diff options
Diffstat (limited to 'script/update/blobs/mrc')
-rwxr-xr-x | script/update/blobs/mrc | 184 |
1 files changed, 184 insertions, 0 deletions
diff --git a/script/update/blobs/mrc b/script/update/blobs/mrc new file mode 100755 index 00000000..c069e678 --- /dev/null +++ b/script/update/blobs/mrc @@ -0,0 +1,184 @@ +#!/usr/bin/env sh + +# Download Intel MRC images +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +export PATH="${PATH}:/sbin" + +# This file is forked from util/chromeos/crosfirmware.sh in coreboot cfc26ce278 +# Changes to it in *this version* are copyright 2021 and 2023 Leah Rowe, under +# the same license as above. + +# use updated manifest from wayback machine, when updating mrc.bin, +# and update the other variables below accordingly. current manifest used: +# https://web.archive.org/web/20210211071412/https://dl.google.com/dl/edgedl/chromeos/recovery/recovery.conf + +# the wayback machine is used so that we get the same manifest. google +# does not seem to version the manifest, but archives are available + +# variables taken from that manifest: + +_board="peppy" +_file="chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin" +_url="https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin.zip" +_url2="https://web.archive.org/web/20200516070928/https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin.zip" +_sha1sum="cd5917cbe7f821ad769bf0fd87046898f9e175c8" +_mrc_complete_hash="d18de1e3d52c0815b82ea406ca07897c56c65696" +_mrc_complete="mrc/haswell/mrc.bin" + +cbdir="coreboot/default" +cbfstool="cbutils/default/cbfstool" + +sname="" + +main() +{ + sname=${0} + printf "Downloading Intel MRC blobs\n" + + check_existing || return 0 + build_dependencies + fetch_mrc || err "could not fetch mrc.bin" +} + +check_existing() +{ + [ -f "${_mrc_complete}" ] || \ + return 0 + printf 'found existing mrc.bin\n' + [ "$(sha1sum "${_mrc_complete}" | awk '{print $1}')" \ + = "${_mrc_complete_hash}" ] && \ + return 1 + printf 'hashes did not match, starting over\n' +} + +build_dependencies() +{ + [ -d "${cbdir}/" ] || ./fetch_trees coreboot default || \ + err "build_dependencies: cannot fetch coreboot/default" + ./build coreboot utils default || \ + err "build_dependencies: cannot build cbutils/default" +} + +fetch_mrc() +{ + mkdir -p mrc/haswell/ || err "fetch_mrc: !mkdir mrc/haswell" + + ( + cd mrc/haswell/ || err "fetch_mrc: !cd mrc/haswell" + + download_image "${_url}" "${_file}" "${_sha1sum}" + [ -f ${_file} ] || \ + download_image "${_url2}" "${_file}" "${_sha1sum}" + [ -f $_file ] || \ + err "fetch_mrc: ${_file} not downloaded / verification failed." + + extract_partition ROOT-A "${_file}" root-a.ext2 + extract_shellball root-a.ext2 chromeos-firmwareupdate-${_board} + + extract_coreboot chromeos-firmwareupdate-${_board} + + ../../"${cbfstool}" coreboot-*.bin extract -f mrc.bin -n mrc.bin \ + -r RO_SECTION || err "fetch_mrc: could not fetch mrc.bin" + rm -f "chromeos-firmwareupdate-${_board}" coreboot-*.bin \ + "${_file}" "root-a.ext2" || err "fetch_mrc: cannot remove files" + + printf "\n\nmrc.bin saved to ${_mrc_complete}\n\n" + ) +} + +download_image() +{ + url=${1} + _file=${2} + _sha1sum=${3} + + printf "Downloading recovery image\n" + curl "$url" > "$_file.zip" || err "download_image: curl failed" + printf "Verifying recovery image checksum\n" + if [ "$(sha1sum "${_file}.zip" | awk '{print $1}')" = "${_sha1sum}" ] + then + unzip -q "${_file}.zip" || err "download_image: cannot unzip" + rm -f "${_file}.zip" || err "download_image: can't rm zip {1}" + return 0 + fi + rm -f "${_file}.zip" || err "download_image: bad hash, and can't rm zip" + err "download_image: Bad checksum. Recovery image deleted" +} + +extract_partition() +{ + NAME=${1} + FILE=${2} + ROOTFS=${3} + _bs=1024 + + printf "Extracting ROOT-A partition\n" + ROOTP=$( printf "unit\nB\nprint\nquit\n" | \ + parted "${FILE}" 2>/dev/null | grep "${NAME}" ) + + START=$(( $( echo ${ROOTP} | cut -f2 -d\ | tr -d "B" ) )) + SIZE=$(( $( echo ${ROOTP} | cut -f4 -d\ | tr -d "B" ) )) + + dd if="${FILE}" of="${ROOTFS}" bs=${_bs} skip=$(( ${START} / ${_bs} )) \ + count=$(( ${SIZE} / ${_bs} )) || \ + err "extract_partition: can't extract root file system" +} + +extract_shellball() +{ + ROOTFS=${1} + SHELLBALL=${2} + + printf "Extracting chromeos-firmwareupdate\n" + printf "cd /usr/sbin\ndump chromeos-firmwareupdate ${SHELLBALL}\nquit" \ + | debugfs "${ROOTFS}" || err "extract_shellball: debugfs" +} + +extract_coreboot() +{ + _shellball=${1} + _unpacked=$( mktemp -d ) + + printf "Extracting coreboot image\n" + + [ -f "${_shellball}" ] || \ + err "extract_coreboot: shellball missing in google peppy image" + + sh "${_shellball}" --unpack "${_unpacked}" || \ + err "extract_coreboot: shellball exits with non-zero status" + + # TODO: audit the f* out of that shellball, for each mrc version. + # it has to be updated for each mrc update. we should ideally + # implement the functionality ourselves. + + [ -f "${_unpacked}/VERSION" ] || \ + err "extract_coreboot: VERSION file missing on google coreboot rom" + + _version=$( cat "${_unpacked}/VERSION" | grep BIOS\ version: | \ + cut -f2 -d: | tr -d \ ) + + cp "${_unpacked}/bios.bin" "coreboot-${_version}.bin" || \ + err "extract_coreboot: cannot copy google peppy rom" + rm -Rf "${_unpacked}" || \ + err "extract_coreboot: cannot remove extracted google peppy archive" +} + +main $@ |