| Age | Commit message (Collapse) | Author | 
|---|
|  | nic3-14159/lbmk:e6430 into master
Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/124 | 
|  | This was only tested on the iGPU model, though a dGPU model does exist.
The vendor firmware used a 16KiB gbe.bin, which was modified with a
random MAC address as well as shrinking it to 8KiB. As with the E6400,
GRUB doesn't like the way the EC implements the keyboard controller and
thus GRUB payloads are disabled at this time. Suspend does not currently
work, and this is believed to be due to the EC controlling the DRAM
reset gate which is required to prevent DRAM from being reset on resume.
With some tweaks, the e6400-flash-unlock utility also works on this
system, though both flash chips can be accessed through removal of only
the keyboard.
Signed-off-by: Nicholas Chin <nic.c3.14@gmail.com> | 
|  | use official libreboot repos
the codeberg repo makes reference to riku's repo
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | ./build rpi-pico serprog
build bin/serprog/rpi-pico-serprog.uf2
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com> | 
|  | The -c option is added for distclean, and -x for crossgcc-clean,
in handle/make/config
about 100 sloc removed from lbmk
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | i have in fact tested whether many of these targets (ivy,
sandy and haswell on intel) boot without microcode, and many
do, but it's not as well tested
the older targets like i945, x4x, pineview and gm45 are
well-tested without microcode; ditto fam10/15h amd.
lbmk supports providing roms with and/or without microcode.
for the targets touched in this commit, lbmk now only
provides images with microcode included by default.
manual removal (with cbfstool) is still possible, if you want
to do that.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | The same ROM images that you flash on Intel GPU variants,
are now flashed on Nvidia models. The same ROM will work
on both. If an Intel GPU variant is present, libgfxinit
is used, and the VGA ROM is used if an Nvidia GPU variant;
however, release ROMs will scrub the nvidia option ROM,
so release ROMs will only work on Intel GPUs unless you
run the blobutil inject command.
I decided to no longer have this under WIP, but to put
it in master. The issue with it pertains to video drivers,
which is not Libreboot's problem.
Nouveau crashes under Linux, so use "nomodeset" if it does.
The "nv" drivers in BSD systems work very well.
The nvidia model of E6400 isn't recommended for other
reasons, namely: poor thermal cooling (thermal pad on
the GPU) and that Nvidia GPU doesn't get very good
performance on any libre drivers anyway. The Intel GPU
variant is better, in terms of power efficiency and
software support; the intel variant also works with
native graphics initialisation in coreboot.
This board port already only enables SeaBIOS, which will
simply execute the VGA ROM. Blobutil already supports
reading the config, detecting that a VGA ROM is needed,
because that part of the WIP E6400 branch was already
merged in lbmk master.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | new behaviour:
* grub.cfg and grubtest.cfg no longer inserted to cbfs
* grub.cfg in memdisk instead
* grub.cfg in memdisk defers to cbfs/grub.cfg if added
  (not added by default, anymore)
* does not defer to grubtest.cfg even if available
* only shows link to grubtest.cfg if available,
  as a menuentry item
keymaps:
if /keymap.gkb exists in cbfs, it uses that by default,
but by default this isn't added. instead, it looks for
a file named keymap.cfg and sources that, which then
sets the keymap to one that is located under memdisk.
this file is inserted for each rom, per layout.
if keymap.gkb and keymap.cfg both absent, grub.cfg in
memdisk shall defer to usqwerty as the default keymap
grub_scan_disk: grub.cfg looks for cbfs file "scan.cfg"
and sources that if found, which will be inserted with
the string: set grub_scandisk=setting_goes_here (based
on target.cfg, generated by build/boot/roms automatically).
If no scan.cfg is found, it defaults to "both"
The "background.png" file remains unchanged, and present in
CBFS, used by grub.cfg if present (and it is, by default)
This change actually *saves* space in CBFS, due to compression,
and means that the grub.cfg is now compressed heavily. This
is also safer, because now the user overrides grub.cfg by
adding it, and they can still add grubtest.cfg for testing
first. If they accidentally delete both configs from cbfs,
Libreboot will fall back to the one in memdisk which would
presumably not be deleted.
