- 1>&2
- [ "$xchanged" = "y" ] && \
- printf "\nRelease archive '%s' successfully %s.\n" \
- "$archive" "$xtype" && [ "$nukemode" != "nuke" ] && \
- printf "You may now extract '%s' and flash images from it.\n" \
- "$archive"
- [ "$xchanged" = "y" ] && [ "$nukemode" = "nuke" ] && \
- printf "WARNING! Vendorfiles *removed*. DO NOT FLASH.\n" 1>&2 \
- && printf "DO NOT flash images from '%s'\n" \
- "$archive" 1>&2
-
- [ "$need_files" = "n" ] && printf \
- "Board '%s' doesn't use vendorfiles, so none were inserted.\n" \
- "$board"
-
- #
- # catch-all error handler, for libreboot release opsec:
- #
- # if vendor files defined, and a hash file was missing, that means
- # a nuke must succeed, if specified. if no hashfile was present,
- # that means vendorfiles had been injected, so a nuke must succeed.
- # this check is here in case of future bugs in lbmk's handling
- # of vendorfile deletions on release archives, which absolutely
- # must always be 100% reliable, so paranoia is paramount:
- #
- if [ "$xchanged" != "y" ] && [ "$need_files" = "y" ] && \
- [ "$nukemode" = "nuke" ] && [ "$has_hashes" != "y" ]; then
- printf "FAILED NUKE: tarball '$archive', board '$board'\n" 1>&2
- $err "Unhandled vendorfile deletion: DO NOT RELEASE TO RSYNC"
- fi # of course, we assume that those variables are also set right
-
- err="$_olderr"
- return 0
+ [ "$xchanged" != "y" ] && printf "\n'%s' *NOT* modified.\n" "$archive"
+ [ "$xchanged" = "y" ] && printf "\n'%s' %s.\n" "$archive" "$xtype"; :
}
check_release()
{
- [ -L "$archive" ] && \
- $err "'$archive' is a symlink, not a file - $dontflash"
- [ -f "$archive" ] || return 1
+ [ -L "$archive" ] && $err "'$archive' is a symlink. $dontflash"
+ e "$archive" f missing && return 1
+
archivename="`basename "$archive"`"
- [ -z "$archivename" ] && \
- $err "Cannot determine archive file name - $dontflash"
+ [ -z "$archivename" ] && $err "Can't determine archive name. $dontflash"
case "$archivename" in
*_src.tar.xz)
@@ -457,18 +377,17 @@ check_release()
readcfg()
{
- if [ "$board" = "serprog_rp2040" ] || \
- [ "$board" = "serprog_stm32" ] || \
- [ "$board" = "serprog_pico" ]; then
+ if [ "$board" = "serprog_rp2040" ] || [ "$board" = "serprog_stm32" ] \
+ || [ "$board" = "serprog_pico" ]; then
return 1
fi
boarddir="$cbcfgsdir/$board"
eval "`setcfg "$boarddir/target.cfg"`"
- chkvars tree
- x_ ./mk -d coreboot "$tree" # even if vendorfiles not used, see: setmac
+ chkvars tree && x_ ./mk -d coreboot "$tree"
[ -z "$vcfg" ] && return 1
+
vfile="config/vendor/$vcfg/pkg.cfg"
[ -L "$vfile" ] && $err "'$archive', '$board': $vfile is a symlink"
[ -f "$vfile" ] || $err "'$archive', '$board': $vfile doesn't exist"
@@ -476,8 +395,8 @@ readcfg()
cbdir="src/coreboot/$tree"
cbfstool="elf/cbfstool/$tree/cbfstool"
rmodtool="elf/cbfstool/$tree/rmodtool"
- mecleaner="$PWD/$cbdir/util/me_cleaner/me_cleaner.py"
- kbc1126_ec_dump="$PWD/$cbdir/util/kbc1126/kbc1126_ec_dump"
