summaryrefslogtreecommitdiff
path: root/include/lib.sh
AgeCommit message (Collapse)Author
2025-01-02vendor.sh: MUCH, MUCH, MUCH safer ./mk injectLeah Rowe
Don't extract to bin/release/ Modify the tarball instead. Previously, the tarball would not be modified, but a lot of users thought the tarball was being modified and ignored bin/release/, where the injected images were actually being saved to. Don't copy the tarball either. Just modify it in-place. Don't allow single-rom injection either; only allow the tarball-based method. The command syntax has changed, but: ./mk inject tarball.tar.xz This is the same. What has changed is nuke, and MAC address modification. Observe: ./mk inject tarball.tar.xz nuke ./mk inject tarball.tar.xz setmac ./mk inject tarball.tar.xz setmac ??:??:??:??:??:?? ./mk inject tarball.tar.xz setmac 00:1f:16:??:22:aa These are just a few examples. The MAC address syntax is the same as used for nvmutil, which means you can set it randomly. Also: ./mk inject tarball.tar.xz setmac You can use the *setmac* command *repeatedly*, even if you've already injected a given archive. It'll just update the archive, but skip injecting other files that were already injected. If you use setmac without a MAC address, it will randomise the MAC address. This is therefore very similar to the command structure used in nvmutil. The code for injection is generally more robust, with stronger error checks. This design change was done, so that the user doesn't accidentally brick their machine. The non-injected images have a prefix in the file name saying "DO_NOT_FLASH", and those non-injected images are padded by 1 byte. That way, the user knows not to flash it and if they try, flashprog will throw an error. The prefix and padding is removed on injection. Old images without the padding/prefix can still be injected, via tarballs; this new code is backwards-compatible with tarballs from older Libreboot releases. A common thing I see sometimes is a user will say they have a black screen or something, and I say: did you insert vendor files? And they say yes. And they did. But they extracted and flashed from the tarball, which wasn't injected, because they didn't release about bin/release/ No amount of RTFM is justified. The previous design flaw is a bug. We must always observe user safety first, no matter what, so that has now been done. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-31hp820g2: fix vendorfile inject and set release=yLeah Rowe
I believed that the compressed nature of refcode was the only non-reproducible thing, but turns out you also need to run rmodtool on the refcode to make the binary relocatable in cbfs. This is based on my reading of the coreboot Makefile. With this change, I can now provide release binaries for the HP EliteBook 820 G2. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-30lib.sh dependencies: support --reinstall argumentLeah Rowe
./mk dependencies debian --reinstall Add --reinstall and it'll do: apt-get install --reinstall This can be useful when updating from a stable release to a testing release. The variable, "reinstall" can be configured for other distros, but it's currently only configured for Debian-based distros. Also, it can be anything. For example, you could add -y; however, a 4th argument will not be accepted. For example, you cannot do: ./mk dependencies debian --reinstall -y If you do this, it'll only see --reinstall; similarly, if you did this command: ./mk dependencies debian -y --reinstall then -y would be passed, but not --reinstall. This is an intentional design decision, in case you accidentally pasted or subshelled something that outputted something undesirable, to prevent possible abuse. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-30move xbmkpath to XBMK_CACHE/Leah Rowe
When doing ./mk release, the build system would create symlinks inside xbmkpath/ relative to the current work tree, which will differ from what's in PATH. Since XBMK_CACHE is already set globally, from the main work tree and the release-build work tree, that means we can know reliably that PATH is always correct if we put xbmkpath/ inside XBMK_CACHE. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-30use command -v instead of whichLeah Rowe
which is a non-standard command, whereas command is part of posix Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-30path.sh: Further cleanupLeah Rowe
Remove all symlinks each time, to ensure that no stragglers are left behind, since they are being re-generated each time anyway. The code for determining version numbers has now been unified under gnu_setver() Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-30Fix globbing issue in lbmkLeah Rowe
When doing e.g. $@ we should use double quotes to prevent globbing. Thanks go to XRevan86 for pointing this out. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-30Mitigate Debian Trixie/Sid GCC/GNAT version mismatchLeah Rowe
When I tested Debian Trixie, and Debian Sid, I saw that GCC in PATH pointed to gcc-14, but gnat in path pointed to GNAT-13, even if you manually install gnat-14. GNAT 14 was marked experimental, but GCC 14 was marked for use, in the apt repositories. So this patch doesn't address the mismatch when doing e.g. apt-get install gcc gnat I will address the actual package dependency in a follow-up patch, on the Debian dependencies config. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-26vendor.sh: Handle FSP insertion post-releaseLeah Rowe
