diff options
Diffstat (limited to 'script')
-rwxr-xr-x | script/build/boot/roms | 112 | ||||
-rwxr-xr-x | script/build/boot/roms_helper | 613 | ||||
-rwxr-xr-x | script/build/clean/cbutils | 59 | ||||
-rwxr-xr-x | script/build/clean/crossgcc | 45 | ||||
-rwxr-xr-x | script/build/clean/seabios | 48 | ||||
-rwxr-xr-x | script/build/clean/u-boot | 51 | ||||
-rwxr-xr-x | script/build/command/options | 31 | ||||
-rwxr-xr-x | script/build/coreboot/utils | 78 | ||||
-rwxr-xr-x | script/build/descriptors/ich9m | 42 | ||||
-rwxr-xr-x | script/build/grub/payload | 104 | ||||
-rwxr-xr-x | script/build/grub/utils | 52 | ||||
-rwxr-xr-x | script/build/release/roms | 195 | ||||
-rwxr-xr-x | script/build/release/src | 193 | ||||
-rwxr-xr-x | script/handle/make/config | 257 | ||||
-rwxr-xr-x | script/handle/make/file | 80 | ||||
-rwxr-xr-x | script/misc/versioncheck | 48 | ||||
-rwxr-xr-x | script/update/blobs/download | 516 | ||||
-rwxr-xr-x | script/update/blobs/extract | 122 | ||||
-rwxr-xr-x | script/update/blobs/inject | 362 | ||||
-rwxr-xr-x | script/update/blobs/mrc | 184 |
20 files changed, 3192 insertions, 0 deletions
diff --git a/script/build/boot/roms b/script/build/boot/roms new file mode 100755 index 00000000..a19d9445 --- /dev/null +++ b/script/build/boot/roms @@ -0,0 +1,112 @@ +#!/usr/bin/env sh + +# +# helper script: build coreboot images with various payloads +# +# Copyright (C) 2014,2015,2016,2020,2021,2023 Leah Rowe +# <info@minifree.org> +# Copyright (C) 2015 Klemens Nanni <contact@autoboot.org> +# Copyright (C) 2022 Caleb La Grange <thonkpeasant@protonmail.com> +# Copyright (C) 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +# This script assumes that the working directory is the root +# of git or release archive + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +projectname="$(cat projectname)" +opts="" +boards= +firstoption="" + +main() +{ + [ $# -lt 1 ] && usage && err "target not specified" + + firstoption="${1}" + [ "${firstoption}" = "help" ] && usage && exit 0 + [ "${firstoption}" = "list" ] && \ + ./build command options resources/coreboot && exit 0 + + while [ $# -gt 0 ]; do + case ${1} in + -d) + opts="${opts} -d ${2}" + shift ;; + -p) + opts="${opts} -p ${2}" + shift ;; + -k) + opts="${opts} -k ${2}" + shift ;; + *) + boards="${boards} ${1} " ;; + esac + shift + done + + [ -z ${opts+x} ] && opts="" + printf "Building %s ROM images\n" "${projectname}" + + if [ "${firstoption}" = "all" ]; then + for target in $(./build command options resources/coreboot); do + buildrom "${target}" || err "build/roms (1): error" + done + else + for board in ${boards}; do + buildrom "${board}" || err "build/roms (2): error" + done + fi + + printf "\n\nDone! Your ROMs are in bin/\n\n" +} + +usage() +{ + cat <<- EOF + USAGE: ./build boot roms target + To build *all* boards, do this: ./build boot roms all + To list *all* boards, do this: ./build boot roms list + + Optional Flags: + -d: displaymode + -p: payload + -k: keyboard layout + + Example commands: + ./build boot roms x60 + ./build boot roms x200_8mb x60 + ./build boot roms x60 -p grub -d corebootfb -k usqwerty + + possible values for 'target': + $(./build command options "resources/coreboot") + + Refer to the ${projectname} documentation for more information. + EOF +} + +# Build ROM images for supported boards +buildrom() { + [ -d "resources/coreboot/${1}/" ] || \ + err "build/roms: target not defined: ${1}" + ./build boot roms_helper ${1}${opts} || return 1 +} + +main $@ diff --git a/script/build/boot/roms_helper b/script/build/boot/roms_helper new file mode 100755 index 00000000..79e86ad4 --- /dev/null +++ b/script/build/boot/roms_helper @@ -0,0 +1,613 @@ +#!/usr/bin/env sh + +# helper script: create ROM images for a given mainboard +# +# Copyright (C) 2020,2021,2023 Leah Rowe <info@minifree.org> +# Copyright (C) 2021,2022 Ferass El Hafidi +# <vitali64pmemail@protonmail.com> +# Copyright (C) 2022 Caleb La Grange <thonkpeasant@protonmail.com> +# Copyright (C) 2022 Alper Nebi Yasak <alpernebiyasak@gmail.com> +# Copyright (C) 2023 Riku Viitanen <riku.viitanen@protonmail.com> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +# This script assumes that the working directory is the root +# of git or release archive + + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +projectname="$(cat projectname)" + +blobs_required="" +microcode_required="" + +board="" +ubdir="" +kmapdir="resources/grub/keymap" +displaymodes="" +payloads="" +keyboard_layouts="" +while [ $# -gt 0 ]; do + case ${1} in + -d) + displaymodes="${displaymodes}${2}" + shift ;; + -p) + payloads="${payloads}${2}" + shift ;; + -k) + keyboard_layouts="${keyboard_layouts}${2}" + shift ;; + *) + board=${1} ;; + esac + shift +done + +printf "\n\nboard is %s , kb is %s , displaymode is %s , payloads is %s\n" \ + ${board} ${keyboard_layouts} ${displaymodes} ${payloads} 1>&2 + +[ -d "resources/coreboot/${board}" ] || \ + err "Target not defined: ${board}" + +[ -f "resources/coreboot/${board}/target.cfg" ] || \ + err "Missing target.cfg for target: ${board}" + +grub_scan_disk="undefined" +tree="undefined" +romtype="normal" # optional parameter in target.cfg. "normal" is default +arch="undefined" + +# Disable all payloads by default. +# target.cfg files have to specifically enable [a] payload(s) +payload_grub="n" +payload_grub_withseabios="n" # seabios chainloaded from grub +payload_seabios="n" +payload_seabios_withgrub="n" # i386-coreboot grub from SeaBIOS boot menu +payload_memtest="n" +payload_uboot="n" +uboot_config="undefined" +# Override the above defaults using target.cfg +. "resources/coreboot/${board}/target.cfg" + +[ "${grub_scan_disk}" = "undefined" ] && \ + grub_scan_disk="both" +[ "${grub_scan_disk}" != "both" ] && [ "${grub_scan_disk}" != "ata" ] && \ + [ "${grub_scan_disk}" != "ahci" ] && \ + grub_scan_disk="both" + +[ "${tree}" = "undefined" ] && \ + err "Target '${board}' does not define a coreboot tree. Skipping build." +[ "${arch}" = "undefined" ] && \ + err "Target '${board}' does not define a CPU type. Skipping build." + +[ "${payload_memtest}" != "y" ] && \ + payload_memtest="n" +[ "${payload_grub_withseabios}" = "y" ] && \ + payload_grub="y" +if [ "${payload_grub_withseabios}" = "y" ]; then + payload_seabios="y" + payload_seabios_withgrub="y" +fi +[ "${payload_seabios_withgrub}" = "y" ] && \ + payload_seabios="y" + +# NOTE: reverse logic must NOT be applied. If SeaBIOS-with-GRUB works, that +# doesn't necessarily mean GRUb-with-SeaBIOS will. For example, the board +# might have an external GPU, where it's recommended to boot SeaBIOS first +if [ "${payload_grub}" != "y" ] && [ "${payload_seabios}" != "y" ] && \ + [ "${payload_uboot}" != "y" ]; then + for configfile in "resources/coreboot/${board}/config/"*; do + [ -e "${configfile}" ] || continue + err "target '${board}' defines no payload" + done +fi + +[ "${payload_uboot}" != "n" ] && [ "${payload_uboot}" != "y" ] && \ + payload_uboot="n" +[ "${payload_uboot}" = "y" ] && [ "${uboot_config}" = "undefined" ] && \ + uboot_config="default" + +[ "${microcode_required}" != "n" ] && [ "${microcode_required}" != "y" ] && \ + microcode_required="y" +[ "${blobs_required}" != "n" ] && [ "${blobs_required}" != "y" ] && \ + blobs_required="y" + +# Override all payload directives with cmdline args +if [ ! -z ${payloads} ]; then + echo "setting payloads $payloads" + payload_grub="n" + payload_grub_withseabios="n" # seabios chainloaded from grub + payload_seabios="n" + payload_seabios_withgrub="n" # i386-coreboot grub from SeaBIOS menu + payload_uboot="n" + payload_memtest="n" + + for payload in ${payloads} ; do + eval "payload_${payload}=y" + done +fi + +romdir="bin/${board}" +cbdir="coreboot/${board}" +[ "${board}" = "${tree}" ] || \ + cbdir="coreboot/${tree}" +cbfstool="cbutils/${tree}/cbfstool" +corebootrom="${cbdir}/build/coreboot.rom" +seavgabiosrom="elf/seabios/default/libgfxinit/vgabios.bin" + +./build coreboot utils ${tree} || err "cannot build cbutils/${tree}" + +if [ ! -f "${seavgabiosrom}" ] \ + || [ ! -f elf/seabios/default/libgfxinit/bios.bin.elf ] \ + || [ ! -f elf/seabios/default/vgarom/bios.bin.elf ] \ + || [ ! -f elf/seabios/default/normal/bios.bin.elf ]; then + [ "${payload_seabios}" != "y" ] || \ + ./handle make config -b seabios || \ + err "cannot build seabios" +fi + +memtest_bin="memtest86plus/build${arch#*_}/memtest.bin" +[ "${payload_memtest}" != "y" ] || [ -f "${memtest_bin}" ] || \ + ./handle make file -b ${memtest_bin%/*} || \ + err "cannot build memtest86+" + +[ -d "${romdir}/" ] || mkdir -p "${romdir}/" || \ + err "cannot create rom directory: \"${romdir}\"" +rm -f "${romdir}"/* || err "cannot: rm -f \"${romdir}\"/*" + +if [ "${payload_grub}" = "y" ] || \ + [ "${payload_seabios_withgrub}" = "y" ]; then + if [ -f "elf/grub/grub_usqwerty.cfg" ]; then + sha1sumcmd="sha1sum resources/grub/config/grub.cfg" + grubrefchecksum="$(${sha1sumcmd} | awk '{print $1}')" + + sha1sumcmd="sha1sum elf/grub/grub_usqwerty.cfg" + grubbuildchecksum="$(${sha1sumcmd} | awk '{print $1}')" + + if [ "${grubrefchecksum}" != "${grubbuildchecksum}" ]; then + printf "Changes detected to GRUB. Re-building now.\n" \ + 1>&2 + fi + else + printf "Required GRUB payloads not yet built. Building now.\n" \ + 1>&2 + fi + for keymapfile in "${kmapdir}"/*; do + [ -f "${keymapfile}" ] || continue + + keymap="${keymapfile##*/}" + keymap="${keymap%.gkb}" + + grubelf="elf/grub/grub_${keymap}.elf" + grubcfg="elf/grub/grub_${keymap}.cfg" + grubtestcfg="elf/grub/grub_${keymap}_test.cfg" + + if [ ! -f "${grubelf}" ] || [ ! -f "${grubcfg}" ] || \ + [ ! -f "${grubtestcfg}" ]; then + ./build grub payload || err "cannot build grub payload" + fi + done +fi + +if [ "${payload_uboot}" = "y" ]; then + ./handle make config -b u-boot ${board} || \ + err "cannot build u-boot target: ${board}" + ubdir="elf/u-boot/${board}/${uboot_config}" + ubootelf="${ubdir}/u-boot.elf" + [ ! -f "${ubootelf}" ] && [ -f "${ubdir}/u-boot.bin" ] && \ + ubootelf="${ubdir}/u-boot.bin" + [ -f "${ubootelf}" ] || \ + err "Could not find u-boot build for board, ${board}" +fi + +# it is assumed that no other work will be done on the ROM +# after calling this function. therefore this function is "final" +moverom() { + rompath="$1" + newrompath="$2" + cuttype="$3" + + [ "${blobs_required}" = "n" ] && \ + newrompath="${newrompath%.rom}_noblobs.rom" + + printf "\nCreating new ROM image: %s\n" "${newrompath}" + + if [ "${cuttype}" = "4MiB IFD BIOS region" ]; then + dd if="${rompath}" of="${newrompath}" bs=1 \ + skip=$(($(stat -c %s "${rompath}") - 0x400000)) \ + count=4194304 || err "moverom: cannot cut 4MB section" + else + cp "${rompath}" "${newrompath}" || err "moverom: can't copy rom" + fi + + # pike2008 cards cause a system hang when loading option roms in seabios + # if there is an empty option rom in cbfs, no option rom will be loaded + if [ "${cuttype}" = "d8d16sas" ]; then + emptyrom=$(mktemp -t coreboot_rom.XXXXXXXXXX) + rm -f "${emptyrom}" || err "cannot remove fake oprom" + touch "${emptyrom}" || err "cannot create fake oprom" + for deviceID in "0072" "3050"; do + "${cbfstool}" "${newrompath}" add -f "${emptyrom}" \ + -n "pci1000,${deviceID}.rom" -t raw || \ + err "moverom: cannot insert fake pike2008 rom" + done + rm -f "${emptyrom}" || err "moverom: cannot remove pike2008 rom" + fi + + for romsize in 4 8 16; do + ifdgbe="descriptors/ich9m/ich9fdgbe_${romsize}m.bin" + if [ "${cuttype}" = "${romsize}MiB ICH9 IFD NOR flash" ]; then + [ -f "${ifdgbe}" ] || \ + ./build descriptors ich9m || \ + err "moverom: cannot create ich9m ifd" + dd if="${ifdgbe}" of="${newrompath}" bs=1 count=12k \ + conv=notrunc || err "moverom: cant insert ich9m ifd" + fi + cmpstr="${romsize}MiB ICH9 IFD NOGBE NOR flash" + ifdgbe="descriptors/ich9m/ich9fdnogbe_${romsize}m.bin" + if [ "${cuttype}" = "${cmpstr}" ]; then + [ -f "${ifdgbe}" ] || \ + ./build descriptors ich9m || \ + err "moverom: cannot create ich9m ifd" + dd if="${ifdgbe}" of="${newrompath}" bs=1 count=4k \ + conv=notrunc || err "moverom: cant insert ich9m ifd" + fi + done + + if [ "${cuttype}" = "i945 laptop" ]; then + dd if="${newrompath}" of=top64k.bin bs=1 \ + skip=$(($(stat -c %s "${newrompath}") - 0x10000)) \ + count=64k || \ + err "moverom: cannot copy boot block from i945 rom" + dd if=top64k.bin of="${newrompath}" bs=1 \ + seek=$(($(stat -c %s "${newrompath}") - 0x20000)) \ + count=64k conv=notrunc || \ + err "moverom: cannot copy boot block into i945 rom" + rm -f top64k.bin || err "moverom: can't remove top64k.bin" + fi + + if [ "${microcode_required}" = "n" ]; then + _newrom_b="${newrompath%.rom}_nomicrocode.rom" + cp "${newrompath}" "${_newrom_b}" || \ + err "moverom: cp \"${newrompath}\" \"${_newrom_b}\"" + microcode_present="y" + "${cbfstool}" "${_newrom_b}" remove -n \ + cpu_microcode_blob.bin || microcode_present="n" + if [ "${microcode_present}" = "n" ]; then + rm -f "${_newrom_b}" || err "cannot remove ${_newrom_b}" + printf "REMARK: '%s' already lacks microcode\n" \ + "${newrompath}" + printf "Renaming default ROM file instead.\n" + mv "${newrompath}" "${_newrom_b}" || \ + err "moverom: mv \"${newrompath}\" \"${_newrom_b}\"" + fi + fi +} + +# make a rom in /tmp/ and then print the path of that ROM +mkSeabiosRom() { + target_cbrom="${1}" # rom to insert seabios in. will not be touched + # (a tmpfile will be made instead) + target_seabios_cbfs_path="${2}" # e.g. fallback/payload + target_initmode="${3}" # e.g. libgfxinit + + target_seabioself="elf/seabios/default/${target_initmode}/bios.bin.elf" + + tmprom=$(mktemp -t coreboot_rom.XXXXXXXXXX) + + cp "${target_cbrom}" "${tmprom}" || \ + err "mkSeabiosRom: cannot copy to tmprom" + + "${cbfstool}" "${tmprom}" add-payload -f "${target_seabioself}" \ + -n ${target_seabios_cbfs_path} -c lzma || \ + err "mkSeabiosRom: can't add payload, ${target_seabioself}, to rom" + + "${cbfstool}" "${tmprom}" add-int -i 3000 -n etc/ps2-keyboard-spinup \ + || err "mkSeabiosRom: cbfs add-int etc/ps2-keyboard-spinup 3000" + + if [ "${target_initmode}" = "normal" ] || \ + [ "${target_initmode}" = "libgfxinit" ]; then + "${cbfstool}" "${tmprom}" add-int -i 2 \ + -n etc/pci-optionrom-exec || \ + err "mkSeabiosRom: cbfs add-int etc/pci-optionrom-exec 2" + elif [ "${target_initmode}" = "vgarom" ]; then # coreboot executes it + "${cbfstool}" "${tmprom}" add-int -i 0 \ + -n etc/pci-optionrom-exec || \ + err "mkSeabiosRom: cbfs add-int etc/pci-optionrom-exec 0" + fi # for undefined modes, don't add this integer. use SeaBIOS defaults + + "${cbfstool}" "${tmprom}" add-int -i 0 -n etc/optionroms-checksum || \ + err "mkSeabiosRom: cbfs add-int etc/optionroms-checksum 0" + + [ "${target_initmode}" != "libgfxinit" ] || \ + "${cbfstool}" "${tmprom}" add -f "${seavgabiosrom}" \ + -n vgaroms/seavgabios.bin -t raw || \ + err "mkSeabiosRom: cbfs add-raw vgaroms/seavgabios.bin" + + printf "%s\n" "${tmprom}" +} + +# make a rom in /tmp/ and then print the path of that ROM +mkUbootRom() { + target_cbrom="${1}" # rom to insert u-boot in. it won't be touched + # (a tmpfile will be made instead) + target_uboot_cbfs_path="${2}" # e.g. fallback/payload + target_uboot_config="${3}" + cbfstool_path="${4}" + + target_ubdir="elf/u-boot/${board}/${target_uboot_config}" + target_ubootelf="${target_ubdir}/u-boot.elf" + [ -f "${target_ubootelf}" ] || \ + target_ubootelf="${target_ubdir}/u-boot.bin" + [ -f "${target_ubootelf}" ] || \ + err "mkUbootRom: cant find u-boot build for board, ${board}" + + tmprom=$(mktemp -t coreboot_rom.XXXXXXXXXX) + + cp "${target_cbrom}" "${tmprom}" || \ + err "mkUbootRom: cannot copy to tmprom" + "${cbfstool}" "${tmprom}" add-payload -f "${target_ubootelf}" \ + -n ${target_uboot_cbfs_path} -c lzma || \ + err "mkUbootRom: cannot add u-boot to tmprom" + + printf "%s\n" "${tmprom}" +} + +# make a rom in /tmp/ and then print the path of that ROM +mkGrubRom() { + target_keymap="${1}" + target_cbrom="${2}" + target_grubelf_cbfs_path="${3}" # e.g. fallback/payload + + grubelf="elf/grub/grub_${target_keymap}.elf" + grubcfg="elf/grub/grub_${target_keymap}.cfg" + grubtestcfg="elf/grub/grub_${target_keymap}_test.cfg" + + tmprom=$(mktemp -t coreboot_rom.XXXXXXXXXX) || \ + err "mkGrubRom: cannot create tmprom" + cp "${target_cbrom}" "${tmprom}" || \ + err "mkGrubRom: cannot copy to tmprom" + + "${cbfstool}" "${tmprom}" add-payload -f "${grubelf}" \ + -n ${target_grubelf_cbfs_path} -c lzma || \ + err "mkGrubRom: cannot add grub payload to tmprom" + + tmpgrubcfg=$(mktemp -t grub.cfg.XXXXXXXXXX) + tmpgrubtestcfg=$(mktemp -t grubtest.cfg.XXXXXXXXXX) + if [ "${grub_scan_disk}" = "ahci" ]; then + sed \ + 's/set\ grub_scan_disk=\"both\"/set\ grub_scan_disk=\"ahci\"/' \ + "${grubcfg}" > "${tmpgrubcfg}" || err "mkGrubRom: sed1" + sed \ + 's/set\ grub_scan_disk=\"both\"/set\ grub_scan_disk=\"ahci\"/' \ + "${grubtestcfg}" > "${tmpgrubtestcfg}" || \ + err "mkGrubRom: sed2" + elif [ "${grub_scan_disk}" = "ata" ]; then + sed \ + 's/set\ grub_scan_disk=\"both\"/set\ grub_scan_disk=\"ata\"/' \ + "${grubcfg}" > "${tmpgrubcfg}" || err "mkGrubRom: sed3" + sed \ + 's/set\ grub_scan_disk=\"both\"/set\ grub_scan_disk=\"ata\"/' \ + "${grubtestcfg}" > "${tmpgrubtestcfg}" || \ + err "mkGrubRom: sed4" + else + cp "${grubcfg}" "${tmpgrubcfg}" || err "mkGrubRom: grub.cfg cp" + cp "${grubtestcfg}" "${tmpgrubtestcfg}" || \ + err "mkGrubRom: grubtest.cfg cp" + fi + + "${cbfstool}" "${tmprom}" add -f "${tmpgrubcfg}" -n grub.cfg -t raw || \ + err "mkGrubRom: cannot add grub.cfg to tmprom" + + "${cbfstool}" "${tmprom}" add -f "${tmpgrubtestcfg}" -n grubtest.cfg \ + -t raw || err "mkGrubRom: cannot add grubtest.cfg to tmprom" + rm -f "${tmpgrubcfg}" "${tmpgrubtestcfg}" || \ + err "mkGrubRom: cannot remove tmp grub.cfg / grubtest.cfg" + + backgroundfile="background1280x800.png" + if [ "${board}" = "x60" ] || [ "${board}" = "t60_intelgpu" ]; then + # TODO: don't hardcode this. do it in target.cfg per board + backgroundfile="background1024x768.png" + fi + backgroundfile="resources/grub/background/${backgroundfile}" + "${cbfstool}" "${tmprom}" add -f ${backgroundfile} -n background.png \ + -t raw || err "mkGrubRom: cannot add background.png to tmprom" + + printf "%s\n" "${tmprom}" +} + +# Make separate ROM images with GRUB payload, for each supported keymap +mkRomsWithGrub() { + tmprompath="${1}" + initmode="${2}" + displaymode="${3}" + firstpayloadname="${4}" # allow values: grub, seabios, seabios_withgrub + + x=${tmprompath} + y=${initmode} + if [ "${payload_grub_withseabios}" = "y" ] && \ + [ "${firstpayloadname}" = "grub" ]; then + mv "$(mkSeabiosRom "${x}" "seabios.elf" "${y}")" "${tmprompath}" + elif [ "${payload_seabios_withgrub}" ] && \ + [ "${firstpayloadname}" != "grub" ]; then + mv "$(mkSeabiosRom "${x}" "fallback/payload" "$y")" \ + "${tmprompath}" || \ + err "mkRomsWithGrub: cannot move SeaBIOS ROM to tmprom" + fi + + keymaps="" + if [ -z ${keyboard_layouts} ]; then + for kmapfile in "${kmapdir}"/*; do + keymaps="${keymaps} ${kmapfile}" + done + else + for keymapname in ${keyboard_layouts}; do + keymaps="${keymaps} ${kmapdir}/${keymapname}.gkb" + done + fi + for keymapfile in ${keymaps}; do + echo "keymaps is $keymaps, keymapfile is $keymapfile" + + [ -f "${keymapfile}" ] || continue + + keymap="${keymapfile##*/}" + keymap="${keymap%.gkb}" + + grub_path_in_cbfs="fallback/payload" + [ "${firstpayloadname}" = "grub" ] || \ + grub_path_in_cbfs="img/grub2" + + # evil bofh rfc 2646 compliance hack + x=${keymap} + y=${tmprompath} + z=${grub_path_in_cbfs} + + tmpgrubrom="$(mkGrubRom "${x}" "${y}" "${z}")" + + if [ "${initmode}" = "normal" ]; then + newrompath="${romdir}/${firstpayloadname}_${board}_" + newrompath="${newrompath}${initmode}_${keymap}.rom" + else + newrompath="${romdir}/${firstpayloadname}_${board}_" + newrompath="${newrompath}${initmode}_${displaymode}_" + newrompath="${newrompath}${keymap}.rom" + fi + moverom "${tmpgrubrom}" "${newrompath}" "${romtype}" || \ + err "mkRomsWithGrub, moverom" + rm -f "${tmpgrubrom}" || err "rm tmpgrubrom, mkRomsWithGrub" + done +} + +# Main ROM building function. This calls all other functions +mkRoms() +{ + cbcfgpath="${1}" + displaymode="${2}" + initmode="${3}" + + if [ ! -f "${cbcfgpath}" ]; then + printf "'%s' does not exist. Skipping build for %s %s %s\n" \ + "${cbcfgpath}" "${board}" "${displaymode}" "${initmode}" \ + 1>&2 + return 0 + fi + + ./handle make config -b coreboot ${board} || \ + err "mkRoms: cannot build coreboot for target: ${board}" + + _corebootrom="elf/coreboot/${board}/${initmode}_${displaymode}" + [ "${initmode}" = "normal" ] && \ + _corebootrom="${_corebootrom%_${displaymode}}" + _corebootrom="${_corebootrom}/coreboot.rom" + corebootrom="$(mktemp -t coreboot_rom.XXXXXXXXXX)" + cp "${_corebootrom}" "${corebootrom}" || err "mkRoms: cannot copy rom" + + if [ "${payload_memtest}" = "y" ]; then + "${cbfstool}" "${corebootrom}" add-payload \ + -f "${memtest_bin}" -n img/memtest -c lzma || \ + err "mkRoms: cannot add img/memtest to coreboot rom" + fi + + if [ "${payload_seabios}" = "y" ]; then + if [ "${payload_seabios_withgrub}" = "n" ]; then + x=${corebootrom} + y=${initmode} + t=$(mkSeabiosRom "$x" "fallback/payload" "$y") + if [ "${initmode}" = "normal" ]; then + newrompath="${romdir}/seabios_${board}_" + newrompath="${newrompath}${initmode}.rom" + else + newrompath="${romdir}/seabios_${board}_" + newrompath="${newrompath}${initmode}_" + newrompath="${newrompath}${displaymode}.rom" + fi + + moverom "${t}" "${newrompath}" "${romtype}" || \ + err "mkRoms: cannot copy rom" + rm -f "${t}" || err "cannot rm ${t}" + else + tmprom=$(mktemp -t coreboot_rom.XXXXXXXXXX) + cp "${corebootrom}" "${tmprom}" + mkRomsWithGrub "${tmprom}" "${initmode}" \ + "${displaymode}" "seabios_withgrub" || \ + err "mkRoms: cannot build grub roms, seabios w/grub" + rm -f "${tmprom}" || err "mkRoms: can't remove tmprom" + fi + fi + + [ "${payload_grub}" != "y" ] || \ + mkRomsWithGrub "${corebootrom}" "${initmode}" \ + "${displaymode}" "grub" || \ + err "mkRoms: mkRomsWithGrub failed" + + if [ "${payload_uboot}" = "y" ]; then + x=${corebootrom} + y=${uboot_config} + z=${cbfstool} + tmpubootrom="$(mkUbootRom "$x" "fallback/payload" "$y" "$z")" + if [ "${initmode}" = "normal" ]; then + newrompath="${romdir}/uboot_payload_${board}_" + newrompath="${newrompath}${initmode}.rom" + else + newrompath="${romdir}/uboot_payload_${board}_" + newrompath="${newrompath}${initmode}_${displaymode}.rom" + fi + moverom "${tmpubootrom}" "${newrompath}" "${romtype}" || \ + err "mkRoms: moverom fail (u-boot)" + rm -f "${tmpubootrom}" || err "mkRoms: cannot rm u-boot rom" + fi +} + +if [ -z ${displaymodes} ]; then + initmode="libgfxinit" + for displaymode in corebootfb txtmode; do + cbcfgpath="resources/coreboot/${board}/config/${initmode}_" + cbcfgpath="${cbcfgpath}${displaymode}" + mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}" + done + + initmode="vgarom" + for displaymode in vesafb txtmode; do + cbcfgpath="resources/coreboot/${board}/config/${initmode}_" + cbcfgpath="${cbcfgpath}${displaymode}" + mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}" + done + + initmode="normal" + displaymode="txtmode" + cbcfgpath="resources/coreboot/${board}/config/${initmode}" + mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}" + +else + echo "special displaymode defined as $displaymodes" + initmode="libgfxinit" + for displaymode in ${displaymodes}; do + cbcfgpath="resources/coreboot/${board}/config/${initmode}_" + cbcfgpath="${cbcfgpath}${displaymode}" + mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}" + done + + initmode="vgarom" + for displaymode in ${displaymodes}; do + cbcfgpath="resources/coreboot/${board}/config/${initmode}_" + cbcfgpath="${cbcfgpath}${displaymode}" + mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}" + done +fi diff --git a/script/build/clean/cbutils b/script/build/clean/cbutils new file mode 100755 index 00000000..bdacc45a --- /dev/null +++ b/script/build/clean/cbutils @@ -0,0 +1,59 @@ +#!/usr/bin/env sh + +# helper script: clean the dependencies that were built in coreboot +# +# Copyright (C) 2014-2016, 2020, 2023 Leah Rowe <info@minifree.org> +# Copyright (C) 2015 Klemens Nanni <contact@autoboot.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +# This script assumes that the current working directory is the root + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +main() +{ + printf "Cleaning the previous build of coreboot and its utilities\n" + + rm -Rf cbutils || err "cannot remove cbutils/" + [ ! -d "coreboot/" ] && exit 0 + + clean_cbutils +} + +clean_cbutils() +{ + for tree in coreboot/*; do + [ "${tree##*/}" = "coreboot" ] && continue + [ -d "${tree}" ] || continue + + # Clean coreboot, of course + make -C "${tree}/" distclean || \ + err "clean_cbutils: ${tree}: cannot distclean" + + # Clean its utilities as well + for util in cbfstool ifdtool nvramtool cbmem; do + make distclean -C "${tree}/util/${util}/" || \ + err "clean_cbutils: ${cbtree} ${util}: can't clean" + done + make distclean -C "${tree}/payloads/libpayload/" || \ + err "clean_cbutils: ${tree}: can't distclean libpayload" + done +} + +main $@ diff --git a/script/build/clean/crossgcc b/script/build/clean/crossgcc new file mode 100755 index 00000000..c76d1849 --- /dev/null +++ b/script/build/clean/crossgcc @@ -0,0 +1,45 @@ +#!/usr/bin/env sh + +# helper script: clean the crossgcc builds +# +# Copyright (C) 2014-2016, 2020, 2023 Leah Rowe <info@minifree.org> +# Copyright (C) 2015 Klemens Nanni <contact@autoboot.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +main() +{ + printf "Cleaning crossgcc builds in all coreboot archives\n" + [ ! -d "coreboot/" ] && exit 0 + + clean_crossgcc +} + +clean_crossgcc() +{ + for board in coreboot/*; do + [ -d "${board}" ] || continue + [ "${board##*/}" = "coreboot" ] && continue + make -C "${board}/" crossgcc-clean || \ + err "clean_crossgcc: ${board}: !make crossgcc-clean" + done +} + +main $@ diff --git a/script/build/clean/seabios b/script/build/clean/seabios new file mode 100755 index 00000000..0178a729 --- /dev/null +++ b/script/build/clean/seabios @@ -0,0 +1,48 @@ +#!/usr/bin/env sh + +# helper script: clean the dependencies that were built in seabios +# +# Copyright (C) 2015,2020,2021,2023 Leah Rowe <info@minifree.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +# clean bucts +# -------------------------------------------------------- + +main() +{ + [ ! -d "elf/seabios" ] || rm -Rf elf/seabios || \ + err "cannot remove elf/seabios" + [ ! -d "seabios/" ] && exit 0 + + clean_seabios +} + +clean_seabios() +{ + for x in seabios/*; do + [ ! -d "${x}" ] && continue + [ "${x}" = "seabios/seabios" ] && continue + make -C "${x}" distclean || \ + err "clean_seabios: cannot distclean tree, ${x}" + done +} + +main $@ diff --git a/script/build/clean/u-boot b/script/build/clean/u-boot new file mode 100755 index 00000000..5deff216 --- /dev/null +++ b/script/build/clean/u-boot @@ -0,0 +1,51 @@ +#!/usr/bin/env sh + +# helper script: clean the u-boot builds +# +# Copyright (C) 2014-2016, 2020, 2023 Leah Rowe <info@minifree.org> +# Copyright (C) 2015 Klemens Nanni <contact@autoboot.org> +# Copyright (C) 2022 Alper Nebi Yasak <alpernebiyasak@gmail.com> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +main() +{ + printf "Cleaning u-boot builds for all boards\n" + clean_uboot +} + +clean_uboot() +{ + for board in u-boot/*; do + if [ "${board##*/}" = "u-boot" ] || [ ! -d "${board}" ]; then + continue + fi + + make -C "${board}/" distclean || \ + err "clean_uboot: cannot distclean ${board}" + + if [ -e "${board}/.git" ]; then + git -C "${board}" clean -fdx || \ + err "clean_uboot: ${board}: cannot clean git files" + fi + done +} + +main $@ diff --git a/script/build/command/options b/script/build/command/options new file mode 100755 index 00000000..84a9a3fb --- /dev/null +++ b/script/build/command/options @@ -0,0 +1,31 @@ +#!/usr/bin/env sh + +# Copyright (c) 2023 Leah Rowe <info@minifree.org> +# SPDX-License-Identifier: MIT + +. "include/err.sh" + +items=1 + +main() +{ + [ $# -gt 0 ] || \ + err "No argument given" + listitems "${1}" || err "No items present under: ${1}" +} + +listitems() +{ + [ -d "${1}" ] || \ + err "Directory not does exist: ${1}" + for x in "${1}/"*; do + # -e used because this is for files *or* directories + [ -e "${x}" ] || continue + [ "${x##*/}" = "build.list" ] && continue + printf "%s\n" "${x##*/}" + items=0 + done + return ${items} +} + +main $@ diff --git a/script/build/coreboot/utils b/script/build/coreboot/utils new file mode 100755 index 00000000..bf0c47a7 --- /dev/null +++ b/script/build/coreboot/utils @@ -0,0 +1,78 @@ +#!/usr/bin/env sh + +# helper script: build various coreboot utilities +# +# Copyright (C) 2014-2016,2020,2021,2023 Leah Rowe <info@minifree.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +main() +{ + printf "Building coreboot utils\n" + + if [ $# -gt 0 ]; then + for board in "${@}"; do + build_for_mainboard ${board} || \ + err "cannot build cbutils for target, ${board}" + done + else + for boarddir in resources/coreboot/*; do + [ ! -d "${boarddir}" ] && continue + build_for_mainboard ${boarddir##*/} || \ + err "cannot build cbutils for target, ${board}" + done + fi +} + +build_for_mainboard() { + board="${1}" + [ -d "resources/coreboot/${board}" ] || continue + [ -f "resources/coreboot/${board}/target.cfg" ] || continue + tree="undefined" + . "resources/coreboot/${board}/target.cfg" # source + [ "${tree}" = "undefined" ] && \ + err "build_for_mainboard: improper tree definition for '${board}'" + buildutils "${tree}" +} + +buildutils() { + tree="${1}" + [ -d "coreboot/${tree}/" ] || \ + ./fetch_trees coreboot $tree || \ + err "buildutils: cannot fetch ${tree}" + for util in cbfstool ifdtool; do + [ -f "cbutils/${tree}/${util}" ] && continue + [ -d "cbutils/${tree}" ] || \ + mkdir -p "cbutils/${tree}" || \ + err "buildutils: can't mkdir cbutils/${tree}" + + utildir="coreboot/${tree}/util/${util}" + make distclean -C "${utildir}" || \ + err "buildutils: cannot clean ${utildir}" + make -j$(nproc) -C "${utildir}" || \ + err "buildutils: cannot build ${utildir}" + cp "${utildir}/${util}" "cbutils/${tree}" || \ + err "buildutils: can't cp ${util} cbutils/${tree}/" + make distclean -C "${utildir}" || \ + err "buildutils: can't clean ${utildir}" + done +} + +main $@ diff --git a/script/build/descriptors/ich9m b/script/build/descriptors/ich9m new file mode 100755 index 00000000..d965aef8 --- /dev/null +++ b/script/build/descriptors/ich9m @@ -0,0 +1,42 @@ +#!/usr/bin/env sh + +# Copyright (C) 2020, 2023 Leah Rowe <info@minifree.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +ich9gen="util/ich9utils/ich9gen" + +main() +{ + [ -f "${ich9gen}" ] || ./handle make file -b ich9utils || \ + err "ich9utils make" + [ ! -f "${ich9gen}" ] && err "ich9gen doesn't exist" + + [ -d "descriptors/ich9m/" ] || mkdir -p "descriptors/ich9m/" || \ + err "can't create directory: descriptors/ich9m" + rm -f descriptors/ich9m/* || err "rm-rf" + + ( + cd descriptors/ich9m/ || err "cd2" + ../../"${ich9gen}" || err "ich9gen" + ) +} + +main $@ diff --git a/script/build/grub/payload b/script/build/grub/payload new file mode 100755 index 00000000..63849bac --- /dev/null +++ b/script/build/grub/payload @@ -0,0 +1,104 @@ +#!/usr/bin/env sh + +# generate GRUB ELF files (coreboot payload) and configuration files +# +# Copyright (C) 2014,2015,2020,2021,2023 Leah Rowe <info@minifree.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +grubcfgsdir="resources/grub" +keymap="" + +. "${grubcfgsdir}/modules.list" + +main() +{ + printf "Creating GRUB payloads and configuration files\n" + + handle_dependencies + + # Separate GRUB payload per keymap to save space in ROM. + for keylayoutfile in ${grubcfgsdir}/keymap/*.gkb; do + [ -f "${keylayoutfile}" ] || continue + build_grub_payloads "${keylayoutfile}" + done + + printf "Done! Check elf/grub/ to see the files.\n\n" +} + +handle_dependencies() +{ + [ -d "grub/" ] || \ + ./fetch grub || \ + err "handle_dependencies: cannot fetch grub" + [ -f "grub/grub-mkstandalone" ] || \ + ./build grub utils || \ + err "handle_dependencies: cannot build grub utils" + [ -d "elf/grub" ] || \ + mkdir -p elf/grub || \ + err "handle_dependencies: cannot mkdir elf/grub" + rm -f elf/grub/* || \ + err "handle_dependencies: cannot rm inside: elf/grub/" +} + +build_grub_payloads() +{ + keylayoutfile=${1} + [ -f "${keylayoutfile}" ] || continue + + keymap="${keylayoutfile##${grubcfgsdir}/keymap/}" + keymap="${keymap%.gkb}" + + build_grub_elf "${keylayoutfile}" + create_grub_config + + printf "Created 'elf/grub/grub_%s.elf' and configs.'\n" "${keymap}" +} + +build_grub_elf() +{ + keylayoutfile=${1} + + gcfg="/boot/grub/grub.cfg=${grubcfgsdir}" + gcfg="${gcfg}/config/grub_memdisk.cfg" + grubk="/boot/grub/layouts/${keymap}.gkb=${keylayoutfile}" + grub/grub-mkstandalone \ + --grub-mkimage="grub/grub-mkimage" \ + -O i386-coreboot \ + -o "elf/grub/grub_${keymap}.elf" \ + -d grub/grub-core/ \ + --fonts= --themes= --locales= \ + --modules="${grub_modules}" \ + --install-modules="${grub_install_modules}" \ + "${gcfg}" "${grubk}" || \ + err "build_grub_elf: cannot build grub payload (grub-mkstandalone)" +} + +create_grub_config() +{ + sed "s/usqwerty/${keymap}/" < "${grubcfgsdir}/config/grub.cfg" \ + > "elf/grub/grub_${keymap}.cfg" || \ + err "create_grub_config: sed failed: grub.cfg" + sed "s/grubtest.cfg/grub.cfg/" < "elf/grub/grub_${keymap}.cfg" \ + > "elf/grub/grub_${keymap}_test.cfg" || \ + err "create_grub_config: sed failed: grubtest.cfg" +} + +main $@ diff --git a/script/build/grub/utils b/script/build/grub/utils new file mode 100755 index 00000000..f0449ed7 --- /dev/null +++ b/script/build/grub/utils @@ -0,0 +1,52 @@ +#!