+ mecleaner="$xbmkpwd/$cbdir/util/me_cleaner/me_cleaner.py"
+ kbc1126_ec_dump="$xbmkpwd/$cbdir/util/kbc1126/kbc1126_ec_dump"
cbfstool="elf/cbfstool/$tree/cbfstool"
ifdtool="elf/ifdtool/$tree/ifdtool"
[ -n "$IFD_platform" ] && ifdprefix="-p $IFD_platform"; :
@@ -486,23 +405,19 @@ readcfg()
patch_release_roms()
{
has_hashes="n"
-
tmpromdir="tmp/DO_NOT_FLASH/bin/$board"
+
remkdir "${tmpromdir%"/bin/$board"}"
- tar -xf "$archive" -C "${tmpromdir%"/bin/$board"}" || \
- $err "Can't extract '$archive'"
+ x_ tar -xf "$archive" -C "${tmpromdir%"/bin/$board"}"
for _hashes in $hashfiles; do
- [ -L "$tmpromdir/$_hashes" ] && \
- $err "'$archive' -> the hashfile is a symlink. $dontflash"
- [ -f "$tmpromdir/$_hashes" ] && has_hashes="y" && \
+ [ "$need_files" = "y" ] || break
+ e "$tmpromdir/$_hashes" f && has_hashes="y" && \
hashfile="$_hashes" && break; :
done
- x_ mkdir -p "tmp"; [ -L "tmp/rom.list" ] && \
+ x_ mkdir -p "tmp" && [ -L "tmp/rom.list" ] && \
$err "'$archive' -> tmp/rom.list is a symlink - $dontflash"
- x_ rm -f "tmp/rom.list" "tmp/zero.1b"
- x_ dd if=/dev/zero of=tmp/zero.1b bs=1 count=1
find "$tmpromdir" -maxdepth 1 -type f -name "*.rom" > "tmp/rom.list" \
|| $err "'$archive' -> Can't make tmp/rom.list - $dontflash"
@@ -511,128 +426,80 @@ patch_release_roms()
while read -r _xrom ; do
process_release_rom "$_xrom" || break
done < "tmp/rom.list"
- rm -f "$tmpromdir/README.md" || :
[ "$nukemode" != "nuke" ] || \
- printf "Make sure you inserted vendor files: %s\n" \
- "$vguide" > "$tmpromdir/README.md" || :
+ printf "Make sure you inserted vendor files: %s\n" \
+ "$vguide" > "$tmpromdir/README.md" || :
else
printf "Skipping vendorfiles on '%s'\n" "$archive" 1>&2
+ need_files="n"
fi
(
+ [ "$need_files" = "y" ] || exit 0
cd "$tmpromdir" || $err "patch '$archive': can't cd $tmpromdir"
# NOTE: For compatibility with older rom releases, defer to sha1
if [ "$has_hashes" = "y" ] && [ "$nukemode" != "nuke" ]; then
sha512sum --status -c "$hashfile" || \
- sha1sum --status -c "$hashfile" || \
- $err "'$archive' -> Can't verify vendor hashes. $dontflash"
- rm -f "$hashfile" || \
- $err "$archive: Can't rm hashfile. $dontflash"
+ x_ sha1sum --status -c "$hashfile"
+ x_ rm -f "$hashfile"
fi
) || $err "'$archive' -> Can't verify vendor hashes. $dontflash"
- if [ -n "$new_mac" ]; then
- if ! modify_mac_addresses; then
- printf "\nNo GbE region defined for '%s'\n" "$board" \
- 1>&2
- printf "Therefore, changing the MAC is impossible.\n" \
- 1>&2
- printf "This board probably lacks Intel ethernet.\n" \
- 1>&2
- printf "(or it's pre-IFD Intel with Intel GbE NIC)\n" \
- 1>&2
- fi
- fi
+ [ -z "$new_mac" ] || modify_mac || printf "\nGbE not defined\n" 1>&2
[ "$xchanged" = "y" ] || rm -Rf "$tmpromdel" || :
[ "$xchanged" = "y" ] || return 0
+
(
- cd "${tmpromdir%"/bin/$board"}" || \
- $err "Can't cd '${tmpromdir%"/bin/$board"}'; $dontflash"
- # ../../ is the root of lbmk
- mkrom_tarball "bin/$board"