The Libreboot 20241206 release provided FSP pre-assembled and inserted into the ROM images; the only file inserted by vendor.sh was the Intel ME. Direct distribution of an unmodified FSP image is permitted by Intel, provided that the license notice is given among other requirements. Due to how coreboot works, it must split up the FSP into subcomponents, and adjust certain pointers within the -M component (for raminit). Such build-time modifications are perfectly fine in a coreboot context, where it is expected that you are building from source. The end result is simply what you use. In a distribution such as Libreboot, where we provide pre-built images, this becomes problematic. It's a technicality of the license, and it seems that Intel themselves probably intended for Libreboot to use the FSP this way anyway, since it is they who seem to be the author of SplitFspBin.py, which is the utility that coreboot uses for splitting up the FSP image. Due to the technicality of the licensing, the FSP shall now be scrubbed from releases, and re-inserted. Coreboot was inserting the -S component with LZ4 compression, which is bad news for ./mk inject beacuse the act of compression is currently not reproducible. Therefore, coreboot has been modified not to compress this section, and the inject command doesn't compress it either. This means that the S file is using about 180KB in flash, instead of about 140KB. This is totally OK. The _fsp targets are retained, but set to release=n, because these targets *still* don't scrub fsp.bin; if released, they would include fsp files, so they've been set to release=n. These can be used on older Libreboot release archives, for compatibility. The new ROM images released for the affected machines are: t480_vfsp_16mb t480s_vfsp_16mb dell3050micro_vfsp_16mb Note the use of _vfsp instead of _fsp. These images are released, unlike _fsp, and they lack fspm/fsps in the image. FSP S/M must be inserted using ./mk inject. This has been tested and confirmed to boot just fine. The 20241206 images will be re-compiled and re-uploaded with this and other recent changes, to make Libreboot 20241206 rev8. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-12-24lib.sh: Safer exit from ./mk dependenciesLeah Rowe
The exit was dependent upon install_packages returning zero status, which it always would in practise, due to its design, but this exit must always be observed, so the code has been modified to honour this design. A direct exit violates lbmk's design in most instances, where a temporary directory and lock file has already been created; at this stage, no such act was performed, so a direct exit is perfectly acceptable. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-11-19Add U-Boot x86_64 payloadLeah Rowe
Currently seems to stall when booted from the GRUB payload, but works when booted from the SeaBIOS menu. I also tested it as a standalone payload and it seems to boot. Will test on hardware next, and start adding it to more mainboards. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-11-03Experimental U-Boot payload (32-bit dtb, U-Boot)Leah Rowe
NOTE: Support added for xarch target x86_64-elf, but U-Boot failed to build with this error: OBJCOPY lib/efi_loader/helloworld.efi x86_64-elf-objcopy: lib/efi_loader/helloworld_efi.so: invalid bfd target make[2]: *** [scripts/Makefile.lib:476: lib/efi_loader/helloworld.efi] Error 1 Since I'm building U-Boot for x86_64 *on* an x86-64 host, and since that is currently the recommended type of machine to use for lbmk development, and since the other x86 payloads currently don't cross compile anyway, this is an acceptable compromise for now. This is because at present, I'm not making U-Boot the primary payload on x86, instead preferring to chain it from GRUB and SeaBIOS. The target.cfg file for x86 u-boot shows xarch/xtree commented. Uncomment these to compile on crossgcc instead of hostcc. I mention 64-bit because I initially did this first, but decided to do 32-bit first. I'll work on the 64-bit one next (SPL). It's only enabled in QEMU for now. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-08-11lib.sh: more verbose error in x_Leah Rowe
part of the command was cut off in the output Signed-off-by: Leah Rowe <info@minifree.org>
2024-07-28lib.sh: new function mk() to handle trees in bulkLeah Rowe
single-tree projects cannot be handled in bulk, e.g. ./mk -f project1 project2 project3 that is still the case, from the shell, but internally it is now possible: mk -f project1 project2 project3 mk() is a function that simply handles the given flag, and all projects specified. it does not handle cases without argument, for example you cannot do: mk -f arguments must be provided. it can be used internally, to simplify cases where multiple single-tree projects must be handled, but *also* allows multi-tree projects to be specified, without being able to actually handle trees within that multi-tree project; so for example, you can only specify coreboot, and then it would run on every coreboot tree. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-07-26general code cleanup in the build systemLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-07-19put cachedir in environmental variableLeah Rowe
XBMK_CACHE is now used, instead of hardcoding cache/ this is exported initialised to cache/, if unset. this means you can set your own directory, and it means ./update release will use the same directory. this means bandwidth wastage is further avoided. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-07-17unified cache file handling for vendorfile/subfileLeah Rowe
lib.sh download() is used by subfile handling in git.sh, e.g. crossgcc tarballs, and also the vendor scripts. vendor files are cached, but not subfiles for repos. cache both, under cache/file/, saved with the name equal to the checksum, so: cache/file/CHECKSUM also move vendorfiles/app/ to cache/app/ in this change. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-07-10trees: general code cleanupLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-07-10remove executable permission on include/Leah Rowe
files under include/ should never be executed directly Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-07-07rom.sh: new file, to replace script/romsLeah Rowe
stub it from the trees script. the way it works now, there is less code in the build system. ./build roms this is no longer a thing ./build roms serprog this is also no longer a thing. instead, do: ./update trees -b coreboot targetnamehere ./update trees -b pico-serprog ./update trees -b stm32-vserprog the old commands still works, which causes the new commands to run coreboot roms now appear in elf/, not bin/, as before, but those images now contain payloads. NOTE: to contradict the above: ./build roms is no longer a thing, in that it's now deprecated, but backward compatibility is present for now. it will be removed in a future release. ./build roms list also still works! it will do: ./update trees -b coreboot list also: ./update trees -b grub list this is now possible too if a target "list" is provided, for multi-tree sources, the targets are shown. there is another difference: seagrub roms are now seagrub_, instead of seabios_withgrub. seabios-only roms are no longer provided, where grub is also enabled; only seagrub is used. the user can easily remove the bootorder file, if they want seabios to not try grub first. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-28lib.sh: stricter check in chkvars()Leah Rowe
