summaryrefslogtreecommitdiff
path: root/script
diff options
context:
space:
mode:
Diffstat (limited to 'script')
-rwxr-xr-xscript/build/boot/roms112
-rwxr-xr-xscript/build/boot/roms_helper613
-rwxr-xr-xscript/build/clean/cbutils59
-rwxr-xr-xscript/build/clean/crossgcc45
-rwxr-xr-xscript/build/clean/seabios48
-rwxr-xr-xscript/build/clean/u-boot51
-rwxr-xr-xscript/build/command/options31
-rwxr-xr-xscript/build/coreboot/utils78
-rwxr-xr-xscript/build/descriptors/ich9m42
-rwxr-xr-xscript/build/grub/payload104
-rwxr-xr-xscript/build/grub/utils52
-rwxr-xr-xscript/build/release/roms195
-rwxr-xr-xscript/build/release/src193
-rwxr-xr-xscript/handle/make/config257
-rwxr-xr-xscript/handle/make/file80
-rwxr-xr-xscript/misc/versioncheck48
-rwxr-xr-xscript/update/blobs/download516
-rwxr-xr-xscript/update/blobs/extract122
-rwxr-xr-xscript/update/blobs/inject362
-rwxr-xr-xscript/update/blobs/mrc184
20 files changed, 3192 insertions, 0 deletions
diff --git a/script/build/boot/roms b/script/build/boot/roms
new file mode 100755
index 00000000..a19d9445
--- /dev/null
+++ b/script/build/boot/roms
@@ -0,0 +1,112 @@
+#!/usr/bin/env sh
+
+#
+# helper script: build coreboot images with various payloads
+#
+# Copyright (C) 2014,2015,2016,2020,2021,2023 Leah Rowe
+# <info@minifree.org>
+# Copyright (C) 2015 Klemens Nanni <contact@autoboot.org>
+# Copyright (C) 2022 Caleb La Grange <thonkpeasant@protonmail.com>
+# Copyright (C) 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# This script assumes that the working directory is the root
+# of git or release archive
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+projectname="$(cat projectname)"
+opts=""
+boards=
+firstoption=""
+
+main()
+{
+ [ $# -lt 1 ] && usage && err "target not specified"
+
+ firstoption="${1}"
+ [ "${firstoption}" = "help" ] && usage && exit 0
+ [ "${firstoption}" = "list" ] && \
+ ./build command options resources/coreboot && exit 0
+
+ while [ $# -gt 0 ]; do
+ case ${1} in
+ -d)
+ opts="${opts} -d ${2}"
+ shift ;;
+ -p)
+ opts="${opts} -p ${2}"
+ shift ;;
+ -k)
+ opts="${opts} -k ${2}"
+ shift ;;
+ *)
+ boards="${boards} ${1} " ;;
+ esac
+ shift
+ done
+
+ [ -z ${opts+x} ] && opts=""
+ printf "Building %s ROM images\n" "${projectname}"
+
+ if [ "${firstoption}" = "all" ]; then
+ for target in $(./build command options resources/coreboot); do
+ buildrom "${target}" || err "build/roms (1): error"
+ done
+ else
+ for board in ${boards}; do
+ buildrom "${board}" || err "build/roms (2): error"
+ done
+ fi
+
+ printf "\n\nDone! Your ROMs are in bin/\n\n"
+}
+
+usage()
+{
+ cat <<- EOF
+ USAGE: ./build boot roms target
+ To build *all* boards, do this: ./build boot roms all
+ To list *all* boards, do this: ./build boot roms list
+
+ Optional Flags:
+ -d: displaymode
+ -p: payload
+ -k: keyboard layout
+
+ Example commands:
+ ./build boot roms x60
+ ./build boot roms x200_8mb x60
+ ./build boot roms x60 -p grub -d corebootfb -k usqwerty
+
+ possible values for 'target':
+ $(./build command options "resources/coreboot")
+
+ Refer to the ${projectname} documentation for more information.
+ EOF
+}
+
+# Build ROM images for supported boards
+buildrom() {
+ [ -d "resources/coreboot/${1}/" ] || \
+ err "build/roms: target not defined: ${1}"
+ ./build boot roms_helper ${1}${opts} || return 1
+}
+
+main $@
diff --git a/script/build/boot/roms_helper b/script/build/boot/roms_helper
new file mode 100755
index 00000000..79e86ad4
--- /dev/null
+++ b/script/build/boot/roms_helper
@@ -0,0 +1,613 @@
+#!/usr/bin/env sh
+
+# helper script: create ROM images for a given mainboard
+#
+# Copyright (C) 2020,2021,2023 Leah Rowe <info@minifree.org>
+# Copyright (C) 2021,2022 Ferass El Hafidi
+# <vitali64pmemail@protonmail.com>
+# Copyright (C) 2022 Caleb La Grange <thonkpeasant@protonmail.com>
+# Copyright (C) 2022 Alper Nebi Yasak <alpernebiyasak@gmail.com>
+# Copyright (C) 2023 Riku Viitanen <riku.viitanen@protonmail.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# This script assumes that the working directory is the root
+# of git or release archive
+
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+projectname="$(cat projectname)"
+
+blobs_required=""
+microcode_required=""
+
+board=""
+ubdir=""
+kmapdir="resources/grub/keymap"
+displaymodes=""
+payloads=""
+keyboard_layouts=""
+while [ $# -gt 0 ]; do
+ case ${1} in
+ -d)
+ displaymodes="${displaymodes}${2}"
+ shift ;;
+ -p)
+ payloads="${payloads}${2}"
+ shift ;;
+ -k)
+ keyboard_layouts="${keyboard_layouts}${2}"
+ shift ;;
+ *)
+ board=${1} ;;
+ esac
+ shift
+done
+
+printf "\n\nboard is %s , kb is %s , displaymode is %s , payloads is %s\n" \
+ ${board} ${keyboard_layouts} ${displaymodes} ${payloads} 1>&2
+
+[ -d "resources/coreboot/${board}" ] || \
+ err "Target not defined: ${board}"
+
+[ -f "resources/coreboot/${board}/target.cfg" ] || \
+ err "Missing target.cfg for target: ${board}"
+
+grub_scan_disk="undefined"
+tree="undefined"
+romtype="normal" # optional parameter in target.cfg. "normal" is default
+arch="undefined"
+
+# Disable all payloads by default.
+# target.cfg files have to specifically enable [a] payload(s)
+payload_grub="n"
+payload_grub_withseabios="n" # seabios chainloaded from grub
+payload_seabios="n"
+payload_seabios_withgrub="n" # i386-coreboot grub from SeaBIOS boot menu
+payload_memtest="n"
+payload_uboot="n"
+uboot_config="undefined"
+# Override the above defaults using target.cfg
+. "resources/coreboot/${board}/target.cfg"
+
+[ "${grub_scan_disk}" = "undefined" ] && \
+ grub_scan_disk="both"
+[ "${grub_scan_disk}" != "both" ] && [ "${grub_scan_disk}" != "ata" ] && \
+ [ "${grub_scan_disk}" != "ahci" ] && \
+ grub_scan_disk="both"
+
+[ "${tree}" = "undefined" ] && \
+ err "Target '${board}' does not define a coreboot tree. Skipping build."
+[ "${arch}" = "undefined" ] && \
+ err "Target '${board}' does not define a CPU type. Skipping build."
+
+[ "${payload_memtest}" != "y" ] && \
+ payload_memtest="n"
+[ "${payload_grub_withseabios}" = "y" ] && \
+ payload_grub="y"
+if [ "${payload_grub_withseabios}" = "y" ]; then
+ payload_seabios="y"
+ payload_seabios_withgrub="y"
+fi
+[ "${payload_seabios_withgrub}" = "y" ] && \
+ payload_seabios="y"
+
+# NOTE: reverse logic must NOT be applied. If SeaBIOS-with-GRUB works, that
+# doesn't necessarily mean GRUb-with-SeaBIOS will. For example, the board
+# might have an external GPU, where it's recommended to boot SeaBIOS first
+if [ "${payload_grub}" != "y" ] && [ "${payload_seabios}" != "y" ] && \
+ [ "${payload_uboot}" != "y" ]; then
+ for configfile in "resources/coreboot/${board}/config/"*; do
+ [ -e "${configfile}" ] || continue
+ err "target '${board}' defines no payload"
+ done
+fi
+
+[ "${payload_uboot}" != "n" ] && [ "${payload_uboot}" != "y" ] && \
+ payload_uboot="n"
+[ "${payload_uboot}" = "y" ] && [ "${uboot_config}" = "undefined" ] && \
+ uboot_config="default"
+
+[ "${microcode_required}" != "n" ] && [ "${microcode_required}" != "y" ] && \
+ microcode_required="y"
+[ "${blobs_required}" != "n" ] && [ "${blobs_required}" != "y" ] && \
+ blobs_required="y"
+
+# Override all payload directives with cmdline args
+if [ ! -z ${payloads} ]; then
+ echo "setting payloads $payloads"
+ payload_grub="n"
+ payload_grub_withseabios="n" # seabios chainloaded from grub
+ payload_seabios="n"
+ payload_seabios_withgrub="n" # i386-coreboot grub from SeaBIOS menu
+ payload_uboot="n"
+ payload_memtest="n"
+
+ for payload in ${payloads} ; do
+ eval "payload_${payload}=y"
+ done
+fi
+
+romdir="bin/${board}"
+cbdir="coreboot/${board}"
+[ "${board}" = "${tree}" ] || \
+ cbdir="coreboot/${tree}"
+cbfstool="cbutils/${tree}/cbfstool"
+corebootrom="${cbdir}/build/coreboot.rom"
+seavgabiosrom="elf/seabios/default/libgfxinit/vgabios.bin"
+
+./build coreboot utils ${tree} || err "cannot build cbutils/${tree}"
+
+if [ ! -f "${seavgabiosrom}" ] \
+ || [ ! -f elf/seabios/default/libgfxinit/bios.bin.elf ] \
+ || [ ! -f elf/seabios/default/vgarom/bios.bin.elf ] \
+ || [ ! -f elf/seabios/default/normal/bios.bin.elf ]; then
+ [ "${payload_seabios}" != "y" ] || \
+ ./handle make config -b seabios || \
+ err "cannot build seabios"
+fi
+
+memtest_bin="memtest86plus/build${arch#*_}/memtest.bin"
+[ "${payload_memtest}" != "y" ] || [ -f "${memtest_bin}" ] || \
+ ./handle make file -b ${memtest_bin%/*} || \
+ err "cannot build memtest86+"
+
+[ -d "${romdir}/" ] || mkdir -p "${romdir}/" || \
+ err "cannot create rom directory: \"${romdir}\""
+rm -f "${romdir}"/* || err "cannot: rm -f \"${romdir}\"/*"
+
+if [ "${payload_grub}" = "y" ] || \
+ [ "${payload_seabios_withgrub}" = "y" ]; then
+ if [ -f "elf/grub/grub_usqwerty.cfg" ]; then
+ sha1sumcmd="sha1sum resources/grub/config/grub.cfg"
+ grubrefchecksum="$(${sha1sumcmd} | awk '{print $1}')"
+
+ sha1sumcmd="sha1sum elf/grub/grub_usqwerty.cfg"
+ grubbuildchecksum="$(${sha1sumcmd} | awk '{print $1}')"
+
+ if [ "${grubrefchecksum}" != "${grubbuildchecksum}" ]; then
+ printf "Changes detected to GRUB. Re-building now.\n" \
+ 1>&2
+ fi
+ else
+ printf "Required GRUB payloads not yet built. Building now.\n" \
+ 1>&2
+ fi
+ for keymapfile in "${kmapdir}"/*; do
+ [ -f "${keymapfile}" ] || continue
+
+ keymap="${keymapfile##*/}"
+ keymap="${keymap%.gkb}"
+
+ grubelf="elf/grub/grub_${keymap}.elf"
+ grubcfg="elf/grub/grub_${keymap}.cfg"
+ grubtestcfg="elf/grub/grub_${keymap}_test.cfg"
+
+ if [ ! -f "${grubelf}" ] || [ ! -f "${grubcfg}" ] || \
+ [ ! -f "${grubtestcfg}" ]; then
+ ./build grub payload || err "cannot build grub payload"
+ fi
+ done
+fi
+
+if [ "${payload_uboot}" = "y" ]; then
+ ./handle make config -b u-boot ${board} || \
+ err "cannot build u-boot target: ${board}"
+ ubdir="elf/u-boot/${board}/${uboot_config}"
+ ubootelf="${ubdir}/u-boot.elf"
+ [ ! -f "${ubootelf}" ] && [ -f "${ubdir}/u-boot.bin" ] && \
+ ubootelf="${ubdir}/u-boot.bin"
+ [ -f "${ubootelf}" ] || \
+ err "Could not find u-boot build for board, ${board}"
+fi
+
+# it is assumed that no other work will be done on the ROM
+# after calling this function. therefore this function is "final"
+moverom() {
+ rompath="$1"
+ newrompath="$2"
+ cuttype="$3"
+
+ [ "${blobs_required}" = "n" ] && \
+ newrompath="${newrompath%.rom}_noblobs.rom"
+
+ printf "\nCreating new ROM image: %s\n" "${newrompath}"
+
+ if [ "${cuttype}" = "4MiB IFD BIOS region" ]; then
+ dd if="${rompath}" of="${newrompath}" bs=1 \
+ skip=$(($(stat -c %s "${rompath}") - 0x400000)) \
+ count=4194304 || err "moverom: cannot cut 4MB section"
+ else
+ cp "${rompath}" "${newrompath}" || err "moverom: can't copy rom"