+ x_ cd "${tmpromdir%"/bin/$board"}"
+ mkrom_tarball "bin/$board"
) || $err "Cannot re-generate '$archive' - $dontflash"
mv "${tmpromdir%"/bin/$board"}/bin/${relname}_${board}.tar.xz" \
- "$archive" || \
- $err "'$archive' -> Cannot overwrite - $dontflash"; :
+ "$archive" || $err "'$archive' -> Can't overwrite - $dontflash"; :
}
process_release_rom()
{
_xrom="$1"
_xromname="${1##*/}"
+ _xromnew="${_xrom%/*}/${_xromname#"$vfix"}"
+ [ "$nukemode" = "nuke" ] && _xromnew="${_xrom%/*}/$vfix${_xrom##*/}"
- [ -L "$_xrom" ] && \
- $err "$archive -> '${_xrom#"tmp/DO_NOT_FLASH/"}' is a symlink"
- [ -f "$_xrom" ] || return 0
+ e "$_xrom" f missing && return 0
+ [ -z "${_xromname#"$vfix"}" ] && $err "$_xromname / $vfix: name match"
- [ -z "${_xromname#"$vfix"}" ] && \
- $err "'$_xromname'->'"${_xromname#"$vfix"}"' empty. $dontflash"
# Remove the prefix and 1-byte pad
if [ "$nukemode" != "nuke" ] && \
[ "${_xromname#"$vfix"}" != "$_xromname" ]; then
- _xromnew="${_xrom%/*}/${_xromname#"$vfix"}"
-
- # Remove the 1-byte padding
- stat -c '%s' "$_xrom" > "tmp/rom.size" || \
- $err "$_xrom: Can't get rom size. $dontflash"
- read -r xromsize < "tmp/rom.size" || \
- $err "$_xrom: Can't read rom size. $dontflash"
-
- expr "X$xromsize" : "X-\{0,1\}[0123456789][0123456789]*$" \
- 1>/dev/null 2>/dev/null || $err "$_xrom size non-integer"
- [ $xromsize -lt 2 ] && $err \
- "$_xrom: Will not create empty file. $dontflash"
-
- # TODO: check whether the size would be a multiple of 64KB
- # the smallest rom images we do are 512kb
- xromsize="`expr $xromsize - 1`"
- [ $xromsize -lt 524288 ] && \
- $err "$_xrom size too small; likely not a rom. $dontflash"
-
- dd if="$_xrom" of="$_xromnew" bs=$xromsize count=1 || \
- $err "$_xrom: Can't resize. $dontflash"
+ xromsize="$(expr $(stat -c '%s' "$_xrom") - 1)" || $err "!int"
+ [ $xromsize -lt 524288 ] && $err "too small, $xromsize: $_xrom"
+
+ x_ dd if="$_xrom" of="$_xromnew" bs=$xromsize count=1
rm -f "$_xrom" || $err "Can't rm $_xrom - $dontflash"
_xrom="$_xromnew"
fi
- [ "$nukemode" = "nuke" ] && \
- mksha512sum "$_xrom" "vendorhashes"
+ [ "$nukemode" = "nuke" ] && mksha512sum "$_xrom" "vendorhashes"
patch_rom "$_xrom" || return 1 # if break return, can still change MAC
[ "$nukemode" != "nuke" ] && return 0
# Rename the file, prefixing a warning saying not to flash
- # the target image, which now has vendor files removed. Also
- # pad it so that flashprog returns an error if the user tries
- # to flash it, due to mismatching ROM size vs chip size
- cat "$_xrom" tmp/zero.1b > "${_xrom%/*}/$vfix${_xrom##*/}" || \
- $err "'$archive' -> can't pad/rename '$_xrom'. $dontflash"
- rm -f "$_xrom" || $err "'$archive' -> can't rm '$_xrom'. $dontflash"
+ cat "$_xrom" config/data/coreboot/0 > "$_xromnew" || $err "!pad $_xrom"
+ x_ rm -f "$_xrom"
}
patch_rom()
{
rom="$1"
- # regarding ifs below:
- # if a hash file exists, we only want to allow inject.
