From 0bb3c596201a42ccee03d6d2b8513b42f850031e Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Fri, 29 Sep 2023 03:20:02 +0100 Subject: update/blobs/*: unified download/checksum logic Use the same logic between blobs/download and blobs/mrc. The logic is taken from blobs/download. Signed-off-by: Leah Rowe --- include/blobutil.sh | 9 +++----- include/fetch.sh | 41 ++++++++++++++++++++++++++++++++++ script/update/blobs/download | 51 ++++++++---------------------------------- script/update/blobs/mrc | 53 +++++++++----------------------------------- 4 files changed, 64 insertions(+), 90 deletions(-) create mode 100755 include/fetch.sh diff --git a/include/blobutil.sh b/include/blobutil.sh index 6c78b381..182ddf14 100755 --- a/include/blobutil.sh +++ b/include/blobutil.sh @@ -1,8 +1,6 @@ # SPDX-License-Identifier: GPL-3.0-only # SPDX-FileCopyrightText: 2023 Leah Rowe -agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0" - _7ztest="a" _b="" @@ -10,10 +8,9 @@ blobdir="blobs" appdir="${blobdir}/app" setvars="EC_url=\"\"" -for x in EC_url_bkup EC_hash DL_hash DL_url DL_url_bkup dl_path \ - E6400_VGA_DL_hash E6400_VGA_DL_url E6400_VGA_DL_url_bkup E6400_VGA_offset \ - E6400_VGA_romname SCH5545EC_DL_url SCH5545EC_DL_url_bkup \ - SCH5545EC_DL_hash; do +for x in EC_url_bkup EC_hash DL_hash DL_url DL_url_bkup E6400_VGA_DL_hash \ + E6400_VGA_DL_url E6400_VGA_DL_url_bkup E6400_VGA_offset E6400_VGA_romname \ + SCH5545EC_DL_url SCH5545EC_DL_url_bkup SCH5545EC_DL_hash; do setvars="${setvars}; ${x}=\"\"" done diff --git a/include/fetch.sh b/include/fetch.sh new file mode 100755 index 00000000..08a1d044 --- /dev/null +++ b/include/fetch.sh @@ -0,0 +1,41 @@ +# SPDX-License-Identifier: GPL-3.0-only +# SPDX-FileCopyrightText: 2023 Leah Rowe + +agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0" +dl_path="" + +fetch() +{ + dl_type="${1}" + dl="${2}" + dl_bkup="${3}" + dlsum="${4}" + dl_path="${5}" + _fail="${6}" + + mkdir -p "${dl_path%/*}" || "${_fail}" "fetch: !mkdir ${dl_path%/*}" + + dl_fail="y" + vendor_checksum "${dlsum}" "${dl_path}" && dl_fail="n" + for url in "${dl}" "${dl_bkup}"; do + [ "${dl_fail}" = "n" ] && break + [ -z "${url}" ] && continue + rm -f "${dl_path}" || "${_fail}" "fetch: !rm -f ${dl_path}" + wget --tries 3 -U "${agent}" "${url}" -O "${dl_path}" || \ + continue + vendor_checksum "${dlsum}" "${dl_path}" && dl_fail="n" + done + [ "${dl_fail}" = "y" ] && \ + "${_fail}" "fetch ${dlsum}: matched file unavailable" + + eval "extract_${dl_type}" +} + +vendor_checksum() +{ + if [ "$(sha512sum ${2} | awk '{print $1}')" != "${1}" ]; then + printf "Bad checksum for file: %s\n" "${2}" 1>&2 + rm -f "${2}" || : + return 1 + fi +} diff --git a/script/update/blobs/download b/script/update/blobs/download index fa239e65..e4c7b214 100755 --- a/script/update/blobs/download +++ b/script/update/blobs/download @@ -7,6 +7,7 @@ . "include/err.sh" . "include/defconfig.sh" . "include/blobutil.sh" +. "include/fetch.sh" main() { @@ -66,58 +67,24 @@ build_dependencies() download_blobs() { [ -z "${CONFIG_HAVE_ME_BIN}" ] || \ - fetch "intel_me" "${DL_url}" "${DL_url_bkup}" "${DL_hash}" + fetch "intel_me" "${DL_url}" "${DL_url_bkup}" "${DL_hash}" \ + "${blobdir}/cache/${DL_hash}" "err" [ -z "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" ] || \ fetch "sch5545ec" "${SCH5545EC_DL_url}" \ - "${SCH5545EC_DL_url_bkup}" "${SCH5545EC_DL_hash}" + "${SCH5545EC_DL_url_bkup}" "${SCH5545EC_DL_hash}" \ + "${blobdir}/cache/${SCH5545EC_DL_hash}" "err" [ -z "${CONFIG_KBC1126_FIRMWARE}" ] || \ - fetch "kbc1126ec" "${EC_url}" "${EC_url_bkup}" "${EC_hash}" + fetch "kbc1126ec" "${EC_url}" "${EC_url_bkup}" "${EC_hash}" \ + "${blobdir}/cache/${EC_hash}" "err" [ -z "${CONFIG_VGA_BIOS_FILE}" ] || \ fetch "e6400vga" "${E6400_VGA_DL_url}" \ - "${E6400_VGA_DL_url_bkup}" "${E6400_VGA_DL_hash}" + "${E6400_VGA_DL_url_bkup}" "${E6400_VGA_DL_hash}" \ + "${blobdir}/cache/${E6400_VGA_DL_hash}" "err" if [ ! -z "${CONFIG_HAVE_MRC}" ]; then ./update blobs