/usr/bin/env sh + +# helper script: builds GRUB2 source code +# +# Copyright (C) 2014, 2015, 2020, 2023 Leah Rowe <info@minifree.org> +# Copyright (C) 2015, 2016 Klemens Nanni <contact@autoboot.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +main() +{ + printf "Building GRUB\n" + [ -d "grub/" ] || ./fetch grub || err "cannot fetch grub" + build_grub +} + +build_grub() +{ + ( + cd grub/ || \ + err "build_grub: cd" + [ ! -d Makefile ] || make distclean || \ + err "build_grub: make-distclean" + ./bootstrap --gnulib-srcdir=gnulib/ --no-git || \ + err "build_grub: gnulib bootstrap" + ./autogen.sh || \ + err "build_grub: autogen.sh" + ./configure --with-platform=coreboot || \ + err "build_grub: autoconf" + make -j$(nproc) || \ + err "build_grub: make" + ) +} + +main $@ diff --git a/script/build/release/roms b/script/build/release/roms new file mode 100755 index 00000000..395fb8d7 --- /dev/null +++ b/script/build/release/roms @@ -0,0 +1,195 @@ +#!/usr/bin/env sh + +# helper script: generate release archive (ROM images) +# +# Copyright (C) 2020,2021,2022,2023 Leah Rowe <info@minifree.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +projectname="$(cat projectname)" +version="version-unknown" +versiondate="version-date-unknown" +tree="default" +target="" +CONFIG_HAVE_MRC="" +CONFIG_HAVE_ME_BIN="" +CONFIG_KBC1126_FIRMWARE="" +CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="" +ifdtool="cbutils/${tree}/ifdtool" +cbfstool="cbutils/${tree}/cbfstool" + +main() +{ + printf "Building ROM image archives for version %s\n" "${version}" + + init_check + + for romdir in bin/*; do + make_archive "${romdir}" + done + + printf "\nROM archives available at release/%s/roms/\n\n" "${version}" +} + +init_check() +{ + if [ -f version ]; then + version="$(cat version)" + [ -f versiondate ] && \ + versiondate="$(cat versiondate)" + [ ! -d "bin/" ] && \ + err "init_check: no ROMs built yet (error)" + [ -d "release/" ] || \ + mkdir -p release/ || \ + err "init_check: !mkdir -p release/" + [ -d "release/${version}/" ] || \ + mkdir -p "release/${version}/" || \ + err "init_check: !mkdir -p release/${version}/" + [ ! -d "release/${version}/roms/" ] || \ + rm -Rf "release/${version}/roms/" || \ + err "init_check: !rm -Rf release/${version}/roms/" + + if [ ! -d "release/${version}/roms/" ]; then + mkdir -p "release/${version}/roms/" || \ + err "init_check: !mkdir -p release/${version}/roms/" + fi +} + +make_archive() +{ + romdir=${1} + target="${romdir##*/}" + + echo ${target} + [ -d "${romdir}/" ] || continue + + CONFIG_HAVE_MRC="y" + CONFIG_HAVE_ME_BIN="y" + CONFIG_KBC1126_FIRMWARE="y" + CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="y" + grep "CONFIG_HAVE_ME_BIN=y" "resources/coreboot/${target}/config/"* || \ + CONFIG_HAVE_ME_BIN="n" + grep "CONFIG_HAVE_MRC=y" "resources/coreboot/${target}/config/"* || \ + CONFIG_HAVE_MRC="n" + grep "CONFIG_KBC1126_FIRMWARE=y" \ + "resources/coreboot/${target}/config"/* || \ + CONFIG_KBC1126_FIRMWARE="n" + grep "CONFIG_INCLUDE_SMSC_SCH5545_EC_FW=y" \ + "resources/coreboot/${target}/config"/* || \ + CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="n" + + # remove ME/MRC/EC firmware from ROM images + if [ "${CONFIG_HAVE_ME_BIN}" = "y" ] || \ + [ "${target}" = "e6400nvidia_4mb" ]; then + strip_archive "${romdir}" + fi + + printf "Generating release/%s/roms/%s-%s_%s.tar.xz\n" \ + "${version}" "${projectname}" "${version}" "${target##*/}" + printf "%s\n" "${version}" > "${romdir}/version" || \ + err "make_archive: can't create ${romdir}/version" + printf "%s\n" "${versiondate}" > "${romdir}/versiondate" || \ + err "make_archive: can't create ${romdir}/versiondate" + printf "%s\n" "${projectname}" > "${romdir}/projectname" || \ + err "make_archive: can't create ${romdir}/projectname" + + f="release/${version}/roms/${projectname}-${version}_${target##*/}" + tar -c "${romdir}/" | xz -9e > "${f}.tar.xz" || \ + err "make_archive: can't create ${f}.tar.xz" + + if [ -d "${romdir}_tmp" ]; then + rm -Rf "${romdir}" || err "make_archive: !rm -Rf ${romdir}" + mv "${romdir}_tmp" "${romdir}" || \ + err "make_archive: !mv \"${romdir}_tmp\" \"${romdir}\"" + fi +} + +strip_archive() +{ + romdir=${1} + + [ -d "coreboot/${tree}" ] || \ + ./fetch_trees coreboot ${tree} || \ + err "strip_archive: coreboot/${tree}: can't fetch source" + ./build coreboot utils ${tree} || \ + err "strip_archive: coreboot/${tree}: can't build utils" + + # dirty hack, to reduce disk io later + # rather than using /tmp, which might not be tmpfs + rm -Rf "${romdir}_tmp" || err "strip_archive: !rm -Rf ${romdir}_tmp" + mkdir "${romdir}_tmp" || err "strip_archive: !mkdir ${romdir}_tmp" + + # Hash the rom before removing blobs + rm -f "${romdir}/blobhashes" || \ + err "strip_archive: !rm -f ${blobdir}/blobhashes" + touch "${romdir}/blobhashes" || \ + err "strip_archive: !touch ${blobdir}/blobhashes" + + ( + cd "${romdir}" || err "strip_archive: !cd ${romdir}" + sha1sum *.rom >> blobhashes || \ + err "strip_archive: ${romdir}: !sha1sum *.rom >> blobhashes" + ) + + for romfile in "${romdir}"/*.rom; do + strip_rom_image "${romfile}" + done +} + +strip_rom_image() +{ + romfile=${1} + + [ -f "${romfile}" ] || return 0 + + if [ "${CONFIG_HAVE_ME_BIN}" = "y" ]; then + "${ifdtool}" --nuke me "${romfile}" || \ + err "strip_rom_images: ${romfile}: cannot nuke Intel ME" + mv "${romfile}" "${romdir}_tmp" || \ + err "strip_rom_images: !mv ${romfile} ${romdir}_tmp" + mv "${romfile}.new" "${romfile}" || \ + err "strip_rom_images: !mv ${romfile}.new ${romfile}" + fi + + if [ "${CONFIG_HAVE_MRC}" = "y" ]; then + "${cbfstool}" "${romfile}" remove -n mrc.bin || \ + err "strip_rom_images: ${romfile}: cannot nuke mrc.bin" + "${cbfstool}" "${romfile}" print || : + fi + + if [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ]; then + "${cbfstool}" "${romfile}" remove -n ecfw1.bin || \ + err "strip_rom_images: ${romfile}: can't nuke ecfw1.bin" + "${cbfstool}" "${romfile}" remove -n ecfw2.bin || \ + err "strip_rom_images: ${romfile}: can't nuke ecfw2.bin" + fi + + [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" != "y" ] || \ + "${cbfstool}" "${romfile}" remove -n sch5545_ecfw.bin || \ + err "strip_rom_images: ${romfile}: can't nuke sch5545ec fw" + + # TODO: replace this board-specific hack + if [ "${target}" = "e6400nvidia_4mb" ]; then + "${cbfstool}" "${romfile}" remove -n "pci10de,06eb.rom" || \ + err "strip_rom_images: ${romfile}: can't nuke e6400 vga rom" + fi +} + +main $@ diff --git a/script/build/release/src b/script/build/release/src new file mode 100755 index 00000000..0db9d721 --- /dev/null +++ b/script/build/release/src @@ -0,0 +1,193 @@ +#!/usr/bin/env sh + +# helper script: generate release archive (source code) +# +# Copyright (C) 2020,2021,2023 Leah Rowe <info@minifree.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +projectname="$(cat projectname)" + +trees_fetch_list="coreboot u-boot seabios" +simple_fetch_list="flashrom grub memtest86plus me_cleaner uefitool" +simple_fetch_list="${simple_fetch_list} bios_extract biosutilities" + +# do not add blobs directory here. it's handled below +dirlist="resources util script" + +filelist="lbmk modify build README.md COPYING Makefile update version" +filelist="${filelist} versiondate projectname .gitcheck fetch fetch_trees" + +version="version-unknown" +versiondate="version-date-unknown" +reldir="" +dirname="" +srcdir="" + +printf "Building source code archive, version %s\n" "${version}" + +main() +{ + [ -f version ] && \ + version="$(cat version)" + [ -f versiondate ] && \ + versiondate="$(cat versiondate)" + + create_release_directory + download_modules + copy_files + purge_files + + create_release_archive + + printf "Source code archive available at %s.tar.xz\n\n" "${srcdir}" +} + +create_release_directory() +{ + reldir="release/${version}" + dirname="${projectname}-${version}_src" + srcdir="${reldir}/${dirname}" + + [ -d "release/" ] || mkdir -p release/ || \ + err "create_release_directory: !mkdir -p release/" + [ -d "${reldir}/" ] || mkdir -p "${reldir}/" || \ + err "create_release_directory: !mkdir -p ${reldir}/" + [ ! -d "${srcdir}/" ] || rm -Rf "${srcdir}/" || \ + err "create_release_directory: !rm -Rf ${srcdir}/" + [ ! -f "${srcdir}.tar.xz" ] || \ + rm -f "${srcdir}.tar.xz/" || \ + err "create_release_directory: !rm -f ${srcdir}.tar.xz/" + + mkdir -p "${srcdir}/" || \ + err "create_release_directory: !mkdir -p ${srcdir}/" + printf "%s" "${version}" > "${srcdir}"/version || \ + err "create_release_directory: ${srcdir}/version: can't create file" +} + +download_modules() +{ + for modname in ${trees_fetch_list}; do + [ -d "${modname}" ] || ./fetch_trees ${modname} || \ + err "download_modules: couldn't download ${modname} trees" + done + for modname in ${simple_fetch_list}; do + [ -d "${modname}/" ] || ./fetch ${modname} || \ + err "download_modules: couldn't download ${modname} repo" + done +} + +copy_files() +{ + for dir in ${simple_fetch_list} ${dirlist}; do + cp -R "${dir}/" "${srcdir}/" || \ + err "copy_files: !cp -R ${dir}/ ${srcdir}/" + done + + copy_blobs + + for i in ${filelist}; do + if [ ! -f "${i}" ]; then + rm -Rf "${srcdir}" || \ + err "copy_files: !rm -Rf ${srcdir}" + err "copy_files: file '${1}' does not exist" + fi + cp "${i}" "${srcdir}/" || \ + err "copy_files: !cp ${i} ${srcdir}/" + done +} + +copy_blobs() +{ + mkdir -p "${srcdir}"/blobs || \ + err "copy_blobs: !mkdir -p ${srcdir}/blobs" + # do not copy intel ME etc, but do copy ifd/gbe files + for i in t440p xx20 xx30 hp8200sff hp_ivybridge hp_sandybridge \ + hp8300usdt t1650; do + for j in ifd gbe 4_ifd 8_ifd 12_ifd 16_ifd; do + [ -f "blobs/${i}/${j}.bin" ] || continue + [ -e "${srcdir}/blobs/${i}" ] || \ + mkdir -p "${srcdir}/blobs/${i}" || \ + err "copy_blobs: ! -d ${srcdir}/blobs/${i}" + cp "blobs/${i}/${j}.bin" "${srcdir}/blobs/${i}" || \ + err "copy_blobs: ! -f ${srcdir}/blobs/${i}" + done + done +} + +purge_files() +{ + ( + cd "${srcdir}/" || \ + err "purge_files 3: !cd ${srcdir}/" + + for p in coreboot/*; do + [ -d "${p}" ] || continue + ./handle make file -c "${p}" || \ + err "purge_files 1: ${p}: !make distclean" + done + + ./handle make file -c coreboot/default/util/kbc1126 || \ + err "purge_files 1: default/util/kbc1126: ! make clean" + ./build clean all || \ + err "purge_files 1: ! ./build clean all" + + for p in bios_extract flashrom grub ich9utils uefitool; do + ./handle make file -c "${p}" || \ + err "purge_files: !./handle make file -c ${p}" + done + for p in 32 64; do + ./handle make file -c "memtest86plus/build${p}" || \ + err "purge_files: cannot clean memtest86+ build${p}" + done + for p in "nvmutil" "ich9utils" "spkmodem_recv" "e6400-flash-unlock"; do + make clean -C "util/${p}" || \ + + err "purge_files 2: !make clean -C ${util}/p" + done + for p in ${trees_fetch_list}; do + rm -Rf "${p}/${p}" "${p}"/*/.git* || \ + err "purge_files 1: cannot clean ${p} project files" + done + rm -Rf .git .gitignore */.git* coreboot/*/3rdparty/*/.git* \ + coreboot/*/util/nvidia/cbootimage/.git* || \ + err "purge_files rm-rf2: can't purge .git files/directories" + ) +} + +create_release_archive() +{ + ( + cd "${reldir}/" || \ + err "create_release_archive 4: !cd ${reldir}/" + printf "%s\n" "${version}" > "${dirname}/version" || \ + err "create_release_archive: can't create ${dirname}/version" + printf "%s\n" "${versiondate}" > "${dirname}/versiondate" || \ + err "create_release_archive: can't create ${dirname}/versiondate" + printf "%s\n" "${projectname}" > "${dirname}/projectname" || \ + err "create_release_archive: can't create ${dirname}/projectname" + tar -c "${dirname}/" | xz -9e >"${dirname}.tar.xz" || \ + err "create_release_archive: can't create ${dirname}.tar.xz" + rm -Rf "${dirname}/" || \ + err "create_release_archive 5: !rm -Rf ${dirname}/" + ) +} + +main $@ diff --git a/script/handle/make/config b/script/handle/make/config new file mode 100755 index 00000000..0c60285f --- /dev/null +++ b/script/handle/make/config @@ -0,0 +1,257 @@ +#!