+ fi
+
+ # pike2008 cards cause a system hang when loading option roms in seabios
+ # if there is an empty option rom in cbfs, no option rom will be loaded
+ if [ "${cuttype}" = "d8d16sas" ]; then
+ emptyrom=$(mktemp -t coreboot_rom.XXXXXXXXXX)
+ rm -f "${emptyrom}" || err "cannot remove fake oprom"
+ touch "${emptyrom}" || err "cannot create fake oprom"
+ for deviceID in "0072" "3050"; do
+ "${cbfstool}" "${newrompath}" add -f "${emptyrom}" \
+ -n "pci1000,${deviceID}.rom" -t raw || \
+ err "moverom: cannot insert fake pike2008 rom"
+ done
+ rm -f "${emptyrom}" || err "moverom: cannot remove pike2008 rom"
+ fi
+
+ for romsize in 4 8 16; do
+ ifdgbe="descriptors/ich9m/ich9fdgbe_${romsize}m.bin"
+ if [ "${cuttype}" = "${romsize}MiB ICH9 IFD NOR flash" ]; then
+ [ -f "${ifdgbe}" ] || \
+ ./build descriptors ich9m || \
+ err "moverom: cannot create ich9m ifd"
+ dd if="${ifdgbe}" of="${newrompath}" bs=1 count=12k \
+ conv=notrunc || err "moverom: cant insert ich9m ifd"
+ fi
+ cmpstr="${romsize}MiB ICH9 IFD NOGBE NOR flash"
+ ifdgbe="descriptors/ich9m/ich9fdnogbe_${romsize}m.bin"
+ if [ "${cuttype}" = "${cmpstr}" ]; then
+ [ -f "${ifdgbe}" ] || \
+ ./build descriptors ich9m || \
+ err "moverom: cannot create ich9m ifd"
+ dd if="${ifdgbe}" of="${newrompath}" bs=1 count=4k \
+ conv=notrunc || err "moverom: cant insert ich9m ifd"
+ fi
+ done
+
+ if [ "${cuttype}" = "i945 laptop" ]; then
+ dd if="${newrompath}" of=top64k.bin bs=1 \
+ skip=$(($(stat -c %s "${newrompath}") - 0x10000)) \
+ count=64k || \
+ err "moverom: cannot copy boot block from i945 rom"
+ dd if=top64k.bin of="${newrompath}" bs=1 \
+ seek=$(($(stat -c %s "${newrompath}") - 0x20000)) \
+ count=64k conv=notrunc || \
+ err "moverom: cannot copy boot block into i945 rom"
+ rm -f top64k.bin || err "moverom: can't remove top64k.bin"
+ fi
+
+ if [ "${microcode_required}" = "n" ]; then
+ _newrom_b="${newrompath%.rom}_nomicrocode.rom"
+ cp "${newrompath}" "${_newrom_b}" || \
+ err "moverom: cp \"${newrompath}\" \"${_newrom_b}\""
+ microcode_present="y"
+ "${cbfstool}" "${_newrom_b}" remove -n \
+ cpu_microcode_blob.bin || microcode_present="n"
+ if [ "${microcode_present}" = "n" ]; then
+ rm -f "${_newrom_b}" || err "cannot remove ${_newrom_b}"
+ printf "REMARK: '%s' already lacks microcode\n" \
+ "${newrompath}"
+ printf "Renaming default ROM file instead.\n"
+ mv "${newrompath}" "${_newrom_b}" || \
+ err "moverom: mv \"${newrompath}\" \"${_newrom_b}\""
+ fi
+ fi
+}
+
+# make a rom in /tmp/ and then print the path of that ROM
+mkSeabiosRom() {
+ target_cbrom="${1}" # rom to insert seabios in. will not be touched
+ # (a tmpfile will be made instead)
+ target_seabios_cbfs_path="${2}" # e.g. fallback/payload
+ target_initmode="${3}" # e.g. libgfxinit
+
+ target_seabioself="elf/seabios/default/${target_initmode}/bios.bin.elf"
+
+ tmprom=$(mktemp -t coreboot_rom.XXXXXXXXXX)
+
+ cp "${target_cbrom}" "${tmprom}" || \
+ err "mkSeabiosRom: cannot copy to tmprom"
+
+ "${cbfstool}" "${tmprom}" add-payload -f "${target_seabioself}" \
+ -n ${target_seabios_cbfs_path} -c lzma || \
+ err "mkSeabiosRom: can't add payload, ${target_seabioself}, to rom"
+
+ "${cbfstool}" "${tmprom}" add-int -i 3000 -n etc/ps2-keyboard-spinup \
+ || err "mkSeabiosRom: cbfs add-int etc/ps2-keyboard-spinup 3000"
+
+ if [ "${target_initmode}" = "normal" ] || \
+ [ "${target_initmode}" = "libgfxinit" ]; then
+ "${cbfstool}" "${tmprom}" add-int -i 2 \
+ -n etc/pci-optionrom-exec || \
+ err "mkSeabiosRom: cbfs add-int etc/pci-optionrom-exec 2"
+ elif [ "${target_initmode}" = "vgarom" ]; then # coreboot executes it
+ "${cbfstool}" "${tmprom}" add-int -i 0 \
+ -n etc/pci-optionrom-exec || \
+ err "mkSeabiosRom: cbfs add-int etc/pci-optionrom-exec 0"
+ fi # for undefined modes, don't add this integer. use SeaBIOS defaults
+
+ "${cbfstool}" "${tmprom}" add-int -i 0 -n etc/optionroms-checksum || \
+ err "mkSeabiosRom: cbfs add-int etc/optionroms-checksum 0"
+
+ [ "${target_initmode}" != "libgfxinit" ] || \
+ "${cbfstool}" "${tmprom}" add -f "${seavgabiosrom}" \
+ -n vgaroms/seavgabios.bin -t raw || \
+ err "mkSeabiosRom: cbfs add-raw vgaroms/seavgabios.bin"
+
+ printf "%s\n" "${tmprom}"
+}
+
+# make a rom in /tmp/ and then print the path of that ROM
+mkUbootRom() {
+ target_cbrom="${1}" # rom to insert u-boot in. it won't be touched
+ # (a tmpfile will be made instead)
+ target_uboot_cbfs_path="${2}" # e.g. fallback/payload
+ target_uboot_config="${3}"
+ cbfstool_path="${4}"
+
+ target_ubdir="elf/u-boot/${board}/${target_uboot_config}"
+ target_ubootelf="${target_ubdir}/u-boot.elf"
+ [ -f "${target_ubootelf}" ] || \
+ target_ubootelf="${target_ubdir}/u-boot.bin"
+ [ -f "${target_ubootelf}" ] || \
+ err "mkUbootRom: cant find u-boot build for board, ${board}"
+
+ tmprom=$(mktemp -t coreboot_rom.XXXXXXXXXX)
+
+ cp "${target_cbrom}" "${tmprom}" || \
+ err "mkUbootRom: cannot copy to tmprom"
+ "${cbfstool}" "${tmprom}" add-payload -f "${target_ubootelf}" \
+ -n ${target_uboot_cbfs_path} -c lzma || \
+ err "mkUbootRom: cannot add u-boot to tmprom"
+
+ printf "%s\n" "${tmprom}"
+}
+
+# make a rom in /tmp/ and then print the path of that ROM
+mkGrubRom() {
+ target_keymap="${1}"
+ target_cbrom="${2}"
+ target_grubelf_cbfs_path="${3}" # e.g. fallback/payload
+
+ grubelf="elf/grub/grub_${target_keymap}.elf"
+ grubcfg="elf/grub/grub_${target_keymap}.cfg"
+ grubtestcfg="elf/grub/grub_${target_keymap}_test.cfg"
+
+ tmprom=$(mktemp -t coreboot_rom.XXXXXXXXXX) || \
+ err "mkGrubRom: cannot create tmprom"
+ cp "${target_cbrom}" "${tmprom}" || \
+ err "mkGrubRom: cannot copy to tmprom"
+
+ "${cbfstool}" "${tmprom}" add-payload -f "${grubelf}" \
+ -n ${target_grubelf_cbfs_path} -c lzma || \
+ err "mkGrubRom: cannot add grub payload to tmprom"
+
+ tmpgrubcfg=$(mktemp -t grub.cfg.XXXXXXXXXX)
+ tmpgrubtestcfg=$(mktemp -t grubtest.cfg.XXXXXXXXXX)
+ if [ "${grub_scan_disk}" = "ahci" ]; then
+ sed \
+ 's/set\ grub_scan_disk=\"both\"/set\ grub_scan_disk=\"ahci\"/' \
+ "${grubcfg}" > "${tmpgrubcfg}" || err "mkGrubRom: sed1"
+ sed \
+ 's/set\ grub_scan_disk=\"both\"/set\ grub_scan_disk=\"ahci\"/' \
+ "${grubtestcfg}" > "${tmpgrubtestcfg}" || \
+ err "mkGrubRom: sed2"
+ elif [ "${grub_scan_disk}" = "ata" ]; then
+ sed \
+ 's/set\ grub_scan_disk=\"both\"/set\ grub_scan_disk=\"ata\"/' \
+ "${grubcfg}" > "${tmpgrubcfg}" || err "mkGrubRom: sed3"
+ sed \
+ 's/set\ grub_scan_disk=\"both\"/set\ grub_scan_disk=\"ata\"/' \
+ "${grubtestcfg}" > "${tmpgrubtestcfg}" || \
+ err "mkGrubRom: sed4"
+ else
+ cp "${grubcfg}" "${tmpgrubcfg}" || err "mkGrubRom: grub.cfg cp"
+ cp "${grubtestcfg}" "${tmpgrubtestcfg}" || \
+ err "mkGrubRom: grubtest.cfg cp"
+ fi
+
+ "${cbfstool}" "${tmprom}" add -f "${tmpgrubcfg}" -n grub.cfg -t raw || \
+ err "mkGrubRom: cannot add grub.cfg to tmprom"
+
+ "${cbfstool}" "${tmprom}" add -f "${tmpgrubtestcfg}" -n grubtest.cfg \
+ -t raw || err "mkGrubRom: cannot add grubtest.cfg to tmprom"
+ rm -f "${tmpgrubcfg}" "${tmpgrubtestcfg}" || \
+ err "mkGrubRom: cannot remove tmp grub.cfg / grubtest.cfg"
+
+ backgroundfile="background1280x800.png"
+ if [ "${board}" = "x60" ] || [ "${board}" = "t60_intelgpu" ]; then
+ # TODO: don't hardcode this. do it in target.cfg per board
+ backgroundfile="background1024x768.png"
+ fi
+ backgroundfile="resources/grub/background/${backgroundfile}"
+ "${cbfstool}" "${tmprom}" add -f ${backgroundfile} -n background.png \
+ -t raw || err "mkGrubRom: cannot add background.png to tmprom"
+
+ printf "%s\n" "${tmprom}"
+}
+
+# Make separate ROM images with GRUB payload, for each supported keymap
+mkRomsWithGrub() {
+ tmprompath="${1}"
+ initmode="${2}"
+ displaymode="${3}"
+ firstpayloadname="${4}" # allow values: grub, seabios, seabios_withgrub
+
+ x=${tmprompath}
+ y=${initmode}
+ if [ "${payload_grub_withseabios}" = "y" ] && \
+ [ "${firstpayloadname}" = "grub" ]; then
+ mv "$(mkSeabiosRom "${x}" "seabios.elf" "${y}")" "${tmprompath}"
+ elif [ "${payload_seabios_withgrub}" ] && \
+ [ "${firstpayloadname}" != "grub" ]; then
+ mv "$(mkSeabiosRom "${x}" "fallback/payload" "$y")" \
+ "${tmprompath}" || \
+ err "mkRomsWithGrub: cannot move SeaBIOS ROM to tmprom"
+ fi
+
+ keymaps=""
+ if [ -z ${keyboard_layouts} ]; then
+ for kmapfile in "${kmapdir}"/*; do
+ keymaps="${keymaps} ${kmapfile}"
+ done
+ else
+ for keymapname in ${keyboard_layouts}; do
+ keymaps="${keymaps} ${kmapdir}/${keymapname}.gkb"
+ done
+ fi
+ for keymapfile in ${keymaps}; do
+ echo "keymaps is $keymaps, keymapfile is $keymapfile"
+
+ [ -f "${keymapfile}" ] || continue
+
+ keymap="${keymapfile##*/}"
+ keymap="${keymap%.gkb}"
+
+ grub_path_in_cbfs="fallback/payload"
+ [ "${firstpayloadname}" = "grub" ] || \
+ grub_path_in_cbfs="img/grub2"
+
+ # evil bofh rfc 2646 compliance hack
+ x=${keymap}
+ y=${tmprompath}
+ z=${grub_path_in_cbfs}
+
+ tmpgrubrom="$(mkGrubRom "${x}" "${y}" "${z}")"
+
+ if [ "${initmode}" = "normal" ]; then
+ newrompath="${romdir}/${firstpayloadname}_${board}_"
+ newrompath="${newrompath}${initmode}_${keymap}.rom"
+ else
+ newrompath="${romdir}/${firstpayloadname}_${board}_"
+ newrompath="${newrompath}${initmode}_${displaymode}_"
+ newrompath="${newrompath}${keymap}.rom"
+ fi
+ moverom "${tmpgrubrom}" "${newrompath}" "${romtype}" || \
+ err "mkRomsWithGrub, moverom"
+ rm -f "${tmpgrubrom}" || err "rm tmpgrubrom, mkRomsWithGrub"
+ done
+}
+
+# Main ROM building function. This calls all other functions
+mkRoms()
+{
+ cbcfgpath="${1}"
+ displaymode="${2}"
+ initmode="${3}"
+
+ if [ ! -f "${cbcfgpath}" ]; then
+ printf "'%s' does not exist. Skipping build for %s %s %s\n" \
+ "${cbcfgpath}" "${board}" "${displaymode}" "${initmode}" \
+ 1>&2
+ return 0
+ fi
+
+ ./handle make config -b coreboot ${board} || \
+ err "mkRoms: cannot build coreboot for target: ${board}"
+
+ _corebootrom="elf/coreboot/${board}/${initmode}_${displaymode}"
+ [ "${initmode}" = "normal" ] && \
+ _corebootrom="${_corebootrom%_${displaymode}}"
+ _corebootrom="${_corebootrom}/coreboot.rom"
+ corebootrom="$(mktemp -t coreboot_rom.XXXXXXXXXX)"
+ cp "${_corebootrom}" "${corebootrom}" || err "mkRoms: cannot copy rom"
+
+ if [ "${payload_memtest}" = "y" ]; then
+ "${cbfstool}" "${corebootrom}" add-payload \
+ -f "${memtest_bin}" -n img/memtest -c lzma || \
+ err "mkRoms: cannot add img/memtest to coreboot rom"
+ fi
+
+ if [ "${payload_seabios}" = "y" ]; then
+ if [ "${payload_seabios_withgrub}" = "n" ]; then
+ x=${corebootrom}
+ y=${initmode}
+ t=$(mkSeabiosRom "$x" "fallback/payload" "$y")
+ if [ "${initmode}" = "normal" ]; then