- # if a hash file is missing, we only want to allow nuke.
- # this logical rule prevents double-nuke and double-inject
-
- # if injecting without a hash file i.e. inject what was injected
- # (or inject where no vendor files are needed, covered previously)
if [ "$has_hashes" != "y" ] && [ "$nukemode" != "nuke" ]; then
- printf "inject: '%s' has no hash file. Skipping.\n" \
- "$archive" 1>&2
+ printf "'%s' has no hash file. Skipping.\n" "$archive" 1>&2
return 1
- fi
- # nuking *with* a hash file, i.e. nuking what was nuked before
- if [ "$has_hashes" = "y" ] && [ "$nukemode" = "nuke" ]; then
- printf "inject nuke: '%s' has a hash file. Skipping nuke.\n" \
- "$archive" 1>&2
+ elif [ "$has_hashes" = "y" ] && [ "$nukemode" = "nuke" ]; then
+ printf "'%s' has a hash file. Skipping nuke.\n" "$archive" 1>&2
return 1
fi
@@ -649,25 +516,12 @@ patch_rom()
[ "$CONFIG_INCLUDE_SMSC_SCH5545_EC_FW" = "y" ] && \
[ -n "$CONFIG_SMSC_SCH5545_EC_FW_FILE" ] && \
inject sch5545_ecfw.bin "$CONFIG_SMSC_SCH5545_EC_FW_FILE" raw
- #
- # coreboot adds FSP-M first. so we shall add it first, then S:
- # NOTE:
- # We skip the fetch if CONFIG_FSP_USE_REPO or CONFIG_FSP_FULL_FD is set
- # but only for inject/nuke. we still run fetch (see above) because on
- # _fsp targets, coreboot still needs them, but coreboot Kconfig uses
- # makefile syntax and puts $(obj) in the path, which makes no sense
- # in sh. So we modify the path there, but lbmk only uses the file
- # in vendorfiles/ if neither CONFIG_FSP_USE_REPO nor CONFIG_FSP_FULL_FD
- # are set
- #
[ -z "$CONFIG_FSP_USE_REPO" ] && [ -z "$CONFIG_FSP_FULL_FD" ] && \
[ -n "$CONFIG_FSP_M_FILE" ] && \
inject "$CONFIG_FSP_M_CBFS" "$CONFIG_FSP_M_FILE" fsp --xip
[ -z "$CONFIG_FSP_USE_REPO" ] && [ -z "$CONFIG_FSP_FULL_FD" ] && \
[ -n "$CONFIG_FSP_S_FILE" ] && \
inject "$CONFIG_FSP_S_CBFS" "$CONFIG_FSP_S_FILE" fsp
- # TODO: modify gbe *after checksum verification only*
- # TODO: insert default gbe if doing -n nuke
printf "ROM image successfully patched: %s\n" "$rom"
xchanged="y"
@@ -675,11 +529,13 @@ patch_rom()
inject()
{
- [ $# -lt 3 ] && $err "$*, $rom: usage: inject name path type (offset)"
[ "$2" = "/dev/null" ] && return 0
- eval "`setvars "" cbfsname _dest _t _offset`"
- cbfsname="$1"; _dest="${2##*../}"; _t="$3"
+ cbfsname="$1"
+ _dest="${2##*../}"
+ _t="$3"
+
+ _offset=""
if [ "$_t" = "fsp" ]; then
[ $# -gt 3 ] && _offset="$4"
@@ -688,7 +544,7 @@ inject()
$err "inject $*, $rom: offset given but empty (undefined)"
fi
- e "$_dest" f n && [ "$nukemode" != "nuke" ] && $err "!inject $dl_type"
+ [ "$nukemode" = "nuke" ] || x_ e "$_dest" f
if [ "$cbfsname" = "IFD" ]; then
[ "$nukemode" = "nuke" ] || "$ifdtool" $ifdprefix -i \
@@ -696,16 +552,11 @@ inject()
$err "failed: inject '$_t' '$_dest' on '$rom'"
