diff options
Diffstat (limited to 'resources/scripts/update/blobs/download')
-rwxr-xr-x | resources/scripts/update/blobs/download | 469 |
1 files changed, 0 insertions, 469 deletions
diff --git a/resources/scripts/update/blobs/download b/resources/scripts/update/blobs/download deleted file mode 100755 index 0896ed47..00000000 --- a/resources/scripts/update/blobs/download +++ /dev/null @@ -1,469 +0,0 @@ -#!/usr/bin/env sh - -# SPDX-FileCopyrightText: 2022 Caleb La Grange <thonkpeasant@protonmail.com> -# SPDX-FileCopyrightText: 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com> -# SPDX-FileCopyrightText: 2023 Leah Rowe <info@minifree.org> -# SPDX-License-Identifier: GPL-3.0-only - -ec_url="" -ec_url_bkup="" -ec_hash="" -dl_hash="" -dl_url="" -dl_url_bkup="" -dl_path="" -e6400_vga_dl_hash="" -e6400_vga_dl_url="" -e6400_vga_dl_url_bkup="" -e6400_vga_offset="" -e6400_vga_romname="" - -cbdir="coreboot/default" -cbcfgsdir="resources/coreboot" -boarddir="" -blobdir="blobs" -appdir="${blobdir}/app" -_7ztest="a" -mecleaner="$(pwd)/me_cleaner/me_cleaner.py" -e6400_unpack="$(pwd)/bios_extract/dell_inspiron_1100_unpacker.py" -me7updateparser="$(pwd)/resources/blobs/me7_update_parser.py" -kbc1126_ec_dump="$(pwd)/${cbdir}/util/kbc1126/kbc1126_ec_dump" -board="" -_b="" # board shorthand without e.g. _4mb (avoid duplication per flash size) - -CONFIG_HAVE_MRC="" -CONFIG_HAVE_IFD_BIN="" -CONFIG_HAVE_ME_BIN="" -CONFIG_HAVE_GBE_BIN="" -CONFIG_KBC1126_FIRMWARE="" -CONFIG_BOARD_DELL_E6400="" -CONFIG_VGA_BIOS_FILE="" - -main() -{ - board="${1}" - boarddir="${cbcfgsdir}/${board}" - - exit_if_no_config="exit 0" - for x in "${boarddir}"/config/*; do - if [ -f "${x}" ]; then - exit_if_no_config="" - fi - done - eval "${exit_if_no_config}" - - if [ ! -d "${boarddir}" ]; then - fail "Target not defined" - elif [ ! -f "${boarddir}/board.cfg" ]; then - fail "Target missing board.cfg" - fi - - detect_firmware || exit 0 - scan_sources_config - - build_dependencies - download_blobs -} - -detect_firmware() -{ - set -- "${boarddir}/config/"* - . ${1} 2>/dev/null - . "${boarddir}/board.cfg" - - if [ "${CONFIG_HAVE_MRC}" = "y" ]; then - needs="${needs} MRC" - fi - if [ "${CONFIG_HAVE_IFD_BIN}" = "y" ]; then - needs="${needs} IFD" - fi - if [ "${CONFIG_HAVE_ME_BIN}" = "y" ]; then - needs="${needs} ME" - fi - if [ "${CONFIG_HAVE_GBE_BIN}" = "y" ]; then - needs="${needs} GBE" - fi - if [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ]; then - needs="${needs} EC" - fi - if [ "${CONFIG_BOARD_DELL_E6400}" = "y" ] \ - && [ "${CONFIG_VGA_BIOS_FILE}" != "" ]; then - needs="${needs} E6400VGA" - fi - if [ -z ${needs+x} ]; then - printf 'No binary blobs needed for this board\n' - return 1 - fi - printf "Firmware needed for board %s: %s\n" ${board} ${needs} -} - -scan_sources_config() -{ - # Shorthand (avoid duplicating configs per flash size) - _b=${board%%_*mb} - - awkstr=" /\{.*${_b}.*}{/ {flag=1;next} /\}/{flag=0} flag { print }" - - while read -r line ; do - case ${line} in - EC_url*) - set ${line} - ec_url=${2} - ;; - EC_url_bkup*) - set ${line} - ec_url_bkup=${2} - ;; - EC_hash*) - set ${line} - ec_hash=${2} - ;; - DL_hash*) - set ${line} - dl_hash=${2} - ;; - DL_url*) - set ${line} - dl_url=${2} - ;; - DL_url_bkup*) - set ${line} - dl_url_bkup=${2} - ;; - E6400_VGA_DL_hash*) - set ${line} - e6400_vga_dl_hash=${2} - ;; - E6400_VGA_DL_url*) - set ${line} - e6400_vga_dl_url=${2} - ;; - E6400_VGA_DL_url_bkup*) - set ${line} - e6400_vga_dl_url_bkup=${2} - ;; - E6400_VGA_offset*) - set ${line} - e6400_vga_offset=${2} - ;; - E6400_VGA_romname*) - set ${line} - e6400_vga_romname=${2} - ;; - esac - done << EOF - $(eval "awk '${awkstr}' resources/blobs/sources") -EOF -} - -build_dependencies() -{ - if [ ! -d me_cleaner ]; then - printf "downloading me_cleaner\n" - ./download me_cleaner || fail "could not download me_cleaner" - fi - if [ ! -d ${cbdir} ]; then - printf "downloading coreboot\n" - ./download coreboot default \ - || fail "could not download coreboot" - fi - if [ ! -d bios_extract ]; then - printf "downloading bios_extract\n" - ./download bios_extract \ - || fail "could not download bios_extract" - fi - if [ ! -f ${cbdir}/util/kbc1126/kbc1126_ec_dump ]; then - printf "Building kbc1126_ec_dump from coreboot\n" - make -BC ${cbdir}/util/kbc1126 \ - || fail "could not build kbc1126_ec_dump" - fi - if [ ! -f "${cbdir}/util/ifdtool/ifdtool" ]; then - printf "building ifdtool from coreboot\n" - make -C ${cbdir}/util/ifdtool \ - || fail 'could not build ifdtool' - fi -} - -download_blobs() -{ - for need in ${needs}; do - case ${need} in - *ME*) - download_blob_intel_me || _failed="${_failed} me" - ;; - *EC*) - download_ec || _failed="${_failed} ec" - ;; - *E6400VGA*) - download_e6400vga || _failed="${_failed} e6400vga" - ;; - *MRC*) - ./download mrc || _failed="${_failed} mrc" - ;; - esac - done - - if [ ! -z ${_failed+x} ]; then - fail "failed to obtain ${_failed}\nTry manual extraction?" - fi -} - -download_blob_intel_me() -{ - printf "Downloading neutered ME for board: %s\n" ${board} - - fetch_update me || return 1 - extract_blob_intel_me || return 1 -} - -extract_blob_intel_me() -{ - printf "Extracting neutered ME for ${board}\n" - - _me_destination=${CONFIG_ME_BIN_PATH#../../} - - if [ ! -d "${_me_destination%/*}" ]; then - mkdir -p ${_me_destination%/*} - fi - if [ -d "${appdir}" ]; then - rm -r ${appdir} - fi - if [ -f "${_me_destination}" ]; then - printf 'me already downloaded\n' - return 0 - fi - - printf "Extracting and stripping Intel ME firmware\n" - - innoextract ${dl_path} -d ${blobdir} \ - || 7z x ${dl_path} -o${appdir} \ - || fail 'Could not extract vendor update' - - bruteforce_extract_blob_intel_me "$(pwd)/${_me_destination}" \ - "$(pwd)/${appdir}" \ - || fail "Could not extract Intel ME firmware" - - printf "Truncated and cleaned me output to ${_me_destination}\n" -} - -# cursed, carcinogenic code. TODO rewrite it better -bruteforce_extract_blob_intel_me() -{ - _me_destination="${1}" - cdir="${2}" # must be an absolute path, not relative - - if [ -f "${_me_destination}" ]; then - return 0 - fi - - sdir="$(mktemp -d)" - mkdir -p "${sdir}" || return 1 - - ( - printf "Entering %s\n" "${cdir}" - cd "${cdir}" || exit 1 - for i in *; do - if [ -f "${_me_destination}" ]; then - # me.bin found, so avoid needless further traversal - break - elif [ -L "${i}" ]; then - # symlinks are a security risk, in this context - continue - elif [ -f "${i}" ]; then - "${mecleaner}" -r -t -O "${sdir}/vendorfile" \ - -M "${_me_destination}" "${i}" \ - && break # (we found me.bin) - "${mecleaner}" -r -t -O "${_me_destination}" "${i}" \ - && break # (we found me.bin) - "${me7updateparser}" -O ${_me_destination} "${i}" \ - && break # (we found me.bin) - _7ztest="${_7ztest}a" - 7z x "${i}" -o${_7ztest} || continue - bruteforce_extract_blob_intel_me "${_me_destination}" \ - "${cdir}/${_7ztest}" - cdir="${1}" - cd "${cdir}" - elif [ -d "$i" ]; then - bruteforce_extract_blob_intel_me "${_me_destination}" \ - "${cdir}/${i}" - cdir="${1}" - cd "${cdir}" - else - printf "SKIPPING: %s\n" "${i}" - fi - done - ) - - rm -Rf "${sdir}" - - if [ ! -f "${_me_destination}" ]; then - printf "me.bin not found in vendor update for: %s\n" ${board} - return 1 - fi -} - -download_ec() -{ - printf "Downloading KBC1126 EC firmware for HP laptop\n" - - fetch_update ec || return 1 - extract_ec || return 1 -} - -extract_ec() -{ - printf "Extracting KBC1126 EC firmware for board: %s\n" ${board} - - _ec_destination=${CONFIG_KBC1126_FW1#../../} - - if [ ! -d "${_ec_destination%/*}" ]; then - mkdir -p "${_ec_destination%/*}" - fi - if [ -d "${appdir}" ]; then - rm -Rf "${appdir}" - fi - if [ -f "${_ec_destination}" ]; then - printf "ec already downloaded\n" - return 0 - fi - - unar "${dl_path}" -o "${appdir}" - - ( - cd "${appdir}/${dl_path##*/}" - - mv Rompaq/68*.BIN ec.bin - if [ ! -f ec.bin ]; then - unar -D ROM.CAB Rom.bin - mv Rom.bin ec.bin - fi - - "${kbc1126_ec_dump}" ec.bin - ) - - for i in 1 2; do - if [ -f "${appdir}/${dl_path##*/}/ec.bin.fw${i}" ]; then - continue - fi - printf "Not found: %s/%s/ec.bin.fw%s\n" \ - ${appdir} ${dl_path##*/} ${i} - printf "Could not extract EC firmware for: %s\n" \ - ${board} - return 1 - done - - cp "${appdir}/${dl_path##*/}"/ec.bin.fw* "${_ec_destination%/*}/" -} - -download_e6400vga() -{ - printf "Downloading Nvidia VGA ROM for Dell Latitude E6400\n" - - fetch_update e6400vga || return 1 - extract_e6400vga || return 1 -} - -extract_e6400vga() -{ - printf "Extracting Nvidia VGA ROM for ${board}\n" - - _vga_destination=${CONFIG_VGA_BIOS_FILE#../../} - - if [ -f "${_vga_destination}" ]; then - printf 'vga rom already downloaded\n' - return 0 - fi - if [ ! -d "${_vga_destination%/*}" ]; then - mkdir -p ${_vga_destination%/*} - fi - if [ -d "${appdir}" ]; then - rm -r ${appdir} - fi - - mkdir -p "${appdir}" - mv "${dl_path}" "${appdir}" - - if [ "${e6400_vga_offset}" = "" ]; then - printf "E6400 VGA offset not defined\n" - return 1 - elif [ "${e6400_vga_romname}" = "" ]; then - printf "E6400 VGA ROM name not defined\n" - return 1 - fi - - ( - cd "${appdir}" - tail -c +${e6400_vga_offset} "${dl_path##*/}" \ - | gunzip > bios.bin - if [ ! -f "bios.bin" ]; then - fail 'Could not extract bios.bin from Dell E6400 update' - fi - "${e6400_unpack}" bios.bin || printf "TODO: fix dell extract util\n" - if [ ! -f "${e6400_vga_romname}" ]; then - fail 'Could not extract VGA ROM from Dell E6400 BIOS update' - fi - ) - - cp "${appdir}"/"${e6400_vga_romname}" "${_vga_destination}" - - printf "E6400 Nvidia ROM saved to: %s\n" "${_vga_destination}" -} - -fetch_update() -{ - printf "Fetching vendor update for board: %s\n" ${board} - - fw_type="${1}" - dl="" - dl_bkup="" - dlsum="" - if [ "${fw_type}" = "me" ]; then - dl=${dl_url} - dl_bkup=${dl_url_bkup} - dlsum=${dl_hash} - elif [ "${fw_type}" = "ec" ]; then - dl=${ec_url} - dl_bkup=${ec_url_bkup} - dlsum=${ec_hash} - elif [ "${fw_type}" = "e6400vga" ]; then - dl=${e6400_vga_dl_url} - dl_bkup=${e6400_vga_dl_url_bkup} - dlsum=${e6400_vga_dl_hash} - else - printf "Unsupported download type: %s\n" ${fw_type} - return 1 - fi - - if [ -z "${dl_url+x}" ] && [ "${fw_type}" != "e6400vga" ]; then - printf "No vendor update specified for board: %s\n" ${board} - return 1 - fi - - dl_path=${blobdir}/cache/${dlsum} - mkdir -p ${blobdir}/cache - - vendor_checksum ${dlsum} || \ - wget ${dl} -O ${dl_path} || wget ${dl_bkup} -O ${dl_path} - - vendor_checksum ${dlsum} || fail \ - "Cannot guarantee intergity of vendor update for: ${board}" -} - -vendor_checksum() -{ - if [ ! -f "${dl_path}" ]; then - printf "Vendor update not found on disk for: %s\n" ${board} - return 1 - elif [ "$(sha1sum ${dl_path} | awk '{print $1}')" != "${1}" ]; then - printf "Bad checksum on vendor update for: %s\n" ${board} - return 1 - fi -} - -fail() -{ - printf "\nERROR: $@\n" - exit 1 -} - -main $@ |