| Age | Commit message (Collapse) | Author |
|---|
|
we don't need it. the documentation only tells you
now to run ./mk -b coreboot target1 target2 etc
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
write to .version and .versiondate, instead
of version and versiondate.
this will hide them to avoid visual clutter while
analysing files within lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
remove the corresponding files, containing these strings
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
these are obsolete commands for backward compatibility,
but they are being removed before the next release.
the documentation has for some now only referenced use
of the ./mk commands, making lbmk live up to its name!
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i'm removing all the backward-compatibility in the
build system, so that only the ./mk command is available
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
provide it in a new function: mkhelp()
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Otherwise, the current return prevents set -u -e
after the case/switch block, which is a problem if
set +u +e was done at any point before the return.
Remove the return in the roms) section of the case/switch
block, and make the building of coreboot images part of
an else clause.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
build_depend is already blanked anyway, but it can't
hurt to have an extra check here.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this way, the error message will never be incorrect,
which i had to fix in a recent patch.
now, the same string is used for error messages and getopt.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
mode is already initialised as an empty string
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
mode is already initialised as an empty string
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this is not necessary. the fetch mode is still handled,
as before, and no make commands will run in this case.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
So much bloat
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
instead of running pwd all the time, run it once in lib.sh,
and export PWD.
for lbmk-specific use of PWD, use xbmkpwd, which contains
the value of PWD as was set by the pwd utility in lib.sh.
many parts of lbmk rely on pwd, and it *must* be correct.
this change adds basic error handling, since pwd can in
fact return errors in some cases.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
it's incorrect for PATH not to be set, but some users
may foolishly blank it out before running lbmk.
prevent such issues, by initialising it.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
PWD could be anything, if the user manually exported
it before running lbmk.
always run pwd instead, to get the real string.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
several code lines were condensed together, which
make them less readable. make the code more readable
by having separate commands on separate lines.
i previously did this during my manic build system
audits of 2023 and 2024; condensing lines like this
is overly pedantic and serves no real purpose.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
E.g. ./mk -f coreboot is valid
./mk coreboot -f is not valid
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
We were already covering this from the main build
script, but it's good to also check it here.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
We don't want any build commands to run, when
the -f flag is used.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
The "mode" variable is used as a suffix for make commands,
for example ./mk -m sets mode to "menuconfig", which means
you want to run "make menuconfig".
When fetching sources (./mk -f), I was setting mode to "fetch",
and putting checks in code to avoid use of make when mode was
set to "fetch".
The behaviour now is identical, except that a new variable
called "do_make" is set to "n" when doing ./mk -f, otherwise
set to "y", and this is checked instead. This should make
the meaning of the code somewhat clearer.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
some lines were needlessly condensed, and less readable
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
I was importing a patch for the z790 boards, but
Libreboot doesn't support this board yet, and the
patch was a hack that may affect other boards.
When I do later merge that board, and I find that the
hack is needed, I'll simply make another grub tree
within lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
_fsp is obsolete. people should use _vfsp
_fsp was kept for a short while, for backward compatibility,
but nobody really uses it now and it just causes confusion
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
You can find information about these patches here:
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
GRUB has been on a crusade as of late, to proactively audit
and fix many security vulnerabilities. This lbmk change brings
in a comprehensive series of patches that fix bugs ranging from
possible buffer overflows, use-after frees, null derefs and so on.
These changes are critical, so a revision release *will* be issued,
for the Libreboot 20241206 release series.
This change imports the following 73 patches which
are present on the upstream GRUB repository (commit IDs
matched to upstream):
* 4dc616657 loader/i386/bsd: Use safe math to avoid underflow
* 490a6ab71 loader/i386/linux: Cast left shift to grub_uint32_t
* a8d6b0633 kern/misc: Add sanity check after grub_strtoul() call
* 8e6e87e79 kern/partition: Add sanity check after grub_strtoul() call
* 5b36a5210 normal/menu: Use safe math to avoid an integer overflow
* 9907d9c27 bus/usb/ehci: Define GRUB_EHCI_TOGGLE as grub_uint32_t
* f8795cde2 misc: Ensure consistent overflow error messages
* 66733f7c7 osdep/unix/getroot: Fix potential underflow
* d13b6e8eb script/execute: Fix potential underflow and NULL dereference
* e3c578a56 fs/sfs: Check if allocated memory is NULL
* 1c06ec900 net: Check if returned pointer for allocated memory is NULL
* dee2c14fd net: Prevent overflows when allocating memory for arrays
* 4beeff8a3 net: Use safe math macros to prevent overflows
* dd6a4c8d1 fs/zfs: Add missing NULL check after grub_strdup() call
* 13065f69d fs/zfs: Check if returned pointer for allocated memory is NULL