/usr/bin/env sh + +# helper script: build elf files on build systems that use defconfig/kconfig +# +# Copyright (C) 2022 Alper Nebi Yasak <alpernebiyasak@gmail.com> +# Copyright (C) 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com> +# Copyright (C) 2023 Leah Rowe <leah@libreboot.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# you could probably build *linux* with this script! + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +projectname="$(cat projectname)" +our_version="$(cat version)" + +export LOCALVERSION="-${projectname}-${our_version}" + +arch="" +cfgsdir="" +codedir="" +config="" +config_name="" +crossgcc_ada="" +elfdir="" +listfile="" +mode="" +project="" +target="" +target_dir="" +tree="" + +main() +{ + while getopts b:m:u: option + do + case "${1}" in + -b) + mode="all" + shift ;; + -u) + mode="oldconfig" + shift ;; + -m) + mode="menuconfig" + shift ;; + *) + fail "Invalid option" ;; + esac + project="${OPTARG}" + shift + done + [ -z "${mode}" ] && fail "mode not given (-m, -u or -b)" + + elfdir="elf/${project}" + + cfgsdir="resources/${project}" + [ -d "${cfgsdir}" ] || fail "directory, ${cfgsdir}, does not exist" + + listfile="${cfgsdir}/build.list" + [ -f "${listfile}" ] || fail "list file, ${listfile}, does not exist" + + # Build for all targets if no argument is given + targets=$(./build command options "${cfgsdir}") + [ $# -gt 0 ] && targets=$@ + + [ -d "${elfdir}" ] || [ "${mode}" != "all" ] || \ + mkdir -p "${elfdir}/" || fail "can't create directory ${elfdir}" + + for x in ${targets}; do + target="${x}" + printf "Running 'make %s' for project '%s, target '%s''\n" \ + "${mode}" "${project}" "${target}" + [ "${project}" != "coreboot" ] || [ "${mode}" != "all" ] || \ + ./update blobs download ${target} || fail "blobutil" + handle_defconfig || fail "error handling config file" + done + + if [ "${mode}" = "all" ]; then + printf "Done! The files are stored under %s/\n\n" "${elfdir}" + fi +} + +handle_defconfig() +{ + handle_dependencies "${target}" || \ + fail "handle_defconfig: failed call to handle_dependencies" + + for y in "${target_dir}/config"/*; do + [ -f "${y}" ] || continue + config="${y}" + config_name="${config#$target_dir/config/}" + + printf "build/defconfig/%s %s: handling config %s\n" \ + "${project}" "${target}" "${config_name}" + + [ "${mode}" != "all" ] || check_config || continue + run_make_command + [ "${mode}" != "all" ] || copy_elf + done +} + +handle_dependencies() +{ + target_dir="${cfgsdir}/${target}" + mkdir -p "${elfdir}/${target}" || \ + fail "handle_dependencies: !mkdir -p ${elfdir}/${target}" + + tree="undefined" + arch="undefined" + + [ ! -f "${target_dir}/target.cfg" ] && \ + fail "handle_dependencies: ${target_dir}: missing target.cfg" + + # Override the above defaults using target.cfg + . "${target_dir}/target.cfg" # source + + [ "${tree}" = "undefined" ] && \ + fail "handle_dependencies: ${target_dir}: tree undefined" + [ "${arch}" = "undefined" ] && \ + fail "handle_dependencies: ${target_dir}: undefined cpu type" + + codedir="${project}/${tree}" + [ -d "${codedir}" ] || \ + ./fetch_trees "${project}" "${target}" || \ + fail "handle_dependencies: can't fetch ${project}/${target}" + + # u-boot and coreboot are both compiled with coreboot's crossgcc + if [ "${project}" = "coreboot" ] || [ "${project}" = "u-boot" ]; then + [ "${mode}" != "all" ] || check_cross_compiler || \ + fail "handle_dependencies ${project}/${target}: crossgcc" + fi +} + +# set up cross-compiler (coreboot crossgcc) for u-boot and coreboot +# (seabios and grub currently use hostcc, not crossgcc) +check_cross_compiler() +{ + [ "${crossgcc_ada}" = "y" ] || [ "${crossgcc_ada}" = "n" ] || \ + crossgcc_ada="y" + [ "${crossgcc_ada}" != "y" ] && \ + export BUILD_LANGUAGES=c + + cbdir="coreboot/${tree}" + [ "${project}" != "coreboot" ] && \ + cbdir="coreboot/default" # not u-boot (e.g. linux will use it) + [ "${project}" = "u-boot" ] && \ + cbdir="coreboot/cros" # u-boot only used on coreboot/cros + # only true if not building coreboot: + ctarget="${cbdir#coreboot/}" + [ -d "${cbdir}" ] || \ + ./fetch_trees coreboot ${ctarget} || \ + fail "check_cross_compiler: can't fetch coreboot/${ctarget}" + + if [ "${arch}" = "x86_32" ] || [ "${arch}" = "x86_64" ]; then + [ -d "${cbdir}/util/crossgcc/xgcc/i386-elf/" ] || \ + make -C "${cbdir}" crossgcc-i386 CPUS=$(nproc) || \ + return 1 + case "$(uname -m)" in + x86*|i*86|amd64) : ;; + *) export CROSS_COMPILE=i386-elf- ;; + esac + elif [ "${arch}" = "ARMv7" ]; then + [ -d "${cbdir}/util/crossgcc/xgcc/arm-eabi/" ] || \ + make -C "${cbdir}" crossgcc-arm CPUS=$(nproc) || \ + return 1 + case "$(uname -m)" in + arm|arm32|armv6*|armv7*) : ;; + *) export CROSS_COMPILE=arm-eabi- ;; + esac + elif [ "${arch}" = "AArch64" ]; then + [ -d "${cbdir}/util/crossgcc/xgcc/aarch64-elf/" ] || \ + make -C "${cbdir}" crossgcc-aarch64 CPUS=$(nproc) || \ + return 1 + # aarch64 also needs armv7 toolchain for arm-trusted-firmware + [ -d "${cbdir}/util/crossgcc/xgcc/arm-eabi/" ] || \ + make -C "${cbdir}" crossgcc-arm CPUS=$(nproc) || \ + return 1 + case "$(uname -m)" in + arm64|aarch64) : ;; + *) export CROSS_COMPILE=aarch64-elf- ;; + esac + fi + + # we *must* ensure that u-boot's build system uses crossgcc first + export PATH="$(pwd)/${cbdir}/util/crossgcc/xgcc/bin:$PATH" +} + +check_config() +{ + [ ! -f "${config}" ] && \ + fail "check_config: ${project}/${target}: configs missing" + + dest_dir="${elfdir}/${target}/${config_name}" + # TODO: very hacky check. do it properly (based on build.list) + for elftest in "${dest_dir}"/*; do + if [ -f "${elftest}" ]; then + printf "Build already exists, so skipping build\n" 1>&2 + return 1 + fi + done + mkdir -p "${dest_dir}" || \ + fail "check_config: cannot mkdir: ${dest_dir}" +} + +run_make_command() +{ + ./handle make file -c "${codedir}" || \ + fail "run_make_command: make distclean/clean failed" + + cp "${config}" "${codedir}/.config" || \ + fail "run_make_command: can't copy config for: ${project}/${target}" + [ "${mode}" != "all" ] || make -C "${codedir}" silentoldconfig || \ + make -C "${codedir}" oldconfig || : # don't error on oldconfig + + if [ "${project}" = "coreboot" ] && [ "${mode}" = "all" ]; then + printf "%s\n" "${our_version}" >"${codedir}/.coreboot-version" \ + || fail "run_make_command: ${codedir}: can't set version" + fi + make -C "${codedir}" -j$(nproc) ${mode} || \ + fail "run_make_command: make-all: ${codedir} (${project}/${target})" +} + +copy_elf() +{ + for f in $(cat "${listfile}"); do + [ ! -f "${codedir}/$f" ] || \ + cp "${codedir}/${f}" "${dest_dir}/" || \ + fail "copy_elf: cannot copy elf file" + done + + ./handle make file -c "${codedir}" || \ + fail "copy_elf: clean: ${codedir} (${project}/${target})" +} + +fail() +{ + [ -z "${codedir}" ] || ./handle make file -c "${codedir}" || : + err "${1}" +} + +main $@ diff --git a/script/handle/make/file b/script/handle/make/file new file mode 100755 index 00000000..855ea1c4 --- /dev/null +++ b/script/handle/make/file @@ -0,0 +1,80 @@ +#!/usr/bin/env sh + +# helper script: build utils used by lbmk +# +# Copyright (C) 2023 Leah Rowe <info@minifree.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +mode="" +project="" + +main() +{ + while getopts b:c: option + do + case "${1}" in + -b) + shift ;; + -c) + mode="distclean" + shift ;; + *) + err "Invalid option" ;; + esac + project="${OPTARG}" + shift + done + + [ -z "${project}" ] && err "project name not specified" + [ "${project}" = "ich9utils" ] && project="util/ich9utils" + + handle_dependencies + run_make_command +} + +handle_dependencies() +{ + [ -d "${project}" ] || ./fetch "${project%/*}" || \ + err "handle_dependencies: can't fetch ${project%/*}" + [ -d "${project}" ] || \ + err "handle_dependencies: ${project%/*} not downloaded" + + if [ "${project}" = "uefitool" ]; then + ( + cd uefitool || err "handle_dependencies: !cd uefitool" + cmake UEFIExtract/ || \ + err "handle_dependencies: !cmake UEFIExtract/" + ) + fi +} + +run_make_command() +{ + if [ -z "${mode}" ]; then + make -C "${project}" -j$(nproc) || \ + err "run_make_command: !make -C ${project}" + else + make -C "${project}" distclean || make -C "${project}" clean \ + || err "run_make_command: ${project}: make-clean failed" + fi +} + +main $@ diff --git a/script/misc/versioncheck b/script/misc/versioncheck new file mode 100755 index 00000000..73fbb140 --- /dev/null +++ b/script/misc/versioncheck @@ -0,0 +1,48 @@ +#!/usr/bin/env sh + +# Copyright (C) 2021 Leah Rowe <info@minifree.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u + +. "include/err.sh" + +project="$(cat projectname)" + +version="version-unknown" +[ -f version ] && version="$(cat version)" +version_="${version}" +if [ -e ".git" ]; then + version="$(git describe --tags HEAD 2>&1)" || \ + version="git-$(git rev-parse HEAD 2>&1)" || \ + version="${version_}" + printf "%s\n" "${version}" > version +fi + +versiondate="version-date-unknown" +[ -f versiondate ] && versiondate="$(cat versiondate)" +versiondate_="${versiondate}" +if [ -e ".git" ]; then + versiondate="$(git show --no-patch --no-notes --pretty='%ct' HEAD)" || \ + versiondate="${versiondate_}" + printf "%s\n" "${versiondate}" > versiondate +fi + +if [ "${versiondate}" = "version-date-unknown" ] || \ + [ "${version}" = "version-unknown" ]; then + err "cannot determine ${projectname} revision" +fi diff --git a/script/update/blobs/download b/script/update/blobs/download new file mode 100755 index 00000000..3df460d4 --- /dev/null +++ b/script/update/blobs/download @@ -0,0 +1,516 @@ +#!