+ newrompath="${romdir}/seabios_${board}_"
+ newrompath="${newrompath}${initmode}.rom"
+ else
+ newrompath="${romdir}/seabios_${board}_"
+ newrompath="${newrompath}${initmode}_"
+ newrompath="${newrompath}${displaymode}.rom"
+ fi
+
+ moverom "${t}" "${newrompath}" "${romtype}" || \
+ err "mkRoms: cannot copy rom"
+ rm -f "${t}" || err "cannot rm ${t}"
+ else
+ tmprom=$(mktemp -t coreboot_rom.XXXXXXXXXX)
+ cp "${corebootrom}" "${tmprom}"
+ mkRomsWithGrub "${tmprom}" "${initmode}" \
+ "${displaymode}" "seabios_withgrub" || \
+ err "mkRoms: cannot build grub roms, seabios w/grub"
+ rm -f "${tmprom}" || err "mkRoms: can't remove tmprom"
+ fi
+ fi
+
+ [ "${payload_grub}" != "y" ] || \
+ mkRomsWithGrub "${corebootrom}" "${initmode}" \
+ "${displaymode}" "grub" || \
+ err "mkRoms: mkRomsWithGrub failed"
+
+ if [ "${payload_uboot}" = "y" ]; then
+ x=${corebootrom}
+ y=${uboot_config}
+ z=${cbfstool}
+ tmpubootrom="$(mkUbootRom "$x" "fallback/payload" "$y" "$z")"
+ if [ "${initmode}" = "normal" ]; then
+ newrompath="${romdir}/uboot_payload_${board}_"
+ newrompath="${newrompath}${initmode}.rom"
+ else
+ newrompath="${romdir}/uboot_payload_${board}_"
+ newrompath="${newrompath}${initmode}_${displaymode}.rom"
+ fi
+ moverom "${tmpubootrom}" "${newrompath}" "${romtype}" || \
+ err "mkRoms: moverom fail (u-boot)"
+ rm -f "${tmpubootrom}" || err "mkRoms: cannot rm u-boot rom"
+ fi
+}
+
+if [ -z ${displaymodes} ]; then
+ initmode="libgfxinit"
+ for displaymode in corebootfb txtmode; do
+ cbcfgpath="resources/coreboot/${board}/config/${initmode}_"
+ cbcfgpath="${cbcfgpath}${displaymode}"
+ mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}"
+ done
+
+ initmode="vgarom"
+ for displaymode in vesafb txtmode; do
+ cbcfgpath="resources/coreboot/${board}/config/${initmode}_"
+ cbcfgpath="${cbcfgpath}${displaymode}"
+ mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}"
+ done
+
+ initmode="normal"
+ displaymode="txtmode"
+ cbcfgpath="resources/coreboot/${board}/config/${initmode}"
+ mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}"
+
+else
+ echo "special displaymode defined as $displaymodes"
+ initmode="libgfxinit"
+ for displaymode in ${displaymodes}; do
+ cbcfgpath="resources/coreboot/${board}/config/${initmode}_"
+ cbcfgpath="${cbcfgpath}${displaymode}"
+ mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}"
+ done
+
+ initmode="vgarom"
+ for displaymode in ${displaymodes}; do
+ cbcfgpath="resources/coreboot/${board}/config/${initmode}_"
+ cbcfgpath="${cbcfgpath}${displaymode}"
+ mkRoms "${cbcfgpath}" "${displaymode}" "${initmode}"
+ done
+fi
diff --git a/script/build/clean/cbutils b/script/build/clean/cbutils
new file mode 100755
index 00000000..bdacc45a
--- /dev/null
+++ b/script/build/clean/cbutils
@@ -0,0 +1,59 @@
+#!/usr/bin/env sh
+
+# helper script: clean the dependencies that were built in coreboot
+#
+# Copyright (C) 2014-2016, 2020, 2023 Leah Rowe <info@minifree.org>
+# Copyright (C) 2015 Klemens Nanni <contact@autoboot.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# This script assumes that the current working directory is the root
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+main()
+{
+ printf "Cleaning the previous build of coreboot and its utilities\n"
+
+ rm -Rf cbutils || err "cannot remove cbutils/"
+ [ ! -d "coreboot/" ] && exit 0
+
+ clean_cbutils
+}
+
+clean_cbutils()
+{
+ for tree in coreboot/*; do
+ [ "${tree##*/}" = "coreboot" ] && continue
+ [ -d "${tree}" ] || continue
+
+ # Clean coreboot, of course
+ make -C "${tree}/" distclean || \
+ err "clean_cbutils: ${tree}: cannot distclean"
+
+ # Clean its utilities as well
+ for util in cbfstool ifdtool nvramtool cbmem; do
+ make distclean -C "${tree}/util/${util}/" || \
+ err "clean_cbutils: ${cbtree} ${util}: can't clean"
+ done
+ make distclean -C "${tree}/payloads/libpayload/" || \
+ err "clean_cbutils: ${tree}: can't distclean libpayload"
+ done
+}
+
+main $@
diff --git a/script/build/clean/crossgcc b/script/build/clean/crossgcc
new file mode 100755
index 00000000..c76d1849
--- /dev/null
+++ b/script/build/clean/crossgcc
@@ -0,0 +1,45 @@
+#!/usr/bin/env sh
+
+# helper script: clean the crossgcc builds
+#
+# Copyright (C) 2014-2016, 2020, 2023 Leah Rowe <info@minifree.org>
+# Copyright (C) 2015 Klemens Nanni <contact@autoboot.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+main()
+{
+ printf "Cleaning crossgcc builds in all coreboot archives\n"
+ [ ! -d "coreboot/" ] && exit 0
+
+ clean_crossgcc
+}
+
+clean_crossgcc()
+{
+ for board in coreboot/*; do
+ [ -d "${board}" ] || continue
+ [ "${board##*/}" = "coreboot" ] && continue
+ make -C "${board}/" crossgcc-clean || \
+ err "clean_crossgcc: ${board}: !make crossgcc-clean"
+ done
+}
+
+main $@
diff --git a/script/build/clean/seabios b/script/build/clean/seabios
new file mode 100755
index 00000000..0178a729
--- /dev/null
+++ b/script/build/clean/seabios
@@ -0,0 +1,48 @@
+#!/usr/bin/env sh
+
+# helper script: clean the dependencies that were built in seabios
+#
+# Copyright (C) 2015,2020,2021,2023 Leah Rowe <info@minifree.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+# clean bucts
+# --------------------------------------------------------
+
+main()
+{
+ [ ! -d "elf/seabios" ] || rm -Rf elf/seabios || \
+ err "cannot remove elf/seabios"
+ [ ! -d "seabios/" ] && exit 0
+
+ clean_seabios
+}
+
+clean_seabios()
+{
+ for x in seabios/*; do
+ [ ! -d "${x}" ] && continue
+ [ "${x}" = "seabios/seabios" ] && continue
+ make -C "${x}" distclean || \
+ err "clean_seabios: cannot distclean tree, ${x}"
+ done
+}
+
+main $@
diff --git a/script/build/clean/u-boot b/script/build/clean/u-boot
new file mode 100755
index 00000000..5deff216
--- /dev/null
+++ b/script/build/clean/u-boot
@@ -0,0 +1,51 @@
+#!/usr/bin/env sh
+
+# helper script: clean the u-boot builds
+#
+# Copyright (C) 2014-2016, 2020, 2023 Leah Rowe <info@minifree.org>
+# Copyright (C) 2015 Klemens Nanni <contact@autoboot.org>
+# Copyright (C) 2022 Alper Nebi Yasak <alpernebiyasak@gmail.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+main()
+{
+ printf "Cleaning u-boot builds for all boards\n"
+ clean_uboot
+}
+
+clean_uboot()
+{
+ for board in u-boot/*; do
+ if [ "${board##*/}" = "u-boot" ] || [ ! -d "${board}" ]; then
+ continue
+ fi
+
+ make -C "${board}/" distclean || \
+ err "clean_uboot: cannot distclean ${board}"
+
+ if [ -e "${board}/.git" ]; then
+ git -C "${board}" clean -fdx || \
+ err "clean_uboot: ${board}: cannot clean git files"
+ fi
+ done
+}
+
+main $@
diff --git a/script/build/command/options b/script/build/command/options
new file mode 100755
index 00000000..84a9a3fb
--- /dev/null
+++ b/script/build/command/options
@@ -0,0 +1,31 @@
+#!/usr/bin/env sh
+
+# Copyright (c) 2023 Leah Rowe <info@minifree.org>
+# SPDX-License-Identifier: MIT
+
+. "include/err.sh"
+
+items=1
+
+main()
+{
+ [ $# -gt 0 ] || \
+ err "No argument given"
+ listitems "${1}" || err "No items present under: ${1}"
+}
+
+listitems()
+{
+ [ -d "${1}" ] || \
+ err "Directory not does exist: ${1}"
+ for x in "${1}/"*; do
+ # -e used because this is for files *or* directories
+ [ -e "${x}" ] || continue
+ [ "${x##*/}" = "build.list" ] && continue
+ printf "%s\n" "${x##*/}"
+ items=0
+ done
+ return ${items}
+}
+
+main $@
diff --git a/script/build/coreboot/utils b/script/build/coreboot/utils
new file mode 100755
index 00000000..bf0c47a7
--- /dev/null
+++ b/script/build/coreboot/utils
@@ -0,0 +1,78 @@
+#!/usr/bin/env sh
+
+# helper script: build various coreboot utilities
+#
+# Copyright (C) 2014-2016,2020,2021,2023 Leah Rowe <info@minifree.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+main()
+{
+ printf "Building coreboot utils\n"
+
+ if [ $# -gt 0 ]; then
+ for board in "${@}"; do
+ build_for_mainboard ${board} || \
+ err "cannot build cbutils for target, ${board}"
+ done
+ else
+ for boarddir in resources/coreboot/*; do
+ [ ! -d "${boarddir}" ] && continue
+ build_for_mainboard ${boarddir##*/} || \
+ err "cannot build cbutils for target, ${board}"
+ done
+ fi
+}
+
+build_for_mainboard() {
+ board="${1}"
+ [ -d "resources/coreboot/${board}" ] || continue
+ [ -f "resources/coreboot/${board}/target.cfg" ] || continue
+ tree="undefined"
+ . "resources/coreboot/${board}/target.cfg" # source
+ [ "${tree}" = "undefined" ] && \
+ err "build_for_mainboard: improper tree definition for '${board}'"
+ buildutils "${tree}"
+}
+
+buildutils() {
+ tree="${1}"
+ [ -d "coreboot/${tree}/" ] || \
+ ./fetch_trees coreboot $tree || \
+ err "buildutils: cannot fetch ${tree}"
+ for util in cbfstool ifdtool; do
+ [ -f "cbutils/${tree}/${util}" ] && continue
+ [ -d "cbutils/${tree}" ] || \
+ mkdir -p "cbutils/${tree}" || \
+ err "buildutils: can't mkdir cbutils/${tree}"
+
+ utildir="coreboot/${tree}/util/${util}"
+ make distclean -C "${utildir}" || \
+ err "buildutils: cannot clean ${utildir}"
+ make -j$(nproc) -C "${utildir}" || \
+ err "buildutils: cannot build ${utildir}"
+ cp "${utildir}/${util}" "cbutils/${tree}" || \
+ err "buildutils: can't cp ${util} cbutils/${tree}/"
+ make distclean -C "${utildir}" || \
+ err "buildutils: can't clean ${utildir}"
+ done
+}
+
+main $@
diff --git a/script/build/descriptors/ich9m b/script/build/descriptors/ich9m
new file mode 100755
index 00000000..d965aef8
--- /dev/null
+++ b/script/build/descriptors/ich9m
@@ -0,0 +1,42 @@
+#!/usr/bin/env sh
+
+# Copyright (C) 2020, 2023 Leah Rowe <info@minifree.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+ich9gen="util/ich9utils/ich9gen"
+
+main()
+{
+ [ -f "${ich9gen}" ] || ./handle make file -b ich9utils || \
+ err "ich9utils make"
+ [ ! -f "${ich9gen}" ] && err "ich9gen doesn't exist"
+
+ [ -d "descriptors/ich9m/" ] || mkdir -p "descriptors/ich9m/" || \
+ err "can't create directory: descriptors/ich9m"
+ rm -f descriptors/ich9m/* || err "rm-rf"
+
+ (
+ cd descriptors/ich9m/ || err "cd2"
+ ../../"${ich9gen}" || err "ich9gen"
+ )
+}
+
+main $@
diff --git a/script/build/grub/payload b/script/build/grub/payload
new file mode 100755
index 00000000..63849bac
--- /dev/null
+++ b/script/build/grub/payload
@@ -0,0 +1,104 @@
+#!/usr/bin/env sh
+
+# generate GRUB ELF files (coreboot payload) and configuration files
+#
+# Copyright (C) 2014,2015,2020,2021,2023 Leah Rowe <info@minifree.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+grubcfgsdir="resources/grub"
+keymap=""
+
+. "${grubcfgsdir}/modules.list"
+
+main()
+{
+ printf "Creating GRUB payloads and configuration files\n"
+
+ handle_dependencies
+
+ # Separate GRUB payload per keymap to save space in ROM.