This also means that lbmk can now more easily be used by
other build systems, that just want the GRUB part to re-use
in their own project. For example, people who want to build
custom coreboot images without using Libreboot's build system.
This change also *speeds* up the build process considerably,
on the parts where ROM images are copied. It's less than half
a second now, whereas previously it took about 30-45 seconds
for ROM images to copy, because of grub.elf being re-added in
each ROM via cbfstool, where compression is used; I believe
the compression part is what caused slowness.
Much, much faster, more versatile builds.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | ttf-unifont instead of fonts-unifont
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | With this change, about 54KB of compressed space is saved
inside of CBFS, on setups that use the GRUB payload.
The uncompressed saving is about 720KB, but payloads are
compressed inside each coreboot image, so the compressed
saving is much smaller. That 54KB saving means a lot,
especially on small (1MB or smaller) flash sizes.
The following modules were removed:
adler32, afsplitter, aout, archelp, backtrace, blocklist,
bswap_test, cat, cmdline_cat_test, cmosdump, cmostest, cmp,
cmp_test, cpuid, cs5536, ctz_test, date, datehook, datetime,
disk, diskfilter, div, div_test, dm_nv, efiemu, eval,
exfctest, extcmd, file, fshelp, functional_test, gdb,
gettext, gptsync, hashsum, hdparm, hello, hfspluscomp, http,
json, json, ldm, loadenv, macbless, macho, mda_text, morse,
mpi, msdospart, mul_test, net, ntfscomp, offsetio,
part_acorn, part_amiga, part_apple, part_dvh, part_plan,
part_sun, part_sunpc, parttool, pbkdf2, pbkdf2_test, pci,
play, priority_queue, probe, progress, random, rdmsr, read,
relocator, setjmp, setjmp_test, shift_test, signature_test,
sleep, sleep_test, smbios, strtoull_test, terminal,
terminfo, test_blockarg, testload, testspeed, tftp, tga,
time, tr, trig, usbtest, video_bochs, video_cirrus,
videoinfo, videotest, videotest_checksum, wrmsr, xnu_uuid,
xnu_uuid_test
These were retained, but moved to modules instead of
install modules:
geli, udf, ufs1, ufs1_be, ufs2
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | the way the old script worked was extremely hacky
it's cleaner just to make the user configure git
i haven't used anything from the old .gitcheck script,
which is now deleted. i completely re-wrote this, in
a much simpler way.
this is less maintenance now, when things change in
the upstream projects. coreboot makes heavy use of git
within its build system
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | d510mo, g43t-am3 and ga-g41m-es2l did not have
the memtest86+ payload enabled
enable it!
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | and only where grub was already enabled; on boards
that did not enable grub, grub is still disabled
on desktops, it's possible that the user may insert
a graphics card. if their first payload was grub,
it won't work because lbmk doesn't configure coreboot
itself to execute vga roms at present
i found when testing t1650 (dell) that if a vgarom is
loaded from seabios (from a graphics card), the grub
payload still works; if booting in corebootfb mode,
text mode is still used when booting with the card
to decrease the probability of bricks with any given
set of users, make seabios the only payload that starts
first, but make grub available in the esc menu on seabios
it's possible to add a bootorder file and disable the
seabios menu, if you only want a grub payload accessible
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | e.g. ./build boot roms list
./update blobs inject listboards
./build boot list
./build clean list
also this is now possible:
./build list
or maybe
./update list
^ would list directories in resources/scripts/build
and resources/scripts/update respectively
this script is added:
resources/scripts/build/command/options
call it like so, e.g.