testing +x is all well and good, but the variable string may be empty, even if set. some of the checks in the build system are relying on the latter, so handle it. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-28tidy up some setvars listsLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-28lib.sh: keep versiondate check to 80 charactersLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-28lib.sh: condense for loopLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-28lib.sh: condense err_() a bitLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-28lib.sh: add a return to the end of chkvars()Leah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-28vendor.sh: unified reading of board configsLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-27lib.sh: remove unused cbdir variableLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-27lib.sh: move git_err() to buildLeah Rowe
it's only used in the main build script, so move it there. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-27lib.sh: condense singletree() a bitLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-27lib.sh: add a return to the end of check_defconfigLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-27lib.sh: condense e() a bitLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-27lib.sh: make elf/coreboot* a dot directoryLeah Rowe
we don't want the user to flash coreboot from elf/, because those images do not contain payloads. the user must flash from bin/ ample warning is given, at build time, but the warning is written in english. therefore, some people may not understand it, because they may not even speak english. hide the coreboot elf/ directory, to mitigate this possibility. in most cases, this will probably prevent the average user from flashing those images, since they likely won't see it. the "DO NOT FLASH" warning is still included in that directory name, while creating it. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-27lib.sh: simplified TMPDIR handlingLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-27lib.sh: condense setcfg() if/else logicLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-25lib.sh: introduce mandatory check of projectnameLeah Rowe
error out if it's not set. ditto projectsite. that way, if the files are accidentally deleted, or not added in a derivative of the build system, you'll know. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-25lib.sh: condense setvars() a bitLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-25simplified lock messageLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-25lib.sh: simplify reading of version filesLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-25lib.sh: simplify use of environment variablesLeah Rowe
don't have a separate variable for them. just export them directly and use them directly. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-23lib.sh: fix error running ./build dependenciesLeah Rowe
the e() and setvars() functions need to be declared before the dependencies function. also: after calling install_packages, it was doing a return when it should have done an exit. this is all fixed now. i apologise to anyone who previously ran into trouble with this! Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-22use backticks on eval commands, not subshellsLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-22lib.sh: remove badcmd()Leah Rowe
it's bloat. telling the user to rtfm is something that we already do on irc; they will still ask how to do everything, and ignore the message from badcmd(), or they will automatically know to rtfm. i'm on a massive purge, removing bloat from lbmk as part of Libreboot Build System Audit 6. all bloat must go. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-22lib.sh: more unified config handlingLeah Rowe
replace it with logic that simply uses "." to load files directly. for this, "vcfg" is added as a variable in coreboot target.cfg files, referring to a directory in config/vendor/ containing a file named pkg.cfg, and this file then contains the same variables as the erstwhile config/vendor/sources config/git files are now directories, also containing pkg.cfg files each with the same variables as before, such as repository link and commit hash this change results in a noticeable reduction in code complexity within the build system. unified reading of config files: new function setcfg() added to lib.sh setcfg checks if a config exists. if a 2nd argument is passed, it is used as a return value for eval, otherwise a string calling err is passed. setcfg output is passed through eval, to set strings based on config; eval must be used, so that the variables are set within the same scope, otherwise they'd be set within setcfg which could lead to some whacky results. there's still a bit more more to do, but this single change results in a substantial reduction in code complexity. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-20minor code cleanup in the build systemLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-17roms: remind the user about gkb filesLeah Rowe
nowadays, we don't insert GRUB keymaps automatically, for sake of efficiency; without one, the default is US QWERTY. a user will only want one keymap in particular, so this is more efficient. in practise, they're either building from source anyway, or using the inject scripts which compile cbfstool anyway, so the user will already have cbfstool. also output this message from the inject script. Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-16unify coreboot elfdir (DO_NOT_FLASH)Leah Rowe
use a common string when setting this path Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-15roms: unify all add-payload commandsLeah Rowe
add a generic function that can insert payloads with lzma compression, or raw files without compression Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-14unified checks for variable initialisationLeah Rowe
new function chkvars() does the job Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-14lib.sh: remove the items() functionLeah Rowe
it's pretty much just doing the same thing as ls -1 remove it! Signed-off-by: Leah Rowe <leah@libreboot.org>