+ for keylayoutfile in ${grubcfgsdir}/keymap/*.gkb; do
+ [ -f "${keylayoutfile}" ] || continue
+ build_grub_payloads "${keylayoutfile}"
+ done
+
+ printf "Done! Check elf/grub/ to see the files.\n\n"
+}
+
+handle_dependencies()
+{
+ [ -d "grub/" ] || \
+ ./fetch grub || \
+ err "handle_dependencies: cannot fetch grub"
+ [ -f "grub/grub-mkstandalone" ] || \
+ ./build grub utils || \
+ err "handle_dependencies: cannot build grub utils"
+ [ -d "elf/grub" ] || \
+ mkdir -p elf/grub || \
+ err "handle_dependencies: cannot mkdir elf/grub"
+ rm -f elf/grub/* || \
+ err "handle_dependencies: cannot rm inside: elf/grub/"
+}
+
+build_grub_payloads()
+{
+ keylayoutfile=${1}
+ [ -f "${keylayoutfile}" ] || continue
+
+ keymap="${keylayoutfile##${grubcfgsdir}/keymap/}"
+ keymap="${keymap%.gkb}"
+
+ build_grub_elf "${keylayoutfile}"
+ create_grub_config
+
+ printf "Created 'elf/grub/grub_%s.elf' and configs.'\n" "${keymap}"
+}
+
+build_grub_elf()
+{
+ keylayoutfile=${1}
+
+ gcfg="/boot/grub/grub.cfg=${grubcfgsdir}"
+ gcfg="${gcfg}/config/grub_memdisk.cfg"
+ grubk="/boot/grub/layouts/${keymap}.gkb=${keylayoutfile}"
+ grub/grub-mkstandalone \
+ --grub-mkimage="grub/grub-mkimage" \
+ -O i386-coreboot \
+ -o "elf/grub/grub_${keymap}.elf" \
+ -d grub/grub-core/ \
+ --fonts= --themes= --locales= \
+ --modules="${grub_modules}" \
+ --install-modules="${grub_install_modules}" \
+ "${gcfg}" "${grubk}" || \
+ err "build_grub_elf: cannot build grub payload (grub-mkstandalone)"
+}
+
+create_grub_config()
+{
+ sed "s/usqwerty/${keymap}/" < "${grubcfgsdir}/config/grub.cfg" \
+ > "elf/grub/grub_${keymap}.cfg" || \
+ err "create_grub_config: sed failed: grub.cfg"
+ sed "s/grubtest.cfg/grub.cfg/" < "elf/grub/grub_${keymap}.cfg" \
+ > "elf/grub/grub_${keymap}_test.cfg" || \
+ err "create_grub_config: sed failed: grubtest.cfg"
+}
+
+main $@
diff --git a/script/build/grub/utils b/script/build/grub/utils
new file mode 100755
index 00000000..f0449ed7
--- /dev/null
+++ b/script/build/grub/utils
@@ -0,0 +1,52 @@
+#!/usr/bin/env sh
+
+# helper script: builds GRUB2 source code
+#
+# Copyright (C) 2014, 2015, 2020, 2023 Leah Rowe <info@minifree.org>
+# Copyright (C) 2015, 2016 Klemens Nanni <contact@autoboot.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+main()
+{
+ printf "Building GRUB\n"
+ [ -d "grub/" ] || ./fetch grub || err "cannot fetch grub"
+ build_grub
+}
+
+build_grub()
+{
+ (
+ cd grub/ || \
+ err "build_grub: cd"
+ [ ! -d Makefile ] || make distclean || \
+ err "build_grub: make-distclean"
+ ./bootstrap --gnulib-srcdir=gnulib/ --no-git || \
+ err "build_grub: gnulib bootstrap"
+ ./autogen.sh || \
+ err "build_grub: autogen.sh"
+ ./configure --with-platform=coreboot || \
+ err "build_grub: autoconf"
+ make -j$(nproc) || \
+ err "build_grub: make"
+ )
+}
+
+main $@
diff --git a/script/build/release/roms b/script/build/release/roms
new file mode 100755
index 00000000..395fb8d7
--- /dev/null
+++ b/script/build/release/roms
@@ -0,0 +1,195 @@
+#!/usr/bin/env sh
+
+# helper script: generate release archive (ROM images)
+#
+# Copyright (C) 2020,2021,2022,2023 Leah Rowe <info@minifree.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+projectname="$(cat projectname)"
+version="version-unknown"
+versiondate="version-date-unknown"
+tree="default"
+target=""
+CONFIG_HAVE_MRC=""
+CONFIG_HAVE_ME_BIN=""
+CONFIG_KBC1126_FIRMWARE=""
+CONFIG_INCLUDE_SMSC_SCH5545_EC_FW=""
+ifdtool="cbutils/${tree}/ifdtool"
+cbfstool="cbutils/${tree}/cbfstool"
+
+main()
+{
+ printf "Building ROM image archives for version %s\n" "${version}"
+
+ init_check
+
+ for romdir in bin/*; do
+ make_archive "${romdir}"
+ done
+
+ printf "\nROM archives available at release/%s/roms/\n\n" "${version}"
+}
+
+init_check()
+{
+ if [ -f version ]; then
+ version="$(cat version)"
+ [ -f versiondate ] && \
+ versiondate="$(cat versiondate)"
+ [ ! -d "bin/" ] && \
+ err "init_check: no ROMs built yet (error)"
+ [ -d "release/" ] || \
+ mkdir -p release/ || \
+ err "init_check: !mkdir -p release/"
+ [ -d "release/${version}/" ] || \
+ mkdir -p "release/${version}/" || \
+ err "init_check: !mkdir -p release/${version}/"
+ [ ! -d "release/${version}/roms/" ] || \
+ rm -Rf "release/${version}/roms/" || \
+ err "init_check: !rm -Rf release/${version}/roms/"
+
+ if [ ! -d "release/${version}/roms/" ]; then
+ mkdir -p "release/${version}/roms/" || \
+ err "init_check: !mkdir -p release/${version}/roms/"
+ fi
+}
+
+make_archive()
+{
+ romdir=${1}
+ target="${romdir##*/}"
+
+ echo ${target}
+ [ -d "${romdir}/" ] || continue
+
+ CONFIG_HAVE_MRC="y"
+ CONFIG_HAVE_ME_BIN="y"
+ CONFIG_KBC1126_FIRMWARE="y"
+ CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="y"
+ grep "CONFIG_HAVE_ME_BIN=y" "resources/coreboot/${target}/config/"* || \
+ CONFIG_HAVE_ME_BIN="n"
+ grep "CONFIG_HAVE_MRC=y" "resources/coreboot/${target}/config/"* || \
+ CONFIG_HAVE_MRC="n"
+ grep "CONFIG_KBC1126_FIRMWARE=y" \
+ "resources/coreboot/${target}/config"/* || \
+ CONFIG_KBC1126_FIRMWARE="n"
+ grep "CONFIG_INCLUDE_SMSC_SCH5545_EC_FW=y" \
+ "resources/coreboot/${target}/config"/* || \
+ CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="n"
+
+ # remove ME/MRC/EC firmware from ROM images
+ if [ "${CONFIG_HAVE_ME_BIN}" = "y" ] || \
+ [ "${target}" = "e6400nvidia_4mb" ]; then
+ strip_archive "${romdir}"
+ fi
+
+ printf "Generating release/%s/roms/%s-%s_%s.tar.xz\n" \
+ "${version}" "${projectname}" "${version}" "${target##*/}"
+ printf "%s\n" "${version}" > "${romdir}/version" || \
+ err "make_archive: can't create ${romdir}/version"
+ printf "%s\n" "${versiondate}" > "${romdir}/versiondate" || \
+ err "make_archive: can't create ${romdir}/versiondate"
+ printf "%s\n" "${projectname}" > "${romdir}/projectname" || \
+ err "make_archive: can't create ${romdir}/projectname"
+
+ f="release/${version}/roms/${projectname}-${version}_${target##*/}"
+ tar -c "${romdir}/" | xz -9e > "${f}.tar.xz" || \
+ err "make_archive: can't create ${f}.tar.xz"
+
+ if [ -d "${romdir}_tmp" ]; then
+ rm -Rf "${romdir}" || err "make_archive: !rm -Rf ${romdir}"
+ mv "${romdir}_tmp" "${romdir}" || \
+ err "make_archive: !mv \"${romdir}_tmp\" \"${romdir}\""
+ fi
+}
+
+strip_archive()
+{
+ romdir=${1}
+
+ [ -d "coreboot/${tree}" ] || \
+ ./fetch_trees coreboot ${tree} || \
+ err "strip_archive: coreboot/${tree}: can't fetch source"
+ ./build coreboot utils ${tree} || \
+ err "strip_archive: coreboot/${tree}: can't build utils"
+
+ # dirty hack, to reduce disk io later
+ # rather than using /tmp, which might not be tmpfs
+ rm -Rf "${romdir}_tmp" || err "strip_archive: !rm -Rf ${romdir}_tmp"
+ mkdir "${romdir}_tmp" || err "strip_archive: !mkdir ${romdir}_tmp"
+
+ # Hash the rom before removing blobs
+ rm -f "${romdir}/blobhashes" || \
+ err "strip_archive: !rm -f ${blobdir}/blobhashes"
+ touch "${romdir}/blobhashes" || \
+ err "strip_archive: !touch ${blobdir}/blobhashes"
+
+ (
+ cd "${romdir}" || err "strip_archive: !cd ${romdir}"
+ sha1sum *.rom >> blobhashes || \
+ err "strip_archive: ${romdir}: !sha1sum *.rom >> blobhashes"
+ )
+
+ for romfile in "${romdir}"/*.rom; do
+ strip_rom_image "${romfile}"
+ done
+}
+
+strip_rom_image()
+{
+ romfile=${1}
+
+ [ -f "${romfile}" ] || return 0
+
+ if [ "${CONFIG_HAVE_ME_BIN}" = "y" ]; then
+ "${ifdtool}" --nuke me "${romfile}" || \
+ err "strip_rom_images: ${romfile}: cannot nuke Intel ME"
+ mv "${romfile}" "${romdir}_tmp" || \
+ err "strip_rom_images: !mv ${romfile} ${romdir}_tmp"
+ mv "${romfile}.new" "${romfile}" || \
+ err "strip_rom_images: !mv ${romfile}.new ${romfile}"
+ fi
+
+ if [ "${CONFIG_HAVE_MRC}" = "y" ]; then
+ "${cbfstool}" "${romfile}" remove -n mrc.bin || \
+ err "strip_rom_images: ${romfile}: cannot nuke mrc.bin"
+ "${cbfstool}" "${romfile}" print || :
+ fi
+
+ if [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ]; then
+ "${cbfstool}" "${romfile}" remove -n ecfw1.bin || \
+ err "strip_rom_images: ${romfile}: can't nuke ecfw1.bin"
+ "${cbfstool}" "${romfile}" remove -n ecfw2.bin || \
+ err "strip_rom_images: ${romfile}: can't nuke ecfw2.bin"
+ fi
+
+ [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" != "y" ] || \
+ "${cbfstool}" "${romfile}" remove -n sch5545_ecfw.bin || \
+ err "strip_rom_images: ${romfile}: can't nuke sch5545ec fw"
+
+ # TODO: replace this board-specific hack
+ if [ "${target}" = "e6400nvidia_4mb" ]; then
+ "${cbfstool}" "${romfile}" remove -n "pci10de,06eb.rom" || \
+ err "strip_rom_images: ${romfile}: can't nuke e6400 vga rom"
+ fi
+}
+
+main $@
diff --git a/script/build/release/src b/script/build/release/src
new file mode 100755
index 00000000..0db9d721
--- /dev/null
+++ b/script/build/release/src
@@ -0,0 +1,193 @@
+#!/usr/bin/env sh
+
+# helper script: generate release archive (source code)
+#
+# Copyright (C) 2020,2021,2023 Leah Rowe <info@minifree.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+projectname="$(cat projectname)"
+
+trees_fetch_list="coreboot u-boot seabios"
+simple_fetch_list="flashrom grub memtest86plus me_cleaner uefitool"
+simple_fetch_list="${simple_fetch_list} bios_extract biosutilities"
+
+# do not add blobs directory here. it's handled below
+dirlist="resources util script"
+
+filelist="lbmk modify build README.md COPYING Makefile update version"
+filelist="${filelist} versiondate projectname .gitcheck fetch fetch_trees"
+
+version="version-unknown"
+versiondate="version-date-unknown"
+reldir=""
+dirname=""
+srcdir=""
+
+printf "Building source code archive, version %s\n" "${version}"
+
+main()
+{
+ [ -f version ] && \
+ version="$(cat version)"
+ [ -f versiondate ] && \
+ versiondate="$(cat versiondate)"
+
+ create_release_directory
+ download_modules
+ copy_files
+ purge_files
+
+ create_release_archive
+
+ printf "Source code archive available at %s.tar.xz\n\n" "${srcdir}"
+}
+
+create_release_directory()
+{
+ reldir="release/${version}"
+ dirname="${projectname}-${version}_src"
+ srcdir="${reldir}/${dirname}"
+
+ [ -d "release/" ] || mkdir -p release/ || \
+ err "create_release_directory: !mkdir -p release/"
+ [ -d "${reldir}/" ] || mkdir -p "${reldir}/" || \
+ err "create_release_directory: !mkdir -p ${reldir}/"
+ [ ! -d "${srcdir}/" ] || rm -Rf "${srcdir}/" || \
+ err "create_release_directory: !rm -Rf ${srcdir}/"
+ [ ! -f "${srcdir}.tar.xz" ] || \
+ rm -f "${srcdir}.tar.xz/" || \
+ err "create_release_directory: !rm -f ${srcdir}.tar.xz/"
+
+ mkdir -p "${srcdir}/" || \
+ err "create_release_directory: !mkdir -p ${srcdir}/"
+ printf "%s" "${version}" > "${srcdir}"/version || \
+ err "create_release_directory: ${srcdir}/version: can't create file"
+}
+
+download_modules()
+{
+ for modname in ${trees_fetch_list}; do
+ [ -d "${modname}" ] || ./fetch_trees ${modname} || \
+ err "download_modules: couldn't download ${modname} trees"
+ done
+ for modname in ${simple_fetch_list}; do
+ [ -d "${modname}/" ] || ./fetch ${modname} || \
+ err "download_modules: couldn't download ${modname} repo"
+ done
+}
+
+copy_files()
+{
+ for dir in ${simple_fetch_list} ${dirlist}; do
+ cp -R "${dir}/" "${srcdir}/" || \
+ err "copy_files: !cp -R ${dir}/ ${srcdir}/"
+ done
+
+ copy_blobs
+
+ for i in ${filelist}; do
+ if [ ! -f "${i}" ]; then
+ rm -Rf "${srcdir}" || \
+ err "copy_files: !rm -Rf ${srcdir}"
+ err "copy_files: file '${1}' does not exist"
+ fi
+ cp "${i}" "${srcdir}/" || \
+ err "copy_files: !cp ${i} ${srcdir}/"
+ done
+}
+
+copy_blobs()
+{
+ mkdir -p "${srcdir}"/blobs || \
+ err "copy_blobs: !mkdir -p ${srcdir}/blobs"
+ # do not copy intel ME etc, but do copy ifd/gbe files
+ for i in t440p xx20 xx30 hp8200sff hp_ivybridge hp_sandybridge \
+ hp8300usdt t1650; do
+ for j in ifd gbe 4_ifd 8_ifd 12_ifd 16_ifd; do
+ [ -f "blobs/${i}/${j}.bin" ] || continue
+ [ -e "${srcdir}/blobs/${i}" ] || \
+ mkdir -p "${srcdir}/blobs/${i}" || \
+ err "copy_blobs: ! -d ${srcdir}/blobs/${i}"
+ cp "blobs/${i}/${j}.bin" "${srcdir}/blobs/${i}" || \
+ err "copy_blobs: ! -f ${srcdir}/blobs/${i}"
+ done
+ done
+}
+
+purge_files()
+{
+ (
+ cd "${srcdir}/" || \
+ err "purge_files 3: !cd ${srcdir}/"
+
+ for p in coreboot/*; do
+ [ -d "${p}" ] || continue
+ ./handle make file -c "${p}" || \
+ err "purge_files 1: ${p}: !make distclean"
+ done
+
+ ./handle make file -c coreboot/default/util/kbc1126 || \
+ err "purge_files 1: default/util/kbc1126: ! make clean"
+ ./build clean all || \
+ err "purge_files 1: ! ./build clean all"
+
+ for p in bios_extract flashrom grub ich9utils uefitool; do
+ ./handle make file -c "${p}" || \
+ err "purge_files: !./handle make file -c ${p}"
+ done
+ for p in 32 64; do
+ ./handle make file -c "memtest86plus/build${p}" || \
+ err "purge_files: cannot clean memtest86+ build${p}"
+ done
+ for p in "nvmutil" "ich9utils" "spkmodem_recv" "e6400-flash-unlock"; do
+ make clean -C "util/${p}" || \
+
+ err "purge_files 2: !make clean -C ${util}/p"
+ done
+ for p in ${trees_fetch_list}; do
+ rm -Rf "${p}/${p}" "${p}"/*/.git* || \
+ err "purge_files 1: cannot clean ${p} project files"
+ done
+ rm -Rf .git .gitignore */.git* coreboot/*/3rdparty/*/.git* \
+ coreboot/*/util/nvidia/cbootimage/.git* || \
+ err "purge_files rm-rf2: can't purge .git files/directories"
+ )
+}
+
+create_release_archive()
+{
+ (
+ cd "${reldir}/" || \
+ err "create_release_archive 4: !cd ${reldir}/"
+ printf "%s\n" "${version}" > "${dirname}/version" || \
+ err "create_release_archive: can't create ${dirname}/version"
+ printf "%s\n" "${versiondate}" > "${dirname}/versiondate" || \
+ err "create_release_archive: can't create ${dirname}/versiondate"
+ printf "%s\n" "${projectname}" > "${dirname}/projectname" || \
+ err "create_release_archive: can't create ${dirname}/projectname"
+ tar -c "${dirname}/" | xz -9e >"${dirname}.tar.xz" || \
+ err "create_release_archive: can't create ${dirname}.tar.xz"
+ rm -Rf "${dirname}/" || \
+ err "create_release_archive 5: !rm -Rf ${dirname}/"
+ )
+}
+
+main $@
diff --git a/script/handle/make/config b/script/handle/make/config
new file mode 100755
index 00000000..0c60285f
--- /dev/null
+++ b/script/handle/make/config
@@ -0,0 +1,257 @@
+#!/usr/bin/env sh
+
+# helper script: build elf files on build systems that use defconfig/kconfig
+#
+# Copyright (C) 2022 Alper Nebi Yasak <alpernebiyasak@gmail.com>
+# Copyright (C) 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com>
+# Copyright (C) 2023 Leah Rowe <leah@libreboot.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# you could probably build *linux* with this script!