[ "$nukemode" != "nuke" ] || "$ifdtool" $ifdprefix --nuke $_t \
"$rom" -O "$rom" || $err "$rom: !nuke IFD/$_t"
- xchanged="y"
- return 0
elif [ "$nukemode" = "nuke" ]; then
- "$cbfstool" "$rom" remove -n "$cbfsname" || \
- $err "inject $rom: can't remove $cbfsname"
- xchanged="y"
- return 0
- fi
- if [ "$_t" = "stage" ]; then # the only stage we handle is refcode
- x_ mkdir -p tmp; x_ rm -f "tmp/refcode"
+ x_ "$cbfstool" "$rom" remove -n "$cbfsname"
+ elif [ "$_t" = "stage" ]; then # the only stage we handle is refcode
+ x_ mkdir -p tmp
+ x_ rm -f "tmp/refcode"
"$rmodtool" -i "$_dest" -o "tmp/refcode" || "!reloc refcode"
"$cbfstool" "$rom" add-stage -f "tmp/refcode" -n "$cbfsname" \
-t stage || $err "$rom: !add ref"
@@ -716,45 +567,26 @@ inject()
xchanged="y"; :
}
-modify_mac_addresses()
+modify_mac()
{
- [ "$nukemode" = "nuke" ] && \
- $err "Cannot modify MAC addresses while nuking vendor files"
-
- # chkvars CONFIG_GBE_BIN_PATH
[ -n "$CONFIG_GBE_BIN_PATH" ] || return 1
- e "${CONFIG_GBE_BIN_PATH##*../}" f n && $err "missing gbe file"
- [ "$new_mac" != "restore" ] && \
- x_ make -C util/nvmutil
-
- x_ mkdir -p tmp
- [ -L "tmp/gbe" ] && $err "tmp/gbe exists but is a symlink"
- [ -d "tmp/gbe" ] && $err "tmp/gbe exists but is a directory"
- if [ -e "tmp/gbe" ]; then
- [ -f "tmp/gbe" ] || $err "tmp/gbe exists and is not a file"
- fi
- x_ cp "${CONFIG_GBE_BIN_PATH##*../}" "tmp/gbe"
-
- [ "$new_mac" != "restore" ] && \
- x_ "util/nvmutil/nvm" "tmp/gbe" setmac "$new_mac"
+ x_ mkdir -p tmp && x_ cp "${CONFIG_GBE_BIN_PATH##*../}" tmp/gbe
+ [ "$new_mac" != "restore" ] && x_ make -C util/nvmutil && \
+ x_ "$nvm" tmp/gbe setmac "$new_mac"
find "$tmpromdir" -maxdepth 1 -type f -name "*.rom" > "tmp/rom.list" \
|| $err "'$archive' -> Can't make tmp/rom.list - $dontflash"
while read -r _xrom; do
- [ -L "$_xrom" ] && continue
- [ -f "$_xrom" ] || continue
- "$ifdtool" $ifdprefix -i GbE:"tmp/gbe" "$_xrom" -O \
- "$_xrom" || $err "'$_xrom': Can't insert new GbE file"
- xchanged="y"
+ e "$_xrom" f && xchanged="y" && x_ \
+ "$ifdtool" $ifdprefix -i GbE:tmp/gbe "$_xrom" -O "$_xrom"
done < "tmp/rom.list"
- printf "\nThe following GbE NVM words were written in '%s':\n" \
- "$archive"
- x_ util/nvmutil/nvm tmp/gbe dump | grep -v "bytes read from file" || :
+
+ printf "\nGbE NVM written to '%s':\n" "$archive"
+ x_ "$nvm" tmp/gbe dump | grep -v "bytes read from file" || :
[ "$new_mac" = "restore" ] && \
- printf "\nNOTE: User specified setmac 'restore' argument.\n" && \
- printf "Default GbE file '%s' written without running nvmutil.\n" \
- "${CONFIG_GBE_BIN_PATH##*../}"; :
+ printf "\nDefault GbE file '%s' written, unmodified.\n" \
+ "${CONFIG_GBE_BIN_PATH##*../}"; :
}
generated by cgit v1.2.1 (git 2.18.0) at 2025-04-21 00:05:36 +0000