* 7f38e32c7 fs/zfs: Prevent overflows when allocating memory for arrays
* 88e491a0f fs/zfs: Use safe math macros to prevent overflows
* cde9f7f33 fs: Prevent overflows when assigning returned values from read_number()
* 84bc0a9a6 fs: Prevent overflows when allocating memory for arrays
* 6608163b0 fs: Use safe math macros to prevent overflows
* fbaddcca5 disk/ieee1275/ofdisk: Call grub_ieee1275_close() when grub_malloc() fails
* 33bd6b5ac disk: Check if returned pointer for allocated memory is NULL
* d8151f983 disk: Prevent overflows when allocating memory for arrays
* c407724da disk: Use safe math macros to prevent overflows
* c4bc55da2 fs: Disable many filesystems under lockdown
* 26db66050 fs/bfs: Disable under lockdown
* 5f31164ae commands/hexdump: Disable memory reading in lockdown mode
* 340e4d058 commands/memrw: Disable memory reading in lockdown mode
* 34824806a commands/minicmd: Block the dump command in lockdown mode
* c68b7d236 commands/test: Stack overflow due to unlimited recursion depth
* dad8f5029 commands/read: Fix an integer overflow when supplying more than 2^31 characters
* b970a5ed9 gettext: Integer overflow leads to heap OOB write
* 09bd6eb58 gettext: Integer overflow leads to heap OOB write or read
* 7580addfc gettext: Remove variables hooks on module unload
* 9c1619773 normal: Remove variables hooks on module unload
* 2123c5bca commands/pgp: Unregister the "check_signatures" hooks on module unload
* 0bf56bce4 commands/ls: Fix NULL dereference
* 05be856a8 commands/extcmd: Missing check for failed allocation
* 98ad84328 kern/dl: Check for the SHF_INFO_LINK flag in grub_dl_relocate_symbols()
* d72208423 kern/dl: Use correct segment in grub_dl_set_mem_attrs()
* 500e5fdd8 kern/dl: Fix for an integer overflow in grub_dl_ref()
* 2c34af908 video/readers/jpeg: Do not permit duplicate SOF0 markers in JPEG
* 0707accab net/tftp: Fix stack buffer overflow in tftp_open()
* 5eef88152 net: Fix OOB write in grub_net_search_config_file()
* aa8b4d7fa net: Remove variables hooks when interface is unregisted
* a1dd8e59d net: Unregister net_default_ip and net_default_mac variables hooks on unload
* d8a937cca script/execute: Limit the recursion depth
* 8a7103fdd kern/partition: Limit recursion in part_iterate()
* 18212f064 kern/disk: Limit recursion depth
* 67f70f70a disk/loopback: Reference tracking for the loopback
* 13febd78d disk/cryptodisk: Require authentication after TPM unlock for CLI access
* 16f196874 kern/file: Implement filesystem reference counting
* a79106872 kern/file: Ensure file->data is set
* d1d6b7ea5 fs/xfs: Ensuring failing to mount sets a grub_errno
* 6ccc77b59 fs/xfs: Fix out-of-bounds read
* 067b6d225 fs/ntfs: Implement attribute verification
* 048777bc2 fs/ntfs: Use a helper function to access attributes
* 237a71184 fs/ntfs: Track the end of the MFT attribute buffer
* aff263187 fs/ntfs: Fix out-of-bounds read
* 7e2f750f0 fs/ext2: Fix out-of-bounds read for inline extents
* edd995a26 fs/jfs: Inconsistent signed/unsigned types usage in return values
* bd999310f fs/jfs: Use full 40 bits offset and address for a data extent
* ab09fd053 fs/jfs: Fix OOB read caused by invalid dir slot index
* 66175696f fs/jfs: Fix OOB read in jfs_getent()
* 1443833a9 fs/iso9660: Fix invalid free
* 965db5970 fs/iso9660: Set a grub_errno if mount fails
* f7c070a2e fs/hfsplus: Set a grub_errno if mount fails
* 563436258 fs/f2fs: Set a grub_errno if mount fails
* 0087bc690 fs/tar: Integer overflow leads to heap OOB write
* 2c8ac08c9 fs/tar: Initialize name in grub_cpio_find_file()
* 417547c10 fs/hfs: Fix stack OOB write with grub_strcpy()
* c1a291b01 fs/ufs: Fix a heap OOB write
* ea703528a misc: Implement grub_strlcpy()
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Riku_V/lbmk:master into master
Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/271
|
|
Most importantly this should fix issues with rp2350 boards
not synchronizing properly.
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
|
|
The messages didn't really make sense.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
runxiyu/lbmk:readme-simplification into master
Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/269
|
|
I think newlines look better here. The indent that bullet-pointed lists
have, does not seem natural at the start of the document.
Signed-off-by: runxiyu <me@runxiyu.org>
|
|
|
|
|
|
SeaBIOS has been supported for a long time and seems to be the
"recommended" payload nowadays (though usually with GRUB too). I haven't
seen Tianocore / EDK II been mentioned in a while. U-Boot support was
added as of Libreboot 20241206-rev8.
Signed-off-by: Runxi Yu <me@runxiyu.org>
|
|
runxiyu/lbmk:master into master
Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/267
|
|
genisoimage is not a an AUR package as suggested by aur_notice. It is
available in the "cdrtools" package in the repositories.
References: https://archlinux.org/packages/extra/x86_64/cdrtools/
Signed-off-by: Runxi Yu <me@runxiyu.org>
|
|
after setting the checksum too
this is functionally no different, but setting it
at the start didn't sit right with me.
it's more logically correct to set it at the end,
in case any error did not result in an exit.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i accidentally committed one where i'd changed
the mac address, on a previous revision to nvmutil
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
We're checking if errno is ENOTDIR, not setting it;
the previous code would always return true, and then
set errno 0, which in the context of this code was
actually OK, so this patch makes no functional difference
in practise.
However, I'm a stickler for technical correctness. I caught
this when trying to compile with clang, because clang is
quite pedantic about checking for exactly this type of bug.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
previously, if the user ran:
./nvm GBE [MAC address]
it would error, treating the MAC as a command
now if only 3 arguments are provided, and the
3rd argument ins't a valid command, it's treated
as a MAC address and validated accordingly.
this should make nvmutil easier to use, because
I imagine a lot of users forget to use setmac
there's no reason we should be so pedantic. we
should allow it to be used flexibly like this
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
we only use it there, so we should only define it
there. it's used to detect host CPU endianness.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