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+projectname="$(cat projectname)"
+our_version="$(cat version)"
+
+export LOCALVERSION="-${projectname}-${our_version}"
+
+arch=""
+cfgsdir=""
+codedir=""
+config=""
+config_name=""
+crossgcc_ada=""
+elfdir=""
+listfile=""
+mode=""
+project=""
+target=""
+target_dir=""
+tree=""
+
+main()
+{
+ while getopts b:m:u: option
+ do
+ case "${1}" in
+ -b)
+ mode="all"
+ shift ;;
+ -u)
+ mode="oldconfig"
+ shift ;;
+ -m)
+ mode="menuconfig"
+ shift ;;
+ *)
+ fail "Invalid option" ;;
+ esac
+ project="${OPTARG}"
+ shift
+ done
+ [ -z "${mode}" ] && fail "mode not given (-m, -u or -b)"
+
+ elfdir="elf/${project}"
+
+ cfgsdir="resources/${project}"
+ [ -d "${cfgsdir}" ] || fail "directory, ${cfgsdir}, does not exist"
+
+ listfile="${cfgsdir}/build.list"
+ [ -f "${listfile}" ] || fail "list file, ${listfile}, does not exist"
+
+ # Build for all targets if no argument is given
+ targets=$(./build command options "${cfgsdir}")
+ [ $# -gt 0 ] && targets=$@
+
+ [ -d "${elfdir}" ] || [ "${mode}" != "all" ] || \
+ mkdir -p "${elfdir}/" || fail "can't create directory ${elfdir}"
+
+ for x in ${targets}; do
+ target="${x}"
+ printf "Running 'make %s' for project '%s, target '%s''\n" \
+ "${mode}" "${project}" "${target}"
+ [ "${project}" != "coreboot" ] || [ "${mode}" != "all" ] || \
+ ./update blobs download ${target} || fail "blobutil"
+ handle_defconfig || fail "error handling config file"
+ done
+
+ if [ "${mode}" = "all" ]; then
+ printf "Done! The files are stored under %s/\n\n" "${elfdir}"
+ fi
+}
+
+handle_defconfig()
+{
+ handle_dependencies "${target}" || \
+ fail "handle_defconfig: failed call to handle_dependencies"
+
+ for y in "${target_dir}/config"/*; do
+ [ -f "${y}" ] || continue
+ config="${y}"
+ config_name="${config#$target_dir/config/}"
+
+ printf "build/defconfig/%s %s: handling config %s\n" \
+ "${project}" "${target}" "${config_name}"
+
+ [ "${mode}" != "all" ] || check_config || continue
+ run_make_command
+ [ "${mode}" != "all" ] || copy_elf
+ done
+}
+
+handle_dependencies()
+{
+ target_dir="${cfgsdir}/${target}"
+ mkdir -p "${elfdir}/${target}" || \
+ fail "handle_dependencies: !mkdir -p ${elfdir}/${target}"
+
+ tree="undefined"
+ arch="undefined"
+
+ [ ! -f "${target_dir}/target.cfg" ] && \
+ fail "handle_dependencies: ${target_dir}: missing target.cfg"
+
+ # Override the above defaults using target.cfg
+ . "${target_dir}/target.cfg" # source
+
+ [ "${tree}" = "undefined" ] && \
+ fail "handle_dependencies: ${target_dir}: tree undefined"
+ [ "${arch}" = "undefined" ] && \
+ fail "handle_dependencies: ${target_dir}: undefined cpu type"
+
+ codedir="${project}/${tree}"
+ [ -d "${codedir}" ] || \
+ ./fetch_trees "${project}" "${target}" || \
+ fail "handle_dependencies: can't fetch ${project}/${target}"
+
+ # u-boot and coreboot are both compiled with coreboot's crossgcc
+ if [ "${project}" = "coreboot" ] || [ "${project}" = "u-boot" ]; then
+ [ "${mode}" != "all" ] || check_cross_compiler || \
+ fail "handle_dependencies ${project}/${target}: crossgcc"
+ fi
+}
+
+# set up cross-compiler (coreboot crossgcc) for u-boot and coreboot
+# (seabios and grub currently use hostcc, not crossgcc)
+check_cross_compiler()
+{
+ [ "${crossgcc_ada}" = "y" ] || [ "${crossgcc_ada}" = "n" ] || \
+ crossgcc_ada="y"
+ [ "${crossgcc_ada}" != "y" ] && \
+ export BUILD_LANGUAGES=c
+
+ cbdir="coreboot/${tree}"
+ [ "${project}" != "coreboot" ] && \
+ cbdir="coreboot/default" # not u-boot (e.g. linux will use it)
+ [ "${project}" = "u-boot" ] && \
+ cbdir="coreboot/cros" # u-boot only used on coreboot/cros
+ # only true if not building coreboot:
+ ctarget="${cbdir#coreboot/}"
+ [ -d "${cbdir}" ] || \
+ ./fetch_trees coreboot ${ctarget} || \
+ fail "check_cross_compiler: can't fetch coreboot/${ctarget}"
+
+ if [ "${arch}" = "x86_32" ] || [ "${arch}" = "x86_64" ]; then
+ [ -d "${cbdir}/util/crossgcc/xgcc/i386-elf/" ] || \
+ make -C "${cbdir}" crossgcc-i386 CPUS=$(nproc) || \
+ return 1
+ case "$(uname -m)" in
+ x86*|i*86|amd64) : ;;
+ *) export CROSS_COMPILE=i386-elf- ;;
+ esac
+ elif [ "${arch}" = "ARMv7" ]; then
+ [ -d "${cbdir}/util/crossgcc/xgcc/arm-eabi/" ] || \
+ make -C "${cbdir}" crossgcc-arm CPUS=$(nproc) || \
+ return 1
+ case "$(uname -m)" in
+ arm|arm32|armv6*|armv7*) : ;;
+ *) export CROSS_COMPILE=arm-eabi- ;;
+ esac
+ elif [ "${arch}" = "AArch64" ]; then
+ [ -d "${cbdir}/util/crossgcc/xgcc/aarch64-elf/" ] || \
+ make -C "${cbdir}" crossgcc-aarch64 CPUS=$(nproc) || \
+ return 1
+ # aarch64 also needs armv7 toolchain for arm-trusted-firmware
+ [ -d "${cbdir}/util/crossgcc/xgcc/arm-eabi/" ] || \
+ make -C "${cbdir}" crossgcc-arm CPUS=$(nproc) || \
+ return 1
+ case "$(uname -m)" in
+ arm64|aarch64) : ;;
+ *) export CROSS_COMPILE=aarch64-elf- ;;
+ esac
+ fi
+
+ # we *must* ensure that u-boot's build system uses crossgcc first
+ export PATH="$(pwd)/${cbdir}/util/crossgcc/xgcc/bin:$PATH"
+}
+
+check_config()
+{
+ [ ! -f "${config}" ] && \
+ fail "check_config: ${project}/${target}: configs missing"
+
+ dest_dir="${elfdir}/${target}/${config_name}"
+ # TODO: very hacky check. do it properly (based on build.list)
+ for elftest in "${dest_dir}"/*; do
+ if [ -f "${elftest}" ]; then
+ printf "Build already exists, so skipping build\n" 1>&2
+ return 1
+ fi
+ done
+ mkdir -p "${dest_dir}" || \
+ fail "check_config: cannot mkdir: ${dest_dir}"
+}
+
+run_make_command()
+{
+ ./handle make file -c "${codedir}" || \
+ fail "run_make_command: make distclean/clean failed"
+
+ cp "${config}" "${codedir}/.config" || \
+ fail "run_make_command: can't copy config for: ${project}/${target}"
+ [ "${mode}" != "all" ] || make -C "${codedir}" silentoldconfig || \
+ make -C "${codedir}" oldconfig || : # don't error on oldconfig
+
+ if [ "${project}" = "coreboot" ] && [ "${mode}" = "all" ]; then
+ printf "%s\n" "${our_version}" >"${codedir}/.coreboot-version" \
+ || fail "run_make_command: ${codedir}: can't set version"
+ fi
+ make -C "${codedir}" -j$(nproc) ${mode} || \
+ fail "run_make_command: make-all: ${codedir} (${project}/${target})"
+}
+
+copy_elf()
+{
+ for f in $(cat "${listfile}"); do
+ [ ! -f "${codedir}/$f" ] || \
+ cp "${codedir}/${f}" "${dest_dir}/" || \
+ fail "copy_elf: cannot copy elf file"
+ done
+
+ ./handle make file -c "${codedir}" || \
+ fail "copy_elf: clean: ${codedir} (${project}/${target})"
+}
+
+fail()
+{
+ [ -z "${codedir}" ] || ./handle make file -c "${codedir}" || :
+ err "${1}"
+}
+
+main $@
diff --git a/script/handle/make/file b/script/handle/make/file
new file mode 100755
index 00000000..855ea1c4
--- /dev/null
+++ b/script/handle/make/file
@@ -0,0 +1,80 @@
+#!/usr/bin/env sh
+
+# helper script: build utils used by lbmk
+#
+# Copyright (C) 2023 Leah Rowe <info@minifree.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+mode=""
+project=""
+
+main()
+{
+ while getopts b:c: option
+ do
+ case "${1}" in
+ -b)
+ shift ;;
+ -c)
+ mode="distclean"
+ shift ;;
+ *)
+ err "Invalid option" ;;
+ esac
+ project="${OPTARG}"
+ shift
+ done
+
+ [ -z "${project}" ] && err "project name not specified"
+ [ "${project}" = "ich9utils" ] && project="util/ich9utils"
+
+ handle_dependencies
+ run_make_command
+}
+
+handle_dependencies()
+{
+ [ -d "${project}" ] || ./fetch "${project%/*}" || \
+ err "handle_dependencies: can't fetch ${project%/*}"
+ [ -d "${project}" ] || \
+ err "handle_dependencies: ${project%/*} not downloaded"
+
+ if [ "${project}" = "uefitool" ]; then
+ (
+ cd uefitool || err "handle_dependencies: !cd uefitool"
+ cmake UEFIExtract/ || \
+ err "handle_dependencies: !cmake UEFIExtract/"
+ )
+ fi
+}
+
+run_make_command()
+{
+ if [ -z "${mode}" ]; then
+ make -C "${project}" -j$(nproc) || \
+ err "run_make_command: !make -C ${project}"
+ else
+ make -C "${project}" distclean || make -C "${project}" clean \
+ || err "run_make_command: ${project}: make-clean failed"
+ fi
+}
+
+main $@
diff --git a/script/misc/versioncheck b/script/misc/versioncheck
new file mode 100755
index 00000000..73fbb140
--- /dev/null
+++ b/script/misc/versioncheck
@@ -0,0 +1,48 @@
+#!/usr/bin/env sh
+
+# Copyright (C) 2021 Leah Rowe <info@minifree.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u
+
+. "include/err.sh"
+
+project="$(cat projectname)"
+
+version="version-unknown"
+[ -f version ] && version="$(cat version)"
+version_="${version}"
+if [ -e ".git" ]; then
+ version="$(git describe --tags HEAD 2>&1)" || \
+ version="git-$(git rev-parse HEAD 2>&1)" || \
+ version="${version_}"
+ printf "%s\n" "${version}" > version
+fi
+
+versiondate="version-date-unknown"
+[ -f versiondate ] && versiondate="$(cat versiondate)"
+versiondate_="${versiondate}"
+if [ -e ".git" ]; then
+ versiondate="$(git show --no-patch --no-notes --pretty='%ct' HEAD)" || \
+ versiondate="${versiondate_}"
+ printf "%s\n" "${versiondate}" > versiondate
+fi
+
+if [ "${versiondate}" = "version-date-unknown" ] || \
+ [ "${version}" = "version-unknown" ]; then
+ err "cannot determine ${projectname} revision"
+fi
diff --git a/script/update/blobs/download b/script/update/blobs/download
new file mode 100755
index 00000000..3df460d4
--- /dev/null
+++ b/script/update/blobs/download
@@ -0,0 +1,516 @@
+#!/usr/bin/env sh
+
+# SPDX-FileCopyrightText: 2022 Caleb La Grange <thonkpeasant@protonmail.com>
+# SPDX-FileCopyrightText: 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com>
+# SPDX-FileCopyrightText: 2023 Leah Rowe <info@minifree.org>
+# SPDX-License-Identifier: GPL-3.0-only
+
+. "include/err.sh"
+
+agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"
+
+ec_url=""
+ec_url_bkup=""
+ec_hash=""
+dl_hash=""
+dl_url=""
+dl_url_bkup=""
+dl_path=""
+e6400_vga_dl_hash=""
+e6400_vga_dl_url=""
+e6400_vga_dl_url_bkup=""
+e6400_vga_offset=""
+e6400_vga_romname=""
+sch5545ec_dl_url=""
+sch5545ec_dl_url_bkup=""
+sch5545ec_dl_hash=""
+
+cbdir="coreboot/default"
+cbcfgsdir="resources/coreboot"
+boarddir=""
+blobdir="blobs"
+appdir="${blobdir}/app"
+_7ztest="a"
+mecleaner="$(pwd)/me_cleaner/me_cleaner.py"
+e6400_unpack="$(pwd)/bios_extract/dell_inspiron_1100_unpacker.py"
+me7updateparser="$(pwd)/resources/blobs/me7_update_parser.py"
+kbc1126_ec_dump="$(pwd)/${cbdir}/util/kbc1126/kbc1126_ec_dump"
+board=""
+pfs_extract="$(pwd)/biosutilities/Dell_PFS_Extract.py"
