summaryrefslogtreecommitdiff
path: root/script/update/blobs/mrc
diff options
context:
space:
mode:
Diffstat (limited to 'script/update/blobs/mrc')
-rwxr-xr-xscript/update/blobs/mrc184
1 files changed, 184 insertions, 0 deletions
diff --git a/script/update/blobs/mrc b/script/update/blobs/mrc
new file mode 100755
index 00000000..c069e678
--- /dev/null
+++ b/script/update/blobs/mrc
@@ -0,0 +1,184 @@
+#!/usr/bin/env sh
+
+# Download Intel MRC images
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+export PATH="${PATH}:/sbin"
+
+# This file is forked from util/chromeos/crosfirmware.sh in coreboot cfc26ce278
+# Changes to it in *this version* are copyright 2021 and 2023 Leah Rowe, under
+# the same license as above.
+
+# use updated manifest from wayback machine, when updating mrc.bin,
+# and update the other variables below accordingly. current manifest used:
+# https://web.archive.org/web/20210211071412/https://dl.google.com/dl/edgedl/chromeos/recovery/recovery.conf
+
+# the wayback machine is used so that we get the same manifest. google
+# does not seem to version the manifest, but archives are available
+
+# variables taken from that manifest:
+
+_board="peppy"
+_file="chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin"
+_url="https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin.zip"
+_url2="https://web.archive.org/web/20200516070928/https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin.zip"
+_sha1sum="cd5917cbe7f821ad769bf0fd87046898f9e175c8"
+_mrc_complete_hash="d18de1e3d52c0815b82ea406ca07897c56c65696"
+_mrc_complete="mrc/haswell/mrc.bin"
+
+cbdir="coreboot/default"
+cbfstool="cbutils/default/cbfstool"
+
+sname=""
+
+main()
+{
+ sname=${0}
+ printf "Downloading Intel MRC blobs\n"
+
+ check_existing || return 0
+ build_dependencies
+ fetch_mrc || err "could not fetch mrc.bin"
+}
+
+check_existing()
+{
+ [ -f "${_mrc_complete}" ] || \
+ return 0
+ printf 'found existing mrc.bin\n'
+ [ "$(sha1sum "${_mrc_complete}" | awk '{print $1}')" \
+ = "${_mrc_complete_hash}" ] && \
+ return 1
+ printf 'hashes did not match, starting over\n'
+}
+
+build_dependencies()
+{
+ [ -d "${cbdir}/" ] || ./fetch_trees coreboot default || \
+ err "build_dependencies: cannot fetch coreboot/default"
+ ./build coreboot utils default || \
+ err "build_dependencies: cannot build cbutils/default"
+}
+
+fetch_mrc()
+{
+ mkdir -p mrc/haswell/ || err "fetch_mrc: !mkdir mrc/haswell"
+
+ (
+ cd mrc/haswell/ || err "fetch_mrc: !cd mrc/haswell"
+
+ download_image "${_url}" "${_file}" "${_sha1sum}"
+ [ -f ${_file} ] || \
+ download_image "${_url2}" "${_file}" "${_sha1sum}"
+ [ -f $_file ] || \
+ err "fetch_mrc: ${_file} not downloaded / verification failed."
+
+ extract_partition ROOT-A "${_file}" root-a.ext2
+ extract_shellball root-a.ext2 chromeos-firmwareupdate-${_board}
+
+ extract_coreboot chromeos-firmwareupdate-${_board}
+
+ ../../"${cbfstool}" coreboot-*.bin extract -f mrc.bin -n mrc.bin \
+ -r RO_SECTION || err "fetch_mrc: could not fetch mrc.bin"
+ rm -f "chromeos-firmwareupdate-${_board}" coreboot-*.bin \
+ "${_file}" "root-a.ext2" || err "fetch_mrc: cannot remove files"
+
+ printf "\n\nmrc.bin saved to ${_mrc_complete}\n\n"
+ )
+}
+
+download_image()
+{
+ url=${1}
+ _file=${2}
+ _sha1sum=${3}
+
+ printf "Downloading recovery image\n"
+ curl "$url" > "$_file.zip" || err "download_image: curl failed"
+ printf "Verifying recovery image checksum\n"
+ if [ "$(sha1sum "${_file}.zip" | awk '{print $1}')" = "${_sha1sum}" ]
+ then
+ unzip -q "${_file}.zip" || err "download_image: cannot unzip"
+ rm -f "${_file}.zip" || err "download_image: can't rm zip {1}"
+ return 0
+ fi
+ rm -f "${_file}.zip" || err "download_image: bad hash, and can't rm zip"
+ err "download_image: Bad checksum. Recovery image deleted"
+}
+
+extract_partition()
+{
+ NAME=${1}
+ FILE=${2}
+ ROOTFS=${3}
+ _bs=1024
+
+ printf "Extracting ROOT-A partition\n"
+ ROOTP=$( printf "unit\nB\nprint\nquit\n" | \
+ parted "${FILE}" 2>/dev/null | grep "${NAME}" )
+
+ START=$(( $( echo ${ROOTP} | cut -f2 -d\ | tr -d "B" ) ))
+ SIZE=$(( $( echo ${ROOTP} | cut -f4 -d\ | tr -d "B" ) ))
+
+ dd if="${FILE}" of="${ROOTFS}" bs=${_bs} skip=$(( ${START} / ${_bs} )) \
+ count=$(( ${SIZE} / ${_bs} )) || \
+ err "extract_partition: can't extract root file system"
+}
+
+extract_shellball()
+{
+ ROOTFS=${1}
+ SHELLBALL=${2}
+
+ printf "Extracting chromeos-firmwareupdate\n"
+ printf "cd /usr/sbin\ndump chromeos-firmwareupdate ${SHELLBALL}\nquit" \
+ | debugfs "${ROOTFS}" || err "extract_shellball: debugfs"
+}
+
+extract_coreboot()
+{
+ _shellball=${1}
+ _unpacked=$( mktemp -d )
+
+ printf "Extracting coreboot image\n"
+
+ [ -f "${_shellball}" ] || \
+ err "extract_coreboot: shellball missing in google peppy image"
+
+ sh "${_shellball}" --unpack "${_unpacked}" || \
+ err "extract_coreboot: shellball exits with non-zero status"
+
+ # TODO: audit the f* out of that shellball, for each mrc version.
+ # it has to be updated for each mrc update. we should ideally
+ # implement the functionality ourselves.
+
+ [ -f "${_unpacked}/VERSION" ] || \
+ err "extract_coreboot: VERSION file missing on google coreboot rom"
+
+ _version=$( cat "${_unpacked}/VERSION" | grep BIOS\ version: | \
+ cut -f2 -d: | tr -d \ )
+
+ cp "${_unpacked}/bios.bin" "coreboot-${_version}.bin" || \
+ err "extract_coreboot: cannot copy google peppy rom"
+ rm -Rf "${_unpacked}" || \
+ err "extract_coreboot: cannot remove extracted google peppy archive"
+}
+
+main $@