./build command options resources/coreboot
this script is now used, for list functions in
other scripts.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | i forgot to add these! without them, the script will
always exit with an error
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | an oversight, in a previous edit
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | use build/src/for -c which does the same thing,
specifically: try distclean, then clean, or fail
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.
also: in "fetch", remove the downloaded program
if fail() was called.
this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.
where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.
also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.
also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout
as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error
mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.
certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds
certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.
doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | there were stragglers left over from the last audit,
and these stragglers still exist even after all the
major re-factoring as of late
the new style is: bsd-like coding style and error
handling. verbose yet simple error handling. we use
an "err" function in a way reminiscent of most C
programs that you see in openbsd base (err.h)
this style is very clean, resulting in readable code
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | this same change has been applied, selectively, to
certain return statements. the general rule is this:
the return statement should only be used to direct
logic within a script, where certain non-errors
states are used to skip certain actions; the exit
command should *never* be used to return non-zero,
except by err(). in so doing, we ensure easier
debugging of the build system
also: strip_rom_image in build/release/roms was
running "continue" when a rom file didn't exist,
despite not being a while/for loop. i make it
return (non-error condition) instead
it's ok for a script to exit 0, where appropriate,
but perhaps a function could also be written for it
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | moving it defeats the purpose of the caching mechanism
that's in place. this should avoid unnecessary downloads
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | include/err.sh
this new handling also does mundane things,
such as tell you what script b0rked
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com> | 
|  | uses 32-bit variant for x86_32 arch. 64-bit for x86_64.
resources/scripts/build/src/for:
modified it a bit. when building e.g. "memtest86plus/build32"
it correctly fetches "memtest86plus" instead.
but builds memtest86plus/build32, which is inside that git repo
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com> | 
|  | Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/117 | 
|  | Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | in update/blobs/download, i saw instances where
appdir was being deleted with rm -r, but the more
appropriate command would rm -Rf. this is now fixed.
other than that, i've mostly just simplified a bunch
of if statements and consolidated some duplicated
logic (e.g. if/else block for dependencies in
build_dependencies() of update/blobs/download
one or two functions and/or variables have been
renamed, for greater clarity in the code, also
removed a few messages that were redundant
used printf instead of echo, in a few places, also
fixed up the indentation in a few places
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com> | 
|  | they fundamentally perform the same action: copy
the .config file and run make, but build runs
make-all, while modify runs make-oldconfig or
make-menuconfig
merge this functionality together
also:
./handle config file
^ this is the new syntax, not:
./build defconfig for
for example:
./handle config file -b coreboot x200_8mb <-- build x200 rom
./handle config file -m coreboot x200_8mb <-- modify configs
./handle config file -u coreboot x200_8mb <-- make-oldconfig
./handle config file -u seabios
./handle config file -b u-boot
yes, 1 script and a sloccount reduction of 52. and the audit?
it continues.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | the unified logic is so small that i simply added it
to the main "build" script
commands are identical. example:
./build dependencies debian
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | handle it all in the 1 script
quite a few clean scripts are still present,
so resources/scripts/build/clean/ still exists.
23 sloc reduction.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Some of them weren't even used at all, such as the flashrom
build script. the bios_extract build script existed but was
never used, because we only called (from blobutil) a python
script from in there, without actually compiling anything!
resources/script/build/src/for
Usage, e.g.:
./build src for memtest86plus
It also handles fetch. This script is intended largely for
those codebases that are quite simple, requiring trivial
or no intervention besides running "make".
37 sloc reduction. Not a lot, but the audit continues! These
optimisations add up. I started at 3300 sloc in
resources/scripts and me target is 2k (2000) sloc.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | new commands are thus,
build grub payloads:
./build grub payload
(formerly ./build payload grub)
build grub utils:
./build grub utils
(formerly ./build module grub)
The scripts is build/module/ will mostly be
deleted. I say mostly, because some of them
are being moved instead.
The deleted ones will be ones that basically
just run "make" in the target directory. They
will be unified, in a follow-up patch.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | the argon2 patches are now included in grub,
but we need to add it in grub-mkstandalone
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | Patches pulled from:
https://git.nicholasjohnson.ch/grub
This is the author of the rebased patches:
https://nicholasjohnson.ch/
(Nicholas Johnson <nick@nicholasjohnson.ch>)
However, this is a *rebase* performed by Nicholas,
based on these patches:
https://aur.archlinux.org/cgit/aur.git/tree/?h=grub-improved-luks2-git
...at revision: 1c7932d90f1f62d0fd5485c5eb8ad79fa4c2f50d
The AUR patches were based on GRUB 2.06, whereas Nicholas's
rebase is upon grub 2.12, which Libreboot currently uses.