+uefiextract="$(pwd)/uefitool/uefiextract"
+_b="" # board shorthand without e.g. _4mb (avoid duplication per flash size)
+
+CONFIG_HAVE_MRC=""
+CONFIG_HAVE_IFD_BIN=""
+CONFIG_HAVE_ME_BIN=""
+CONFIG_HAVE_GBE_BIN=""
+CONFIG_KBC1126_FIRMWARE=""
+CONFIG_BOARD_DELL_E6400=""
+CONFIG_VGA_BIOS_FILE=""
+CONFIG_INCLUDE_SMSC_SCH5545_EC_FW=""
+CONFIG_SMSC_SCH5545_EC_FW_FILE=""
+
+main()
+{
+ [ $# -gt 0 ] || \
+ err "No argument given"
+
+ board="${1}"
+ boarddir="${cbcfgsdir}/${board}"
+
+ [ -d "${boarddir}" ] || \
+ err "Board target, ${board}, not defined"
+ [ -f "${boarddir}/target.cfg" ] || \
+ err "Target missing target.cfg"
+
+ no_config="printf \"No config for target, %s\\n\" ${board} 1>&2; exit 0"
+ for x in "${boarddir}"/config/*; do
+ [ -f "${x}" ] && no_config=""
+ done
+ eval "${no_config}"
+
+ detect_firmware || exit 0
+ scan_sources_config
+
+ build_dependencies
+ download_blobs
+}
+
+detect_firmware()
+{
+ set -- "${boarddir}/config/"*
+ . "${1}"
+ . "${boarddir}/target.cfg"
+
+ [ "${CONFIG_HAVE_MRC}" = "y" ] && needs="${needs} MRC"
+ [ "${CONFIG_HAVE_IFD_BIN}" = "y" ] && needs="${needs} IFD"
+ [ "${CONFIG_HAVE_ME_BIN}" = "y" ] && needs="${needs} ME"
+ [ "${CONFIG_HAVE_GBE_BIN}" = "y" ] && needs="${needs} GBE"
+ [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ] && needs="${needs} EC"
+ [ "${CONFIG_BOARD_DELL_E6400}" = "y" ] && \
+ [ "${CONFIG_VGA_BIOS_FILE}" != "" ] && needs="${needs} E6400VGA"
+ [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ] && \
+ needs="${needs} SCH5545EC"
+ [ -z ${needs+x} ] && \
+ printf "No binary blobs needed for this board\n" && \
+ return 1
+ printf "Firmware needed for board '%s':\n%s\n" "${board}" "${needs}"
+}
+
+scan_sources_config()
+{
+ # Shorthand (avoid duplicating configs per flash size)
+ _b=${board%%_*mb}
+
+ awkstr=" /\{.*${_b}.*}{/ {flag=1;next} /\}/{flag=0} flag { print }"
+
+ while read -r line ; do
+ case ${line} in
+ EC_url_bkup*)
+ set ${line}
+ ec_url_bkup=${2} ;;
+ EC_url*)
+ set ${line}
+ ec_url=${2} ;;
+ EC_hash*)
+ set ${line}
+ ec_hash=${2} ;;
+ DL_hash*)
+ set ${line}
+ dl_hash=${2} ;;
+ DL_url_bkup*)
+ set ${line}
+ dl_url_bkup=${2} ;;
+ DL_url*)
+ set ${line}
+ dl_url=${2} ;;
+ E6400_VGA_DL_hash*)
+ set ${line}
+ e6400_vga_dl_hash=${2} ;;
+ E6400_VGA_DL_url_bkup*)
+ set ${line}
+ e6400_vga_dl_url_bkup=${2} ;;
+ E6400_VGA_DL_url*)
+ set ${line}
+ e6400_vga_dl_url=${2} ;;
+ E6400_VGA_offset*)
+ set ${line}
+ e6400_vga_offset=${2} ;;
+ E6400_VGA_romname*)
+ set ${line}
+ e6400_vga_romname=${2} ;;
+ SCH5545EC_DL_hash*)
+ set ${line}
+ sch5545ec_dl_hash=${2} ;;
+ SCH5545EC_DL_url_bkup*)
+ set ${line}
+ sch5545ec_dl_url_bkup=${2} ;;
+ SCH5545EC_DL_url*)
+ set ${line}
+ sch5545ec_dl_url=${2} ;;
+ esac
+ done << EOF
+ $(eval "awk '${awkstr}' resources/blobs/sources")
+EOF
+}
+
+build_dependencies()
+{
+ [ -d ${cbdir} ] || \
+ ./fetch_trees coreboot ${cbdir##*/} || \
+ err "build_dependencies: can't fetch ${cbdir}"
+ for d in uefitool biosutilities bios_extract me_cleaner; do
+ [ -d "${d}" ] && continue
+ ./fetch "${d}" || \
+ err "build_dependencies: can't fetch ${d}"
+ done
+ [ -f uefitool/uefiextract ] || \
+ ./handle make file -b uefitool || \
+ err "build_dependencies: can't build uefitool"
+ if [ ! -f "${cbdir}/util/kbc1126/kbc1126_ec_dump" ]; then
+ make -BC "${cbdir}/util/kbc1126" || \
+ err "build_dependencies: can't build kbc1126_ec_dump"
+ fi
+}
+
+download_blobs()
+{
+ for need in ${needs}; do
+ case ${need} in
+ *ME*)
+ download_blob_intel_me || _failed="${_failed} me" ;;
+ *SCH5545EC*)
+ download_sch5545ec || failed="${_failed} sch5545ec" ;;
+ *EC*)
+ download_ec || _failed="${_failed} ec" ;;
+ *E6400VGA*)
+ download_e6400vga || _failed="${_failed} e6400vga" ;;
+ *MRC*)
+ ./update blobs mrc || _failed="${_failed} mrc" ;;
+ esac
+ done
+
+ if [ ! -z ${_failed+x} ]; then
+ err "download_blobs: can't download blobs: ${_failed}\n"
+ fi
+}
+
+download_blob_intel_me()
+{
+ printf "Downloading neutered ME for board: %s\n" ${board}
+
+ fetch_update me || return 1
+ extract_blob_intel_me || return 1
+}
+
+extract_blob_intel_me()
+{
+ printf "Extracting neutered ME for ${board}\n"
+
+ _me_destination=${CONFIG_ME_BIN_PATH#../../}
+
+ [ -d "${_me_destination%/*}" ] || \
+ mkdir -p "${_me_destination%/*}" || \
+ err "extract_blob_intel_me: mkdir ${_me_destination%/*}"
+ [ ! -d "${appdir}" ] || \
+ rm -Rf "${appdir}" || \
+ err "extract_blob_intel_me: can't rm -Rf \"${appdir}\""
+ if [ -f "${_me_destination}" ]; then
+ printf "Intel ME firmware already downloaded\n" 1>&2
+ return 0
+ fi
+
+ printf "Extracting and stripping Intel ME firmware\n"
+
+ innoextract "${dl_path}" -d "${appdir}" || \
+ 7z x "${dl_path}" -o"${appdir}" || \
+ unar "${dl_path}" -o "${appdir}" || \
+ err "extract_blob_intel_me: could not extract vendor update"
+
+ bruteforce_extract_blob_intel_me "$(pwd)/${_me_destination}" \
+ "$(pwd)/${appdir}" || \
+ err "extract_blob_intel_me: could not extract Intel ME firmware"
+
+ [ -f "${_me_destination}" ] || \
+ err "extract_blob_intel_me, ${board}: me.bin missing"
+
+ printf "Truncated and cleaned me output to: %s\n" "${_me_destination}"
+}
+
+# cursed, carcinogenic code. TODO rewrite it better
+bruteforce_extract_blob_intel_me()
+{
+ _me_destination="${1}"
+ cdir="${2}" # must be an absolute path, not relative
+
+ [ -f "${_me_destination}" ] && return 0
+
+ sdir="$(mktemp -d)"
+ mkdir -p "${sdir}" || return 1
+
+ (
+ printf "Entering %s\n" "${cdir}"
+ cd "${cdir}" || \
+ err "bruteforce_extract_blob_intel_me: can't cd \"${cdir}\""
+ for i in *; do
+ if [ -f "${_me_destination}" ]; then
+ # me.bin found, so avoid needless further traversal
+ break
+ elif [ -L "${i}" ]; then
+ # symlinks are a security risk, in this context
+ continue
+ elif [ -f "${i}" ]; then
+ "${mecleaner}" -r -t -O "${sdir}/vendorfile" \
+ -M "${_me_destination}" "${i}" \
+ && break # (we found me.bin)
+ "${mecleaner}" -r -t -O "${_me_destination}" "${i}" \
+ && break # (we found me.bin)
+ "${me7updateparser}" -O "${_me_destination}" "${i}" \
+ && break # (we found me.bin)
+ _7ztest="${_7ztest}a"
+ 7z x "${i}" -o"${_7ztest}" \
+ || innoextract "${i}" -d "${_7ztest}" \
+ || unar "${i}" -o "${_7ztest}" \
+ || continue
+ bruteforce_extract_blob_intel_me "${_me_destination}" \
+ "${cdir}/${_7ztest}"
+ elif [ -d "$i" ]; then
+ bruteforce_extract_blob_intel_me "${_me_destination}" \
+ "${cdir}/${i}"
+ else
+ printf "SKIPPING: %s\n" "${i}"
+ continue
+ fi
+ cdir="${1}"
+ cd "${cdir}" # audit note: we already checked this (see above)
+ done
+ )
+
+ rm -Rf "${sdir}" || \
+ err "bruteforce_extract_blob_intel_me: can't rm -Rf \"${sdir}\""
+}
+
+download_ec()
+{
+ printf "Downloading KBC1126 EC firmware for HP laptop\n"
+
+ fetch_update ec || return 1
+ extract_blob_kbc1126_ec || return 1
+}
+
+extract_blob_kbc1126_ec()
+{
+ printf "Extracting KBC1126 EC firmware for board: %s\n" ${board}
+
+ _ec_destination=${CONFIG_KBC1126_FW1#../../}
+
+ [ -d "${_ec_destination%/*}" ] || \
+ mkdir -p "${_ec_destination%/*}" || \
+ err "extract_blob_kbc1126_ec: !mkdir ${_ec_destination%/*}"
+ [ ! -d "${appdir}" ] || \
+ rm -Rf "${appdir}" || \
+ err "extract_blob_kbc1126_ec: !rm -Rf ${appdir}"
+ if [ -f "${_ec_destination}" ]; then
+ printf "KBC1126 EC firmware already downloaded\n" 1>&2
+ return 0
+ fi
+
+ unar "${dl_path}" -o "${appdir}" || \
+ err "extract_blob_kbc1126_ec: !unar \"${dl_path}\" -o \"${appdir}\""
+
+ (
+ cd "${appdir}/${dl_path##*/}" || \
+ err "extract_blob_kbc1126_ec: !cd \"${appdir}/${dl_path##*/}\""
+
+ mv Rompaq/68*.BIN ec.bin || :
+ if [ ! -f ec.bin ]; then
+ unar -D ROM.CAB Rom.bin || \
+ unar -D Rom.CAB Rom.bin || \
+ unar -D 68*.CAB Rom.bin || \
+ err "extract_blob_kbc1126_ec: can't extract ec.bin"
+ mv Rom.bin ec.bin || \
+ err "extract_blob_kbc1126_ec: *didn't* extract ec.bin"
+ fi
+ [ -f ec.bin ] || \
+ err "extract_blob_kbc1126_ec: ${board}: can't extract ec.bin"
+
+ "${kbc1126_ec_dump}" ec.bin || \
+ err "extract_blob_kbc1126_ec: ${board}: can't extract ecfw1/2.bin"
+ )
+
+ ec_ex="y"
+ for i in 1 2; do
+ [ -f "${appdir}/${dl_path##*/}/ec.bin.fw${i}" ] || ec_ex="n"
+ done
+ [ "${ec_ex}" = "y" ] || \
+ err "extract_blob_kbc1126_ec: ${board}: didn't extract ecfw1/2.bin"
+
+ cp "${appdir}/${dl_path##*/}"/ec.bin.fw* "${_ec_destination%/*}/" || \
+ err "extract_blob_kbc1126_ec: cant mv ecfw1/2 ${_ec_destination%/*}"
+}
+
+download_e6400vga()
+{
+ printf "Downloading Nvidia VGA ROM for Dell Latitude E6400\n"
+
+ fetch_update e6400vga || return 1
+ extract_e6400vga || return 1
+}
+
+extract_e6400vga()
+{
+ printf "Extracting Nvidia VGA ROM for ${board}\n"
+
+ _vga_destination=${CONFIG_VGA_BIOS_FILE#../../}
+
+ if [ -f "${_vga_destination}" ]; then
+ printf "extract_e6400vga: vga rom already downloaded\n" 1>&2
+ return 0
+ fi
+ [ -d "${_vga_destination%/*}" ] || \
+ mkdir -p "${_vga_destination%/*}" || \
+ err "extract_e6400vga: can't mkdir ${_vga_destination%/*}"
+ [ ! -d "${appdir}" ] || \
+ rm -Rf "${appdir}" || \
+ err "extract_e6400vga: can't rm -Rf ${appdir}"
+
+ mkdir -p "${appdir}" || \
+ err "extract_e6400vga: can't mkdir ${appdir}"
+ cp "${dl_path}" "${appdir}" || \
+ err "extract_e6400vga: can't copy vendor update"
+
+ [ "${e6400_vga_offset}" = "" ] && \
+ err "extract_e6400vga: E6400 VGA offset not defined"
+ [ "${e6400_vga_romname}" = "" ] && \
+ err "extract_e6400vga: E6400 VGA ROM name not defined"
+
+ (
+ cd "${appdir}" || \
+ err "extract_e6400vga: can't cd ${appdir}"
+ tail -c +${e6400_vga_offset} "${dl_path##*/}" | gunzip > bios.bin || \
+ err "extract_e6400vga: can't gunzip > bios.bin"
+
+ [ -f "bios.bin" ] || \
+ err "extract_e6400vga: can't extract bios.bin from update"
+ "${e6400_unpack}" bios.bin || printf "TODO: fix dell extract util\n"
+ [ -f "${e6400_vga_romname}" ] || \
+ err "extract_e6400vga: can't extract vga rom from bios.bin"
+ )
+
+ cp "${appdir}"/"${e6400_vga_romname}" "${_vga_destination}" || \
+ err "extract_e6400vga: can't copy vga rom to ${_vga_destination}"
+
+ printf "E6400 Nvidia ROM saved to: %s\n" "${_vga_destination}"
+}
+
+download_sch5545ec()
+{
+ printf "Downloading SMSC SCH5545 Environment Controller firmware\n"
+
+ fetch_update sch5545ec || return 1
+ extract_sch5545ec || return 1
+}
+
+# TODO: this code is cancer. hardcoded is bad, and stupid.