mrc || err "download_blobs ${board}: !mrc" fi } -fetch() -{ - dl_type="${1}" - dl="${2}" - dl_bkup="${3}" - dlsum="${4}" - - dl_path="${blobdir}/cache/${dlsum}" - mkdir -p "${blobdir}/cache" || err "fetch: !mkdir ${blobdir}/cache" - - dl_fail="y" - vendor_checksum "${dlsum}" && dl_fail="n" - for x in "${dl}" "${dl_bkup}"; do - [ "${dl_fail}" = "n" ] && break - [ -z "${x}" ] && continue - rm -f "${dl_path}" || err "fetch: !rm -f ${dl_path}" - wget --tries 3 -U "${agent}" "${x}" -O "${dl_path}" || continue - vendor_checksum "${dlsum}" && dl_fail="n" - done - if [ "${dl_fail}" = "y" ]; then - printf "ERROR: invalid vendor updates for: %s\n" "${board}" 1>&2 - err "fetch ${dlsum}: matched vendor update unavailable" - fi - - eval "extract_${dl_type}" -} - -vendor_checksum() -{ - if [ ! -f "${dl_path}" ]; then - printf "Vendor update not found for: %s\n" "${board}" 1>&2 - return 1 - elif [ "$(sha512sum ${dl_path} | awk '{print $1}')" != "${1}" ]; then - printf "Bad checksum on vendor update for: %s\n" "${board}" 1>&2 - return 1 - fi -} - extract_intel_me() { _me_destination=${CONFIG_ME_BIN_PATH#../../} diff --git a/script/update/blobs/mrc b/script/update/blobs/mrc index 4db603cd..f6c81390 100755 --- a/script/update/blobs/mrc +++ b/script/update/blobs/mrc @@ -9,6 +9,7 @@ set -u -e . "include/err.sh" +. "include/fetch.sh" export PATH="${PATH}:/sbin" @@ -43,20 +44,10 @@ main() sname=${0} printf "Downloading Intel MRC blobs\n" - check_existing || return 0 + vendor_checksum "${_mrc_complete_hash}" "${_mrc_complete}" && return 0 build_dependencies - fetch_mrc || err "could not fetch mrc.bin" -} - -check_existing() -{ - [ -f "${_mrc_complete}" ] || \ - return 0 - printf "found existing mrc.bin\n" 1>&2 - [ "$(sha512sum "${_mrc_complete}" | awk '{print $1}')" \ - = "${_mrc_complete_hash}" ] && \ - return 1 - printf "hashes did not match, starting over\n" 1>&2 + fetch "mrc" "${_url}" "${_url2}" "${_sha512sum}" \ + "mrc/haswell/${_file}.zip" "err" } build_dependencies() @@ -67,18 +58,15 @@ build_dependencies() err "build_dependencies: cannot build cbutils/default" } -fetch_mrc() +extract_mrc() { - mkdir -p mrc/haswell/ || err "fetch_mrc: !mkdir mrc/haswell" + mkdir -p mrc/haswell/ || err "extract_mrc: !mkdir mrc/haswell" ( - cd mrc/haswell/ || err "fetch_mrc: !cd mrc/haswell" + cd mrc/haswell/ || err "extract_mrc: !cd mrc/haswell" - download_image "${_url}" "${_file}" "${_sha512sum}" - [ -f ${_file} ] || \ - download_image "${_url2}" "${_file}" "${_sha512sum}" - [ -f $_file ] || \ - err "fetch_mrc: ${_file} not downloaded / verification failed." + unzip -q "${_file}.zip" || err "download_image: cannot unzip" + rm -f "${_file}.zip" || err "download_image: can't rm zip {1}" extract_partition ROOT-A "${_file}" root-a.ext2 extract_shellball root-a.ext2 chromeos-firmwareupdate-${_board} @@ -86,33 +74,14 @@ fetch_mrc() extract_coreboot chromeos-firmwareupdate-${_board} ../../"${cbfstool}" coreboot-*.bin extract -f mrc.bin -n mrc.bin \ - -r RO_SECTION || err "fetch_mrc: could not fetch mrc.bin" + -r RO_SECTION || err "extract_mrc: could not fetch mrc.bin" rm -f "chromeos-firmwareupdate-${_board}" coreboot-*.bin \ - "${_file}" "root-a.ext2" || err "fetch_mrc: cannot remove files" + "${_file}" "root-a.ext2" || err "extract_mrc: cannot remove files" printf "\n\nmrc.bin saved to ${_mrc_complete}\n\n" ) } -download_image() -{ - url=${1} - _file=${2} - _sha512sum=${3} - - printf "Downloading recovery image\n" - curl --retry 3 "$url" > "$_file.zip" || err "download_image: curl failed" - printf "Verifying recovery image checksum\n" - if [ "$(sha512sum "${_file}.zip" | awk '{print $1}')" = "${_sha512sum}" ] - then - unzip -q "${_file}.zip" || err "download_image: cannot unzip" - rm -f "${_file}.zip" || err "download_image: can't rm zip {1}" - return 0 - fi - rm -f "${_file}.zip" || err "download_image: bad hash, and can't rm zip" - err "download_image: Bad checksum. Recovery image deleted" -} - extract_partition() { NAME=${1} -- cgit v1.2.1