/usr/bin/env sh + +# SPDX-FileCopyrightText: 2022 Caleb La Grange <thonkpeasant@protonmail.com> +# SPDX-FileCopyrightText: 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com> +# SPDX-FileCopyrightText: 2023 Leah Rowe <info@minifree.org> +# SPDX-License-Identifier: GPL-3.0-only + +. "include/err.sh" + +agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0" + +ec_url="" +ec_url_bkup="" +ec_hash="" +dl_hash="" +dl_url="" +dl_url_bkup="" +dl_path="" +e6400_vga_dl_hash="" +e6400_vga_dl_url="" +e6400_vga_dl_url_bkup="" +e6400_vga_offset="" +e6400_vga_romname="" +sch5545ec_dl_url="" +sch5545ec_dl_url_bkup="" +sch5545ec_dl_hash="" + +cbdir="coreboot/default" +cbcfgsdir="resources/coreboot" +boarddir="" +blobdir="blobs" +appdir="${blobdir}/app" +_7ztest="a" +mecleaner="$(pwd)/me_cleaner/me_cleaner.py" +e6400_unpack="$(pwd)/bios_extract/dell_inspiron_1100_unpacker.py" +me7updateparser="$(pwd)/resources/blobs/me7_update_parser.py" +kbc1126_ec_dump="$(pwd)/${cbdir}/util/kbc1126/kbc1126_ec_dump" +board="" +pfs_extract="$(pwd)/biosutilities/Dell_PFS_Extract.py" +uefiextract="$(pwd)/uefitool/uefiextract" +_b="" # board shorthand without e.g. _4mb (avoid duplication per flash size) + +CONFIG_HAVE_MRC="" +CONFIG_HAVE_IFD_BIN="" +CONFIG_HAVE_ME_BIN="" +CONFIG_HAVE_GBE_BIN="" +CONFIG_KBC1126_FIRMWARE="" +CONFIG_BOARD_DELL_E6400="" +CONFIG_VGA_BIOS_FILE="" +CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="" +CONFIG_SMSC_SCH5545_EC_FW_FILE="" + +main() +{ + [ $# -gt 0 ] || \ + err "No argument given" + + board="${1}" + boarddir="${cbcfgsdir}/${board}" + + [ -d "${boarddir}" ] || \ + err "Board target, ${board}, not defined" + [ -f "${boarddir}/target.cfg" ] || \ + err "Target missing target.cfg" + + no_config="printf \"No config for target, %s\\n\" ${board} 1>&2; exit 0" + for x in "${boarddir}"/config/*; do + [ -f "${x}" ] && no_config="" + done + eval "${no_config}" + + detect_firmware || exit 0 + scan_sources_config + + build_dependencies + download_blobs +} + +detect_firmware() +{ + set -- "${boarddir}/config/"* + . "${1}" + . "${boarddir}/target.cfg" + + [ "${CONFIG_HAVE_MRC}" = "y" ] && needs="${needs} MRC" + [ "${CONFIG_HAVE_IFD_BIN}" = "y" ] && needs="${needs} IFD" + [ "${CONFIG_HAVE_ME_BIN}" = "y" ] && needs="${needs} ME" + [ "${CONFIG_HAVE_GBE_BIN}" = "y" ] && needs="${needs} GBE" + [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ] && needs="${needs} EC" + [ "${CONFIG_BOARD_DELL_E6400}" = "y" ] && \ + [ "${CONFIG_VGA_BIOS_FILE}" != "" ] && needs="${needs} E6400VGA" + [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ] && \ + needs="${needs} SCH5545EC" + [ -z ${needs+x} ] && \ + printf "No binary blobs needed for this board\n" && \ + return 1 + printf "Firmware needed for board '%s':\n%s\n" "${board}" "${needs}" +} + +scan_sources_config() +{ + # Shorthand (avoid duplicating configs per flash size) + _b=${board%%_*mb} + + awkstr=" /\{.*${_b}.*}{/ {flag=1;next} /\}/{flag=0} flag { print }" + + while read -r line ; do + case ${line} in + EC_url_bkup*) + set ${line} + ec_url_bkup=${2} ;; + EC_url*) + set ${line} + ec_url=${2} ;; + EC_hash*) + set ${line} + ec_hash=${2} ;; + DL_hash*) + set ${line} + dl_hash=${2} ;; + DL_url_bkup*) + set ${line} + dl_url_bkup=${2} ;; + DL_url*) + set ${line} + dl_url=${2} ;; + E6400_VGA_DL_hash*) + set ${line} + e6400_vga_dl_hash=${2} ;; + E6400_VGA_DL_url_bkup*) + set ${line} + e6400_vga_dl_url_bkup=${2} ;; + E6400_VGA_DL_url*) + set ${line} + e6400_vga_dl_url=${2} ;; + E6400_VGA_offset*) + set ${line} + e6400_vga_offset=${2} ;; + E6400_VGA_romname*) + set ${line} + e6400_vga_romname=${2} ;; + SCH5545EC_DL_hash*) + set ${line} + sch5545ec_dl_hash=${2} ;; + SCH5545EC_DL_url_bkup*) + set ${line} + sch5545ec_dl_url_bkup=${2} ;; + SCH5545EC_DL_url*) + set ${line} + sch5545ec_dl_url=${2} ;; + esac + done << EOF + $(eval "awk '${awkstr}' resources/blobs/sources") +EOF +} + +build_dependencies() +{ + [ -d ${cbdir} ] || \ + ./fetch_trees coreboot ${cbdir##*/} || \ + err "build_dependencies: can't fetch ${cbdir}" + for d in uefitool biosutilities bios_extract me_cleaner; do + [ -d "${d}" ] && continue + ./fetch "${d}" || \ + err "build_dependencies: can't fetch ${d}" + done + [ -f uefitool/uefiextract ] || \ + ./handle make file -b uefitool || \ + err "build_dependencies: can't build uefitool" + if [ ! -f "${cbdir}/util/kbc1126/kbc1126_ec_dump" ]; then + make -BC "${cbdir}/util/kbc1126" || \ + err "build_dependencies: can't build kbc1126_ec_dump" + fi +} + +download_blobs() +{ + for need in ${needs}; do + case ${need} in + *ME*) + download_blob_intel_me || _failed="${_failed} me" ;; + *SCH5545EC*) + download_sch5545ec || failed="${_failed} sch5545ec" ;; + *EC*) + download_ec || _failed="${_failed} ec" ;; + *E6400VGA*) + download_e6400vga || _failed="${_failed} e6400vga" ;; + *MRC*) + ./update blobs mrc || _failed="${_failed} mrc" ;; + esac + done + + if [ ! -z ${_failed+x} ]; then + err "download_blobs: can't download blobs: ${_failed}\n" + fi +} + +download_blob_intel_me() +{ + printf "Downloading neutered ME for board: %s\n" ${board} + + fetch_update me || return 1 + extract_blob_intel_me || return 1 +} + +extract_blob_intel_me() +{ + printf "Extracting neutered ME for ${board}\n" + + _me_destination=${CONFIG_ME_BIN_PATH#../../} + + [ -d "${_me_destination%/*}" ] || \ + mkdir -p "${_me_destination%/*}" || \ + err "extract_blob_intel_me: mkdir ${_me_destination%/*}" + [ ! -d "${appdir}" ] || \ + rm -Rf "${appdir}" || \ + err "extract_blob_intel_me: can't rm -Rf \"${appdir}\"" + if [ -f "${_me_destination}" ]; then + printf "Intel ME firmware already downloaded\n" 1>&2 + return 0 + fi + + printf "Extracting and stripping Intel ME firmware\n" + + innoextract "${dl_path}" -d "${appdir}" || \ + 7z x "${dl_path}" -o"${appdir}" || \ + unar "${dl_path}" -o "${appdir}" || \ + err "extract_blob_intel_me: could not extract vendor update" + + bruteforce_extract_blob_intel_me "$(pwd)/${_me_destination}" \ + "$(pwd)/${appdir}" || \ + err "extract_blob_intel_me: could not extract Intel ME firmware" + + [ -f "${_me_destination}" ] || \ + err "extract_blob_intel_me, ${board}: me.bin missing" + + printf "Truncated and cleaned me output to: %s\n" "${_me_destination}" +} + +# cursed, carcinogenic code. TODO rewrite it better +bruteforce_extract_blob_intel_me() +{ + _me_destination="${1}" + cdir="${2}" # must be an absolute path, not relative + + [ -f "${_me_destination}" ] && return 0 + + sdir="$(mktemp -d)" + mkdir -p "${sdir}" || return 1 + + ( + printf "Entering %s\n" "${cdir}" + cd "${cdir}" || \ + err "bruteforce_extract_blob_intel_me: can't cd \"${cdir}\"" + for i in *; do + if [ -f "${_me_destination}" ]; then + # me.bin found, so avoid needless further traversal + break + elif [ -L "${i}" ]; then + # symlinks are a security risk, in this context + continue + elif [ -f "${i}" ]; then + "${mecleaner}" -r -t -O "${sdir}/vendorfile" \ + -M "${_me_destination}" "${i}" \ + && break # (we found me.bin) + "${mecleaner}" -r -t -O "${_me_destination}" "${i}" \ + && break # (we found me.bin) + "${me7updateparser}" -O "${_me_destination}" "${i}" \ + && break # (we found me.bin) + _7ztest="${_7ztest}a" + 7z x "${i}" -o"${_7ztest}" \ + || innoextract "${i}" -d "${_7ztest}" \ + || unar "${i}" -o "${_7ztest}" \ + || continue + bruteforce_extract_blob_intel_me "${_me_destination}" \ + "${cdir}/${_7ztest}" + elif [ -d "$i" ]; then + bruteforce_extract_blob_intel_me "${_me_destination}" \ + "${cdir}/${i}" + else + printf "SKIPPING: %s\n" "${i}" + continue + fi + cdir="${1}" + cd "${cdir}" # audit note: we already checked this (see above) + done + ) + + rm -Rf "${sdir}" || \ + err "bruteforce_extract_blob_intel_me: can't rm -Rf \"${sdir}\"" +} + +download_ec() +{ + printf "Downloading KBC1126 EC firmware for HP laptop\n" + + fetch_update ec || return 1 + extract_blob_kbc1126_ec || return 1 +} + +extract_blob_kbc1126_ec() +{ + printf "Extracting KBC1126 EC firmware for board: %s\n" ${board} + + _ec_destination=${CONFIG_KBC1126_FW1#../../} + + [ -d "${_ec_destination%/*}" ] || \ + mkdir -p "${_ec_destination%/*}" || \ + err "extract_blob_kbc1126_ec: !mkdir ${_ec_destination%/*}" + [ ! -d "${appdir}" ] || \ + rm -Rf "${appdir}" || \ + err "extract_blob_kbc1126_ec: !rm -Rf ${appdir}" + if [ -f "${_ec_destination}" ]; then + printf "KBC1126 EC firmware already downloaded\n" 1>&2 + return 0 + fi + + unar "${dl_path}" -o "${appdir}" || \ + err "extract_blob_kbc1126_ec: !unar \"${dl_path}\" -o \"${appdir}\"" + + ( + cd "${appdir}/${dl_path##*/}" || \ + err "extract_blob_kbc1126_ec: !cd \"${appdir}/${dl_path##*/}\"" + + mv Rompaq/68*.BIN ec.bin || : + if [ ! -f ec.bin ]; then + unar -D ROM.CAB Rom.bin || \ + unar -D Rom.CAB Rom.bin || \ + unar -D 68*.CAB Rom.bin || \ + err "extract_blob_kbc1126_ec: can't extract ec.bin" + mv Rom.bin ec.bin || \ + err "extract_blob_kbc1126_ec: *didn't* extract ec.bin" + fi + [ -f ec.bin ] || \ + err "extract_blob_kbc1126_ec: ${board}: can't extract ec.bin" + + "${kbc1126_ec_dump}" ec.bin || \ + err "extract_blob_kbc1126_ec: ${board}: can't extract ecfw1/2.bin" + ) + + ec_ex="y" + for i in 1 2; do + [ -f "${appdir}/${dl_path##*/}/ec.bin.fw${i}" ] || ec_ex="n" + done + [ "${ec_ex}" = "y" ] || \ + err "extract_blob_kbc1126_ec: ${board}: didn't extract ecfw1/2.bin" + + cp "${appdir}/${dl_path##*/}"/ec.bin.fw* "${_ec_destination%/*}/" || \ + err "extract_blob_kbc1126_ec: cant mv ecfw1/2 ${_ec_destination%/*}" +} + +download_e6400vga() +{ + printf "Downloading Nvidia VGA ROM for Dell Latitude E6400\n" + + fetch_update e6400vga || return 1 + extract_e6400vga || return 1 +} + +extract_e6400vga() +{ + printf "Extracting Nvidia VGA ROM for ${board}\n" + + _vga_destination=${CONFIG_VGA_BIOS_FILE#../../} + + if [ -f "${_vga_destination}" ]; then + printf "extract_e6400vga: vga rom already downloaded\n" 1>&2 + return 0 + fi + [ -d "${_vga_destination%/*}" ] || \ + mkdir -p "${_vga_destination%/*}" || \ + err "extract_e6400vga: can't mkdir ${_vga_destination%/*}" + [ ! -d "${appdir}" ] || \ + rm -Rf "${appdir}" || \ + err "extract_e6400vga: can't rm -Rf ${appdir}" + + mkdir -p "${appdir}" || \ + err "extract_e6400vga: can't mkdir ${appdir}" + cp "${dl_path}" "${appdir}" || \ + err "extract_e6400vga: can't copy vendor update" + + [ "${e6400_vga_offset}" = "" ] && \ + err "extract_e6400vga: E6400 VGA offset not defined" + [ "${e6400_vga_romname}" = "" ] && \ + err "extract_e6400vga: E6400 VGA ROM name not defined" + + ( + cd "${appdir}" || \ + err "extract_e6400vga: can't cd ${appdir}" + tail -c +${e6400_vga_offset} "${dl_path##*/}" | gunzip > bios.bin || \ + err "extract_e6400vga: can't gunzip > bios.bin" + + [ -f "bios.bin" ] || \ + err "extract_e6400vga: can't extract bios.bin from update" + "${e6400_unpack}" bios.bin || printf "TODO: fix dell extract util\n" + [ -f "${e6400_vga_romname}" ] || \ + err "extract_e6400vga: can't extract vga rom from bios.bin" + ) + + cp "${appdir}"/"${e6400_vga_romname}" "${_vga_destination}" || \ + err "extract_e6400vga: can't copy vga rom to ${_vga_destination}" + + printf "E6400 Nvidia ROM saved to: %s\n" "${_vga_destination}" +} + +download_sch5545ec() +{ + printf "Downloading SMSC SCH5545 Environment Controller firmware\n" + + fetch_update