+# TODO: make it *scan* (based on signature, in each file)
+extract_sch5545ec()
+{
+ printf "Extracting SCH5545 Environment Controller firmware for '%s'\n" \
+ ${board}
+
+ _sch5545ec_destination=${CONFIG_SMSC_SCH5545_EC_FW_FILE#../../}
+
+ if [ -f "${_sch5545ec_destination}" ]; then
+ printf "sch5545 firmware already downloaded\n" 1>&2
+ return 0
+ fi
+
+ [ ! -d "${appdir}" ] || rm -Rf "${appdir}" || \
+ err "extract_sch5545ec: can't remove ${appdir}"
+
+ mkdir -p "${appdir}/" || err "extract_sch5545ec: !mkdir ${appdir}"
+ cp "${dl_path}" "${appdir}/" || \
+ err "extract_sch5545ec: can't copy vendor update file"
+ python "${pfs_extract}" "${appdir}/${dlsum}" -e || \
+ err "extract_sch5545ec: can't extract from vendor update"
+
+ # full system ROM (UEFI), to extract with UEFIExtract:
+ _bios="${appdir}/${dlsum}_extracted/Firmware"
+ _bios="${_bios}/1 ${dlsum} -- 1 System BIOS vA.28.bin"
+
+ # this is the SCH5545 firmware, inside of the extracted UEFI ROM:
+ _sch5545ec_fw="${_bios}.dump/4 7A9354D9-0468-444A-81CE-0BF617D890DF"
+ _sch5545ec_fw="${_sch5545ec_fw}/54 D386BEB8-4B54-4E69-94F5-06091F67E0D3"
+ _sch5545ec_fw="${_sch5545ec_fw}/0 Raw section/body.bin" # <-- this!
+
+ # this makes the file defined by _sch5545ec_fw available to copy
+ "${uefiextract}" "${_bios}" || \
+ err "extract_sch5545ec: cannot extract from uefi image"
+
+ cp "${_sch5545ec_fw}" "${_sch5545ec_destination}" || \
+ err "extract_sch5545ec: cannot copy sch5545ec firmware file"
+}
+
+fetch_update()
+{
+ printf "Fetching vendor update for board: %s\n" "${board}"
+
+ fw_type="${1}"
+ dl=""
+ dl_bkup=""
+ dlsum=""
+ if [ "${fw_type}" = "me" ]; then
+ dl=${dl_url}
+ dl_bkup=${dl_url_bkup}
+ dlsum=${dl_hash}
+ elif [ "${fw_type}" = "ec" ]; then
+ dl=${ec_url}
+ dl_bkup=${ec_url_bkup}
+ dlsum=${ec_hash}
+ elif [ "${fw_type}" = "e6400vga" ]; then
+ dl=${e6400_vga_dl_url}
+ dl_bkup=${e6400_vga_dl_url_bkup}
+ dlsum=${e6400_vga_dl_hash}
+ elif [ "${fw_type}" = "sch5545ec" ]; then
+ dl="${sch5545ec_dl_url}"
+ dl_bkup="${sch5545ec_dl_url_bkup}"
+ dlsum="${sch5545ec_dl_hash}"
+ else
+ err "fetch_update: Unsupported download type: ${fw_type}"
+ fi
+
+ [ -z "${dl_url+x}" ] && [ "${fw_type}" != "e6400vga" ] && \
+ err "fetch_update ${fw_type}: dl_url unspecified for: ${board}"
+
+ dl_path="${blobdir}/cache/${dlsum}"
+ mkdir -p "${blobdir}/cache" || err "fetch_update: !mkdir ${blobdir}/cache"
+
+ dl_fail="y"
+ vendor_checksum "${dlsum}" && dl_fail="n"
+ for x in "${dl}" "${dl_bkup}"; do
+ [ "${dl_fail}" = "n" ] && break
+ [ -z "${x}" ] && continue
+ rm -f "${dl_path}" || \
+ err "fetch_update ${fw_type}: !rm -f ${dl_path}"
+ wget -U "${agent}" "${x}" -O "${dl_path}" || continue
+ vendor_checksum "${dlsum}" && dl_fail="n"
+ done
+ if [ "${dl_fail}" = "y" ]; then
+ printf "ERROR: invalid vendor updates for: %s\n" "${board}" 1>&2
+ err "fetch_update ${fw_type}: matched vendor update unavailable"
+ fi
+}
+
+vendor_checksum()
+{
+ if [ ! -f "${dl_path}" ]; then
+ printf "Vendor update not found on disk for: %s\n" "${board}" \
+ 1>&2
+ return 1
+ elif [ "$(sha1sum ${dl_path} | awk '{print $1}')" != "${1}" ]; then
+ printf "Bad checksum on vendor update for: %s\n" "${board}" 1>&2
+ return 1
+ fi
+}
+
+main $@
diff --git a/script/update/blobs/extract b/script/update/blobs/extract
new file mode 100755
index 00000000..fa76dfb5
--- /dev/null
+++ b/script/update/blobs/extract
@@ -0,0 +1,122 @@
+#!/usr/bin/env sh
+# script to automate extracting blobs from an existing vendor bios
+
+# SPDX-FileCopyrightText: 2022 Caleb La Grange <thonkpeasant@protonmail.com>
+# SPDX-FileCopyrightText: 2023 Leah Rowe <leah@libreboot.org>
+# SPDX-License-Identifier: GPL-3.0-only
+
+. "include/err.sh"
+
+sname=""
+board=""
+vendor_rom=""
+
+cbdir="coreboot/default"
+cbcfgsdir="resources/coreboot"
+ifdtool="${cbdir}/util/ifdtool/ifdtool"
+mecleaner="me_cleaner/me_cleaner.py"
+me7updateparser="resources/blobs/me7_update_parser.py"
+
+boarddir=""
+
+CONFIG_HAVE_MRC=""
+CONFIG_ME_BIN_PATH=""
+CONFIG_GBE_BIN_PATH=""
+CONFIG_IFD_BIN_PATH=""
+
+_me_destination=""
+_gbe_destination=""
+_ifd_destination=""
+
+main()
+{
+ sname=${0}
+ [ $# -lt 2 ] && err "Missing arguments (fewer than two)."
+
+ board="${1}"
+ vendor_rom="${2}"
+ boarddir="${cbcfgsdir}/${board}"
+
+ check_board
+ build_dependencies
+ extract_blobs
+}
+
+check_board()
+{
+ if [ ! -f "${vendor_rom}" ]; then
+ err "check_board: ${board}: file does not exist: ${vendor_rom}"
+ elif [ ! -d "${boarddir}" ]; then
+ err "check_board: ${board}: target not defined"
+ elif [ ! -f "${boarddir}/target.cfg" ]; then
+ err "check_board: ${board}: missing target.cfg"
+ fi
+}
+
+build_dependencies()
+{
+ if [ ! -d me_cleaner ]; then
+ ./fetch me_cleaner || \
+ err "build_dependencies: can't fetch me_cleaner"
+ elif [ ! -d "${cbdir}" ]; then
+ ./fetch_trees coreboot default || \
+ err "build_dependencies: can't fetch coreboot"
+ elif [ ! -f "${ifdtool}" ]; then
+ make -C "${ifdtool%/ifdtool}" || \
+ err "build_dependencies: can't build ifdtool"
+ fi
+}
+
+extract_blobs()
+{
+ printf "extracting blobs for %s from %s\n" ${board} ${vendor_rom}
+
+ set -- "${boarddir}/config/"*
+ . "${1}"
+ . "${boarddir}/target.cfg"
+
+ [ "$CONFIG_HAVE_MRC" != "y" ] || \
+ ./update blobs mrc || err "extract_blobs: can't fetch mrc"
+
+ _me_destination=${CONFIG_ME_BIN_PATH#../../}
+ _gbe_destination=${CONFIG_GBE_BIN_PATH#../../}
+ _ifd_destination=${CONFIG_IFD_BIN_PATH#../../}
+
+ extract_blob_intel_me
+ extract_blob_intel_gbe_nvm
+
+ # Cleans up other files extracted with ifdtool
+ rm -f flashregion*.bin || err "extract_blobs: !rm -f flashregion*.bin"
+
+ [ -f "${_ifd_destination}" ] || err "extract_blobs: Cannot extract IFD"
+ printf "gbe, ifd, and me extracted to %s\n" "${_me_destination%/*}"
+}
+
+extract_blob_intel_me()
+{
+ printf "extracting clean ime and modified ifd\n"
+
+ "${mecleaner}" -D "${_ifd_destination}" \
+ -M "${_me_destination}" "${vendor_rom}" -t -r -S || \
+ "${me7updateparser}" \
+ -O "${_me_destination}" "${vendor_rom}" || \
+ err "extract_blob_intel_me: cannot extract from vendor rom"
+}
+
+extract_blob_intel_gbe_nvm()
+{
+ printf "extracting gigabit ethernet firmware"
+ ./"${ifdtool}" -x "${vendor_rom}" || \
+ err "extract_blob_intel_gbe_nvm: cannot extract gbe.bin from rom"
+ mv flashregion*gbe.bin "${_gbe_destination}" || \
+ err "extract_blob_intel_gbe_nvm: cannot move gbe.bin"
+}
+
+print_help()
+{
+ printf "Usage: ./update blobs extract {boardname} {path/to/vendor_rom}\n"
+ printf "Example: ./update blobs extract x230 12mb_flash.bin\n"
+ printf "\nYou need to specify exactly 2 arguments\n"
+}
+
+main $@
diff --git a/script/update/blobs/inject b/script/update/blobs/inject
new file mode 100755
index 00000000..bc6b55c9
--- /dev/null
+++ b/script/update/blobs/inject
@@ -0,0 +1,362 @@
+#!/usr/bin/env sh
+
+# SPDX-FileCopyrightText: 2022 Caleb La Grange <thonkpeasant@protonmail.com>
+# SPDX-FileCopyrightText: 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com>
+# SPDX-FileCopyrightText: 2023 Leah Rowe <info@minifree.org>
+# SPDX-License-Identifier: GPL-3.0-only
+
+. "include/err.sh"
+
+sname=""
+archive=""
+_filetype=""
+rom=""
+board=""
+modifygbe=""
+new_mac=""
+release=""
+releasearchive=""
+
+cbdir="coreboot/default"
+cbcfgsdir="resources/coreboot"
+ifdtool="cbutils/default/ifdtool"
+cbfstool="cbutils/default/cbfstool"
+nvmutil="util/nvmutil/nvm"
+boarddir=""
+pciromsdir="pciroms"
+
+CONFIG_HAVE_MRC=""
+CONFIG_HAVE_ME_BIN=""
+CONFIG_ME_BIN_PATH=""
+CONFIG_KBC1126_FIRMWARE=""
+CONFIG_KBC1126_FW1=""
+CONFIG_KBC1126_FW1_OFFSET=""
+CONFIG_KBC1126_FW2=""
+CONFIG_KBC1126_FW2_OFFSET=""
+CONFIG_VGA_BIOS_FILE=""
+CONFIG_VGA_BIOS_ID=""
+CONFIG_GBE_BIN_PATH=""
+CONFIG_INCLUDE_SMSC_SCH5545_EC_FW=""
+CONFIG_SMSC_SCH5545_EC_FW_FILE=""
+
+main()
+{
+ sname="${0}"
+
+ [ $# -lt 1 ] && err "No options specified."
+ [ "${1}" = "listboards" ] && \
+ ./build command options resources/coreboot && exit 0
+
+ archive="${1}"
+
+ while getopts r:b:m: option
+ do
+ case "${option}" in
+ r)
+ rom=${OPTARG} ;;
+ b)
+ board=${OPTARG} ;;
+ m)
+ modifygbe=true
+ new_mac=${OPTARG} ;;
+ esac
+ done
+
+ check_board
+ build_dependencies
+ inject_blobs
+
+ printf "Friendly reminder (this is *not* an error message):\n"
+ printf "Please always ensure that the files were inserted correctly.\n"
+ printf "Read: https://libreboot.org/docs/install/ivy_has_common.html\n"
+}
+
+check_board()
+{
+ if ! check_release "${archive}" ; then
+ [ -f "${rom}" ] || \
+ err "check_board: \"${rom}\" is not a valid path"
+ [ -z ${rom+x} ] && \
+ err "check_board: no rom specified"
+ [ ! -z ${board+x} ] || \
+ board=$(detect_board "${rom}")
+ else
+ release=true
+ releasearchive="${archive}"
+ board=$(detect_board "${archive}")
+ fi
+
+ boarddir="${cbcfgsdir}/${board}"
+ if [ ! -d "${boarddir}" ]; then
+ err "check_board: board ${board} not found"
+ fi
+}
+
+check_release()
+{
+ [ -f "${archive}" ] || return 1
+ [ "${archive##*.}" = "xz" ] || return 1
+ printf "%s\n" "Release archive ${archive} detected"
+}
+
+# This function tries to determine the board from the filename of the rom.
+# It will only succeed if the filename is not changed from the build/download
+detect_board()
+{
+ path="${1}"
+ filename=$(basename ${path})
+ case ${filename} in
+ grub_*)
+ board=$(echo "${filename}" | cut -d '_' -f2-3) ;;
+ seabios_withgrub_*)
+ board=$(echo "${filename}" | cut -d '_' -f3-4) ;;
+ *.tar.xz)
+ _stripped_prefix=${filename#*_}
+ board="${_stripped_prefix%.tar.xz}" ;;
+ *)
+ err "detect_board: could not detect board type"
+ esac
+ [ -d "${boarddir}/" ] || \
+ err "detect_board: dir, ${boarddir}, doesn't exist"
+ printf '%s\n' "${board}"
+}
+
+build_dependencies()
+{
+ [ -d "${cbdir}" ] || ./fetch_trees coreboot default
+ ./build coreboot utils default || \
+ err "build_dependencies: could not build cbutils"
+ ./update blobs download ${board} || \
+ err "build_dependencies: Could not download blobs for ${board}"
+}
+
+inject_blobs()
+{
+ if [ "${release}" = "true" ]; then
+ printf "patching release file\n"
+ patch_release_roms
+ else
+ patch_rom "${rom}" || \
+ err "inject_blobs: could not patch ${x}"
+ fi
+}
+
+patch_release_roms()
+{
+ _tmpdir=$(mktemp -d "/tmp/${board}_tmpXXXX")
+ tar xf "${releasearchive}" -C "${_tmpdir}" || \
+ err "patch_release_roms: could not extract release archive"
+
+ for x in "${_tmpdir}"/bin/*/*.rom ; do
+ echo "patching rom $x"
+ patch_rom "${x}" || err "patch_release_roms: could not patch ${x}"
+ done
+
+ (
+ cd "${_tmpdir}"/bin/*
+ sha1sum --status -c blobhashes || \
+ err "patch_release_roms: ROMs did not match expected hashes"
+ )
+
+ if [ "${modifygbe}" = "true" ]; then
+ for x in "${_tmpdir}"/bin/*/*.rom ; do
+ modify_gbe "${x}"
+ done
+ fi
+
+ [ -d bin/release ] || mkdir -p bin/release || \
+ err "patch_release_roms: !mkdir -p bin/release"
+ mv "${_tmpdir}"/bin/* bin/release/ || \
+ err "patch_release_roms: !mv ${_tmpdir}/bin/* bin/release/"
+
+ printf "Success! Your ROMs are in bin/release\n"
+
+ rm -Rf "${_tmpdir}" || err "patch_release_roms: !rm -Rf ${_tmpdir}"
+}
+
+patch_rom()
+{
+ rom="${1}"
+
+ no_config="printf \"No configs on target, %s\\n\" ${board} 1>&2; exit 1"
+ for x in "${boarddir}"/config/*; do
+ [ -f "${x}" ] && no_config=""
+ done
+ eval "${no_config}"
+
+ [ -f "${boarddir}/target.cfg" ] || \
+ err "patch_rom: file missing: ${boarddir}/target.cfg"
+
+ set -- "${boarddir}/config/"*
+ . "${1}"
+ . "${boarddir}/target.cfg"
+
+ [ "$CONFIG_HAVE_MRC" = "y" ] && \
+ inject_blob_intel_mrc "${rom}"
+ [ "${CONFIG_HAVE_ME_BIN}" = "y" ] && \
+ inject_blob_intel_me "${rom}"
+ [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ] && \
+ inject_blob_hp_kbc1126_ec "${rom}"
+ [ "${CONFIG_VGA_BIOS_FILE}" != "" ] && \
+ [ "${CONFIG_VGA_BIOS_ID}" != "" ] && \
+ inject_blob_dell_e6400_vgarom_nvidia
+ [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ] && \
+ [ "${CONFIG_SMSC_SCH5545_EC_FW_FILE}" != "" ] && \
+ inject_blob_smsc_sch5545_ec "${rom}"
+ [ "${modifygbe}" = "true" ] && ! [ "${release}" = "true" ] && \
+ modify_gbe "${rom}"
+
+ printf "ROM image successfully patched: %s\n" "${rom}"
+}
+
+inject_blob_intel_mrc()
+{
+ rom="${1}"
+
+ printf 'adding mrc\n'
+
+ # mrc.bin must be inserted at a specific offset. the only
+ # libreboot platform that needs it, at present, is haswell
+
+ # in cbfstool, -b values above 0x80000000 are interpreted as
+ # top-aligned x86 memory locations. this is converted into an
+ # absolute offset within the flash, and inserted accordingly
+ # at that offset into the ROM image file
+
+ # coreboot's own build system hardcodes the mrc.bin offset
+ # because there is only one correct location in memory, but
+ # it would be useful for lbmk if it could be easily scanned
+ # from Kconfig, with the option to change it where in practise
+ # it is not changed
+
+ # the hardcoded offset below is based upon reading of the coreboot
+ # source code, and it is *always* correct for haswell platform.