These patches import the PHC implementation of argon2i/id
key derivation functions, seen here:
https://github.com/P-H-C/phc-winner-argon2
GRUB (upstream) does not merge these patches and probably won't,
because even though they're libre, they're not copylefted or
otherwise under GPL terms that GRUB can accept.
Therefore, we in Libreboot must maintain these from now on,
for our version of GRUB. The upshot? LUKSv2 decryption should
now work, perfectly, in GRUB!
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | 17 commits above 2.12-rc1, with some fixes.
i'm about to merge luks2 argon2 patches in a
follow-up commit, and they're based upon this
revision of grub
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | ./update seabios configs? gone
.modify coreboot configs? gone
it's now all 1 script, called e.g.
./modify defconfig options -u coreboot <-- runs make oldconfig
./modify defconfig options -m seabios <-- runs make menuconfig
./modify defconfig options -u u-boot gru_bob <-- oldconfig, and only gru_bob
./modify defconfig options -u coreboot x60 x200_8mb
etc. you get the idea. same behaviour as before with all
the separate scripts, but now its one unified script.
184 sloc reduction in resources/scripts/
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | x86 u-boot is a bit flaky and this board never builds.
re-add it ot a later date.
u-boot is only really used in arm machines,
for our purposes at least.
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | See file:
resources/scripts/build/defconfig/for
It is based on:
resources/scripts/build/payload/u-boot
The u-boot payload script has been deleted, as has the
seabios payload script; the build/boot/roms logic has
been heavily simplified too, by removing the logic for
building of elf files based on defconfig.
SeaBIOS, U-Boot and coreboot all use defconfig-type
infrastructure for their build systems, and they are
fundamentally the *same* in how to compile each codebase,
at least in an lbmk context, regardless of actual (and
very huge) differences in these codebases.
Several hundred sources-lines of code have been eliminated
by this change, drastically simplifying everything; U-Boot
payload compiling also now errors out when a single build
fails, instead of continuing. Also: build/boot/roms no longer
re-compiles a coreboot target that was already compiled,
which is the same behaviour observed for payloads.
(this means you must now manually delete a target, when you
wish to re-build it; the build/boot/roms logic now more or
less just runs cbfstool; blobutil is handled from
build/defconfig/for)
ALSO: Since crossgcc is now handled by build/defconfig/for, not
build/boot/roms, standalone compiling of u-boot is now possible.
This has been tested. You compile it like so:
./build defconfig for u-boot
or specific trees, e.g.
./build defconfig for u-boot default
One other consequence of this patch is that re-building the same
ROM image is now much faster, because the same builds are re-used
unless deleted. This could be useful when testing grub.cfg changes,
for example, if that's all you change. With things like ccache used
(not yet used robustly in lbmk), this could speed things up more,
depending on the codebase.
This patch demonstrates the raw power of lbmk; it is a very
simple and highly efficient build system, and now much more so!
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | With newer hostcc, trying to build GCC 8.3.0 will raise an error from ld:
	undefined reference to `__gnat_begin_handler_v1'
This commit adds a patch for GCC found on coreboot [1] correcting this
error by backporting the GNAT exception handler v1 to GCC 8.3.0 allowing
GNAT to be built with newer hostcc like GCC 10+.
[1]https://review.coreboot.org/c/coreboot/+/42158
Signed-off-by: Adrien 'neox' Bourmault <neox@gnu.org>
Acked-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 
|  | it's bloat, and was only there for backwards compatibility
with the old commands, but the new commands are e.g.
./update blobs inject
instead of:
./blobutil inject
this results in a slight code size reduction in lbmk
Signed-off-by: Leah Rowe <leah@libreboot.org> | 
|  | most of them were just calling the gitclone script,
so remove them.
the grub script was treating gnulib as a dependency.
i've now added the ability to grab 1 dependency, in
the gitclone script (it should be expanded later to
support multiple dependencies)
the gitclone script has been renamed to "fetch".
the "fetch_trees" script does more or less the same
thing, but calls "fetch" and handles multiple revisions
if a project needs that
this is more efficient, and slightly reduces the code
size of lbmk!
Signed-off-by: Leah Rowe <leah@libreboot.org> |