sch5545ec || return 1 + extract_sch5545ec || return 1 +} + +# TODO: this code is cancer. hardcoded is bad, and stupid. +# TODO: make it *scan* (based on signature, in each file) +extract_sch5545ec() +{ + printf "Extracting SCH5545 Environment Controller firmware for '%s'\n" \ + ${board} + + _sch5545ec_destination=${CONFIG_SMSC_SCH5545_EC_FW_FILE#../../} + + if [ -f "${_sch5545ec_destination}" ]; then + printf "sch5545 firmware already downloaded\n" 1>&2 + return 0 + fi + + [ ! -d "${appdir}" ] || rm -Rf "${appdir}" || \ + err "extract_sch5545ec: can't remove ${appdir}" + + mkdir -p "${appdir}/" || err "extract_sch5545ec: !mkdir ${appdir}" + cp "${dl_path}" "${appdir}/" || \ + err "extract_sch5545ec: can't copy vendor update file" + python "${pfs_extract}" "${appdir}/${dlsum}" -e || \ + err "extract_sch5545ec: can't extract from vendor update" + + # full system ROM (UEFI), to extract with UEFIExtract: + _bios="${appdir}/${dlsum}_extracted/Firmware" + _bios="${_bios}/1 ${dlsum} -- 1 System BIOS vA.28.bin" + + # this is the SCH5545 firmware, inside of the extracted UEFI ROM: + _sch5545ec_fw="${_bios}.dump/4 7A9354D9-0468-444A-81CE-0BF617D890DF" + _sch5545ec_fw="${_sch5545ec_fw}/54 D386BEB8-4B54-4E69-94F5-06091F67E0D3" + _sch5545ec_fw="${_sch5545ec_fw}/0 Raw section/body.bin" # <-- this! + + # this makes the file defined by _sch5545ec_fw available to copy + "${uefiextract}" "${_bios}" || \ + err "extract_sch5545ec: cannot extract from uefi image" + + cp "${_sch5545ec_fw}" "${_sch5545ec_destination}" || \ + err "extract_sch5545ec: cannot copy sch5545ec firmware file" +} + +fetch_update() +{ + printf "Fetching vendor update for board: %s\n" "${board}" + + fw_type="${1}" + dl="" + dl_bkup="" + dlsum="" + if [ "${fw_type}" = "me" ]; then + dl=${dl_url} + dl_bkup=${dl_url_bkup} + dlsum=${dl_hash} + elif [ "${fw_type}" = "ec" ]; then + dl=${ec_url} + dl_bkup=${ec_url_bkup} + dlsum=${ec_hash} + elif [ "${fw_type}" = "e6400vga" ]; then + dl=${e6400_vga_dl_url} + dl_bkup=${e6400_vga_dl_url_bkup} + dlsum=${e6400_vga_dl_hash} + elif [ "${fw_type}" = "sch5545ec" ]; then + dl="${sch5545ec_dl_url}" + dl_bkup="${sch5545ec_dl_url_bkup}" + dlsum="${sch5545ec_dl_hash}" + else + err "fetch_update: Unsupported download type: ${fw_type}" + fi + + [ -z "${dl_url+x}" ] && [ "${fw_type}" != "e6400vga" ] && \ + err "fetch_update ${fw_type}: dl_url unspecified for: ${board}" + + dl_path="${blobdir}/cache/${dlsum}" + mkdir -p "${blobdir}/cache" || err "fetch_update: !mkdir ${blobdir}/cache" + + dl_fail="y" + vendor_checksum "${dlsum}" && dl_fail="n" + for x in "${dl}" "${dl_bkup}"; do + [ "${dl_fail}" = "n" ] && break + [ -z "${x}" ] && continue + rm -f "${dl_path}" || \ + err "fetch_update ${fw_type}: !rm -f ${dl_path}" + wget -U "${agent}" "${x}" -O "${dl_path}" || continue + vendor_checksum "${dlsum}" && dl_fail="n" + done + if [ "${dl_fail}" = "y" ]; then + printf "ERROR: invalid vendor updates for: %s\n" "${board}" 1>&2 + err "fetch_update ${fw_type}: matched vendor update unavailable" + fi +} + +vendor_checksum() +{ + if [ ! -f "${dl_path}" ]; then + printf "Vendor update not found on disk for: %s\n" "${board}" \ + 1>&2 + return 1 + elif [ "$(sha1sum ${dl_path} | awk '{print $1}')" != "${1}" ]; then + printf "Bad checksum on vendor update for: %s\n" "${board}" 1>&2 + return 1 + fi +} + +main $@ diff --git a/script/update/blobs/extract b/script/update/blobs/extract new file mode 100755 index 00000000..fa76dfb5 --- /dev/null +++ b/script/update/blobs/extract @@ -0,0 +1,122 @@ +#!/usr/bin/env sh +# script to automate extracting blobs from an existing vendor bios + +# SPDX-FileCopyrightText: 2022 Caleb La Grange <thonkpeasant@protonmail.com> +# SPDX-FileCopyrightText: 2023 Leah Rowe <leah@libreboot.org> +# SPDX-License-Identifier: GPL-3.0-only + +. "include/err.sh" + +sname="" +board="" +vendor_rom="" + +cbdir="coreboot/default" +cbcfgsdir="resources/coreboot" +ifdtool="${cbdir}/util/ifdtool/ifdtool" +mecleaner="me_cleaner/me_cleaner.py" +me7updateparser="resources/blobs/me7_update_parser.py" + +boarddir="" + +CONFIG_HAVE_MRC="" +CONFIG_ME_BIN_PATH="" +CONFIG_GBE_BIN_PATH="" +CONFIG_IFD_BIN_PATH="" + +_me_destination="" +_gbe_destination="" +_ifd_destination="" + +main() +{ + sname=${0} + [ $# -lt 2 ] && err "Missing arguments (fewer than two)." + + board="${1}" + vendor_rom="${2}" + boarddir="${cbcfgsdir}/${board}" + + check_board + build_dependencies + extract_blobs +} + +check_board() +{ + if [ ! -f "${vendor_rom}" ]; then + err "check_board: ${board}: file does not exist: ${vendor_rom}" + elif [ ! -d "${boarddir}" ]; then + err "check_board: ${board}: target not defined" + elif [ ! -f "${boarddir}/target.cfg" ]; then + err "check_board: ${board}: missing target.cfg" + fi +} + +build_dependencies() +{ + if [ ! -d me_cleaner ]; then + ./fetch me_cleaner || \ + err "build_dependencies: can't fetch me_cleaner" + elif [ ! -d "${cbdir}" ]; then + ./fetch_trees coreboot default || \ + err "build_dependencies: can't fetch coreboot" + elif [ ! -f "${ifdtool}" ]; then + make -C "${ifdtool%/ifdtool}" || \ + err "build_dependencies: can't build ifdtool" + fi +} + +extract_blobs() +{ + printf "extracting blobs for %s from %s\n" ${board} ${vendor_rom} + + set -- "${boarddir}/config/"* + . "${1}" + . "${boarddir}/target.cfg" + + [ "$CONFIG_HAVE_MRC" != "y" ] || \ + ./update blobs mrc || err "extract_blobs: can't fetch mrc" + + _me_destination=${CONFIG_ME_BIN_PATH#../../} + _gbe_destination=${CONFIG_GBE_BIN_PATH#../../} + _ifd_destination=${CONFIG_IFD_BIN_PATH#../../} + + extract_blob_intel_me + extract_blob_intel_gbe_nvm + + # Cleans up other files extracted with ifdtool + rm -f flashregion*.bin || err "extract_blobs: !rm -f flashregion*.bin" + + [ -f "${_ifd_destination}" ] || err "extract_blobs: Cannot extract IFD" + printf "gbe, ifd, and me extracted to %s\n" "${_me_destination%/*}" +} + +extract_blob_intel_me() +{ + printf "extracting clean ime and modified ifd\n" + + "${mecleaner}" -D "${_ifd_destination}" \ + -M "${_me_destination}" "${vendor_rom}" -t -r -S || \ + "${me7updateparser}" \ + -O "${_me_destination}" "${vendor_rom}" || \ + err "extract_blob_intel_me: cannot extract from vendor rom" +} + +extract_blob_intel_gbe_nvm() +{ + printf "extracting gigabit ethernet firmware" + ./"${ifdtool}" -x "${vendor_rom}" || \ + err "extract_blob_intel_gbe_nvm: cannot extract gbe.bin from rom" + mv flashregion*gbe.bin "${_gbe_destination}" || \ + err "extract_blob_intel_gbe_nvm: cannot move gbe.bin" +} + +print_help() +{ + printf "Usage: ./update blobs extract {boardname} {path/to/vendor_rom}\n" + printf "Example: ./update blobs extract x230 12mb_flash.bin\n" + printf "\nYou need to specify exactly 2 arguments\n" +} + +main $@ diff --git a/script/update/blobs/inject b/script/update/blobs/inject new file mode 100755 index 00000000..bc6b55c9 --- /dev/null +++ b/script/update/blobs/inject @@ -0,0 +1,362 @@ +#!/usr/bin/env sh + +# SPDX-FileCopyrightText: 2022 Caleb La Grange <thonkpeasant@protonmail.com> +# SPDX-FileCopyrightText: 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com> +# SPDX-FileCopyrightText: 2023 Leah Rowe <info@minifree.org> +# SPDX-License-Identifier: GPL-3.0-only + +. "include/err.sh" + +sname="" +archive="" +_filetype="" +rom="" +board="" +modifygbe="" +new_mac="" +release="" +releasearchive="" + +cbdir="coreboot/default" +cbcfgsdir="resources/coreboot" +ifdtool="cbutils/default/ifdtool" +cbfstool="cbutils/default/cbfstool" +nvmutil="util/nvmutil/nvm" +boarddir="" +pciromsdir="pciroms" + +CONFIG_HAVE_MRC="" +CONFIG_HAVE_ME_BIN="" +CONFIG_ME_BIN_PATH="" +CONFIG_KBC1126_FIRMWARE="" +CONFIG_KBC1126_FW1="" +CONFIG_KBC1126_FW1_OFFSET="" +CONFIG_KBC1126_FW2="" +CONFIG_KBC1126_FW2_OFFSET="" +CONFIG_VGA_BIOS_FILE="" +CONFIG_VGA_BIOS_ID="" +CONFIG_GBE_BIN_PATH="" +CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="" +CONFIG_SMSC_SCH5545_EC_FW_FILE="" + +main() +{ + sname="${0}" + + [ $# -lt 1 ] && err "No options specified." + [ "${1}" = "listboards" ] && \ + ./build command options resources/coreboot && exit 0 + + archive="${1}" + + while getopts r:b:m: option + do + case "${option}" in + r) + rom=${OPTARG} ;; + b) + board=${OPTARG} ;; + m) + modifygbe=true + new_mac=${OPTARG} ;; + esac + done + + check_board + build_dependencies + inject_blobs + + printf "Friendly reminder (this is *not* an error message):\n" + printf "Please always ensure that the files were inserted correctly.\n" + printf "Read: https://libreboot.org/docs/install/ivy_has_common.html\n" +} + +check_board() +{ + if ! check_release "${archive}" ; then + [ -f "${rom}" ] || \ + err "check_board: \"${rom}\" is not a valid path" + [ -z ${rom+x} ] && \ + err "check_board: no rom specified" + [ ! -z ${board+x} ] || \ + board=$(detect_board "${rom}") + else + release=true + releasearchive="${archive}" + board=$(detect_board "${archive}") + fi + + boarddir="${cbcfgsdir}/${board}" + if [ ! -d "${boarddir}" ]; then + err "check_board: board ${board} not found" + fi +} + +check_release() +{ + [ -f "${archive}" ] || return 1 + [ "${archive##*.}" = "xz" ] || return 1 + printf "%s\n" "Release archive ${archive} detected" +} + +# This function tries to determine the board from the filename of the rom. +# It will only succeed if the filename is not changed from the build/download +detect_board() +{ + path="${1}" + filename=$(basename ${path}) + case ${filename} in + grub_*) + board=$(echo "${filename}" | cut -d '_' -f2-3) ;; + seabios_withgrub_*) + board=$(echo "${filename}" | cut -d '_' -f3-4) ;; + *.tar.xz) + _stripped_prefix=${filename#*_} + board="${_stripped_prefix%.tar.xz}" ;; + *) + err "detect_board: could not detect board type" + esac + [ -d "${boarddir}/" ] || \ + err "detect_board: dir, ${boarddir}, doesn't exist" + printf '%s\n' "${board}" +} + +build_dependencies() +{ + [ -d "${cbdir}" ] || ./fetch_trees coreboot default + ./build coreboot utils default || \ + err "build_dependencies: could not build cbutils" + ./update blobs download ${board} || \ + err "build_dependencies: Could not download blobs for ${board}" +} + +inject_blobs() +{ + if [ "${release}" = "true" ]; then + printf "patching release file\n" + patch_release_roms + else + patch_rom "${rom}" || \ + err "inject_blobs: could not patch ${x}" + fi +} + +patch_release_roms() +{ + _tmpdir=$(mktemp -d "/tmp/${board}_tmpXXXX") + tar xf "${releasearchive}" -C "${_tmpdir}" || \ + err "patch_release_roms: could not extract release archive" + + for x in "${_tmpdir}"/bin/*/*.rom ; do + echo "patching rom $x" + patch_rom "${x}" || err "patch_release_roms: could not patch ${x}" + done + + ( + cd "${_tmpdir}"/bin/* + sha1sum --status -c blobhashes || \ + err "patch_release_roms: ROMs did not match expected hashes" + ) + + if [ "${modifygbe}" = "true" ]; then + for x in "${_tmpdir}"/bin/*/*.rom ; do + modify_gbe "${x}" + done + fi + + [ -d bin/release ] || mkdir -p bin/release || \ + err "patch_release_roms: !mkdir -p bin/release" + mv "${_tmpdir}"/bin/* bin/release/ || \ + err "patch_release_roms: !mv ${_tmpdir}/bin/* bin/release/" + + printf "Success! Your ROMs