+ # TODO: this logic should be tweaked to handle more platforms
+
+ "${cbfstool}" "${rom}" add -f mrc/haswell/mrc.bin -n mrc.bin -t mrc \
+ -b 0xfffa0000 || err "inject_blob_intel_mrc: cannot insert mrc.bin"
+}
+
+inject_blob_intel_me()
+{
+ printf 'adding intel management engine\n'
+
+ rom="${1}"
+ [ -z ${CONFIG_ME_BIN_PATH} ] && \
+ err "inject_blob_intel_me: CONFIG_ME_BIN_PATH not set"
+
+ _me_location=${CONFIG_ME_BIN_PATH#../../}
+ [ ! -f "${_me_location}" ] && \
+ err "inject_blob_intel_me: per CONFIG_ME_BIN_PATH: file missing"
+
+ "${ifdtool}" -i me:"${_me_location}" "${rom}" -O "${rom}" || \
+ err "inject_blob_intel_me: cannot insert me.bin"
+}
+
+inject_blob_hp_kbc1126_ec()
+{
+ rom="${1}"
+
+ _ec1_location="${CONFIG_KBC1126_FW1#../../}"
+ _ec1_offset="${CONFIG_KBC1126_FW1_OFFSET}"
+ _ec2_location="${CONFIG_KBC1126_FW2#../../}"
+ _ec2_offset="${CONFIG_KBC1126_FW2_OFFSET}"
+
+ printf "adding hp kbc1126 ec firmware\n"
+
+ if [ "${_ec1_offset}" = "" ] || [ "${_ec1_offset}" = "" ]; then
+ err "inject_blob_hp_kbc1126_ec: ${board}: offset not declared"
+ fi
+ if [ "${_ec1_location}" = "" ] || [ "${_ec2_location}" = "" ]; then
+ err "inject_blob_hp_kbc1126_ec: ${board}: EC path not declared"
+ fi
+ if [ ! -f "${_ec1_location}" ] || [ ! -f "${_ec2_location}" ]; then
+ err "inject_blob_hp_kbc1126_ec: ${board}: ecfw not downloaded"
+ fi
+
+ "${cbfstool}" "${rom}" add -f "${_ec1_location}" -n ecfw1.bin \
+ -b ${_ec1_offset} -t raw || \
+ err "inject_blob_hp_kbc1126_ec: cannot insert ecfw1.bin"
+ "${cbfstool}" "${rom}" add -f "${_ec2_location}" -n ecfw2.bin \
+ -b ${_ec2_offset} -t raw || \
+ err "inject_blob_hp_kbc1126_ec: cannot insert ecfw2.bin"
+}
+
+inject_blob_dell_e6400_vgarom_nvidia()
+{
+ rom="${1}"
+
+ _vga_location="${CONFIG_VGA_BIOS_FILE#../../}"
+ _vga_dir="${_vga_location%/*}"
+ _vga_filename="${_vga_location##*/}"
+
+ printf "adding pci option rom\n"
+
+ if [ "${_vga_dir}" != "${pciromsdir}" ]; then
+ err "inject_blob_dell_e6400vga: invalid pcirom dir: ${_vga_dir}"
+ fi
+ if [ ! -f "${_vga_location}" ]; then
+ err "inject_blob_dell_e6400vga: ${_vga_location} doesn't exist"
+ fi
+
+ "${cbfstool}" "${rom}" add -f "${_vga_location}" \
+ -n "pci${CONFIG_VGA_BIOS_ID}.rom" -t optionrom || \
+ err "inject_blob_dell_e6400vga: cannot insert vga oprom"
+}
+
+inject_blob_smsc_sch5545_ec()
+{
+ rom="${1}"
+
+ _sch5545ec_location="${CONFIG_SMSC_SCH5545_EC_FW_FILE#../../}"
+
+ if [ ! -f "${_sch5545ec_location}" ]; then
+ err "inject_blob_smsc_sch5545_ec: SCH5545 fw missing"
+ fi
+
+ "${cbfstool}" "${rom}" add -f "${_sch5545ec_location}" \
+ -n sch5545_ecfw.bin -t raw || \
+ err "inject_blob_smsc_sch5545_ec: can't insert sch5545_ecfw.bin"
+}
+
+modify_gbe()
+{
+ printf "changing mac address in gbe to ${new_mac}\n"
+
+ rom="${1}"
+
+ [ -z ${CONFIG_GBE_BIN_PATH} ] && \
+ err "modify_gbe: ${board}: CONFIG_GBE_BIN_PATH not set"
+
+ _gbe_location=${CONFIG_GBE_BIN_PATH#../../}
+
+ [ -f "${_gbe_location}" ] || \
+ err "modify_gbe: CONFIG_GBE_BIN_PATH points to missing file"
+ [ -f "${nvmutil}" ] || \
+ make -C util/nvmutil || err "modify_gbe: couldn't build nvmutil"
+
+ _gbe_tmp=$(mktemp -t gbeXXXX.bin)
+ cp "${_gbe_location}" "${_gbe_tmp}"
+ "${nvmutil}" "${_gbe_tmp}" setmac "${new_mac}" || \
+ err "modify_gbe: ${board}: failed to modify mac address"
+
+ "${ifdtool}" -i GbE:"${_gbe_tmp}" "${rom}" -O "${rom}" || \
+ err "modify_gbe: ${board}: cannot insert modified gbe.bin"
+
+ rm -f "${_gbe_tmp}"
+}
+
+usage()
+{
+ cat <<- EOF
+ USAGE: ./update blobs inject -r [rom path] -b [boardname] -m [macaddress]
+ Example: ./update blobs inject -r x230_12mb.rom -b x230_12mb
+
+ Adding a macadress to the gbe is optional.
+ If the [-m] parameter is left blank, the gbe will not be touched.
+
+ Type './update blobs inject listboards' to get a list of valid boards
+ EOF
+}
+
+main $@
diff --git a/script/update/blobs/mrc b/script/update/blobs/mrc
new file mode 100755
index 00000000..c069e678
--- /dev/null
+++ b/script/update/blobs/mrc
@@ -0,0 +1,184 @@
+#!/usr/bin/env sh
+
+# Download Intel MRC images
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+[ "x${DEBUG+set}" = 'xset' ] && set -v
+set -u -e
+
+. "include/err.sh"
+
+export PATH="${PATH}:/sbin"
+
+# This file is forked from util/chromeos/crosfirmware.sh in coreboot cfc26ce278
+# Changes to it in *this version* are copyright 2021 and 2023 Leah Rowe, under
+# the same license as above.
+
+# use updated manifest from wayback machine, when updating mrc.bin,
+# and update the other variables below accordingly. current manifest used:
+# https://web.archive.org/web/20210211071412/https://dl.google.com/dl/edgedl/chromeos/recovery/recovery.conf
+
+# the wayback machine is used so that we get the same manifest. google
+# does not seem to version the manifest, but archives are available
+
+# variables taken from that manifest:
+
+_board="peppy"
+_file="chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin"
+_url="https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin.zip"
+_url2="https://web.archive.org/web/20200516070928/https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_12239.92.0_peppy_recovery_stable-channel_mp-v3.bin.zip"
+_sha1sum="cd5917cbe7f821ad769bf0fd87046898f9e175c8"
+_mrc_complete_hash="d18de1e3d52c0815b82ea406ca07897c56c65696"
+_mrc_complete="mrc/haswell/mrc.bin"
+
+cbdir="coreboot/default"
+cbfstool="cbutils/default/cbfstool"
+
+sname=""
+
+main()
+{
+ sname=${0}
+ printf "Downloading Intel MRC blobs\n"
+
+ check_existing || return 0
+ build_dependencies
+ fetch_mrc || err "could not fetch mrc.bin"
+}
+
+check_existing()
+{
+ [ -f "${_mrc_complete}" ] || \
+ return 0
+ printf 'found existing mrc.bin\n'
+ [ "$(sha1sum "${_mrc_complete}" | awk '{print $1}')" \
+ = "${_mrc_complete_hash}" ] && \
+ return 1
+ printf 'hashes did not match, starting over\n'
+}
+
+build_dependencies()
+{
+ [ -d "${cbdir}/" ] || ./fetch_trees coreboot default || \
+ err "build_dependencies: cannot fetch coreboot/default"
+ ./build coreboot utils default || \
+ err "build_dependencies: cannot build cbutils/default"
+}
+
+fetch_mrc()
+{
+ mkdir -p mrc/haswell/ || err "fetch_mrc: !mkdir mrc/haswell"
+
+ (
+ cd mrc/haswell/ || err "fetch_mrc: !cd mrc/haswell"
+
+ download_image "${_url}" "${_file}" "${_sha1sum}"
+ [ -f ${_file} ] || \
+ download_image "${_url2}" "${_file}" "${_sha1sum}"
+ [ -f $_file ] || \
+ err "fetch_mrc: ${_file} not downloaded / verification failed."
+
+ extract_partition ROOT-A "${_file}" root-a.ext2
+ extract_shellball root-a.ext2 chromeos-firmwareupdate-${_board}
+
+ extract_coreboot chromeos-firmwareupdate-${_board}
+
+ ../../"${cbfstool}" coreboot-*.bin extract -f mrc.bin -n mrc.bin \
+ -r RO_SECTION || err "fetch_mrc: could not fetch mrc.bin"
+ rm -f "chromeos-firmwareupdate-${_board}" coreboot-*.bin \
+ "${_file}" "root-a.ext2" || err "fetch_mrc: cannot remove files"
+
+ printf "\n\nmrc.bin saved to ${_mrc_complete}\n\n"
+ )
+}
+
+download_image()
+{
+ url=${1}
+ _file=${2}
+ _sha1sum=${3}
+
+ printf "Downloading recovery image\n"
+ curl "$url" > "$_file.zip" || err "download_image: curl failed"
+ printf "Verifying recovery image checksum\n"
+ if [ "$(sha1sum "${_file}.zip" | awk '{print $1}')" = "${_sha1sum}" ]
+ then
+ unzip -q "${_file}.zip" || err "download_image: cannot unzip"
+ rm -f "${_file}.zip" || err "download_image: can't rm zip {1}"
+ return 0
+ fi
+ rm -f "${_file}.zip" || err "download_image: bad hash, and can't rm zip"
+ err "download_image: Bad checksum. Recovery image deleted"
+}
+
+extract_partition()
+{
+ NAME=${1}
+ FILE=${2}
+ ROOTFS=${3}
+ _bs=1024
+
+ printf "Extracting ROOT-A partition\n"
+ ROOTP=$( printf "unit\nB\nprint\nquit\n" | \
+ parted "${FILE}" 2>/dev/null | grep "${NAME}" )
+
+ START=$(( $( echo ${ROOTP} | cut -f2 -d\ | tr -d "B" ) ))
+ SIZE=$(( $( echo ${ROOTP} | cut -f4 -d\ | tr -d "B" ) ))
+
+ dd if="${FILE}" of="${ROOTFS}" bs=${_bs} skip=$(( ${START} / ${_bs} )) \
+ count=$(( ${SIZE} / ${_bs} )) || \
+ err "extract_partition: can't extract root file system"
+}
+
+extract_shellball()
+{
+ ROOTFS=${1}
+ SHELLBALL=${2}
+
+ printf "Extracting chromeos-firmwareupdate\n"
+ printf "cd /usr/sbin\ndump chromeos-firmwareupdate ${SHELLBALL}\nquit" \
+ | debugfs "${ROOTFS}" || err "extract_shellball: debugfs"
+}
+
+extract_coreboot()
+{
+ _shellball=${1}
+ _unpacked=$( mktemp -d )
+
+ printf "Extracting coreboot image\n"
+
+ [ -f "${_shellball}" ] || \
+ err "extract_coreboot: shellball missing in google peppy image"
+
+ sh "${_shellball}" --unpack "${_unpacked}" || \
+ err "extract_coreboot: shellball exits with non-zero status"
+
+ # TODO: audit the f* out of that shellball, for each mrc version.
+ # it has to be updated for each mrc update. we should ideally
+ # implement the functionality ourselves.
+
+ [ -f "${_unpacked}/VERSION" ] || \
+ err "extract_coreboot: VERSION file missing on google coreboot rom"
+
+ _version=$( cat "${_unpacked}/VERSION" | grep BIOS\ version: | \
+ cut -f2 -d: | tr -d \ )
+
+ cp "${_unpacked}/bios.bin" "coreboot-${_version}.bin" || \
+ err "extract_coreboot: cannot copy google peppy rom"
+ rm -Rf "${_unpacked}" || \
+ err "extract_coreboot: cannot remove extracted google peppy archive"
+}
+
+main $@