are in bin/release\n" + + rm -Rf "${_tmpdir}" || err "patch_release_roms: !rm -Rf ${_tmpdir}" +} + +patch_rom() +{ + rom="${1}" + + no_config="printf \"No configs on target, %s\\n\" ${board} 1>&2; exit 1" + for x in "${boarddir}"/config/*; do + [ -f "${x}" ] && no_config="" + done + eval "${no_config}" + + [ -f "${boarddir}/target.cfg" ] || \ + err "patch_rom: file missing: ${boarddir}/target.cfg" + + set -- "${boarddir}/config/"* + . "${1}" + . "${boarddir}/target.cfg" + + [ "$CONFIG_HAVE_MRC" = "y" ] && \ + inject_blob_intel_mrc "${rom}" + [ "${CONFIG_HAVE_ME_BIN}" = "y" ] && \ + inject_blob_intel_me "${rom}" + [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ] && \ + inject_blob_hp_kbc1126_ec "${rom}" + [ "${CONFIG_VGA_BIOS_FILE}" != "" ] && \ + [ "${CONFIG_VGA_BIOS_ID}" != "" ] && \ + inject_blob_dell_e6400_vgarom_nvidia + [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ] && \ + [ "${CONFIG_SMSC_SCH5545_EC_FW_FILE}" != "" ] && \ + inject_blob_smsc_sch5545_ec "${rom}" + [ "${modifygbe}" = "true" ] && ! [ "${release}" = "true" ] && \ + modify_gbe "${rom}" + + printf "ROM image successfully patched: %s\n" "${rom}" +} + +inject_blob_intel_mrc() +{ + rom="${1}" + + printf 'adding mrc\n' + + # mrc.bin must be inserted at a specific offset. the only + # libreboot platform that needs it, at present, is haswell + + # in cbfstool, -b values above 0x80000000 are interpreted as + # top-aligned x86 memory locations. this is converted into an + # absolute offset within the flash, and inserted accordingly + # at that offset into the ROM image file + + # coreboot's own build system hardcodes the mrc.bin offset + # because there is only one correct location in memory, but + # it would be useful for lbmk if it could be easily scanned + # from Kconfig, with the option to change it where in practise + # it is not changed + + # the hardcoded offset below is based upon reading of the coreboot + # source code, and it is *always* correct for haswell platform. + # TODO: this logic should be tweaked to handle more platforms + + "${cbfstool}" "${rom}" add -f mrc/haswell/mrc.bin -n mrc.bin -t mrc \ + -b 0xfffa0000 || err "inject_blob_intel_mrc: cannot insert mrc.bin" +} + +inject_blob_intel_me() +{ + printf 'adding intel management engine\n' + + rom="${1}" + [ -z ${CONFIG_ME_BIN_PATH} ] && \ + err "inject_blob_intel_me: CONFIG_ME_BIN_PATH not set" + + _me_location=${CONFIG_ME_BIN_PATH#../../} + [ ! -f "${_me_location}" ] && \ + err "inject_blob_intel_me: per CONFIG_ME_BIN_PATH: file missing" + + "${ifdtool}" -i me:"${_me_location}" "${rom}" -O "${rom}" || \ + err "inject_blob_intel_me: cannot insert me.bin" +} + +inject_blob_hp_kbc1126_ec() +{ + rom="${1}" + + _ec1_location="${CONFIG_KBC1126_FW1#../../}" + _ec1_offset="${CONFIG_KBC1126_FW1_OFFSET}" + _ec2_location="${CONFIG_KBC1126_FW2#../../}" + _ec2_offset="${CONFIG_KBC1126_FW2_OFFSET}" + + printf "adding hp kbc1126 ec firmware\n" + + if [ "${_ec1_offset}" = "" ] || [ "${_ec1_offset}" = "" ]; then + err "inject_blob_hp_kbc1126_ec: ${board}: offset not declared" + fi + if [ "${_ec1_location}" = "" ] || [ "${_ec2_location}" = "" ]; then + err "inject_blob_hp_kbc1126_ec: ${board}: EC path not declared" + fi + if [ ! -f "${_ec1_location}" ] || [ ! -f "${_ec2_location}" ]; then + err "inject_blob_hp_kbc1126_ec: ${board}: ecfw not downloaded" + fi + + "${cbfstool}" "${rom}" add -f "${_ec1_location}" -n ecfw1.bin \ + -b ${_ec1_offset} -t raw || \ + err "inject_blob_hp_kbc1126_ec: cannot insert ecfw1.bin" + "${cbfstool}" "${rom}" add -f "${_ec2_location}" -n ecfw2.bin \ + -b ${_ec2_offset} -t raw || \ + err "inject_blob_hp_kbc1126_ec: cannot insert ecfw2.bin" +} + +inject_blob_dell_e6400_vgarom_nvidia() +{ + rom="${1}" + + _vga_location="${CONFIG_VGA_BIOS_FILE#../../}" + _vga_dir="${_vga_location%/*}" + _vga_filename="${_vga_location##*/}" + + printf "adding pci option rom\n" + + if [ "${_vga_dir}" != "${pciromsdir}" ]; then + err "inject_blob_dell_e6400vga: invalid pcirom dir: ${_vga_dir}" + fi + if [ ! -f "${_vga_location}" ]; then + err "inject_blob_dell_e6400vga: ${_vga_location} doesn't exist" + fi + + "${cbfstool}" "${rom}" add -f "${_vga_location}" \ + -n "pci${CONFIG_VGA_BIOS_ID}.rom" -t optionrom || \ + err "inject_blob_dell_e6400vga: cannot insert vga oprom" +} + +inject_blob_smsc_sch5545_ec() +{ + rom="${1}" + + _sch5545ec_location="${CONFIG_SMSC_SCH5545_EC_FW_FILE#../../}" + + if [ ! -f "${_sch5545ec_location}" ]; then + err "inject_blob_smsc_sch5545_ec: SCH5545 fw missing" + fi + + "${cbfstool}" "${rom}" add -f "${_sch5545ec_location}" \ + -n sch5545_ecfw.bin -t raw || \ + err "inject_blob_smsc_sch5545_ec: can't insert sch5545_ecfw.bin" +} + +modify_gbe() +{ + printf "changing mac address in gbe to ${new_mac}\n" + + rom="${1}" + + [ -z ${CONFIG_GBE_BIN_PATH} ] && \ + err "modify_gbe: ${board}: CONFIG_GBE_BIN_PATH not set" + + _gbe_location=${CONFIG_GBE_BIN_PATH#../../} + + [ -f "${_gbe_location}" ] || \ + err "modify_gbe: CONFIG_GBE_BIN_PATH points to missing file" + [ -f "${nvmutil}" ] || \ + make -C util/nvmutil || err "modify_gbe: couldn't build nvmutil" + + _gbe_tmp=$(mktemp -t gbeXXXX.bin) + cp "${_gbe_location}" "${_gbe_tmp}" + "${nvmutil}" "${_gbe_tmp}" setmac "${new_mac}" || \ + err "modify_gbe: ${board}: failed to modify mac address" + + "${ifdtool}" -i GbE:"${_gbe_tmp}" "${rom}" -O "${rom}" || \ + err "modify_gbe: ${board}: cannot insert modified gbe.bin" + + rm -f "${_gbe_tmp}" +} + +usage() +{ + cat <<- EOF + USAGE: ./update blobs inject -r [rom path] -b [boardname] -m [macaddress] + Example: ./update blobs inject -r x230_12mb.rom -b x230_12mb + + Adding a macadress to the gbe is optional. + If the [-m] parameter is left blank, the gbe will not be touched. + + Type './update blobs inject listboards' to get a list of valid boards + EOF +} + +main $@ diff --git a/script/update/blobs/mrc b/script/update/blobs/mrc new file mode 100755 index 00000000..c069e678 --- /dev/null +++ b/script/update/blobs/mrc @@ -0,0 +1,184 @@ +#!/usr/bin/env sh + +# Download Intel MRC images +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +. "include/err.sh" + +export PATH="${PATH}:/sbin" + +# This file is forked from util/chromeos/crosfirmware.sh in coreboot cfc26ce278 +# Changes to it in *this version* are copyright 2021 and 2023 Leah Rowe, under +# the same license as above. + +# use updated manifest from wayback machine, when updating mrc.bin, +# and update the other variables below accordingly. current manifest used: +# https://web.archive.org/web/20210211071412/https://dl.google.com/dl/edgedl/chromeos/recovery/recovery.conf + +# the wayback machine is used so that we get the same manifest. google +# does not seem to version the manifest, but archives are available + +# variables taken from that manifest: + +_board="peppy" +_file="chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin" +_url="https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin.zip" +_url2="https://web.archive.org/web/20200516070928/https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin.zip" +_sha1sum="cd5917cbe7f821ad769bf0fd87046898f9e175c8" +_mrc_complete_hash="d18de1e3d52c0815b82ea406ca07897c56c65696" +_mrc_complete="mrc/haswell/mrc.bin" + +cbdir="coreboot/default" +cbfstool="cbutils/default/cbfstool" + +sname="" + +main() +{ + sname=${0} + printf "Downloading Intel MRC blobs\n" + + check_existing || return 0 + build_dependencies + fetch_mrc || err "could not fetch mrc.bin" +} + +check_existing() +{ + [ -f "${_mrc_complete}" ] || \ + return 0 + printf 'found existing mrc.bin\n' + [ "$(sha1sum "${_mrc_complete}" | awk '{print $1}')" \ + = "${_mrc_complete_hash}" ] && \ + return 1 + printf 'hashes did not match, starting over\n' +} + +build_dependencies() +{ + [ -d "${cbdir}/" ] || ./fetch_trees coreboot default || \ + err "build_dependencies: cannot fetch coreboot/default" + ./build coreboot utils default || \ + err "build_dependencies: cannot build cbutils/default" +} + +fetch_mrc() +{ + mkdir -p mrc/haswell/ || err "fetch_mrc: !mkdir mrc/haswell" + + ( + cd mrc/haswell/ || err "fetch_mrc: !cd mrc/haswell" + + download_image "${_url}" "${_file}" "${_sha1sum}" + [ -f ${_file} ] || \ + download_image "${_url2}" "${_file}" "${_sha1sum}" + [ -f $_file ] || \ + err "fetch_mrc: ${_file} not downloaded / verification failed." + + extract_partition ROOT-A "${_file}" root-a.ext2 + extract_shellball root-a.ext2 chromeos-firmwareupdate-${_board} + + extract_coreboot chromeos-firmwareupdate-${_board} + + ../../"${cbfstool}" coreboot-*.bin extract -f mrc.bin -n mrc.bin \ + -r RO_SECTION || err "fetch_mrc: could not fetch mrc.bin" + rm -f "chromeos-firmwareupdate-${_board}" coreboot-*.bin \ + "${_file}" "root-a.ext2" || err "fetch_mrc: cannot remove files" + + printf "\n\nmrc.bin saved to ${_mrc_complete}\n\n" + ) +} + +download_image() +{ + url=${1} + _file=${2} + _sha1sum=${3} + + printf "Downloading recovery image\n" + curl "$url" > "$_file.zip" || err "download_image: curl failed" + printf "Verifying recovery image checksum\n" + if [ "$(sha1sum "${_file}.zip" | awk '{print $1}')" = "${_sha1sum}" ] + then + unzip -q "${_file}.zip" || err "download_image: cannot unzip" + rm -f "${_file}.zip" || err "download_image: can't rm zip {1}" + return 0 + fi + rm -f "${_file}.zip" || err "download_image: bad hash, and can't rm zip" + err "download_image: Bad checksum. Recovery image deleted" +} + +extract_partition() +{ + NAME=${1} + FILE=${2} + ROOTFS=${3} + _bs=1024 + + printf "Extracting ROOT-A partition\n" + ROOTP=$( printf "unit\nB\nprint\nquit\n" | \ + parted "${FILE}" 2>/dev/null | grep "${NAME}" ) + + START=$(( $( echo ${ROOTP} | cut -f2 -d\ | tr -d "B" ) )) + SIZE=$(( $( echo ${ROOTP} | cut -f4 -d\ | tr -d "B" ) )) + + dd if="${FILE}" of="${ROOTFS}" bs=${_bs} skip=$(( ${START} / ${_bs} )) \ + count=$(( ${SIZE} / ${_bs} )) || \ + err "extract_partition: can't extract root file system" +} + +extract_shellball() +{ + ROOTFS=${1} + SHELLBALL=${2} + + printf "Extracting chromeos-firmwareupdate\n" + printf "cd /usr/sbin\ndump chromeos-firmwareupdate ${SHELLBALL}\nquit" \ + | debugfs "${ROOTFS}" || err "extract_shellball: debugfs" +} + +extract_coreboot() +{ + _shellball=${1} + _unpacked=$( mktemp -d ) + + printf "Extracting coreboot image\n" + + [ -f "${_shellball}" ] || \ + err "extract_coreboot: shellball missing in google peppy image" + + sh "${_shellball}" --unpack "${_unpacked}" || \ + err "extract_coreboot: shellball exits with non-zero status" + + # TODO: audit the f* out of that shellball, for each mrc version. + # it has to be updated for each mrc update. we should ideally + # implement the functionality ourselves. + + [ -f "${_unpacked}/VERSION" ] || \ + err "extract_coreboot: VERSION file missing on google coreboot rom" + + _version=$( cat "${_unpacked}/VERSION" | grep BIOS\ version: | \ + cut -f2 -d: | tr -d \ ) + + cp "${_unpacked}/bios.bin" "coreboot-${_version}.bin" || \ + err "extract_coreboot: cannot copy google peppy rom" + rm -Rf "${_unpacked}" || \ + err "extract_coreboot: cannot remove extracted google peppy archive" +} + +main $@ |